1. 07 Jun, 2016 11 commits
  2. 06 Jun, 2016 29 commits
    • Alejandro Rodríguez's avatar
      Use better_errors editor links in sherlock · fbd2169f
      Alejandro Rodríguez authored
      Remember to configure your `better_errors` editor to point to your program of preference
      fbd2169f
    • Connor Shea's avatar
      Fix missed colorize methods. · efb7da68
      Connor Shea authored
      efb7da68
    • Jacob Schatz's avatar
      Merge branch 'wiki-bottom-padding' into 'master' · 740a6ecb
      Jacob Schatz authored
      Add padding to bottom of wiki page, fix #12921.
      
      ## What does this MR do?
      Adds padding to the bottom of the wiki page so it's not right up against the edge of the browser window.
      
      ## What are the relevant issue numbers?
      #12921
      
      ## Screenshots (if relevant)
      
      Before:
      
      ![Screen_Shot_2016-06-06_at_12.21.22_PM](/uploads/9710682a57f5e521253f17a65f896f4d/Screen_Shot_2016-06-06_at_12.21.22_PM.png)
      
      After:
      
      ![Screen_Shot_2016-06-06_at_12.20.50_PM](/uploads/002068b072050e0f8146757a0386d30f/Screen_Shot_2016-06-06_at_12.20.50_PM.png)
      
      cc: @jschatz1 
      
      See merge request !4490
      740a6ecb
    • Connor Shea's avatar
      Resolve feedback. · 7900c035
      Connor Shea authored
      7900c035
    • Connor Shea's avatar
    • Connor Shea's avatar
      Make sure to mention the GNU Project and OSI-provided information regarding... · 7045b9e9
      Connor Shea authored
      Make sure to mention the GNU Project and OSI-provided information regarding the GPL so no one tries to disagree with that decision.
      7045b9e9
    • Connor Shea's avatar
    • Connor Shea's avatar
      Fix up all the decisions in the YML file. · 4cff270f
      Connor Shea authored
      4cff270f
    • Connor Shea's avatar
      Add gems and licenses that were previously missing. Approve a number of... · ddca2806
      Connor Shea authored
      Add gems and licenses that were previously missing. Approve a number of licenses after a bunch of research today.
      ddca2806
    • Connor Shea's avatar
      Add some gems' licenses not caught by License Finder. · 9442482d
      Connor Shea authored
      Also add License Finder to CI (only runs on master).
      9442482d
    • Connor Shea's avatar
      Add License Finder gem. · b51b1450
      Connor Shea authored
      In order to rehost all our gems in our own gem host, we need to have the legal rights to do so for every gem should they be taken down from RubyGems. License Finder automates checking of gems to ensure that we're in the clear legally.
      
      Approved the MIT License because it essentially allows us to do "whatever" with those gems.
      
      I am not a lawyer.
      
      https://github.com/pivotal/LicenseFinder
      b51b1450
    • Yorick Peterse's avatar
      Merge branch 'issue_3359' into 'master' · 0ba21860
      Yorick Peterse authored
      Remove duplicated notification settings and add unique index
      
      See merge request !4472
      0ba21860
    • Jacob Schatz's avatar
      Merge branch 'activity-links' into 'master' · f73292e4
      Jacob Schatz authored
      Fixed issue with activity links not being consistent
      
      ## What does this MR do?
      
      Previously, links for opening an issue/merge request & commenting where different. Opening would only have a link on the number whereas commenting would have link on the text as well. This standardises it to include the type as well (ie. issue)
      
      ## What are the relevant issue numbers?
      
      Closes #17621 
      
      ## Screenshots (if relevant)
      
      ![Screen_Shot_2016-06-01_at_12.12.09](/uploads/c778b007e6b6c068fcae30e34409ce98/Screen_Shot_2016-06-01_at_12.12.09.png)
      
      See merge request !4400
      f73292e4
    • Jacob Schatz's avatar
      Merge branch 'edit-mobile' into 'master' · 37afdb07
      Jacob Schatz authored
      Shows the edit comment button on mobile
      
      ## What does this MR do?
      
      Shows the edit comment button on mobile.
      
      ## What are the relevant issue numbers?
      
      Closes #17214 
      
      ## Screenshots (if relevant)
      
      ![Screen_Shot_2016-06-01_at_12.33.13](/uploads/d46b800c175a53821ea8e8af49c07641/Screen_Shot_2016-06-01_at_12.33.13.png)
      
      See merge request !4402
      37afdb07
    • Jacob Schatz's avatar
      Merge branch '18026-consider-removing-issue-merge-request-previous-next-buttons' into 'master' · 410130b8
      Jacob Schatz authored
      Remove prev/next buttons on issues and merge requests
      
      ## What does this MR do?
      
      Remove prev/next buttons on issues and merge requests sidebar
      
      ## Are there points in the code the reviewer needs to double check?
      
      No
      
      ## Why was this MR needed?
      
      The buttons were rarely used and added at least 1 query each on every page load which we could live without.
      
      ## What are the relevant issue numbers?
      
      #18026
      
      ## Screenshots (if relevant)
      
      Below is how it looks. Not sure if it's too much empty space. #17697 discusses a possible substitute for what to put there.
      
      ![Captura_de_pantalla_2016-06-06_a_las_11.09.26_a.m.](/uploads/7b379327aa6c608775f99bf47a9c3352/Captura_de_pantalla_2016-06-06_a_las_11.09.26_a.m..png)
      
      ![Captura_de_pantalla_2016-06-06_a_las_11.09.38_a.m.](/uploads/68bcae6754ed5ac48f1a6925fdd17d3f/Captura_de_pantalla_2016-06-06_a_las_11.09.38_a.m..png)
      
      See merge request !4442
      410130b8
    • Jacob Schatz's avatar
      Merge branch 'confidential-issue-notice' into 'master' · ed9b1bd6
      Jacob Schatz authored
      Add confidential issue notice in comment box.
      
      ## What does this MR do?
      
      Adds a warning about confidential issues to the comment field when the issue is confidential.
      
      ## Are there points in the code the reviewer needs to double check?
      
      I don't think so.
      
      ## Why was this MR needed?
      
      It wasn't clear to users that they were commenting on a confidential issue, this makes it more explicit.
      
      ## What are the relevant issue numbers?
      
      Fixes #15288 
      
      ## Screenshots (if relevant)
      
      This is what it looks like at various screen sizes:
      
      ![Screen_Shot_2016-06-03_at_2.56.54_PM](/uploads/eb7f318bc19101f8514d7a4f10a77d73/Screen_Shot_2016-06-03_at_2.56.54_PM.png)
      
      ![Screen_Shot_2016-06-03_at_2.58.51_PM](/uploads/13674c3f1227b0d566b1d2aafc6712ed/Screen_Shot_2016-06-03_at_2.58.51_PM.png)
      
      ![Screen_Shot_2016-06-03_at_2.58.37_PM](/uploads/14ad419ed3ed86b7fbc080152e4030fa/Screen_Shot_2016-06-03_at_2.58.37_PM.png)
      
      cc: @jschatz1 @dzaporozhets 
      
      See merge request !4473
      ed9b1bd6
    • Connor Shea's avatar
      d2b7c39a
    • Kamil Trzcinski's avatar
      Install bundler · aebfdcd8
      Kamil Trzcinski authored
      aebfdcd8
    • Douwe Maan's avatar
      Merge branch 'notes-are-awardables' into 'master' · 4d4a9b7c
      Douwe Maan authored
      Notes are awardables
      
      ## What does this MR do?
      
      Makes sure we can  comments/notes.
      
      ## What are the relevant issue numbers?
      Follows up upon !2901, depends on !3785
      
      Closes #3655 
      
      ## Screenshots (if relevant)
      TODO
      
      
      
      See merge request !4291
      4d4a9b7c
    • Felipe Artur's avatar
      92642031
    • Alejandro Rodríguez's avatar
      Remove prev/next buttons on issues and merge requests · 535d1130
      Alejandro Rodríguez authored
      The buttons were rarely used and added at least 1 query each on every page load.
      535d1130
    • Rémy Coutable's avatar
      Merge branch 'tests/extend-specs-for-build-badge' into 'master' · ac4e3e8c
      Rémy Coutable authored
      Extend specs for builds badge
      
      ## What does this MR do?
      
      This MR extends specs for builds badge.
      
      ## Why was this MR needed?
      
      We added an edge case to specs, while trying to reproduce problem described in #17549
      
      ## What are the relevant issue numbers?
      
      #17549
      
      See merge request !4401
      ac4e3e8c
    • Jacob Schatz's avatar
      Merge branch 'jquery2' into 'master' · 316630ad
      Jacob Schatz authored
      Upgraded jQuery to version 2
      
      ## What does this MR do?
      
      Upgrades jQuery to 2.2.1. 
      
      Had to include the task_list JS file directly as it includes jQuery 1 directly https://github.com/github-archive/task_list/blob/master/app/assets/javascripts/task_list.coffee#L8 so when we change jQuery to `jquery2` it was including both jQuery 1 & 2.
      
      ## Are there points in the code the reviewer needs to double check?
      
      For any JS errors
      
      ## What are the relevant issue numbers?
      
      Closes #12440
      
      See merge request !4384
      316630ad
    • Fatih Acet's avatar
      Updated MR notes. · 8dc1fa0d
      Fatih Acet authored
      8dc1fa0d
    • Kamil Trzcinski's avatar
      Don't install knapsack · 72947148
      Kamil Trzcinski authored
      72947148
    • Dmitriy Zaporozhets's avatar
    • Rémy Coutable's avatar
      Merge branch '15337-yubikey-support' into 'master' · 3cb69f0c
      Rémy Coutable authored
      Allow a U2F Device to be the Second Factor for Authentication
      
      Parent Issue: #15337 
      
      ## TODO
      - [ ] #15337 (!3905) FIDO/U2F 2FA using Yubikey
          - [x] Order a Yubikey?
          - [x] Do some reading to figure out what all this stuff means
          - [x] Look through the existing MR
          - [x] Browser support?
          - [x] Implementation
              - [x] User can register 2FA using their U2H device instead of authenticator
                  - [x] Barebones flow
                  - [x] Save the registration in the database
                  - [x] Authentication flow
                  - [x] First try after login/server start doesn't work
              - [x] User can log in using their U2F device
              - [x] Allow setting up authenticator if U2F is already set up (or vice versa)
              - [x] Change `two_factor_auths/new` to `show`
              - [x] `sign_requests` during registration? (Registering a device that has already been registered)
              - [x] 2FA skippable flow?
              - [x] Enforced 2FA flow (grace period?)
              - [x] Move the "Configure it Later" button to the right place
              - [x] Don't allow registration when the yubikey isn't plugged in
              - [x] Polish authentication flow
              - [x] Login should only show the 2FA method that's enabled
                  - [x] Message to say that u2f only works on chrome, and it's recommended to enable otp as well.
              - [x] Index for key_handle
              - [x] Server-side errors while registering/logging in
              - [x] Handle non-chrome browsers
              - [x] Try to authenticate with a key that hasn't been registered (shouldn't work)
              - [x] Try the same key for multiple user accounts (should work)
              - [x] Fix existing tests
              - [x] Make sure CI is green
              - [x] Add tests
                  - [x] Figure out how to fake the Yubikey
                  - [x] Teaspoon tests for the React components
                      - [x] Each device can only be registered once per user
                  - [x] Feature specs
                      - [x] Regular flows
                      - [x] Test error cases
              - [x] Refactoring
                  - [x] Refactor App ID
                  - [x] Clean up the `show` action
              - [x] Annotate methods with definition of U2F
              - [x] Changelog
              - [x] Fix merge conflicts
              - [x] Verify flows
                  - [x] Authenticator + no U2F
                  - [x] U2F + no authenticator
                  - [x] U2F + authenticator
                  - [x] U2F + authenticator -> disable 2FA
                  - [x] 2FA required with different grace periods
              - [x] Screenshots for MR
          - [x] Augment the [help docs](http://localhost:3000/help/profile/two_factor_authentication)
          - [x] Assign to endboss
          - [x] Ask for feedback on UI/UX
          - [x] Ask for feedback on copy
          - [x] Wait for review/merge
          - [x] Fix merge conflicts
          - [x] Wait for CI to pass
          - [x] Implement review comments/suggestions
              - [x] Move `TwoFactorAuthController#create_u2f` to a service
              - [x] Extra space before `Base64` in `u2f_registration` model
              - [x] Move `with/without_two_factor` scopes to class methods
              - [x] In `profiles/accounts/show`, add spaces at `{` and `}`
              - [x] Remove blank lines in `profiles/two_factor_auths/show`
              - [x] Fix typo in doc. "(universal 2nd factor )"
              - [x] Add "Added in 8.8" to doc
              - [x] In the doc, use 'Enable 2FA via mobile application' instead of 'Via Mobile Application'
              - [x] In the doc, use 'Enable 2FA via U2F device' instead of 'Via U2F Device
              - [x] Use "Two-Factor Authentication" everywhere
              - [x] Use `#icon` wrapper instead of `fa_stacked_icon`
              - [x] Check if `string` is enough for `key_handle` and `public_key`
              - [x] Separate `exercise` and `verify` phases of test (u2f_spec)
              - [x] Assert that `user_without_2fa` is _not_ in results (with_two_factor)
                  - [x] Remove rubocop exception
              - [x] Refactor call to `User.with_two_factor.count` to not include `.length`
              - [x] Add a note that makes the "Disable" button/feature obvious
              - [x] Remove i18n
              - [x] Test in Firefox with addon (+ create new issue for support)
              - [x] Remove React
                  - [x] Rewrite registration
                  - [x] Switch underscore template to default style
                  - [x] Rewrite authentication
                  - [x] Move `register` haml to `u2f` dir
                  - [x] Remove instance variables
                  - [x] Fix tests
                  - [x] Read SCSS guidelines
                  - [x] Address @connorshea's comments regarding text style
                  - [x] Make sure all classes and IDs are in line (add `js-` prefixes)
                      - [x] Register
                      - [x] Authenticate
                  - [x] Refactoring?
              - [x] Include non-minifed version of bowser
              - [x] Audit log
              - [x] Look at the `browser` gem (and don't use bowser)
              - [x] Error message when on HTTP?
          - [x] Test on Mobile
          - [x] Fix merge conflicts
          - [x] Retest all flows
          - [x] Back to Rémy for review
          - [x] Make sure CI is green
          - [x] Wait for merge / more feedback
          - [x] Implement @rymai's changes
              - [x] JS/Coffeescript variables should be lowerCamelCase
              - [x] Spaces before/after `}` and `{` in HAML (and elsewhere)
              - [x] Rails view helpers in u2f HAML
              - [x] `%div.row.append-bottom-10`
              - [x] Wrap line in `without_two_factor` scope
              - [x] Exception-less flow in `U2F::CreateService`
          - [x] Fix merge conflicts
          - [x] Move service to model class method
          - [x] Fix teaspoon specs
          - [x] Address @rymai's suggestions about error handing
          - [x] Javascript error constants
          - [x] Fix merge conflicts
          - [x] One final review
              - [x] Test "registration with errors" flow
          - [x] Assign to Remy
          - [x] Wait for replies from @jschatz1
          - [x] Address @rymai's comments
              - [x] Omit `%div`
              - [x] Scope `$.find` globally
              - [x] Replace `find('#element-id).click` with `click_on('Element Text')
          - [x] Rebase master + conflicts
          - [x] Look at https://news.ycombinator.com/item?id=11690774
          - [x] Address @connorshea's comment regarding HTTPS on localhost
          - [x] Final sanity check
          - [x] Wait for [CI to pass](https://gitlab.com/gitlab-org/gitlab-ce/commit/c84179ad233529c33ee6ba8491cfea862c6cd864/builds)
          - [x] Address @rymai's next round of comments
              - [x] Interpolate `true` and `false` in DB scopes
              - [x] Why have `Gon::Base.render_data` thrice?
              - [x] `user_spec` should have correct spacing
              - [x] Use `arel_table[:id]` instead of `users.id`
              - [x] URL helper in `app/views/profiles/two_factor_auths/show.html.haml`
              - [x] Remove polyfill change
          - [x] Wait for [CI to pass](https://gitlab.com/gitlab-org/gitlab-ce/commit/0123ab8/builds)
          - [x] Address @jschatz1's comments
              - [x] Use `on('click', ...)` instead of `click(...)`
              - [x] Use `is` and `isnt` in coffeescript
              - [x] Use `and` and `or` in coffeescript
          - [x] Add `Gon::Base.render_data` to `devise_empty` (and other base layouts)
          - [x] Wait for [CI to pass](https://gitlab.com/gitlab-org/gitlab-ce/commit/401916397336174c582be3d3004a072f845d4b5f/builds)
          - [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/75955710ef9a5f0dcee04e8617028c0e3ea5bf50/builds) to pass
          - [x] Fix merge conflicts
          - [x] Inspect diff / workflow
          - [x] Assign back to @rymai
          - [x] Make sure [ci](https://gitlab.com/gitlab-org/gitlab-ce/commit/2c6316b29a9276ef44c7b4b39363a611bf5973a6/builds) has passed
          - [x] Fix merge conflicts (probably introduced by [devise upgrade](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4216)
          - [x] Wait for [CI](https://gitlab.com/gitlab-org/gitlab-ce/commit/a5ef48b7aa63d0d9e45b41643043b57208eaab9f/builds) to pass
          - [x] Respond to @rymai's comments
              - [x] Use `elsif`
              - [x] Check if we need `and return`
              - [x] Only fetch key handles from the DB
              - [x] No annotations to models?
              - [x] Align hash keys in model
          - [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/e0ef504734e7f14813c73bbb79f5c5f6fae3248c/builds) to pass
          - [ ] Wait for merge
      
      ## Screenshots
      
      ![Screenshot_2016-05-03_09.53.04](/uploads/1af3f277efa488dc107d36e6b4b07ca4/Screenshot_2016-05-03_09.53.04.png)
      ![Screenshot_2016-05-03_10.19.53](/uploads/2bfc67dfb96c0e005cce033d8b456813/Screenshot_2016-05-03_10.19.53.png)
      ![Screenshot_2016-05-03_10.19.56](/uploads/e912abedd5b1d07d7185cee9f204c5ff/Screenshot_2016-05-03_10.19.56.png)
      ![Screenshot_2016-05-03_10.20.04](/uploads/9350d5c98823d1f3d4e59517dfb8910a/Screenshot_2016-05-03_10.20.04.png)
      ![Screenshot_2016-05-03_10.31.15](/uploads/84473dc263e0643311a39006e649035f/Screenshot_2016-05-03_10.31.15.png)
      ![Screenshot_2016-05-03_10.31.22](/uploads/13ce43e0d7a565000af29984667eeb08/Screenshot_2016-05-03_10.31.22.png)
      ![Screenshot_2016-05-03_10.31.37](/uploads/b90fbb40dbf9bbd73af324f48ffdc948/Screenshot_2016-05-03_10.31.37.png)
      ![Screenshot_2016-05-03_10.36.48](/uploads/41a0fbc493c6fefeafd922b3ddf2a25e/Screenshot_2016-05-03_10.36.48.png)
      
      See merge request !3905
      3cb69f0c
    • Z.J. van de Weg's avatar
      Update tests on wording · 7d3f8f54
      Z.J. van de Weg authored
      7d3f8f54
    • Fatih Acet's avatar
      Fix scss-lint. · 5dbb3883
      Fatih Acet authored
      5dbb3883