Skip to content

Global code search leaks internal/private repositories

From: https://gitlab.zendesk.com/agent/tickets/40202

Hi,

We really LOVE GitLab over here, but this seems to be a major reason to pull back GitLab 8.12.0-ee => https://[REDACTED]/search?utf8=%E2%9C%93&snippets=&scope=blobs&search=COREPATCH <https://[REDACTED]/search?utf8=%E2%9C%93&snippets=&scope=blobs&search=COREPATCH>

Those projects/repositories are set to internal or private, both exposing confidential data to the public.

Please fix this asap.