- Issue created by @scott_euser
- π¬π§United Kingdom scott_euser
Small change, but will at least be helpful for future me and perhaps other devs
phpstan issue unrelated and occurs on 2.x
- πΊπΈUnited States cmlara
For the 2.x we are embracing using GitLab Pages for the documentation/manual. This is rendered by mkdocs from the markdown files in the docs folder and published on each 2.x pipeline execution. It is also currently included in each download for offline viewing.
We likely should place this somewhere in the docs (there may be no great location for it at the moment as they are sparsly populated, a new section may be necessary).
I'm going to set back to NW for including in the
For REST logins I would suggest sites I would recommend the site owner consider using an API token auth provider (unless we are talking about the post login to obtain a cookie).
This will impact password access that uses the
user.authservice to validate a use. Known scenarios this is relevant for:- Password confirmation forms that do not check the database directly
- HTTP Post to /user/login (this is always enabled in Drupal Core).
- http_basic authentication
Given the above not sure it if makes sense to limit this to just the
restmodule enabled.To me it feels a bit unusual to inline this, though at the moment it is indeed not documented anywhere except in the deep issues logs.