This repository has been archived on 2023-03-18. You can view files and clone it, but cannot push or open issues or pull requests.

Alan Guo Xiang Tan 42d2cb2d4e SECURITY: Hide PM count for tags by default (#20061) (#20090) ... Currently `Topic#pm_topic_count` is a count of all personal messages tagged for a given tag. As a result, any user with access to PM tags can poll a sensitive tag to determine if a new personal message has been created using that tag even if the user does not have access to the personal message. We classify this as a minor leak in sensitive information. With this commit, `Topic#pm_topic_count` is hidden from users by default unless the `display_personal_messages_tag_counts` site setting is enabled.		2023-02-01 06:43:58 +08:00
..
controllers	DEV: Deprecate create-store test helper (#19021)	2022-11-16 10:54:46 +01:00
ember	DEV: Support theme/plugin overrides of colocated component templates (#19237)	2022-11-30 14:14:38 +00:00
lib	DEV: Get rid of all discourseModule uses (#19576)	2022-12-22 13:13:28 +01:00
mixins	DEV: Deprecate assert.not() (#15595)	2022-02-09 18:49:05 +01:00
models	SECURITY: Hide PM count for tags by default (#20061) (#20090)	2023-02-01 06:43:58 +08:00
routes	DEV: Add tests for review-index route (#18415)	2022-10-05 12:39:35 +08:00
services	FIX: Don't spam presence requests when getting 429 (#20084)	2023-01-31 14:04:21 +01:00
utils	DEV: Get rid of all discourseModule uses (#19576)	2022-12-22 13:13:28 +01:00
localization-test.js	FIX: Overriding text with admin_js.* keys didn't work (#18281)	2022-09-20 10:47:57 +10:00