| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
`User#starred_projects` doesn't perform any visibility checks. This has
a couple of problems:
1. It assumes a user can always view all of their starred projects in
perpetuity (project not changed to private, access revoked, etc.).
2. It assumes that we'll only ever allow a user to star a project they
can view. This is currently the case, but bugs happen.
Add `User#viewable_starred_projects` to filter the starred projects by
those the user either has explicit access to, or are public or
internal. Then use that in all places where we list the user's starred
projects.
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
into 'master'
Only generate repository push email once
The repository push email can be very expensive to generate, especially
with syntax-highlighted diffs. Instead of generating the email for each
recipient, generate one email object and reset the Message-Id and To
headers for each recipient. (Cloning would also be expensive in the case
of large emails, although probably not as bad as generating from
scratch.)
Closes #17270.
See merge request !4070
|
| | | |_|/ / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The repository push email can be very expensive to generate, especially
with syntax-highlighted diffs. Instead of generating the email for each
recipient, generate one email object and reset the Message-Id and To
headers for each recipient. (Cloning would also be expensive in the case
of large emails, although probably not as bad as generating from
scratch.)
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Enable Rubocop Casecmp Performance Cop.
Also fixes the errors caused by enabling the cop.
`casecmp` is more performant than `.downcase` and `==`.
See also: https://github.com/bbatsov/rubocop/blob/master/lib/rubocop/cop/performance/casecmp.rb
See merge request !3957
|
| | | |_|/ / /
| |/| | | |
| | | | | |
| | | | | | |
Also fixes the errors caused by enabling the cop. casecmp is more performant than `.downcase` and `==`.
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Enable the StringReplacement cop.
Also fix one use of `gsub` that would be faster as `delete`.
Use `tr` instead of `gsub` when you are replacing the same number of characters. Use `delete` instead of `gsub` when you are deleting characters.
See merge request !3960
|
| | |/ / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Also fix one use of `gsub` that would be faster as `delete`.
Use `tr` instead of `gsub` when you are replacing the same number of
characters. Use `delete` instead of `gsub` when you are deleting
characters.
|
| |\ \ \ \ \ \
| |_|/ / / /
|/| | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Add eager load paths to help prevent dependency load issues with Sidekiq workers
_Originally opened at !3545 by @stanhu._
- - -
Relevant resources:
- https://github.com/mperham/sidekiq/wiki/FAQ#why-doesnt-sidekiq-autoload-my-rails-application-code
- https://github.com/mperham/sidekiq/issues/1281#issuecomment-27129904
- http://blog.arkency.com/2014/11/dont-forget-about-eager-load-when-extending-autoload
- https://github.com/rails/rails/blob/52ce6ece8c8f74064bb64e0a0b1ddd83092718e1/railties/lib/rails/engine.rb#L472-L479
- https://github.com/rails/rails/blob/v4.2.6/railties/lib/rails/paths.rb
Attempts to address #3661, #11896, #12769, #13521, #14131, #14589, #14759, #14825.
See merge request !3724
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
- Fix naming of API::CommitStatuses
- Ensure we use require_dependency instead of require
- Ensure the namespace is right in lib/api/api.rb, otherwise, we
might require Grape::API::Helpers which defines the `#params` method.
This is to avoid requiring a file multiple times and getting an "Already
initialized constant" error.
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |\ \ \ \ \ \
| |_|_|/ / /
|/| | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fix using link to uploads in global snippets
Closes #17342, closes #17363
See merge request !4085
|
| | | | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Closes #17342, closes #17363
|
| |\ \ \ \ \ \
| | |/ / / /
| |/| | | | |
|
| | |\ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Revert "Merge branch 'wiki-fix' into 'master'"
This reverts commit 4cc85a58e8ca00f5a4ecbd2bca40a0cad867b817 (!4026), reversing
changes made to 90ae445ba930068d04adc5a009dbdeabe4cb3e34.
From https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4026#note_11719950:
> 1. On Ruby 2.1.x, the [`uri.path = ::File.join(project_wiki_base_path, uri.path)`](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/banzai/filter/wiki_link_filter.rb#L39) raises an `URI::InvalidComponentError: bad component(expected relative path component): http://bar.com/baz` error in `Banzai::Filter::WikiLinkFilter#rebuild_wiki_uri`, which is then rescued in [`Banzai::Filter::WikiLinkFilter#process_link_attr`](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/banzai/filter/wiki_link_filter.rb#L34), thus the link is not modified and the tests pass.
1. On Ruby 2.2.x, the same line doesn't raise an error anymore, thus tests are broken on Ruby 2.2 only. I didn't really understand yet why having absolute links in the wiki would break some tests vs having relative links as before, but I think the safest course to action is to revert this MR and to find another fix (probably just prepending `ProjectWiki#wiki_base_path` with the relative URL path component if we are in the case of a relative URL...
/cc @artem-sidorenko
Just a FYI note: no need to pick into `8-7-stable` since the original commit was not picked.
See merge request !4105
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This reverts commit 4cc85a58e8ca00f5a4ecbd2bca40a0cad867b817, reversing
changes made to 90ae445ba930068d04adc5a009dbdeabe4cb3e34.
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | |\ \ \ \ \ \
| | |/ / / / /
| |/| | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Remove the annotate gem and delete old annotations
In 8278b763d96ef10c6494409b18b7eb541463af29 the default behaviour of annotation
has changes, which was causing a lot of noise in diffs. We decided in #17382
that it is better to get rid of the whole annotate gem, and instead let people
look at schema.rb for the columns in a table.
Fixes: #17382
/cc @yorickpeterse
See merge request !4099
|
| | | | | | | | |
|
| | | |_|_|_|/
| |/| | | | |
|
| |/ / / / /
| | | | |
| | | | |
| | | | | |
Closes #1625
|
| |\ \ \ \ \
| |/ / / /
|/| | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add if exists to drop command
Add `IF EXISTS` as a precaution. Related to gitlab-org/gitlab-ce!4020
See merge request !4100
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
list
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | |/ / /
|/| | | |
|
| | | | | |
|
| | |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If you attempt to push thousands of branches at once, the 60-second timeout
will occur because GitAccess checking does a lot of work to check if the
user has permission to push to a branch. This changes does two things:
1. Instead of making 1 DB query per branch push, use a memoized list of protected branches to check
2. Memoize what permissions the user has to perform on this project
On a test of 10,000 branch pushes, this prevents gitlab-shell from hitting the 60-second
timeout.
Closes #17225
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use a custom Loofah scrubber since sanitize 2.x transformers are inadequate
to handle case-sensitive SVG attributes. sanitize parses documents as HTML
instead of XML, which causes all SVG attribute names (e.g. viewBox) to be downcased.
* SVG element list: https://www.w3.org/TR/SVG/eltindex.html
* SVG attribute list: https://www.w3.org/TR/SVG/attindex.html
Closes #14555
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Update annotations on models
See merge request !3962
|
| | | | |
| | | |
| | | |
| | | | |
[ci skip]
|
| |\ \ \ \
| | |/ /
| |/| |
| | | |
| | | | |
Rake drop tables with cascade
See merge request !4020
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fix importer bug when throwing exceptions
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/15681
See merge request !3941
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Previously this method would directly receive the output of tag_name().
This method could either return a String or nil. In the previous setup
this would somehow magically work but because Rugged::TagCollection#[]
doesn't accept nil values it started to fail.
To work around this the elsif in change_access_check() assigns the
result of tag_name() to a local and then _only_ calls protected_tag?()
if the tag name is not nil. The extra parenthesis are put in place to
ensure that things are parsed correctly, without these the code would be
parsed as follows:
elsif tag_ref = (tag_name(ref) && protected_tag(tag_ref))
During runtime this would basically resolve to:
elsif tag_ref = (tag_name(ref) && protected_tag(nil))
This is because when you refer to the variable you're assigning _in_ the
assignment Ruby returns nil instead of raising an error.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This removes the need for retrieving the entire list of tags just to
check if a specific one exists.
|
| | |_|/ /
|/| | |
| | | |
| | | |
| | | | |
Pull Request Review Comments are comments on a portion of the unified
diff.
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Use Rugged's TagCollection#create instead of gitlab-shell's Repository#add_tag for better performance
This was originally opened at !1757 by @pcarranza but I changed it to use Rugged instead of gitlab_git, following @DouweM's request.
Once this is merged, https://gitlab.com/gitlab-org/gitlab-shell/merge_requests/26 will be mergeable too.
See merge request !3745
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
Repository#add_tag for better performance
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |\ \ \ \
| |/ / /
|/| | |
| | | |
| | | | |
# Conflicts:
# Gemfile.lock
|
| | |/ /
| | |
| | | |
- Parameter validation as ISO8601 format
|
| |\ \ \
| |_|/
|/| | |
|
| | |\ \
| | |/
| |/| |
|
| | | |\
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Prevent information disclosure via milestone API
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15579
See merge request !1961
|
| | | | |
| | | |
| | | |
| | | | |
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15579
|
| | | |\ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Prevent information disclosure via snippet API
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15580
See merge request !1958
|
| | | | |/
| | | |
| | | |
| | | | |
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15580
|
| | | | | |
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Use ActionDispatch Remote IP for Akismet checking
Previously all remote IPs appeared at 127.0.0.1, which made Akismet
not very useful. Using the ActionDispatch Remote IP (http://api.rubyonrails.org/classes/ActionDispatch/RemoteIp.html)
should provide more reliable results.
Closes #16629
See merge request !3961
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously all remote IPs appeared at 127.0.0.1, which made Akismet
not very useful. Using the ActionDispatch Remote IP (http://api.rubyonrails.org/classes/ActionDispatch/RemoteIp.html)
should provide more reliable results.
Closes #16629
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
These changes were pulled from GitLab EE to support configuring
an alternative API URL than the default https://api.github.com.
In addition, the `verify_ssl` flag allows users to disable SSL cert
checking.
One modification: add a default `args` option if it does not exist
to avoid breaking existing configurations.
|
