- 28 Jun, 2016 1 commit
-
-
James Lopez authored
-
- 27 Jun, 2016 39 commits
-
-
Robert Speicher authored
-
Robert Speicher authored
Rename Licenses API to License Templates API ## What does this MR do? Earlier I renamed this in EE, thinking license templates was an EE-only feature. This backports that change to CE. Thanks to @vsizov for pointing out this error. See https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/400 for the EE merge request. See merge request !4957
-
Drew Blessing authored
-
Douwe Maan authored
Check for conflict with wiki projects when creating a new project. ## What does this MR do? Check for conflict with wiki projects when creating a new project ## Are there points in the code the reviewer needs to double check? No ## Why was this MR needed? To avoid exposing the information from the wiki repository of other project ## What are the relevant issue numbers? #18398 ## Screenshots (if relevant) ![Screen_Shot_2016-06-24_at_6.03.49_PM](/uploads/7bf55e5159bf0c2b653b8f4f941f72fc/Screen_Shot_2016-06-24_at_6.03.49_PM.png) ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4918
-
Robert Speicher authored
Fix visibility of snippets when searching Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/18997 See merge request !1972
-
Robert Speicher authored
Fix an information disclosure when requesting access to a group containing private projects Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/19102. The commit speaks for itself: Fix an information disclosure when requesting access to a group containing private projects The issue was with the `User#groups` and `User#projects` associations which goes through the `User#group_members` and `User#project_members`. Initially I chose to use a secure approach by storing the requester's user ID in `Member#created_by_id` instead of `Member#user_id` because I was aware that there was a security risk since I didn't know the codebase well enough. Then during the review, we decided to change that and directly store the requester's user ID into `Member#user_id` (for the sake of simplifying the code I believe), meaning that every `group_members` / `project_members` association would include the requesters by default... My bad for not checking that all the `group_members` / `project_members` associations and the ones that go through them (e.g. `Group#users` and `Project#users`) were made safe with the `where(requested_at: nil)` / `where(members: { requested_at: nil })` scopes. Now they are all secure. See merge request !1973
-
Robert Speicher authored
Use `have_http_status` matcher where possible See merge request !4955
-
Robert Speicher authored
Fix rendering of commit notes See merge request !4953
-
Ruben Davila authored
This fix avoids exposing the information from the wiki repository of other project.
-
Z.J. van de Weg authored
-
Jacob Schatz authored
Made the search bar on emoji menu sticky ## What does this MR do? When scrolling down the emoji menu, the search bar disappears. For better UX, the search bar no stays at the top when scrolling. ## Screenshots (if relevant) ![emoji-sticky](/uploads/a5b4773547d3d67342ddcfc07c8f1568/emoji-sticky.gif) See merge request !4743
-
Douwe Maan authored
-
Douwe Maan authored
-
Stan Hu authored
Update omniauth-saml to 1.6.0 to address a security vulnerability in ruby-saml ## What does this MR do? Updates `omniauth-saml` to bring in the new `ruby-saml` dependency that addresses [CVE-2016-5697](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5697) Fixes #19206 See merge request !4951
-
Robert Speicher authored
Correctly return todo ID after creating todo See merge request !4941
-
Fatih Acet authored
Remove duplicate new page btn from edit wiki ## What does this MR do? Removes duplicate button on wiki page ## What are the relevant issue numbers? Closes #19075 ## Screenshots (if relevant) ![Screen_Shot_2016-06-24_at_9.45.28_AM](/uploads/8dca96c3e75b428d63acaaba6dede9a6/Screen_Shot_2016-06-24_at_9.45.28_AM.png) ![Screen_Shot_2016-06-24_at_9.45.57_AM](/uploads/e6ea97b07e48d2fe6f108d8c5a943583/Screen_Shot_2016-06-24_at_9.45.57_AM.png) See merge request !4904
-
Stan Hu authored
Mention gmake Fixes https://gitlab.com/gitlab-org/gitlab-workhorse/issues/46 See merge request !4945
-
Fatih Acet authored
Fix check for existence of New Branch button on Issue page ## What does this MR do? The condition in [`initCanCreateBranch`][initCanCreateBranch] mistakenly checks `$container` (the New Branch button) for falsy. However JQuery returns an empty array if no matching element was found, so this condition is never met. ## Why was this MR needed? The wrong condition causes: * `$.getJSON($container.data('path'))` to be called where `$container.data('path')` is `undefined` * in this case `$.getJSON` uses `location.href` * if the current page has a JSON representation, it is fetched and cached by browser and displayed the next time the page is visited (#17365) * otherwise "Failed to check if new branch can be created" is displayed (#17264) ## What are the relevant issue numbers? Fixes #17264 and #17365. [initCanCreateBranch]: https://gitlab.com/gitlab-org/gitlab-ce/blob/v8.8.4/app/assets/javascripts/issue.js.coffee#L102 See merge request !4630
-
Annabel Dunstone authored
-
Annabel Dunstone authored
-
Annabel Dunstone authored
-
Annabel Dunstone authored
-
Jacob Schatz authored
Revert Subresource Integrity pending a fix for Firefox's incorrect hashing implementation. Per the discussion in #18230, Firefox support is broken :( cc: @jschatz1 See merge request !4943
-
Phil Hughes authored
-
Patricio Cano authored
-
winniehell authored
-
Rémy Coutable authored
Better debugging for memory killer middleware This adds more info to the warning messages output by `MemoryKiller`. Previously only the PID was showed, making it difficult to debug issues like https://gitlab.com/gitlab-org/gitlab-ce/issues/19124 This adds the worker class and job ID to the log messages. See merge request !4936
-
Rémy Coutable authored
Image sizing ## What does this MR do? Limits image height to fit the screen. The wrapping div is so the image is guaranteed to be a block element without the link area growing to be larger than the image itself. ## Are there points in the code the reviewer needs to double check? Make sure this can't be done in a more performant or concise way with Banzai. ## Why was this MR needed? Images were displayed at their full resolution, which made it difficult to read issues when the image height was greater than the viewport height (see #18861). ## What are the relevant issue numbers? Fixes #18861. ## Screenshots (if relevant) Before: ![Screen_Shot_2016-06-20_at_3.25.26_PM](/uploads/158424375ade95adcd337ccd34c48747/Screen_Shot_2016-06-20_at_3.25.26_PM.png) After: ![Screen_Shot_2016-06-20_at_3.24.57_PM](/uploads/f1a3b5f6442e4e3b1067332a547fb1c8/Screen_Shot_2016-06-20_at_3.24.57_PM.png) ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) cc: @jschatz1 @dzaporozhets @rspeicher See merge request !4810
-
Patricio Cano authored
-
James Lopez authored
-
Rémy Coutable authored
Test templates and GitLabCI parser againts each other ## What does this MR do? Test the available templates against the preprocessor and vice versa ## Are there points in the code the reviewer needs to double check? The dynamic creation of tests seems a little hacked. Is there a cleaner way? ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added -- Seems unneeded - [x] All builds are passing - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if you do - rebase it please) See merge request !4898
-
Connor Shea authored
Add max-height to prevent images from displaying larger than the provided screen size. Also fix a failing test and add a new one.
-
Rémy Coutable authored
Remove duplicate changelog entry ## What does this MR do? Removes a changelog entry from 8.9.1, which is only present in 8.10 See merge request !4937
-
Rémy Coutable authored
Allow "ci skip" to be in any case ## What does this MR do? This MR makes the check for the [ci skip] tag in a commit message case insensitive and adds support for [skip ci]. ## Are there points in the code the reviewer needs to double check? No. ## Why was this MR needed? I couldn't understand why some of my commits were being built, even though they contained "[CI Skip]". ## What are the relevant issue numbers? N/A ## Screenshots (if relevant) N/A ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [x] Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4785
-
Achilleas Pipinellis authored
Update EE downgrade instructions to include JenkinsDeprecatedService EE now includes JenkinsDeprecatedService in addition to JenkinsService, so we need to clean both when downgrading from EE to CE. Closes #19133 [ci skip] See merge request !4916
-
Achilleas Pipinellis authored
Remove docs for GitLab CI Service API ## What does this MR do? Documentation update: http://docs.gitlab.com/ce/api/services.html Old GitLab CI Service API description will be removed from the docs. ## Are there points in the code the reviewer needs to double check? n/a ## Why was this MR needed? Obsolete information is harmful than nothing. ## What are the relevant issue numbers? Closes #19167 ## Does this MR meet the acceptance criteria? - [n/a] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [n/a] API support added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4927
-
Jacob Vosmaer authored
-
Connor Shea authored
-
Achilleas Pipinellis authored
Add notices about disabling auth features for users with 2FA. Related to #2979 - Document the proposed changes to the GitLab authentication system. - This is done because currently, users with 2FA enabled are allowed API access without a 2FA token. # Tasks - [ ] #2979 !xxxx - Document proposed auth changes for 2FA users - [x] Wait for replies on "[potential avenues for documenting the planned changes](https://gitlab.com/gitlab-org/gitlab-ce/issues/2979#note_12591578)" - [x] Update documentation - [ ] CHANGELOG entry? - [ ] Merge conflicts See merge request !4815
-