Commit 5b51129e authored by GitLab Bot's avatar GitLab Bot

Add latest changes from gitlab-org/gitlab@master

parent 71da67f3
...@@ -1294,10 +1294,6 @@ class Project < ApplicationRecord ...@@ -1294,10 +1294,6 @@ class Project < ApplicationRecord
@monitoring_service ||= monitoring_services.reorder(nil).find_by(active: true) @monitoring_service ||= monitoring_services.reorder(nil).find_by(active: true)
end end
def jira_tracker?
issues_tracker.to_param == 'jira'
end
def avatar_in_git def avatar_in_git
repository.avatar repository.avatar
end end
...@@ -1606,10 +1602,6 @@ class Project < ApplicationRecord ...@@ -1606,10 +1602,6 @@ class Project < ApplicationRecord
end end
end end
def jira_tracker_active?
jira_tracker? && jira_service.active
end
def allowed_to_share_with_group? def allowed_to_share_with_group?
!namespace.share_with_group_lock !namespace.share_with_group_lock
end end
......
...@@ -5,7 +5,7 @@ class InsertCiPipelineSchedulesPlanLimits < ActiveRecord::Migration[6.0] ...@@ -5,7 +5,7 @@ class InsertCiPipelineSchedulesPlanLimits < ActiveRecord::Migration[6.0]
DOWNTIME = false DOWNTIME = false
def change def up
return unless Gitlab.com? return unless Gitlab.com?
create_or_update_plan_limit('ci_pipeline_schedules', 'free', 10) create_or_update_plan_limit('ci_pipeline_schedules', 'free', 10)
......
...@@ -17,7 +17,7 @@ services. ...@@ -17,7 +17,7 @@ services.
[GitLab Omnibus can help you install Grafana (recommended)](https://docs.gitlab.com/omnibus/settings/grafana.html) [GitLab Omnibus can help you install Grafana (recommended)](https://docs.gitlab.com/omnibus/settings/grafana.html)
or Grafana supplies package repositories (Yum/Apt) for easy installation. or Grafana supplies package repositories (Yum/Apt) for easy installation.
See [Grafana installation documentation](https://grafana.com/docs/installation/) See [Grafana installation documentation](https://grafana.com/docs/grafana/latest/installation/)
for detailed steps. for detailed steps.
NOTE: **Note:** NOTE: **Note:**
...@@ -152,13 +152,13 @@ However, you should **not** reinstate your old data _except_ under one of the fo ...@@ -152,13 +152,13 @@ However, you should **not** reinstate your old data _except_ under one of the fo
If you require access to your old Grafana data but do not meet one of these criteria, you may consider: If you require access to your old Grafana data but do not meet one of these criteria, you may consider:
1. Reinstating it temporarily. 1. Reinstating it temporarily.
1. [Exporting the dashboards](https://grafana.com/docs/reference/export_import/#exporting-a-dashboard) you need. 1. [Exporting the dashboards](https://grafana.com/docs/grafana/latest/reference/export_import/#exporting-a-dashboard) you need.
1. Refreshing the data and [re-importing your dashboards](https://grafana.com/docs/reference/export_import/#importing-a-dashboard). 1. Refreshing the data and [re-importing your dashboards](https://grafana.com/docs/grafana/latest/reference/export_import/#importing-a-dashboard).
DANGER: **Danger:** DANGER: **Danger:**
This poses a temporary vulnerability while your old Grafana data is in use and the decision to do so should be weighed carefully with your need to access existing data and dashboards. This poses a temporary vulnerability while your old Grafana data is in use and the decision to do so should be weighed carefully with your need to access existing data and dashboards.
For more information and further mitigation details, please refer to our [blog post on the security release](https://about.gitlab.com/blog/2019/08/12/critical-security-release-gitlab-12-dot-1-dot-6-released/). For more information and further mitigation details, please refer to our [blog post on the security release](https://about.gitlab.com/releases/2019/08/12/critical-security-release-gitlab-12-dot-1-dot-6-released/).
--- ---
......
...@@ -32,7 +32,7 @@ CAUTION: **Important:** ...@@ -32,7 +32,7 @@ CAUTION: **Important:**
OAuth specification advises sending the `state` parameter with each request to OAuth specification advises sending the `state` parameter with each request to
`/oauth/authorize`. We highly recommended sending a unique value with each request `/oauth/authorize`. We highly recommended sending a unique value with each request
and validate it against the one in the redirect request. This is important in and validate it against the one in the redirect request. This is important in
order to prevent [CSRF attacks](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)). order to prevent [CSRF attacks](https://wiki.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)).
The `state` parameter really should have been a requirement in the standard! The `state` parameter really should have been a requirement in the standard!
In the following sections you will find detailed instructions on how to obtain In the following sections you will find detailed instructions on how to obtain
......
# Pages API # Pages API
Endpoints for managing [GitLab Pages](https://about.gitlab.com/product/pages/). Endpoints for managing [GitLab Pages](https://about.gitlab.com/stages-devops-lifecycle/pages/).
The GitLab Pages feature must be enabled to use these endpoints. Find out more about [administering](../administration/pages/index.md) and [using](../user/project/pages/index.md) the feature. The GitLab Pages feature must be enabled to use these endpoints. Find out more about [administering](../administration/pages/index.md) and [using](../user/project/pages/index.md) the feature.
......
# Pages domains API # Pages domains API
Endpoints for connecting custom domain(s) and TLS certificates in [GitLab Pages](https://about.gitlab.com/product/pages/). Endpoints for connecting custom domain(s) and TLS certificates in [GitLab Pages](https://about.gitlab.com/stages-devops-lifecycle/pages/).
The GitLab Pages feature must be enabled to use these endpoints. Find out more about [administering](../administration/pages/index.md) and [using](../user/project/pages/index.md) the feature. The GitLab Pages feature must be enabled to use these endpoints. Find out more about [administering](../administration/pages/index.md) and [using](../user/project/pages/index.md) the feature.
......
...@@ -20,7 +20,7 @@ You'll create two different projects: ...@@ -20,7 +20,7 @@ You'll create two different projects:
- `simple-maven-dep`: the app built and deployed to Artifactory (see the [simple-maven-dep](https://gitlab.com/gitlab-examples/maven/simple-maven-dep) example project) - `simple-maven-dep`: the app built and deployed to Artifactory (see the [simple-maven-dep](https://gitlab.com/gitlab-examples/maven/simple-maven-dep) example project)
- `simple-maven-app`: the app using the previous one as a dependency (see the [simple-maven-app](https://gitlab.com/gitlab-examples/maven/simple-maven-app) example project) - `simple-maven-app`: the app using the previous one as a dependency (see the [simple-maven-app](https://gitlab.com/gitlab-examples/maven/simple-maven-app) example project)
We assume that you already have a GitLab account on [GitLab.com](https://gitlab.com/), and that you know the basic usage of Git and [GitLab CI/CD](https://about.gitlab.com/product/continuous-integration/). We assume that you already have a GitLab account on [GitLab.com](https://gitlab.com/), and that you know the basic usage of Git and [GitLab CI/CD](https://about.gitlab.com/stages-devops-lifecycle/continuous-integration/).
We also assume that an Artifactory instance is available and reachable from the internet, and that you have valid credentials to deploy on it. We also assume that an Artifactory instance is available and reachable from the internet, and that you have valid credentials to deploy on it.
## Create the simple Maven dependency ## Create the simple Maven dependency
...@@ -104,7 +104,7 @@ parameter in `.gitlab-ci.yml` to use the custom location instead of the default ...@@ -104,7 +104,7 @@ parameter in `.gitlab-ci.yml` to use the custom location instead of the default
### Configure GitLab CI/CD for `simple-maven-dep` ### Configure GitLab CI/CD for `simple-maven-dep`
Now it's time we set up [GitLab CI/CD](https://about.gitlab.com/product/continuous-integration/) to automatically build, test and deploy the dependency! Now it's time we set up [GitLab CI/CD](https://about.gitlab.com/stages-devops-lifecycle/continuous-integration/) to automatically build, test and deploy the dependency!
GitLab CI/CD uses a file in the root of the repo, named `.gitlab-ci.yml`, to read the definitions for jobs GitLab CI/CD uses a file in the root of the repo, named `.gitlab-ci.yml`, to read the definitions for jobs
that will be executed by the configured GitLab Runners. You can read more about this file in the [GitLab Documentation](../../yaml/README.md). that will be executed by the configured GitLab Runners. You can read more about this file in the [GitLab Documentation](../../yaml/README.md).
...@@ -233,7 +233,7 @@ Now you are ready to use the Artifactory repository to resolve dependencies and ...@@ -233,7 +233,7 @@ Now you are ready to use the Artifactory repository to resolve dependencies and
You need a last step to have everything in place: configure the `.gitlab-ci.yml` file for this project, as you already did for `simple-maven-dep`. You need a last step to have everything in place: configure the `.gitlab-ci.yml` file for this project, as you already did for `simple-maven-dep`.
You want to leverage [GitLab CI/CD](https://about.gitlab.com/product/continuous-integration/) to automatically build, test and run your awesome application, You want to leverage [GitLab CI/CD](https://about.gitlab.com/stages-devops-lifecycle/continuous-integration/) to automatically build, test and run your awesome application,
and see if you can get the greeting as expected! and see if you can get the greeting as expected!
All you need to do is to add the following `.gitlab-ci.yml` to the repo: All you need to do is to add the following `.gitlab-ci.yml` to the repo:
......
...@@ -58,7 +58,7 @@ However, anyone can contribute [documentation improvements](improvement-workflow ...@@ -58,7 +58,7 @@ However, anyone can contribute [documentation improvements](improvement-workflow
## Markdown and styles ## Markdown and styles
[GitLab docs](https://gitlab.com/gitlab-org/gitlab-docs) uses [GitLab Kramdown](https://gitlab.com/gitlab-org/gitlab_kramdown) [GitLab docs](https://gitlab.com/gitlab-org/gitlab-docs) uses [GitLab Kramdown](https://gitlab.com/gitlab-org/gitlab_kramdown)
as its Markdown rendering engine. See the [GitLab Markdown Guide](https://about.gitlab.com/handbook/product/technical-writing/markdown-guide/) for a complete Kramdown reference. as its Markdown rendering engine. See the [GitLab Markdown Guide](https://about.gitlab.com/handbook/engineering/ux/technical-writing/markdown-guide/) for a complete Kramdown reference.
Adhere to the [Documentation Style Guide](styleguide.md). If a style standard is missing, you are welcome to suggest one via a merge request. Adhere to the [Documentation Style Guide](styleguide.md). If a style standard is missing, you are welcome to suggest one via a merge request.
...@@ -523,7 +523,7 @@ A file with `proselint` configuration must be placed in a ...@@ -523,7 +523,7 @@ A file with `proselint` configuration must be placed in a
[markdownlint](https://github.com/DavidAnson/markdownlint) checks that Markdown [markdownlint](https://github.com/DavidAnson/markdownlint) checks that Markdown
syntax follows [certain rules](https://github.com/DavidAnson/markdownlint/blob/master/doc/Rules.md#rules), syntax follows [certain rules](https://github.com/DavidAnson/markdownlint/blob/master/doc/Rules.md#rules),
and is used by the [`docs-lint` test](#testing) with a [configuration file](#markdownlint-configuration). and is used by the [`docs-lint` test](#testing) with a [configuration file](#markdownlint-configuration).
Our [Documentation Style Guide](styleguide.md#markdown) and [Markdown Guide](https://about.gitlab.com/handbook/product/technical-writing/markdown-guide/) Our [Documentation Style Guide](styleguide.md#markdown) and [Markdown Guide](https://about.gitlab.com/handbook/engineering/ux/technical-writing/markdown-guide/)
elaborate on which choices must be made when selecting Markdown syntax for GitLab elaborate on which choices must be made when selecting Markdown syntax for GitLab
documentation. This tool helps catch deviations from those guidelines. documentation. This tool helps catch deviations from those guidelines.
......
...@@ -96,7 +96,7 @@ Having a knowledge base in any form that is separate from the documentation woul ...@@ -96,7 +96,7 @@ Having a knowledge base in any form that is separate from the documentation woul
All GitLab documentation is written using [Markdown](https://en.wikipedia.org/wiki/Markdown). All GitLab documentation is written using [Markdown](https://en.wikipedia.org/wiki/Markdown).
The [documentation website](https://docs.gitlab.com) uses GitLab Kramdown as its Markdown rendering engine. For a complete Kramdown reference, see the [GitLab Markdown Kramdown Guide](https://about.gitlab.com/handbook/product/technical-writing/markdown-guide/). The [documentation website](https://docs.gitlab.com) uses GitLab Kramdown as its Markdown rendering engine. For a complete Kramdown reference, see the [GitLab Markdown Kramdown Guide](https://about.gitlab.com/handbook/engineering/ux/technical-writing/markdown-guide/).
The [`gitlab-kramdown`](https://gitlab.com/gitlab-org/gitlab_kramdown) The [`gitlab-kramdown`](https://gitlab.com/gitlab-org/gitlab_kramdown)
Ruby gem will support all [GFM markup](../../user/markdown.md) in the future. That is, Ruby gem will support all [GFM markup](../../user/markdown.md) in the future. That is,
...@@ -890,7 +890,7 @@ of language classes available. ...@@ -890,7 +890,7 @@ of language classes available.
| `xml` | | | `xml` | |
| `yaml` | Alias: `yml`. | | `yaml` | Alias: `yml`. |
For a complete reference on code blocks, check the [Kramdown guide](https://about.gitlab.com/handbook/product/technical-writing/markdown-guide/#code-blocks). For a complete reference on code blocks, check the [Kramdown guide](https://about.gitlab.com/handbook/engineering/ux/technical-writing/markdown-guide/#code-blocks).
## GitLab SVG icons ## GitLab SVG icons
...@@ -1160,7 +1160,7 @@ introduced the change for reference. Also, they can easily understand what ...@@ -1160,7 +1160,7 @@ introduced the change for reference. Also, they can easily understand what
features they have in their GitLab instance and version, given that the note has features they have in their GitLab instance and version, given that the note has
some key information. some key information.
`[Introduced](link-to-issue) in [GitLab Premium](https://about.gitlab.com/pricing) 12.7` `[Introduced](link-to-issue) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.7`
links to the issue that introduced the feature, says which GitLab tier it links to the issue that introduced the feature, says which GitLab tier it
belongs to, says the GitLab version that it became available in, and links to belongs to, says the GitLab version that it became available in, and links to
the pricing page in case the user wants to upgrade to a paid tier the pricing page in case the user wants to upgrade to a paid tier
......
...@@ -91,7 +91,7 @@ the Product Manager and Technical Writer for a given issue: ...@@ -91,7 +91,7 @@ the Product Manager and Technical Writer for a given issue:
including: including:
- Documentation [Structure and template](structure.md) page. - Documentation [Structure and template](structure.md) page.
- [Style Guide](styleguide.md). - [Style Guide](styleguide.md).
- [Markdown Guide](https://about.gitlab.com/handbook/product/technical-writing/markdown-guide/). - [Markdown Guide](https://about.gitlab.com/handbook/engineering/ux/technical-writing/markdown-guide/).
- Contact the Technical Writer for the relevant [DevOps stage](https://about.gitlab.com/handbook/product/technical-writing/index.html#assignments) - Contact the Technical Writer for the relevant [DevOps stage](https://about.gitlab.com/handbook/product/technical-writing/index.html#assignments)
in your issue or merge request, or within `#docs` on GitLab Slack, if you: in your issue or merge request, or within `#docs` on GitLab Slack, if you:
- Need any help to choose the correct place for documentation. - Need any help to choose the correct place for documentation.
...@@ -408,7 +408,7 @@ To update GitLab documentation: ...@@ -408,7 +408,7 @@ To update GitLab documentation:
1. Follow the described standards and processes listed on the page, including: 1. Follow the described standards and processes listed on the page, including:
- The [Structure and template](structure.md) page. - The [Structure and template](structure.md) page.
- The [Style Guide](styleguide.md). - The [Style Guide](styleguide.md).
- The [Markdown Guide](https://about.gitlab.com/handbook/product/technical-writing/markdown-guide/). - The [Markdown Guide](https://about.gitlab.com/handbook/engineering/ux/technical-writing/markdown-guide/).
1. Follow GitLab's [Merge Request Guidelines](../contributing/merge_request_workflow.md#merge-request-guidelines). 1. Follow GitLab's [Merge Request Guidelines](../contributing/merge_request_workflow.md#merge-request-guidelines).
TIP: **Tip:** TIP: **Tip:**
......
# Secure Partner Integration - Onboarding Process # Secure Partner Integration - Onboarding Process
If you want to integrate your product with the [Secure Stage](https://about.gitlab.com/direction/secure), If you want to integrate your product with the [Secure Stage](https://about.gitlab.com/direction/secure/),
this page will help you understand the developer workflow GitLab intends for this page will help you understand the developer workflow GitLab intends for
our users to follow with regards to security results. These should be used as our users to follow with regards to security results. These should be used as
guidelines so you can build an integration that fits with the workflow GitLab guidelines so you can build an integration that fits with the workflow GitLab
...@@ -56,12 +56,12 @@ best place to integrate your own product and its results into GitLab. ...@@ -56,12 +56,12 @@ best place to integrate your own product and its results into GitLab.
This section describes the steps you need to complete to onboard as a partner This section describes the steps you need to complete to onboard as a partner
and complete an intgration with the Secure stage. and complete an intgration with the Secure stage.
1. Read about our [partnerships](https://about.gitlab.com/partners/integrate/index.md). 1. Read about our [partnerships](https://about.gitlab.com/partners/integrate/).
1. [Create an issue](https://gitlab.com/gitlab-com/alliances/alliances/issues/new?issuable_template=new_partner) 1. [Create an issue](https://gitlab.com/gitlab-com/alliances/alliances/issues/new?issuable_template=new_partner)
using our new partner issue template to begin the discussion. using our new partner issue template to begin the discussion.
1. Get a test account to begin developing your integration. You can 1. Get a test account to begin developing your integration. You can
request a [GitLab.com Gold Subscription Sandbox](https://about.gitlab.com/partners/integrate/index.md#gitlabcom-gold-subscription-sandbox-request) request a [GitLab.com Gold Subscription Sandbox](https://about.gitlab.com/partners/integrate/#gitlabcom-gold-subscription-sandbox-request)
or an [EE Developer License](https://about.gitlab.com/partners/integrate/index.md#requesting-ee-dev-license-for-rd). or an [EE Developer License](https://about.gitlab.com/partners/integrate/#requesting-ee-dev-license-for-rd).
1. Provide a [pipeline job](../../development/pipelines.md) 1. Provide a [pipeline job](../../development/pipelines.md)
template that users could integrate into their own GitLab pipelines. template that users could integrate into their own GitLab pipelines.
1. Create a report artifact with your pipeline jobs. 1. Create a report artifact with your pipeline jobs.
...@@ -72,12 +72,12 @@ and complete an intgration with the Secure stage. ...@@ -72,12 +72,12 @@ and complete an intgration with the Secure stage.
- Read about [job artifacts](../../user/project/pipelines/job_artifacts.md). - Read about [job artifacts](../../user/project/pipelines/job_artifacts.md).
- Your report artifact must be in one of our currently supported formats. - Your report artifact must be in one of our currently supported formats.
For more information, see the [documentation on reports](secure.md#report). For more information, see the [documentation on reports](secure.md#report).
- Documentation for [SAST reports](../../user/application_security/sast/index.md#reports-json-format). - Documentation for [SAST reports](../../user/application_security/sast/index.md#reports-json-format).
- Documentation for [Dependency Scanning reports](../../user/application_security/dependency_scanning/index.md#reports-json-format). - Documentation for [Dependency Scanning reports](../../user/application_security/dependency_scanning/index.md#reports-json-format).
- Documentation for [Container Scanning reports](../../user/application_security/container_scanning/index.md#reports-json-format). - Documentation for [Container Scanning reports](../../user/application_security/container_scanning/index.md#reports-json-format).
- See this [example secure job definition that also defines the artifact created](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml). - See this [example secure job definition that also defines the artifact created](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml).
- If you need a new kind of scan or report, [create an issue](https://gitlab.com/gitlab-org/gitlab/issues/new#) - If you need a new kind of scan or report, [create an issue](https://gitlab.com/gitlab-org/gitlab/issues/new#)
and add the label `devops::secure`. and add the label `devops::secure`.
- Once the job is completed, the data can be seen: - Once the job is completed, the data can be seen:
- In the [Merge Request Security Report](../../user/project/merge_requests/index.md#security-reports-ultimate) ([MR Security Report data flow](https://gitlab.com/snippets/1910005#merge-request-view)). - In the [Merge Request Security Report](../../user/project/merge_requests/index.md#security-reports-ultimate) ([MR Security Report data flow](https://gitlab.com/snippets/1910005#merge-request-view)).
- While [browsing a Job Artifact](../../user/project/pipelines/job_artifacts.md). - While [browsing a Job Artifact](../../user/project/pipelines/job_artifacts.md).
...@@ -87,17 +87,17 @@ and complete an intgration with the Secure stage. ...@@ -87,17 +87,17 @@ and complete an intgration with the Secure stage.
- To automatically create issues without user interaction, use the [issue API](../../api/issues.md). This will be replaced by [Standalone Vulnerabilities](https://gitlab.com/groups/gitlab-org/-/epics/634) in the future. - To automatically create issues without user interaction, use the [issue API](../../api/issues.md). This will be replaced by [Standalone Vulnerabilities](https://gitlab.com/groups/gitlab-org/-/epics/634) in the future.
1. Optional: Provide auto-remediation steps: 1. Optional: Provide auto-remediation steps:
- If you specified `remediations` in your artifact, it is proposed through our [auto-remediation](../../user/application_security/index.md#solutions-for-vulnerabilities-auto-remediation) - If you specified `remediations` in your artifact, it is proposed through our [auto-remediation](../../user/application_security/index.md#solutions-for-vulnerabilities-auto-remediation)
interface. interface.
1. Demo the integration to GitLab: 1. Demo the integration to GitLab:
- After you have tested and are ready to demo your integration please - After you have tested and are ready to demo your integration please
[reach out](https://about.gitlab.com/partners/integrate/index.md) to us. If you [reach out](https://about.gitlab.com/partners/integrate/) to us. If you
skip this step you won’t be able to do supported marketing. skip this step you won’t be able to do supported marketing.
1. Begin doing supported marketing of your GitLab integration. 1. Begin doing supported marketing of your GitLab integration.
- Work with our [partner team](https://about.gitlab.com/partners/integrate/index.md) - Work with our [partner team](https://about.gitlab.com/partners/integrate/)
to support your go-to-market as appropriate. to support your go-to-market as appropriate.
- Examples of supported marketing could include being listed on our [Security Partner page](https://about.gitlab.com/partners/index.md#security), - Examples of supported marketing could include being listed on our [Security Partner page](https://about.gitlab.com/partners/#security),
doing an [Unfiltered blog post](https://about.gitlab.com/handbook/marketing/blog/unfiltered/index.md), doing an [Unfiltered blog post](https://about.gitlab.com/handbook/marketing/blog/unfiltered/),
doing a co-branded webinar, or producing a co-branded whitepaper. doing a co-branded webinar, or producing a co-branded whitepaper.
If you have any issues while working through your integration or the steps If you have any issues while working through your integration or the steps
above, please create an issue to discuss with us further. above, please create an issue to discuss with us further.
...@@ -128,7 +128,7 @@ replica if its replication lag is low (e.g. WAL data behind by < 100 ...@@ -128,7 +128,7 @@ replica if its replication lag is low (e.g. WAL data behind by < 100
megabytes). megabytes).
More [details are in a blog More [details are in a blog
post](https://about.gitlab.com/2017/10/02/scaling-the-gitlab-database/). post](https://about.gitlab.com/blog/2017/10/02/scaling-the-gitlab-database/).
### PgBouncer ### PgBouncer
......
...@@ -6,7 +6,7 @@ These guidelines are meant to make your code more reliable _and_ secure. ...@@ -6,7 +6,7 @@ These guidelines are meant to make your code more reliable _and_ secure.
## References ## References
- [Google Ruby Security Reviewer's Guide](https://code.google.com/archive/p/ruby-security/wikis/Guide.wiki) - [Google Ruby Security Reviewer's Guide](https://code.google.com/archive/p/ruby-security/wikis/Guide.wiki)
- [OWASP Command Injection](https://www.owasp.org/index.php/Command_Injection) - [OWASP Command Injection](https://wiki.owasp.org/index.php/Command_Injection)
- [Ruby on Rails Security Guide Command Line Injection](https://guides.rubyonrails.org/security.html#command-line-injection) - [Ruby on Rails Security Guide Command Line Injection](https://guides.rubyonrails.org/security.html#command-line-injection)
## Use File and FileUtils instead of shell commands ## Use File and FileUtils instead of shell commands
......
...@@ -53,7 +53,7 @@ The GitLab QA end-to-end tests are organized by the different [stages in the Dev ...@@ -53,7 +53,7 @@ The GitLab QA end-to-end tests are organized by the different [stages in the Dev
> There may be sub-directories inside the stages directories, for different features. For example: `.../browser_ui/2_plan/ee_epics/` and `.../browser_ui/2_plan/issues/`. > There may be sub-directories inside the stages directories, for different features. For example: `.../browser_ui/2_plan/ee_epics/` and `.../browser_ui/2_plan/issues/`.
Now, let's say we want to create tests for the [scoped labels](https://about.gitlab.com/blog/2019/04/22/gitlab-11-10-released/#scoped-labels) feature, available on GitLab EE Premium (this feature is part of the Plan stage.) Now, let's say we want to create tests for the [scoped labels](https://about.gitlab.com/releases/2019/04/22/gitlab-11-10-released/#scoped-labels) feature, available on GitLab EE Premium (this feature is part of the Plan stage.)
> Because these tests are for a feature available only on GitLab EE, we need to create them in the [EE repository](https://gitlab.com/gitlab-org/gitlab). > Because these tests are for a feature available only on GitLab EE, we need to create them in the [EE repository](https://gitlab.com/gitlab-org/gitlab).
......
...@@ -888,7 +888,7 @@ See the [OmniAuth integration documentation](../integration/omniauth.md). ...@@ -888,7 +888,7 @@ See the [OmniAuth integration documentation](../integration/omniauth.md).
### Build your projects ### Build your projects
GitLab can build your projects. To enable that feature, you need GitLab Runners to do that for you. GitLab can build your projects. To enable that feature, you need GitLab Runners to do that for you.
See the [GitLab Runner section](https://about.gitlab.com/product/continuous-integration/#gitlab-runner) to install it. See the [GitLab Runner section](https://about.gitlab.com/stages-devops-lifecycle/continuous-integration/#gitlab-runner) to install it.
### Adding your Trusted Proxies ### Adding your Trusted Proxies
......
...@@ -5,7 +5,7 @@ type: concepts ...@@ -5,7 +5,7 @@ type: concepts
# GitLab Release and Maintenance Policy # GitLab Release and Maintenance Policy
GitLab has strict policies governing version naming, as well as release pace for major, minor, GitLab has strict policies governing version naming, as well as release pace for major, minor,
patch and security releases. New releases are usually announced on the [GitLab blog](https://about.gitlab.com/blog/categories/releases/). patch and security releases. New releases are usually announced on the [GitLab blog](https://about.gitlab.com/releases/categories/releases/).
Our current policy is: Our current policy is:
...@@ -103,13 +103,13 @@ Security releases are a special kind of patch release that only include security ...@@ -103,13 +103,13 @@ Security releases are a special kind of patch release that only include security
fixes and patches (see below) for the previous two monthly releases in addition to the current stable release. fixes and patches (see below) for the previous two monthly releases in addition to the current stable release.
For very serious security issues, there is For very serious security issues, there is
[precedent](https://about.gitlab.com/blog/2016/05/02/cve-2016-4340-patches/) [precedent](https://about.gitlab.com/releases/2016/05/02/cve-2016-4340-patches/)
to backport security fixes to even more monthly releases of GitLab. to backport security fixes to even more monthly releases of GitLab.
This decision is made on a case-by-case basis. This decision is made on a case-by-case basis.
## Upgrade recommendations ## Upgrade recommendations
We encourage everyone to run the [latest stable release](https://about.gitlab.com/blog/categories/releases/) to ensure that you can We encourage everyone to run the [latest stable release](https://about.gitlab.com/releases/categories/releases/) to ensure that you can
easily upgrade to the most secure and feature-rich GitLab experience. In order easily upgrade to the most secure and feature-rich GitLab experience. In order
to make sure you can easily run the most recent stable release, we are working to make sure you can easily run the most recent stable release, we are working
hard to keep the update process simple and reliable. hard to keep the update process simple and reliable.
......
...@@ -239,7 +239,7 @@ The following will be emailed to you: ...@@ -239,7 +239,7 @@ The following will be emailed to you:
### Seat Link ### Seat Link
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/208832) in [GitLab Starter](https://about.gitlab.com/pricing) 12.9. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/208832) in [GitLab Starter](https://about.gitlab.com/pricing/) 12.9.
Seat Link allows us to provide our self-managed customers with prorated charges for user growth throughout the year using a quarterly reconciliation process. Seat Link allows us to provide our self-managed customers with prorated charges for user growth throughout the year using a quarterly reconciliation process.
......
...@@ -73,14 +73,14 @@ more advanced rules around threat detection. ...@@ -73,14 +73,14 @@ more advanced rules around threat detection.
ModSecurity is enabled with the [OWASP Core Rule Set (CRS)](https://modsecurity.org/crs/) by ModSecurity is enabled with the [OWASP Core Rule Set (CRS)](https://modsecurity.org/crs/) by
default. The OWASP CRS logs attempts to the following attacks: default. The OWASP CRS logs attempts to the following attacks:
- [SQL Injection](https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_SQL_Injection) - [SQL Injection](https://wiki.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_SQL_Injection)
- [Cross-Site Scripting](https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_Cross-Site_Scripting_(XSS)) - [Cross-Site Scripting](https://wiki.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_Cross-Site_Scripting_(XSS))
- [Local File Inclusion](https://www.owasp.org/index.php/Testing_for_Local_File_Inclusion) - [Local File Inclusion](https://wiki.owasp.org/index.php/Testing_for_Local_File_Inclusion)
- [Remote File Inclusion](https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_Remote_File_Inclusion) - [Remote File Inclusion](https://wiki.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_Remote_File_Inclusion)
- [Code Injection](https://www.owasp.org/index.php/Code_Injection) - [Code Injection](https://wiki.owasp.org/index.php/Code_Injection)
- [Session Fixation](https://www.owasp.org/index.php/Session_fixation) - [Session Fixation](https://wiki.owasp.org/index.php/Session_fixation)
- [Scanner Detection](https://www.owasp.org/index.php/Category:Vulnerability_Scanning_Tools) - [Scanner Detection](https://wiki.owasp.org/index.php/Category:Vulnerability_Scanning_Tools)
- [Metadata/Error Leakages](https://www.owasp.org/index.php/Improper_Error_Handling) - [Metadata/Error Leakages](https://wiki.owasp.org/index.php/Improper_Error_Handling)
It is good to have a basic knowledge of the following: It is good to have a basic knowledge of the following:
......
...@@ -99,7 +99,7 @@ The GitLab University curriculum is composed of GitLab videos, screencasts, pres ...@@ -99,7 +99,7 @@ The GitLab University curriculum is composed of GitLab videos, screencasts, pres
1. [Due Dates and Milestones for GitLab Issues](https://about.gitlab.com/blog/2016/08/05/feature-highlight-set-dates-for-issues/) 1. [Due Dates and Milestones for GitLab Issues](https://about.gitlab.com/blog/2016/08/05/feature-highlight-set-dates-for-issues/)
1. [How to Use GitLab Labels](https://about.gitlab.com/blog/2016/08/17/using-gitlab-labels/) 1. [How to Use GitLab Labels](https://about.gitlab.com/blog/2016/08/17/using-gitlab-labels/)
1. [Applying GitLab Labels Automatically](https://about.gitlab.com/blog/2016/08/19/applying-gitlab-labels-automatically/) 1. [Applying GitLab Labels Automatically](https://about.gitlab.com/blog/2016/08/19/applying-gitlab-labels-automatically/)
1. [GitLab Issue Board - Product Page](https://about.gitlab.com/product/issueboard/) 1. [GitLab Issue Board - Product Page](https://about.gitlab.com/stages-devops-lifecycle/issueboard/)
1. [An Overview of GitLab Issue Board](https://about.gitlab.com/blog/2016/08/22/announcing-the-gitlab-issue-board/) 1. [An Overview of GitLab Issue Board](https://about.gitlab.com/blog/2016/08/22/announcing-the-gitlab-issue-board/)
1. [Designing GitLab Issue Board](https://about.gitlab.com/blog/2016/08/31/designing-issue-boards/) 1. [Designing GitLab Issue Board](https://about.gitlab.com/blog/2016/08/31/designing-issue-boards/)
1. [From Idea to Production with GitLab - Video](https://www.youtube.com/watch?v=25pHyknRgEo&index=14&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e) 1. [From Idea to Production with GitLab - Video](https://www.youtube.com/watch?v=25pHyknRgEo&index=14&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e)
...@@ -107,7 +107,7 @@ The GitLab University curriculum is composed of GitLab videos, screencasts, pres ...@@ -107,7 +107,7 @@ The GitLab University curriculum is composed of GitLab videos, screencasts, pres
### 2.3. Continuous Integration ### 2.3. Continuous Integration
1. [Operating Systems, Servers, VMs, Containers and Unix - Video](https://www.youtube.com/watch?v=V61kL6IC-zY&index=8&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e) 1. [Operating Systems, Servers, VMs, Containers and Unix - Video](https://www.youtube.com/watch?v=V61kL6IC-zY&index=8&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e)
1. [GitLab CI - Product Page](https://about.gitlab.com/product/continuous-integration/) 1. [GitLab CI - Product Page](https://about.gitlab.com/stages-devops-lifecycle/continuous-integration/)
1. [Getting started with GitLab and GitLab CI](https://about.gitlab.com/blog/2015/12/14/getting-started-with-gitlab-and-gitlab-ci/) 1. [Getting started with GitLab and GitLab CI](https://about.gitlab.com/blog/2015/12/14/getting-started-with-gitlab-and-gitlab-ci/)
1. [GitLab Container Registry](https://about.gitlab.com/blog/2016/05/23/gitlab-container-registry/) 1. [GitLab Container Registry](https://about.gitlab.com/blog/2016/05/23/gitlab-container-registry/)
1. [GitLab and Docker - Video](https://www.youtube.com/watch?v=ugOrCcbdHko&index=12&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e) 1. [GitLab and Docker - Video](https://www.youtube.com/watch?v=ugOrCcbdHko&index=12&list=PLFGfElNsQthbQu_IWlNOxul0TbS_2JH-e)
...@@ -181,7 +181,7 @@ The GitLab University curriculum is composed of GitLab videos, screencasts, pres ...@@ -181,7 +181,7 @@ The GitLab University curriculum is composed of GitLab videos, screencasts, pres
### 3.8 Cycle Analytics ### 3.8 Cycle Analytics
1. [GitLab Cycle Analytics Overview](https://about.gitlab.com/blog/2016/09/21/cycle-analytics-feature-highlight/) 1. [GitLab Cycle Analytics Overview](https://about.gitlab.com/blog/2016/09/21/cycle-analytics-feature-highlight/)
1. [GitLab Cycle Analytics - Product Page](https://about.gitlab.com/product/cycle-analytics/) 1. [GitLab Cycle Analytics - Product Page](https://about.gitlab.com/stages-devops-lifecycle/cycle-analytics/)
### 3.9. Integrations ### 3.9. Integrations
......
...@@ -17,7 +17,7 @@ details. ...@@ -17,7 +17,7 @@ details.
## Repository size limit **(STARTER ONLY)** ## Repository size limit **(STARTER ONLY)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/740) in [GitLab Enterprise Edition 8.12](https://about.gitlab.com/blog/2016/09/22/gitlab-8-12-released/#limit-project-size-ee). > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/740) in [GitLab Enterprise Edition 8.12](https://about.gitlab.com/releases/2016/09/22/gitlab-8-12-released/#limit-project-size-ee).
> Available in [GitLab Starter](https://about.gitlab.com/pricing/). > Available in [GitLab Starter](https://about.gitlab.com/pricing/).
Repositories within your GitLab instance can grow quickly, especially if you are Repositories within your GitLab instance can grow quickly, especially if you are
......
...@@ -300,6 +300,6 @@ For Value Stream Analytics functionality introduced in GitLab 12.3 and later: ...@@ -300,6 +300,6 @@ For Value Stream Analytics functionality introduced in GitLab 12.3 and later:
Learn more about Value Stream Analytics in the following resources: Learn more about Value Stream Analytics in the following resources:
- [Value Stream Analytics feature page](https://about.gitlab.com/product/cycle-analytics/). - [Value Stream Analytics feature page](https://about.gitlab.com/stages-devops-lifecycle/cycle-analytics/).
- [Value Stream Analytics feature preview](https://about.gitlab.com/blog/2016/09/16/feature-preview-introducing-cycle-analytics/). - [Value Stream Analytics feature preview](https://about.gitlab.com/blog/2016/09/16/feature-preview-introducing-cycle-analytics/).
- [Value Stream Analytics feature highlight](https://about.gitlab.com/blog/2016/09/21/cycle-analytics-feature-highlight/). - [Value Stream Analytics feature highlight](https://about.gitlab.com/blog/2016/09/21/cycle-analytics-feature-highlight/).
...@@ -212,7 +212,7 @@ kubectl get service --namespace=gitlab-managed-apps ingress-nginx-ingress-contro ...@@ -212,7 +212,7 @@ kubectl get service --namespace=gitlab-managed-apps ingress-nginx-ingress-contro
For Istio/Knative, the command will be different: For Istio/Knative, the command will be different:
```shell ```shell
kubectl get svc --namespace=istio-system knative-ingressgateway -o jsonpath='{.status.loadBalancer.ingress[0].ip} ' kubectl get svc --namespace=istio-system istio-ingressgateway -o jsonpath='{.status.loadBalancer.ingress[0].ip} '
``` ```
Otherwise, you can list the IP addresses of all load balancers: Otherwise, you can list the IP addresses of all load balancers:
......
...@@ -52,7 +52,7 @@ Host gitlab.com ...@@ -52,7 +52,7 @@ Host gitlab.com
## GitLab Pages ## GitLab Pages
Below are the settings for [GitLab Pages](https://about.gitlab.com/product/pages/). Below are the settings for [GitLab Pages](https://about.gitlab.com/stages-devops-lifecycle/pages/).
| Setting | GitLab.com | Default | | Setting | GitLab.com | Default |
| --------------------------- | ---------------- | ------------- | | --------------------------- | ---------------- | ------------- |
......
...@@ -17,7 +17,7 @@ Find your groups by clicking **Groups > Your Groups** in the top navigation. ...@@ -17,7 +17,7 @@ Find your groups by clicking **Groups > Your Groups** in the top navigation.
![GitLab Groups](img/groups.png) ![GitLab Groups](img/groups.png)
> The **Groups** dropdown in the top navigation was [introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/36234) in [GitLab 11.1](https://about.gitlab.com/blog/2018/07/22/gitlab-11-1-released/#groups-dropdown-in-navigation). > The **Groups** dropdown in the top navigation was [introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/36234) in [GitLab 11.1](https://about.gitlab.com/releases/2018/07/22/gitlab-11-1-released/#groups-dropdown-in-navigation).
The **Groups** page displays: The **Groups** page displays:
......
...@@ -5,7 +5,7 @@ It is **not** valid for the [GitLab documentation website](https://docs.gitlab.c ...@@ -5,7 +5,7 @@ It is **not** valid for the [GitLab documentation website](https://docs.gitlab.c
or [GitLab's main website](https://about.gitlab.com), as they both use or [GitLab's main website](https://about.gitlab.com), as they both use
[Kramdown](https://kramdown.gettalong.org) as their Markdown engine. The documentation [Kramdown](https://kramdown.gettalong.org) as their Markdown engine. The documentation
website uses an extended Kramdown gem, [GitLab Kramdown](https://gitlab.com/gitlab-org/gitlab_kramdown). website uses an extended Kramdown gem, [GitLab Kramdown](https://gitlab.com/gitlab-org/gitlab_kramdown).
Consult the [GitLab Kramdown Guide](https://about.gitlab.com/handbook/product/technical-writing/markdown-guide/) Consult the [GitLab Kramdown Guide](https://about.gitlab.com/handbook/engineering/ux/technical-writing/markdown-guide/)
for a complete Kramdown reference. for a complete Kramdown reference.
NOTE: **Note:** We encourage you to view this document as [rendered by GitLab itself](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/user/markdown.md). NOTE: **Note:** We encourage you to view this document as [rendered by GitLab itself](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/user/markdown.md).
......
...@@ -26,7 +26,7 @@ git commit -m "this is my commit message. Related to https://gitlab.com/<usernam ...@@ -26,7 +26,7 @@ git commit -m "this is my commit message. Related to https://gitlab.com/<usernam
Of course, you can replace `gitlab.com` with the URL of your own GitLab instance. Of course, you can replace `gitlab.com` with the URL of your own GitLab instance.
NOTE: **Note:** Linking your first commit to your issue is going to be relevant NOTE: **Note:** Linking your first commit to your issue is going to be relevant
for tracking your process with [GitLab Cycle Analytics](https://about.gitlab.com/product/cycle-analytics/). for tracking your process with [GitLab Cycle Analytics](https://about.gitlab.com/stages-devops-lifecycle/cycle-analytics/).
It will measure the time taken for planning the implementation of that issue, It will measure the time taken for planning the implementation of that issue,
which is the time between creating an issue and making the first commit. which is the time between creating an issue and making the first commit.
......
...@@ -128,7 +128,7 @@ Set a merge request that looks ready to merge to [merge automatically when CI pi ...@@ -128,7 +128,7 @@ Set a merge request that looks ready to merge to [merge automatically when CI pi
### Live preview with Review Apps ### Live preview with Review Apps
If you configured [Review Apps](https://about.gitlab.com/product/review-apps/) for your project, If you configured [Review Apps](https://about.gitlab.com/stages-devops-lifecycle/review-apps/) for your project,
you can preview the changes submitted to a feature-branch through a merge request you can preview the changes submitted to a feature-branch through a merge request
in a per-branch basis. No need to checkout the branch, install and preview locally; in a per-branch basis. No need to checkout the branch, install and preview locally;
all your changes will be available to preview by anyone with the Review Apps link. all your changes will be available to preview by anyone with the Review Apps link.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment