With #3266 there will be a dedicated REST endpoint to fetch masked SecHub configuration (as user of the project or as administrator).
It shall be the only possible way to fetch these information. But at some existing REST end points, we provide the SecHub configuration as well (not masked).
:information_source: This is a sub issue of #3250
Wanted
No REST endpoint at SecHub except #3266 shall have the SecHub configuration inside!
Solution
Identify all REST end points where configuration is provided accidentally and remove the information there
Situation
With #3266 there will be a dedicated REST endpoint to fetch masked SecHub configuration (as user of the project or as administrator).
It shall be the only possible way to fetch these information. But at some existing REST end points, we provide the SecHub configuration as well (not masked).
:information_source: This is a sub issue of #3250
Wanted
No REST endpoint at SecHub except #3266 shall have the SecHub configuration inside!
Solution
Identify all REST end points where configuration is provided accidentally and remove the information there