An error occurred fetching the project authors.
  1. 17 Feb, 2021 2 commits
  2. 12 Feb, 2021 1 commit
  3. 10 Feb, 2021 2 commits
    • Tyler Amos's avatar
      Update gitlab-license gem to 1.3.0 · 886698ee
      Tyler Amos authored
      Updating from v0.0.4.  This is mostly a trivial update with
      non-breaking changes (style and development changes), but does
      include a few changes to prepare for cloud-license.  This includes the
      addition of 3 new attributes:
      
      - "sync"
      - "last_synced_at"
      - "next_sync_at"
      886698ee
    • Patrick Steinhardt's avatar
      Update Gitaly Gem to v13.9.0-rc1 · 4fa3ff69
      Patrick Steinhardt authored
      In order to get hold of the new "timestamp" field added to a subset of
      Gitaly RPCs, this commit updates the Gitaly Gem to v13.9.0-rc1.
      4fa3ff69
  4. 08 Feb, 2021 1 commit
  5. 06 Feb, 2021 1 commit
  6. 05 Feb, 2021 1 commit
    • jejacks0n's avatar
      Adds the new project readme experiment · 1d3d8080
      jejacks0n authored
      - This experiment auto-checks the “create readme” on blank project
      creation. It adds tracking for creation, and initial writes to all
      projects.
      1d3d8080
  7. 04 Feb, 2021 1 commit
    • Yorick Peterse's avatar
      Replace the changelog regex parser with Parslet · d82571bf
      Yorick Peterse authored
      In https://gitlab.com/gitlab-org/gitlab/-/merge_requests/50063 we
      introduced code for generating Markdown changelogs using the API, using
      a custom template language. The compiler for this language would convert
      a custom syntax into ERB, making sure arbitrary code execution isn't
      possible; or so we thought. In
      https://gitlab.com/gitlab-org/gitlab/-/issues/300224 we found a way to
      bypass the template engine's harness, and run arbitrary Ruby code.
      
      In response to this issue, I decided to investigate replacing the setup
      with something more secure. We always planned on doing so when deemed
      necessary, unfortunately that need arrived sooner than expected.
      
      In this commit we replace the regex/ERB based setup with a parser built
      using Parslet (http://kschiess.github.io/parslet/). Parslet makes it
      pretty easy to write a parser, and was already an indirect dependency of
      GitLab (through the license_finder Gem). This new parser doesn't allow
      for arbitrary code execution, doesn't depend on ERB, and is less fragile
      compared to the old setup. Templates are executed by walking and
      evaluating the AST nodes the parser produces. While this won't break any
      speed records, it's easy to maintain and understand, and fast enough for
      our needs.
      
      In this new setup there is a slight difference compared to the old
      setup. In the old setup, expression tags on their own line don't add a
      new line. So this:
      
          foo
          {% if something %}{% end %}
          bar
      
      Compiles into this:
      
          foo
          bar
      
      Getting this right using the Parslet parser proved difficult, so we took
      a slightly different approach: any newline following an expression tag
      (if, else, end, and each) consumes the newline that directly follows it
      (if any). This requires only a small change in the template, is easy to
      implement, and still intuitive to the user.
      
      As part of this commit we also fix a small bug that would lead to empty
      entries being included in the template, and add a note about using the
      right YAML syntax to preserve newlines.
      d82571bf
  8. 03 Feb, 2021 3 commits
  9. 01 Feb, 2021 1 commit
  10. 28 Jan, 2021 1 commit
  11. 27 Jan, 2021 1 commit
  12. 26 Jan, 2021 1 commit
  13. 25 Jan, 2021 1 commit
  14. 22 Jan, 2021 2 commits
  15. 21 Jan, 2021 3 commits
  16. 20 Jan, 2021 1 commit
  17. 18 Jan, 2021 1 commit
  18. 14 Jan, 2021 3 commits
  19. 13 Jan, 2021 2 commits
  20. 12 Jan, 2021 3 commits
  21. 11 Jan, 2021 2 commits
  22. 08 Jan, 2021 2 commits
  23. 07 Jan, 2021 3 commits
  24. 06 Jan, 2021 1 commit