delta/gitlab/gitlab-ce.git/config/gitlab.yml.example, branch migrate-diff-file-header-tests

Add note to gitlab.yml about Service Desk requirement

2019-09-04T14:23:08+00:00

Add Notification secret into gitlab.yml.template

2019-09-03T23:08:19+00:00

Update docs and comments about saml with allow_bypass_two_factor

2019-08-27T03:46:32+00:00

allow_bypass_two_factor configration dose not work with saml provider

Enable CSP in gitlab.yml.example

2019-08-22T18:10:33+00:00

This enables CSP in dev and CI

Fix typo in Content Security Policy example

2019-08-22T14:18:10+00:00

feat: SMIME signed notification emails

2019-08-20T14:13:32+00:00

- Add mail interceptor the signs outgoing email with SMIME
- Add lib and helpers to work with SMIME data
- New configuration params for setting up SMIME key and cert files

Add support for Content-Security-Policy

2019-08-07T02:37:31+00:00

A nonce-based Content-Security-Policy thwarts XSS attacks by allowing
inline JavaScript to execute if the script nonce matches the header
value. Rails 5.2 supports nonce-based Content-Security-Policy headers,
so provide configuration to enable this and make it work.

To support this, we need to change all `:javascript` HAML filters to the
following form:

```
= javascript_tag nonce: true do
  :plain
    ...
```

We use `%script` throughout our HAML to store JSON and other text, but
since this doesn't execute, browsers don't appear to block this content
from being used and require the nonce value to be present.

Backport of https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3809

2019-08-01T17:38:07+00:00

Introducing Docker Registry replication

Backport of https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14597

2019-07-24T14:56:48+00:00

This is the first part of Docker Registry replication
    for secondary Geo node.

Don't use transactions and exceptions

2019-07-16T19:20:43+00:00

Instead return error objects.