fix(security): 403 for all users on private repos #423

Merged

jmiller merged 1 commits from dev into main

2026-06-02 14:57:55 +00:00

Author	SHA1	Message	Date
Jonathan Miller	3ad37e48e1	fix(security): return 403 for all users on private repos, not 404 Branch Policy Check / Verify merge target (pull_request) Successful in 1s Details Universal: PR Check / Branch Policy (pull_request) Successful in 1s Details Universal: PR Check / Validate PR (pull_request) Failing after 6s Details Branch Cleanup / Delete merged branch (pull_request) Has been skipped Details PR RC Release / Build RC Release (pull_request) Successful in 21s Details Universal: PR Check / Build RC Package (pull_request) Has been cancelled Details Both anonymous and signed-in users now get 403 Access Denied when accessing a private repo they lack permission for. Previously anonymous users got 404 which hid the repo's existence. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-06-02 09:57:29 -05:00