- 12 Mar, 2016 6 commits
-
-
Douwe Maan authored
Filter import_url params because they may contain auth information. Fixes #14199 cc @dzaporozhets @DouweM tagging you since this is security related. See merge request !3174
-
Douwe Maan authored
Fix importing PR's from GitHub when the source repo was removed Closes #13847 Closes gitlab-com/support-forum#584 See merge request !3172
-
Douwe Maan authored
Disallow blank (non-null) values for a Note's `line_code` attribute It's unclear how these blank values got added, but GitLab.com had a few: ``` irb(main):002:0> Note.where("line_code IS NOT NULL AND line_code = ''").count => 439 ``` We've added a migration to convert any existing records to use a NULL value when blank, and updated Note to set blank values to nil before validation. See merge request !3118
-
Douwe Maan authored
Ignore .byebug_history This allows me to use `git add .` without problems and retain all my history of `byebug` What do you think @DouweM? See merge request !3145
-
Douwe Maan authored
fix token issue - timing attack Updates token comparisons to use a secure version instead of `==` Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/13617 See merge request !3062
-
Douwe Maan authored
# Conflicts: # app/helpers/application_helper.rb
-
- 11 Mar, 2016 34 commits
-
-
Jacob Schatz authored
Fix responsive bug top navigation Hi, I have found and fixed a minor layout bug (responsive) This is the situation before the fix: ![before](/uploads/55bf61a64fb49a763c5f8381bf46d390/before.png) And this is the situation after the fix: ![after](/uploads/33ba091156d404e52c41f134121c59f0/after.png) See merge request !3190
-
Robert Speicher authored
It's unclear how these blank values got added, but GitLab.com had a few: ``` irb(main):002:0> Note.where("line_code IS NOT NULL AND line_code = ''").count => 439 ``` We've added a migration to convert any existing records to use a NULL value when blank, and updated Note to set blank values to nil before validation.
-
Douwe Maan authored
Use a custom Devise failure app to handle unauthenticated .zip requests Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/12944 See merge request !2828
-
Robert Speicher authored
Refactor searching and use PostgreSQL trigram indexes for significantly improved performance Related issue: https://gitlab.com/gitlab-org/gitlab-ce/issues/13743. Also fixes #12410 See merge request !2987
-
Dennis van de Hoef authored
-
Yorick Peterse authored
This explains the user what they need to run and where to go in case they want to learn more about "CREATE EXTENSION".
-
Yorick Peterse authored
The OR condition for source_project_id/target_project_id leads to a query plan that performs rather poorly on PostgreSQL due to the use of sub-queries. Because Rails offers no easy alternative for this particular problem we're forced to using a UNION for both conditions. The resulting query performs much faster than just using an OR.
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Yorick Peterse authored
This ensures searching namespaces works exactly the same as searching for any other resource.
-
Yorick Peterse authored
We can just use "arel_table" in these cases instead of "SomeClass.arel_table".
-
Yorick Peterse authored
-
Yorick Peterse authored
We don't need the extra layer of nesting of UNION queries here (as User#authorized_projects already returns a UNION'd query).
-
Yorick Peterse authored
There's no need to order queries used as sub-queries and doing so can add potential overhead.
-
Yorick Peterse authored
This ensures some other methods such as the "issues" method still work.
-
Yorick Peterse authored
This spec was still passing an ID to the #initialize method instead of a Project instance.
-
Yorick Peterse authored
This code is mostly a copy-paste from existing pull requests so there's no point in running Rubocop on it.
-
Yorick Peterse authored
This ensures that options such as `using: :gin` and PostgreSQL operator classes are ignored when loading a schema into a MySQL database.
-
Yorick Peterse authored
This also includes e.g. the appearances table which apparently wasn't already included in the schema.
-
Yorick Peterse authored
This is needed to support creating/dumping/loading indexes that use the gin_trgm_ops operator class on PostgreSQL. These changes are taken from Rails pull request https://github.com/rails/rails/pull/19090.
-
Yorick Peterse authored
Previously this class would be given a project ID which was then used to retrieve the corresponding Project object. However, in all cases the Project object was already known as it was used to grab the ID to pass to ProjectSearchResults. By just passing a Project instead we remove the need for an extra query as well as the need for some other complexity in this class.
-
Yorick Peterse authored
This removes the need for plucking snippet IDs into memory.
-
Yorick Peterse authored
Instead of plucking IDs this class now uses ActiveRecord::Relation objects. Plucking IDs is problematic as searching for projects can lead to a huge amount of IDs being loaded into memory only to be used as an argument for another query (instead of just using a sub-query).
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Yorick Peterse authored
Previously this used a regular LIKE which is case-sensitive on PostgreSQL. This ensures that for both PostgreSQL and MySQL the searching is case-insensitive similar to searching for projects.
-
Yorick Peterse authored
Similar to the changes made to Project.search the method Project.search_by_title now also uses Arel so it can automatically use ILIKE/LIKE instead of the lower() function.
-
Yorick Peterse authored
This chance is broken up in two steps: 1. Use ILIKE on PostgreSQL and LIKE on MySQL, instead of using "WHERE lower(x) LIKE lower(y)" as ILIKE is significantly faster than using lower(). In many cases the use of lower() will force a slow sequence scan. 2. Instead of using 1 query that searches both projects and namespaces using a JOIN we're using 2 separate queries that are UNION'd together. Using a JOIN would force a slow sequence scan, using a UNION avoids this. This method now uses Arel as Arel automatically uses ILIKE on PostgreSQL and LIKE on MySQL, removing the need to handle this manually.
-
Yorick Peterse authored
This allows the LIKE condition to use an index. Without a GIN + trigram index LIKE queries using a wildcard at the start _won't_ use an index and instead perform a sequence scan.
-