blob: bf7ce674bb5a3bd50ecb3cd42921c6f49bd9e14f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
v2.5.0
- Support git-annex tool (disabled by default)
- Add rubocop (Ruby static code analyzer) for development
v2.4.3
- Print broadcast message if one is available
v2.4.2
- Pass git changes list as string instead of array
v2.4.1
- Access token masking in url before loging
v2.4.0
- Show error message when git push is rejected
v2.2.0
- Support for custom hooks (Drew Blessing and Jose Kahan)
v2.1.0
- Use secret token with GitLab internal API. Requires GitLab 7.5 or higher
v2.0.1
- Send post-receive changes to redis as a string instead of array
v2.0.0
- Works with GitLab v7.3+
- Replace raise with abort when checking path to prevent path exposure
- Handle invalid number of arguments on remote commands
- Replace update hook with pre-receive and post-receive hooks.
- Symlink the whole hooks directory
- Ignore missing repositories in create-hooks
- Connect to Redis via sockets by default
v1.9.7
- Increased test coverage
- By default use direct unicorn connection (localhost:8080)
- Fix wrong repo path send to GitLab by GitlabUpdate hook
v1.9.6
- Explicitly require 'timeout' from the standard library
v1.9.5
- Put authorized_keys.lock in the same directory as authorized_keys
- Use lock file when add new entries to authorized_keys
v1.9.4
- Use lock file when modify authorized_keys
v1.9.3
- Ignore force push detection for new branch or branch remove push
v1.9.2
- Add support for force push detection
v1.9.1
- Update hook sends branch and tag name
v1.9.0
- Call api in update hook for both ssdh and http push. Requires GitLab 6.7+
- Pass oldrev and newrev to api.allowed?
v1.8.5
- Add `gitlab-keys batch-add-keys` subcommand for authorized_keys rebuilds
v1.8.4
- Dont do import if repository exists
v1.8.3
- Add timeout option for repository import
v1.8.2
- Fix broken 1.8.1
v1.8.1
- Restrict Environment Variables
- Add bin/create-hooks command
- More safe shell execution
v1.8.0
- Fix return values in GitlabKeys
v1.7.9
- Fix escape of repository path for custom ssh port
v1.7.8
- Escape repository path to prevent relative links (CVE-2013-4583)
v1.7.7
- Separate options from arguments with -- (CVE-2013-4582)
- Bypass shell and use stdlib JSON for GitlabUpdate (CVE-2013-4581)
v1.7.6
- Fix gitlab-projects update-head for improted repo when branch exists but not listed in refs/head
v1.7.5
- Remove keys from authorized_keys using ruby instead of shell
v1.7.4
- More protection against shell injection (CVE-2013-4546)
v1.7.3
- Use Kernel#open to append lines to authorized_keys (CVE-2013-4490)
v1.7.2
- More safe command execution
v1.7.1
- Fixed issue when developers are able to push to protected branches that contain a '/' in the branch name.
v1.7.0
- Clean authorized_keys file with `gitlab-keys clear`
v1.6.0
- Create branch/tag functionality
- Remove branch/tag functionality
v1.5.0
- Logger
- Ability to specify ca_file/ca_path
- Update-head command for project
- Better regexp for key_id inside shell
v1.4.0
- Regex used in rm-key command was too lax
v1.3.0
- Fork-project command
- Custom redis configuration
- Interpret login with deploy key as anonymous one
v1.2.0
- Return non-zero result if gitlab-projects and gitlab-keys execution was not successful
- http_settings configuration option added
v1.1.0
- added mv-project feature
- increased test coverage
v1.0.4
- requires gitlab c9ca15e
- don't use post-receive file any more. Make all updates in update
- fixed issue with invalid GL_USER
- use GL_ID instead of GL_USER
|