Details
-
Bug
-
Resolution: Duplicate
-
Medium
Description
It is a security flaw to allow users to be listed on the site; which is what this does. The workflow is also weird if you're trying to send pull requests to team-members only, and it keeps showing you unrelated people. It should be possible to filter it to team members for the searching, and just flat-out not return searches for users not in a team.