| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
- Due to https://github.com/exAspArk/batch-loader/pull/32,
we changed BatchLoader.for into BatchLoader::GraphQL.for
- since our results are wrapped in a BatchLoader::GraphQL,
calling `sync` during authorization is required to get real object
- `graphql` now has it's own authorization system. Our
`authorized?` method conflicted and required renaming
|
|\
| |
| |
| |
| | |
Persist `needs:` validation as config error
See merge request gitlab-org/gitlab-ce!32648
|
| |
| |
| |
| |
| |
| |
| |
| | |
In case when `needs:` is missing, but when requested by service,
we would not save the pipeline with config_error.
This makes it explicit that we want to persist the error
as `config_error` failure reason.
|
| |
| |
| |
| | |
Improve diff lines count efficiency
|
| |
| |
| |
| |
| |
| |
| | |
Introduce JWTAutheticatable module that can be reused for ai=uthtication
between Pages and GitLab (the same way we use do now for Workhorse).
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/61927.
|
| | |
|
|\ \
| | |
| | |
| | |
| | | |
Backport retries options for cancel_running
See merge request gitlab-org/gitlab-ce!32525
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
Remove all references to Gitlab::CorrelationId
See merge request gitlab-org/gitlab-ce!32228
|
| | | |
| | | |
| | | |
| | | | |
This class has been replaced with Labkit::Correlation::CorrelationId
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Extends the permission of $CI_REGISTRY_USER to allow them
to delete tags in addition to just pushing.
https://gitlab.com/gitlab-org/gitlab-ce/issues/40096
|
| | | |
| | | |
| | | | |
This allows overriding `only.refs` to something else if needed.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Prometheus listen_address can be in formats of :9090 and 0.0.0.0:9090.
But before these can be used to connect a project to Prometheus, they
have to converted into absolute URIs.
|
| |/ /
|/| |
| | |
| | | |
as requested by the reviewer
|
| | |
| | |
| | |
| | | |
Wrong format on MS Teams integration push events with multi line commit messages
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix Peek on Puma
Closes #66528
See merge request gitlab-org/gitlab-ce!32213
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously, we called the `peek_enabled?` method like so:
prepend_before_action :set_peek_request_id, if: :peek_enabled?
Now we don't have a `set_peek_request_id` method, so we don't need that
line. However, the `peek_enabled?` part had a side-effect: it would also
populate the request store cache for whether the performance bar was
enabled for the current request or not.
This commit makes that side-effect explicit, and replaces all uses of
`peek_enabled?` with the more explicit
`Gitlab::PerformanceBar.enabled_for_request?`. There is one spec that
still sets `SafeRequestStore[:peek_enabled]` directly, because it is
contrasting behaviour with and without a request store enabled.
The upshot is:
1. We still set the value in one place. We make it more explicit that
that's what we're doing.
2. Reading that value uses a consistent method so it's easier to find in
future.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Peek's `Peek.request_id` method doesn't work well with a multi-threaded
server and concurrent requests, because requests can 'steal' another
request's ID, or unset it before it was due.
The upstream change resolves this; the commit here is just to ensure
that GitLab works with that upstream change, mostly by not using
`Peek.request_id` any more (as the method doesn't exist).
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Pass in a nil project to Gitlab::SlashCommands::ApplicationHelp.new
if the chatops command is help.
- Modify the Gitlab::SlashCommands::Presenters::Help message to skip
printing out project information.
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fix 500 error in CI lint when included templates are an array
Closes #66605
See merge request gitlab-org/gitlab-ce!32232
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Previously the following syntax would fail in the linter with an
error 500:
```
include:
template:
- License-Management.gitlab-ci.yml
- Dependency-Scanning.gitlab-ci.yml
- SAST.gitlab-ci.yml
```
Now the error will call out specifically that the value
is not a string.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66605
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Move generic k8s services out of GCP namespace
See merge request gitlab-org/gitlab-ce!32310
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
These services aren't specific to GCP, and will be used for AWS
as part of https://gitlab.com/gitlab-org/gitlab-ce/issues/46686
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Improve chatops help output
See merge request gitlab-org/gitlab-ce!32208
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This improves the output produced when running an unknown command,
running the "help" command, and when trying to run a command you are not
allowed to run. The new help output includes links to the project of the
chatops integration, and a link to the chatops documentation.
|
| |_|_|_|_|/
|/| | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This fixes a bug in which sidekiq histograms contain invalid labels.
See https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/7729
for more details.
|
|\ \ \ \ \ \ |
|
| |\ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Add direct upload support for personal snippets
See merge request gitlab/gitlabhq!3226
|
| | | | | | | | |
|
| |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Fix DNS rebind vulnerability for JIRA integration
See merge request gitlab/gitlabhq!3266
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Uses Gitlab::HTTP for JIRA requests instead of Net::Http.
Gitlab::Http comes with some built in SSRF protections.
|
| |\ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Limit the size of issuable description and comments
See merge request gitlab/gitlabhq!3267
|
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Limiting the size of issuable description and comments to 1_000_000,
which is close to ~1MB of ASCII characters, which represents 99.9% of
all descriptions and comments we have in DB at the moment. This should
help prevent DoS attacks when comments contain refference strings.
Also this change updates regexp matching the namespaces paths by
limiting the namespaces paths to Namespace::NUMBER_OF_ANCESTORS_ALLOWED,
as we allow 20 levels deep groups.
see https://gitlab.com/gitlab-org/gitlab-ce/issues/61974#note_191274234
|
| |\ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Require a captcha after unique failed logins from the same IP
See merge request gitlab/gitlabhq!3270
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Add method to store session ids by ip
Add new specs for storing session ids
Add cleaning up records after login
Add retrieving anonymous sessions
Add login recaptcha setting
Add new setting to sessions controller
Add conditions for showing captcha
Add sessions controller specs
Add admin settings specs for login protection
Add new settings to api
Add stub to devise spec
Add new translation key
Add cr remarks
Rename class call
Add cr remarks
Change if-clause for consistency
Add cr remarks
Add code review remarks
Refactor AnonymousSession class
Add changelog entry
Move AnonymousSession class to lib
Move store unauthenticated sessions to sessions controller
Move link to recaptcha info
Regenerate text file
Improve copy on the spam page
Change action filter for storing anonymous sessions
Fix rubocop offences
Add code review remarks
|
| |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Project visibility restriction bypass
See merge request gitlab/gitlabhq!3306
|
| | | |_|/ / / / / / /
| | |/| | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Add Gitlab::VisibilityLevelChecker that verifies
selected project visibility level (or overridden param)
is not restricted when creating or importing a project
|
| |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Introduce JobActivity limit for alive jobs
Closes gitlab-ee#376
See merge request gitlab/gitlabhq!3339
|
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
This is a port from EE changes where
we introduce a new limit for Plan model.
https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/1182
|
| |\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Re-escape the whole HTML content when finding HTML references
See merge request gitlab/gitlabhq!3340
|
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
When we un-escape HTML text to find references in it, we should then
re-escape the whole text again, not only found matches.
Because we replace matches with milestone/label links (which contain
HTML tags we don't want to escape again), we re-escape HTML text
with placeholders instead of these links and then replace placeholders
in the escaped text.
|
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Adds a slash command in slach for closing issues. See
https://docs.gitlab.com/ee/integration/slash_commands.html
for documentation on the wider feature set.
|
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
This reverts commit 0eff75fa2b6691b6fba31fcc2842f51debd249a9.
|
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Utilize the auto repair functionality of system checks.
|
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
This check is being removed from gitlab-shell as the file
is now being managed by gitlab-rails.
|
| |_|_|_|_|_|_|_|_|/ / /
|/| | | | | | | | | | | |
|
|\ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Simplify internal post receive messages
Closes #59808
See merge request gitlab-org/gitlab-ce!31640
|
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Instead of sending varied data to Gitaly, and making Gitaly construct
various messages, build the messages first and have Gitaly print
either basic messages or alert messages, in the order they come.
Depends on https://gitlab.com/gitlab-org/gitaly/merge_requests/1410
|
|\ \ \ \ \ \ \ \ \ \ \ \ \
| |/ / / / / / / / / / / /
|/| | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Add warnings to performance bar response
See merge request gitlab-org/gitlab-ce!31054
|