GDPR / Right to be forgotten - User authorizations metadata When the user account is removed, the authorization metadata is still kept in th...
Impersonate user session ending gains admin access The impersonate user session is being used in the towns that we know to provide ...
New comment at Rewrite comments in Rails
New comment at Registration form customization
Allow authorization handlers to control when reauthorization is allowed Currently the only way to allow users to reauthorize themselves using a specific...
New proposal at Report a Bug
[Critical] Managed users with same name "steals" other person's identity When a Decidim instance has a form authorization handler, it allows the admin us...