An error occurred fetching the project authors.
- 13 Jul, 2016 3 commits
-
-
Douglas Barbosa Alexandre authored
-
Timothy Andrew authored
-
Mathias Vestergaard authored
- Cherry-picked from `mvestergaard:branch-protection-dev-merge` - https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4220
-
- 12 Jul, 2016 12 commits
-
-
Annabel Dunstone authored
-
Robert Speicher authored
[ci skip]
-
Annabel Dunstone authored
-
Sean McGivern authored
-
Jacob Vosmaer authored
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/17877 . This change adds 'defense in depth' against 'Host' HTTP header injection. It affects normal users in the following way. Suppose your GitLab server has IP address 1.2.3.4 and hostname gitlab.example.com. Currently, if you enter 1.2.3.4 in your browser, you get redirected to 1.2.3.4/users/sign_in. After this change, you get redirected from 1.2.3.4 to gitlab.example.com/users/sign_in. This is because the address you typed in the address bar of your browser ('1.2.3.4'), which gets stored in the 'Host' header, is now being overwritten to 'gitlab.example.com' in NGINX. In this change we also make NGINX clear the 'X-Forwarded-Host' header because Ruby on Rails also uses that header the same wayas the 'Host' header. We think that for most GitLab servers this is the right behavior, and if not then administrators can change this behavior themselves at the NGINX level.
-
Paco Guzman authored
-
Valery Sizov authored
-
Douglas Barbosa Alexandre authored
-
Paco Guzman authored
-
Stan Hu authored
Due to a stale NFS cache, it's possible that a branch lookup fails while `git gc` is running and causes missing branches in merge requests. Possible workaround for #15392
-
Paco Guzman authored
-
Paco Guzman authored
-
- 11 Jul, 2016 11 commits
-
-
Douwe Maan authored
-
Stan Hu authored
have been fully redacted and contain cross-project references. The previous implementation relied on Note#cross_reference_not_visible_for?, which essentially tries to render all the Markdown references in a system note and only displays the note if the user can see the referring project. But this duplicated the work that Banzai::NotesRenderer was doing already. Instead, for each note we render, we memoize the number of visible user references and use it later if it is available. Improves #19273
-
Jacob Schatz authored
-
Robert Speicher authored
[ci skip]
-
Rasim Demirbay authored
-
Ben Boeckel authored
Workflows which use a bot to merge should remove branches if requested. Expose the flag so that bots can request know this.
-
DJ Mountney authored
This allows us to drop our disable email config override
-
James Lopez authored
-
James Lopez authored
squashed - refactor to cope with sub sub N relations probably using the sub_relations method recursively.
-
Ben Boeckel authored
It is already part of ProjectEntity.
-
winniehell authored
-
- 10 Jul, 2016 1 commit
-
-
Douwe Maan authored
-
- 09 Jul, 2016 1 commit
-
-
Ingo Blechschmidt authored
-
- 08 Jul, 2016 9 commits
-
-
Yorick Peterse authored
This caches various queries to ensure that multiple reference extraction runs re-use any objects queried in previous runs.
-
Connor Shea authored
No longer shows New Snippet button to users who aren't able to create a new snippet in the given context. Also removes the plus icon from the New Snippet buttons, as they're no longer used in other creation buttons. Fixes #14595.
-
Andrey Krivko authored
-
Robert Schilling authored
-
Paco Guzman authored
-
Sean McGivern authored
When rendering a list of diff files, skip those where the diff is over 10 KB and provide an endpoint to render individually instead.
-
Robert Schilling authored
-
Paco Guzman authored
-
Robert Speicher authored
This reverts commit bf2a86b7.
-
- 07 Jul, 2016 3 commits
-
-
Robert Speicher authored
This reverts commit 68155ee7, reversing changes made to 7ebd011e.
-
Sean McGivern authored
If the Sidekiq job fails for some reason, a project can be 'stuck' pending deletion. The project can't be viewed, so it shouldn't be available through the notification settings association as this will throw an exception when we try to show the link.
-
Alfredo Sumaran authored
-