| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| | |
Don't garbage collect commits that have related DB records like comments
Closes #13524
Also needed for https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4101.
See merge request !5062
|
| | |
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Downgrade to Redis 3.2.2 due to massive memory leak with Sidekiq
This affects GitLab 8.8 and 8.9. See:
* https://github.com/mperham/sidekiq/blob/master/Changes.md#413
* https://gitlab.com/gitlab-org/gitlab-ce/issues/19441
See merge request !5056
|
| |/
| |
| |
| |
| |
| |
| | |
See:
https://github.com/mperham/sidekiq/blob/master/Changes.md#413
https://gitlab.com/gitlab-org/gitlab-ce/issues/19441
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Update RedCloth to 4.3.2 for CVE-2012-6684
## What does this MR do?
To fix XSS (CVE-2012-6684), upgrade RedCloth to 4.3.2.
## Are there points in the code the reviewer needs to double check?
No.
## Why was this MR needed?
Security vulnerability in RedCloth (CVE-2012-6684) should be fixed to provide GitLab as a secure software.
## What are the relevant issue numbers?
Closes #19169
cf. !2037, !2071
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [n/a] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [n/a] API support added
- Tests
- [n/a] Added for this feature/bug
- [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !4929
|
| | | |
|
| | | |
|
|\ \ \
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
'19448-merge-requests-api-has-incorrect-documentation-regarding-merge_when_build_succeeds' into 'master'
Fix typo in Merge Requests API documentation
Closes #19448
See merge request !5057
|
|/ / |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Groundwork for Kerberos SPNEGO (EE feature)
Refactor Projecst::GitHttpController to allow Kerberos integration in GitLab EE.
Companion to https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/509
See merge request !5037
|
| | | |
|
|\ \ \
| |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Exclude requesters from Project#members, Group#members and User#members
## What does this MR do?
It excludes requesters from the `Project#members`, `Group#members` and `User#members` associations, and adds new `Project#requesters` and `Group#requesters` associations.
## Are there points in the code the reviewer needs to double check?
No.
## Why was this MR needed?
Without this, if you call `project.members`, requesters are included in the results! This is at best misleading, and at worst can lead to security issues. By excluding requesters from the `#members` associations, we avoid introducing security inadvertently since you have to call the `#requesters` association explicitly to get requesters.
## What are the relevant issue numbers?
This is something I realized while fixing the security issue #19102.
## Does this MR meet the acceptance criteria?
- [x] I don't think this needs a CHANGELOG since this is an internal change
- Tests
- [x] Added for this feature/bug
- [ ] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !4946
|
| | |
| | |
| | |
| | |
| | |
| | | |
And create new Project#requesters, Group#requesters scopes.
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Upgrade Sidekiq from 4.1.2 to 4.1.4.
Adds a dependency on Sinatra and allows Sinatra 2 for eventual support of Rack 2.
Changelog: https://github.com/mperham/sidekiq/blob/master/Changes.md#414
Working toward #14286.
See merge request !5044
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Adds a dependency on Sinatra and allows Sinatra 2 for eventual support of Rack 2.
Changelog: https://github.com/mperham/sidekiq/blob/master/Changes.md#414
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Upgrade seed-fu from 2.3.5 to 2.3.6
Adds Rails 5 support. Working toward #14286.
Changelog: https://github.com/mbleigh/seed-fu/blob/master/CHANGELOG.md#version-236
See merge request !5042
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | | |
Adds Rails 5 support.
Changelog: https://github.com/mbleigh/seed-fu/blob/master/CHANGELOG.md#version-236
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Upgrade sass-rails
## What does this MR do?
Upgrades sass-rails from 5.0.4 to 5.0.5. Includes support for Rails 5.
Changelog: https://github.com/rails/sass-rails/releases
Working toward #14286
See merge request !5030
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Upgrade sass-rails from 5.0.4 to 5.0.5. Includes support for Rails 5.
Changelog: https://github.com/rails/sass-rails/releases
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Enable Style/EmptyLines Rubocop cop
#17478
See merge request !5013
|
| | | | | | |
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
'master'
Renable import button when import process fail due to the namespace already been taken
Closes #19435
## Screenshots (if relevant)
Before:
![1](/uploads/e8de1b326e0751891f667630a7685f6a/1.png)<br/><br/>
After:
![2](/uploads/566f1fd5442c28232350689fce8eae76/2.png)
See merge request !5053
|
| | | | | | |
|
| | | | | | |
|
|/ / / / / |
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fix snippets comments not displayed
## What does this MR do?
Fix an issue where comments body were not displayed for project snippets anymore (see commit for details).
## Are there points in the code the reviewer needs to double check?
No.
## Why was this MR needed?
Because of #19388.
## What are the relevant issue numbers?
Fixes #19388.
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- Tests
- [ ] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !5045
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The issue was that @notes were not passed to Banzai::NoteRenderer.render
in Projects::SnippetsController#show. This was forgotten in d470f3d1.
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
adding link to .gitlab-ci.yml templates
closes #18998
## What does this MR do?
Add link to CI templates
## Are there points in the code the reviewer needs to double check?
No
## Why was this MR needed?
Asked by Sid - see #18998
## What are the relevant issue numbers?
up
## Screenshots (if relevant)
## Does this MR meet the acceptance criteria?
- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
- [ ] Added for this feature/bug
- [ ] All builds are passing
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !5033
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Fix emoji paths in relative root configurations
## What does this MR do?
If a site specifies a relative URL root, emoji files would omit the path from the URL, leading to lots of 404s.
## Are there points in the code the reviewer needs to double check?
At first, I tried to use `ActionView::Helpers::AssetUrlHelper.asset_url` since this is what it's intended to do. But this helper function is extremely slow, and it took minutes to generate the URLs for the hundreds of links needed for each emoji.
## Why was this MR needed?
Because emojis were broken in relative URL installations
## What are the relevant issue numbers?
#15642
## Does this MR meet the acceptance criteria?
- [X] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- Tests
- [X] Added for this feature/bug
- [x] All builds are passing
- [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [X] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !5027
|
| | |/ / / / /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
If a site specifies a relative URL root, emoji files would omit the path from
the URL, leading to lots of 404s.
Closes #15642
|
|\ \ \ \ \ \ \
| |_|_|_|_|/ /
|/| | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Upgrade Thin from 1.6.1 to 1.7.0.
Includes support for Rack 2. Working toward #14286.
Changelog: https://github.com/macournoyer/thin/blob/master/CHANGELOG
See merge request !5047
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Includes support for Rack 2.
Changelog: https://github.com/macournoyer/thin/blob/master/CHANGELOG
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Add Todos API
* Closes #14068
* Closes #14675
- [x] Implementation
- [x] Tests
- [x] Documentation
- [x] Changelog
See merge request !3188
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | |_|/ / / /
| |/| | | | | |
|