Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add latest changes from gitlab-org/gitlab@13-7-stable-eev13.7.0-rc42 | GitLab Bot | 2020-12-17 | 1 | -0/+30 |
| | |||||
* | Add latest changes from gitlab-org/security/gitlab@13-6-stable-ee | GitLab Bot | 2020-12-04 | 1 | -0/+36 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@13-6-stable-eev13.6.0-rc42 | GitLab Bot | 2020-11-19 | 1 | -0/+40 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@13-5-stable-eev13.5.0-rc42 | GitLab Bot | 2020-10-21 | 1 | -0/+37 |
| | |||||
* | Add latest changes from gitlab-org/security/gitlab@13-4-stable-ee | GitLab Bot | 2020-09-30 | 1 | -0/+36 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@13-3-stable-ee | GitLab Bot | 2020-08-20 | 1 | -0/+1 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@13-2-stable-ee | GitLab Bot | 2020-07-20 | 18 | -17/+86 |
| | |||||
* | Add latest changes from gitlab-org/security/gitlab@13-1-stable-ee | GitLab Bot | 2020-06-29 | 1 | -0/+24 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@13-1-stable-ee | GitLab Bot | 2020-06-18 | 1 | -0/+50 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@13-0-stable-ee | GitLab Bot | 2020-05-20 | 2 | -0/+71 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | 2020-03-04 | 1 | -0/+16 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | 2019-12-24 | 1 | -7/+8 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | 2019-12-19 | 1 | -2/+2 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | 2019-12-17 | 2 | -0/+2 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | 2019-10-14 | 7 | -9/+23 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | 2019-10-08 | 1 | -1/+1 |
| | |||||
* | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | 2019-10-02 | 1 | -1/+1 |
| | |||||
* | Allow to load ECDSA certificates for pages domains | Vladimir Shushlin | 2019-09-07 | 1 | -0/+54 |
| | | | | Just replace RSA.new with PKey.read | ||||
* | Avoid checking dns rebind protection in validation | Francisco Javier López | 2019-09-05 | 1 | -0/+37 |
| | |||||
* | Refactor SystemHookUrlValidator and specs | George Koltsov | 2019-08-02 | 2 | -74/+2 |
| | | | | | | Simplify SystemHookUrlValidator to inherit from PublicUrlValidator Refactor specs to move out shared examples to be used in both system hooks and public url validators. | ||||
* | Update security/webhooks.md doc page & specs | George Koltsov | 2019-08-02 | 1 | -10/+15 |
| | | | | | | Updating security/webhooks.md to match new behaviour as well as drying up few specs to extract shared examples | ||||
* | Update translations in gitlab.pot | George Koltsov | 2019-08-02 | 1 | -0/+2 |
| | |||||
* | Add SystemHookUrlValidator spec | George Koltsov | 2019-08-02 | 1 | -0/+51 |
| | |||||
* | Allow blank but not nil in validations | Reuben Pereira | 2019-07-31 | 1 | -19/+11 |
| | | | | | | - The most common use case for qualified_domain_validator currently is to allow blank ([]) but not allow nil. Modify the qualified_domain_validator to support this use case. | ||||
* | Add validator for qualidied domain array | Reuben Pereira | 2019-07-23 | 1 | -0/+111 |
| | | | | | - Validate that the entries contain no unicode, html tags and are not larger than 255 characters. | ||||
* | Fix color validation regex | Heinrich Lee Yu | 2019-06-25 | 1 | -0/+43 |
| | | | | Also prevents ReDoS vulnerability | ||||
* | Align UrlValidator to validate_url gem implementation. | Thong Kuah | 2019-04-11 | 2 | -25/+114 |
| | | | | | | | Renamed UrlValidator to AddressableUrlValidator to avoid 'url:' naming collision with ActiveModel::Validations::UrlValidator in 'validates' statement. Make use of the options attribute of the parent class ActiveModel::EachValidator. Add more options: allow_nil, allow_blank, message. Renamed 'protocols' option to 'schemes' to match the option naming from UrlValidator. | ||||
* | Move Contribution Analytics related spec in ↵ | Imre Farkas | 2019-04-09 | 1 | -0/+87 |
| | | | | spec/features/groups/group_page_with_external_authorization_service_spec to EE | ||||
* | Revert "Merge branch 'if-57131-external_auth_to_ce' into 'master'" | Andreas Brandl | 2019-04-05 | 1 | -87/+0 |
| | | | This reverts merge request !26823 | ||||
* | Move Contribution Analytics related spec in ↵ | Imre Farkas | 2019-04-05 | 1 | -0/+87 |
| | | | | spec/features/groups/group_page_with_external_authorization_service_spec to EE | ||||
* | Fix Bitbucket import | Francisco Javier López | 2019-03-14 | 1 | -2/+7 |
| | | | | | | | | | | | | In https://gitlab.com/gitlab-org/gitlab-ce/commit/ebf16ada856efb85424a98848c141f21e609886a we introduced a SHA validator, to ensure that the data provided in merge request diffs, was legit. Nevertheless, the validator assumed that the SHA should be 40 chars long. When we import a project from BitBucket, the retrieved SHA is shorter (12 chars long). Therefore, this validator prevented to create a valid MergeRequestDiff for ever MergeRequest (triggering an exception). | ||||
* | Merge branch 'fix/email_validator' into 'master' | Stan Hu | 2019-03-09 | 1 | -0/+94 |
|\ | | | | | | | | | | | | | Align EmailValidator to validate_email gem implementation. Closes #57352 See merge request gitlab-org/gitlab-ce!24971 | ||||
| * | Align EmailValidator to validate_email gem implementation. | Horatiu Eugen Vlad | 2019-03-05 | 1 | -0/+94 |
| | | | | | | | | | | | | Renamed EmailValidator to DeviseEmailValidator to avoid 'email:' naming collision with ActiveModel::Validations::EmailValidator in 'validates' statement. Make use of the options attribute of the parent class ActiveModel::EachValidator. Add more options: regex. | ||||
* | | Add frozen_string_literal to new files | Stan Hu | 2019-03-04 | 1 | -0/+2 |
| | | |||||
* | | Arbitrary file read via MergeRequestDiff | Francisco Javier López | 2019-03-04 | 1 | -0/+40 |
|/ | |||||
* | remove newly supported regex feature from validation error test | Roger Rüttimann | 2019-01-14 | 1 | -2/+0 |
| | |||||
* | Add table and model for error tracking settings | Reuben Pereira | 2019-01-07 | 1 | -0/+51 |
| | |||||
* | Allow URLs to be validated as ascii_only | James Edwards-Jones | 2018-12-06 | 1 | -0/+29 |
| | | | | | Restricts unicode characters and IDNA deviations which could be used in a phishing attack | ||||
* | Merge branch 'security-fj-crlf-injection' into 'master' | Cindy Pallares | 2018-11-28 | 1 | -0/+26 |
| | | | | | [master] Fix CRLF issue in UrlValidator See merge request gitlab/gitlabhq!2627 | ||||
* | Allow UrlValidator to work with attr_encrypted | Nick Thomas | 2018-09-17 | 1 | -0/+15 |
| | |||||
* | Merge branch 'filter-web-hooks-by-branch' into 'master' | Dmitriy Zaporozhets | 2018-09-05 | 1 | -0/+42 |
|\ | | | | | | | | | Filter web hooks by branch See merge request gitlab-org/gitlab-ce!19513 | ||||
| * | Filter project hooks by branch | Duana Saskia | 2018-08-13 | 1 | -0/+42 |
| | | | | | | | | | | | | Allow specificying a branch filter for a project hook and only trigger a project hook if either the branch filter is blank or the branch matches. Only supported for push_events for now. | ||||
* | | Allow whitelisting for "external collaborator by default" setting | Roger Rüttimann | 2018-08-30 | 1 | -0/+27 |
|/ | |||||
* | Avoid checking the user format in every url validation | Francisco Javier López | 2018-06-11 | 1 | -5/+48 |
| | |||||
* | Add validation to webhook and service URLs to ensure they are not blocked ↵ | Francisco Javier López | 2018-06-01 | 3 | -65/+70 |
| | | | | because of SSRF | ||||
* | Projects and groups badges API | Francisco Javier López | 2018-03-05 | 2 | -0/+85 |
| | |||||
* | Add more information in variable_duplicates validator error message | Matija Čupić | 2018-02-13 | 1 | -2/+2 |
| | |||||
* | Add specs for VariableDuplicates validator | Matija Čupić | 2018-02-13 | 1 | -0/+67 |
| | |||||
* | Validate User username only on Namespace, and bubble up appropriately | Douwe Maan | 2018-02-06 | 1 | -38/+0 |
| | |||||
* | Reallow project paths ending in periodsdm-reallow-project-path-ending-in-period | Douwe Maan | 2017-11-06 | 4 | -97/+114 |
| |