| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
The reference extractor phase happens once per type not once
pero pushed commit, so we could be avoiding a lot of DB queries
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Improve asynchronous pipeline processing
## What does this MR do?
This MR improves asynchronous processing of pipeline.
## Why was this MR needed?
It eliminates some race conditions and improves performance.
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- Tests
- [x] Added for this feature/bug
- [x] All builds are passing
## What are the relevant issue / merge request numbers?
Related merge request: !6410
Extracted from !6411
See merge request !6650
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
Conflicts:
app/models/ci/pipeline.rb
app/models/commit_status.rb
|
| | |
| |
| |
| | |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Don't allow flay to fail.
It's passing now so there's no reason to have it set to allow failure anymore.
See merge request !6707
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |\ \ \ |
|
| | |\ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Prevent claiming associated model IDs via import
On the import side, we should be careful not to use any IDs as part of the JSON file that could have been manipulated.
Part of https://gitlab.com/gitlab-org/gitlab-ce/issues/20821
Things we already do (__before__ this fix):
1. Remove all primary keys
1. **Always** reassign some of the foreign keys, such as ALL project IDs and user IDs (so it would be difficult to impersonate or try to gain access to another project)
1. Ignore/reject attributes that do not exist in the model
1. If someone reassigns a foreign key `submodel_id`, and that object has another json as the submodel, the new submodel will reassign the `submodel_id` to the newly created submodel ID.
Things we should do:
1. Remove/nullify any other foreign keys that we don't reassign (checked this, and there aren't many, fortunately. In fact, I don't think much harm can be done at all - at the moment).
See merge request !1985
|
| | | | | | |
|
| | | | | | |
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | |
| | | | | |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | |\ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Don't send Private-Token headers to Sentry
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22537
This bumps 'raven' (the Ruby gem we use to send errors to Sentry) to
version 2.0.2. We need 2.0.0 or newer to be able to sanitize HTTP
headers.
See merge request !2004
|
| | |/ / / /
| | | | |
| | | | |
| | | | | |
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22537
|
| | |\ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fix export project file permissions issue
Fixes security concerns of https://gitlab.com/gitlab-org/gitlab-ce/issues/22757
I have just added the permissions 0700 to the creation of any of the export paths, as @jacobvosmaer suggested in https://gitlab.com/gitlab-org/gitlab-ce/issues/22757#note_16197616
After this has fixed, it could take up to 24 hours in the worse case scenario for old archives to be completely safe - This is the time `ImportExportProjectCleanupWorker` may take to remove the folders. The temporary folders will be 0700 straight away for new installations.
See merge request !2003
|
| | |/ / / / |
|
| | |\ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Escape HTML nodes in builds commands in ci linter
This MR removes call to `simple_format` that behaves like `String#html_safe`, thus it passes unescaped HTML tags to the view.
Closes #22541
See merge request !2001
|
| | | | | | | |
|
| | |\ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
API: disable rails session auth for non-GET/HEAD requests
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22435
See merge request !1999
|
| | | | | | | | |
|
| | | | | | | | |
|
| | |\ \ \ \ \ \
| | |_|/ / / /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Enforce the fork_project permission in Projects::CreateService
Projects::ForkService delegates to this service almost entirely, but needed one small change so it would propagate create errors correctly.
CreateService#execute needs significant refactoring; it is now right at the complexity limit set by Rubocop. I avoided doing so in this commit to keep the diff as small as possible.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/18028
See merge request !1996
|
| | | | | | | | |
|
| | |/ / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Projects::ForkService delegates to this service almost entirely, but needed
one small change so it would propagate create errors correctly.
CreateService#execute needs significant refactoring; it is now right at the
complexity limit set by Rubocop. I avoided doing so in this commit to keep the
diff as small as possible.
Several tests depend on the insecure behaviour of ForkService, so fi them up at
the same time.
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Prevent flash alert text from being obscured when container is fluid
## What does this MR do?
Fixes [a regression](https://gitlab.com/gitlab-org/gitlab-ce/commit/a2af7790) that causes the text within server-initiated flash *alerts* (not flash *notices*) to be obscured when `.container-fluid` is applied. It was reported in relation to a cherry-picking flash alert, but the problem occurs with all server-initiated flash alerts contained by a fluid container.
## Are there points in the code the reviewer needs to double check?
Note that as part of this fix, I combined some duplicate code and removed `.flash-text` & `.content-wrapper` selectors as they didn't seem to be necessary.
I manually tested JS-initiated Flash alerts to make sure this doesn't affect their appearance. I also grepped around for anything else that might depend on these styles. Everything checked out. But... can *you* see something this is going to break?
## Why was this MR needed?
Affected users can't read flash alerts.
## Screenshots (if relevant)
Before:
After:
JS-initiated flash alert (unaffected):
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [x] API support added
- Tests
- [] Added for this feature/bug
- [ ] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
https://gitlab.com/gitlab-org/gitlab-ce/issues/22915
cc: @jschatz1
See merge request !6694
|
| | | | | | | | |
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Updated issuable form with GL dropdowns
## What does this MR do?
This adds back in the GL dropdowns into the issuable form but fixes a lot of usability issues & bugs.
## What are the relevant issue numbers?
Closes #19879, #19882, #19881, #19883, #19880
## Screenshots (if relevant)
See merge request !5293
|
| | | | | | | | | |
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
revert-c676283b-existing
|
| | |\ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
revert-c676283b-existing
# Conflicts:
# app/assets/javascripts/dispatcher.js
|
| | | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \
| | | |_|/ / / / / /
| | |/| | | | | | |
| | | | | | | | | | |
revert-c676283b-existing
|
| | | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
revert-c676283b-existing
|
| | | | | | | | | | | | |
|
| | | | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | | | | |
|
