Pranav 2adc040a8f fix: Validate blob before attaching it to a record (#13115) ... Previously, attachments relied only on blob_id, which made it possible to attach blobs across accounts by enumerating IDs. We now require both blob_id and blob_key, add cross-account validation to prevent blob reuse, and centralize the logic in a shared BlobOwnershipValidation concern. It also fixes a frontend bug where mixed-type action params (number + string) were incorrectly dropped, causing attachment uploads to fail.		2025-12-19 19:02:21 -08:00
..
v1	fix: Validate blob before attaching it to a record (#13115)	2025-12-19 19:02:21 -08:00
v2	feat(ce): Add Year in review feature (#13078)	2025-12-15 17:24:45 -08:00
base_controller.rb	chore: Ensure privilege validations for API endpoints (#2224)	2021-06-11 11:44:31 +05:30