mirror of
https://github.com/go-gitea/gitea
synced 2025-11-03 21:08:25 +00:00
544ef7d394
Backport #15895 Storing these credentials is a liability. * Encrypt credentials with SECRET_KEY before persisting to task queue table (they need to be persisted due to the nature of the task queue) - security in depth: helps when attacker has access to DB only, but not app.ini * Delete all credentials (even encrypted) from the task table, once the migration is done, for safety - security in depth: minimizes leaked data if attacker gains access to snapshot of both DB and app.ini
1.5 KiB
1.5 KiB