| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Closes #14129
|
|\
| |
| |
| |
| |
| |
| | |
Remove unnecessary go-get test (superseded by middleware)
See merge request !3193
|
|/ |
|
|
|
| |
This reverts merge request !3191
|
|\
| |
| |
| |
| |
| |
| | |
Support Golang subpackage fetching
Closes #13805
See merge request !3191
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| | |
Closes #13805
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Removed User#project_relations
This is to make things more compatible with EE so merging is easier.
cc @dzaporozhets
See merge request !3192
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
GitLab EE adds an extra relation that selects a "project_id" column
instead of an "id" column, making it very hard for this method to be
re-used in EE. Since using User#authorized_groups in
ProjectsFinder#all_groups apparently has no performance impact we can
just use it and keep everything compatible with EE.
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Filter import_url params because they may contain auth information. Fixes #14199
cc @dzaporozhets @DouweM tagging you since this is security related.
See merge request !3174
|
| | |/
| |/| |
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix importing PR's from GitHub when the source repo was removed
Closes #13847
Closes gitlab-com/support-forum#584
See merge request !3172
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Disallow blank (non-null) values for a Note's `line_code` attribute
It's unclear how these blank values got added, but GitLab.com had a few:
```
irb(main):002:0> Note.where("line_code IS NOT NULL AND line_code = ''").count
=> 439
```
We've added a migration to convert any existing records to use a NULL
value when blank, and updated Note to set blank values to nil before
validation.
See merge request !3118
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
It's unclear how these blank values got added, but GitLab.com had a few:
```
irb(main):002:0> Note.where("line_code IS NOT NULL AND line_code = ''").count
=> 439
```
We've added a migration to convert any existing records to use a NULL
value when blank, and updated Note to set blank values to nil before
validation.
|
|\ \ \ \ \
| |_|_|_|/
|/| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Ignore .byebug_history
This allows me to use `git add .` without problems and retain all my history of `byebug`
What do you think @DouweM?
See merge request !3145
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
fix token issue - timing attack
Updates token comparisons to use a secure version instead of `==`
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/13617
See merge request !3062
|
| | | | | | |
|
| |\ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | | |
fix/token-timing-attack
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
'nico-de-ceulaer/gitlab-ce-13865-handle-other-emails-for-avatar-lookup'
# Conflicts:
# app/helpers/application_helper.rb
|
| | | | | | | | |
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Fix responsive bug top navigation
Hi,
I have found and fixed a minor layout bug (responsive)
This is the situation before the fix:
![before](/uploads/55bf61a64fb49a763c5f8381bf46d390/before.png)
And this is the situation after the fix:
![after](/uploads/33ba091156d404e52c41f134121c59f0/after.png)
See merge request !3190
|
| | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \
| |_|_|_|_|_|/ / /
|/| | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Use a custom Devise failure app to handle unauthenticated .zip requests
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/12944
See merge request !2828
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/12944
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Refactor searching and use PostgreSQL trigram indexes for significantly
improved performance
Related issue: https://gitlab.com/gitlab-org/gitlab-ce/issues/13743.
Also fixes #12410
See merge request !2987
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This explains the user what they need to run and where to go in case
they want to learn more about "CREATE EXTENSION".
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
The OR condition for source_project_id/target_project_id leads to a
query plan that performs rather poorly on PostgreSQL due to the use of
sub-queries. Because Rails offers no easy alternative for this
particular problem we're forced to using a UNION for both conditions.
The resulting query performs much faster than just using an OR.
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | | | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This ensures searching namespaces works exactly the same as searching
for any other resource.
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
We can just use "arel_table" in these cases instead of
"SomeClass.arel_table".
|
| | | | | | | | | | |
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
We don't need the extra layer of nesting of UNION queries here (as
User#authorized_projects already returns a UNION'd query).
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
There's no need to order queries used as sub-queries and doing so can
add potential overhead.
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This ensures some other methods such as the "issues" method still work.
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This spec was still passing an ID to the #initialize method instead of
a Project instance.
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This code is mostly a copy-paste from existing pull requests so there's
no point in running Rubocop on it.
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This ensures that options such as `using: :gin` and PostgreSQL operator
classes are ignored when loading a schema into a MySQL database.
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This also includes e.g. the appearances table which apparently wasn't
already included in the schema.
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This is needed to support creating/dumping/loading indexes that use the
gin_trgm_ops operator class on PostgreSQL. These changes are taken from
Rails pull request https://github.com/rails/rails/pull/19090.
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Previously this class would be given a project ID which was then used to
retrieve the corresponding Project object. However, in all cases the
Project object was already known as it was used to grab the ID to pass
to ProjectSearchResults. By just passing a Project instead we remove the
need for an extra query as well as the need for some other complexity
in this class.
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
This removes the need for plucking snippet IDs into memory.
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Instead of plucking IDs this class now uses ActiveRecord::Relation
objects. Plucking IDs is problematic as searching for projects can lead
to a huge amount of IDs being loaded into memory only to be used as an
argument for another query (instead of just using a sub-query).
|