Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix color validation regex | Heinrich Lee Yu | 2019-06-25 | 1 | -1/+1 |
| | | | | Also prevents ReDoS vulnerability | ||||
* | Align UrlValidator to validate_url gem implementation. | Thong Kuah | 2019-04-11 | 3 | -112/+123 |
| | | | | | | | Renamed UrlValidator to AddressableUrlValidator to avoid 'url:' naming collision with ActiveModel::Validations::UrlValidator in 'validates' statement. Make use of the options attribute of the parent class ActiveModel::EachValidator. Add more options: allow_nil, allow_blank, message. Renamed 'protocols' option to 'schemes' to match the option naming from UrlValidator. | ||||
* | Move Contribution Analytics related spec in ↵ | Imre Farkas | 2019-04-09 | 1 | -0/+86 |
| | | | | spec/features/groups/group_page_with_external_authorization_service_spec to EE | ||||
* | Revert "Merge branch 'if-57131-external_auth_to_ce' into 'master'" | Andreas Brandl | 2019-04-05 | 1 | -86/+0 |
| | | | This reverts merge request !26823 | ||||
* | Move Contribution Analytics related spec in ↵ | Imre Farkas | 2019-04-05 | 1 | -0/+86 |
| | | | | spec/features/groups/group_page_with_external_authorization_service_spec to EE | ||||
* | Renames Cluster#managed? to provided_by_user? | Mayra Cabrera | 2019-03-29 | 1 | -5/+3 |
| | | | | | | This will allow to user the term managed? on https://gitlab.com/gitlab-org/gitlab-ce/issues/56557. Managed? will be used to distinct clusters that are automatically managed by GitLab | ||||
* | Fix Bitbucket import | Francisco Javier López | 2019-03-14 | 1 | -1/+1 |
| | | | | | | | | | | | | In https://gitlab.com/gitlab-org/gitlab-ce/commit/ebf16ada856efb85424a98848c141f21e609886a we introduced a SHA validator, to ensure that the data provided in merge request diffs, was legit. Nevertheless, the validator assumed that the SHA should be 40 chars long. When we import a project from BitBucket, the retrieved SHA is shorter (12 chars long). Therefore, this validator prevented to create a valid MergeRequestDiff for ever MergeRequest (triggering an exception). | ||||
* | Merge branch 'fix/email_validator' into 'master' | Stan Hu | 2019-03-09 | 2 | -7/+36 |
|\ | | | | | | | | | | | | | Align EmailValidator to validate_email gem implementation. Closes #57352 See merge request gitlab-org/gitlab-ce!24971 | ||||
| * | Align EmailValidator to validate_email gem implementation. | Horatiu Eugen Vlad | 2019-03-05 | 2 | -7/+36 |
| | | | | | | | | | | | | Renamed EmailValidator to DeviseEmailValidator to avoid 'email:' naming collision with ActiveModel::Validations::EmailValidator in 'validates' statement. Make use of the options attribute of the parent class ActiveModel::EachValidator. Add more options: regex. | ||||
* | | Arbitrary file read via MergeRequestDiff | Francisco Javier López | 2019-03-04 | 1 | -0/+9 |
| | | |||||
* | | Comment why we can't use Gitlab::CurrentSettings | Thong Kuah | 2019-02-20 | 1 | -0/+6 |
| | | | | | | | | See https://gitlab.com/gitlab-org/gitlab-ee/issues/9833 | ||||
* | | Revert "Merge branch 'use_gitlab_current_settings' into 'master'" | Bob Van Landuyt | 2019-02-19 | 1 | -1/+1 |
| | | | | | | This reverts merge request !25370 | ||||
* | | Use Gitlab::CurrentSettings in UrlValidator | Thong Kuah | 2019-02-19 | 1 | -1/+1 |
|/ | | | | | | Gitlab::CurrentSettings will create ApplicationSetting.current if not present which means we don't have to use `&.`. We can also more easily use stub_application_setting in specs | ||||
* | Add table and model for error tracking settings | Reuben Pereira | 2019-01-07 | 1 | -1/+3 |
| | |||||
* | Merge branch 'ce-jej/group-saml-sso-button-link-description' into 'master' | Clement Ho | 2018-12-08 | 1 | -0/+1 |
|\ | | | | | | | | | [CE] Backport SAML unlink changes: UrlBlocker#ascii_only See merge request gitlab-org/gitlab-ce!23627 | ||||
| * | Allow URLs to be validated as ascii_only | James Edwards-Jones | 2018-12-06 | 1 | -0/+1 |
| | | | | | | | | | | Restricts unicode characters and IDNA deviations which could be used in a phishing attack | ||||
* | | Add custom validation message for chronic duration attribute | Grzegorz Bizon | 2018-12-05 | 1 | -1/+5 |
|/ | |||||
* | Allow UrlValidator to work with attr_encrypted | Nick Thomas | 2018-09-17 | 1 | -3/+11 |
| | |||||
* | Merge branch 'rubocop-code-reuse' into 'master' | Robert Speicher | 2018-09-13 | 1 | -0/+2 |
|\ | | | | | | | | | Add RuboCop cops to enforce code reusing rules See merge request gitlab-org/gitlab-ce!21391 | ||||
| * | Disable existing offenses for the CodeReuse cops | Yorick Peterse | 2018-09-11 | 1 | -0/+2 |
| | | | | | | | | | | This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. | ||||
* | | Enable frozen string in vestigial files | gfyoung | 2018-09-11 | 2 | -0/+4 |
|/ | | | | Partially addresses #47424. | ||||
* | Merge branch 'filter-web-hooks-by-branch' into 'master' | Dmitriy Zaporozhets | 2018-09-05 | 1 | -0/+35 |
|\ | | | | | | | | | Filter web hooks by branch See merge request gitlab-org/gitlab-ce!19513 | ||||
| * | Refactor: move active hook filter to TriggerableHooks | Duana Saskia | 2018-09-05 | 1 | -0/+1 |
| | | |||||
| * | Filter project hooks by branch | Duana Saskia | 2018-08-13 | 1 | -0/+34 |
| | | | | | | | | | | | | Allow specificying a branch filter for a project hook and only trigger a project hook if either the branch filter is blank or the branch matches. Only supported for push_events for now. | ||||
* | | Allow whitelisting for "external collaborator by default" setting | Roger Rüttimann | 2018-08-30 | 1 | -0/+15 |
|/ | |||||
* | Enable frozen string in apps/validators/*.rb | gfyoung | 2018-06-27 | 19 | -2/+40 |
| | | | | Partially addresses #47424. | ||||
* | Avoid checking the user format in every url validation | Francisco Javier López | 2018-06-11 | 1 | -3/+11 |
| | |||||
* | Add validation to webhook and service URLs to ensure they are not blocked ↵ | Francisco Javier López | 2018-06-01 | 5 | -95/+71 |
| | | | | because of SSRF | ||||
* | Rename allow_private_networks to allow_local_network | Douwe Maan | 2018-04-02 | 1 | -5/+3 |
| | |||||
* | Raise more descriptive errors when URLs are blocked | Douwe Maan | 2018-04-02 | 1 | -2/+4 |
| | |||||
* | Adds validators and rack cookie helper | James Edwards-Jones | 2018-04-02 | 2 | -0/+16 |
| | | | | | These changes are backported from EE, related to SAML settings in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/4549 | ||||
* | Add HTTPS-only pages | Rob Watson | 2018-03-22 | 1 | -2/+0 |
| | | | | Closes #28857 | ||||
* | Merge branch 'fj-15329-services-callbacks-ssrf' into 'security-10-6' | Douwe Maan | 2018-03-21 | 1 | -1/+1 |
| | | | | | Server Side Request Forgery in Services and Web Hooks See merge request gitlab/gitlabhq!2337 | ||||
* | Projects and groups badges API | Francisco Javier López | 2018-03-05 | 1 | -0/+32 |
| | |||||
* | Skip variables duplicates validator if variable is already a duplicate | Matija Čupić | 2018-02-22 | 1 | -0/+2 |
| | |||||
* | Improve validation message and add changelogmc/fix/project-variables-scope | Kamil Trzciński | 2018-02-14 | 1 | -1/+1 |
| | |||||
* | Refactor variable duplicates error message | Matija Čupić | 2018-02-14 | 1 | -1/+1 |
| | |||||
* | Add more information in variable_duplicates validator error message | Matija Čupić | 2018-02-13 | 1 | -1/+3 |
| | |||||
* | Refactor outer anonymous function into a do block | Matija Čupić | 2018-02-13 | 1 | -1/+3 |
| | |||||
* | Disable public send cop in variables duplicates validator | Matija Čupić | 2018-02-13 | 1 | -1/+1 |
| | |||||
* | Extend variables_duplicates validator with scope handling | Matija Čupić | 2018-02-13 | 1 | -2/+13 |
| | |||||
* | Validate User username only on Namespace, and bubble up appropriately | Douwe Maan | 2018-02-06 | 4 | -28/+1 |
| | |||||
* | Second iteration of Move Kubernetes from service to Cluster page | Filipa Lacerda | 2017-12-05 | 1 | -5/+5 |
| | |||||
* | Adds Rubocop rule for line break after guard clause | Jacopo | 2017-11-16 | 2 | -0/+2 |
| | | | | Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses. | ||||
* | Merge branch 'refactor-clusters' into 'master' | Grzegorz Bizon | 2017-11-06 | 1 | -0/+24 |
|\ | | | | | | | | | Refactor Clusters to be consisted from GcpProvider and KubernetesPlatform See merge request gitlab-org/gitlab-ce!14879 | ||||
| * | specs for models. Improved details. | Shinya Maeda | 2017-10-30 | 1 | -1/+1 |
| | | |||||
| * | This works | Shinya Maeda | 2017-10-23 | 1 | -0/+24 |
| | | |||||
* | | Reallow project paths ending in periodsdm-reallow-project-path-ending-in-period | Douwe Maan | 2017-11-06 | 5 | -53/+91 |
|/ | |||||
* | Move the key restriction validation to its own class | Nick Thomas | 2017-08-30 | 1 | -0/+29 |
| | |||||
* | Implement ayufan validator2 | Shinya Maeda | 2017-07-06 | 1 | -0/+13 |
| |