- 26 Sep, 2019 10 commits
-
-
GitLab Release Tools Bot authored
Fix Gitaly SearchBlobs flag RPC injection [Gitaly v1.65.1] See merge request gitlab/gitlabhq!3433
-
GitLab Release Tools Bot authored
Prevent Bypassing Email Verification using Salesforce See merge request gitlab/gitlabhq!3395
-
GitLab Release Tools Bot authored
Check that SAML identity linking validates the origin of the request See merge request gitlab/gitlabhq!3396
-
GitLab Release Tools Bot authored
Only render fixed number of mermaid blocks See merge request gitlab/gitlabhq!3411
-
GitLab Release Tools Bot authored
Merge branch 'security-12717-fix-confidential-issue-assignee-visible-to-guests-12-3' into '12-3-stable' Display only participants that user has permission to see See merge request gitlab/gitlabhq!3421
-
GitLab Release Tools Bot authored
Redirect user to root path after unsubscribing from private resource See merge request gitlab/gitlabhq!3423
-
GitLab Release Tools Bot authored
Hide disabled project milestones in project settings on group level See merge request gitlab/gitlabhq!3424
-
GitLab Release Tools Bot authored
Add policy check if cross reference system notes are accessible See merge request gitlab/gitlabhq!3426
-
GitLab Release Tools Bot authored
Cancel all running CI jobs when user is blocked See merge request gitlab/gitlabhq!3436
-
GitLab Release Tools Bot authored
Filter not accessible label events See merge request gitlab/gitlabhq!3440
-
- 25 Sep, 2019 1 commit
-
-
Małgorzata Ksionek authored
-
- 24 Sep, 2019 5 commits
-
-
Jan Provaznik authored
Label events may use cross-project or cross-group references, if the projects are not accessible by user, we don't show these label events.
-
GitLab Release Tools Bot authored
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Bot authored
-
Fabio Pitino authored
This prevents a MITM attack where attacker could still access Git repository if any jobs were running long enough.
-
- 23 Sep, 2019 6 commits
-
-
Paul Okstad authored
-
Alexandru Croitor authored
-
Alexandru Croitor authored
-
Alexandru Croitor authored
If user unsubsrcribes from a resource that they no longer have access to they should not be revealed the resource path, but be redirected to app root instead. https://gitlab.com/gitlab-org/gitlab-ce/issues/64938
-
Małgorzata Ksionek authored
Fix rubocop offences and add changelog Add email_verified key for feature specs Add code review remarks Add code review remarks Fix specs
-
Alexandru Croitor authored
-
- 20 Sep, 2019 10 commits
-
-
GitLab Release Tools Bot authored
-
GitLab Release Tools Bot authored
[ci skip]
-
Sebastian Arcila Valenzuela authored
If the request wasn't initiated by gitlab we shouldn't add the new identity to the user, and instead show that we weren't able to link the identity to the user. This should fix: https://gitlab.com/gitlab-org/gitlab-ce/issues/56509
-
GitLab Release Tools Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
- 19 Sep, 2019 8 commits
-
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-