summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Update VERSION to 11.5.3v11.5.3GitLab Release Tools Bot2018-12-061-1/+1
|
* Update CHANGELOG.md for 11.5.3GitLab Release Tools Bot2018-12-062-5/+7
| | | [ci skip]
* Merge branch 'security-54857-fix-templates-path-traversal-11-5' into ↵Cindy Pallares2018-12-058-2/+90
| | | | | | | 'security-11-5' [11.5] Prevent a path traversal attack on global file templates See merge request gitlab/gitlabhq!2669
* Update VERSION to 11.5.2v11.5.2GitLab Release Tools Bot2018-12-031-1/+1
|
* Update CHANGELOG.md for 11.5.2GitLab Release Tools Bot2018-12-038-35/+16
| | | [ci skip]
* Merge branch '11-5-stable-patch-2' into '11-5-stable'Steve Azzopardi2018-12-03106-9167/+103472
|\ | | | | | | | | Prepare 11.5.2 release See merge request gitlab-org/gitlab-ce!23420
| * Update db/schema.rbSteve Azzopardi2018-12-031-1/+1
| |
| * Update db/schema.db with latest migrationSteve Azzopardi2018-12-031-1/+1
| |
| * Remove specification of rails version in migrationSteve Azzopardi2018-12-031-1/+1
| | | | | | | | | | In `11.5` we are still running on rails 4 so there is no need to specify which version on the migration to run on.
| * Remove `ee` directory for `ce` repoSteve Azzopardi2018-12-031-5/+0
| |
| * Merge branch '53778-post-deployment-fix' into 'master'Yorick Peterse2018-11-301-0/+0
| | | | | | | | | | Move drop_site_statistics to be a post deployment migration See merge request gitlab-org/gitlab-ce!23455
| * Merge branch '53778-remove-site-statistics' into 'master'Sean McGivern2018-11-3010-224/+27
| | | | | | | | | | | | | | | | Remove Site Statistic Closes #53778 See merge request gitlab-org/gitlab-ce!23314
| * Fixed GitLab UI importPhil Hughes2018-11-302-2/+5
| | | | | | | | Fixed failing eslint
| * Merge branch 'dm-batch-loader-sidekiq' into 'master'Stan Hu2018-11-303-0/+19
| | | | | | | | | | | | | | Clear BatchLoader context between Sidekiq jobs Closes #53079 See merge request gitlab-org/gitlab-ce!23308
| * Merge branch '_acet-fix-unable-to-reply-resolved-nondiff-discussion' into ↵Phil Hughes2018-11-303-6/+56
| | | | | | | | | | | | | | | | | | | | 'master' Allow commenting to resolved non-diff discussions Closes #54330 See merge request gitlab-org/gitlab-ce!23279
| * Merge branch 'bvl-port-of-ee-translations' into 'master'Douwe Maan2018-11-3037-8839/+102987
| | | | | | | | | | | | Port of EE-translations to CE See merge request gitlab-org/gitlab-ce!23247
| * Merge branch '54282-tooltip-stuck' into 'master'Phil Hughes2018-11-302-4/+9
| | | | | | | | | | | | | | | | Fixes stuck tooltip on stop env button Closes #53571 and #54282 See merge request gitlab-org/gitlab-ce!23244
| * Merge branch 'move-assets-compile-sooner' into 'master'Marin Jankovski2018-11-301-1/+2
| | | | | | | | | | | | | | | | Move cloud-native-image to the post-test stage Closes charts/gitlab#897 See merge request gitlab-org/gitlab-ce!22942
| * Merge branch 'sh-fix-hash-filename-handling' into 'master'Douglas Barbosa Alexandre2018-11-303-2/+35
| | | | | | | | | | | | | | | | | | | | | | Fix handling of filenames with hash characters in tree view Closes #54473 See merge request gitlab-org/gitlab-ce!23368 (cherry picked from commit 5d82035f623fd910c010c30b97112c46218430d4) e8da70e6 Fix handling of filenames with hash characters in tree view
| * Merge branch 'docs/andr3-update-issue-board-screenshot' into 'master'Kushal Pandya2018-11-304-0/+0
| | | | | | | | | | | | | | | | | | [Docs] Update issue boards images for recent cards redesign See merge request gitlab-org/gitlab-ce!23321 (cherry picked from commit ea8f0f3bcc02e26f6dbb7f40b3575bbaac852328) 04d03cd5 [Docs] Update issue boards imgs for new redesign
| * Merge branch '53763-fix-encrypt-columns-data-loss' into 'master'Stan Hu2018-11-305-2/+96
| | | | | | | | | | | | | | | | | | | | | | Correctly handle data-loss scenarios when encrypting columns Closes #53763 See merge request gitlab-org/gitlab-ce!23306 (cherry picked from commit 1524a19302cea096ddf2c008abe1307527ae6938) 6ddefe7c Correctly handle data-loss scenarios when encrypting columns
| * Merge branch ↵Rémy Coutable2018-11-301-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | '54293-fetch-assets-job-times-out-so-package-and-qa-jobs-can-t-complete' into 'master' Resolve "`fetch-assets` job times out so `package-and-qa` jobs can't complete" Closes #54293 See merge request gitlab-org/gitlab-ce!23267 (cherry picked from commit 85cc480fa8bcd61f477911e3b0aeeb9f153b301c) b57c1fa7 Pass GITLAB_REF_SLUG to the Omnibus triggers
| * Merge branch 'issue_53908' into 'master'Marcia Ramos2018-11-302-0/+20
| | | | | | | | | | | | | | | | | | | | | | Add documentation for notes filters Closes #53908 See merge request gitlab-org/gitlab-ce!23196 (cherry picked from commit 1c35c6a5ad4b38b0fcbeb81740419a1586ca4af4) 485c4c55 Add documentation for notes filters
| * Merge branch 'image-diff-size-fix' into 'master'Filipa Lacerda2018-11-304-35/+12
| | | | | | | | | | | | | | | | | | | | | | Fixed the dimensions of image diffs Closes #54236 See merge request gitlab-org/gitlab-ce!23195 (cherry picked from commit 117fb4487361aa86f6c1bf8e52e30d5e8e2c6630) db56c32c Fixed the dimensions of image diffs
| * Merge branch 'docs/pages-access-control' into 'master'Evan Read2018-11-305-11/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add user docs for Pages access control Closes #54143 See merge request gitlab-org/gitlab-ce!23145 (cherry picked from commit 103267f7606170338345ccd00f452b3a779c7c74) d5d5f90c Add user docs for Pages access control 44b2dc73 Change project permissions img to include Pages access control 9ec9c563 Remove unneeded auth info on admin pages access control 4ce0ef0e Merge branch 'master' into docs/pages-access-control 9cbbc53f Make Pages visibility list clearer
| * Merge branch 'fix-not-render-emoji' into 'master'Mike Greiling2018-11-303-5/+13
| | | | | | | | | | | | | | | | | | | | Fix not render emoji in filter dropdown See merge request gitlab-org/gitlab-ce!23112 (cherry picked from commit 8dd89f03061aa646bcda5055fa96376fb9e30759) 428b220a Fix not render emoji in filter dropdown 59e5bad1 Fix spec to catch not rendering emoji
| * Merge branch 'docs/post-merge-pipelines' into 'master'Marcia Ramos2018-11-302-0/+28
| | | | | | | | | | | | | | | | | | | | | | Add docs on post-merge pipelines Closes #53527 See merge request gitlab-org/gitlab-ce!23054 (cherry picked from commit 7b61774acbcf7fce7fcac8df3911d10ca184b63a) b6438aa8 Add docs on post-merge pipelines
| * Merge branch 'docs/direct-link-review-apps' into 'master'Marcia Ramos2018-11-303-8/+26
| | | | | | | | | | | | | | | | | | | | | | Add docs for linking in changed pages from MR widget Closes #53420 See merge request gitlab-org/gitlab-ce!22990 (cherry picked from commit aa8ae12fada540d03dc3a6e779291a42e1dd3de2) 2f2c45bd Add docs for linking in changed pages from MR widget
| * Merge branch 'if-53347_fix_impersonation_tokens' into 'master'Stan Hu2018-11-3014-26/+54
| | | | | | | | | | | | | | | | | | Display impersonation token value only after creation See merge request gitlab-org/gitlab-ce!22916 (cherry picked from commit 1d16530501b18528b1955251aa33a26b81f53161) f3cd24a9 Display impersonation token value only after creation
| * Merge branch 'qa-staging-15-use-existing-users-ce' into 'master'Mark Lapierre2018-11-303-1/+28
|/ | | | | | | | | | CE port of "qa-staging-15-use-existing-users-ee" See merge request gitlab-org/gitlab-ce!22864 (cherry picked from commit 9dd2eae3bb069b96f8db153952ee02226e37fe73) 18e6b824 code for ce port ef35fc47 Implement review feedback from ee
* Update VERSION to 11.5.1v11.5.1GitLab Release Tools Bot2018-11-261-1/+1
|
* Update CHANGELOG.md for 11.5.1GitLab Release Tools Bot2018-11-2618-87/+23
| | | [ci skip]
* Merge branch 'security-11-5-fj-crlf-injection' into 'security-11-5'Steve Azzopardi2018-11-265-54/+128
|\ | | | | | | | | [11.5] Fix CRLF issue in UrlValidator See merge request gitlab/gitlabhq!2652
| * [11.5] Fix CRLF issue in UrlValidatorFrancisco Javier López2018-11-265-54/+128
|/
* Merge branch 'security-fix-uri-xss-applications-11-5' into 'security-11-5'Steve Azzopardi2018-11-267-2/+121
|\ | | | | | | | | [11.5] Resolve "Reflected XSS in OAuth Authorize window due to redirect_uri allowing arbitrary protocols" See merge request gitlab/gitlabhq!2658
| * Resolve reflected XSS in Ouath authorize windowJames Lopez2018-11-267-2/+121
| |
* | Merge branch 'security-11-5-fix-webhook-ssrf-ipv6' into 'security-11-5'Steve Azzopardi2018-11-263-13/+112
|\ \ | | | | | | | | | | | | [11.5] Fix SSRF in project integrations See merge request gitlab/gitlabhq!2611
| * | Fix SSRF in project integrationsFrancisco Javier López2018-11-123-13/+112
| | | | | | | | | | | | | | | | | | This commit fixes a SSRF vulnerability related to project hooks and ipv6 addresses. It also addresses a problem with ipv6 mapped addresses.
* | | Merge branch 'security-email-change-notification-11-5' into 'security-11-5'Steve Azzopardi2018-11-265-0/+32
|\ \ \ | | | | | | | | | | | | | | | | [11.5] Resolve: "Provide email notification when a user changes their email address" See merge request gitlab/gitlabhq!2602
| * | | Provide email notification on email updatesJames Lopez2018-11-125-0/+32
| |/ /
* | | Merge branch 'security-guest-comments-11-5' into 'security-11-5'Steve Azzopardi2018-11-2613-34/+187
|\ \ \ | |_|/ |/| | | | | | | | [11.5] Fixed ability to comment on and edit/delete comments on locked or confidential issues See merge request gitlab/gitlabhq!2646
| * | [11.5] Fixed ability to comment on and edit/delete comments on locked or ↵Chantal Rollison2018-11-2613-34/+187
|/ / | | | | | | confidential issues
* | Merge branch 'security-11-5-pages-toctou-race' into 'security-11-5'Steve Azzopardi2018-11-262-1/+7
|\ \ | | | | | | | | | | | | [11.5] [pages] Possible symlink time of check to time of use race condition See merge request gitlab/gitlabhq!2649
| * | Upgrade GitLab Pages to v1.3.1Alessio Caiazza2018-11-212-1/+7
| | |
* | | Merge branch 'security-fix-pat-web-access-11-5' into 'security-11-5'Steve Azzopardi2018-11-2628-281/+538
|\ \ \ | | | | | | | | | | | | | | | | [11.5] Resolve "Personal access token with only `read_user` scope can be used to authenticate any web request" See merge request gitlab/gitlabhq!2655
| * | | Update code to use API scope on PAT authJames Lopez2018-11-2328-281/+538
|/ / /
* | | Merge branch ↵Steve Azzopardi2018-11-235-2/+25
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | 'security-11-5-xss-in-markdown-following-unrecognized-html-element' into 'security-11-5' [11.5] XSS in markdown following unrecognized HTML element See merge request gitlab/gitlabhq!2631
| * | | Sanitize output of SpacedLinkFilterBrett Walker2018-11-165-2/+25
| | | |
* | | | Merge branch 'security-mermaid-xss-11-5' into 'security-11-5'Steve Azzopardi2018-11-234-1/+21
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | [11.5] Fix XSS in mermaid diagrams See merge request gitlab/gitlabhq!2641
| * | | | Configure mermaid to not render HTML content in diagramsWinnie Hellmann2018-11-192-0/+8
| | | | | | | | | | | | | | | | | | | | (cherry picked from commit f2e9f22f7d3d84abeea5ba2918ee5ffcc55f2dad)
View Lorry Controller Status