- 11 Jan, 2018 2 commits
-
-
Oswaldo Ferreira authored
-
Oswaldo Ferreira authored
[ci skip]
-
- 10 Jan, 2018 1 commit
-
-
Oswaldo Ferreira authored
Prepare 10.2.6 Security Release See merge request gitlab/gitlabhq!2290
-
- 09 Jan, 2018 2 commits
-
-
Robert Speicher authored
Prevent login with disabled OAuth providers See merge request gitlab/gitlabhq!2223 (cherry picked from commit 43b6135f2226625b5e50d9aa2149a0ea74bb1336) a4bb4a5b Prevents login with disabled OAuth providers
-
Jacob Schatz authored
Sanitizes IPython notebook output See merge request gitlab/gitlabhq!2237 (cherry picked from commit db98d764c4112dd24bc5ae9ed2bfc01052820309) 8908edbf Sanitizes iPython notebook output 90286ceb fixed karma specs
-
- 08 Jan, 2018 10 commits
-
-
Robert Speicher authored
Merge branch '41293-fix-command-injection-vulnerability-on-system_hook_push-queue-through-web-hook-10-2' into 'security-10-2' [10.2] Don't allow line breaks on HTTP headers See merge request gitlab/gitlabhq!2287 (cherry picked from commit 1e19734413d46346dd46177d056d9c7165602197) b7664b12 Don't allow line breaks on HTTP headers
-
James Lopez authored
[10.2] Fix RCE via project import mechanism See merge request gitlab/gitlabhq!2293 (cherry picked from commit 836918b04ed739fe07b239d0e4eab58296218c8c) cec9a6ae Fix RCE via project import mechanism
-
Douwe Maan authored
[10.2] Migrate `can_push` column from `keys` to `deploy_keys_project` See merge request gitlab/gitlabhq!2275 (cherry picked from commit b07115bbf3a6f2340e88213f51f699302e6af1d9) 5382c682 Backport to 10.2
-
Sean McGivern authored
[10.2] backport - check project access on MR create See merge request gitlab/gitlabhq!2279 (cherry picked from commit dd1654b7830948347a23521058a1386a8ba97b69) 8b1e50e4 check project access on MR create
-
Robert Speicher authored
[10.2] Fix path traversal in gitlab-ci.yml cache:key See merge request gitlab/gitlabhq!2271 (cherry picked from commit 9184cd7968665137a18c4823ece239a4a1ca0e46) 1050945a Fix path traversal in gitlab-ci.yml cache:key
-
Robert Speicher authored
Validate project path in Gitlab import - 10.2 port See merge request gitlab/gitlabhq!2267 (cherry picked from commit faea8488456aed31915ca9dd6cb2a7d3090294ec) 036fc6c9 Validate project path in Gitlab import
-
Robert Speicher authored
Remove order param from the MilestoneFinder - 10.2 port See merge request gitlab/gitlabhq!2264 (cherry picked from commit 54c82aee8d97a7a82fff49197d023e2ebd3247e8) bca5ca97 Remove order param from the MilestoneFinder
-
Jacob Schatz authored
[10.2] Fix XSS in issue label dropdown See merge request gitlab/gitlabhq!2251 (cherry picked from commit df15b14521c46aaad5805ae90aa04739d78eec63) 6d693d09 Fix XSS in issue label dropdown
-
Robert Speicher authored
[10.2] Fix XSS vulnerability in Pipeline job trace - backport 10 2 See merge request gitlab/gitlabhq!2260 (cherry picked from commit 4ba826b5df561e85f6fdfc86c20779b1a91b598b) b890d809 Fix XSS vulnerability in Pipeline job trace
-
Sean McGivern authored
Merge branch 'security-10-2-do-not-expose-passwords-or-tokens-in-service-integrations-api' into 'security-10-2' Filter out sensitive fields from the project services API See merge request gitlab/gitlabhq!2282 (cherry picked from commit 66b1677940084505123cd519d0894c89dcc60da2) 8b3dcc2a Filter out sensitive fields from the project services API
-
- 15 Dec, 2017 3 commits
-
-
Michael Kozono authored
-
Michael Kozono authored
[ci skip]
-
Michael Kozono authored
Prepare 10.2.5 release See merge request gitlab-org/gitlab-ce!15925
-
- 14 Dec, 2017 22 commits
-
-
Winnie Hellmann authored
Optimize API /groups/:id/projects by preloading assocations (10.2 port) See merge request gitlab-org/gitlab-ce!15926
-
Francisco Javier López authored
-
Winnie Hellmann authored
Create fork networks for deleted source projects (10.2 port) See merge request gitlab-org/gitlab-ce!15927
-
Winnie Hellmann authored
Merge branch 'pawel/update-prometheus_gem_to_highly_optimized_version-10-2' into '10-2-stable-patch-5' Update prometheus-client-mmap gem to highly optimized version (10.2 port) See merge request gitlab-org/gitlab-ce!15928
-
Francisco Javier López authored
-
Francisco Javier López authored
-
Francisco Javier López authored
-
Bob Van Landuyt authored
-
Sean McGivern authored
Create fork networks for deleted source projects Closes #40072 See merge request gitlab-org/gitlab-ce!15595 (cherry picked from commit 552c9089) Conflicts: lib/gitlab/background_migration/populate_fork_networks_range.rb
-
Winnie Hellmann authored
-
Douwe Maan authored
Optimize API /groups/:id/projects by preloading assocations Closes #40308 See merge request gitlab-org/gitlab-ce!15475 (cherry picked from commit 65b7a7a0) Conflicts: lib/api/groups.rb
-
Kamil Trzciński authored
-
Rémy Coutable authored
Upgrade codeclimate image to latest Closes #40255 See merge request gitlab-org/gitlab-ce!15461 (cherry picked from commit c26d7089) 586d878d Upgrade codeclimate image to 0.70.1 18231881 Use latest codeclimate image again
-
Robert Speicher authored
Properly bump prometheus-client-mmap gem versions See merge request gitlab-org/gitlab-ce!15825 (cherry picked from commit a2d16480) Conflicts: Gemfile Gemfile.lock
-
Tim Zallmann authored
Resolve "Prometheus loading screen no longer seems to appear" Closes #40285 See merge request gitlab-org/gitlab-ce!15889 (cherry picked from commit a8b98528) d072c0cd fix broken empty state assets for environment monitoring page 9864720a add CHANGELOG.md entry for !15889
-
James Lopez authored
Fix gitlab:import:repos Rake task moving repositories into the wrong location Closes #40765 See merge request gitlab-org/gitlab-ce!15823 (cherry picked from commit 7694ae88) 78f7c3c8 Fix gitlab:import:repos Rake task moving repositories into the wrong location e8cced80 Fix failing importer test case on MySQL due to missing trailing slash in root path 917a112e Simplify normalizing of paths 86661a3a Use build instead of create in importer spec f1eaab7b Remove the need for destroy and add a comment in the spec
-
Robert Speicher authored
Bump redis-rails to 5.0.2 to get redis-store security updates Closes #40889 See merge request gitlab-org/gitlab-ce!15773 (cherry picked from commit 6808d11b) f76aaa21 Bump redis-rails to 5.0.2 to get redis-store security updates
-
Sean McGivern authored
Backport board scope highlight See merge request gitlab-org/gitlab-ce!15757 (cherry picked from commit 0803a0b3) 6f256386 backport board scope highlight
-
Jacob Schatz authored
Replace absolute URLs on related branches/MRs with relative url to avoid hostname Closes #40555 See merge request gitlab-org/gitlab-ce!15735 (cherry picked from commit 73a79f7e) 88f268b5 Replace absolute URLs on related branches/MRs with relative url to avoid hostname
-
Clement Ho authored
Resolve "updateEndpoint undefined on Issue page" Closes #40715 See merge request gitlab-org/gitlab-ce!15698 (cherry picked from commit be8ca260) 3e9e773c Remove unused updateUrl and updateEndpoint 0ce9215e Revert updateUrl and updateEndpoint removal and instead pass updateEndpoint… 15b2fc3b simplify props for issue_show app root 4d86f05a Add changelog entry
-
Clement Ho authored
Resolve "Dropdown options are misaligned" Closes #40592 See merge request gitlab-org/gitlab-ce!15693 (cherry picked from commit 2b07c2ee) 6a1052c1 remove top from dropdown-label-box that is child of filter-dropdown-item
-