BigW Consortium Gitlab

Commit 4f72e7c6 by Lin Jen-Shin

Update CHANGELOG.md for 9.0.7

[ci skip]
parent 6fbc96bf
......@@ -2,6 +2,18 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
## 9.0.7 (2017-05-05)
- Enforce project features when searching blobs and wikis.
- Fixed branches dropdown rendering branch names as HTML.
- Make Asciidoc & other markup go through pipeline to prevent XSS.
- Validate URLs in markdown using URI to detect the host correctly.
- Fix for XSS in project import view caused by Hamlit filter usage.
- Sanitize submodule URLs before linking to them in the file tree view.
- Refactor snippets finder & dont return internal snippets for external users.
- Fix snippets visibility for show action - external users can not see internal snippets.
- Do not show private groups on subgroups page if user doesn't have access to.
## 9.0.6 (2017-04-21)
- Bugfix: POST /projects/:id/hooks and PUT /projects/:id/hook/:hook_id no longer ignore the the job_events param in the V4 API. !10586
......
---
title: Enforce project features when searching blobs and wikis
merge_request:
author:
---
title: Fixed branches dropdown rendering branch names as HTML
merge_request:
author:
---
title: Make Asciidoc & other markup go through pipeline to prevent XSS
merge_request:
author:
---
title: Validate URLs in markdown using URI to detect the host correctly
merge_request:
author:
---
title: Fix for XSS in project import view caused by Hamlit filter usage.
merge_request:
author:
---
title: Sanitize submodule URLs before linking to them in the file tree view
merge_request:
author:
---
title: Refactor snippets finder & dont return internal snippets for external users
merge_request:
author:
---
title: Fix snippets visibility for show action - external users can not see internal snippets
merge_request:
author:
---
title: "Do not show private groups on subgroups page if user doesn't have access to"
merge_request:
author:
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment