CHANGELOG 4.14 KB
Newer Older
1 2
v2.6.4
  - Remove keys from authorized_keys in-place
3 4 5
v2.6.3
  - Prevent keys with a very specific comment from accidentally being deleted.

6 7
v2.6.2
  - Include ecdsa keys in `gitlab_keys list-keys`.
8
  - Refactor logic around GL_ID
9

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
10 11 12
v2.6.1
  - Write errors to stderr to get git to abort and show them as such.

13
v2.6.0
14 15
  - Prevent character encoding issues by sending received changes as raw data.

16 17 18
v2.5.4
  - Remove recursive commands from bin/install

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
19 20 21
v2.5.3
  - Improve git-annex integration

22 23 24
v2.5.2
  - Safer line sub for git-annex command

25 26 27
v2.5.1
  - Expect broadcast message to return empty JSON if no message now

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
28
v2.5.0
29
  - Support git-annex tool (disabled by default)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
30
  - Add rubocop (Ruby static code analyzer) for development
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
31

32 33 34
v2.4.3
  - Print broadcast message if one is available

35 36 37
v2.4.2
  - Pass git changes list as string instead of array

Valery Sizov's avatar
Valery Sizov committed
38 39 40
v2.4.1
  - Access token masking in url before loging

41
v2.4.0
Valery Sizov's avatar
Valery Sizov committed
42
  - Show error message when git push is rejected
43

44 45 46
v2.2.0
  - Support for custom hooks (Drew Blessing and Jose Kahan)

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
47 48 49
v2.1.0
  - Use secret token with GitLab internal API. Requires GitLab 7.5 or higher

50 51 52
v2.0.1
  - Send post-receive changes to redis as a string instead of array 

53 54
v2.0.0
  - Works with GitLab v7.3+
Job van der Voort's avatar
Job van der Voort committed
55
  - Replace raise with abort when checking path to prevent path exposure
56
  - Handle invalid number of arguments on remote commands
57
  - Replace update hook with pre-receive and post-receive hooks. 
58
  - Symlink the whole hooks directory
59
  - Ignore missing repositories in create-hooks
60
  - Connect to Redis via sockets by default
Job van der Voort's avatar
Job van der Voort committed
61

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
62 63 64
v1.9.7
  - Increased test coverage
  - By default use direct unicorn connection (localhost:8080)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
65
  - Fix wrong repo path send to GitLab by GitlabUpdate hook
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
66

67 68 69
v1.9.6
  - Explicitly require 'timeout' from the standard library

70 71
v1.9.5
  - Put authorized_keys.lock in the same directory as authorized_keys
72
  - Use lock file when add new entries to authorized_keys
73

74 75 76
v1.9.4
  - Use lock file when modify authorized_keys

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
77 78 79
v1.9.3
  - Ignore force push detection for new branch or branch remove push

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
80 81 82
v1.9.2
  - Add support for force push detection 

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
83 84 85
v1.9.1
  - Update hook sends branch and tag name 

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
86 87 88 89
v1.9.0
  - Call api in update hook for both ssdh and http push. Requires GitLab 6.7+
  - Pass oldrev and newrev to api.allowed?

90 91 92
v1.8.5
  - Add `gitlab-keys batch-add-keys` subcommand for authorized_keys rebuilds

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
93 94 95
v1.8.4
  - Dont do import if repository exists

96 97 98
v1.8.3
  - Add timeout option for repository import

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
99 100 101
v1.8.2
  - Fix broken 1.8.1

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
102 103 104 105 106
v1.8.1
  - Restrict Environment Variables
  - Add bin/create-hooks command
  - More safe shell execution

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
107 108 109
v1.8.0
  - Fix return values in GitlabKeys

Dmitriy Zaporozhets's avatar
1.7.9  
Dmitriy Zaporozhets committed
110 111 112
v1.7.9
  - Fix escape of repository path for custom ssh port

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
113
v1.7.8
Jacob Vosmaer's avatar
Jacob Vosmaer committed
114
  - Escape repository path to prevent relative links (CVE-2013-4583)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
115 116

v1.7.7
Jacob Vosmaer's avatar
Jacob Vosmaer committed
117 118
  - Separate options from arguments with -- (CVE-2013-4582)
  - Bypass shell and use stdlib JSON for GitlabUpdate (CVE-2013-4581)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
119

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
120 121 122
v1.7.6
  - Fix gitlab-projects update-head for improted repo when branch exists but not listed in refs/head

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
123 124 125
v1.7.5
  - Remove keys from authorized_keys using ruby instead of shell

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
126
v1.7.4
Jacob Vosmaer's avatar
Jacob Vosmaer committed
127
  - More protection against shell injection (CVE-2013-4546)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
128

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
129
v1.7.3
Jacob Vosmaer's avatar
Jacob Vosmaer committed
130
  - Use Kernel#open to append lines to authorized_keys (CVE-2013-4490)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
131

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
132 133 134
v1.7.2
  - More safe command execution

135 136 137
v1.7.1
  - Fixed issue when developers are able to push to protected branches that contain a '/' in the branch name.

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
138 139 140
v1.7.0
  - Clean authorized_keys file with `gitlab-keys clear`

141 142 143 144
v1.6.0
  - Create branch/tag functionality
  - Remove branch/tag functionality

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
145 146 147 148 149 150
v1.5.0
  - Logger
  - Ability to specify ca_file/ca_path
  - Update-head command for project
  - Better regexp for key_id inside shell

151 152 153
v1.4.0
  - Regex used in rm-key command was too lax

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
154 155 156
v1.3.0
  - Fork-project command
  - Custom redis configuration
Akzhan Abdulin's avatar
Akzhan Abdulin committed
157 158
  - Interpret login with deploy key as anonymous one

159 160
v1.2.0
  - Return non-zero result if gitlab-projects and gitlab-keys execution was not successful
Akzhan Abdulin's avatar
Akzhan Abdulin committed
161
  - http_settings configuration option added
162

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
163 164 165 166
v1.1.0
  - added mv-project feature
  - increased test coverage

167
v1.0.4
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
168
  - requires gitlab c9ca15e
Johannes Schleifenbaum's avatar
Johannes Schleifenbaum committed
169
  - don't use post-receive file any more. Make all updates in update
170 171
  - fixed issue with invalid GL_USER
  - use GL_ID instead of GL_USER