Hi,
We noticed that project.protobuf files of our private projects are publicly accessible. Is it expected or any action we need to take from our end?
Example:
https://sonarcloud.io/batch/project.protobuf?key=<projectKey>&branch=<Branch>
with the above example url, if we include projectkey and branch, it is downloading the protobuf file.
Hey there.
I’m unlisting this topic for the moment.
I cannot reproduce this with a private project on my side – either when browsing incognito (unauthenticated) or logged into another account. I get the normal message when you try to look at a project that doesn’t exist or you don’t have access to.
{"errors":[{"msg":"Project doesn\u0027t exist"}]}
Are you sure the project is marked as private and not public? Can you detail a reproducer (a specific project, for example)
@Colin Yes, I’m sure. My project is private
Please send me a private message, i will share the examples
Thanks @Colin
removing Execute Analysis permission to Anyone resolved the issue.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.