Exposed Information in `GET /years` Endpoint for Unreleased Tasks

[Olda-Hal]

The GET /years endpoint (https://rest.ksi.fi.muni.cz/years) currently exposes the following properties:

• sum_points: Includes points for tasks that have not yet been released.
• tasks_cnt: Includes a count of tasks that have not yet been released.

This behavior allows anyone to deduce how many tasks are unreleased and the potential points they might earn from these tasks.

Steps to Reproduce

1. Access the endpoint https://rest.ksi.fi.muni.cz/years without any specific restrictions or permissions.
2. Observe that the response includes the properties sum_points and tasks_cnt with values reflecting both released and unreleased tasks (e.g., there is a greater number of tasks than the user can see).

Expected Behavior

• The properties sum_points and tasks_cnt should only account for tasks that are already released.
• Unreleased tasks should not influence the response data in any way.