| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\
| |
| |
| |
| |
| |
| | |
Correctly escape UTF-8 path elements for uploads
Closes #42159
See merge request gitlab-org/gitlab-ce!16560
|
| | |
|
|\ \
| |/
|/|
| |
| |
| |
| | |
Reduce UPDATEs for background column type changes
Closes #42158
See merge request gitlab-org/gitlab-ce!16551
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Prior to this commit we would essentially update all rows in a table,
even those where the source column (e.g. `issues.closed_at`) was NULL.
This in turn could lead to statement timeouts when using the default
batch size of 10 000 rows per job.
To work around this we don't schedule jobs for rows where the source
value is NULL. We also don't update rows where the source column is NULL
(as an extra precaution) or the target column already has a non-NULL
value. Using this approach it should be possible to update 10 000 rows
in the "issues" table in about 7.5 - 8 seconds.
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/42158
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Retrieve commit signatures with Gitaly
Closes gitaly#923
See merge request gitlab-org/gitlab-ce!16467
|
| |/ |
|
|/ |
|
|\
| |
| |
| |
| | |
Backport 10.3.4 security fixes into master
See merge request gitlab-org/gitlab-ce!16509
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[10.3] Fix RCE via project import mechanism
See merge request gitlab/gitlabhq!2294
(cherry picked from commit dcfec507d6f9ee119d65a832393e7c593af1d3b2)
86d75812 Fix RCE via project import mechanism
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
'41293-fix-command-injection-vulnerability-on-system_hook_push-queue-through-web-hook' into 'security-10-3'
Don't allow line breaks on HTTP headers
See merge request gitlab/gitlabhq!2277
(cherry picked from commit 7fc0a6fc096768a5604d6dd24d7d952e53300c82)
073b8f9c Don't allow line breaks on HTTP headers
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
'security-10-3'
[10.3] Migrate `can_push` column from `keys` to `deploy_keys_project`
See merge request gitlab/gitlabhq!2276
(cherry picked from commit f6ca52d31bac350a23938e0aebf717c767b4710c)
1f2bd3c0 Backport to 10.3
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[10.3] Fix path traversal in gitlab-ci.yml cache:key
See merge request gitlab/gitlabhq!2270
(cherry picked from commit c32d0c6807dfd41d7838a35742e6d0986871b389)
df29094a Fix path traversal in gitlab-ci.yml cache:key
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[10.3] Fix XSS vulnerability in Pipeline job trace
See merge request gitlab/gitlabhq!2258
(cherry picked from commit 44caa80ed9a2514a74a5eeab10ff51849d64851b)
5f86f3ff Fix XSS vulnerability in Pipeline job trace
|
| | |
|
|\ \
| |/
|/|
| |
| |
| |
| | |
Fix running manual action tooltip
Closes #41418
See merge request gitlab-org/gitlab-ce!16489
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Prevent RevList failing on non utf8 paths
Closes #41627
See merge request gitlab-org/gitlab-ce!16440
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Resolve "Wiki uploaded files are missing"
Closes #42031
See merge request gitlab-org/gitlab-ce!16499
|
| | | | |
|
|\ \ \ \
| |/ / /
|/| | |
| | | |
| | | | |
List backups avilable for restore
See merge request gitlab-org/gitlab-ce!16465
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Resolve "Cannot search with keyword "merge""
Closes #41666
See merge request gitlab-org/gitlab-ce!16462
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
A file containing /:\d+:/ in its contents would break the search results if
those contents were part of the results, because we were splitting on colons,
which can't work with untrusted input.
Changing to use the null byte as a separator is much safer.
|
| |_|_|/
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If the schema changes after 20171114162227 for any of these models, and specs
after this one use factories, then those factories will use the models with
outdated column information cached.
We shouldn't really use factories in migration specs, but this is a special case
because there is a lot of git-related setup code in the model that would be
painful to copy to the migration. Instead, we just manually reset the column
information for the models we could pollute.
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
CE: Override module to specify that we're overriding
See merge request gitlab-org/gitlab-ce!16131
|
| |\ \ \ \
| | | |_|/
| | |/| |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* upstream/master: (621 commits)
Add a note about GitLab QA page objects validator to docs
Refactor dispatcher projects blame and blob path
Update export message to mention we can download the file from the UI
Fix Ctrl+Enter keyboard shortcut saving comment/note edit
fix case where tooltip messes up :last-child selector
Add reason to keep postgresql 9.2 for CI
Remove warning noise in ProjectImportOptions
Add changelog entry
Add RedirectRoute factory
Update Ingress extra cost note to be more generic
Fix Rubocop offense
Refactor dispatcher project branches path
Revert "Revert "Fix Route validation for unchanged path""
Document that we need rsync for backing up
Docs: move article "Laravel and Envoy w/ CI/CD"
Recommend against the use of EFS
Adds Rubocop rule for line break around conditionals
Update CHANGELOG.md for 10.1.6
Filter out build traces from logged parameters
Refactored project:n* imports in dispatcher.js
...
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Migrate importing repository to Gitaly
Closes gitaly#907
See merge request gitlab-org/gitlab-ce!16431
|
| | |_|/ /
| |/| | |
| | | | |
| | | | | |
Closes gitaly#907
|
|/ / / / |
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Log and send a system hook if a blocked user attempts to login
Closes #41633
See merge request gitlab-org/gitlab-ce!16451
|
| | |/ /
| |/| |
| | | |
| | | | |
Closes #41633
|
|\ \ \ \
| |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | | |
Migrate Repository#can_be_merged? to Gitaly
Closes gitaly#893
See merge request gitlab-org/gitlab-ce!16316
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Resolve "Attachments in e-mail notifications are using the wrong URL"
Closes #41882
See merge request gitlab-org/gitlab-ce!16364
|
| | | | | |
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Remove soft removals related code
Closes #37447
See merge request gitlab-org/gitlab-ce!15789
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This removes all usage of soft removals except for the "pending delete"
system implemented for projects. This in turn simplifies all the query
plans of the models that used soft removals. Since we don't really use
soft removals for anything useful there's no point in keeping it around.
This _does_ mean that hard removals of issues (which only admins can do
if I'm not mistaken) can influence the "iid" values, but that code is
broken to begin with. More on this (and how to fix it) can be found in
https://gitlab.com/gitlab-org/gitlab-ce/issues/31114.
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/37447
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Migrate merged_branch_names to Gitaly
Closes gitaly#851
See merge request gitlab-org/gitlab-ce!16157
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Closes gitaly#851
|
|\ \ \ \ \ \ \
| |_|_|/ / / /
|/| | | | | |
| | | | | | |
| | | | | | | |
Add option to disable git archive caching in workhorse
See merge request gitlab-org/gitlab-ce!16325
|
| | | | | | | |
|