Re-run background migration for PersonalAccessToken#expires_at
What does this MR do and why?
- V1 was added and run as part of 16.0: !120239 (merged)
- We had logic to ensure that no new tokens were generated with a nil expires_at: !120213 (merged)
- But there was a bypass available: #413289 (closed)
- That bypass was patched via !121370 (merged)
- If we re-run this migration, we should once again and henceforth have zero PATs with a nil expires_at value
Screenshots or screen recordings
How to set up and validate locally
- Create a personal access token with a
nil
expires at value (needs to be done before migration in !121370 (merged) is run) - Run this background migration
- All PATs should have
expires_at
set
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Jessie Young