| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Fix leaking information of confidential issues on TODOs
when user is downgraded to guest access.
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
'54206-show-the-activity-filter-dropdown-in-discussion-tab-only' into 'master'
Resolve "Show the activity filter dropdown in discussion tab only, show all discussions always in changes tab"
Closes #54206
See merge request gitlab-org/gitlab-ce!24082
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Discussion filters will be hidden on Commits, Pipelines, and
Changes tabs on merge requests page.
This does not affect its behavior on issues page
|
|\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
into 'master'
Resolve "Update `Milestone` sort to say say `Milestone due date`"
Closes #55369
See merge request gitlab-org/gitlab-ce!24080
|
| | | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Use directories.new when getting S3 directory
Closes gitlab-com/gl-infra/infrastructure#5807
See merge request gitlab-org/gitlab-ce!23981
|
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Calling `Fog::Storage::AWS::Directories#get` requires the
ListAllMyBuckets permission, but we can avoid that extra query and
permission by initializing the directory with a specific bucket:
https://stackoverflow.com/a/12288581/1992201
|
|\ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
'master'
Resolve "User activity is stuck loading when there is none"
Closes #55755
See merge request gitlab-org/gitlab-ce!24063
|
|/ / / / / / / / / / / / / |
|
|\ \ \ \ \ \ \ \ \ \ \ \ \
| |_|_|_|/ / / / / / / / /
|/| | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Upgrade GitLab QA image to Ruby 2.5
See merge request gitlab-org/gitlab-ce!24091
|
| | |_|_|_|_|_|_|_|_|/ /
| |/| | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
GitLab is now shipping with Ruby 2.5.3, so we should make the
version consistent for the QA image as well.
|
|\ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
'55838-remove-gem-install-bundler-from-docker-based-ruby-environments' into 'master'
Remove gem install bundler from Docker-based Ruby environments
Closes #55838
See merge request gitlab-org/gitlab-ce!24093
|
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
bundler gem has been included in the Docker official Ruby image since 2.1.
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
|
|\ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
log text_filter arg of find_element
Closes gitlab-org/quality/nightly#52
See merge request gitlab-org/gitlab-ce!24064
|
| | | | | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
Updating link to correctly point to environment scope docs
See merge request gitlab-org/gitlab-ce!24023
|
| | | | | | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | |
Update mysql.md - broken link
See merge request gitlab-org/gitlab-ce!23988
|
| | | | | | | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | |
Explain how to use kaniko with a registry with a custom certificate
Closes #53656
See merge request gitlab-org/gitlab-ce!23875
|
| | | | | | | | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| |_|_|_|_|/ / / / / / / / / / / /
|/| | | | | | | | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
'security-53543-user-keeps-access-to-mr-issue-when-removed-from-team' into 'master'
[master] Adds validation to check if user can read project
See merge request gitlab/gitlabhq!2645
|
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
An issuable should not be available to a user if the
project is not visible to that specific user
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | |
[master] Validate projects in MR build service
See merge request gitlab/gitlabhq!2678
|
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | |
This validates the correct abilities for both projects. Only
`read_project` isn't enough:
For the `source_project` we validate `create_merge_request_from` this
also validates that the user has developer access to the project.
For the `target_project` we validate `create_merge_reqeust_in` this
also validates that the user has access to the project's repository.
To avoid generating diffs for unrelated projects we also validate that
the projects are in the same fork network now.
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | |
[master] Project guests no longer are able to see refs page
See merge request gitlab/gitlabhq!2685
|
| | | |/ / / / / / / / / / / / / / / /
| | |/| | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | |
Adds download_code authorization check to ProjectsController#refs
action, to prevent a project guest from seeing branch, tags and
commits information
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | |
[master] SSRF - Scan Internal Ports and GCP/AWS endpoints
See merge request gitlab/gitlabhq!2689
|
| | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | |
mirror urls
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | |
[master] Prevent private snippet from being embeddable
See merge request gitlab/gitlabhq!2692
|
| | | | | | | | | | | | | | | | | | | | | |
|
| | | | | | | | | | | | | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | |
[master] Escape label and milestone titles to prevent XSS in GFM autocomplete
See merge request gitlab/gitlabhq!2693
|
| | | | | | | | | | | | | | | | | | | | | | |
|
| | |/ / / / / / / / / / / / / / / / / / / |
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | |
[master] Guest users have access to all Job information via the API
See merge request gitlab/gitlabhq!2717
|
| | | | | | | | | | | | | | | | | | | | | | |
|
| | | | | | | | | | | | | | | | | | | | | | |
|
| | | | | | | | | | | | | | | | | | | | | | |
|
| | | | | | | | | | | | | | | | | | | | | | |
|
| | | | | | | | | | | | | | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | |
[master] SSRF in project imports with LFS
See merge request gitlab/gitlabhq!2720
|
| | | | | | | | | | | | | | | | | | | | | | | |
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | |
into 'master'
[master] Group Ex-Maintainer Could maintain Access to Project's Source Code/Jobs/Pipelines/Artifacts if it had Shared Group Runner Configured
See merge request gitlab/gitlabhq!2721
|
| | | | | | | | | | | | | | | | | | | | | | | | |
|
| | | | | | | | | | | | | | | | | | | | | | | | |
|
| | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | |
[ci skip]
|
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | |
Fix #55740: Use the '--no-document' option instead of the 'gem' tool's deprecated options
Closes #55740
See merge request gitlab-org/gitlab-ce!24049
|
| | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | | | | | | | | | |
`--no-rdoc` and `--no-ri` have been deprecated since RubyGems 2.0:
https://github.com/rubygems/rubygems/blob/v2.0.0/History.txt#L43
They were finally removed in a recent release:
https://github.com/rubygems/rubygems/pull/2354
|