- 04 Jul, 2016 7 commits
-
-
tiagonbotelho authored
-
tiagonbotelho authored
-
tiagonbotelho authored
-
tiagonbotelho authored
-
Douwe Maan authored
Don't garbage collect commits that have related DB records like comments Closes #13524 Also needed for https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4101. See merge request !5062
-
Douwe Maan authored
-
Douwe Maan authored
-
- 03 Jul, 2016 5 commits
-
-
Robert Speicher authored
Downgrade to Redis 3.2.2 due to massive memory leak with Sidekiq This affects GitLab 8.8 and 8.9. See: * https://github.com/mperham/sidekiq/blob/master/Changes.md#413 * https://gitlab.com/gitlab-org/gitlab-ce/issues/19441 See merge request !5056
-
Stan Hu authored
Update RedCloth to 4.3.2 for CVE-2012-6684 ## What does this MR do? To fix XSS (CVE-2012-6684), upgrade RedCloth to 4.3.2. ## Are there points in the code the reviewer needs to double check? No. ## Why was this MR needed? Security vulnerability in RedCloth (CVE-2012-6684) should be fixed to provide GitLab as a secure software. ## What are the relevant issue numbers? Closes #19169 cf. !2037, !2071 ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [n/a] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [n/a] API support added - Tests - [n/a] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4929
-
Robert Schilling authored
Merge branch '19448-merge-requests-api-has-incorrect-documentation-regarding-merge_when_build_succeeds' into 'master' Fix typo in Merge Requests API documentation Closes #19448 See merge request !5057
-
Takuya Noguchi authored
-
Takuya Noguchi authored
-
- 02 Jul, 2016 2 commits
-
-
Alejandro Rodríguez authored
-
- 01 Jul, 2016 26 commits
-
-
Douwe Maan authored
Groundwork for Kerberos SPNEGO (EE feature) Refactor Projecst::GitHttpController to allow Kerberos integration in GitLab EE. Companion to https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/509 See merge request !5037
-
Douwe Maan authored
Exclude requesters from Project#members, Group#members and User#members ## What does this MR do? It excludes requesters from the `Project#members`, `Group#members` and `User#members` associations, and adds new `Project#requesters` and `Group#requesters` associations. ## Are there points in the code the reviewer needs to double check? No. ## Why was this MR needed? Without this, if you call `project.members`, requesters are included in the results! This is at best misleading, and at worst can lead to security issues. By excluding requesters from the `#members` associations, we avoid introducing security inadvertently since you have to call the `#requesters` association explicitly to get requesters. ## What are the relevant issue numbers? This is something I realized while fixing the security issue #19102. ## Does this MR meet the acceptance criteria? - [x] I don't think this needs a CHANGELOG since this is an internal change - Tests - [x] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4946
-
Robert Speicher authored
Upgrade Sidekiq from 4.1.2 to 4.1.4. Adds a dependency on Sinatra and allows Sinatra 2 for eventual support of Rack 2. Changelog: https://github.com/mperham/sidekiq/blob/master/Changes.md#414 Working toward #14286. See merge request !5044
-
Robert Speicher authored
Upgrade seed-fu from 2.3.5 to 2.3.6 Adds Rails 5 support. Working toward #14286. Changelog: https://github.com/mbleigh/seed-fu/blob/master/CHANGELOG.md#version-236 See merge request !5042
-
Robert Speicher authored
Upgrade sass-rails ## What does this MR do? Upgrades sass-rails from 5.0.4 to 5.0.5. Includes support for Rails 5. Changelog: https://github.com/rails/sass-rails/releases Working toward #14286 See merge request !5030
-
Robert Speicher authored
Enable Style/EmptyLines Rubocop cop #17478 See merge request !5013
-
Fatih Acet authored
Renable import button when import process fail due to the namespace already been taken Closes #19435 ## Screenshots (if relevant) Before: ![1](/uploads/e8de1b326e0751891f667630a7685f6a/1.png)<br/><br/> After: ![2](/uploads/566f1fd5442c28232350689fce8eae76/2.png) See merge request !5053
-
Grzegorz Bizon authored
-
Douglas Barbosa Alexandre authored
-
Douglas Barbosa Alexandre authored
-
Douglas Barbosa Alexandre authored
-
Rémy Coutable authored
Fix snippets comments not displayed ## What does this MR do? Fix an issue where comments body were not displayed for project snippets anymore (see commit for details). ## Are there points in the code the reviewer needs to double check? No. ## Why was this MR needed? Because of #19388. ## What are the relevant issue numbers? Fixes #19388. ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - Tests - [ ] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5045
-
Achilleas Pipinellis authored
adding link to .gitlab-ci.yml templates closes #18998 ## What does this MR do? Add link to CI templates ## Are there points in the code the reviewer needs to double check? No ## Why was this MR needed? Asked by Sid - see #18998 ## What are the relevant issue numbers? up ## Screenshots (if relevant) ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5033
-
Stan Hu authored
Fix emoji paths in relative root configurations ## What does this MR do? If a site specifies a relative URL root, emoji files would omit the path from the URL, leading to lots of 404s. ## Are there points in the code the reviewer needs to double check? At first, I tried to use `ActionView::Helpers::AssetUrlHelper.asset_url` since this is what it's intended to do. But this helper function is extremely slow, and it took minutes to generate the URLs for the hundreds of links needed for each emoji. ## Why was this MR needed? Because emojis were broken in relative URL installations ## What are the relevant issue numbers? #15642 ## Does this MR meet the acceptance criteria? - [X] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - Tests - [X] Added for this feature/bug - [x] All builds are passing - [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [X] Branch has no merge conflicts with `master` (if you do - rebase it please) - [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5027
-
Rémy Coutable authored
The issue was that @notes were not passed to Banzai::NoteRenderer.render in Projects::SnippetsController#show. This was forgotten in d470f3d1. Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Robert Speicher authored
Upgrade Thin from 1.6.1 to 1.7.0. Includes support for Rack 2. Working toward #14286. Changelog: https://github.com/macournoyer/thin/blob/master/CHANGELOG See merge request !5047
-
Stan Hu authored
If a site specifies a relative URL root, emoji files would omit the path from the URL, leading to lots of 404s. Closes #15642
-
Rémy Coutable authored
And create new Project#requesters, Group#requesters scopes. Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Rémy Coutable authored
Add Todos API * Closes #14068 * Closes #14675 - [x] Implementation - [x] Tests - [x] Documentation - [x] Changelog See merge request !3188
-
Rémy Coutable authored
Fixing problems with events for import/export Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/19202 A couple of issues related to target being missing in exported `Events` (as being polymorphic and not have `ActiveRecord` relationships is a bit more tricky than normal models) plus as the export was in JSON, the import retrieves hashed fields as stringified hashes and not symbolized - so fixed that as well, which was the cause of https://gitlab.com/gitlab-org/gitlab-ce/issues/19202 Also fixed / refactored tests :simpl Import/Export Version has been bumped to 0.1.1 as theses changes to events won't work very well with old exports - forcing users to generate a new export in the new version. See merge request !4987
-
Robert Speicher authored
Upgrade sprockets and sprockets rails, remove quiet_assets ## What does this MR do? Upgrade Sprockets from 3.6.0 to 3.6.2. Changelog: https://github.com/rails/sprockets/blob/3.x/CHANGELOG.md Upgrade Sprockets Rails from 3.0.4 to 3.1.1. Changelog: https://github.com/rails/sprockets-rails/compare/v3.0.4...v3.1.1 quiet_assets has been seemingly abandoned, and now sprockets-rails has the feature built-in! The config was added in this PR: https://github.com/rails/sprockets-rails/pull/355 Working towards #14286. See merge request !5029
-
Connor Shea authored
Includes support for Rack 2. Changelog: https://github.com/macournoyer/thin/blob/master/CHANGELOG
-
Rémy Coutable authored
Ensure that branch and tag names are given in API ## What does this MR do? It ensures that the tag or branch name is given. @rymai We talked in an earlier MR about this. See merge request !5012
-
Jacob Schatz authored
Cache autocomplete results ## What does this MR do? Caches the results of the autocomplete AJAX call to stop new GFM inputs on the page from requesting new data. The cache is then cleared on each new page so that it doesn't stay around per project. See merge request !5043
-
James Lopez authored
-
Phil Hughes authored
-