| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| | |
'19745-forms-with-task-lists-can-be-overwritten-when-editing-simultaneously' into 'master'
Forms with task lists can be overwritten when editing simultaneously
See merge request gitlab-org/gitlab-ce!23938
|
| |
| |
| |
| | |
v2.1.0 was published wrongly by the package author.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
In commit 6fa5fd8515e0f2d5a6341134560021f353d84362 the `require: false`
was removed to ensure the Gem was loaded at run time. Unfortunately, the
`require` necessary for the rubyzip Gem is "zip" and not "rubyzip". As a
result, Bundler would not require the Gem. This meant that we would
still run into constant errors when referring to `Zip::File`.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
pages:deploy step was failing with the following error:
```
unitialized constant SafeZip::Extract::Zip
```
Since license_finder already pulls in rubyzip, we can make it
a required gem. We also use the scope operator to make the reference to
Zip::File explicit.
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
RubyZip allows us to perform strong validation of
expanded paths where we do extract file.
We introduce the following additional checks
to extract routines:
1. None of path components can be symlinked,
2. We drop privileges support for directories,
3. Symlink source needs to point within the target directory,
like `public/`,
4. The symlink source needs to exist ahead of time.
|
|
|
|
|
|
|
|
|
|
|
|
| |
http_max_redirects was introduced in 4.2.2, so upgrade kubeclient.
The monkey-patch was global so we will have to check that all instances
of Kubeclient::Client are handled.
Spec all methods of KubeClient
This should provide better confidence that we are indeed disallowing
redirection in all cases
|
|\
| |
| |
| |
| |
| |
| | |
Markdown footnotes not working
Closes #26375
See merge request gitlab-org/gitlab-ce!24168
|
| | |
|
| |
| |
| |
| | |
and truncato to 0.7.11
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change will instantiate an OpenTracing tracer and configure it
as the global tracer when the GITLAB_TRACING environment variable is
configured. GITLAB_TRACING takes a "connection string"-like value,
encapsulating the driver (eg jaeger, etc) and options for the driver.
Since each service, whether it's written in Ruby or Golang, uses the
same connection-string, it should be very easy to configure all
services in a cluster, or even a single development machine to be
setup to use tracing.
Note that this change does not include instrumentation or propagation
changes as this is a way of breaking a previous larger change into
components. The instrumentation and propagation changes will follow
in separate changes.
|
| | |
|
|/ |
|
|\
| |
| |
| |
| | |
Update pg 0.18.4 -> 1.0
See merge request gitlab-org/gitlab-ce!17829
|
| | |
|
|\ \
| | |
| | |
| | |
| | | |
Bump minitest to 5.11.3 to match Gitaly version
See merge request gitlab-org/gitlab-ce!24070
|
| |/
| |
| |
| | |
This prevents us from shipping duplicate versions of this gem.
|
| |
| |
| |
| |
| |
| |
| | |
This will allow developers to run `bundle install` on both directories
and avoid additional calls to RubyGems for local development. Also sets
up the possibility of improved caching as mentioned in
https://gitlab.com/gitlab-org/gitlab-ce/issues/55843.
|
|\ \
| | |
| | |
| | |
| | | |
Bump Ruby on Rails to 5.0.7.1
See merge request gitlab-org/gitlab-ce!23396
|
| | |
| | |
| | |
| | | |
Fix the CVE-2018-16476 vulnerability.
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Upgrade Omniauth and JWT gems to switch away from Google+ API
Closes #55668
See merge request gitlab-org/gitlab-ce!24068
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* omniauth-google-oauth2: Google will be deprecating its support for the
Google+ API, which currently omniauth-google-oauth2 uses to retrieve
user info. The bump in omniauth-google-oauth2 requires an upgrade to
ruby-jwt v2+ to support the verification of multiple issue providers
(https://github.com/zquestz/omniauth-google-oauth2/pull/345).
* jwt: This has the most number of changes that need to be
reviewed: https://github.com/jwt/ruby-jwt/blob/master/CHANGELOG.md
* oauth2: Needed to support ruby-jwt v2+:
https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md
* omniauth-azure-oauth2 needs a version bump to support ruby-jwt v2+.
* omniauth: This version bump only involves backstage improvements:
https://github.com/omniauth/omniauth/releases
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/55668
|
|\ \ \
| |/ /
|/| |
| | |
| | |
| | |
| | | |
Bump database_cleaner version
Closes #55539
See merge request gitlab-org/gitlab-ce!23985
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
should fix issue with:
undefined method `schema_migrations_table_name'
for ActiveRecord::Migrator:Class
https://gitlab.com/gitlab-org/gitlab-ee/-/jobs/135978879
|
|/ /
| |
| |
| |
| | |
Full list of changes:
https://github.com/carrierwaveuploader/carrierwave/blob/master/CHANGELOG.md
|
| |
| |
| |
| | |
Fixes: ActionView::Template::Error (undefined method `add_class' for #<Nokogiri::XML::Element:0x0055dbff5252e8>
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Leave object pools when destroying projects
Closes gitaly#1415
See merge request gitlab-org/gitlab-ce!23869
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This action doesn't lean on reduplication, so a short call can me made
to the Gitaly server to have the object pool remove its remote to the
project pending deletion.
https://gitlab.com/gitlab-org/gitaly/blob/f6cd55357/internal/git/objectpool/link.go#L58
When an object pool doesn't have members, this would invalidate the need
for a pool. So when a project leaves the pool, the pool will be
destroyed on the background.
Fixes: https://gitlab.com/gitlab-org/gitaly/issues/1415
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
Fix deprecation: alias_method_chain is deprecated. Please, use Module#prepend instead
See merge request gitlab-org/gitlab-ce!23887
|
| |/ /
| | |
| | |
| | | |
Module#prepend instead
|
|\ \ \
| |_|/
|/| |
| | |
| | |
| | |
| | | |
Fix object storage not working properly with Google S3 compatibility
Closes #53846
See merge request gitlab-org/gitlab-ce!23858
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Even in AWS S3 compatibility mode, Google now appears to reject requests
that includes this header with this error:
```
Requests cannot specify both x-amz and x-goog headers
```
This has been submitted upstream via
https://github.com/carrierwaveuploader/carrierwave/pull/2356.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/53846.
|
|/ |
|
| |
|
| |
|
|\
| |
| |
| |
| | |
Security update of gem rails to version 4.2.11
See merge request gitlab-org/gitlab-ce!23520
|
| | |
|
| | |
|
| | |
|
|/ |
|
| |
|
|
|
|
|
| |
work with `grape` version `1.2` installed.
Fix version of `grape` to 1.1.x.
|
|\
| |
| |
| |
| |
| |
| | |
Commits API: Preserve file content in move operations if unspecified
Closes #52974 et #51083
See merge request gitlab-org/gitlab-ce!23387
|
| | |
|
|/
|
|
|
|
|
| |
Rack with Unicorn is unable to handle chunked requests due to private `eof?` method.
This exposes `eof?` not changing `rack` behavior.
Issue: https://gitlab.com/gitlab-org/gitlab-ee/issues/8539
|
|\
| |
| |
| |
| | |
Upgrade kubeclient to 4.0.0
See merge request gitlab-org/gitlab-ce!23261
|
| |
| |
| |
| | |
Bumps kubeclient and its dependencies from 3.1.0 to 4.0.0.
|
|\ \
| |/
|/|
| |
| | |
Don't use rugged write-ref anymore
See merge request gitlab-org/gitlab-ce!23286
|