Prevent calling version.gitlab.com from the new sidebar
The new sidebar does a version check unconditionally. Normally a version check should only be executed, if the current user is an admin and the instance has version checks enabled.
This is minor security risk, if the instance also has the super_sidebar_logged_out
feature flag enabled. On public GitLab instances the version of the GitLab instance would be leaked in the DOM, if a logged-out /anonymous user browses the instance. The feature flag is currently still disabled by default.
See https://gitlab.com/gitlab-sirt/shared-incidents/incident_4462/-/issues/1 (more details will be added here later)
Edited by Lukas 'ai-pi' Eipert