delta/gitlab/gitlab-ce.git - gitlab.com: gitlab-org/gitlab-ce.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2023-04-06	1	-1/+1
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2023-03-31	1	-3/+15
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2023-03-16	1	-6/+0
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2023-03-13	1	-48/+1
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2023-01-25	1	-40/+1
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2023-01-10	1	-0/+5
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-12-01	1	-0/+6
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-11-28	1	-10/+3
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-11-24	1	-1/+1
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-11-22	1	-12/+0
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-11-10	1	-1/+2
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-10-28	1	-0/+5
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-10-21	1	-4/+13
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-10-20	1	-2/+21
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-10-18	1	-1/+5
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-10-17	1	-1/+1
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-10-13	1	-2/+13
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-08-01	1	-4/+4
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-07-22	1	-11/+4
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-07-19	1	-0/+9
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-07-15	1	-0/+30
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-06-16	1	-10/+7
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-06-10	1	-0/+25
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-06-07	1	-0/+10
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-03-08	1	-4/+11
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-02-16	1	-2/+3
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2022-01-11	1	-0/+5
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2021-12-14	1	-4/+28
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2021-09-10	1	-0/+2
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2021-07-28	1	-4/+9
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2021-05-31	1	-0/+2
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2021-05-21	1	-0/+9
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2021-05-20	1	-0/+5
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2021-05-14	1	-0/+5
\|
*	Add latest changes from gitlab-org/gitlab@master	GitLab Bot	2021-05-06	1	-2/+41
\|
*	Add latest changes from gitlab-org/gitlab@masterogolowinski-master-patch-27476	GitLab Bot	2019-12-16	1	-0/+4
\|
*	Add latest changes from gitlab-org/gitlab@masterlist	GitLab Bot	2019-10-17	1	-1/+1
\|
*	Refactor SystemHookUrlValidator and specs	George Koltsov	2019-08-02	1	-2/+2
\| \| \| \| \| \|	Simplify SystemHookUrlValidator to inherit from PublicUrlValidator Refactor specs to move out shared examples to be used in both system hooks and public url validators.
*	Add outbound requests setting for system hooks	George Koltsov	2019-08-02	1	-1/+1
\| \| \| \| \| \| \|	This MR adds new application setting to network section `allow_local_requests_from_system_hooks`. Prior to this change system hooks were allowed to do local network requests by default and we are adding an ability for admins to control it.
*	Inherit from ApplicationRecord instead of ActiveRecord::Base	Nick Thomas	2019-03-28	1	-1/+1
\|
*	Use a 32-byte version of db_key_base for web hooks	Nick Thomas	2018-12-05	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	AES-256-GCM cipher mode requires a key that is exactly 32 bytes long. We already handle the case when the key is too long, by truncating, but the key can also be too short in some installations. Switching to a key that is always exactly the right length (by virtue of right-padding ASCII 0 characters) allows encryption to proceed, without breaking backward compatibility. When the key is too short, encryption fails with an `ArgumentError`, causing the web hooks functionality to be unusable. As a result, zero rows can exist with values encrypted with the too-short key. When the key is too long, it is silently truncated. In this case, the key is unchanged, so values encrypted with the new too-long key will still be successfully decrypted.
*	Remove unencrypted webhook token and URL columns	Nick Thomas	2018-10-09	1	-34/+0
\|
*	Encrypt webhook tokens and URLs in the database	Nick Thomas	2018-10-01	1	-0/+44
\|
*	Disable existing offenses for the CodeReuse cops	Yorick Peterse	2018-09-11	1	-0/+4
\| \| \| \| \|	This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop.
*	Filter project hooks by branch	Duana Saskia	2018-08-13	1	-0/+1
\| \| \| \| \| \|	Allow specificying a branch filter for a project hook and only trigger a project hook if either the branch filter is blank or the branch matches. Only supported for push_events for now.
*	Enable more frozen string in app/models/*/.rb	gfyoung	2018-08-07	1	-0/+2
\| \| \| \|	Partially addresses #47424.
*	Add validation to webhook and service URLs to ensure they are not blocked ↵	Francisco Javier López	2018-06-01	1	-1/+8
\| \| \| \|	because of SSRF
*	Merge branch ↵	Robert Speicher	2018-01-16	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \|	'41293-fix-command-injection-vulnerability-on-system_hook_push-queue-through-web-hook' into 'security-10-3' Don't allow line breaks on HTTP headers See merge request gitlab/gitlabhq!2277 (cherry picked from commit 7fc0a6fc096768a5604d6dd24d7d952e53300c82) 073b8f9c Don't allow line breaks on HTTP headers
*	Wrong data type when testing webhooks	Alexander Randa	2017-07-20	1	-14/+0
\|
*	Added Cop to blacklist the use of `dependent:`	Yorick Peterse	2017-07-06	1	-1/+1
\| \| \| \| \| \| \| \|	This is allowed for existing instances so we don't end up 76 offenses right away, but for new code one should _only_ use this if they _have_ to remove non database data. Even then it's usually better to do this in a service class as this gives you more control over how to remove the data (e.g. in bulk).