Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Update VERSION to 11.8.7v11.8.7 | GitLab Release Tools Bot | 2019-04-09 | 1 | -1/+1 |
| | |||||
* | Update CHANGELOG.md for 11.8.7 | GitLab Release Tools Bot | 2019-04-09 | 1 | -0/+4 |
| | | | [ci skip] | ||||
* | Remove errant EE changelog entry | Robert Speicher | 2019-04-05 | 1 | -5/+0 |
| | | | | See https://gitlab.com/gitlab-org/gitlab-ce/issues/60061 | ||||
* | Update VERSION to 11.8.6v11.8.6 | GitLab Release Tools Bot | 2019-03-28 | 1 | -1/+1 |
| | |||||
* | Update CHANGELOG.md for 11.8.6 | GitLab Release Tools Bot | 2019-03-28 | 8 | -35/+13 |
| | | | [ci skip] | ||||
* | Revert "Update CHANGELOG.md for 11.8.5" | Robert Speicher | 2019-03-28 | 8 | -10/+36 |
| | | | | This reverts commit 7128e69c5c5beaa7a2c361cc6d5b35d73daa8dc7. | ||||
* | Merge branch 'security-exif-fix-orientation-11-8' into '11-8-stable' | GitLab Release Tools Bot | 2019-03-28 | 2 | -1/+2 |
|\ | | | | | | | | | Preserve Orientation when removing EXIF See merge request gitlab/gitlabhq!3047 | ||||
| * | Preserve Orientation when removing EXIF | Jan Provaznik | 2019-03-28 | 2 | -1/+2 |
|/ | |||||
* | Update VERSION to 11.8.5v11.8.5 | GitLab Release Tools Bot | 2019-03-27 | 1 | -1/+1 |
| | |||||
* | Update CHANGELOG.md for 11.8.5 | GitLab Release Tools Bot | 2019-03-27 | 8 | -35/+13 |
| | | | [ci skip] | ||||
* | Revert "Update CHANGELOG.md for 11.8.4" | Robert Speicher | 2019-03-27 | 8 | -10/+36 |
| | | | | This reverts commit a8ff8ca405e16fb11c6334097cbb44fa64235311. | ||||
* | Merge branch '11-8-stable' of dev.gitlab.org:gitlab/gitlabhq into 11-8-stable | Robert Speicher | 2019-03-27 | 54 | -32322/+51778 |
|\ | |||||
| * | Update VERSION to 11.8.4v11.8.4 | GitLab Release Tools Bot | 2019-03-26 | 1 | -1/+1 |
| | | |||||
| * | Update CHANGELOG.md for 11.8.4 | GitLab Release Tools Bot | 2019-03-26 | 8 | -35/+13 |
| | | | | | | [ci skip] | ||||
| * | Merge branch 'security-55503-fix-pdf-js-11-8' into '11-8-stable' | Yorick Peterse | 2019-03-26 | 8 | -32169/+50870 |
| |\ | | | | | | | | | | | | | Fix PDF.js vulnerability See merge request gitlab/gitlabhq!3025 | ||||
| | * | Updated PDF.js to 2.0.943 | Natalia Tepluhina | 2019-03-20 | 8 | -32169/+50870 |
| | | | | | | | | | | | | | | | | | | | | | | | | fix: changed PDFJS prop to GlobalWorkerOptions Fixed pdf tests Added changelog entry | ||||
| * | | Merge branch 'security-mass-assignment-on-project-update-11-8' into ↵ | GitLab Release Tools Bot | 2019-03-26 | 3 | -5/+30 |
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | '11-8-stable' Disallow changing namespace of a project in update method See merge request gitlab/gitlabhq!3032 | ||||
| | * | | Refactor specs according to the code review | Małgorzata Ksionek | 2019-03-26 | 1 | -1/+1 |
| | | | | |||||
| | * | | Add cr remarks | Małgorzata Ksionek | 2019-03-25 | 3 | -5/+5 |
| | | | | |||||
| | * | | Disallow changing namespace of a project in update method | Małgorzata Ksionek | 2019-03-21 | 3 | -5/+30 |
| | | | | |||||
| * | | | Merge branch 'security-exif-migration-11-8' into '11-8-stable' | GitLab Release Tools Bot | 2019-03-26 | 7 | -1/+364 |
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | Rake task for removing exif from uploads See merge request gitlab/gitlabhq!3011 | ||||
| | * | | | Rake task for removing exif from uploads | Jan Provaznik | 2019-03-25 | 7 | -1/+364 |
| | | | | | | | | | | | | | | | | | | | | | | | | | Adds a rake task which can be used for removing EXIF data from existing uploads. | ||||
| * | | | | Merge branch 'security-use-untrusted-regexp-11-8' into '11-8-stable' | GitLab Release Tools Bot | 2019-03-26 | 15 | -96/+198 |
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | Use UntrustedRegexp for CI refs matching See merge request gitlab/gitlabhq!3007 | ||||
| | * | | | | Make CI refs matching to to use UntrustedRegexp | Kamil Trzciński | 2019-03-15 | 15 | -96/+198 |
| | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | This makes ref validation to use always `UntrustedRegexp`. This also splits the existing RubySyntax into separate class. | ||||
| * | | | | Merge branch 'security-milestone-labels-11-8' into '11-8-stable' | GitLab Release Tools Bot | 2019-03-26 | 5 | -8/+167 |
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | Check label_ids parent when updating issue board See merge request gitlab/gitlabhq!3036 | ||||
| | * | | | | Check if labels are available for target issuable | Jarka Košanová | 2019-03-25 | 5 | -8/+167 |
| | | |/ / | | |/| | | | | | | | | | | | | | | | | | - labels have to be in the same project/group as an issuable | ||||
| * | | | | Merge branch 'security-2819-xss-resolve-conflicts-branch-name-11-8' into ↵ | GitLab Release Tools Bot | 2019-03-26 | 3 | -1/+21 |
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | '11-8-stable' Fix XSS in resolve conflicts form See merge request gitlab/gitlabhq!2987 | ||||
| | * | | | | Fix XSS in resolve conflicts form | Paul Slaughter | 2019-03-14 | 3 | -1/+21 |
| | | |/ / | | |/| | | | | | | | | | | | | | | | | | | | | | | The issue arose when the branch name contained Vue template JavaScript. The fix is to use `v-pre` which disables Vue compilation in a template. | ||||
| * | | | | Merge branch 'security-56224-11-8' into '11-8-stable' | GitLab Release Tools Bot | 2019-03-26 | 5 | -4/+47 |
| |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | Fix related branches visible in issues for guests See merge request gitlab/gitlabhq!3019 | ||||
| | * | | | | Hide related branches when user does not have permission | Mark Chao | 2019-03-20 | 5 | -4/+47 |
| | | |_|/ | | |/| | | | | | | | | | | | | Guest user of a project should not see branches | ||||
| * | | | | Merge branch 'security-disallow-guests-to-access-releases-11-8' into ↵ | GitLab Release Tools Bot | 2019-03-26 | 4 | -3/+46 |
| |\ \ \ \ | | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | '11-8-stable' Disallow guest users from accessing Releases See merge request gitlab/gitlabhq!3043 | ||||
| | * | | | Disallow guest users from accessing Releases | Shinya Maeda | 2019-03-26 | 4 | -3/+46 |
| |/ / / | | | | | | | | | | | | | As they do not have a permission to read git tag | ||||
| * | | | Merge remote-tracking branch 'dev/11-8-stable' into 11-8-stable | Alex Hanselka | 2019-03-20 | 4 | -2/+40 |
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | * dev/11-8-stable: Update VERSION to 11.8.3 Update CHANGELOG.md for 11.8.3 Only return `commands_changes` used in frontend | ||||
| | * | | Update VERSION to 11.8.3v11.8.3 | GitLab Release Tools Bot | 2019-03-19 | 1 | -1/+1 |
| | | | | |||||
| | * | | Update CHANGELOG.md for 11.8.3 | GitLab Release Tools Bot | 2019-03-19 | 2 | -5/+7 |
| | | | | | | | | | | | | [ci skip] | ||||
| | * | | Merge branch 'security-11-8-2826-fix-project-serialization-in-quick-actions' ↵ | Yorick Peterse | 2019-03-19 | 3 | -1/+37 |
| | |\ \ | | | |/ | | |/| | | | | | | | | | | | | | | | | | into '11-8-stable' Fix project serialization in quick actions response See merge request gitlab/gitlabhq!3016 | ||||
| | | * | Only return `commands_changes` used in frontend | Heinrich Lee Yu | 2019-03-18 | 3 | -1/+37 |
| | |/ | | | | | | | | | | | | | When executing quick actions, this limits the `commands_changes` response to only those used by the frontend | ||||
| * | | Merge branch 'update-upgrading-from-source-document-11-8' into '11-8-stable' | Achilleas Pipinellis | 2019-03-18 | 1 | -2/+2 |
| |\ \ | | |/ | |/| | | | | | | | Update documentation to note Ruby 2.5 requirement See merge request gitlab-org/gitlab-ce!26187 | ||||
| | * | Update documentation to note Ruby 2.5 requirement | Jason Plum | 2019-03-14 | 1 | -2/+2 |
| |/ | | | | | | | Update the documented version requirement of Ruby inside of Upgrading from Source to show GitLab 11.6+ needs Ruby 2.5 | ||||
| * | Update VERSION to 11.8.2v11.8.2 | GitLab Release Tools Bot | 2019-03-13 | 1 | -1/+1 |
| | | |||||
| * | Update CHANGELOG.md for 11.8.2 | GitLab Release Tools Bot | 2019-03-13 | 7 | -31/+15 |
|/ | | | [ci skip] | ||||
* | Merge branch 'modify_group_policy' into 'master' | Rémy Coutable | 2019-03-13 | 3 | -5/+12 |
| | | | | | Update group policy to reflect all the requirements See merge request gitlab-org/gitlab-ce!25854 | ||||
* | Merge dev 11-8-stable into .com 11-8-stable | Yorick Peterse | 2019-03-12 | 0 | -0/+0 |
|\ | |||||
| * | Merge branch 'security-shared-project-private-group-11-8' into '11-8-stable' | Yorick Peterse | 2019-03-04 | 4 | -11/+67 |
| |\ | | | | | | | | | | | | | Sharing a public project with a private group makes the group page publicly accessible See merge request gitlab/gitlabhq!2986 | ||||
| | * | Secure vulerability and add specs | Małgorzata Ksionek | 2019-02-28 | 4 | -11/+67 |
| |/ | |||||
* | | Secure vulerability and add specs | Małgorzata Ksionek | 2019-03-12 | 4 | -7/+67 |
| | | |||||
* | | Merge branch '11-8-stable-patch-2' into '11-8-stable' | Yorick Peterse | 2019-03-12 | 23 | -30/+147 |
|\ \ | |/ |/| | | | | | Prepare 11.8.2 release See merge request gitlab-org/gitlab-ce!25963 | ||||
| * | Merge branch 'rs-fix-time-based-broken-master' into 'master' | Fatih Acet | 2019-03-12 | 1 | -0/+6 |
| | | | | | | | | | | | | | | | | | | Freeze date in merge request status view spec See merge request gitlab-org/gitlab-ce!25671 (cherry picked from commit c994484d17d6a6da929f6a52f1b64dc15c38835c) a05aba61 Freeze date in merge request status view spec | ||||
| * | Merge branch 'qa-quarantine-failing-push-mirror-repo-spec' into 'master' | Ramya Authappan | 2019-03-11 | 1 | -1/+2 |
| | | | | | | | | | | | | | | | | | | Quarantine failing push_mirroring_over_http_spec See merge request gitlab-org/gitlab-ce!25590 (cherry picked from commit 68b1ed92c18d5f975dd65c09d72ca3441eb0bc56) 141c5e4e Quarantine failing spec | ||||
| * | Merge branch 'jc-fix-set-project-writable' into 'master' | Douglas Barbosa Alexandre | 2019-03-11 | 3 | -1/+16 |
| | | | | | | | | | | | | | | | | | | Fix method to mark a project repository as writable See merge request gitlab-org/gitlab-ce!25546 (cherry picked from commit a8a02387a7ea5c5a4a6f733a043adf2b1f907e3c) df044542 Fix project set_repository_writable! |