Merge branch 'security-fix-pat-web-access-11-4' into 'security-11-4'
[11.4] Resolve "Personal access token with only `read_user` scope can be used to authenticate any web request" See merge request gitlab/gitlabhq!2656
Loading
Please sign in to comment