- 07 Sep, 2014 1 commit
-
-
Ben Bodenmiller authored
taken from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html / https://cipherli.st/ backwards compatible ciphers not needed since gitlab does not support ie8
-
- 30 Aug, 2014 4 commits
-
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
Feature ldap tests Move specs to proper places. Relates to #154 This is already mergeable, will continue in a new branch for additions & refactorings. See merge request !1053
-
Dmitriy Zaporozhets authored
Avoid ldap.allow_username_or_email_login issues See merge request !1016
-
Dmitriy Zaporozhets authored
make CI build faster
-
- 29 Aug, 2014 27 commits
-
-
Robert Schilling authored
Comment typo.
-
Ciro Santilli authored
-
Robert Schilling authored
Comment typo.
-
Ciro Santilli authored
-
Robert Schilling authored
Use svg instead of png to get better image quality
-
Peter Dave Hello authored
-
Peter Dave Hello authored
-
Jan-Willem van der Meer authored
-
Dmitriy Zaporozhets authored
Fix Atom feed for comments
-
Dmitriy Zaporozhets authored
Return extra empty line in blob render
-
Dmitriy Zaporozhets authored
Updated the spring gem and fixed the guard file
-
Dmitriy Zaporozhets authored
Enable highlighting for blame
-
Jan-Willem van der Meer authored
-
Jacob Vosmaer authored
-
Jacob Vosmaer authored
This method existed to allow LDAP users to take over existing GitLab accounts if the part before the '@' of their LDAP email attribute matched the username of an existing GitLab user. I propose to disable this behavior in order to prevent unintended GitLab account takeovers. After this change it is still possible to take over an existing GitLab account with your LDAP credentials, as long as the GitLab account email address matches the LDAP user email address.
-
Jacob Vosmaer authored
The example LDAP configuration in gitlab.yml enables the allow_username_or_email_login setting. Because the effect of this setting is somewhat counterintuitive, I propose we make 'false' the example default. The settings initializer already sets this setting to 'false'.
-
Andrew Kumanyaev authored
-
Dmitriy Zaporozhets authored
Don't allow edit of system notes Fix #1412 See merge request !1052
-
Dmitriy Zaporozhets authored
Move cache setup to config/application.rb See merge request !1050
-
Dmitriy Zaporozhets authored
Improve issue ui Fix code overflow for description block See merge request !1051
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
Dmitriy Zaporozhets authored
Visibility fix Fixes #1529 See merge request !1049
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
Jan-Willem van der Meer authored
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
Jacob Vosmaer authored
Before this change we were trying to configure Rails.cache in an initializer. It seems that by the time the initializers are loaded, Rails.cache is already instantiated, so changing the settings does not achieve anything anymore. This was causing Rails to default to a file storage cache instead of the Redis cache, which in turn broke `rake cache:clear`.
-
- 28 Aug, 2014 8 commits
-
-
Job van der Voort authored
-
Jacob Vosmaer authored
Fix XSS issue When view blob as RAW make sure we allow only 2 kind of type: 'text/plain' and 'application/octet-stream' Fixes #1514 See merge request !1045
-
Dmitriy Zaporozhets authored
Use a ? after the $request_uri to perform a valid Redirect while cloning...
-
Dmitriy Zaporozhets authored
[refactor] Remove HAML eval for const strings.
-
Dmitriy Zaporozhets authored
Fix overflow in 'my projects' list
-
Dmitriy Zaporozhets authored
Mask password in import URL while importing.
-
Dmitriy Zaporozhets authored
Add search in textarea
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-