summaryrefslogtreecommitdiff
path: root/Gemfile.lock
Commit message (Collapse)AuthorAgeFilesLines
* Bump fog to 1.36.0Stan Hu2016-01-111-17/+63
| | | | Closes #4231
* Add versions to omniauth_crowd and omniauth-azure-oauth2rs-omniauth-client-versionsRobert Speicher2016-01-101-2/+2
| | | | Also sorts them alphabetically, because OCD.
* Remove stamp gemRobert Speicher2016-01-071-2/+0
| | | | Closes #5908
* fixes ajax issue with issue specajax-issues-fixJacob Schatz2016-01-071-6/+6
|
* Merge branch 'master' of github.com:gitlabhq/gitlabhqJacob Vosmaer2016-01-071-1/+1
|
* Enable Microsoft Azure OAuth2 supportJanis Meybohm2016-01-061-0/+5
|
* Merge branch 'rs-bump-bootstrap-sass' into 'master' Dmitriy Zaporozhets2016-01-041-5/+5
|\ | | | | | | | | | | | | | | | | Bump bootstrap-sass to ~> 3.3.0 Resolves bootlint error: `bootlint: W013 Bootstrap version might be outdated. Latest version is at least 3.3.6 ; saw what appears to be usage of Bootstrap 3.3.5` See merge request !2275
| * Bump bootstrap-sass to ~> 3.3.0rs-bump-bootstrap-sassRobert Speicher2016-01-011-5/+5
| |
* | Bump d3_rails to ~> 3.5.0Robert Speicher2016-01-011-1/+1
| |
* | Bump cal-heatmap-rails to ~> 3.5.0Robert Speicher2016-01-011-2/+2
|/
* Updated allocations Gem to version 1.0.3update-allocations-gemYorick Peterse2015-12-311-1/+1
|
* Merge branch 'influxdb' into 'master' Dmitriy Zaporozhets2015-12-281-11/+20
|\ | | | | | | | | | | | | Storing of application metrics in InfluxDB This adds support for tracking metrics in InfluxDB, which in turn can be visualized using Grafana. For more information see #2936. See merge request !2042
| * Track object counts using the "allocations" GemYorick Peterse2015-12-171-0/+2
| | | | | | | | | | This allows us to track the counts of actual classes instead of "T_XXX" nodes. This is only enabled on CRuby as it uses CRuby specific APIs.
| * Instrument all ActiveRecord model methodsYorick Peterse2015-12-171-0/+1
| | | | | | | | | | | | | | | | | | | | | | This works by searching the raw source code for any references to commonly used ActiveRecord methods. While not bulletproof it saves us from having to list hundreds of methods by hand. It also ensures that (most) newly added methods are instrumented automatically. This _only_ instruments models defined in app/models, should a model reside somewhere else (e.g. somewhere in lib/) it _won't_ be instrumented.
| * Storing of application metrics in InfluxDBYorick Peterse2015-12-171-12/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds the ability to write application metrics (e.g. SQL timings) to InfluxDB. These metrics can in turn be visualized using Grafana, or really anything else that can read from InfluxDB. These metrics can be used to track application performance over time, between different Ruby versions, different GitLab versions, etc. == Transaction Metrics Currently the following is tracked on a per transaction basis (a transaction is a Rails request or a single Sidekiq job): * Timings per query along with the raw (obfuscated) SQL and information about what file the query originated from. * Timings per view along with the path of the view and information about what file triggered the rendering process. * The duration of a request itself along with the controller/worker class and method name. * The duration of any instrumented method calls (more below). == Sampled Metrics Certain metrics can't be directly associated with a transaction. For example, a process' total memory usage is unrelated to any running transactions. While a transaction can result in the memory usage going up there's no accurate way to determine what transaction is to blame, this becomes especially problematic in multi-threaded environments. To solve this problem there's a separate thread that takes samples at a fixed interval. This thread (using the class Gitlab::Metrics::Sampler) currently tracks the following: * The process' total memory usage. * The number of file descriptors opened by the process. * The amount of Ruby objects (using ObjectSpace.count_objects). * GC statistics such as timings, heap slots, etc. The default/current interval is 15 seconds, any smaller interval might put too much pressure on InfluxDB (especially when running dozens of processes). == Method Instrumentation While currently not yet used methods can be instrumented to track how long they take to run. Unlike the likes of New Relic this doesn't require modifying the source code (e.g. including modules), it all happens from the outside. For example, to track `User.by_login` we'd add the following code somewhere in an initializer: Gitlab::Metrics::Instrumentation. instrument_method(User, :by_login) to instead instrument an instance method: Gitlab::Metrics::Instrumentation. instrument_instance_method(User, :save) Instrumentation for either all public model methods or a few crucial ones will be added in the near future, I simply haven't gotten to doing so just yet. == Configuration By default metrics are disabled. This means users don't have to bother setting anything up if they don't want to. Metrics can be enabled by editing one's gitlab.yml configuration file (see config/gitlab.yml.example for example settings). == Writing Data To InfluxDB Because InfluxDB is still a fairly young product I expect the worse. Data loss, unexpected reboots, the database not responding, you name it. Because of this data is _not_ written to InfluxDB directly, instead it's queued and processed by Sidekiq. This ensures that users won't notice anything when InfluxDB is giving trouble. The metrics worker can be started in a standalone manner as following: bundle exec sidekiq -q metrics The corresponding class is called MetricsWorker.
* | Merge branch 'add-recaptcha-support' into 'master' Dmitriy Zaporozhets2015-12-281-0/+3
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for Google reCAPTCHA in user registration to prevent spammers To do: - [x] Failing reCAPTCHA test causes all the fields to be lost - ~~[ ] Improve styling of reCAPTCHA box~~ (not possible) - ~~[ ] Put settings in `application_settings` (?)~~ ![image](/uploads/d38ca89820d3c0066fb8aeb645fd77f0/image.png) ![image](/uploads/6b050749963691b023d076682abcf736/image.png) Page when you fail CAPTCHA: ![image](/uploads/bc4846f0a5144985bc41dfa75eeab4c1/image.png) See merge request !2216
| * | Add support for Google reCAPTCHA in user registration to prevent spammersStan Hu2015-12-271-0/+3
| | |
* | | Bump brakeman to ~> 3.1.0Robert Speicher2015-12-271-8/+14
|/ /
* | Bump underscore-rails to ~> 1.8.0rs-bump-underscore-railsRobert Speicher2015-12-231-2/+2
| | | | | | | | Addresses #2857
* | Merge branch 'rs-update-jquery' into 'master' Dmitriy Zaporozhets2015-12-231-5/+6
|\ \ | | | | | | | | | | | | | | | | | | Bump jquery-rails to ~> 4.0.0, jquery-ui-rails to ~> 5.0.0 Closes #2859 See merge request !2183
| * | Bump jquery-rails to ~> 4.0.0, jquery-ui-rails to ~> 5.0.0Robert Speicher2015-12-221-5/+6
| | |
* | | Bump sass-rails to ~> 5.0.0rs-update-sass-railsRobert Speicher2015-12-221-6/+7
|/ /
* | Merge branch 'rs-bump-nokogiri' into 'master' Robert Speicher2015-12-221-1/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Explicitly require Nokogiri 1.6.7.1 due to security issue ``` Name: nokogiri Version: 1.6.7 Advisory: CVE-2015-5312 Criticality: High URL: https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s Title: Nokogiri gem contains several vulnerabilities in libxml2 Solution: upgrade to >= 1.6.7.1 ``` See merge request !2154
| * | Explicitly require Nokogiri 1.6.7.1 due to security issuers-bump-nokogiriRobert Speicher2015-12-181-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Name: nokogiri Version: 1.6.7 Advisory: CVE-2015-5312 Criticality: High URL: https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s Title: Nokogiri gem contains several vulnerabilities in libxml2 Solution: upgrade to >= 1.6.7.1
* | | Merge branch 'tduehr/gitlab-ce-cas-support'Douwe Maan2015-12-211-0/+5
|\ \ \ | |/ / |/| |
| * | add CAS authentication supporttduehr2015-12-141-0/+5
| | |
* | | Bump Rack Attack to v4.3.1 for security fixStan Hu2015-12-181-2/+2
| |/ |/| | | | | https://github.com/kickstarter/rack-attack/releases/tag/v4.3.1
* | Upgrade Poltergeist to 1.8.1. #4131issue_4131Rubén Dávila2015-12-171-5/+5
| |
* | Merge branch 'feature/remove-celluloid' into 'master' Dmitriy Zaporozhets2015-12-161-25/+4
|\ \ | | | | | | | | | | | | | | | | | | Update rerun to remove celluloid as dependency After sidekiq 4 migration, we no longer need celluloid. `rerun` recent version also removed it from its dependency, so by getting this MR merged, we can solve #3797 See merge request !2088
| * | Update rerun to remove celluloid as dependencyfeature/remove-celluloidGabriel Mazetto2015-12-131-25/+4
| |/
* | Updated Rubocop to latest versionGabriel Mazetto2015-12-141-6/+7
|/
* Revert "Merge branch 'remove-redcloth' into 'master' "revert-2037Douwe Maan2015-12-111-0/+2
| | | | | This reverts commit e426c027b0a2a3aa0dea1d833008f2bfd814f483, reversing changes made to c3676aa156981092b7f03f1a3e74bb819cfa2fc3.
* Merge branch 'rs-update-gitlab_emoji' into 'master' Valery Sizov2015-12-111-1/+1
|\ | | | | | | | | | | | | | | Bump gitlab_emoji to ~> 0.2.0 A new version of this gem was released October 29th but was never bumped in GitLab. See merge request !1994
| * Bump gitlab_emoji to ~> 0.2.0rs-update-gitlab_emojiRobert Speicher2015-12-051-1/+1
| |
* | Merge branch 'bump-devise-3.5.3' into 'master' Dmitriy Zaporozhets2015-12-111-2/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bump devise to 3.5.3 to fix reset token expiring after account creation Also fixes an incorrect redirect after login with relative URL root: Closes https://github.com/gitlabhq/gitlabhq/issues/8228 Closes #2750 See merge request !2056
| * | Bump devise to 3.5.3 to fix reset token expiring after account creationStan Hu2015-12-101-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Also fixes an incorrect redirect after login with relative URL root: Closes https://github.com/gitlabhq/gitlabhq/issues/8228 Closes #2750
* | | Upgraded Sidekiq to 4.xfeature/sidekiq-4Gabriel Mazetto2015-12-101-7/+9
|/ /
* | Remove RedCloth and no longer allow bundle-audit to failDouwe Maan2015-12-091-2/+0
| |
* | Merge branch 'bump-gollum-version' into 'master' Valery Sizov2015-12-081-3/+3
|\ \ | | | | | | | | | | | | | | | | | | Bump gollum-lib to 4.1.0 and fix dependency mismatch with rouge Closes #3767 See merge request !2017
| * | Bump gollum-lib to 4.1.0 and fix dependency mismatch with rougeStan Hu2015-12-081-3/+3
| | | | | | | | | | | | Closes #3767
* | | Merge branch 'serve_lfs_object' into 'master' Douwe Maan2015-12-081-1/+1
|\ \ \ | |/ / |/| | | | | | | | | | | | | | Serve LFS object Depends on gitlab-org/gitlab_git!57 See merge request !1976
| * | Rename blob helper, bump version of gitlab_git to 7.2.21.Marin Jankovski2015-12-071-1/+1
| |/
* | add explicit reference to rouge 1.10.1gemfile_fixValery Sizov2015-12-081-0/+1
| |
* | Merge branch 'feature/sidekiq-cron' into 'master' Dmitriy Zaporozhets2015-12-071-16/+30
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | Migrate from Sidetiq to Sidekiq-cron Migrate from Sidetiq to Sidekiq-cron Updated Sidekiq to 3.5.x This will solve #2355 See merge request !1982
| * | Migrate from Sidetiq to Sidekiq-cronfeature/sidekiq-cronGabriel Mazetto2015-12-041-16/+30
| |/ | | | | | | Updated Sidekiq to 3.5.x
* | Fix Error 500 when creating global milestones with Unicode charactersStan Hu2015-12-051-0/+2
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Two issues: 1. The constraints in the resources were incorrect. Here's what it was before: ``` group_milestone GET /groups/:group_id/milestones/:id(.:format) groups/milestones#show {:id=>/[a-zA-Z.0-9_\-]+(?<!\.atom)/, :group_id=>/[a-zA-Z.0-9_\-]+(?<!\.atom)/} ``` In this case, id is actually the title of the milestone, which can be anything at the moment. After: ``` group_milestone GET /groups/:group_id/milestones/:id(.:format) groups/milestones#show {:id=>/[^\/]+/, :group_id=>/[a-zA-Z.0-9_\-]+(?<!\.atom)/} ``` 2. `parameterize` would strip all Unicode characters, leaving a blank string. Rails would report something like: ActionView::Template::Error (No route matches {:action=>"show", :controller=>"groups/milestones", :group_id=>#<Group id: 48, name: "ops-dev", path: "ops-dev", owner_id: nil, created_at: "2015-11-15 08:55:30", updated_at: "2015-12-02 06:23:26", type: "Group", description: "", avatar: "sha1.c71e73d51af1865c1bbbf6208e10044d46c9bb93.png", public: false>, :id=>"", :title=>"肯定不是中文的问题"} missing required keys: [:id]): This change uses the babosa library to create a better slug, which surprisingly isn't actually used by the global milestone controllers. Instead, they use the title passed as a query string for some reason. Closes https://github.com/gitlabhq/gitlabhq/issues/9881 Fix constraints
* fix Celluloid warningsValery Sizov2015-12-031-18/+3
|
* Merge branch 'rails_update_to_4_2' into 'master' Valery Sizov2015-11-301-100/+145
|\ | | | | | | | | | | | | Rails update to 4.2.4 https://gitlab.com/gitlab-org/gitlab-ce/issues/2694 See merge request !1902
| * fix specsrails_update_to_4_2Valery Sizov2015-11-301-2/+2
| |
| * Migrate mailers to ActiveJobValery Sizov2015-11-261-0/+1
| |