summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTiago Botelho <tiagonbotelho@hotmail.com>2017-07-24 19:27:29 +0100
committerTiago Botelho <tiagonbotelho@hotmail.com>2017-07-25 12:57:43 +0100
commita872c3e886528016d5383ef9260277b8120e2cc4 (patch)
tree3d9ef190db09ebfba96cfd1fab9a0baa6f81b050
parentf39f54c6e6e02d23f59702bbbfc2b43864dc17be (diff)
downloadgitlab-ce-a872c3e886528016d5383ef9260277b8120e2cc4.tar.gz
Bumps Gitlab Omniauth LDAP versionbump-omniauth-ldap-gem-version
-rw-r--r--Gemfile2
-rw-r--r--Gemfile.lock16
-rw-r--r--changelogs/unreleased/bump-omniauth-ldap-gem-version.yml4
3 files changed, 13 insertions, 9 deletions
diff --git a/Gemfile b/Gemfile
index 5758b1b554e..d45c15fd650 100644
--- a/Gemfile
+++ b/Gemfile
@@ -60,7 +60,7 @@ gem 'browser', '~> 2.2'
# LDAP Auth
# GitLab fork with several improvements to original library. For full list of changes
# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
-gem 'gitlab_omniauth-ldap', '~> 1.2.1', require: 'omniauth-ldap'
+gem 'gitlab_omniauth-ldap', '~> 2.0.3', require: 'omniauth-ldap'
# Git Wiki
# Required manually in config/initializers/gollum.rb to control load order
diff --git a/Gemfile.lock b/Gemfile.lock
index 6ffff0d8735..7b1d5dfdc6e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -288,11 +288,11 @@ GEM
mime-types (>= 1.16, < 3)
posix-spawn (~> 0.3)
gitlab-markup (1.5.1)
- gitlab_omniauth-ldap (1.2.1)
- net-ldap (~> 0.9)
- omniauth (~> 1.0)
- pyu-ruby-sasl (~> 0.0.3.1)
- rubyntlm (~> 0.3)
+ gitlab_omniauth-ldap (2.0.3)
+ net-ldap (~> 0.16)
+ omniauth (~> 1.3)
+ pyu-ruby-sasl (>= 0.0.3.3, < 0.1)
+ rubyntlm (~> 0.5)
globalid (0.3.7)
activesupport (>= 4.1.0)
gollum-grit_adapter (1.0.1)
@@ -467,7 +467,7 @@ GEM
mustermann-grape (1.0.0)
mustermann (~> 1.0.0)
mysql2 (0.4.5)
- net-ldap (0.12.1)
+ net-ldap (0.16.0)
netrc (0.11.0)
nokogiri (1.6.8.1)
mini_portile2 (~> 2.1.0)
@@ -740,7 +740,7 @@ GEM
nokogiri (>= 1.5.10)
ruby_parser (3.9.0)
sexp_processor (~> 4.1)
- rubyntlm (0.5.2)
+ rubyntlm (0.6.2)
rubypants (0.2.0)
rubyzip (1.2.1)
rufus-scheduler (3.4.0)
@@ -974,7 +974,7 @@ DEPENDENCIES
github-linguist (~> 4.7.0)
gitlab-flowdock-git-hook (~> 1.0.1)
gitlab-markup (~> 1.5.1)
- gitlab_omniauth-ldap (~> 1.2.1)
+ gitlab_omniauth-ldap (~> 2.0.3)
gollum-lib (~> 4.2)
gollum-rugged_adapter (~> 0.4.4)
gon (~> 6.1.0)
diff --git a/changelogs/unreleased/bump-omniauth-ldap-gem-version.yml b/changelogs/unreleased/bump-omniauth-ldap-gem-version.yml
new file mode 100644
index 00000000000..42e1c9e8f83
--- /dev/null
+++ b/changelogs/unreleased/bump-omniauth-ldap-gem-version.yml
@@ -0,0 +1,4 @@
+---
+title: Prevent LDAP login callback from being called with a GET request
+merge_request: 13059
+author: