summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Add note about token storage in plain textdocs-jupyter-gitdanielgruesso2019-06-041-0/+7
|
* Update jupyter clone screenshotdanielgruesso2019-06-043-1/+1
|
* Update verbiage and add clone screenshotdanielgruesso2019-06-042-7/+6
|
* Apply suggestion to doc/user/clusters/applications.mdDaniel Gruesso2019-06-041-1/+2
|
* Apply suggestion to doc/user/clusters/applications.mdDaniel Gruesso2019-06-041-1/+7
|
* Apply suggestion to doc/user/clusters/applications.mdDaniel Gruesso2019-06-041-1/+1
|
* Apply suggestion to doc/user/project/clusters/runbooks/index.mdDaniel Gruesso2019-06-041-1/+1
|
* Update gif imagedanielgruesso2019-06-033-1/+1
|
* Add Jupyter git extension sectiondanielgruesso2019-06-033-4/+20
|
* Merge branch 'sh-resolve-member-presenter-conflicts' into 'master'Robert Speicher2019-06-032-1/+17
|\ | | | | | | | | Reconcile CE and EE differences in members/_member.html.haml See merge request gitlab-org/gitlab-ce!29021
| * Reconcile CE and EE differences in members/_member.html.hamlsh-resolve-member-presenter-conflictsStan Hu2019-06-012-1/+17
| | | | | | | | This file conflicts quite frequently with any changes in the file.
* | Merge branch 'zj-bump-gitaly-master' into 'master'Mayra Cabrera2019-06-034-7/+7
|\ \ | | | | | | | | | | | | | | | | | | Stop two-step rebase from hanging when errors occur Closes #62353 See merge request gitlab-org/gitlab-ce!29068
| * | Bump Gitaly version to 1.44.0Douwe Maan2019-06-034-7/+7
|/ / | | | | | | | | | | | | This change makes sure Gitaly includes a fix to make rebase work again properly. Part of: https://gitlab.com/gitlab-org/gitlab-ce/issues/62353
* | Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhqRobert Speicher2019-06-039-3/+96
|\ \
| * \ Merge branch 'security-60143-address-xss-issue-master' into 'master'Robert Speicher2019-06-033-0/+55
| |\ \ | | | | | | | | | | | | | | | | Reject slug+uri concat if slug is deemed unsafe See merge request gitlab/gitlabhq!3108
| | * | Reject slug+uri concat if slug is deemed unsafeKerri Miller2019-05-243-0/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | First reported: https://gitlab.com/gitlab-org/gitlab-ce/issues/60143 When the page slug is "javascript:" and we attempt to link to a relative path (using `.` or `..`) the code will concatenate the slug and the uri. This MR adds a guard to that concat step that will return `nil` if the incoming slug matches against any of the "unsafe" slug regexes; currently this is only for the slug "javascript:" but can be extended if needed. Manually tested against a non-exhaustive list from OWASP of common javascript XSS exploits that have to to with mangling the "javascript:" method, and all are caught by this change or by existing code that ingests the user-specified slug.
| * | | Merge branch 'security-58856-persistent-xss-in-note-objects' into 'master'Robert Speicher2019-06-036-3/+41
| |\ \ \ | | | | | | | | | | | | | | | | | | | | Persistent XSS in note objects CE See merge request gitlab/gitlabhq!3075
| | * | | Remove unused fixture linesTiger2019-05-281-2/+0
| | | | |
| | * | | Change `prohibited_key` to use regexescharlieablett2019-05-011-4/+2
| | | | |
| | * | | Add `html` to sensitive wordscharlieablett2019-05-013-3/+4
| | | | |
| | * | | Remove accidental regressionscharlieablett2019-04-301-5/+6
| | | | |
| | * | | Ensure Issue & MR note_html cannot be importedAsh McKenzie2019-04-302-16/+16
| | | | |
| | * | | Refactor `attribute_cleaner` for readabilitycharlieablett2019-04-301-1/+3
| | | | |
| | * | | Further clarify `attribute_cleaner`charlieablett2019-04-291-10/+4
| | | | |
| | * | | Tighten up prohibited_key methodcharlieablett2019-04-261-3/+2
| | | | |
| | * | | Use English instead of LatinCharlie Ablett2019-04-251-2/+2
| | | | |
| | * | | Add disallowed fields to AttributeCleanercharlieablett2019-04-244-14/+21
| | | | |
| | * | | Re-stub stubbed method callscharlieablett2019-04-231-3/+9
| | | | |
| | * | | Add changelog entrycharlieablett2019-04-231-0/+5
| | | | |
| | * | | Exclude fields from note importcharlieablett2019-04-233-2/+29
| | | | |
* | | | | Merge branch 'osw-sync-merge-ref-upon-mergeability-check' into 'master'Douwe Maan2019-06-0314-222/+380
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Automatically update MR merge-ref along merge status Closes #58495 See merge request gitlab-org/gitlab-ce!28513
| * | | | | Add payload to the service responseOswaldo Ferreira2019-05-316-16/+152
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This introduces payload to the ServiceResponse with the merge ref HEAD commit data
| * | | | | Simplify merge_ref_head methodsOswaldo Ferreira2019-05-313-9/+7
| | | | | |
| * | | | | Automatically update MR merge-ref along merge statusOswaldo Ferreira2019-05-3112-215/+239
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This couples the code that transitions the `MergeRequest#merge_status` and refs/merge-requests/:iid/merge ref update. In general, instead of directly telling `MergeToRefService` to update the merge ref, we should rely on `MergeabilityCheckService` to keep both the merge status and merge ref synced. Now, if the merge_status is `can_be_merged` it means the merge-ref is also updated to the latest. We've also updated the logic to be more systematic and less user-based.
* | | | | | Merge branch '58269-separate-update-patch' into 'master'Mike Greiling2019-06-0310-235/+413
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Do not display Update app button when saving Knative domain name Closes #58269 See merge request gitlab-org/gitlab-ce!28904
| * | | | | | Add new externalized strings58269-separate-update-patchEnrique Alcantara2019-05-301-3/+6
| | | | | | |
| * | | | | | Add changelog entryEnrique Alcantara2019-05-301-0/+5
| | | | | | |
| * | | | | | Add updateSuccessful/Failed props to knative appEnrique Alcantara2019-05-303-27/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | They are used to indicate when knative domain name has changed
| * | | | | | Extract knative domain editor into a componentEnrique Alcantara2019-05-305-205/+365
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The new component also implements several improvements in the knative domain editor workflow: - Display a loading spinner when saving changes in the domain name - Display success toast message indicating changes were saved successfully. - Display error message in the contraty occurs
* | | | | | | Merge branch 'fp-update-invalid-anchor-link' into 'master'Marcia Ramos2019-06-031-4/+3
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update invalid anchor link See merge request gitlab-org/gitlab-ce!28822
| * | | | | | | Update invalid anchor linkFabio Pitino2019-06-031-4/+3
|/ / / / / / /
* | | | | | | Merge branch 'patch-64' into 'master'Marcia Ramos2019-06-031-1/+5
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Docs: Fix badly rendered code blocks in JavaScript styleguide See merge request gitlab-org/gitlab-ce!29017
| * | | | | | | Fix badly rendered code blocks in JavaScript styleguideOndřej Budai2019-06-011-1/+5
| | |_|_|_|_|/ | |/| | | | |
* | | | | | | Merge branch 'tc-db-docs' into 'master'Marcia Ramos2019-06-031-2/+9
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add some more database docs See merge request gitlab-org/gitlab-ce!28784
| * | | | | | | Add some more database docsToon Claes2019-06-031-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a few useful links for those who want to learn more about databases and database performance.
* | | | | | | | Merge branch 'update-gitlab-runner-helm-chart-to-0-5-2' into 'master'Kamil Trzciński2019-06-032-1/+6
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update GitLab Runner Helm Chart to 0.5.2/11.11.2 See merge request gitlab-org/gitlab-ce!29050
| * | | | | | | | Update GitLab Runner Helm Chart to 0.5.2update-gitlab-runner-helm-chart-to-0-5-2Tomasz Maczukin2019-06-032-1/+6
| | | | | | | | |
* | | | | | | | | Merge branch 'refactor-update-statistics-concern' into 'master'Douglas Barbosa Alexandre2019-06-035-32/+44
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Cleans up UpdateProjectStatistics concern See merge request gitlab-org/gitlab-ce!28999
| * | | | | | | | | Cleans up UpdateProjectStatistics concernMayra Cabrera2019-06-035-32/+44
|/ / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Renames attributes from stat to project_statistiscs_name and attribute to statistic_attribute - Reordes methods on UpdateProjectStatistics concern - Removes unused module from Ci::Build
* | | | | | | | | Merge branch 'issafeurl-utility' into 'master'Kushal Pandya2019-06-032-0/+120
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add global isSafeURL utility See merge request gitlab-org/gitlab-ce!28943
View Lorry Controller Status