summaryrefslogtreecommitdiff
path: root/app
Commit message (Expand)AuthorAgeFilesLines
* Return NO_ACCESS if user is nilPatrick Derichs2019-08-281-0/+2
* Prevent unauthorised comments on merge requestsAlex Kalderimis2019-08-262-4/+11
* Merge branch 'security-hide_merge_request_ids_on_emails-12-2' into '12-2-stable'GitLab Release Tools Bot2019-08-262-0/+6
|\
| * Prevent disclosure of merge request id via emailFelipe Artur2019-08-212-0/+6
* | Merge branch 'security-64711-fix-commit-todos-12-2' into '12-2-stable'GitLab Release Tools Bot2019-08-261-4/+2
|\ \
| * | Send TODOs for comments on commits correctlyNick Thomas2019-08-231-4/+2
| |/
* | Fix project import restricted visibility bypassGeorge Koltsov2019-08-261-11/+16
* | Merge branch 'security-epic-notes-api-reveals-historical-info-ce-12-2' into '...GitLab Release Tools Bot2019-08-263-2/+6
|\ \
| * | Filter out old system notes for epicsPatrick Derichs2019-08-193-2/+6
| |/
* | Merge branch 'security-fix-html-injection-for-label-description-ce-12-2' into...GitLab Release Tools Bot2019-08-262-3/+7
|\ \
| * | Fix html injection for label descriptionPatrick Derichs2019-08-192-3/+7
| |/
* | Merge branch 'security-mr-head-pipeline-leak-12-2' into '12-2-stable'GitLab Release Tools Bot2019-08-261-1/+8
|\ \
| * | Permission fix for MergeRequestsController#pipeline_statusdrew cimino2019-08-201-1/+8
| |/
* | Merge branch 'security-61974-limit-issue-comment-size-12-2' into '12-2-stable'GitLab Release Tools Bot2019-08-262-0/+2
|\ \
| * | Limit the size of issuable description and commentsAlexandru Croitor2019-08-222-0/+2
| |/
* | Merge branch 'security-id-filter-timeline-activities-for-guests-12-2' into '1...GitLab Release Tools Bot2019-08-261-1/+1
|\ \
| * | Add merge note type as cross referenceIgor Drozdov2019-08-211-1/+1
| |/
* | Merge branch 'security-12-2-enable-image-proxy' into '12-2-stable'GitLab Release Tools Bot2019-08-264-9/+55
|\ \
| * | Add support for using a Camo proxy serverBrett Walker2019-08-204-9/+55
| |/
* | Merge branch 'security-fix_jira_ssrf_vulnerability-12-2' into '12-2-stable'GitLab Release Tools Bot2019-08-261-1/+6
|\ \
| * | Fix DNS rebind vulnerability for JIRA integrationFelipe Artur2019-08-191-1/+6
| |/
* | Merge branch 'security-add-job-activity-limit-ce-12-2' into '12-2-stable'GitLab Release Tools Bot2019-08-262-1/+3
|\ \
| * | Add active_jobs_limit to plans tableFabio Pitino2019-08-202-1/+3
| |/
* | Merge branch 'security-sarcila-fix-weak-session-management-12-2' into '12-2-s...GitLab Release Tools Bot2019-08-261-0/+7
|\ \
| * | Add User#will_save_change_to_login? to clear reset_password_tokensSebastian Arcila Valenzuela2019-08-211-0/+7
| |/
* | Merge branch 'security-59549-add-capcha-for-failed-logins-12-2' into '12-2-st...GitLab Release Tools Bot2019-08-267-11/+62
|\ \
| * | Add captcha if there are multiple failed login attemptsMałgorzata Ksionek2019-08-217-11/+62
| |/
* | Merge branch 'security-katex-dos-12-2' into '12-2-stable'GitLab Release Tools Bot2019-08-261-18/+128
|\ \
| * | Enforce max chars and max render time in markdown mathMartin Hanzel2019-08-211-18/+128
| |/
* | Merge branch 'security-ci-metrics-permissions-12-2' into '12-2-stable'GitLab Release Tools Bot2019-08-261-0/+6
|\ \
| * | Restrict MergeRequests#test_reports to authenticated users with read-access o...drew cimino2019-08-221-0/+6
| |/
* | Merge branch 'security-personal-snippets-12-2' into '12-2-stable'GitLab Release Tools Bot2019-08-263-2/+12
|\ \
| * | Add direct upload support for personal snippetsJan Provaznik2019-08-233-2/+12
| |/
* | Merge branch 'security-group-runners-permissions-12-2' into '12-2-stable'GitLab Release Tools Bot2019-08-261-5/+1
|\ \
| * | admin_group authorization for Groups::RunnersControllerdrew cimino2019-08-221-5/+1
| |/
* | Merge branch 'master' into 'master'12-2-stable-patch-1Stan Hu2019-08-231-1/+1
* | Merge branch 'tr-param-undefined-fix' into 'master'Clement Ho2019-08-231-2/+2
|/
* Merge branch 'sh-fix-pipelines-not-being-created' into 'master'Nick Thomas2019-08-191-7/+12
* UI for disabling group/project email notificationBrett Walker2019-08-1713-23/+94
* Add new table to store email domainGosia Ksionek2019-08-161-0/+1
* Adds specific metric styles and propLaura Montemayor2019-08-162-14/+24
* Merge branch '66023-starrers-count-do-not-match-after-searching' into 'master'Stan Hu2019-08-161-16/+2
|\
| * Fix starrers counters after searchingDouglas Barbosa Alexandre2019-08-151-16/+2
* | Merge branch 'dm-process-commit-worker-n+1' into 'master'Stan Hu2019-08-162-17/+25
|\ \
| * | Look up upstream commits once before queuing ProcessCommitWorkersDouwe Maan2019-08-162-17/+25
* | | Expire project caches once per push instead of once per refStan Hu2019-08-164-15/+41
* | | Merge branch 'sh-fix-arel-deprecation-join' into 'master'Mayra Cabrera2019-08-161-2/+2
|\ \ \
| * | | Fix Arel deprecation warning in clusters_hierarchysh-fix-arel-deprecation-joinStan Hu2019-08-161-2/+2
* | | | Add clipboard button to metric chart dropdownTristan Read2019-08-163-3/+42
* | | | Merge branch 'mc/feature/pipeline-tracking-config-ce' into 'master'Kamil Trzciński2019-08-161-0/+4
|\ \ \ \