| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |\
| |
| |
| |
| |
| |
| | |
Render math in Asciidoc and Markdown with KaTeX using code blocks
Closes #13690 and #13180
See merge request !8003
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | | |
Minor improvements to nested groups code
See merge request !8011
|
| | |/
| |
| |
| | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |\ \
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Avoid escaping relative links in Markdown twice
## What does this MR do?
Avoid escaping relative links in Markdown twice.
## Why was this MR needed?
Relative links with special characters (e.g. spaces) were escaped twice.
## What are the relevant issue numbers?
closes #25191, #25318
See merge request !7940
|
| | | |
|
| |/ |
|
| | |
|
| |
|
|
| |
markdown
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix for HackerOne XSS vulnerability in markdown
This is an updated blacklist patch to fix https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2007. No text is removed. Dangerous schemes/protocols and invalid URIs are left intact but not linked.
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23153
See merge request !2015
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
disable markdown in comments when referencing disabled features
fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23548
This MR prevents the following references when tool is disabled:
- issues
- snippets
- commits - when repo is disabled
- commit range - when repo is disabled
- milestones
This MR does not prevent references to repository files, since they are just markdown links and don't leak
information.
See merge request !2011
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | |
|
| |
|
|
| |
Fixes: https://gitlab.com/gitlab-org/gitlab-ce/issues/18096
|
| |
|
|
|
|
| |
Do not pass project.owner because it may return a group and Labels::FindOrCreateService
throws an error in this case.
Fixes #23694.
|
| | |
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add group level labels
## What does this MR do?
Add group level labels.
## Are there points in the code the reviewer needs to double check?
* `LabelsFinder`
* `Gitlab::Gfm::ReferenceRewriter`
* `Banzai::Filter::LabelReferenceFilter`
## Why was this MR needed?
We'll be adding more feature that allow you to do cross-project management of issues.
## Screenshots (if relevant)
* Group Labels
* Project Labels
* Expanded references for group labels when moving issue to another project
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [x] API support added
- Tests
- [x] Added for this feature/bug
- [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
#19997
See merge request !6425
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| |/
|/|
| |
| |
| |
| | |
Prevent wrong markdown on issue ids when project has Jira service activated
fixes gitlab-org/gitlab-ee#828
See merge request !6728
|
| | | |
|
| |\ \
| |/
|/|
| |
| | |
fix: commit messages being double-escaped in activities tab
See merge request !6937
|
| | | |
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
Ensure that external URLs with non-lowercase protocols will be attributed
with 'nofollow noreferrer' and open up in a new window.
Covers the edge cases to skip:
- HTTPS schemes
- relative links
Closes #22782
|
| | |
|
| |
|
|
|
|
|
| |
Using `extend self` prevents GitLab Performance Monitoring from being
able to track class methods.
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23347
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit alters views for the following models to use the markdown cache if
present:
* AbuseReport
* Appearance
* ApplicationSetting
* BroadcastMessage
* Group
* Issue
* Label
* MergeRequest
* Milestone
* Project
At the same time, calls to `escape_once` have been moved into the `single_line`
Banzai pipeline, so they can't be missed out by accident and the work is done
at save, rather than render, time.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This commit adds a number of _html columns and, with the exception of Note,
starts updating them whenever the content of their partner fields changes.
Note has a collision with the note_html attr_accessor; that will be fixed later
A background worker for clearing these cache columns is also introduced - use
`rake cache:clear` to set it off. You can clear the database or Redis caches
separately by running `rake cache:clear:db` or `rake cache:clear:redis`,
respectively.
|
| |\
| |
| |
| | |
See !6474.
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Closes #22911
|
| |/ |
|
| | |
|
| |
|
|
|
|
| |
Before we weren’t caching current_project_ref because normally the reference to
the current project doesn’t include the path with namespace. But now we store
the current project in the projects reference cache to be used for the same
filter when accessing using path with namespace of for subsequent filters executed on the cache.
|
