| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|\
| |
| |
| |
| | |
Platform: Use component to emit event on Subscription toggle component instead of eventHub
See merge request gitlab-org/gitlab-ce!18682
|
| | |
|
| | |
|
|\ \
| |/
|/|
| |
| |
| |
| | |
Improve quick actions summary preview
Closes #45892
See merge request gitlab-org/gitlab-ce!18659
|
| | |
|
| | |
|
| | |
|
|\ \
| | |
| | |
| | |
| | | |
[Rails5] Add `touch_later` to `Commit` model
See merge request gitlab-org/gitlab-ce!18642
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit fixes errors like:
```
1) API::Todos GET /todos when unauthenticated returns authentication error
Failure/Error: @raw.__send__(method, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
NoMethodError:
undefined method `touch_later' for #<Gitlab::Git::Commit:0x00005573f5196270>
# ./app/models/commit.rb:259:in `method_missing'
# ./spec/requests/api/todos_spec.rb:12:in `block (2 levels) in <top (required)>'
```
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
'blackst0ne-rails5-use-safe-params-instead-of-params-in-url-for-helpers' into 'master'
[Rails5] Use `safe_params` instead of `params` in `url_for` helpers
See merge request gitlab-org/gitlab-ce!18637
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commits replaces `params` with `safe_params` in `url_for` helpers
to resolve security issues [1] and failing specs with the
```
ArgumentError:
Attempting to generate a URL from non-sanitized request parameters!
An attacker can inject malicious data into the generated URL, such as
changing the host. Whitelist and sanitize passed parameters to be secure.
```
error.
[1]: https://gitlab.com/gitlab-org/gitlab-ce/issues/45168
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
into 'master'
[Rails5] Update `ApplicationController#log_exception` to fix `undefined method 'clean'` error
See merge request gitlab-org/gitlab-ce!18636
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
method 'clean'` error
This commit fixes the error:
```
1) Projects::TodosController Merge Requests POST create when not authorized for merge_request doesn't create todo
Failure/Error: application_trace = ActionDispatch::ExceptionWrapper.new(env, exception).application_trace
NoMethodError:
undefined method `clean' for #<Hash:0x000055be5bda35d0>
Did you mean? clear
# ./app/controllers/application_controller.rb:113:in `log_exception'
# ./app/controllers/application_controller.rb:40:in `block in <class:ApplicationController>'
# ./spec/controllers/projects/todos_controller_spec.rb:80:in `go'
# ./spec/controllers/projects/todos_controller_spec.rb:138:in `block (6 levels) in <top (required)>'
# ./spec/controllers/projects/todos_controller_spec.rb:138:in `block (5 levels) in <top (required)>'
# ------------------
# --- Caused by: ---
# ActiveRecord::RecordNotFound:
# Couldn't find MergeRequest
# ./app/finders/concerns/finder_methods.rb:19:in `raise_not_found_unless_authorized'
Finished in 7.53 seconds (files took 12.8 seconds to load)
1 example, 1 failure
```
Also see https://github.com/rails/rails/commit/6d85804bc6aeecce5669fb4b0d7b33c069deff3a
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
Fix file_store for artifacts and lfs when saving
See merge request gitlab-org/gitlab-ce!18624
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
[Rails5] Fix `params` for DeleteUserWorker
See merge request gitlab-org/gitlab-ce!18635
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This commit fixes the error:
```
1) Admin::UsersController DELETE #user with projects deletes the user and their contributions when hard delete is specified
Failure/Error: Users::DestroyService.new(current_user).execute(delete_user, options.symbolize_keys)
NoMethodError:
undefined method `symbolize_keys' for "{\"hard_delete\"=>\"true\"}":String
# ./app/workers/delete_user_worker.rb:8:in `perform'
# ./lib/gitlab/sidekiq_status/server_middleware.rb:5:in `call'
# ./config/initializers/forbid_sidekiq_in_transactions.rb:35:in `block (2 levels) in <module:NoEnqueueingFromTransactions>'
# ./app/models/user.rb:913:in `delete_async'
# ./app/controllers/admin/users_controller.rb:148:in `destroy'
# ./lib/gitlab/i18n.rb:50:in `with_locale'
# ./lib/gitlab/i18n.rb:56:in `with_user_locale'
# ./app/controllers/application_controller.rb:327:in `set_locale'
# ./spec/controllers/admin/users_controller_spec.rb:28:in `block (3 levels) in <top (required)>'
Finished in 6.81 seconds (files took 13.9 seconds to load)
1 example, 1 failure
```
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Enable LFS setting UI for Masters and Owners
Closes #33320
See merge request gitlab-org/gitlab-ce!18562
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
LFS can be enabled and disabled per project using the API by Masters
and Owners, but the UI is only available to Admins. The interface and
API should be consistent.
LFS can also be enabled and disabled per group using the API by Owners,
but the UI is only available to Admins. This interface should also be
consistent.
Additionally removes an unneeded check if 2FA interface, since the
interface is only available to Owners.
Closes #33320
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Migrate pipeline stages indices
Closes #43009
See merge request gitlab-org/gitlab-ce!18420
|
| | | | | | |
|
| |\ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | | |
* master: (106 commits)
|
| |\ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | | |
# Conflicts:
# db/schema.rb
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | | |
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Fix commit trailer rendering when Gravatar is disabled
Closes #45633
See merge request gitlab-org/gitlab-ce!18586
|
| | | | | | | | | |
|
| | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \
| |_|_|_|_|/ / / /
|/| | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Use persisted diff data instead fetching Git on discussions
Closes #44052
See merge request gitlab-org/gitlab-ce!18657
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Today, when fetching diffs of a note, we always go to Gitaly in order to diff between commits and return the diff of each discussion note. With this change we avoid doing that for notes on the "current version" of the MR.
|
| |_|_|_|/ / / /
|/| | | | | | | |
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
[CE] Exclude LDAP from OmniauthCallbackController base methods
See merge request gitlab-org/gitlab-ce!18619
|
| | | | | | | | | |
|
| | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Update timeline icon for description edit
Closes #39946
See merge request gitlab-org/gitlab-ce!18633
|
| | |_|_|_|_|_|_|/
| |/| | | | | | | |
|
|\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Revert discussion counter height
Closes #45896
See merge request gitlab-org/gitlab-ce!18656
|
| | |_|_|_|_|_|/ /
| |/| | | | | | | |
|
| |/ / / / / / /
|/| | | | | | | |
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Sanitize user name to avoid XSS attacks
See merge request gitlab/gitlabhq!2373
|
| |_|/ / / / /
|/| | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Serve archive requests with the correct file in all cases (10.7)
See merge request gitlab/gitlabhq!2376
|
|\ \ \ \ \ \ \
| |_|_|_|_|_|/
|/| | | | | |
| | | | | | |
| | | | | | | |
Backports EE changes from disabling branch unprotect UI
See merge request gitlab-org/gitlab-ce!18262
|
| | | | | | | |
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Don't automatically remove artifacts for pages jobs after pages:deploy has run
Closes #45481
See merge request gitlab-org/gitlab-ce!18628
|
| | | | | | | | |
|
| | | | | | | | |
|