- 04 Oct, 2016 1 commit
-
-
- 03 Oct, 2016 1 commit
-
-
Douwe Maan authored
Fix export project file permissions issue Fixes security concerns of https://gitlab.com/gitlab-org/gitlab-ce/issues/22757 I have just added the permissions 0700 to the creation of any of the export paths, as @jacobvosmaer suggested in https://gitlab.com/gitlab-org/gitlab-ce/issues/22757#note_16197616 After this has fixed, it could take up to 24 hours in the worse case scenario for old archives to be completely safe - This is the time `ImportExportProjectCleanupWorker` may take to remove the folders. The temporary folders will be 0700 straight away for new installations. See merge request !2003
-
- 30 Sep, 2016 1 commit
-
-
James Lopez authored
-
- 28 Sep, 2016 3 commits
-
-
Robert Speicher authored
Escape HTML nodes in builds commands in ci linter This MR removes call to `simple_format` that behaves like `String#html_safe`, thus it passes unescaped HTML tags to the view. Closes #22541 See merge request !2001
-
Douwe Maan authored
API: disable rails session auth for non-GET/HEAD requests Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22435 See merge request !1999
-
Rémy Coutable authored
Enforce the fork_project permission in Projects::CreateService Projects::ForkService delegates to this service almost entirely, but needed one small change so it would propagate create errors correctly. CreateService#execute needs significant refactoring; it is now right at the complexity limit set by Rubocop. I avoided doing so in this commit to keep the diff as small as possible. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/18028 See merge request !1996
-
- 27 Sep, 2016 2 commits
-
-
Nick Thomas authored
-
Nick Thomas authored
Projects::ForkService delegates to this service almost entirely, but needed one small change so it would propagate create errors correctly. CreateService#execute needs significant refactoring; it is now right at the complexity limit set by Rubocop. I avoided doing so in this commit to keep the diff as small as possible. Several tests depend on the insecure behaviour of ForkService, so fi them up at the same time.
-
- 26 Sep, 2016 9 commits
-
-
Grzegorz Bizon authored
-
Rémy Coutable authored
Keep API mounts in alphabetical order ## What does this MR do? Just a cosmetic change to keep the API mounts in order. See merge request !6515
-
Rémy Coutable authored
Fixes issue with rails reserved keyword type exporting/importing services. The attribute `type`in services was being ignored by Import/Export. Added `type` as a method call in the export, as `type` gets ignored invoking `to_json`, manually adding this as a method in `import_export.yml` solves the problem. On a different note, I found assigning a title directly to `CustomIssueTrackerService` didn't play very well with `prop_accessor`: ```ruby > CustomIssueTrackerService.new(title: 'asdf') NoMethodError: undefined method `[]=' for nil:NilClass > CustomIssueTrackerService.new(title: nil) NoMethodError: undefined method `[]=' for nil:NilClass ``` This was also causing the Import/Export to failed... So I added a custom setter that fixed the problem. Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22461 See merge request !6499
-
Rémy Coutable authored
Replace deprecated Devise helper with new helper Closes #22357 See merge request !6462
-
Rémy Coutable authored
Fix trivial typo in docs See merge request !5849
-
James Lopez authored
-
James Lopez authored
-
James Lopez authored
Fixes issue with rails reserved keyword type exporting/importing services. Also fixed CustomIssueTrackerService title setter and added relevant specs.
-
Dmitriy Zaporozhets authored
Remove gitlab_meta gem See merge request !6510
-
- 25 Sep, 2016 6 commits
-
-
Robert Speicher authored
Fix typo in README [ci skip] See merge request !6512
-
Sean McGivern authored
cannonical -> canonical
-
Robert Speicher authored
Use base SHA for patches and diffs ## What does this MR do? Switch from using 'start SHA' to 'base SHA' for patches and diffs ## Are there points in the code the reviewer needs to double check? ## Why was this MR needed? Makes the downloaded patches and diffs on the merge request page match the frontend-rendered "changes" in these scenarios: * Unpatched gitlab-workhorse, downloading patchsets of open MRs (https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/68) * Unpatched gitlab-workhorse, downloading diffs of open and merged MRs * Patched gitlab-workhorse, downloading patchsets of merged merge requests ## What are the relevant issue numbers? Closes #22229 See merge request !6435
-
Robert Speicher authored
-
Achilleas Pipinellis authored
-
Achilleas Pipinellis authored
Fix typo in README.md ## What does this MR do? Fixes a typo in the documentation of the gitlab-ci-runner environment variables See merge request !6340
-
- 24 Sep, 2016 5 commits
-
-
Rubén Dávila Santos authored
Fix CHANGELOG. cc: @stanhu See merge request !6505
-
Ruben Davila authored
-
Fatih Acet authored
Milestone tab badges ### What does this MR do? Adds count badges to the tabs on the Milestone page to mirror the Issue page. ### Are there points in the code the reviewer needs to double check? CSS: Padding was added to the `.milestone` element to make expired milestones look good. ### Why was this MR needed? For consistency with other tabs ### What are the relevant issue numbers? Closes #20114 ### Screenshots (if relevant) **Before** <img src="/uploads/1f75853a863a9058ee409916b7ee4057/Screen_Shot_2016-07-22_at_13.22.20.png" width="362"> **After** <img src="/uploads/8a058290850f571db249dd9b23f5138d/Screen_Shot_2016-07-22_at_13.21.58.png" width="303"> ![Screen_Shot_2016-08-23_at_1.42.56_AM](/uploads/b072dc6bdf505b2fce46660beaf0eae7/Screen_Shot_2016-08-23_at_1.42.56_AM.png) ![Screen_Shot_2016-08-23_at_1.43.15_AM](/uploads/e7440bf2aa628aa4dba63863083699c0/Screen_Shot_2016-08-23_at_1.43.15_AM.png) ### Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5946
-
Fatih Acet authored
Removed z-index from flash container ## What does this MR do? Fixes a styling bug where the flash container would be above the header when scrolling. Before it looked like this when scrolling: ![Screen_Shot_2016-09-08_at_14.06.36](/uploads/d639287329643d26454a997e3917bc53/Screen_Shot_2016-09-08_at_14.06.36.png) Now it looks like this when scrolling: ![Screen_Shot_2016-09-08_at_14.07.37](/uploads/7c1c5e38adc9b9011558d4190d3520fe/Screen_Shot_2016-09-08_at_14.07.37.png) ## Are there points in the code the reviewer needs to double check? I can't think of any good reason why this would need to be above another element. But you never know! Closes #20713 See merge request !6264
-
Fatih Acet authored
Merge branch '22459-tooltips-for-mini-pipeline-graph-in-pipeline-list-use-the-svg-instead-of-container' into 'master' Fixed pipeline stage svg link tooltip ## What does this MR do? Adds `display: block` to the `.stage-container` class which allows the dimensional constraints of the link to be calculated correctly so the `mouseover` events are fired correctly. ## Are there points in the code the reviewer needs to double check? ## Why was this MR needed? Hovering the stage icons to reveal their SVG was buggy and would flash. ## Screenshots (if relevant) ![2016-09-23_14.59.17](/uploads/ad4c85fb08f032cc3f5d17749d3f7091/2016-09-23_14.59.17.gif) I just realised that Gifox actually adds its own mouse that isn't positioned or sized correctly so this doesn't look right, you'll have to `checkout` to confirm. /cc @dimitrieh I found a con about Gifox!
😆 ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [ ] API support added - Tests - [ ] Added for this feature/bug - [ ] All builds are passing - [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [ ] Branch has no merge conflicts with `master` (if you do - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? Closes #22459 See merge request !6494
-
- 23 Sep, 2016 12 commits
-
-
Yorick Peterse authored
Fix a memory leak in HTML::Pipeline::SanitizationFilter::WHITELIST See merge request !6456
-
Robert Speicher authored
Add link to broadcast messages docs [ci skip] See merge request !6495
-
Rémy Coutable authored
Fix database seeds for development environment ## What does this MR do? This MR fixes database seeds for development environment and adds CI test for it. ## Why was this MR needed? Database seeds for development environment are often broken, and we are not able to catch that when someone modified `db/fixtures` and forgets to reseed database. Closes #22422 See merge request !6475
-
Luke Bennett authored
Changed links that wrap the icon svg to `display: block` so there isn't any issues knowing when `mouseover` occurs
-
Ahmad Sherif authored
The previous fix introduced another leak; as it made Banzai::Filter::SanitizationFiler#customized? always return false, so we were always appending two elements to HTML::Pipeline::SanitizationFilter::WHITELIST[:elements]. This growth in the elements array would slow the sanitization process over time.
-
Ahmad Sherif authored
This reverts commit 504a3b5e.
-
Rémy Coutable authored
[ci skip] Signed-off-by: Rémy Coutable <remy@rymai.me>
-
-
Yorick Peterse authored
Speed up group milestones show page See merge request !6457
-
Rémy Coutable authored
[ci skip] Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Jacob Schatz authored
Fix Cycle Analytics landing widget state and improve state management in Vue. ## What does this MR do? - Fixes Cycle Analytics help widget show/hide issue - Addresses initial MR feedback with improving Vue state management logic - Fixes cookie path of the help widget so when you close a help widget in a repo it won't be visible for other repos. ## Are there points in the code the reviewer needs to double check? - Should we move `gl.cycleAnalyticsModel` to a new file. ## Why was this MR needed? - Addresses feedbacks of [initial MR](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5986) and fixes #22483 ## Screenshots (if relevant) ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [x] API support added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? Fixes #22483 See merge request !6492
-
Z.J. van de Weg authored
Fixes #22508 [ci skip]
-