delta/gitlab/gitlab-ce.git - gitlab.com: gitlab-org/gitlab-ce.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Merge branch 'security-33689-post-filter-search-results-ce-12-3' into ↵	GitLab Release Tools Bot	2019-10-24	9	-9/+44
\|\ \| \| \| \| \| \| \| \| \| \| \| \|	'12-3-stable' Filter out search results based on permissions to avoid bugs leaking data See merge request gitlab/gitlabhq!3495
\| *	Add #to_ability_name to Project & Milestone	Dylan Griffith	2019-10-23	4	-0/+24
\| \| \| \| \| \| \| \|	This will be used later for search filtering.
\| *	Change Note#to_ability_name to 'note'	Dylan Griffith	2019-10-23	5	-9/+20
\|/ \| \| \| \| \|	This is to be more consistent as there is already a :read_note policy in NotePolicy. To keep other behaviour the same we've introduced a Note#noteable_ability_name that is used anywhere this was expected.
*	Merge remote-tracking branch 'dev/12-3-stable' into 12-3-stable	GitLab Release Tools Bot	2019-10-07	2	-1/+5
\|\
\| *	Update VERSION to 12.3.5v12.3.5	GitLab Release Tools Bot	2019-10-07	1	-1/+1
\| \|
\| *	Update CHANGELOG.md for 12.3.5	GitLab Release Tools Bot	2019-10-07	1	-0/+4
\|/ \| \|	[ci skip]
*	Merge branch '33216-quarantine-ECDSA' into 'master'	Rémy Coutable	2019-10-02	2	-2/+2
\| \| \| \| \|	Quarantine some ECDSA related tests due to bumping openssl See merge request gitlab-org/gitlab!18016
*	Update VERSION to 12.3.4v12.3.4	GitLab Release Tools Bot	2019-10-02	1	-1/+1
\|
*	Update CHANGELOG.md for 12.3.4	GitLab Release Tools Bot	2019-10-02	1	-0/+4
\| \| \|	[ci skip]
*	Merge remote-tracking branch 'dev/12-3-stable' into 12-3-stable	GitLab Release Tools Bot	2019-10-02	8	-3/+213
\|\
\| *	Update VERSION to 12.3.3v12.3.3	GitLab Release Tools Bot	2019-10-01	1	-1/+1
\| \|
\| *	Update CHANGELOG.md for 12.3.3	GitLab Release Tools Bot	2019-10-01	2	-5/+7
\| \| \| \| \| \|	[ci skip]
\| *	Merge branch 'security-29491-12-3-ce' into '12-3-stable'	Marin Jankovski	2019-10-01	7	-2/+210
\| \|\ \|/ / \| \| \| \| \| \|	Fix private feature Elasticsearch leak See merge request gitlab/gitlabhq!3450
\| *	EE port: Fix private feature Elasticsearch leak	Mark Chao	2019-10-01	7	-2/+210
\|/ \| \| \| \| \|	Add spec to test different combinations. Accept string for required_minimum_access_level Allow more flexible project membership query
*	Merge branch 'fix_expired_gpg_key_specs' into 'master'	Stan Hu	2019-09-30	2	-151/+270
\| \| \| \| \| \| \|	Fix broken specs : Generate new GPG key in place of expired one Closes #32956 See merge request gitlab-org/gitlab!17853
*	Update VERSION to 12.3.2v12.3.2	GitLab Release Tools Bot	2019-09-26	1	-1/+1
\|
*	Update CHANGELOG.md for 12.3.2	GitLab Release Tools Bot	2019-09-26	11	-53/+16
\| \| \|	[ci skip]
*	Merge branch 'security-gitaly-1-65-1' into '12-3-stable'	GitLab Release Tools Bot	2019-09-26	2	-1/+6
\|\ \| \| \| \| \| \| \| \|	Fix Gitaly SearchBlobs flag RPC injection [Gitaly v1.65.1] See merge request gitlab/gitlabhq!3433
\| *	Fix Gitaly SearchBlobs flag RPC injection	Paul Okstad	2019-09-23	2	-1/+6
\| \|
* \|	Merge branch 'security-bypass-email-verification-using-salesforce' into ↵	GitLab Release Tools Bot	2019-09-26	6	-26/+80
\|\ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	'12-3-stable' Prevent Bypassing Email Verification using Salesforce See merge request gitlab/gitlabhq!3395
\| * \|	Reduce change in locale file	Małgorzata Ksionek	2019-09-25	1	-1/+4884
\| \| \|
\| * \|	Add checking for email_verified key	Małgorzata Ksionek	2019-09-23	6	-4908/+79
\| \|/ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Fix rubocop offences and add changelog Add email_verified key for feature specs Add code review remarks Add code review remarks Fix specs
* \|	Merge branch 'security-sarcila-verify-saml-request-origin-12-3' into ↵	GitLab Release Tools Bot	2019-09-26	12	-40/+303
\|\ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	'12-3-stable' Check that SAML identity linking validates the origin of the request See merge request gitlab/gitlabhq!3396
\| * \|	Validate that SAML requests are originated from gitlab	Sebastian Arcila Valenzuela	2019-09-20	12	-40/+303
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	If the request wasn't initiated by gitlab we shouldn't add the new identity to the user, and instead show that we weren't able to link the identity to the user. This should fix: https://gitlab.com/gitlab-org/gitlab-ce/issues/56509
* \| \|	Merge branch 'security-mermaid-block' into '12-3-stable'	GitLab Release Tools Bot	2019-09-26	3	-1/+48
\|\ \ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Only render fixed number of mermaid blocks See merge request gitlab/gitlabhq!3411
\| * \| \|	Only render fixed number of mermaid blocks	Rajat Jain	2019-09-13	3	-1/+48
\| \| \| \|
* \| \| \|	Merge branch ↵	GitLab Release Tools Bot	2019-09-26	3	-1/+47
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	'security-12717-fix-confidential-issue-assignee-visible-to-guests-12-3' into '12-3-stable' Display only participants that user has permission to see See merge request gitlab/gitlabhq!3421
\| * \| \| \|	Display only participants that user has permission to see	Alexandru Croitor	2019-09-23	3	-1/+47
\| \| \|_\|/ \| \|/\| \|
* \| \| \|	Merge branch 'security-64938-dont-disclose-path-12-3-ce' into '12-3-stable'	GitLab Release Tools Bot	2019-09-26	3	-1/+40
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Redirect user to root path after unsubscribing from private resource See merge request gitlab/gitlabhq!3423
\| * \| \| \|	Redirect user to root path after unsubscribing from private resource	Alexandru Croitor	2019-09-23	3	-1/+40
\| \|/ / / \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	If user unsubsrcribes from a resource that they no longer have access to they should not be revealed the resource path, but be redirected to app root instead. https://gitlab.com/gitlab-org/gitlab-ce/issues/64938
* \| \| \|	Merge branch ↵	GitLab Release Tools Bot	2019-09-26	4	-6/+115
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	'security-12718-project-milestones-disclosed-via-groups-12-3-ce' into '12-3-stable' Hide disabled project milestones in project settings on group level See merge request gitlab/gitlabhq!3424
\| * \| \| \|	Hide disabled project milestones in project settings on group level	Alexandru Croitor	2019-09-23	4	-6/+115
\| \|/ / /
* \| \| \|	Merge branch ↵	GitLab Release Tools Bot	2019-09-26	5	-0/+178
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	'security-12630-private-system-note-disclosed-in-graphql-12-3-ce' into '12-3-stable' Add policy check if cross reference system notes are accessible See merge request gitlab/gitlabhq!3426
\| * \| \| \|	Add policy check if cross reference system notes are accessible	Alexandru Croitor	2019-09-23	5	-0/+178
\| \|/ / /
* \| \| \|	Merge branch 'security-fp-stop-jobs-when-blocking-user-12-3' into '12-3-stable'	GitLab Release Tools Bot	2019-09-26	5	-1/+68
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Cancel all running CI jobs when user is blocked See merge request gitlab/gitlabhq!3436
\| * \| \| \|	Cancel all running CI jobs when user is blocked	Fabio Pitino	2019-09-24	5	-1/+68
\| \|/ / / \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This prevents a MITM attack where attacker could still access Git repository if any jobs were running long enough.
* \| \| \|	Merge branch 'security-cross-reference-fix-ce-12-3' into '12-3-stable'	GitLab Release Tools Bot	2019-09-26	9	-33/+283
\|\ \ \ \ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Filter not accessible label events See merge request gitlab/gitlabhq!3440
\| * \| \| \|	Filter not accessible label events	Jan Provaznik	2019-09-24	9	-33/+283
\|/ / / / \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Label events may use cross-project or cross-group references, if the projects are not accessible by user, we don't show these label events.
* \| \| \|	Update VERSION to 12.3.1v12.3.1	GitLab Release Tools Bot	2019-09-24	1	-1/+1
\| \| \| \|
* \| \| \|	Update CHANGELOG.md for 12.3.1	GitLab Release Tools Bot	2019-09-24	5	-20/+10
\| \| \| \| \| \| \| \| \| \| \| \|	[ci skip]
* \| \| \|	Add latest changes from gitlab-org/gitlab@12-3-stable-ee	GitLab Bot	2019-09-24	18	-73/+285
\|/ / /
* \| \|	Update VERSION to 12.3.0v12.3.0 12-3-stable-patch-1	GitLab Release Tools Bot	2019-09-20	1	-1/+1
\| \| \|
* \| \|	Update CHANGELOG.md for 12.3.0	GitLab Release Tools Bot	2019-09-20	246	-1230/+269
\| \|/ \|/\| \| \|	[ci skip]
* \|	Update VERSION to 12.3.0-rc42v12.3.0-rc42	GitLab Release Tools Bot	2019-09-20	1	-1/+1
\| \|
* \|	Add latest changes from gitlab-org/gitlab@12-3-stable	GitLab Bot	2019-09-20	395	-4726/+1795
\| \|
* \|	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2019-09-20	27	-286/+371
\| \|
* \|	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2019-09-20	13	-106/+174
\| \|
* \|	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2019-09-20	8	-16/+27
\| \|
* \|	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2019-09-20	8	-19/+70
\| \|
* \|	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2019-09-20	5	-8/+62
\| \|