- 07 Nov, 2016 2 commits
-
-
Douwe Maan authored
Fix for HackerOne XSS vulnerability in markdown This is an updated blacklist patch to fix https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2007. No text is removed. Dangerous schemes/protocols and invalid URIs are left intact but not linked. Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23153 See merge request !2015 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Douwe Maan authored
Fixups to "Round-robin repository storage" ## What does this MR do? * Simplifies a method in application_settings.rb * Correctly marks a migration as needing downtime * Documents the requirement for renamed columns to be ## Are there points in the code the reviewer needs to double check? Should any of these changes be split out? Ideally we'd get this into the same point release as !7273 ## Why was this MR needed? Post-facto review of !7273 ## Screenshots (if relevant) ## Does this MR meet the acceptance criteria? - [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG.md) entry added - [X] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [X] API support added - Tests - [X] Added for this feature/bug - [x] All builds are passing - [X] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [X] Branch has no merge conflicts with `master` (if it does - rebase it please) - [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? Related to #24059 /cc @yorickpeterse @rspeicher See merge request !7287
-
- 04 Nov, 2016 14 commits
-
-
Rémy Coutable authored
Show pipeline status from branch and commit than only commit Closes #23615 See merge request !7034 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Douwe Maan authored
Resolve "Introduce round-robin project creation to spread load over multiple shards" Allow multiple shards to be enabled in the admin settings page, balancing project creation across all enabled shards. * `f.select ..., multiple: true` isn't the most beautiful UI in the world, but switching to `collection_check_boxes` (or a facsimile thereof) isn't trivial * Should `pick_repository_storage` be a method of `ApplicationSetting`, or `Project`? It's going to accrete logic over time so perhaps it should be its own class already? * This is written to avoid the need for a database migration, so it is`serialize :repository_storage` without `, Array`. This is tested, but alternatives include: * Add a database migration * Write a custom Coder that will accept a String or Array in `load` and always `dump an Array. Closes #24059 See merge request !7273 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Rémy Coutable authored
See merge request !7014 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Douwe Maan authored
Fix lightweight tags not processed correctly by GitTagPushService Closes #22271 See merge request !6532 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Sean McGivern authored
Fixes #24102 See merge request !7267
-
Robert Speicher authored
Only skip group when it's actually a group in the "Share with group" select Fixes #23961 See merge request !7262
-
Sean McGivern authored
Fix project features default values closes #23242 See merge request !7181 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Sean McGivern authored
Fix builds tab visibility closes #23951 See merge request !7178 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Sean McGivern authored
Optimize group labels page Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23684 Closes https://gitlab.com/gitlab-org/gitlab-ee/issues/1148 See merge request !7123 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Rémy Coutable authored
Allow owners to fetch source code in CI builds Due to different way of handling owners of a project, they were not allowed to fetch CI sources for project. This adds a separate code path for handling owners, that are not admins. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23437 See merge request !6943 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Robert Speicher authored
Respect project visibility settings in the contributions calendar This MR fixes a number of bugs relating to access controls and date selection of events for the contributions calendar Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23403 See merge request !2019
-
Douwe Maan authored
Ensure external users are not able to clone disabled repositories. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23788 See merge request !2017
-
Douwe Maan authored
disable markdown in comments when referencing disabled features fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23548 This MR prevents the following references when tool is disabled: - issues - snippets - commits - when repo is disabled - commit range - when repo is disabled - milestones This MR does not prevent references to repository files, since they are just markdown links and don't leak information. See merge request !2011 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Douwe Maan authored
Honour issue and merge request visibility in their respective finders This MR fixes a security issue with the IssuesFinder and MergeRequestFinder where they would return items the user did not have permission to see. This was most visible on the issue and merge requests page for a group containing projects that had set their issues or merge requests to "private". Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22481 See merge request !2000 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 03 Nov, 2016 1 commit
-
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 02 Nov, 2016 1 commit
-
-
Robert Speicher authored
-
- 01 Nov, 2016 2 commits
-
-
James Lopez authored
-
James Lopez authored
-
- 31 Oct, 2016 11 commits
-
-
Rémy Coutable authored
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Rémy Coutable authored
Merge branch '23872-members-of-group-that-has-project-access-getting-404-on-accessing-a-project-issue' into 'master' Fix project member access for group links Closes #23872. See merge request !7144 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Fatih Acet authored
Increase z index on fixed mr tabs Before: <img src="/uploads/e890a4f185af87b66251d744fbe840d5/Screen_Shot_2016-10-26_at_11.58.45_AM.png" width="400px"> After: <img src="/uploads/0bbf72888f6a47bd3027ee7dfff542da/Screen_Shot_2016-10-26_at_11.58.28_AM.png" width="400px"> Closes #23866 See merge request !7124 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Douwe Maan authored
Pass user instance to Labels::FindOrCreateService or skip_authorization: true It fixes a bug described in #23694 when `project.owner` was passed to `Labels::FindOrCreateService`. `Labels::FindOrCreateService` expected a user instance and `project.owner` may return a group as well. This MR makes sure that we either pass a user instance or `skip_authorization: true`. Fixes #23694 See merge request !7093 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Annabel Dunstone Gray authored
Resolve "Lacking padding on syntax highlight blocks in diff comments" Enforces horizontal padding on highlight block. There was no horizontal padding on diff comment highlight blocks. Closes #23661 See merge request !7062 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Fatih Acet authored
Fix refs dropdown selection with special characters Remove unneeded encode from the project-refs-dropdown renderRow method. Closes #21248 See merge request !7061 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Sean McGivern authored
Modify GitHub importer to be retryable Closes #23533 See merge request !7003 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Sean McGivern authored
Fix couple of GitHub importing bugs Fix a bug in GH comment importing and label applying for imported MRs. See merge request !7139 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Fatih Acet authored
Only remove right connector of first build of last stage Closes #23849 See merge request !7179 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Douwe Maan authored
Use Hash rocket syntax to fix cycle analytics under Ruby 2.1 Refers to #23510 See merge request !6977 Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 29 Oct, 2016 6 commits
-
-
Kamil Trzciński authored
Fix encoding issues on pipeline commits ## What does this MR do? #### What does this MR do? Sets `escape: false` on `truncate` method to fix commit message on pipelines page #### Screenshots (if relevant) Before: ![Screen_Shot_2016-10-12_at_8.53.10_AM](/uploads/5e26e98a272139fe2264c315d579178f/Screen_Shot_2016-10-12_at_8.53.10_AM.png) After: ![Screen_Shot_2016-10-12_at_8.52.49_AM](/uploads/58c6c69f2ba735fdcd5a0b6922b56aa7/Screen_Shot_2016-10-12_at_8.52.49_AM.png) #### What are the relevant issue numbers? Closes #23258 See merge request !6832
-
Sean McGivern authored
API: Fix booleans not recognized as such when using the `to_boolean` helper Fixes #22831 Fixes #23890 See merge request !7149
-
Rémy Coutable authored
Fix and improve `Sortable.highest_label_priority` Closes #23928 See merge request !7165
-
Fatih Acet authored
Fixed sticky MR tabs positioning when sidebar is pinned ## What does this MR do? The sticky MR tabs where positioned underneath the pinned sidebar. This fixes that by accounting for the size of the pinned nav. ## Screenshots (if relevant) ![Screen_Shot_2016-10-28_at_09.37.18](/uploads/0d23f2bb0e02d698c012c22c8653afd7/Screen_Shot_2016-10-28_at_09.37.18.png) ## What are the relevant issue numbers? Closes #23926 See merge request !7167
-
Rémy Coutable authored
Fix CHANGELOG for GH import fixes See merge request !7173
-
Stan Hu authored
Merge branch 'ee-1159-allow-permission-check-bypass-in-approve-access-request-service' into 'master' Allow Members::ApproveAccessRequestService to accept a new `:force` option ## What does this MR do? See the commit message. This is a backport of the EE fix for https://gitlab.com/gitlab-org/gitlab-ee/issues/1159: gitlab-org/gitlab-ee!830 See merge request !7168
-
- 26 Oct, 2016 2 commits
-
-
Achilleas Pipinellis authored
Update gitlab-shell version to 3.6.6 Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23659 See merge request !7118
-
Achilleas Pipinellis authored
[ci skip]
-
- 25 Oct, 2016 1 commit
-
-
Alejandro Rodríguez authored
-