gon.revision indicates version witout authentication
related to: #42081 (closed)
@markglenfletcher as of at least version 15.0.3, the version is exposed to unauthenticated users in the form of the release id.
On //server/users/sign_in (and most other endpoints), a variable gon.revision is returned that matches the release commit ID, indicating the GitLab version. If the intention is to not make the version visible, the gon.revision value should be redacted outside of authenticated sessions -- including the commit ID.
Release Commit: 418555ba
Note shortened commit ID
appears enumerated by gon_helper.rb Actually, most of what gon_helper returns to an unauthenticated session should probably omitted for the sake of security. Only return what is absolutely necessary to create an authenticated session or navigate the public components.