summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Add auto SSL toggle to Pages domain settings page28996-create-mvc-ui-in-hamlNathan Friend2019-06-0312-21/+305
| | | | | | | | This commit adds an auto SSL toggle switch to the settings page of GitLab Pages domains. This toggle enable or disabled auto SSL management via Let's Encrypt. Toggling the button dynamically updates the form using client-side JavaScript. All changes are behind feature flags.
* Merge branch 'winh-boardsStore.moving' into 'master'Mike Greiling2019-06-033-2/+21
|\ | | | | | | | | Move boardsStore.moving to BoardList component See merge request gitlab-org/gitlab-ce!29076
| * Move boardsStore.moving to BoardList componentWinnie Hellmann2019-06-033-2/+21
|/
* Merge branch 'selfmanaged-gitlabcom-import-update-docs' into 'master'Drew Blessing2019-06-031-2/+3
|\ | | | | | | | | Clarify "support" to mean GitLab.com integration See merge request gitlab-org/gitlab-ce!29091
| * Clarify "support" to mean GitLab.com integrationGreg Myers2019-06-031-2/+3
|/
* Merge branch 'qa-log-out-in-after-all-hook' into 'master'Dan Davison2019-06-031-0/+2
|\ | | | | | | | | Log out in after all hook See merge request gitlab-org/gitlab-ce!28969
| * Log out in after all hookqa-log-out-in-after-all-hookMark Lapierre2019-05-311-0/+2
| | | | | | | | So subsequent tests can successfully log in
* | Merge branch 'tc-db-explain-analyze' into 'master'Kamil Trzciński2019-06-033-0/+34
|\ \ | | | | | | | | | | | | Add activerecord-explain-analyze gem See merge request gitlab-org/gitlab-ce!29051
| * | Add activerecord-explain-analyze gemToon Claes2019-06-033-0/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This gem allows you to get the `EXPLAIN ANALYZE` query plan, directly from the Rails console. The gem is installed with `require: false`, but if it was loaded on launch, this would be it's memory load: ``` TOP: 145.3086 MiB rails/all: 22.4844 MiB ... activerecord-explain-analyze: 2.9648 MiB active_record/connection_adapters/postgresql_adapter: 2.9648 MiB pg: 2.9648 MiB pg_ext: 2.9648 MiB ... ```
* | | Merge branch 'qa-tentative-to-de-quarantine-e2e-test' into 'master'Dan Davison2019-06-031-1/+1
|\ \ \ | |/ / |/| | | | | | | | Backport EE MR See merge request gitlab-org/gitlab-ce!29066
| * | Backport EE MRqa-tentative-to-de-quarantine-e2e-testWalmyr Lima2019-06-031-1/+1
| | | | | | | | | | | | https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/13913
* | | Merge branch 'lm-update-mermaid-arch' into 'master'Achilleas Pipinellis2019-06-031-1/+1
|\ \ \ | | | | | | | | | | | | | | | | Update architecture.md to fix typo in GitLabMonito -> GitLabMonitor See merge request gitlab-org/gitlab-ce!28955
| * | | Update architecture.md to fix typo in GitLabMonito -> GitLabMonitorLee Matos2019-06-031-1/+1
|/ / /
* | | Merge branch 'sh-resolve-member-presenter-conflicts' into 'master'Robert Speicher2019-06-032-1/+17
|\ \ \ | | | | | | | | | | | | | | | | Reconcile CE and EE differences in members/_member.html.haml See merge request gitlab-org/gitlab-ce!29021
| * | | Reconcile CE and EE differences in members/_member.html.hamlsh-resolve-member-presenter-conflictsStan Hu2019-06-012-1/+17
| | | | | | | | | | | | | | | | This file conflicts quite frequently with any changes in the file.
* | | | Merge branch 'zj-bump-gitaly-master' into 'master'Mayra Cabrera2019-06-034-7/+7
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Stop two-step rebase from hanging when errors occur Closes #62353 See merge request gitlab-org/gitlab-ce!29068
| * | | | Bump Gitaly version to 1.44.0Douwe Maan2019-06-034-7/+7
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | This change makes sure Gitaly includes a fix to make rebase work again properly. Part of: https://gitlab.com/gitlab-org/gitlab-ce/issues/62353
* | | | Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhqRobert Speicher2019-06-039-3/+96
|\ \ \ \
| * \ \ \ Merge branch 'security-60143-address-xss-issue-master' into 'master'Robert Speicher2019-06-033-0/+55
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Reject slug+uri concat if slug is deemed unsafe See merge request gitlab/gitlabhq!3108
| | * | | | Reject slug+uri concat if slug is deemed unsafeKerri Miller2019-05-243-0/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | First reported: https://gitlab.com/gitlab-org/gitlab-ce/issues/60143 When the page slug is "javascript:" and we attempt to link to a relative path (using `.` or `..`) the code will concatenate the slug and the uri. This MR adds a guard to that concat step that will return `nil` if the incoming slug matches against any of the "unsafe" slug regexes; currently this is only for the slug "javascript:" but can be extended if needed. Manually tested against a non-exhaustive list from OWASP of common javascript XSS exploits that have to to with mangling the "javascript:" method, and all are caught by this change or by existing code that ingests the user-specified slug.
| * | | | | Merge branch 'security-58856-persistent-xss-in-note-objects' into 'master'Robert Speicher2019-06-036-3/+41
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Persistent XSS in note objects CE See merge request gitlab/gitlabhq!3075
| | * | | | | Remove unused fixture linesTiger2019-05-281-2/+0
| | | | | | |
| | * | | | | Change `prohibited_key` to use regexescharlieablett2019-05-011-4/+2
| | | | | | |
| | * | | | | Add `html` to sensitive wordscharlieablett2019-05-013-3/+4
| | | | | | |
| | * | | | | Remove accidental regressionscharlieablett2019-04-301-5/+6
| | | | | | |
| | * | | | | Ensure Issue & MR note_html cannot be importedAsh McKenzie2019-04-302-16/+16
| | | | | | |
| | * | | | | Refactor `attribute_cleaner` for readabilitycharlieablett2019-04-301-1/+3
| | | | | | |
| | * | | | | Further clarify `attribute_cleaner`charlieablett2019-04-291-10/+4
| | | | | | |
| | * | | | | Tighten up prohibited_key methodcharlieablett2019-04-261-3/+2
| | | | | | |
| | * | | | | Use English instead of LatinCharlie Ablett2019-04-251-2/+2
| | | | | | |
| | * | | | | Add disallowed fields to AttributeCleanercharlieablett2019-04-244-14/+21
| | | | | | |
| | * | | | | Re-stub stubbed method callscharlieablett2019-04-231-3/+9
| | | | | | |
| | * | | | | Add changelog entrycharlieablett2019-04-231-0/+5
| | | | | | |
| | * | | | | Exclude fields from note importcharlieablett2019-04-233-2/+29
| | | | | | |
* | | | | | | Merge branch 'osw-sync-merge-ref-upon-mergeability-check' into 'master'Douwe Maan2019-06-0314-222/+380
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatically update MR merge-ref along merge status Closes #58495 See merge request gitlab-org/gitlab-ce!28513
| * | | | | | | Add payload to the service responseOswaldo Ferreira2019-05-316-16/+152
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This introduces payload to the ServiceResponse with the merge ref HEAD commit data
| * | | | | | | Simplify merge_ref_head methodsOswaldo Ferreira2019-05-313-9/+7
| | | | | | | |
| * | | | | | | Automatically update MR merge-ref along merge statusOswaldo Ferreira2019-05-3112-215/+239
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This couples the code that transitions the `MergeRequest#merge_status` and refs/merge-requests/:iid/merge ref update. In general, instead of directly telling `MergeToRefService` to update the merge ref, we should rely on `MergeabilityCheckService` to keep both the merge status and merge ref synced. Now, if the merge_status is `can_be_merged` it means the merge-ref is also updated to the latest. We've also updated the logic to be more systematic and less user-based.
* | | | | | | | Merge branch '58269-separate-update-patch' into 'master'Mike Greiling2019-06-0310-235/+413
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Do not display Update app button when saving Knative domain name Closes #58269 See merge request gitlab-org/gitlab-ce!28904
| * | | | | | | | Add new externalized strings58269-separate-update-patchEnrique Alcantara2019-05-301-3/+6
| | | | | | | | |
| * | | | | | | | Add changelog entryEnrique Alcantara2019-05-301-0/+5
| | | | | | | | |
| * | | | | | | | Add updateSuccessful/Failed props to knative appEnrique Alcantara2019-05-303-27/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | They are used to indicate when knative domain name has changed
| * | | | | | | | Extract knative domain editor into a componentEnrique Alcantara2019-05-305-205/+365
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The new component also implements several improvements in the knative domain editor workflow: - Display a loading spinner when saving changes in the domain name - Display success toast message indicating changes were saved successfully. - Display error message in the contraty occurs
* | | | | | | | | Merge branch 'fp-update-invalid-anchor-link' into 'master'Marcia Ramos2019-06-031-4/+3
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update invalid anchor link See merge request gitlab-org/gitlab-ce!28822
| * | | | | | | | | Update invalid anchor linkFabio Pitino2019-06-031-4/+3
|/ / / / / / / / /
* | | | | | | | | Merge branch 'patch-64' into 'master'Marcia Ramos2019-06-031-1/+5
|\ \ \ \ \ \ \ \ \ | |_|_|_|_|_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | Docs: Fix badly rendered code blocks in JavaScript styleguide See merge request gitlab-org/gitlab-ce!29017
| * | | | | | | | Fix badly rendered code blocks in JavaScript styleguideOndřej Budai2019-06-011-1/+5
| | |_|_|_|_|/ / | |/| | | | | |
* | | | | | | | Merge branch 'tc-db-docs' into 'master'Marcia Ramos2019-06-031-2/+9
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add some more database docs See merge request gitlab-org/gitlab-ce!28784
| * | | | | | | | Add some more database docsToon Claes2019-06-031-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a few useful links for those who want to learn more about databases and database performance.
* | | | | | | | | Merge branch 'update-gitlab-runner-helm-chart-to-0-5-2' into 'master'Kamil Trzciński2019-06-032-1/+6
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update GitLab Runner Helm Chart to 0.5.2/11.11.2 See merge request gitlab-org/gitlab-ce!29050
View Lorry Controller Status