summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Use switch/when statementescape-to-cancel-noteDouwe Maan2016-07-051-21/+24
|
* Double to single quotesDouwe Maan2016-07-041-1/+1
|
* Add confirmation when canceling creating/editing with changesDouwe Maan2016-07-041-0/+12
|
* Cancel creating or editing note by hitting EscapeDouwe Maan2016-07-041-5/+20
|
* Merge branch '13524-keep-around-commits' into 'master' Douwe Maan2016-07-0412-7/+88
|\ | | | | | | | | | | | | | | | | Don't garbage collect commits that have related DB records like comments Closes #13524 Also needed for https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4101. See merge request !5062
| * Document Repository#keep_aroundDouwe Maan2016-07-041-4/+8
| |
| * Don't garbage collect commits that have related DB records like commentsDouwe Maan2016-07-0412-7/+84
| |
* | Merge branch 'downgrade-redis-3-2-2' into 'master' Robert Speicher2016-07-032-1/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | Downgrade to Redis 3.2.2 due to massive memory leak with Sidekiq This affects GitLab 8.8 and 8.9. See: * https://github.com/mperham/sidekiq/blob/master/Changes.md#413 * https://gitlab.com/gitlab-org/gitlab-ce/issues/19441 See merge request !5056
| * | Downgrade to Redis 3.2.2 due to massive memory leak with Sidekiqdowngrade-redis-3-2-2Stan Hu2016-07-012-1/+2
| |/ | | | | | | | | | | | | See: https://github.com/mperham/sidekiq/blob/master/Changes.md#413 https://gitlab.com/gitlab-org/gitlab-ce/issues/19441
* | Merge branch 'redcloth-4-3-2-cve-2012-6684' into 'master' Stan Hu2016-07-033-3/+4
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update RedCloth to 4.3.2 for CVE-2012-6684 ## What does this MR do? To fix XSS (CVE-2012-6684), upgrade RedCloth to 4.3.2. ## Are there points in the code the reviewer needs to double check? No. ## Why was this MR needed? Security vulnerability in RedCloth (CVE-2012-6684) should be fixed to provide GitLab as a secure software. ## What are the relevant issue numbers? Closes #19169 cf. !2037, !2071 ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [n/a] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [n/a] API support added - Tests - [n/a] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4929
| * | Update CHANGELOGTakuya Noguchi2016-07-031-0/+1
| | |
| * | Update RedCloth to 4.3.2 for CVE-2012-6684Takuya Noguchi2016-07-032-3/+3
| | |
* | | Merge branch ↵Robert Schilling2016-07-031-1/+1
|\ \ \ | |/ / |/| | | | | | | | | | | | | | | | | | | | | | | '19448-merge-requests-api-has-incorrect-documentation-regarding-merge_when_build_succeeds' into 'master' Fix typo in Merge Requests API documentation Closes #19448 See merge request !5057
| * | Fix typo in Merge Requests API documentation19448-merge-requests-api-has-incorrect-documentation-regarding-merge_when_build_succeedsAlejandro Rodríguez2016-07-021-1/+1
|/ /
* | Merge branch 'git-http-kerberos-ce' into 'master' Douwe Maan2016-07-013-16/+59
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | Groundwork for Kerberos SPNEGO (EE feature) Refactor Projecst::GitHttpController to allow Kerberos integration in GitLab EE. Companion to https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/509 See merge request !5037
| * | Groundwork for Kerberos SPNEGO (EE feature)Jacob Vosmaer2016-07-013-16/+59
| | |
* | | Merge branch 'explicit-requesters-scope' into 'master' Douwe Maan2016-07-0131-98/+225
|\ \ \ | |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Exclude requesters from Project#members, Group#members and User#members ## What does this MR do? It excludes requesters from the `Project#members`, `Group#members` and `User#members` associations, and adds new `Project#requesters` and `Group#requesters` associations. ## Are there points in the code the reviewer needs to double check? No. ## Why was this MR needed? Without this, if you call `project.members`, requesters are included in the results! This is at best misleading, and at worst can lead to security issues. By excluding requesters from the `#members` associations, we avoid introducing security inadvertently since you have to call the `#requesters` association explicitly to get requesters. ## What are the relevant issue numbers? This is something I realized while fixing the security issue #19102. ## Does this MR meet the acceptance criteria? - [x] I don't think this needs a CHANGELOG since this is an internal change - Tests - [x] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4946
| * | Exclude requesters from Project#members, Group#members and User#membersexplicit-requesters-scopeRémy Coutable2016-07-0131-98/+225
| | | | | | | | | | | | | | | | | | And create new Project#requesters, Group#requesters scopes. Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | Merge branch 'upgrade-sidekiq' into 'master' Robert Speicher2016-07-011-3/+4
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade Sidekiq from 4.1.2 to 4.1.4. Adds a dependency on Sinatra and allows Sinatra 2 for eventual support of Rack 2. Changelog: https://github.com/mperham/sidekiq/blob/master/Changes.md#414 Working toward #14286. See merge request !5044
| * | | Upgrade Sidekiq from 4.1.2 to 4.1.4.upgrade-sidekiqConnor Shea2016-07-011-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | Adds a dependency on Sinatra and allows Sinatra 2 for eventual support of Rack 2. Changelog: https://github.com/mperham/sidekiq/blob/master/Changes.md#414
* | | | Merge branch 'upgrade-seedfu' into 'master' Robert Speicher2016-07-011-3/+3
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade seed-fu from 2.3.5 to 2.3.6 Adds Rails 5 support. Working toward #14286. Changelog: https://github.com/mbleigh/seed-fu/blob/master/CHANGELOG.md#version-236 See merge request !5042
| * | | | Upgrade seed-fu from 2.3.5 to 2.3.6upgrade-seedfuConnor Shea2016-07-011-3/+3
| |/ / / | | | | | | | | | | | | | | | | | | | | Adds Rails 5 support. Changelog: https://github.com/mbleigh/seed-fu/blob/master/CHANGELOG.md#version-236
* | | | Merge branch 'upgrade-sass-rails' into 'master' Robert Speicher2016-07-011-2/+2
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade sass-rails ## What does this MR do? Upgrades sass-rails from 5.0.4 to 5.0.5. Includes support for Rails 5. Changelog: https://github.com/rails/sass-rails/releases Working toward #14286 See merge request !5030
| * | | | Upgrade sass-rails.upgrade-sass-railsConnor Shea2016-06-301-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade sass-rails from 5.0.4 to 5.0.5. Includes support for Rails 5. Changelog: https://github.com/rails/sass-rails/releases
* | | | | Merge branch 'rubocop/enable-cops-for-empty-lines' into 'master' Robert Speicher2016-07-01162-238/+1
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enable Style/EmptyLines Rubocop cop #17478 See merge request !5013
| * | | | | Enable Style/EmptyLines cop, remove redundant onesrubocop/enable-cops-for-empty-linesGrzegorz Bizon2016-07-01162-238/+1
| | | | | |
* | | | | | Merge branch 'renable-import-button-when-namespace-already-been-taken' into ↵Fatih Acet2016-07-013-5/+12
|\ \ \ \ \ \ | |/ / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'master' Renable import button when import process fail due to the namespace already been taken Closes #19435 ## Screenshots (if relevant) Before: ![1](/uploads/e8de1b326e0751891f667630a7685f6a/1.png)<br/><br/> After: ![2](/uploads/566f1fd5442c28232350689fce8eae76/2.png) See merge request !5053
| * | | | | Update CHANGELOGDouglas Barbosa Alexandre2016-07-011-0/+1
| | | | | |
| * | | | | Cache results from jQuery selectors to retrieve namespace nameDouglas Barbosa Alexandre2016-07-011-4/+7
| | | | | |
| * | | | | Fix import button when import fail due the namespace already been takenDouglas Barbosa Alexandre2016-07-012-2/+5
|/ / / / /
* | | | | Merge branch '19388-fix-snippets-notes-not-shown' into 'master' Rémy Coutable2016-07-011-1/+1
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix snippets comments not displayed ## What does this MR do? Fix an issue where comments body were not displayed for project snippets anymore (see commit for details). ## Are there points in the code the reviewer needs to double check? No. ## Why was this MR needed? Because of #19388. ## What are the relevant issue numbers? Fixes #19388. ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - Tests - [ ] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5045
| * | | | | Fix snippets comments not displayed19388-fix-snippets-notes-not-shownRémy Coutable2016-07-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The issue was that @notes were not passed to Banzai::NoteRenderer.render in Projects::SnippetsController#show. This was forgotten in d470f3d1. Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | | | | Merge branch 'patch-3' into 'master' Achilleas Pipinellis2016-07-011-0/+1
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | adding link to .gitlab-ci.yml templates closes #18998 ## What does this MR do? Add link to CI templates ## Are there points in the code the reviewer needs to double check? No ## Why was this MR needed? Asked by Sid - see #18998 ## What are the relevant issue numbers? up ## Screenshots (if relevant) ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5033
| * | | | | | adding link to .gitlab-ci.yml templates - closes #18998Marcia Ramos2016-07-011-0/+1
| | | | | | |
* | | | | | | Merge branch 'fix-relative-root-emoji-support' into 'master' Stan Hu2016-07-012-1/+25
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix emoji paths in relative root configurations ## What does this MR do? If a site specifies a relative URL root, emoji files would omit the path from the URL, leading to lots of 404s. ## Are there points in the code the reviewer needs to double check? At first, I tried to use `ActionView::Helpers::AssetUrlHelper.asset_url` since this is what it's intended to do. But this helper function is extremely slow, and it took minutes to generate the URLs for the hundreds of links needed for each emoji. ## Why was this MR needed? Because emojis were broken in relative URL installations ## What are the relevant issue numbers? #15642 ## Does this MR meet the acceptance criteria? - [X] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - Tests - [X] Added for this feature/bug - [x] All builds are passing - [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [X] Branch has no merge conflicts with `master` (if you do - rebase it please) - [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5027
| * | | | | | | Fix emoji paths in relative root configurationsStan Hu2016-07-012-1/+25
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a site specifies a relative URL root, emoji files would omit the path from the URL, leading to lots of 404s. Closes #15642
* | | | | | | Merge branch 'upgrade-thin' into 'master' Robert Speicher2016-07-012-4/+4
|\ \ \ \ \ \ \ | |_|_|_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade Thin from 1.6.1 to 1.7.0. Includes support for Rack 2. Working toward #14286. Changelog: https://github.com/macournoyer/thin/blob/master/CHANGELOG See merge request !5047
| * | | | | | Upgrade Thin from 1.6.1 to 1.7.0.Connor Shea2016-07-012-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Includes support for Rack 2. Changelog: https://github.com/macournoyer/thin/blob/master/CHANGELOG
* | | | | | | Merge branch 'todos-api' into 'master' Rémy Coutable2016-07-0112-1/+970
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add Todos API * Closes #14068 * Closes #14675 - [x] Implementation - [x] Tests - [x] Documentation - [x] Changelog See merge request !3188
| * | | | | | | Support creating a todo on issuables via APItodos-apiRobert Schilling2016-07-014-2/+268
| | | | | | | |
| * | | | | | | Expose target, filter by state as stringRobert Schilling2016-07-015-120/+377
| | | | | | | |
| * | | | | | | Add todos API documentation and changelogRobert Schilling2016-07-014-3/+220
| | | | | | | |
| * | | | | | | pass paginated array when deleting notesRobert Schilling2016-07-011-1/+1
| | | | | | | |
| * | | | | | | Expose action_nameRobert Schilling2016-07-013-1/+13
| | | | | | | |
| * | | | | | | Assert response bodyRobert Schilling2016-07-011-1/+12
| | | | | | | |
| * | | | | | | Add user to project to see todosRobert Schilling2016-07-012-1/+6
| | | | | | | |
| * | | | | | | Move to helper, no instance variablesRobert Schilling2016-07-013-17/+10
| | | | | | | |
| * | | | | | | Make tests follow the guidelinesRobert Schilling2016-07-011-10/+20
| | | | | | | |
| * | | | | | | Fix rebaseRobert Schilling2016-07-011-4/+0
| | | | | | | |
| * | | | | | | Add Todos APIDouglas Barbosa Alexandre2016-07-017-1/+203
| | |_|/ / / / | |/| | | | |