Merge branch '5-4-security-update' of /home/git/repositories/gitlab/gitlabhq into 5-4-stablev5.4.1

author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-11-04 13:01:03 +0000
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-11-04 13:01:03 +0000
commit: 36dc6e6b510625708836d0d1d6faf17527446e15 (patch)
tree: f7752916ccf5fbaaec159e4fff8d36bb01713da4
parent: 9360c7334a90349c006be772f603a0977654c263 (diff)
parent: b40ff1e06ee21e1b0c880fbe470256ab03c0a30b (diff)
download: gitlab-ce-36dc6e6b510625708836d0d1d6faf17527446e15.tar.gz
8 files changed, 10 insertions, 45 deletions
diff --git a/Gemfile b/Gemfile
index 03d3f5c1c23..538b17fd0d9 100644
--- a/Gemfile
+++ b/Gemfile
@@ -23,7 +23,7 @@ gem 'omniauth-github'
 
 # Extracting information from a git repository
 # Provide access to Gitlab::Git library
-gem 'gitlab_git', '~> 1.3.0'
+gem 'gitlab_git', '~> 1.3.1'
 
 # Ruby/Rack Git Smart-HTTP Server Handler
 gem 'gitlab-grack', '~> 1.0.1', require: 'grack'
diff --git a/Gemfile.lock b/Gemfile.lock
index c64bd426540..b1ff643b878 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -167,7 +167,7 @@ GEM
       stringex (~> 1.5.1)
     gitlab-grack (1.0.1)
       rack (~> 1.4.1)
-    gitlab-grit (2.5.1)
+    gitlab-grit (2.5.2)
       charlock_holmes (~> 0.6.9)
       diff-lcs (~> 1.1)
       mime-types (~> 1.15)
@@ -175,10 +175,10 @@ GEM
     gitlab-pygments.rb (0.3.2)
       posix-spawn (~> 0.3.6)
       yajl-ruby (~> 1.1.0)
-    gitlab_git (1.3.0)
+    gitlab_git (1.3.1)
       activesupport (~> 3.2.13)
       github-linguist (~> 2.3.4)
-      gitlab-grit (~> 2.5.1)
+      gitlab-grit (~> 2.5.2)
     gitlab_meta (5.0)
     gitlab_omniauth-ldap (1.0.3)
       net-ldap (~> 0.3.1)
@@ -566,7 +566,7 @@ DEPENDENCIES
   gitlab-gollum-lib (~> 1.0.0)
   gitlab-grack (~> 1.0.1)
   gitlab-pygments.rb (~> 0.3.2)
-  gitlab_git (~> 1.3.0)
+  gitlab_git (~> 1.3.1)
   gitlab_meta (= 5.0)
   gitlab_omniauth-ldap (= 1.0.3)
   gon
diff --git a/VERSION b/VERSION
index 1e20ec35c64..ade65226e0a 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-5.4.0
-\ No newline at end of file
+5.4.1
diff --git a/app/contexts/search_context.rb b/app/contexts/search_context.rb
index 22cda709f69..ec814c4dde5 100644
--- a/app/contexts/search_context.rb
+++ b/app/contexts/search_context.rb
@@ -7,6 +7,7 @@ class SearchContext
 
   def execute
     query = params[:search]
+    query = Shellwords.shellescape(query) if query.present?
 
     return result unless query.present?
 
diff --git a/config/initializers/connection_fix.rb b/config/initializers/connection_fix.rb
deleted file mode 100644
index 16cb69ca68b..00000000000
--- a/config/initializers/connection_fix.rb
+++ /dev/null
@@ -1,36 +0,0 @@
-# from http://gist.github.com/238999
-#
-# If your workers are inactive for a long period of time, they'll lose
-# their MySQL connection.
-#
-# This hack ensures we re-connect whenever a connection is
-# lost. Because, really. why not?
-#
-# Stick this in RAILS_ROOT/config/initializers/connection_fix.rb (or somewhere similar)
-#
-# From:
-#   http://coderrr.wordpress.com/2009/01/08/activerecord-threading-issues-and-resolutions/
-
-if defined?(ActiveRecord::ConnectionAdapters::Mysql2Adapter)
-
-  module ActiveRecord::ConnectionAdapters
-
-    class Mysql2Adapter
-      alias_method :execute_without_retry, :execute
-
-      def execute(*args)
-        execute_without_retry(*args)
-      rescue ActiveRecord::StatementInvalid => e
-        if e.message =~ /server has gone away/i
-          warn "Server timed out, retrying"
-          reconnect!
-          retry
-        else
-          raise e
-        end
-      end
-    end
-
-  end
-
-end
diff --git a/doc/install/installation.md b/doc/install/installation.md
index 2af513ce915..5ef6a2d082a 100644
--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -119,7 +119,7 @@ GitLab Shell is a ssh access and repository management software developed specia
     cd gitlab-shell
 
     # switch to right version
-    sudo -u git -H git checkout v1.5.0
+    sudo -u git -H git checkout v1.7.4
 
     sudo -u git -H cp config.yml.example config.yml
 
diff --git a/lib/tasks/gitlab/check.rake b/lib/tasks/gitlab/check.rake
index 3d96eab0149..1dc538ddc83 100644
--- a/lib/tasks/gitlab/check.rake
+++ b/lib/tasks/gitlab/check.rake
@@ -657,7 +657,7 @@ namespace :gitlab do
   end
 
   def check_gitlab_shell
-    required_version = Gitlab::VersionInfo.new(1, 4, 0)
+    required_version = Gitlab::VersionInfo.new(1, 7, 4)
     current_version = Gitlab::VersionInfo.parse(gitlab_shell_version)
 
     print "GitLab Shell version >= #{required_version} ? ... "
diff --git a/lib/tasks/gitlab/test.rake b/lib/tasks/gitlab/test.rake
index 03b3fc5ea20..aa2510d93f7 100644
--- a/lib/tasks/gitlab/test.rake
+++ b/lib/tasks/gitlab/test.rake
@@ -1,4 +1,4 @@
 namespace :gitlab do
   desc "GITLAB | Run both spinach and rspec"
-  task test: ['spinach', 'spec']
+  task test: ['db:setup', 'spinach', 'spec']
 end
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-11-04 13:01:03 +0000
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-11-04 13:01:03 +0000
commit	36dc6e6b510625708836d0d1d6faf17527446e15 (patch)
tree	f7752916ccf5fbaaec159e4fff8d36bb01713da4
parent	9360c7334a90349c006be772f603a0977654c263 (diff)
parent	b40ff1e06ee21e1b0c880fbe470256ab03c0a30b (diff)
download	gitlab-ce-36dc6e6b510625708836d0d1d6faf17527446e15.tar.gz