Commits · d30a90a354f3dc015093d80f9de9dc15b38ff2a0 · nexedi / gitlab-ce

07 Aug, 2019 1 commit

Prevent unauthorised comments on merge requests · d30a90a3

Alex Kalderimis authored Jun 04, 2019

* Prevent creating notes on inaccessible MRs

This applies the notes rules at the MR scope. Rather than adding extra
rules to the Project level policy, preventing :create_note here is
better since it only prevents creating notes on MRs.

* Prevent creating notes in inaccessible Issues

without this policy, non-team-members are allowed to comment on issues
even when the project has the private-issues policy set. This means that
without this change, users are allowed to comment on issues that they
cannot read.

* Add CHANGELOG entry

d30a90a3

05 Aug, 2019 39 commits
- Update CHANGELOG.md for 12.1.4 · 1dfbb27f
  GitLab Release Tools Bot authored Aug 05, 2019
```
[ci skip]
```
  1dfbb27f
- Merge branch '26866-api-endpoint-to-list-the-docker-images-tags-of-a-group' into 'master' · 926def1f
  Mayra Cabrera authored Aug 05, 2019
```
Resolve "API endpoint to list the Docker images/tags of a group"

See merge request gitlab-org/gitlab-ce!30817
```
  926def1f
- Add group level container repository endpoints · 3dbf3997
  Steve Abrams authored Aug 05, 2019
```
API endpoints for requesting container repositories
and container repositories with their tag information
are enabled for users that want to specify the group
containing the repository rather than the specific project.
```
  3dbf3997
- Merge branch 'sh-disable-redis-peek' into 'master' · e9918b1a
  Douglas Barbosa Alexandre authored Aug 05, 2019
```
Only track Redis calls if Peek is enabled

See merge request gitlab-org/gitlab-ce!31438
```
  e9918b1a
- Merge branch '64675-Dashboard-URL-legend-border' into 'master' · f3e2d048
  Clement Ho authored Aug 05, 2019
```
Removed external dashboard legend border

Closes #64675

See merge request gitlab-org/gitlab-ce!31407
```
  f3e2d048
- Removed external dashboard legend border · 7fd512d8
  Olena Horal-Koretska authored Aug 05, 2019
  
  7fd512d8
- Merge branch '63474-applying-a-quick-action-does-not-show-the-correct-message' into 'master' · b683d6e6
  Clement Ho authored Aug 05, 2019
```
Fixed bug from extra parenthesis

Closes #63474

See merge request gitlab-org/gitlab-ce!31479
```
  b683d6e6
- Merge branch 'docs-debug-cody' into 'master' · cafeb134
  Evan Read authored Aug 05, 2019
```
Bring diagnostics_tools.md from debug project to docs

See merge request gitlab-org/gitlab-ce!31399
```
  cafeb134
- Bring diagnostics_tools.md from debug project to docs · dd2b8724
  Marcel Amirault authored Aug 05, 2019
  
  dd2b8724
- Merge branch 'docs-quick-action-labels' into 'master' · fab7500d
  Evan Read authored Aug 05, 2019
```
Document when quotes aren't needed for quick actions

Closes #63735

See merge request gitlab-org/gitlab-ce!31338
```
  fab7500d
- Document when quotes aren't needed for quick actions · 2849715a
  Sean McGivern authored Aug 05, 2019
  
  2849715a
- Merge branch 'add-missing-timezone-legacy-artifacts' into 'master' · c368bae5
  Stan Hu authored Aug 05, 2019
```
Add missing timezone when copying legacy artifacts (ci_builds)

See merge request gitlab-org/gitlab-ce!31447
```
  c368bae5
- Merge branch 'jts/update-security-doc' into 'master' · 7205687c
  Robert Speicher authored Aug 05, 2019
```
Updates security templates

[ci skip]

See merge request gitlab-org/gitlab-ce!31431
```
  7205687c
- Updates security templates · a2170957
  John Skarbek authored Aug 05, 2019
  
  a2170957
- Merge branch 'explicit-helm-factory-certs' into 'master' · 9982cec6
  Michael Kozono authored Aug 05, 2019
```
Use stubbed key and certificate in Helm factory

See merge request gitlab-org/gitlab-ce!31169
```
  9982cec6
- Merge branch 'id-fix-diverging-counts' into 'master' · 112ba080
  Stan Hu authored Aug 05, 2019
```
Use select instead of filter to support 2.5

See merge request gitlab-org/gitlab-ce!31480
```
  112ba080
- Use select instead of filter to support 2.5 · 92d273a9
  Igor authored Aug 05, 2019
  
  92d273a9
- Merge branch '64016-add-shell-style-guide-link-to-development-page' into 'master' · 3dfc89ad
  Marcia Ramos authored Aug 05, 2019
```
Add shell scripting guides to development README

Closes #64016

See merge request gitlab-org/gitlab-ce!31467
```
  3dfc89ad
- Add shell scripting guides to development README · e5304cf6
  Victor Zagorodny authored Aug 05, 2019
  
  e5304cf6
- Merge branch 'bjk/worker_scale_doc' into 'master' · b8293135
  Achilleas Pipinellis authored Aug 05, 2019
```
Update Unicorn Worker recommendation

See merge request gitlab-org/gitlab-ce!31404
```
  b8293135
- Merge branch 'rz_es_update' into 'master' · 137aebc9
  Achilleas Pipinellis authored Aug 05, 2019
```
Docs - Strongly discourage installing ES on the same server as GitLab

See merge request gitlab-org/gitlab-ce!30169
```
  137aebc9
- Docs - Strongly discourage installing ES on the same server as GitLab · 031f0221
  Ronald van Zon authored Aug 05, 2019
  
  031f0221
- Fixed bug from extra parenthesis · b8834bba
  Donald Cook authored Aug 05, 2019
  
  b8834bba
- Merge branch '11467-remove-feature-flag-for-visual-review-app-button-ce-backport' into 'master' · b4cddfde
  Douwe Maan authored Aug 05, 2019
```
Remove visual review app feature flag

See merge request gitlab-org/gitlab-ce!31429
```
  b4cddfde
- Merge branch 'improve-mr-enhance-style-of-the-shared-runners-limit' into 'master' · f10208a3
  Kushal Pandya authored Aug 05, 2019
```
Refactor passing props to jobs/index.js

See merge request gitlab-org/gitlab-ce!31472
```
  f10208a3
- Merge branch 'bvl-use-group-codeowners' into 'master' · 9b364010
  Douwe Maan authored Aug 05, 2019
```
Use groups in CODEOWNERS file

See merge request gitlab-org/gitlab-ce!31477
```
  9b364010
- Merge branch '64729-update-troubleshooting-for-gzip-error-in-backup-docs' into 'master' · c52721aa
  Achilleas Pipinellis authored Aug 05, 2019
```
Resolve "Update troubleshooting for gzip error in backup docs"

Closes #64729

See merge request gitlab-org/gitlab-ce!30884
```
  c52721aa
- Resolve "Update troubleshooting for gzip error in backup docs" · 221f309d
  Alexander Strachan authored Aug 05, 2019
  
  221f309d
- Use groups in CODEOWNERS file · d3d9873e
  Bob Van Landuyt authored Aug 05, 2019
```
Let's dogfood https://gitlab.com/gitlab-org/gitlab-ce/issues/53182

That way we don't need to keep this file up to date.
```
  d3d9873e
- Merge branch 'ce-62234-custom-metrics-help-text' into 'master' · d4d911e9
  Achilleas Pipinellis authored Aug 05, 2019
```
Clarify requirements for custom metrics in docs

See merge request gitlab-org/gitlab-ce!31286
```
  d4d911e9
- Add help text next to Custom Metrics section · 279bad2e
  Reuben Pereira authored Aug 05, 2019
```
- Also add requirements to the docs for custom metrics.
```
  279bad2e
- Merge branch 'docs/update-gitaly-troubleshooting' into 'master' · 113696b1
  Achilleas Pipinellis authored Aug 05, 2019
```
Update Gitaly troubleshooting

See merge request gitlab-org/gitlab-ce!30924
```
  113696b1
- Update Gitaly troubleshooting · 969e6b33
  Cindy Pallares 🦉 authored Aug 05, 2019
  
  969e6b33
- Merge branch 'docs/fix-markdown-lint' into 'master' · 4b1b8b99
  Sean McGivern authored Aug 05, 2019
```
Fix some Markdown lint errors

See merge request gitlab-org/gitlab-ce!31473
```
  4b1b8b99
- Fix some Markdown lint errors · 828c52d0
  Achilleas Pipinellis authored Aug 05, 2019
```
Introduced in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30295
```
  828c52d0
- Refactor passing props to jobs/index.js · 9eb4004f
  Ammar Alakkad authored Aug 05, 2019
  
  9eb4004f
- Merge branch 'docs-update-secure-permissions' into 'master' · 17d80557
  Achilleas Pipinellis authored Aug 05, 2019
```
Update rules for secure features

See merge request gitlab-org/gitlab-ce!31432
```
  17d80557
- Update rules for secure features · 3b6fd661
  Tetiana Chupryna authored Aug 05, 2019
  
  3b6fd661
- Merge branch 'docs/remove-cephfs-example' into 'master' · b6115f17
  Achilleas Pipinellis authored Aug 05, 2019
```
Remove CephFS from example

See merge request gitlab-org/gitlab-ce!31422
```
  b6115f17