Liam Foot opened 2 months ago
When attempting to clone a repository, the user is told whether the project exists on the server. I think this should only occur after authenticating. If the user is not authenticated, the response should not indicate whether the project exists.
Is it possible to add this as a setting? I'm not sure if git has any requirement for this slight information leakage.