delta/gitlab/gitlab-ce.git/spec/support, branch fix-migration-changes gitlab.com: gitlab-org/gitlab-ce.git Fix expanding a collapsed diff when converting a symlink to a regular file 2016-11-10T17:24:12+00:00 Adam Niedzielski adamsunday@gmail.com 2016-11-10T17:24:12+00:00 3fa265d19547669c60788e38e389fa12bb119235 In this case comparing old_path and new_path is not enough because there are two entires that match. 
In this case comparing old_path and new_path is not enough because there
are two entires that match.
Merge branch 'pipeline-notifications' into 'master' 2016-11-09T13:41:04+00:00 Sean McGivern sean@mcgivern.me.uk 2016-11-09T13:41:04+00:00 a8fcaaf1bf27a2bcf20a0cde2546f0de7b73dced Integrate CI emails into notification system Closes #21930 See merge request !6342 

Integrate CI emails into notification system

Closes #21930

See merge request !6342
 Merge branch 'issue_23548_dev' into 'master' 2016-11-09T11:25:17+00:00 Douwe Maan douwe@gitlab.com 2016-11-01T20:18:51+00:00 bf061d0aff091a73611037b811cea2d3380962f4 disable markdown in comments when referencing disabled features fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23548 This MR prevents the following references when tool is disabled: - issues - snippets - commits - when repo is disabled - commit range - when repo is disabled - milestones This MR does not prevent references to repository files, since they are just markdown links and don't leak information. See merge request !2011 Signed-off-by: Rémy Coutable <remy@rymai.me> 
disable markdown in comments when referencing disabled features

fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23548

This MR prevents the following references when tool is disabled:

- issues
- snippets
- commits - when repo is disabled
- commit range - when repo is disabled
- milestones

This MR does not prevent references to repository files, since they are just markdown links and don't leak
information.

See merge request !2011

Signed-off-by: Rémy Coutable <remy@rymai.me>
Merge branch '22481-honour-issue-visibility-for-groups' into 'security' 2016-11-09T11:24:13+00:00 Douwe Maan douwe@gitlab.com 2016-10-26T17:34:06+00:00 79d94b167999544086db235602a9213a2d37831e Honour issue and merge request visibility in their respective finders This MR fixes a security issue with the IssuesFinder and MergeRequestFinder where they would return items the user did not have permission to see. This was most visible on the issue and merge requests page for a group containing projects that had set their issues or merge requests to "private". Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22481 See merge request !2000 

Honour issue and merge request visibility in their respective finders

This MR fixes a security issue with the IssuesFinder and MergeRequestFinder where they would return items the user did not have permission to see. This was most visible on the issue and merge requests page for a group containing projects that had set their issues or merge requests to "private".

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22481

See merge request !2000
 Merge remote-tracking branch 'upstream/master' into pipeline-notifications 2016-11-08T15:52:17+00:00 Lin Jen-Shin godfat@godfat.org 2016-11-08T15:52:17+00:00 3744d629e894afa3cb54c7edd2b61e0f17deb34f * upstream/master: (70 commits) Fix routing spec for group controller Add small improvements to constrainers and specs Faster search Fix broken commits search Changed helper method to check for none on params Moved if statements around in view API: Return 400 when creating a systemhook fails Update non-exist group spinach test to match routing Bump omniauth-gitlab to 1.0.2 to fix incompatibility with omniauth-oauth2 Replace trigger with the new ID of the docs project Refactor method name 17492 Update link color for more accessible contrast Fixed todos empty state when filtering Refactor namespace regex implements reset incoming email token on issues modal and account page, reactivates all tests and writes more tests for it Use separate email-friendly token for incoming email and let incoming email token be reset Use the Gitlab Workhorse HTTP header in the admin dashboard Refactor project routing Fix 404 when visit /projects page Rewritten spinach git_blame tests to rspec feature tests Add tests for project#index routing ... 
* upstream/master: (70 commits)
  Fix routing spec for group controller
  Add small improvements to constrainers and specs
  Faster search
  Fix broken commits search
  Changed helper method to check for none on params Moved if statements around in view
  API: Return 400 when creating a systemhook fails
  Update non-exist group spinach test to match routing
  Bump omniauth-gitlab to 1.0.2 to fix incompatibility with omniauth-oauth2
  Replace trigger with the new ID of the docs project
  Refactor method name
  17492 Update link color for more accessible contrast
  Fixed todos empty state when filtering
  Refactor namespace regex
  implements reset incoming email token on issues modal and account page, reactivates all tests and writes more tests for it
  Use separate email-friendly token for incoming email and let incoming email token be reset
  Use the Gitlab Workhorse HTTP header in the admin dashboard
  Refactor project routing
  Fix 404 when visit /projects page
  Rewritten spinach git_blame tests to rspec feature tests
  Add tests for project#index routing
  ...
Fix broken commits search 2016-11-08T10:03:23+00:00 Valery Sizov valery@gitlab.com 2016-11-07T18:36:58+00:00 ebc44befdc773b39a171d38dc13c38cd6630828a 






Use `git update-ref --stdin -z` to speed up TestEnv.set_repo_refs
2016-11-07T11:24:06+00:00

Nick Thomas
nick@gitlab.com

2016-11-04T04:47:39+00:00

29668aec46f0c7479bf974e6d27ace866c800940

Previously, we were calling `git update-ref <ref> <sha>` about 30 times per
test using `create(:project)` or similar.





Previously, we were calling `git update-ref <ref> <sha>` about 30 times per
test using `create(:project)` or similar.







Merge remote-tracking branch 'upstream/master' into pipeline-notifications
2016-11-03T19:01:48+00:00

Lin Jen-Shin
godfat@godfat.org

2016-11-03T19:01:48+00:00

f16dca30516281aee428e78708cd91825ea7b75d

* upstream/master: (23 commits)
  Clarify the author field for the changelog documentation
  Add and update .gitignore & .gitlab-ci.yml templates for 8.14
  Update "Installation from source" guide for 8.14.0
  Add CHANGELOG entries for latest patches
  Merge branch 'fix/import-export-symlink-vulnerability' into 'security'
  Merge branch 'fix/import-projectmember-security' into 'security'
  Use stubs instead of modifying global states
  Add changelog instructions to CHANGELOG.md
  Try not to include anything globally!
  Update help banner for bin/changelog
  Update docs and test description
  Update docs and unexpose token
  Initialize form validation on new group form.
  Unchange username_validator.
  Move snake_case to camelCase.
  Change show-gl-field-errors to gl-show-field-errors
  Fix changelog.
  List gl_field_error as gl_field_errors dep.
  Break out GlFieldError into separate file.
  Add gl field errors to group name edit form.
  ...





* upstream/master: (23 commits)
  Clarify the author field for the changelog documentation
  Add and update .gitignore & .gitlab-ci.yml templates for 8.14
  Update "Installation from source" guide for 8.14.0
  Add CHANGELOG entries for latest patches
  Merge branch 'fix/import-export-symlink-vulnerability' into 'security'
  Merge branch 'fix/import-projectmember-security' into 'security'
  Use stubs instead of modifying global states
  Add changelog instructions to CHANGELOG.md
  Try not to include anything globally!
  Update help banner for bin/changelog
  Update docs and test description
  Update docs and unexpose token
  Initialize form validation on new group form.
  Unchange username_validator.
  Move snake_case to camelCase.
  Change show-gl-field-errors to gl-show-field-errors
  Fix changelog.
  List gl_field_error as gl_field_errors dep.
  Break out GlFieldError into separate file.
  Add gl field errors to group name edit form.
  ...







Merge branch 'fix/import-export-symlink-vulnerability' into 'security'
2016-11-03T15:04:18+00:00

Douwe Maan
douwe@gitlab.com

2016-10-27T15:10:19+00:00

dc9b3db8b0e278399c5ce4ff9b0c5e388ecfe5b0

Fix symlink vulnerability in Import/Export

Replaces https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2018 made by @james

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23822

See merge request !2022

Signed-off-by: Rémy Coutable <remy@rymai.me>





Fix symlink vulnerability in Import/Export

Replaces https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2018 made by @james

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23822

See merge request !2022

Signed-off-by: Rémy Coutable <remy@rymai.me>







Merge remote-tracking branch 'upstream/master' into pipeline-notifications
2016-11-03T12:43:24+00:00

Lin Jen-Shin
godfat@godfat.org

2016-11-03T12:43:24+00:00

b0af0ab62fa7b0b64443e510ed388cef83db996d

* upstream/master: (26 commits)
  Add a `--force` option to bin/changelog
  Update examples in changelog docs to use single quotes around title
  Use the server's base URL without relative URL part when creating links in JIRA
  Make ESLint ignore instrumented files for coverage analysis (!7236)
  Check that JavaScript file names match convention (!7238)
  Removed z-index for filters on issue boards
  GitLab 8.13 not 13
  Replace MR Description Format links
  Fix gdb backtrace command
  Update gitlab.yml.example
  remove extra spaces from app/workers/post_receive.rb
  Add Rake task to create/repair GitLab Shell hooks symlinks
  Added guide for upgrading Postgres using Slony
  Ensure hook tokens are write-only in the API
  Add support for token attr in project hooks API
  Add a CHANGELOG entry
  Fix edit button wiki
  Updated Sortable JS plugin
  Allow owners to fetch source code in CI builds
  fixes milestone dropdown not select issue
  ...





* upstream/master: (26 commits)
  Add a `--force` option to bin/changelog
  Update examples in changelog docs to use single quotes around title
  Use the server's base URL without relative URL part when creating links in JIRA
  Make ESLint ignore instrumented files for coverage analysis (!7236)
  Check that JavaScript file names match convention (!7238)
  Removed z-index for filters on issue boards
  GitLab 8.13 not 13
  Replace MR Description Format links
  Fix gdb backtrace command
  Update gitlab.yml.example
  remove extra spaces from app/workers/post_receive.rb
  Add Rake task to create/repair GitLab Shell hooks symlinks
  Added guide for upgrading Postgres using Slony
  Ensure hook tokens are write-only in the API
  Add support for token attr in project hooks API
  Add a CHANGELOG entry
  Fix edit button wiki
  Updated Sortable JS plugin
  Allow owners to fetch source code in CI builds
  fixes milestone dropdown not select issue
  ...