| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\ |
|
| |
| |
| |
| |
| | |
Issue: https://gitlab.com/gitlab-org/gitlab-ce/issues/12785
Merge Request: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3514
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
use ! rather than # for merge request references
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/15278
See merge request !3740
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Sanitize branch names for confidential issues
- When creating new branches for confidential issues, prefer a branch name like `issue-15` to `some-sensitive-issue-title-15`.
- The behaviour for non-confidential issues stays the same.
Closes #14566
See merge request !3671
|
| | | |
| | | |
| | | |
| | | | |
`<id>-confidential-issue`.
|
| | | | |
|
| |\ \ \
| | | | |
| | | | |
| | | | | |
14566-confidential-issue-branches
|
| | | | | |
|
| |\ \ \ \
| | | | | |
| | | | | |
| | | | | | |
14566-confidential-issue-branches
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- Test the case where we have a referenced merge request that's being
- excluded as a "related branch"
- This took a while to figure out, especially the
`create_cross_references!` line.
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- Previously, the controller held the logic to calculate
related branches, which was:
`<branches ending with `issue.iid`> - <branches with a merge request referenced in the current issue>`
- This logic belongs in the `related_branches` method, not in the
controller. This commit makes this change.
- This means that `Issue#related_branches` now needs to take a `User`.
When we find the branches that have a merge request referenced in the
current issue, this is limited to merge requests that the current user
has access to.
- This is not directly related to #14566, but is a related refactoring.
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- When creating new branches for confidential issues,
prefer a branch name like `issue-15` to
`some-sensitive-issue-title-15`.
- The behaviour for non-confidential issues stays the same.
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Configuring of points per UDP packet
Related to https://gitlab.com/gitlab-com/operations/issues/195. This option would allow us to experiment with finding a good balance between points-per-packet and the UDP packet size.
cc @pcarranza
See merge request !3816
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This allows users to configure the number of points stored in a single
UDP packet. This in turn can be used to reduce the number of UDP packets
being sent at the cost of these packets being somewhat larger.
The default setting is 1 point per packet so nothing changes for
existing users.
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Bump version to 8.8.0-pre
See merge request !3809
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|\ \ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
"git lfs init" is deprecated, use "git lfs install" instead.
Recent releases of git-lfs warn that "init" is a deprecated command and that "install" should be used.
See merge request !3779
|
| | | |_|_|_|_|_|/
| | |/| | | | | | |
|
|\ \ \ \ \ \ \ \ \
| |/ / / / / / / /
|/| | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Remove persistent XSS vulnerability in `commit_person_link` helper
Because we were incorrectly supplying the tooltip title as
`data-original-title` (which Bootstrap's Tooltip JS automatically
applies based on the `title` attribute; we should never be setting it
directly), the value was being passed through as-is.
Instead, we should be supplying the normal `title` attribute and letting
Rails escape the value, which also negates the need for us to call
`sanitize` on it.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15126
See merge request !1948
|
| | | | | | | | | |
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Because we were incorrectly supplying the tooltip title as
`data-original-title` (which Bootstrap's Tooltip JS automatically
applies based on the `title` attribute; we should never be setting it
directly), the value was being passed through as-is.
Instead, we should be supplying the normal `title` attribute and letting
Rails escape the value, which also negates the need for us to call
`sanitize` on it.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15126
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Removed aside toggle on profile pages
Closes #13943
See merge request !3796
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Closes #13943
|
|\ \ \ \ \ \ \ \ \ \
| |_|_|_|_|/ / / / /
|/| | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Trigger filtering after ajax is complete in dropdown
![filter](/uploads/1c361d968769eb3fe5cdd05dee497aa6/filter.gif)
Closes #15186
See merge request !3813
|
| | |_|_|/ / / / /
| |/| | | | | | |
| | | | | | | | |
| | | | | | | | | |
Closes #15186
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
API: Present an array of Gitlab::Git::Tag instead of array of rugged tags
The annotated message was always `null` because the wrong array was presented.
The entity requires an array of `Gitlab::Git::Tags` instead an array of raw rugged tags was presented. Since a rugged tag does not respond to `message` to get the annotated message, this was always `null`.
See merge request !3764
|
| | | | | | | | | | |
|
| | |_|_|_|_|_|_|/
| |/| | | | | | | |
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Add notice about GitLab Runner to requirements docs
This is related to #14589, and problems that may stem from running
GitLab Runner on same machine user installed GitLab web app on.
See merge request !3518
|
| | | | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
[ci skip]
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This is related to !14589, and problems that may stem from running
GitLab Runner on same machine user installed GitLab web app on.
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Add configurable shared runners text
cc @axil @rspeicher @grzesiek
See merge request !3750
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
| | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
* 'master' of dev.gitlab.org:gitlab/gitlabhq:
Add Changelog entry for group link permissions fix
Use guard clause to check ability to share project
Refactor method that shares project with a group
Check permissions when sharing project with group
|
| |\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Check permissions when sharing project with group
## Summary
Unprivileged user was able to share project with group he didn't have access to, and therefore gain partial access to that group, which opened possibilities for further actions like listing private projects in that group.
See https://gitlab.com/gitlab-org/gitlab-ce/issues/15330
## Fix
This change introduces additional check for group read access.
## Further work
We can think about preventing such problems in the future (this is quite common problem) by moving permissions checks to another layer of abstraction (TBD).
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15330
See merge request !1949
|
| | | | | | | | | | | | | |
|
| | | | | | | | | | | | | |
|
| | | | | | | | | | | | | |
|
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Closes #15330
|
|\ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Make before_script and after_script overridable
This is makes it possible to overwrite the before_script and after_script at job level.
This is continuation of https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3771
See merge request !3772
|