1. 11 Dec, 2017 32 commits
  2. 09 Dec, 2017 2 commits
  3. 08 Dec, 2017 6 commits
    • Stan Hu's avatar
      Fix gitlab:import:repos Rake task moving repositories into the wrong location · 78f7c3c8
      Stan Hu authored
      If the source import directory were different from the destination directory,
      GitLab would first create a blank repository and then erroneously move the
      original one into a subdirectory. Adding an import type prevents this the project
      from being initialized in the first place. It was accidentally removed in
      1f917cbd49.
      
      Closes #40765
      78f7c3c8
    • Michael Kozono's avatar
      Manually add 10.2.4 changelog entries · 0f811675
      Michael Kozono authored
      0f811675
    • Fatih Acet's avatar
      Merge branch 'note-preview' into 'security-10-2' · f4fbe61a
      Fatih Acet authored
      prevent potential XSS when editing comment
      
      See merge request gitlab/gitlabhq!2238
      
      (cherry picked from commit 80ed6d25a46c0f70ec8baea78b5777118d63876c)
      
      7480e462 prevent potential XSS when editing comment
      f4fbe61a
    • Sean McGivern's avatar
      Merge branch 'issue_30663' into 'security-10-2' · c59ae547
      Sean McGivern authored
      Prevent creating issues through API without having permissions
      
      See merge request gitlab/gitlabhq!2225
      
      (cherry picked from commit c298bbaa88883343dc9cbbb6abec0808fb3b546c)
      
      915b97c5 Prevent creating issues through API without having permissions
      c59ae547
    • Douwe Maan's avatar
      Merge branch 'rs-security-group-api' into 'security-10-2' · 8f29d264
      Douwe Maan authored
      [10.2] Ensure we expose group projects using GroupProjectsFinder
      
      See merge request gitlab/gitlabhq!2234
      
      (cherry picked from commit 072f8f2fd6ec794645375a16ca4ddc1cbeb76d7a)
      
      a2240338 Ensure we expose group projects using GroupProjectsFinder
      8f29d264
    • Douwe Maan's avatar
      Merge branch 'bvl-10-2-email-disclosure' into 'security-10-2' · 8c0aa7d4
      Douwe Maan authored
      (10.2) Avoid partial partial email adresses for matching
      
      See merge request gitlab/gitlabhq!2232
      
      (cherry picked from commit 081aa1e91a777c9acb31be4a1e76b3dd7032fa9a)
      
      There are unresolved conflicts in app/models/user.rb.
      
      fa85a3fd Don't allow searching for partial user emails
      8c0aa7d4