gitlab-ce:8-8-nxd commitshttps://lab.nexedi.com/jerome/gitlab-ce/-/commits/8-8-nxd2016-10-06T15:14:11+03:00https://lab.nexedi.com/jerome/gitlab-ce/-/commit/967afbdc3a2d2bcc58ed31ca50d5293fa2a2e9edFix database migrations when Redis is not running2016-10-06T15:14:11+03:00Stan Hustanhu@gmail.com
If Redis were not running or USE_DB were set to false, the
application settings retrieval would fail completely. This
change only attempts to use the cache if the system actually
wants to connect to the DB and rescues any failures in talking to
Redis.
Closes #17557
(cherry picked from commit <a href="/jerome/gitlab-ce/-/commit/c600cf83488398cf66b10af85ed9490fe9457bd4" data-original="c600cf83488398cf66b10af85ed9490fe9457bd4" data-link="false" data-link-reference="false" data-project="852" data-commit="c600cf83488398cf66b10af85ed9490fe9457bd4" data-reference-type="commit" data-container="body" data-placement="top" data-html="true" title="Fix database migrations when Redis is not running" class="gfm gfm-commit has-tooltip">c600cf83</a>)https://lab.nexedi.com/jerome/gitlab-ce/-/commit/b27dc77e951f8e5f4502f7516b2965f93a022439NXD Teach GitLab about patches2016-10-06T15:14:11+03:00Kirill Smelkovkirr@nexedi.com
Teach GitLab not only to merge changes from a merge-request, but also to
apply patches posted to merge-request in a way like `git am` would do -
without merge commit and directly on top of current branch. Which way to
go is selected by user in web UI, and apply patches is the first option.
There are 3 cases:
- only 1 commit is present in MR -> the only available option is to
apply that single commit as one patch without a merge
( There is no need for merge commit in this case at all: information
about user who applied the patch goes to "Committer" field in resultant
commit. Avoiding 1 merge per 1 patch results in cleaner history )
It is also possible to review patch description directly in web UI,
before doing the actual application, and correct / amend it as needed.
- several commits are present in MR:
* it is possible to apply the patches directly on top of current
branch. Again information about who applied what goes to "Committer"
field.
* it is possible to merge MR changes with making a merge commit.
This variant is useful, when patches from a MR do several logical
steps to reach one goal, and MR description contain cover letter for
whole patch series.
in this case original commits stay untouched and resulting merge
will contain MR author as author, user who accepted MR as committer,
and cover letter as merge commit message.
NOTE we avoid useless "Merge branch X into Y" in merge message, and
just put MR title into merge subject and MR description into merge
description.
This way it is more logical with more important information in
merge subject and thus e.g. more handy to oversee what a merge brings,
just by it subject, e.g. via looking at updates via
gitk --first-parent ...
or via web.
NOTE for pre-generated references to merge-request we now use full MR
URL, instead of !<MR-n>. Full URLs work everywhere, not only on
original site where MR was created, or even only in original repo
and not its fork on the same site.https://lab.nexedi.com/jerome/gitlab-ce/-/commit/c681bd288e9827010fec33c1f4f1ac60acf31fc7NXD Show ICP on front page & on footer of every other pages2016-10-06T15:14:11+03:00Kirill Smelkovkirr@nexedi.com
TODO detect whether request comes from China and only then show ICP (?).https://lab.nexedi.com/jerome/gitlab-ce/-/commit/6ffe9528021a1ce1b9aff708256e705f56fa6b37NXD Show "about" footer on every page2016-10-06T15:14:11+03:00Kirill Smelkovkirr@nexedi.com
We show in small font size the same info that is shown on sign_in page:
"GitLab Nexedi Edition", "About GitLab" and "About Nexedi"
This is good to have and hereby-introduced about-footer area will be
also used in the next patch for ICP too.
XXX placement of .about-footer to be near bottom is done not very
correctly.https://lab.nexedi.com/jerome/gitlab-ce/-/commit/cbaedbf4f7ca41203a547a47162278ddacd006bfNXD gitlab:app:check : Don't check for init script2016-10-06T15:14:11+03:00Kirill Smelkovkirr@nexedi.com
Like Omnibus, SlapOS version does not have init script - nothing to
check here.https://lab.nexedi.com/jerome/gitlab-ce/-/commit/516a1f566d8959d89f54d6842e6a165fb49b3ebdNXD lib/tasks/gitlab/check: Exit with non-zero code, if something failed in a...2016-10-06T15:14:11+03:00Kirill Smelkovkirr@nexedi.com
This is handy for monitoring tools, which could e.g. periodically call check
tasks and instead of parsing output, rely on exit code.
The way we detect if something failed is via hooking into String#red, and if
anything was ever printed in red - that's an error.https://lab.nexedi.com/jerome/gitlab-ce/-/commit/e47846caed33842b4fa30d95acb700212b08388aNXD Don't show warning about missing SSH key - we support HTTP only2016-10-06T15:14:11+03:00Kirill Smelkovkirr@nexedi.comhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/7d5bed71eecb0d0286d6e5690a75b0197f5f94d6NXD clone_panel: Remove SSH option completely2016-10-06T15:14:11+03:00Kirill Smelkovkirr@nexedi.com
The default was switched to HTTP in the previous patch, but let's completely
remove SSH option - we support only HTTP for git fetch/push.https://lab.nexedi.com/jerome/gitlab-ce/-/commit/7a97260f351c603f64a1094f5f4b9e26545f745fNXD Make HTTP to be the default clone protocol2016-10-06T15:14:11+03:00Kirill Smelkovkirr@nexedi.com
Both fetch and push are possible over https, which is selected by http if
gitlab was configured to use https in external url.
This way to reduce security vectors and possible ways to interact with gitlab
we use https only without ssh at all.https://lab.nexedi.com/jerome/gitlab-ce/-/commit/e0cdcf81c34950cc60bca145b86f724911aaab57NXD GitLab Nexedi Edition2016-10-06T15:14:11+03:00Kirill Smelkovkirr@nexedi.com
= GitLab Community Edition + Nexedi patcheshttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/52fab19a0a82f8a9136d3e2db818e3c52db5b5d8Update VERSION to 8.8.92016-08-19T17:50:11-05:00Robert Speicherrspeicher@gmail.comhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/70ee364074ae9217a6e1566f7a005b36f998b7d4Merge branch 'rs-update-doorkeeper' into 'master'2016-08-19T16:07:21-05:00Robert Speicherrobert@gitlab.com
Update doorkeeper to 4.2.0
Changelog: <a href="https://git.io/v6PnV" rel="nofollow noreferrer noopener" target="_blank">https://git.io/v6PnV</a>
See merge request !5881
(cherry picked from commit <a href="/tatuya/gitlab-ce/-/commit/c5aa31c83145366d88ce6d8d91e68467cf5baed4" data-original="c5aa31c83145366d88ce6d8d91e68467cf5baed4" data-link="false" data-link-reference="false" data-project="646" data-commit="c5aa31c83145366d88ce6d8d91e68467cf5baed4" data-reference-type="commit" data-container="body" data-placement="top" data-html="true" title="Merge branch 'rs-update-doorkeeper' into 'master'" class="gfm gfm-commit has-tooltip">c5aa31c8</a>)https://lab.nexedi.com/jerome/gitlab-ce/-/commit/01d6ce4a02b0cbbb106e7248591eee5c66a3c9e7Update VERSION to 8.8.82016-08-16T13:42:09-05:00Robert Speicherrspeicher@gmail.comhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/a6902b489b1910363624bec4818219064049da2bUpdate CHANGELOG for Rails 4.2.7.1 upgrade2016-08-16T12:16:30-05:00Robert Speicherrspeicher@gmail.com
[ci skip]https://lab.nexedi.com/jerome/gitlab-ce/-/commit/907fe663efdb438737b3e94a1b74765ccb8c39b1Merge branch 'rails-4-2-7-1' into 'master'2016-08-15T13:11:21-05:00Robert Speicherrobert@gitlab.com
Upgrade Rails to 4.2.7.1 for security fixes.
Upgrades Rails from 4.2.7 to 4.2.7.1 for security fixes.
For more information: <a href="http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/" rel="nofollow noreferrer noopener" target="_blank">http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/</a>
This should be backported to all currently-supported releases.
See merge request !5781https://lab.nexedi.com/jerome/gitlab-ce/-/commit/cec10c85df87c5b9705420a08a6df5655878babbUpdate VERSION to 8.8.72016-06-30T17:12:27-04:00Robert Speicherrspeicher@gmail.comhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/2d1166d80360db950d1d3ec5256b7d3a47ff10e8Merge branch '18033-private-repo-mentions' into 'master'2016-06-30T14:47:17-04:00Douwe Maandouwe@gitlab.com
Ensure logged-out users can't see private refs
<a href="https://gitlab.com/gitlab-org/gitlab-ce/issues/18033" rel="nofollow noreferrer noopener" target="_blank">https://gitlab.com/gitlab-org/gitlab-ce/issues/18033</a>
I'm still not sure what to do about the CHANGELOG on security issues - should I add to a patch release? This issue was assigned to 8.10.
See merge request !1974
(cherry picked from commit <a href="/tatuya/gitlab-ce/-/commit/3a6ebb1fd624c216a4ce65380e64072793b7ccda" data-original="3a6ebb1fd624c216a4ce65380e64072793b7ccda" data-link="false" data-link-reference="false" data-project="646" data-commit="3a6ebb1fd624c216a4ce65380e64072793b7ccda" data-reference-type="commit" data-container="body" data-placement="top" data-html="true" title="Merge branch '18033-private-repo-mentions' into 'master'" class="gfm gfm-commit has-tooltip">3a6ebb1f</a>)https://lab.nexedi.com/jerome/gitlab-ce/-/commit/96b6fb1a3d34ff6f5ebd0e1fec660ba47b376615Merge branch '19312-confidential-issue' into 'master'2016-06-30T14:39:20-04:00Douwe Maandouwe@gitlab.com
Fix privilege escalation issue with OAuth external users
Related to <a href="https://gitlab.com/gitlab-org/gitlab-ce/issues/19312" rel="nofollow noreferrer noopener" target="_blank">https://gitlab.com/gitlab-org/gitlab-ce/issues/19312</a>
This MR fixes a privilege escalation issue, where manually set external users would be reverted back to internal users if they logged in via OAuth and that provider was not in the `external_providers` list.
/cc @douwe
See merge request !1975
(cherry picked from commit <a href="/tatuya/gitlab-ce/-/commit/5e6342b7ac08b4b37b233cad54f4aeaf0144b977" data-original="5e6342b7ac08b4b37b233cad54f4aeaf0144b977" data-link="false" data-link-reference="false" data-project="646" data-commit="5e6342b7ac08b4b37b233cad54f4aeaf0144b977" data-reference-type="commit" data-container="body" data-placement="top" data-html="true" title="Merge branch '19312-confidential-issue' into 'master'" class="gfm gfm-commit has-tooltip">5e6342b7</a>)https://lab.nexedi.com/jerome/gitlab-ce/-/commit/9c43e624bc9c9d8c0e0b09650208bc72858fb765Update VERSION to 8.8.62016-06-27T18:26:35-04:00Robert Speicherrspeicher@gmail.comhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/2dafc49e2a4992cb0457714345f9fb7581533245Merge branch 'fix-18997' into 'master'2016-06-27T16:43:13-04:00Robert Speicherrobert@gitlab.com
Fix visibility of snippets when searching
Fixes <a href="https://gitlab.com/gitlab-org/gitlab-ce/issues/18997" rel="nofollow noreferrer noopener" target="_blank">https://gitlab.com/gitlab-org/gitlab-ce/issues/18997</a>
See merge request !1972
(cherry picked from commit <a href="/tatuya/gitlab-ce/-/commit/8a197c15d453de619fbe8aaebfe9e29b82eb873c" data-original="8a197c15d453de619fbe8aaebfe9e29b82eb873c" data-link="false" data-link-reference="false" data-project="646" data-commit="8a197c15d453de619fbe8aaebfe9e29b82eb873c" data-reference-type="commit" data-container="body" data-placement="top" data-html="true" title="Merge branch 'fix-18997' into 'master'" class="gfm gfm-commit has-tooltip">8a197c15</a>)https://lab.nexedi.com/jerome/gitlab-ce/-/commit/4c80039c48ffcf2ab2bcb21b62a9a5c0d257c59aMerge branch 'update-omniauth-saml' into 'master'2016-06-27T16:31:56-04:00Stan Hustanhu@gmail.com
Update omniauth-saml to 1.6.0 to address a security vulnerability in ruby-saml
Updates `omniauth-saml` to bring in the new `ruby-saml` dependency that addresses [CVE-2016-5697](<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5697" rel="nofollow noreferrer noopener" target="_blank">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5697</a>)
Fixes #19206
See merge request !4951
(cherry picked from commit <a href="/jerome/gitlab-ce/-/commit/c3a8b252cdf569729e5e1e8e0614b4d2e5226371" data-original="c3a8b252cdf569729e5e1e8e0614b4d2e5226371" data-link="false" data-link-reference="false" data-project="852" data-commit="c3a8b252cdf569729e5e1e8e0614b4d2e5226371" data-reference-type="commit" data-container="body" data-placement="top" data-html="true" title="Merge branch 'update-omniauth-saml' into 'master'" class="gfm gfm-commit has-tooltip">c3a8b252</a>)https://lab.nexedi.com/jerome/gitlab-ce/-/commit/68cd1382e5b9239c3101ef4aff3c52739832f3e3Update VERSION to 8.8.52016-06-15T03:41:18+02:00Tomasz Maczukintomasz@maczukin.plhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/ea13df6dd933a0b43fa648ca26781ca9ad5a0c2bMerge branch '18535-confidential-issue-notes' into 'master'2016-06-15T00:03:17+02:00Robert Speicherrobert@gitlab.com
Only show notes through JSON on confidential issues that the user has access to
Fixes <a href="https://gitlab.com/gitlab-org/gitlab-ce/issues/18535" rel="nofollow noreferrer noopener" target="_blank">https://gitlab.com/gitlab-org/gitlab-ce/issues/18535</a>
See merge request !1970https://lab.nexedi.com/jerome/gitlab-ce/-/commit/778185a81aaf1596f1e6e118c434487e40aad2d6Update CHANGELOG for 8.8.52016-06-14T22:33:41+02:00Tomasz Maczukintomasz@maczukin.plhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/2da3f392580771d94c8703106690b170f421ae34Merge branch '17298-wiki-xss' into 'master'2016-06-14T22:26:03+02:00Robert Speicherrobert@gitlab.com
Forbid scripting for wiki files
Wiki files (not pages - files in the repo) are just sent to the browser
with whatever content-type the mime_types gem assigns to them based on
their extension. As this is from the same domain as the GitLab
application, this is an XSS vulnerability.
Set a CSP forbidding all sources for scripting, CSS, XHR, etc. on these
files.
Fixes <a href="https://gitlab.com/gitlab-org/gitlab-ce/issues/17298" rel="nofollow noreferrer noopener" target="_blank">https://gitlab.com/gitlab-org/gitlab-ce/issues/17298</a>.
See merge request !1969https://lab.nexedi.com/jerome/gitlab-ce/-/commit/6a5139276352d7fcb10dc9a3a0f89d676799e894Merge branch 'fix/unauthorized-access-to-build-data' into 'master'2016-06-14T22:25:10+02:00Douwe Maandouwe@gitlab.com
Remove 'unscoped' from project builds selection
This is a fix for this security bug: <a href="https://gitlab.com/gitlab-org/gitlab-ce/issues/18188" rel="nofollow noreferrer noopener" target="_blank">https://gitlab.com/gitlab-org/gitlab-ce/issues/18188</a>
/cc @kamil @grzegorz @stanhu
See merge request !1968https://lab.nexedi.com/jerome/gitlab-ce/-/commit/767d3223fc9ce1513274ce6fc3ab7eb3d7c7349cMerge branch 'fix/incremental-trace-update-api' into 'master'2016-06-14T22:20:57+02:00Rémy Coutableremy@rymai.me
Fix UTF-8 handling in incremental trace update API
## What does this MR do?
This MR fixes invalid UTF-8 handling in incremental trace update API (used by GitLab Runner).
## Why was this MR needed?
Current version is using `.length` method to determine current trace size where Runner is using the trace size in bytes. Also this byte size is used in headers and file operations to agree the trace part to send. This is a problem when build trace contains any multi-byte UTF-8 characters. This MR is fixing this situation so all parts are using the same size in bytes.
### Runner -> API communication before fix:
```
Checking for builds... received runner=_token_
gitlab-ci-multi-runner 1.3.0~beta.26.gcfd63b9 (cfd63b9) build=25 runner=_token_
Using Docker executor with image debian:jessie ... build=25 runner=_token_
Pulling docker image debian:jessie ... build=25 runner=_token_
25 Submitting build to coordinator... ok runner=_token_
25 Appending trace to coordinator... ok RemoteRange=0-158 RemoteState=running ResponseMessage=202 Accepted ResponseStatusCode=202 SentRange=0-158 runner=_token_
25 Appending trace to coordinator... ok RemoteRange=0-491 RemoteState=running ResponseMessage=202 Accepted ResponseStatusCode=202 SentRange=158-505 runner=_token_
WARNING: 25 Appending trace to coordinator... range missmatch RemoteRange=0-491 RemoteState= ResponseMessage=416 Requested Range Not Satisfiable ResponseStatusCode=416 SentRange=505-584 runner=_token_
WARNING: 25 Resending trace patch due to range missmatch runner=_token_
25 Appending trace to coordinator... ok RemoteRange=0-556 RemoteState=running ResponseMessage=202 Accepted ResponseStatusCode=202 SentRange=491-584 runner=_token_
WARNING: 25 Appending trace to coordinator... range missmatch RemoteRange=0-556 RemoteState= ResponseMessage=416 Requested Range Not Satisfiable ResponseStatusCode=416 SentRange=584-663 runner=_token_
WARNING: 25 Resending trace patch due to range missmatch runner=_token_
25 Appending trace to coordinator... ok RemoteRange=0-621 RemoteState=running ResponseMessage=202 Accepted ResponseStatusCode=202 SentRange=556-663 runner=_token_
Build succeeded build=25 runner=_token_
WARNING: 25 Appending trace to coordinator... range missmatch RemoteRange=0-621 RemoteState= ResponseMessage=416 Requested Range Not Satisfiable ResponseStatusCode=416 SentRange=663-797 runner=_token_
WARNING: 25 Resending trace patch due to range missmatch runner=_token_
25 Appending trace to coordinator... ok RemoteRange=0-741 RemoteState=running ResponseMessage=202 Accepted ResponseStatusCode=202 SentRange=621-797 runner=_token_
25 Submitting build to coordinator... ok runner=_token_
```
### Runner -> API communication after fix:
```
Checking for builds... received runner=_token_
gitlab-ci-multi-runner 1.3.0~beta.26.gcfd63b9 (cfd63b9) build=26 runner=_token_
Using Docker executor with image debian:jessie ... build=26 runner=_token_
Pulling docker image debian:jessie ... build=26 runner=_token_
26 Submitting build to coordinator... ok runner=_token_
26 Appending trace to coordinator... ok RemoteRange=0-158 RemoteState=running ResponseMessage=202 Accepted ResponseStatusCode=202 SentRange=0-158 runner=_token_
26 Appending trace to coordinator... ok RemoteRange=0-505 RemoteState=running ResponseMessage=202 Accepted ResponseStatusCode=202 SentRange=158-505 runner=_token_
26 Appending trace to coordinator... ok RemoteRange=0-584 RemoteState=running ResponseMessage=202 Accepted ResponseStatusCode=202 SentRange=505-584 runner=_token_
26 Appending trace to coordinator... ok RemoteRange=0-663 RemoteState=running ResponseMessage=202 Accepted ResponseStatusCode=202 SentRange=584-663 runner=_token_
Build succeeded build=26 runner=_token_
26 Submitting build to coordinator... ok runner=_token_
```
See merge request !4541https://lab.nexedi.com/jerome/gitlab-ce/-/commit/b6f28a177ede2fcd0ab746efee770a2c7a6f62aeMerge branch 'gh-disable-webhooks' into 'master'2016-06-14T22:20:15+02:00Douwe Maandouwe@gitlab.com
Check if GitHub rate limite API was reached before update Webhooks
## What does this MR do?
Checks if the job needs to sleep, and wait for the rate limit to be reseted before update each Webhook.
## Are there points in the code the reviewer needs to double check?
No.
## Why was this MR needed?
The import process can fail if the API rate limit was reached during the import process.
## What are the relevant issue numbers?
<a href="https://gitlab.com/gitlab-org/gitlab-ce/issues/17498" rel="nofollow noreferrer noopener" target="_blank">https://gitlab.com/gitlab-org/gitlab-ce/issues/17498</a>
## Screenshots (if relevant)
Not relevant.
See merge request !4509https://lab.nexedi.com/jerome/gitlab-ce/-/commit/520a57a10537ba174f69faf763478a8e5a4603a6Merge branch 'saml-ldap-link-flow' into 'master'2016-06-14T22:19:41+02:00Douwe Maandouwe@gitlab.com
Adjust the SAML control flow to allow LDAP identities to be added to an existing SAML user.
It correctly lets an existing SAML user to add their LDAP identity automatically at login.
A customer had issues with the `auto_link_ldap_user` feature. The flow was not working if there was an account with a SAML identity, but no LDAP identity. GitLab would pick up the correct LDAP person, but due to the order of the flow, that LDAP person was never associated with the user.
Fixes #17346
/cc @dblessing @balameb @stanhu
See merge request !4498https://lab.nexedi.com/jerome/gitlab-ce/-/commit/6e23d642ddb00f7eb05aa74ba666802b398ee39bMerge branch 'gh-fix-comments-on-diff'2016-06-14T22:15:52+02:00Douwe Maandouwe@selenight.nlhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/212ebdfb413de6c53b64e889af2cdf50e6bb9434Merge branch 'gh-disable-webhooks'2016-06-14T22:14:20+02:00Douwe Maandouwe@selenight.nlhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/a834be61eb3d5698fe298eabd8758ef0b861a332Merge branch 'todos-filter-project-delete' into 'master'2016-06-14T22:14:16+02:00Douwe Maandouwe@gitlab.com
Ensure we don't show TODOS for projects pending delete
Joins the todos on the projects table in order to run the default scope. Also includes a where clause because the default scope is being removed soon.
An alternative approach, more like the Issues page, would be to filter down the list by passing user.authorized_projects into the where clause.
Or we could just be more defensive in the view when iterating.
Todos page throws 500 error for users with todos in a project pending deletion.
Fixes <a href="https://gitlab.com/gitlab-org/gitlab-ce/issues/17813" rel="nofollow noreferrer noopener" target="_blank">https://gitlab.com/gitlab-org/gitlab-ce/issues/17813</a>
cc\ @stanhu
See merge request !4300https://lab.nexedi.com/jerome/gitlab-ce/-/commit/b240450845e5d8f6d0c1012f9df75efb79946d5eMerge branch 'gh-rate-limit'2016-06-14T22:13:29+02:00Douwe Maandouwe@selenight.nlhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/9c5b68a8dec691cb3bbeaeca6348ea55dcbb003fUpdate CHANGELOG for 8.8.42016-06-09T18:41:56-04:00Robert Speicherrspeicher@gmail.com
[ci skip]https://lab.nexedi.com/jerome/gitlab-ce/-/commit/d4c3f1735dae9963d6ee58e51f9a0c23776ffd79Update VERSION to 8.8.42016-06-09T16:46:53-04:00Robert Speicherrspeicher@gmail.comhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/00cae51eda9b92f66fc3be6193a3d751d832f261Merge branch 'rs-fix-ldap-2fa-login' into 'master'2016-06-09T14:53:12-04:00Robert Speicherrobert@gitlab.com
Fix 2FA-based login for LDAP users
The OTP input form is shared by both LDAP and standard logins, but when
coming from an LDAP-based form, the form parameters aren't nested in a
Hash based on the `resource_name` value.
Now we check for a nested `remember_me` parameter and use that if it
exists, or fall back to the non-nested parameters if it doesn't.
Somewhat confusingly, the OTP input form _does_ nest parameters under
the `resource_name`, regardless of what type of login we're coming from,
so that allows everything else to work as normal.
Closes <a href="https://gitlab.com/gitlab-org/gitlab-ce/issues/18185" rel="nofollow noreferrer noopener" target="_blank">https://gitlab.com/gitlab-org/gitlab-ce/issues/18185</a>
See merge request !4493https://lab.nexedi.com/jerome/gitlab-ce/-/commit/374d212b054fdec8ed2a180ed24e63ca3cf88fa5Update VERSION to 8.8.32016-06-02T14:43:27-04:00Robert Speicherrspeicher@gmail.comhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/cde5625d72562e725a5b526f12f4eb656d454760Update CHANGELOG for 8.8.32016-06-02T13:21:59-04:00Robert Speicherrspeicher@gmail.comhttps://lab.nexedi.com/jerome/gitlab-ce/-/commit/ca24ea5241f083bb399c635795c636240d7bf8aeMerge branch 'issue_18102' into 'master'2016-06-02T13:17:17-04:00Robert Speicherrobert@gitlab.com
Fixes missing number on generated ordered list
Closes #18102
See merge request !4437https://lab.nexedi.com/jerome/gitlab-ce/-/commit/e8e4dbc179df229a170479bf30178bc29da752a8Merge branch 'fix-inline-filter-speed' into 'master'2016-06-02T16:56:42+02:00Stan Hustanhu@gmail.com
Fix serious performance bug with rendering Markdown with InlineDiffFilter
Nokogiri's `node.replace` was being unnecessarily called for every text node in
the document due to a comparison bug. The code previously was comparing the
HTML representation of the full document against the text node, which would
always fail. Fix the comparison to just compare the modified text.
Closes #18011
See merge request !4392