summaryrefslogtreecommitdiff
path: root/app
Commit message (Expand)AuthorAgeFilesLines
* Add latest changes from gitlab-org/security/gitlab@12-6-stable-eeGitLab Bot2020-02-121-1/+15
* Add latest changes from gitlab-org/security/gitlab@12-6-stable-eeGitLab Bot2020-01-2812-12/+65
* Add latest changes from gitlab-org/security/gitlab@12-6-stable-eeGitLab Bot2020-01-288-9/+58
* Add latest changes from gitlab-org/gitlab@12-6-stable-eeGitLab Bot2020-01-098-90/+5
* Add latest changes from gitlab-org/security/gitlab@12-6-stable-eeGitLab Bot2019-12-311-1/+1
* Add latest changes from gitlab-org/security/gitlab@12-6-stable-eeGitLab Bot2019-12-316-3/+58
* Add latest changes from gitlab-org/gitlab@12-6-stable-eeGitLab Bot2019-12-274-4/+17
* Add latest changes from gitlab-org/gitlab@12-6-stable-eeGitLab Bot2019-12-20909-5403/+11645
* Add latest changes from gitlab-org/gitlab@12-5-stable-eeGitLab Bot2019-12-162-4/+4
* Trigger Elasticsearch indexing when public group moved to privateDylan Griffith2019-12-061-1/+14
* Add latest changes from gitlab-org/gitlab@12-5-stable-eeGitLab Bot2019-12-038-31/+47
* Hide AWS secret on Admin Integration pageJustin Ho Tuan Duong2019-11-261-0/+1
* Merge branch 'security-ag-cycle-analytics-guest-permissions-12-5' into '12-5-...GitLab Release Tools Bot2019-11-262-2/+8
|\
| * Ensure that summary items remain alignedBrandon Labuschagne2019-11-202-2/+8
* | Merge branch 'security-filter-related-branches-from-activity-feed-12.5' into ...GitLab Release Tools Bot2019-11-261-1/+14
|\ \
| * | Restrict branches visible to guests in Issue feedKerri Miller2019-11-201-1/+14
| |/
* | Merge branch 'security-2943-encrypt-plaintext-tokens-12-5' into '12-5-stable'GitLab Release Tools Bot2019-11-261-22/+18
|\ \
| * | Encrypt application settings with pre and post deploymentsArturo Herrero2019-11-251-24/+0
| * | Encrypt application setting tokensArturo Herrero2019-11-211-22/+42
| |/
* | Merge branch 'security-dns-rebind-ssrf-in-slack-notifications-12-5-ce' into '...GitLab Release Tools Bot2019-11-263-5/+28
|\ \
| * | Use Gitlab::HTTP for all chat notificationsHordur Freyr Yngvason2019-11-213-5/+28
| |/
* | Merge branch 'security-33712-ce-12-5' into '12-5-stable'GitLab Release Tools Bot2019-11-262-1/+15
|\ \
| * | Internalize private project minimum access levelMark Chao2019-11-222-12/+13
| * | Fix scope to handle private guest permissionMark Chao2019-11-222-1/+14
| |/
* | Check permissions before showing a forked project's sourceNick Thomas2019-11-253-21/+22
|/
* Add latest changes from gitlab-org/gitlab@12-5-stable-eeGitLab Bot2019-11-19824-5290/+13355
* Add latest changes from gitlab-org/gitlab@12-4-stable-eeGitLab Bot2019-11-047-13/+21
* Merge branch 'security-mask-sentry-token-12-4-ce' into '12-4-stable'GitLab Release Tools Bot2019-10-253-4/+13
|\
| * Mask Sentry auth tokenRyan Cobb2019-10-243-4/+13
* | Merge branch 'security-remove-leaky-401-responses-12.4' into '12-4-stable'GitLab Release Tools Bot2019-10-251-2/+4
|\ \
| * | Avoid #authenticate_user! in #route_not_foundKerri Miller2019-10-221-2/+4
| |/
* | Return 404 on LFS request if project doesn't existIgor Drozdov2019-10-251-0/+1
* | Merge branch 'security-bvl-validate-force-remove-branch-on-mrs-12-4-ce' into ...GitLab Release Tools Bot2019-10-247-9/+52
|\ \
| * | Only assign merge params when allowedBob Van Landuyt2019-10-237-9/+52
| |/
* | Merge branch 'security-wiki-rdoc-content-12-4-ce' into '12-4-stable'GitLab Release Tools Bot2019-10-242-9/+7
|\ \
| * | Pass all wiki markup formats through pipelinesLuke Duncalfe2019-10-232-9/+7
| |/
* | Merge branch 'security-developer-transfer-project-12-4' into '12-4-stable'GitLab Release Tools Bot2019-10-243-1/+5
|\ \
| * | Require maintainer permission to transfer projectsmanojmj2019-10-233-1/+5
| |/
* | Merge branch 'security-open-redirect-internalredirect-12-4' into '12-4-stable'GitLab Release Tools Bot2019-10-241-1/+1
|\ \
| * | Use the '\A' and '\z' regex anchors in `InternalRedirect` to mitigate an Open...Joern Schneeweisz2019-10-221-1/+1
| |/
* | Merge branch 'security-2914-labels-visible-despite-no-access-to-issues-reposi...GitLab Release Tools Bot2019-10-242-5/+11
|\ \
| * | Fix labels finder to filter issuablesEugenia Grieff2019-10-222-5/+11
| |/
* | Merge branch 'security-2920-fix-notes-with-label-cross-reference-12-4' into '...GitLab Release Tools Bot2019-10-242-1/+4
|\ \
| * | Add milestone and label note types to cross refsEugenia Grieff2019-10-242-1/+4
| |/
* | Merge branch 'security-64519-circular-graphql-queries-12-4' into '12-4-stable'GitLab Release Tools Bot2019-10-241-5/+5
|\ \
| * | Check for recursion and fail if too recursivecharlieablett2019-10-231-5/+5
| |/
* | Merge branch 'security-33689-post-filter-search-results-ce-12-4' into '12-4-s...GitLab Release Tools Bot2019-10-246-2/+15
|\ \
| * | Add #to_ability_name to Project & MilestoneDylan Griffith2019-10-232-0/+8
| * | Change Note#to_ability_name to 'note'Dylan Griffith2019-10-234-2/+7
| |/
* | Merge branch 'security-65756-ex-admin-attacker-can-comment-in-internalsecurit...GitLab Release Tools Bot2019-10-241-0/+1
|\ \