summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Don't run affix tabs in test envmr-tabs-affixPhil Hughes2016-10-102-34/+1
| | | | This was messing up other tests
* Tests updatePhil Hughes2016-10-061-0/+3
|
* Fixed testsPhil Hughes2016-10-062-9/+16
|
* Fixed merge request tab JS specPhil Hughes2016-10-061-0/+1
|
* Merge request tabs stick when scrolling pagePhil Hughes2016-10-065-1/+75
| | | | Closes #20548
* Merge branch 'docs/ca-feedback' into 'master' Achilleas Pipinellis2016-10-062-15/+73
|\ | | | | | | | | | | | | | | | | Add more info in Cycle Analytics docs - Clarify the Plan to Code stages in Cycle Analytics docs based on feedback https://about.gitlab.com/2016/09/21/cycle-analytics-feature-highlight/#comment-2915715168 - Add a workflow example See merge request !6562
| * Clarify some more the Cycle Analytics workflow exampleAchilleas Pipinellis2016-10-061-16/+22
| | | | | | | | [ci skip]
| * Add example Cycle Analytics workflowdocs/ca-feedbackAchilleas Pipinellis2016-10-041-5/+53
| | | | | | | | [ci skip]
| * Take a new screenshot for Cycle AnalyticsAchilleas Pipinellis2016-10-031-0/+0
| |
| * Clarify that the `production` environment is case-sensitiveAchilleas Pipinellis2016-10-031-1/+1
| | | | | | | | Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22533
| * Clarify Plan and Code stages moreAchilleas Pipinellis2016-10-031-2/+2
| |
| * Clarify what it means Test stage is not calculated in TotalAchilleas Pipinellis2016-10-031-1/+4
| |
| * Fix markdown URL linkAchilleas Pipinellis2016-10-031-1/+1
| |
| * Clarify the Plan to Code stages in Cycle Analytics docsAchilleas Pipinellis2016-09-281-3/+4
| | | | | | | | [ci skip]
* | Merge branch 'feature/improve-async-pipeline-processing' into 'master' Kamil Trzciński2016-10-0610-12/+80
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Improve asynchronous pipeline processing ## What does this MR do? This MR improves asynchronous processing of pipeline. ## Why was this MR needed? It eliminates some race conditions and improves performance. ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - Tests - [x] Added for this feature/bug - [x] All builds are passing ## What are the relevant issue / merge request numbers? Related merge request: !6410 Extracted from !6411 See merge request !6650
| * | Do not return false in commit status transitionfeature/improve-async-pipeline-processingGrzegorz Bizon2016-10-043-7/+5
| | |
| * | Add specs for new async ci pipeline workersGrzegorz Bizon2016-10-042-0/+44
| | |
| * | Fix hipchat service specs after changes in pipelineGrzegorz Bizon2016-10-042-4/+3
| | |
| * | Update order of build transition callbacksGrzegorz Bizon2016-10-044-24/+22
| | |
| * | Fix pipeline fixtures and calls to removed methodGrzegorz Bizon2016-10-043-3/+3
| | |
| * | Extract updating pipeline status to async workerGrzegorz Bizon2016-10-043-13/+24
| | |
| * | Use internal commit status API to check if finishedGrzegorz Bizon2016-10-041-2/+2
| | |
| * | Fix async pipeline and remove unrelated changesGrzegorz Bizon2016-10-046-26/+16
| | |
| * | Make pipeline processing asynchronousKamil Trzcinski2016-10-037-23/+51
| | | | | | | | | | | | | | | | | | Conflicts: app/models/ci/pipeline.rb app/models/commit_status.rb
* | | Fix CHANGELOG and wrong conflict resolutionRémy Coutable2016-10-062-9/+1
| | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | Merge branch 'cs-flay-no-allow-failure' into 'master' Rémy Coutable2016-10-061-3/+1
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Don't allow flay to fail. It's passing now so there's no reason to have it set to allow failure anymore. See merge request !6707
| * | | Don't allow flay to fail.cs-flay-no-allow-failureConnor Shea2016-10-051-3/+1
| | | |
* | | | Add 8.12.4 CHANGELOG entriesRémy Coutable2016-10-061-7/+15
| | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | | Merge remote-tracking branch 'dev/master'Rémy Coutable2016-10-065-5/+184
|\ \ \ \
| * \ \ \ Merge branch 'fix/id-claim-import-issue' into 'master' Douwe Maan2016-09-305-5/+184
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prevent claiming associated model IDs via import On the import side, we should be careful not to use any IDs as part of the JSON file that could have been manipulated. Part of https://gitlab.com/gitlab-org/gitlab-ce/issues/20821 Things we already do (__before__ this fix): 1. Remove all primary keys 1. **Always** reassign some of the foreign keys, such as ALL project IDs and user IDs (so it would be difficult to impersonate or try to gain access to another project) 1. Ignore/reject attributes that do not exist in the model 1. If someone reassigns a foreign key `submodel_id`, and that object has another json as the submodel, the new submodel will reassign the `submodel_id` to the newly created submodel ID. Things we should do: 1. Remove/nullify any other foreign keys that we don't reassign (checked this, and there aren't many, fortunately. In fact, I don't think much harm can be done at all - at the moment). See merge request !1985
| | * | | | updated attribute cleaner to use allowed keyword and reject attributesJames Lopez2016-09-271-3/+3
| | | | | |
| | * | | | Prevent claiming associated model IDs via import and added relevant specsJames Lopez2016-09-275-5/+184
| | | | | |
* | | | | | Merge commit 'dev/security' into 'master'Rémy Coutable2016-10-0635-44/+193
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| * | | | | Merge branch 'raven-headers' into 'security' Rémy Coutable2016-10-055-4/+9
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Don't send Private-Token headers to Sentry Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22537 This bumps 'raven' (the Ruby gem we use to send errors to Sentry) to version 2.0.2. We need 2.0.0 or newer to be able to sanitize HTTP headers. See merge request !2004
| | * | | | | Don't send Private-Token headers to SentryJacob Vosmaer2016-10-045-4/+9
| |/ / / / / | | | | | | | | | | | | | | | | | | Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22537
| * | | | | Merge branch 'fix/export-project-file-permissions' into 'security' Douwe Maan2016-10-0310-7/+27
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix export project file permissions issue Fixes security concerns of https://gitlab.com/gitlab-org/gitlab-ce/issues/22757 I have just added the permissions 0700 to the creation of any of the export paths, as @jacobvosmaer suggested in https://gitlab.com/gitlab-org/gitlab-ce/issues/22757#note_16197616 After this has fixed, it could take up to 24 hours in the worse case scenario for old archives to be completely safe - This is the time `ImportExportProjectCleanupWorker` may take to remove the folders. The temporary folders will be 0700 straight away for new installations. See merge request !2003
| | * | | | | fix export project file permissions issueJames Lopez2016-09-3010-7/+27
| |/ / / / /
| * | | | | Merge branch 'fix/escape-builds-commands-in-ci-linter' into 'security' Robert Speicher2016-09-282-2/+36
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Escape HTML nodes in builds commands in ci linter This MR removes call to `simple_format` that behaves like `String#html_safe`, thus it passes unescaped HTML tags to the view. Closes #22541 See merge request !2001
| | * | | | | Escape HTML nodes in builds commands in ci linterGrzegorz Bizon2016-09-262-2/+36
| | | | | | |
| * | | | | | Merge branch '22435-no-api-state-change-via-rails-session' into 'security' Douwe Maan2016-09-2810-25/+63
| |\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | API: disable rails session auth for non-GET/HEAD requests Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22435 See merge request !1999
| | * | | | | | Convert label creation from API to controller endpointNick Thomas2016-09-238-18/+26
| | | | | | | |
| | * | | | | | API: disable rails session auth for non-GET/HEAD requestsNick Thomas2016-09-232-7/+37
| | | | | | | |
| * | | | | | | Merge branch '18028-respect-fork-project' into 'security' Rémy Coutable2016-09-2810-7/+45
| |\ \ \ \ \ \ \ | | |_|/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enforce the fork_project permission in Projects::CreateService Projects::ForkService delegates to this service almost entirely, but needed one small change so it would propagate create errors correctly. CreateService#execute needs significant refactoring; it is now right at the complexity limit set by Rubocop. I avoided doing so in this commit to keep the diff as small as possible. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/18028 See merge request !1996
| | * | | | | | Add a CHANGELOG entryNick Thomas2016-09-271-0/+1
| | | | | | | |
| | * | | | | | Enforce the fork_project permission in Projects::CreateServiceNick Thomas2016-09-279-7/+44
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Projects::ForkService delegates to this service almost entirely, but needed one small change so it would propagate create errors correctly. CreateService#execute needs significant refactoring; it is now right at the complexity limit set by Rubocop. I avoided doing so in this commit to keep the diff as small as possible. Several tests depend on the insecure behaviour of ForkService, so fi them up at the same time.
* | | | | | | Merge branch 'flash-cherry-pick-error' into 'master' Fatih Acet2016-10-052-7/+3
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prevent flash alert text from being obscured when container is fluid ## What does this MR do? Fixes [a regression](https://gitlab.com/gitlab-org/gitlab-ce/commit/a2af7790) that causes the text within server-initiated flash *alerts* (not flash *notices*) to be obscured when `.container-fluid` is applied. It was reported in relation to a cherry-picking flash alert, but the problem occurs with all server-initiated flash alerts contained by a fluid container. ## Are there points in the code the reviewer needs to double check? Note that as part of this fix, I combined some duplicate code and removed `.flash-text` & `.content-wrapper` selectors as they didn't seem to be necessary. I manually tested JS-initiated Flash alerts to make sure this doesn't affect their appearance. I also grepped around for anything else that might depend on these styles. Everything checked out. But... can *you* see something this is going to break? ## Why was this MR needed? Affected users can't read flash alerts. ## Screenshots (if relevant) Before: ![Screen_Shot_2016-10-05_at_3.02.38_PM](/uploads/af258585e428d82dc2b293434661790b/Screen_Shot_2016-10-05_at_3.02.38_PM.png) After: ![Screen_Shot_2016-10-05_at_3.02.47_PM](/uploads/75a93235440e2b83088e66bbe53d6cee/Screen_Shot_2016-10-05_at_3.02.47_PM.png) JS-initiated flash alert (unaffected): ![Screen_Shot_2016-10-05_at_3.39.57_PM](/uploads/ba678cfaeb09c639499059712a33abe8/Screen_Shot_2016-10-05_at_3.39.57_PM.png) ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [x] API support added - Tests - [] Added for this feature/bug - [ ] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? https://gitlab.com/gitlab-org/gitlab-ce/issues/22915 cc: @jschatz1 See merge request !6694
| * | | | | | | Make flash-alert background transparent to match flash-notice.flash-cherry-pick-errorBryce Johnson2016-10-052-7/+3
| | | | | | | |
* | | | | | | | Merge branch 'revert-c676283b' into 'master' Fatih Acet2016-10-0527-144/+638
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updated issuable form with GL dropdowns ## What does this MR do? This adds back in the GL dropdowns into the issuable form but fixes a lot of usability issues & bugs. ## What are the relevant issue numbers? Closes #19879, #19882, #19881, #19883, #19880 ## Screenshots (if relevant) ![Screen_Shot_2016-08-30_at_12.13.09](/uploads/f1df758b3fb59958b4e6b62960b81bfb/Screen_Shot_2016-08-30_at_12.13.09.png) ![Screen_Shot_2016-08-30_at_12.13.13](/uploads/6e4fd8f4d874b14eaab6b10752a19df4/Screen_Shot_2016-08-30_at_12.13.13.png) See merge request !5293
| * | | | | | | | Fix bad merge conflict resolution.Fatih Acet2016-10-051-2/+0
| | | | | | | | |
| * | | | | | | | Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ce into ↵Fatih Acet2016-10-059-67/+66
| |\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | revert-c676283b-existing