Commit message (Expand) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge dev master into GitLab.com master | Yorick Peterse | 2019-03-04 | 57 | -301/+1096 |
|\ | |||||
| * | Merge branch 'security-2773-milestones-fix' into 'master' | Yorick Peterse | 2019-03-04 | 13 | -68/+158 |
| |\ | |||||
| | * | Check issue milestone availability | Jarka Košanová | 2019-02-14 | 13 | -68/+158 |
| * | | Merge branch 'security-commit-private-related-mr' into 'master' | Yorick Peterse | 2019-03-04 | 2 | -3/+38 |
| |\ \ | |||||
| | * | | Modify MergeRequestsFinder to allow filtering by commit | Patrick Bajao | 2019-01-28 | 1 | -1/+25 |
| | * | | Respond with 403 when non-member requests for private MRs | Patrick Bajao | 2019-01-28 | 1 | -2/+13 |
| * | | | Forbid creating discussions for users with restricted access | Igor Drozdov | 2019-03-04 | 3 | -49/+129 |
| * | | | Merge branch 'security-protect-private-repo-information' into 'master' | Yorick Peterse | 2019-03-04 | 1 | -2/+57 |
| |\ \ \ | |||||
| | * | | | Prevent leaking of private repo data through API | Luke Duncalfe | 2019-02-18 | 1 | -2/+57 |
| * | | | | Merge branch 'security-tags-oracle' into 'master' | Yorick Peterse | 2019-03-04 | 1 | -0/+16 |
| |\ \ \ \ | |||||
| | * | | | | Prevent Releases links API to leak tag existance | Alessio Caiazza | 2019-02-08 | 1 | -0/+16 |
| * | | | | | Merge branch 'security-2798-fix-boards-policy' into 'master' | Yorick Peterse | 2019-03-04 | 1 | -8/+12 |
| |\ \ \ \ \ | |||||
| | * | | | | | Disable board policies when issues are disabled | Heinrich Lee Yu | 2019-02-11 | 1 | -8/+12 |
| * | | | | | | Merge branch 'security-2797-milestone-mrs' into 'master' | Yorick Peterse | 2019-03-04 | 1 | -1/+46 |
| |\ \ \ \ \ \ | |||||
| | * | | | | | | Show only MRs visible to user on milestone detail | Jarka Košanová | 2019-02-14 | 1 | -1/+46 |
| | | |_|_|_|/ | | |/| | | | | |||||
| * | | | | | | Merge branch 'security-shared-project-private-group' into 'master' | Yorick Peterse | 2019-03-04 | 2 | -10/+62 |
| |\ \ \ \ \ \ | |||||
| | * | | | | | | Secure vulerability and add specs | Małgorzata Ksionek | 2019-02-28 | 3 | -10/+64 |
| * | | | | | | | Merge branch '2802-security-add-public-internal-groups-as-members-to-your-pro... | Yorick Peterse | 2019-03-04 | 6 | -0/+62 |
| |\ \ \ \ \ \ \ | |||||
| | * | | | | | | | Change policy regarding group visibility | Małgorzata Ksionek | 2019-02-20 | 6 | -0/+62 |
| * | | | | | | | | Merge branch 'security-kubernetes-local-ssrf' into 'master' | Yorick Peterse | 2019-03-04 | 2 | -0/+46 |
| |\ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | Do not allow local urls in Kubernetes form | Thong Kuah | 2019-02-21 | 2 | -0/+46 |
| | | |_|/ / / / / | | |/| | | | | | | |||||
| * | | | | | | | | Merge branch 'security-kubernetes-google-login-csrf' into 'master' | Yorick Peterse | 2019-03-04 | 1 | -19/+41 |
| |\ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | Validate session key when authorizing with GCP to create a cluster | Tiger | 2019-02-19 | 1 | -19/+41 |
| * | | | | | | | | | Merge branch 'security-56348' into 'master' | Yorick Peterse | 2019-03-04 | 3 | -2/+47 |
| |\ \ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | | Check snippet attached file to be moved is within designated directory | Mark Chao | 2019-02-21 | 3 | -0/+46 |
| | * | | | | | | | | | Align spec with actual usage | Mark Chao | 2019-02-13 | 1 | -2/+1 |
| | |/ / / / / / / / | |||||
| * | | | | | | | | | Check validity of prometheus_service before query | Reuben Pereira | 2019-03-04 | 1 | -18/+43 |
| * | | | | | | | | | Merge branch 'security-2799-emails' into 'master' | Yorick Peterse | 2019-03-04 | 1 | -13/+43 |
| |\ \ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | | Remove link after issue move when no permissions | Jarka Košanová | 2019-02-20 | 1 | -13/+43 |
| | | |/ / / / / / / | | |/| | | | | | | | |||||
| * | | | | | | | | | Merge branch 'security-osw-stop-linking-to-packages' into 'master' | Yorick Peterse | 2019-03-04 | 8 | -19/+72 |
| |\ \ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | | Stop linking to unrecognized package sources | Oswaldo Ferreira | 2019-02-21 | 8 | -19/+72 |
| | |/ / / / / / / / | |||||
| * | | | | | | | | | Merge branch 'security-50334' into 'master' | Yorick Peterse | 2019-03-04 | 2 | -64/+74 |
| |\ \ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | | Fix git clone revealing private repo's presence | Mark Chao | 2019-02-19 | 2 | -64/+74 |
| * | | | | | | | | | | Arbitrary file read via MergeRequestDiff | Francisco Javier López | 2019-03-04 | 5 | -3/+75 |
| * | | | | | | | | | | Merge branch 'security-issue_54789_2' into 'master' | Yorick Peterse | 2019-03-04 | 1 | -0/+31 |
| |\ \ \ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | | | Prevent disclosing project milestone titles | Felipe Artur | 2019-02-25 | 1 | -0/+31 |
| * | | | | | | | | | | | Merge branch 'security-2818_filter_impersonated_sessions' into 'master' | Yorick Peterse | 2019-03-04 | 2 | -27/+26 |
| |\ \ \ \ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | | | | Remove ability to revoke active session | Imre Farkas | 2019-02-27 | 1 | -27/+0 |
| | * | | | | | | | | | | | Filter active sessions belonging to an admin impersonating the user | Imre Farkas | 2019-02-27 | 2 | -1/+27 |
| | |/ / / / / / / / / / | |||||
| * | | | | | | | | | | | Merge branch 'ce-security-jej/group-saml-link-origin-verification' into 'master' | Yorick Peterse | 2019-03-04 | 2 | -6/+9 |
| |\ \ \ \ \ \ \ \ \ \ \ | | |_|_|_|_|_|/ / / / / | |/| | | | | | | | | | | |||||
| | * | | | | | | | | | | Backport EE GroupSAML origin verification changes | James Edwards-Jones | 2019-01-23 | 2 | -6/+9 |
* | | | | | | | | | | | | Merge branch '40396-sidekiq-in-process-group' into 'master' | Stan Hu | 2019-03-04 | 2 | -1/+81 |
|\ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | sidekiq: terminate child processes at shutdown | Nick Thomas | 2019-03-04 | 2 | -1/+81 |
* | | | | | | | | | | | | | Fixed mutation for root | Natalia Tepluhina | 2019-03-04 | 3 | -9/+88 |
* | | | | | | | | | | | | | Fix username escaping when clicking 'assign to me' | Ezekiel Kigbo | 2019-03-04 | 1 | -0/+18 |
* | | | | | | | | | | | | | CE backport of batch-comments-ee-store-module | Phil Hughes | 2019-03-04 | 4 | -4/+8 |
* | | | | | | | | | | | | | Merge branch 'winh-import_projects_table_spec' into 'master' | Fatih Acet | 2019-03-04 | 3 | -5/+13 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | Use factory method for import_projects store | Winnie Hellmann | 2019-03-01 | 3 | -5/+13 |
* | | | | | | | | | | | | | | Merge branch 'sh-rugged-find-commit' into 'master' | Sean McGivern | 2019-03-04 | 3 | -2/+33 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | | Bring back Rugged implementation of find_commit | Stan Hu | 2019-03-01 | 3 | -2/+33 |