| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |\
| |
| |
| |
| | |
Fix performance bar thresholds
See merge request gitlab-org/gitlab-ce!32587
|
| | |
| |
| |
| |
| | |
These were written in seconds but are supposed to be in
milliseconds. The total Gitaly time was wrong for the same reason.
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Resolve "Typo in RELEASE_ENDPOINT_REQUIREMETS constant"
Closes #66464
See merge request gitlab-org/gitlab-ce!32468
|
| | | | |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Improve GC_REPORT_BUCKETS granularity
See merge request gitlab-org/gitlab-ce!32586
|
| | | | | |
|
| |/ / / |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Modified schema via migrations.
Added one-to-one relationship between the two models.
Added changelog file
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Backport retries options for cancel_running
See merge request gitlab-org/gitlab-ce!32525
|
| | | |/
| |/| |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Remove all references to Gitlab::CorrelationId
See merge request gitlab-org/gitlab-ce!32228
|
| | | | |
| | | |
| | | |
| | | | |
This class has been replaced with Labkit::Correlation::CorrelationId
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Extends the permission of $CI_REGISTRY_USER to allow them
to delete tags in addition to just pushing.
https://gitlab.com/gitlab-org/gitlab-ce/issues/40096
|
| | | | |
| | | |
| | | | |
This allows overriding `only.refs` to something else if needed.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Prometheus listen_address can be in formats of :9090 and 0.0.0.0:9090.
But before these can be used to connect a project to Prometheus, they
have to converted into absolute URIs.
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
Fix permissions check in `RelativeLinkFilter`
See merge request gitlab-org/gitlab-ce!32448
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fixes RelativeLinkFilter for users that don't have access
to the project's repository
|
| | |_|/ /
|/| | |
| | | |
| | | | |
as requested by the reviewer
|
| | | | |
| | | |
| | | |
| | | | |
Wrong format on MS Teams integration push events with multi line commit messages
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fix Peek on Puma
Closes #66528
See merge request gitlab-org/gitlab-ce!32213
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Previously, we called the `peek_enabled?` method like so:
prepend_before_action :set_peek_request_id, if: :peek_enabled?
Now we don't have a `set_peek_request_id` method, so we don't need that
line. However, the `peek_enabled?` part had a side-effect: it would also
populate the request store cache for whether the performance bar was
enabled for the current request or not.
This commit makes that side-effect explicit, and replaces all uses of
`peek_enabled?` with the more explicit
`Gitlab::PerformanceBar.enabled_for_request?`. There is one spec that
still sets `SafeRequestStore[:peek_enabled]` directly, because it is
contrasting behaviour with and without a request store enabled.
The upshot is:
1. We still set the value in one place. We make it more explicit that
that's what we're doing.
2. Reading that value uses a consistent method so it's easier to find in
future.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Peek's `Peek.request_id` method doesn't work well with a multi-threaded
server and concurrent requests, because requests can 'steal' another
request's ID, or unset it before it was due.
The upstream change resolves this; the commit here is just to ensure
that GitLab works with that upstream change, mostly by not using
`Peek.request_id` any more (as the method doesn't exist).
|
| | | | | | |
|
| | |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Pass in a nil project to Gitlab::SlashCommands::ApplicationHelp.new
if the chatops command is help.
- Modify the Gitlab::SlashCommands::Presenters::Help message to skip
printing out project information.
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fix 500 error in CI lint when included templates are an array
Closes #66605
See merge request gitlab-org/gitlab-ce!32232
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Previously the following syntax would fail in the linter with an
error 500:
```
include:
template:
- License-Management.gitlab-ci.yml
- Dependency-Scanning.gitlab-ci.yml
- SAST.gitlab-ci.yml
```
Now the error will call out specifically that the value
is not a string.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66605
|
| |\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Move generic k8s services out of GCP namespace
See merge request gitlab-org/gitlab-ce!32310
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
These services aren't specific to GCP, and will be used for AWS
as part of https://gitlab.com/gitlab-org/gitlab-ce/issues/46686
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Improve chatops help output
See merge request gitlab-org/gitlab-ce!32208
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This improves the output produced when running an unknown command,
running the "help" command, and when trying to run a command you are not
allowed to run. The new help output includes links to the project of the
chatops integration, and a link to the chatops documentation.
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
All avatars now visible in commit trailers.
|
| | |_|_|_|_|/
|/| | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This fixes a bug in which sidekiq histograms contain invalid labels.
See https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/7729
for more details.
|
| | | | | | | |
|
| |\ \ \ \ \ \ |
|
| | |\ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Use image proxy to mitigate stealing ip addresses
Closes #2812
See merge request gitlab/gitlabhq!2926
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
User images and videos will get proxied through
the Camo server in order to keep malicious
sites from collecting the IP address of users.
|
| | |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
into 'master'
Filter out old system notes for epics in notes api endpoint response
See merge request gitlab/gitlabhq!3224
|
| | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Add direct upload support for personal snippets
See merge request gitlab/gitlabhq!3226
|
| | | | | | | | | | | |
|
| | |\ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Fix DNS rebind vulnerability for JIRA integration
See merge request gitlab/gitlabhq!3266
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Uses Gitlab::HTTP for JIRA requests instead of Net::Http.
Gitlab::Http comes with some built in SSRF protections.
|
| | |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Limit the size of issuable description and comments
See merge request gitlab/gitlabhq!3267
|
| | | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Limiting the size of issuable description and comments to 1_000_000,
which is close to ~1MB of ASCII characters, which represents 99.9% of
all descriptions and comments we have in DB at the moment. This should
help prevent DoS attacks when comments contain refference strings.
Also this change updates regexp matching the namespaces paths by
limiting the namespaces paths to Namespace::NUMBER_OF_ANCESTORS_ALLOWED,
as we allow 20 levels deep groups.
see https://gitlab.com/gitlab-org/gitlab-ce/issues/61974#note_191274234
|
| | |\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Require a captcha after unique failed logins from the same IP
See merge request gitlab/gitlabhq!3270
|
| | | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Add method to store session ids by ip
Add new specs for storing session ids
Add cleaning up records after login
Add retrieving anonymous sessions
Add login recaptcha setting
Add new setting to sessions controller
Add conditions for showing captcha
Add sessions controller specs
Add admin settings specs for login protection
Add new settings to api
Add stub to devise spec
Add new translation key
Add cr remarks
Rename class call
Add cr remarks
Change if-clause for consistency
Add cr remarks
Add code review remarks
Refactor AnonymousSession class
Add changelog entry
Move AnonymousSession class to lib
Move store unauthenticated sessions to sessions controller
Move link to recaptcha info
Regenerate text file
Improve copy on the spam page
Change action filter for storing anonymous sessions
Fix rubocop offences
Add code review remarks
|
| | |\ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Project visibility restriction bypass
See merge request gitlab/gitlabhq!3306
|
| | | | |_|/ / / / / / / / /
| | |/| | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | |
| | | | | | | | | | | | | |
Add Gitlab::VisibilityLevelChecker that verifies
selected project visibility level (or overridden param)
is not restricted when creating or importing a project
|
| | |\ \ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
Introduce JobActivity limit for alive jobs
Closes gitlab-ee#376
See merge request gitlab/gitlabhq!3339
|
