- 14 Dec, 2016 1 commit
-
-
Munken authored
-
- 12 Dec, 2016 1 commit
-
-
winniehell authored
-
- 11 Dec, 2016 1 commit
-
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
- 08 Dec, 2016 5 commits
- 02 Dec, 2016 1 commit
-
-
Oswaldo Ferreira authored
-
- 30 Nov, 2016 2 commits
-
-
Mike Greiling authored
-
Mike Greiling authored
-
- 09 Nov, 2016 2 commits
-
-
Douwe Maan authored
Fix for HackerOne XSS vulnerability in markdown This is an updated blacklist patch to fix https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2007. No text is removed. Dangerous schemes/protocols and invalid URIs are left intact but not linked. Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23153 See merge request !2015 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Douwe Maan authored
disable markdown in comments when referencing disabled features fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23548 This MR prevents the following references when tool is disabled: - issues - snippets - commits - when repo is disabled - commit range - when repo is disabled - milestones This MR does not prevent references to repository files, since they are just markdown links and don't leak information. See merge request !2011 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 04 Nov, 2016 1 commit
-
-
Nick Thomas authored
-
- 01 Nov, 2016 1 commit
-
-
panjan authored
Fixes: https://gitlab.com/gitlab-org/gitlab-ce/issues/18096
-
- 28 Oct, 2016 1 commit
-
-
Adam Niedzielski authored
Do not pass project.owner because it may return a group and Labels::FindOrCreateService throws an error in this case. Fixes #23694.
-
- 24 Oct, 2016 1 commit
-
-
winniehell authored
-
- 19 Oct, 2016 7 commits
-
-
Douglas Barbosa Alexandre authored
-
Douglas Barbosa Alexandre authored
-
Douglas Barbosa Alexandre authored
-
Douglas Barbosa Alexandre authored
-
Douglas Barbosa Alexandre authored
-
Douglas Barbosa Alexandre authored
-
Felipe Artur authored
-
- 18 Oct, 2016 2 commits
-
-
the-undefined authored
Ensure that external URLs with non-lowercase protocols will be attributed with 'nofollow noreferrer' and open up in a new window. Covers the edge cases to skip: - HTTPS schemes - relative links Closes #22782
-
amaia authored
-
- 16 Oct, 2016 1 commit
-
-
Ebrahim Byagowi authored
-
- 14 Oct, 2016 1 commit
-
-
Yorick Peterse authored
Using `extend self` prevents GitLab Performance Monitoring from being able to track class methods. Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23347
-
- 13 Oct, 2016 1 commit
-
-
Johan H authored
-
- 11 Oct, 2016 1 commit
-
-
henrik authored
-
- 10 Oct, 2016 1 commit
-
-
Nick Thomas authored
-
- 07 Oct, 2016 3 commits
-
-
Nick Thomas authored
This commit alters views for the following models to use the markdown cache if present: * AbuseReport * Appearance * ApplicationSetting * BroadcastMessage * Group * Issue * Label * MergeRequest * Milestone * Project At the same time, calls to `escape_once` have been moved into the `single_line` Banzai pipeline, so they can't be missed out by accident and the work is done at save, rather than render, time.
-
Nick Thomas authored
-
Nick Thomas authored
This commit adds a number of _html columns and, with the exception of Note, starts updating them whenever the content of their partner fields changes. Note has a collision with the note_html attr_accessor; that will be fixed later A background worker for clearing these cache columns is also introduced - use `rake cache:clear` to set it off. You can clear the database or Redis caches separately by running `rake cache:clear:db` or `rake cache:clear:redis`, respectively.
-
- 04 Oct, 2016 2 commits
-
-
Phil Hughes authored
-
Phil Hughes authored
Closes #22911
-
- 03 Oct, 2016 2 commits
-
-
Katarzyna Kobierska authored
-
Katarzyna Kobierska authored
-
- 30 Sep, 2016 2 commits
-
-
Jared Deckard authored
-
Andre Guedes authored
-