delta/gitlab/gitlab-ce.git/spec/initializers, branch docs/add_file_diff_description gitlab.com: gitlab-org/gitlab-ce.git Merge branch 'security-enable-image-proxy' into 'master' 2019-08-29T21:34:29+00:00 GitLab Release Tools Bot robert+release-tools@gitlab.com 2019-08-29T21:34:29+00:00 090956259c47d839b136f9391c3f74255764da81 Use image proxy to mitigate stealing ip addresses Closes #2812 See merge request gitlab/gitlabhq!2926 
Use image proxy to mitigate stealing ip addresses

Closes #2812

See merge request gitlab/gitlabhq!2926
 Merge branch 'security-ssrf-kubernetes-dns-12-3' into 'master' 2019-08-29T21:33:42+00:00 GitLab Release Tools Bot robert+release-tools@gitlab.com 2019-08-29T21:33:42+00:00 15b88fe57faff899b76d24e41985d83612c7de3a DNS Rebind SSRF in Kubernetes Integration See merge request gitlab/gitlabhq!3345 
DNS Rebind SSRF in Kubernetes Integration

See merge request gitlab/gitlabhq!3345
 Add support for using a Camo proxy server 2019-08-24T04:44:53+00:00 Brett Walker bwalker@gitlab.com 2019-02-20T23:51:55+00:00 ad05e488636ebe05b4985dbf3c7d912fd8d56f49 User images and videos will get proxied through the Camo server in order to keep malicious sites from collecting the IP address of users. 
User images and videos will get proxied through
the Camo server in order to keep malicious
sites from collecting the IP address of users.
Column was renamed in 12.2 2019-08-21T02:25:38+00:00 Thong Kuah tkuah@gitlab.com 2019-08-20T23:59:58+00:00 d1de6fd4d867ee817a1979e05344e580d33c7759 






Override hostname when connecting via Kubeclient
2019-08-20T22:49:22+00:00

Thong Kuah
tkuah@gitlab.com

2019-07-19T02:12:02+00:00

e0826b0cb522dc4a112f6617c6fb222f6e3f4ce2

Kubeclient uses rest-client. We hack into to access the net/http object
so that we can patch to connect to the resolved IP + set
hostname_override.

Add specs for discord. The discord integration also uses rest-client, so
since we patched rest-client, spec that the DNS rebinding protection
works





Kubeclient uses rest-client. We hack into to access the net/http object
so that we can patch to connect to the resolved IP + set
hostname_override.

Add specs for discord. The discord integration also uses rest-client, so
since we patched rest-client, spec that the DNS rebinding protection
works







feat: SMIME signed notification emails
2019-08-20T14:13:32+00:00

Diego Louzán
diego.louzan.ext@siemens.com

2019-07-10T19:40:28+00:00

0dcb9d21efc1db97765d82ee39a0f0905ba945ba

- Add mail interceptor the signs outgoing email with SMIME
- Add lib and helpers to work with SMIME data
- New configuration params for setting up SMIME key and cert files





- Add mail interceptor the signs outgoing email with SMIME
- Add lib and helpers to work with SMIME data
- New configuration params for setting up SMIME key and cert files







Remove ignored circuit_breaker columns
2019-06-28T08:30:40+00:00

Zeger-Jan van de Weg
git@zjvandeweg.nl

2019-06-28T08:28:28+00:00

cb4a514207c914069410a01de8b493076156752a

The circuit breaker itself got removed a while ago, when that happened
some parts got left behind. Using grep old stale settings and
validations were found and are now removed.





The circuit breaker itself got removed a while ago, when that happened
some parts got left behind. Using grep old stale settings and
validations were found and are now removed.







Store Let's Encrypt private key in settings
2019-05-28T04:47:34+00:00

Vladimir Shushlin
vshushlin@gitlab.com

2019-05-28T04:47:34+00:00

4687ff7c9be789341e82a6440234fce43f30b5be

Storing this key in secrets.yml was a bad idea,
it would require users using HA setups to manually
replicate secrets across nodes during update,
it also needed support from omnibus package

* Revert "Generate Let's Encrypt private key"
  This reverts commit 444959bfa0b79e827a2a1a7a314acac19390f976.

* Add Let's Encrypt private key to settings
  as encrypted attribute

* Generate Let's Encrypt private key
  in database migration





Storing this key in secrets.yml was a bad idea,
it would require users using HA setups to manually
replicate secrets across nodes during update,
it also needed support from omnibus package

* Revert "Generate Let's Encrypt private key"
  This reverts commit 444959bfa0b79e827a2a1a7a314acac19390f976.

* Add Let's Encrypt private key to settings
  as encrypted attribute

* Generate Let's Encrypt private key
  in database migration







Generate Let's Encrypt private key
2019-05-09T13:45:25+00:00

Vladimir Shushlin
vshushlin@gitlab.com

2019-05-09T13:45:25+00:00

444959bfa0b79e827a2a1a7a314acac19390f976












Run rubocop -a on CE files
2019-05-05T10:24:28+00:00

Stan Hu
stanhu@gmail.com

2019-05-05T10:19:14+00:00

f93b2e02a56a3b1f3041119e8302d43aeafc8284