CHANGELOG 4.59 KB
Newer Older
1
v2.6.6 (unreleased)
2
  - Do not clean LANG environment variable for the git hooks when working through the SSH-protocol
3
  - Add git-lfs-authenticate command to white list (this command is used by git-lfs for SSO authentication through SSH-protocol)
Jacob Vosmaer's avatar
Jacob Vosmaer committed
4
  - Handle git-annex and gcryptsetup
5

Robert Speicher's avatar
Robert Speicher committed
6 7 8
v2.6.5
  - Handle broken symlinks in create-hooks

9 10
v2.6.4
  - Remove keys from authorized_keys in-place
11
  - Increase batch_add_keys lock timeout to 300 seconds
Valery Sizov's avatar
Valery Sizov committed
12
  - If git-annex is enabled set GIT_ANNEX_SHELL_LIMITED variable
13

14 15 16
v2.6.3
  - Prevent keys with a very specific comment from accidentally being deleted.

17 18
v2.6.2
  - Include ecdsa keys in `gitlab_keys list-keys`.
19
  - Refactor logic around GL_ID
20

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
21 22 23
v2.6.1
  - Write errors to stderr to get git to abort and show them as such.

24
v2.6.0
25 26
  - Prevent character encoding issues by sending received changes as raw data.

27 28 29
v2.5.4
  - Remove recursive commands from bin/install

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
30 31 32
v2.5.3
  - Improve git-annex integration

33 34 35
v2.5.2
  - Safer line sub for git-annex command

36 37 38
v2.5.1
  - Expect broadcast message to return empty JSON if no message now

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
39
v2.5.0
40
  - Support git-annex tool (disabled by default)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
41
  - Add rubocop (Ruby static code analyzer) for development
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
42

43 44 45
v2.4.3
  - Print broadcast message if one is available

46 47 48
v2.4.2
  - Pass git changes list as string instead of array

Valery Sizov's avatar
Valery Sizov committed
49 50 51
v2.4.1
  - Access token masking in url before loging

52
v2.4.0
Valery Sizov's avatar
Valery Sizov committed
53
  - Show error message when git push is rejected
54

55 56 57
v2.2.0
  - Support for custom hooks (Drew Blessing and Jose Kahan)

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
58 59 60
v2.1.0
  - Use secret token with GitLab internal API. Requires GitLab 7.5 or higher

61 62 63
v2.0.1
  - Send post-receive changes to redis as a string instead of array 

64 65
v2.0.0
  - Works with GitLab v7.3+
Job van der Voort's avatar
Job van der Voort committed
66
  - Replace raise with abort when checking path to prevent path exposure
67
  - Handle invalid number of arguments on remote commands
68
  - Replace update hook with pre-receive and post-receive hooks. 
69
  - Symlink the whole hooks directory
70
  - Ignore missing repositories in create-hooks
71
  - Connect to Redis via sockets by default
Job van der Voort's avatar
Job van der Voort committed
72

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
73 74 75
v1.9.7
  - Increased test coverage
  - By default use direct unicorn connection (localhost:8080)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
76
  - Fix wrong repo path send to GitLab by GitlabUpdate hook
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
77

78 79 80
v1.9.6
  - Explicitly require 'timeout' from the standard library

81 82
v1.9.5
  - Put authorized_keys.lock in the same directory as authorized_keys
83
  - Use lock file when add new entries to authorized_keys
84

85 86 87
v1.9.4
  - Use lock file when modify authorized_keys

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
88 89 90
v1.9.3
  - Ignore force push detection for new branch or branch remove push

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
91 92 93
v1.9.2
  - Add support for force push detection 

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
94 95 96
v1.9.1
  - Update hook sends branch and tag name 

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
97 98 99 100
v1.9.0
  - Call api in update hook for both ssdh and http push. Requires GitLab 6.7+
  - Pass oldrev and newrev to api.allowed?

101 102 103
v1.8.5
  - Add `gitlab-keys batch-add-keys` subcommand for authorized_keys rebuilds

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
104 105 106
v1.8.4
  - Dont do import if repository exists

107 108 109
v1.8.3
  - Add timeout option for repository import

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
110 111 112
v1.8.2
  - Fix broken 1.8.1

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
113 114 115 116 117
v1.8.1
  - Restrict Environment Variables
  - Add bin/create-hooks command
  - More safe shell execution

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
118 119 120
v1.8.0
  - Fix return values in GitlabKeys

Dmitriy Zaporozhets's avatar
1.7.9  
Dmitriy Zaporozhets committed
121 122 123
v1.7.9
  - Fix escape of repository path for custom ssh port

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
124
v1.7.8
Jacob Vosmaer's avatar
Jacob Vosmaer committed
125
  - Escape repository path to prevent relative links (CVE-2013-4583)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
126 127

v1.7.7
Jacob Vosmaer's avatar
Jacob Vosmaer committed
128 129
  - Separate options from arguments with -- (CVE-2013-4582)
  - Bypass shell and use stdlib JSON for GitlabUpdate (CVE-2013-4581)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
130

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
131 132 133
v1.7.6
  - Fix gitlab-projects update-head for improted repo when branch exists but not listed in refs/head

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
134 135 136
v1.7.5
  - Remove keys from authorized_keys using ruby instead of shell

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
137
v1.7.4
Jacob Vosmaer's avatar
Jacob Vosmaer committed
138
  - More protection against shell injection (CVE-2013-4546)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
139

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
140
v1.7.3
Jacob Vosmaer's avatar
Jacob Vosmaer committed
141
  - Use Kernel#open to append lines to authorized_keys (CVE-2013-4490)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
142

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
143 144 145
v1.7.2
  - More safe command execution

146 147 148
v1.7.1
  - Fixed issue when developers are able to push to protected branches that contain a '/' in the branch name.

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
149 150 151
v1.7.0
  - Clean authorized_keys file with `gitlab-keys clear`

152 153 154 155
v1.6.0
  - Create branch/tag functionality
  - Remove branch/tag functionality

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
156 157 158 159 160 161
v1.5.0
  - Logger
  - Ability to specify ca_file/ca_path
  - Update-head command for project
  - Better regexp for key_id inside shell

162 163 164
v1.4.0
  - Regex used in rm-key command was too lax

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
165 166 167
v1.3.0
  - Fork-project command
  - Custom redis configuration
Akzhan Abdulin's avatar
Akzhan Abdulin committed
168 169
  - Interpret login with deploy key as anonymous one

170 171
v1.2.0
  - Return non-zero result if gitlab-projects and gitlab-keys execution was not successful
Akzhan Abdulin's avatar
Akzhan Abdulin committed
172
  - http_settings configuration option added
173

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
174 175 176 177
v1.1.0
  - added mv-project feature
  - increased test coverage

178
v1.0.4
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
179
  - requires gitlab c9ca15e
Johannes Schleifenbaum's avatar
Johannes Schleifenbaum committed
180
  - don't use post-receive file any more. Make all updates in update
181 182
  - fixed issue with invalid GL_USER
  - use GL_ID instead of GL_USER