From ba7c501fef5976ea7a1cc4212e84742246fed781 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Sat, 17 Aug 2019 15:39:39 -0700 Subject: Fix Gitaly N+1 calls with listing issues/MRs via API In GitLab 9.0, https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9661 removed the `subscribed` flag from the API when the user requested a list of issues or merge requests since calculating this value triggers extensive Markdown processing. In GitLab 12.0 via a4fbf39e, we accidentally reintroduced this performance regression by changing `IssueBasic` to `Issue` in `entities.rb`. This showed up as a Gitaly N+1 issue since the Markdown processing would attempt to extract a commit if it detected a regex that matched a commit. We restore the prior behavior by once again removing the `subscribed` flag for the bulk list of issues and merge requests and add a test to ensure they aren't reintroduced. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66202 --- doc/api/issues.md | 2 -- 1 file changed, 2 deletions(-) (limited to 'doc/api/issues.md') diff --git a/doc/api/issues.md b/doc/api/issues.md index 96a547551f1..11c18ef94ba 100644 --- a/doc/api/issues.md +++ b/doc/api/issues.md @@ -136,7 +136,6 @@ Example response: "award_emoji":"http://example.com/api/v4/projects/1/issues/76/award_emoji", "project":"http://example.com/api/v4/projects/1" }, - "subscribed": false, "task_completion_status":{ "count":0, "completed_count":0 @@ -441,7 +440,6 @@ Example response: "award_emoji":"http://example.com/api/v4/projects/4/issues/41/award_emoji", "project":"http://example.com/api/v4/projects/4" }, - "subscribed": false, "task_completion_status":{ "count":0, "completed_count":0 -- cgit v1.2.1 From 44ca24f4f25c022904d3dc8641ddf1cf10fe8fae Mon Sep 17 00:00:00 2001 From: Markus Koller Date: Mon, 19 Aug 2019 20:55:56 +0200 Subject: Fix outdated references to soft deletion We stopped using soft deletion for issues and merge requests in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15789, and for boards we apparently never used it. --- doc/api/issues.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'doc/api/issues.md') diff --git a/doc/api/issues.md b/doc/api/issues.md index 96a547551f1..ebb1ebb6815 100644 --- a/doc/api/issues.md +++ b/doc/api/issues.md @@ -790,7 +790,7 @@ the `weight` parameter: ## Delete an issue -Only for admins and project owners. Soft deletes the issue in question. +Only for admins and project owners. Deletes the issue in question. ``` DELETE /projects/:id/issues/:issue_iid -- cgit v1.2.1 From 5af535d919c50951513f5859730afd924a01c29b Mon Sep 17 00:00:00 2001 From: Alexandru Croitor Date: Wed, 17 Jul 2019 12:54:40 +0300 Subject: Limit the size of issuable description and comments Limiting the size of issuable description and comments to 1_000_000, which is close to ~1MB of ASCII characters, which represents 99.9% of all descriptions and comments we have in DB at the moment. This should help prevent DoS attacks when comments contain refference strings. Also this change updates regexp matching the namespaces paths by limiting the namespaces paths to Namespace::NUMBER_OF_ANCESTORS_ALLOWED, as we allow 20 levels deep groups. see https://gitlab.com/gitlab-org/gitlab-ce/issues/61974#note_191274234 --- doc/api/issues.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'doc/api/issues.md') diff --git a/doc/api/issues.md b/doc/api/issues.md index 96a547551f1..ef479bc9829 100644 --- a/doc/api/issues.md +++ b/doc/api/issues.md @@ -593,7 +593,7 @@ POST /projects/:id/issues | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | | `iid` | integer/string | no | The internal ID of the project's issue (requires admin or project owner rights) | | `title` | string | yes | The title of an issue | -| `description` | string | no | The description of an issue | +| `description` | string | no | The description of an issue. Limited to 1 000 000 characters. | | `confidential` | boolean | no | Set an issue to be confidential. Default is `false`. | | `assignee_ids` | integer array | no | The ID of a user to assign issue | | `milestone_id` | integer | no | The global ID of a milestone to assign issue | @@ -694,7 +694,7 @@ PUT /projects/:id/issues/:issue_iid | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | | `title` | string | no | The title of an issue | -| `description` | string | no | The description of an issue | +| `description` | string | no | The description of an issue. Limited to 1 000 000 characters. | | `confidential` | boolean | no | Updates an issue to be confidential | | `assignee_ids` | integer array | no | The ID of the user(s) to assign the issue to. Set to `0` or provide an empty value to unassign all assignees. | | `milestone_id` | integer | no | The global ID of a milestone to assign the issue to. Set to `0` or provide an empty value to unassign a milestone.| -- cgit v1.2.1 From f5b855546ed9b2c304b72e349af3f23c4eca549d Mon Sep 17 00:00:00 2001 From: Alexandru Croitor Date: Thu, 15 Aug 2019 13:56:33 +0300 Subject: Update sort options for issues list Increase sort options for issues list from updated_at and create_at, to include more options close to what is required in actual issue list UI. This helps us to use REST API for issues list with sorting capabilities https://gitlab.com/gitlab-org/gitlab-ce/issues/57402 --- doc/api/issues.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'doc/api/issues.md') diff --git a/doc/api/issues.md b/doc/api/issues.md index 4f2b4a966c9..8313dd2c3bd 100644 --- a/doc/api/issues.md +++ b/doc/api/issues.md @@ -49,7 +49,7 @@ GET /issues?confidential=true | `my_reaction_emoji` | string | no | Return issues reacted by the authenticated user by the given `emoji`. `None` returns issues not given a reaction. `Any` returns issues given at least one reaction. _([Introduced][ce-14016] in GitLab 10.0)_ | | `weight` **(STARTER)** | integer | no | Return issues with the specified `weight`. `None` returns issues with no weight assigned. `Any` returns issues with a weight assigned. | | `iids[]` | integer array | no | Return only the issues having the given `iid` | -| `order_by` | string | no | Return issues ordered by `created_at` or `updated_at` fields. Default is `created_at` | +| `order_by` | string | no | Return issues ordered by `created_at`, `updated_at`, `priority`, `due_date`, `relative_position`, `label_priority`, `milestone_due`, `popularity`, `weight` fields. Default is `created_at` | | `sort` | string | no | Return issues sorted in `asc` or `desc` order. Default is `desc` | | `search` | string | no | Search issues against their `title` and `description` | | `in` | string | no | Modify the scope of the `search` attribute. `title`, `description`, or a string joining them with comma. Default is `title,description` | @@ -198,7 +198,7 @@ GET /groups/:id/issues?confidential=true | `assignee_username` | string array | no | Return issues assigned to the given `username`. Similar to `assignee_id` and mutually exclusive with `assignee_id`. In CE version `assignee_username` array should only contain a single value or an invalid param error will be returned otherwise. | | `my_reaction_emoji` | string | no | Return issues reacted by the authenticated user by the given `emoji`. `None` returns issues not given a reaction. `Any` returns issues given at least one reaction. _([Introduced][ce-14016] in GitLab 10.0)_ | | `weight` **(STARTER)** | integer | no | Return issues with the specified `weight`. `None` returns issues with no weight assigned. `Any` returns issues with a weight assigned. | -| `order_by` | string | no | Return issues ordered by `created_at` or `updated_at` fields. Default is `created_at` | +| `order_by` | string | no | Return issues ordered by `created_at`, `updated_at`, `priority`, `due_date`, `relative_position`, `label_priority`, `milestone_due`, `popularity`, `weight` fields. Default is `created_at` | | `sort` | string | no | Return issues sorted in `asc` or `desc` order. Default is `desc` | | `search` | string | no | Search group issues against their `title` and `description` | | `created_after` | datetime | no | Return issues created on or after the given time | @@ -347,7 +347,7 @@ GET /projects/:id/issues?confidential=true | `assignee_username` | string array | no | Return issues assigned to the given `username`. Similar to `assignee_id` and mutually exclusive with `assignee_id`. In CE version `assignee_username` array should only contain a single value or an invalid param error will be returned otherwise. | | `my_reaction_emoji` | string | no | Return issues reacted by the authenticated user by the given `emoji`. `None` returns issues not given a reaction. `Any` returns issues given at least one reaction. _([Introduced][ce-14016] in GitLab 10.0)_ | | `weight` **(STARTER)** | integer | no | Return issues with the specified `weight`. `None` returns issues with no weight assigned. `Any` returns issues with a weight assigned. | -| `order_by` | string | no | Return issues ordered by `created_at` or `updated_at` fields. Default is `created_at` | +| `order_by` | string | no | Return issues ordered by `created_at`, `updated_at`, `priority`, `due_date`, `relative_position`, `label_priority`, `milestone_due`, `popularity`, `weight` fields. Default is `created_at` | | `sort` | string | no | Return issues sorted in `asc` or `desc` order. Default is `desc` | | `search` | string | no | Search project issues against their `title` and `description` | | `created_after` | datetime | no | Return issues created on or after the given time | -- cgit v1.2.1 From 440635015fbea129cbfd7b266589ea2a33dda471 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Fri, 23 Aug 2019 16:38:01 -0700 Subject: Fix N+1 Gitaly calls in /api/v4/projects/:id/issues This is a follow-up from https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/31938. In GitLab 9.0, https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9661 removed the `subscribed` flag from the API when the user requested a list of issues or merge requests since calculating this value triggers extensive Markdown processing. In GitLab 12.0 via a4fbf39e, we accidentally reintroduced this performance regression by changing `IssueBasic` to `Issue` in `entities.rb`. This showed up as a Gitaly N+1 issue since the Markdown processing would attempt to extract a commit if it detected a regex that matched a commit. We restore the prior behavior by once again removing the `subscribed` flag for the bulk list of issues and merge requests and add a test to ensure they aren't reintroduced. Relates to https://gitlab.com/gitlab-org/gitlab-ce/issues/66202 --- doc/api/issues.md | 1 - 1 file changed, 1 deletion(-) (limited to 'doc/api/issues.md') diff --git a/doc/api/issues.md b/doc/api/issues.md index 8313dd2c3bd..cadc9291489 100644 --- a/doc/api/issues.md +++ b/doc/api/issues.md @@ -284,7 +284,6 @@ Example response: "award_emoji":"http://example.com/api/v4/projects/4/issues/41/award_emoji", "project":"http://example.com/api/v4/projects/4" }, - "subscribed": false, "task_completion_status":{ "count":0, "completed_count":0 -- cgit v1.2.1