summaryrefslogtreecommitdiff
path: root/app
Commit message (Expand)AuthorAgeFilesLines
* Add Component to Confirm Environment RollbackAndrew Fontaine2019-03-058-14/+189
* Merge branch '56851-error-tracking-page-seems-broken' into 'master'Filipa Lacerda2019-03-052-11/+30
|\
| * Fix error tracking page, not showing an empty stateJose Vargas2019-03-012-11/+30
* | Added tightLists option to copy_as_gfm markdown serializerConstance Okoghenun2019-03-051-1/+3
* | Merge branch '56809-graphql-version-api' into 'master'Douwe Maan2019-03-054-1/+34
|\ \
| * | Add metadata about the GitLab server to GraphQLNick Thomas2019-03-054-1/+34
* | | Display the correct number of MRs a user has access toIgor Drozdov2019-03-055-14/+21
|/ /
* | Merge dev.gitlab.org master into GitLab.com masterYorick Peterse2019-03-052-2/+14
|\ \
| * | Display only informaton visible to current userJarka Košanová2019-03-052-2/+14
* | | Fix large table horizontal scroll and prevent side-by-side tablesDany Jupille2019-03-051-6/+1
* | | Merge branch 'merge-dev-to-master' into 'master'John Jarvis2019-03-0529-58/+145
|\ \ \
| * | | Resolve conflicts in group policyMałgorzata Ksionek2019-03-051-1/+0
| * | | Resolve conflicts in app/policies/group_policy.rbStan Hu2019-03-041-3/+0
| * | | Merge dev master into GitLab.com masterYorick Peterse2019-03-0429-57/+148
| |\ \ \ | | |/ /
| | * | Merge branch 'security-2773-milestones-fix' into 'master'Yorick Peterse2019-03-045-5/+24
| | |\ \
| | | * | Check issue milestone availabilityJarka Košanová2019-02-145-5/+24
| | * | | Merge branch 'security-commit-private-related-mr' into 'master'Yorick Peterse2019-03-042-2/+13
| | |\ \ \
| | | * | | Modify MergeRequestsFinder to allow filtering by commitPatrick Bajao2019-01-282-2/+13
| | | * | | Merge branch 'fix/security-group-user-removal' into 'master'Yorick Peterse2019-01-256-4/+50
| | | |\ \ \
| | | | * | | Add subresources removal to member destroy serviceJames Lopez2019-01-256-4/+50
| | | * | | | Merge branch 'security-import-path-logging' into 'master'Yorick Peterse2019-01-252-2/+24
| | | |\ \ \ \
| | | | * | | | Fix path disclosure on Project ImportJames Lopez2019-01-072-2/+24
| | | * | | | | Merge branch 'security-guests-can-see-list-of-merge-requests' into 'master'Yorick Peterse2019-01-253-11/+38
| | | |\ \ \ \ \
| | | | * | | | | Group Guests are no longer able to see merge requestsTiago Botelho2019-01-213-11/+38
| | | * | | | | | Merge branch 'security-contributed-projects' into 'master'Yorick Peterse2019-01-251-0/+7
| | | |\ \ \ \ \ \
| | | | * | | | | | Fix contributed projects finder shown private infoJames Lopez2019-01-081-0/+7
| | | * | | | | | | Merge branch 'security-do-not-process-mr-ref-for-guests' into 'master'Yorick Peterse2019-01-251-1/+1
| | | |\ \ \ \ \ \ \
| | | | * | | | | | | Don't process MR refs for guests in the notesOswaldo Ferreira2019-01-101-1/+1
| | | * | | | | | | | Merge branch 'security-22076-sanitize-url-in-names' into 'master'Yorick Peterse2019-01-2537-51/+59
| | | |\ \ \ \ \ \ \ \
| | | | * | | | | | | | Use `sanitize_name` to sanitize URL in user full nameKushal Pandya2019-01-2236-51/+51
| | | | * | | | | | | | Add `sanitize_name` helper to sanitize URLs in user full nameKushal Pandya2019-01-221-0/+8
| | | * | | | | | | | | Merge branch 'sh-fix-import-redirect-vulnerability' into 'master'Yorick Peterse2019-01-252-3/+3
| | | |\ \ \ \ \ \ \ \ \
| | | | * | | | | | | | | Alias GitHub and BitBucket OAuth2 callback URLsStan Hu2019-01-222-3/+3
| | | * | | | | | | | | | [master] Check access rights when creating/updating ProtectedRefsFrancisco Javier López2019-01-251-8/+0
| | | * | | | | | | | | | Merge branch 'security-55320-stored-xss-in-user-status' into 'master'Tim Zallmann2019-01-251-4/+4
| | | |\ \ \ \ \ \ \ \ \ \ | | | | |_|_|_|_|_|_|/ / / | | | |/| | | | | | | | |
| | | | * | | | | | | | | Use sanitized user status message for user popoverDennis Tang2019-01-231-4/+4
| | | | |/ / / / / / / /
| | | * | | | | | | | | Merge branch 'security-2767-verify-lfs-finalize-from-workhorse' into 'master'Yorick Peterse2019-01-241-1/+1
| | | |\ \ \ \ \ \ \ \ \
| | | | * | | | | | | | | Verify that LFS upload requests are genuineNick Thomas2019-01-221-1/+1
| | | | |/ / / / / / / /
| | | * | | | | | | | | Merge branch 'security-project-move-users' into 'master'Yorick Peterse2019-01-243-1/+16
| | | |\ \ \ \ \ \ \ \ \
| | | | * | | | | | | | | Sent notification only to authorized usersJan Provaznik2019-01-233-1/+16
| | | | |/ / / / / / / /
| | | * | | | | | | | | Merge branch 'extract-pages-with-rubyzip' into 'master'Yorick Peterse2019-01-241-16/+25
| | | |\ \ \ \ \ \ \ \ \
| | | | * | | | | | | | | Extract GitLab Pages using RubyZipKamil Trzciński2019-01-221-16/+25
| | | * | | | | | | | | | Merge branch 'security-commit-status-shown-for-guest-user' into 'master'Yorick Peterse2019-01-241-1/+1
| | | |\ \ \ \ \ \ \ \ \ \
| | | | * | | | | | | | | | Stop showing ci for guest usersSteve Azzopardi2019-01-231-1/+1
| | | * | | | | | | | | | | Merge branch 'security-fix-lfs-import-project-ssrf-forgery' into 'master'Yorick Peterse2019-01-244-45/+107
| | | |\ \ \ \ \ \ \ \ \ \ \
| | | | * | | | | | | | | | | Added validations to prevent LFS object forgeryFrancisco Javier López2019-01-214-45/+107
| | | | | |_|_|_|_|/ / / / / | | | | |/| | | | | | | | |
| | | * | | | | | | | | | | Merge branch 'security-pipeline-trigger-tokens-exposure' into 'master'Yorick Peterse2019-01-245-6/+27
| | | |\ \ \ \ \ \ \ \ \ \ \
| | | | * | | | | | | | | | | Present all pipeline triggers using trigger presenterGrzegorz Bizon2019-01-152-1/+3
| | | | * | | | | | | | | | | Do not expose trigger token when user should not see itGrzegorz Bizon2019-01-154-5/+24
| | | | | |_|_|_|/ / / / / / | | | | |/| | | | | | | | |
| | | * | | | | | | | | | | Merge branch 'security-fix-regex-dos' into 'master'Yorick Peterse2019-01-241-0/+1
| | | |\ \ \ \ \ \ \ \ \ \ \
View Lorry Controller Status