BigW Consortium Gitlab

  1. 01 Sep, 2017 1 commit
  2. 30 Aug, 2017 2 commits
    • Rework the permissions model for SSH key restrictions · 68470602
      Nick Thomas authored
      `allowed_key_types` is removed and the `minimum_<type>_bits` fields are
      renamed to `<tech>_key_restriction`. A special sentinel value (`-1`) signifies
      that the key type is disabled.
      
      This also feeds through to the UI - checkboxes per key type are out, inline
      selection of "forbidden" and "allowed" (i.e., no restrictions) are in.
      
      As with the previous model, unknown key types are disallowed, even if the
      underlying ssh daemon happens to support them. The defaults have also been
      changed from the lowest known bit size to "no restriction". So if someone
      does happen to have a 768-bit RSA key, it will continue to work on upgrade, at
      least until the administrator restricts them.
    • Add settings for minimum key strength and allowed key type · b0f982fb
      Nick Thomas authored
      This is an amalgamation of:
      
      * Cory Hinshaw: Initial implementation !5552
      * Rémy Coutable: Updates !9350
      * Nick Thomas: Resolve conflicts and add ED25519 support !13712
  3. 26 Aug, 2017 1 commit
  4. 22 Aug, 2017 3 commits
  5. 21 Aug, 2017 1 commit
    • Only require sidekiq-limit_fetch when enabled in settings · 0db5f576
      Sean McGivern authored
      This gem allows Sidekiq jobs to be throttled. Unfortunately, it has a
      side-effect: when we haven't enabled job throttling, it will still hit Redis a
      lot (and miss, because nothing is configured).
      
      As this setting already required a restart, ensure that the library is only
      required when it's enabled.
  6. 18 Aug, 2017 1 commit
  7. 17 Aug, 2017 1 commit
  8. 11 Aug, 2017 1 commit
  9. 04 Aug, 2017 1 commit
  10. 02 Aug, 2017 1 commit
  11. 01 Aug, 2017 1 commit
  12. 27 Jul, 2017 1 commit
  13. 26 Jul, 2017 1 commit
  14. 20 Jul, 2017 5 commits
  15. 13 Jul, 2017 1 commit
    • Fixes needed when GitLab sign-in is not enabled · 672a68d3
      Robin Bobbitt authored
      When sign-in is disabled:
       - skip password expiration checks
       - prevent password reset requests
       - don’t show Password tab in User Settings
       - don’t allow login with username/password for Git over HTTP requests
       - render 404 on requests to Profiles::PasswordsController
  16. 12 Jul, 2017 3 commits
  17. 07 Jul, 2017 4 commits
  18. 06 Jul, 2017 3 commits
  19. 05 Jul, 2017 2 commits
  20. 03 Jul, 2017 1 commit
  21. 28 Jun, 2017 1 commit
  22. 26 Jun, 2017 1 commit
  23. 19 Jun, 2017 2 commits
  24. 15 Jun, 2017 1 commit