- 29 1月, 2019 1 次提交
-
-
由 GitLab Release Tools Bot 提交于
[ci skip]
-
- 28 1月, 2019 1 次提交
-
-
Fix a JS race in a spec Closes #56860 See merge request gitlab-org/gitlab-ce!24684 (cherry picked from commit b5e10cd3)
-
- 26 1月, 2019 1 次提交
-
-
由 Yorick Peterse 提交于
[11.7] Sanitize user full name to clean up any URL to prevent mail clients from auto-linking URLs See merge request gitlab/gitlabhq!2828 (cherry picked from commit a38c1f3567a2c89eeb82dc79ca9f0bf620acbb5a) 1c1b45da Add `sanitize_name` helper to sanitize URLs in user full name aa974e9a Use `sanitize_name` to sanitize URL in user full name 0a09919e Add changelog entry
-
- 25 1月, 2019 4 次提交
-
-
由 Yorick Peterse 提交于
[11.7] Resolve "Removing a user from a private group doesn't remove them from group's project, if their project's role was changed" See merge request gitlab/gitlabhq!2867 (cherry picked from commit 26937476710811845c7818e987cd016c43c66d1e) 0eef2f34 Add subresources removal to member destroy service
-
由 Yorick Peterse 提交于
[11.7] Disable git v2 protocol temporarily See merge request gitlab/gitlabhq!2859 (cherry picked from commit f20f2b452fe91849645249044a9b3d3e381697a2) 49ebf1a3 Allow Gitaly to be built from a custom URL 0cab1a90 Disable git v2 protocol temporarily
-
由 Yorick Peterse 提交于
[11.7] Resolve "[Security] Stored XSS via KaTeX" See merge request gitlab/gitlabhq!2820 (cherry picked from commit 53d5ce14f5b08a9733b8041b768ace2d1ec04d47) 63d8d0de 11.7 backport of fix for XSS in KaTex Links 699d42e4 Merge branch 'security-11-7' of https://dev.gitlab.org/gitlab/gitlabhq into...
-
由 Yorick Peterse 提交于
[11.7] Alias GitHub and BitBucket OAuth2 callback URLs See merge request gitlab/gitlabhq!2845 (cherry picked from commit 7d3c6d8ba58e0e9875fdd2dfbe7690ddc50fad81) 9ec0072d Alias GitHub and BitBucket OAuth2 callback URLs
-
- 24 1月, 2019 19 次提交
-
-
由 Yorick Peterse 提交于
[11.7] Security fix user email tag push leak See merge request gitlab/gitlabhq!2809 (cherry picked from commit f59786036d65a881370073d55f8ab531405d3093) cbfa6282 Prefer build() rather than create() d34ea609 Fix private user email being visible in tag webhooks
-
由 Yorick Peterse 提交于
[11.7] Fix error disclosure on Project Import See merge request gitlab/gitlabhq!2763 (cherry picked from commit 290faddb699a81b4d6fea415d712081a021f050b) c76d91ea Fix path disclosure on Project Import
-
由 Yorick Peterse 提交于
[11.7] Contributed projects info is still visible even user enable private profile See merge request gitlab/gitlabhq!2764 (cherry picked from commit 8bc7243251f23a9e4e12b49eb47f5c3e81ebe5eb) 912627a5 Fix contributed projects finder shown private info
-
由 Yorick Peterse 提交于
[11.7] Fix Imported Project Retains Prior Visibility Setting See merge request gitlab/gitlabhq!2854 (cherry picked from commit b1463fb9d098d8064111a0dc896d52f9217c217b) 4ff58136 Fix tree restorer visibility level
-
由 Yorick Peterse 提交于
[11.7] Sent notification only to authorized users See merge request gitlab/gitlabhq!2856 (cherry picked from commit 578b8f124aa3edc2e3d2b937b5f9e842aec6eaef) e9f82b57 Sent notification only to authorized users
-
由 Yorick Peterse 提交于
[11.7] GitLab vulnerable to IDN homograph attacks and RTLO attacks See merge request gitlab/gitlabhq!2821
-
由 Yorick Peterse 提交于
[11.7] Do not expose trigger token when user should not see it See merge request gitlab/gitlabhq!2855 (cherry picked from commit 17ce10bc58a06e202d2194dc64ec132a1f6305bc) 74b4bb38 Do not expose trigger token when user should not see it
-
由 Yorick Peterse 提交于
[11.7] Fix DoS in reference extraction regexes See merge request gitlab/gitlabhq!2777 (cherry picked from commit f6d9535085c5d155545865e3443dd96b5d6ecc5a) cfa6bf24 Fix slow project reference pattern regex
-
由 Yorick Peterse 提交于
[11.7] Don't process MR refs for guests in the notes See merge request gitlab/gitlabhq!2780 (cherry picked from commit f97d526d0837476eccbf6178bfebf1ed01c652eb) e9793936 Don't process MR refs for guests in the notes
-
由 Yorick Peterse 提交于
[11.7] Fix access to internal wiki when external wiki is enabled See merge request gitlab/gitlabhq!2800 (cherry picked from commit 0779e55ae65f18aa1f60fa042f5ba38f51a58c9e) 2801e1db Fixed bug when external wiki is enabled
-
由 Yorick Peterse 提交于
[11.7] Pipelines section is available to unauthorized users See merge request gitlab/gitlabhq!2804 (cherry picked from commit 2bf899ed3a5306bb934507dc0584fd3d26f490bc) 627c00da Backport security fix 4c369519 Add CHANGELOG entry
-
由 Yorick Peterse 提交于
[11.7] Use common error for not logged in users when creating issues See merge request gitlab/gitlabhq!2811 (cherry picked from commit f51985622240a3ea84b122a01c0fdb20c4320443) 8179795d Use common error for unauthenticated users
-
由 Yorick Peterse 提交于
[11.7] Group Guests are no longer able to see merge requests See merge request gitlab/gitlabhq!2814 (cherry picked from commit 190167d542fab9bfe8d41b6f87f5be4fbeb699f7) fe6504ed Group Guests are no longer able to see merge requests
-
由 Yorick Peterse 提交于
[11.7] LFS object forgery in project import See merge request gitlab/gitlabhq!2817 (cherry picked from commit d618b5b493d9c8d5e50a4e98f0f3f9bd590db9dc) 5aeac80a Added validations to prevent LFS object forgery
-
由 Yorick Peterse 提交于
[11.7] Fix discussion replies permissions check See merge request gitlab/gitlabhq!2824 (cherry picked from commit 9b4e7708495abe1fc3d8dc7f8ab41cc86206fff4) d845ca7d Prevent comments by email when issue is locked
-
由 Yorick Peterse 提交于
[11.7] Stop showing ci for guest users See merge request gitlab/gitlabhq!2832 (cherry picked from commit a40c184fb36be7c61fc3ad643fa89b0097106304) 566b58d1 Stop showing ci for guest users
-
由 Yorick Peterse 提交于
[11.7] Security extract pages with rubyzip See merge request gitlab/gitlabhq!2833 (cherry picked from commit 043aa20e5c2e6bd51fea2184ed91d3aea950dc1a) 1aaec24c Extract GitLab Pages using RubyZip
-
由 Yorick Peterse 提交于
[11.7] Revoke award_emoji permissions for confidential issues See merge request gitlab/gitlabhq!2849 (cherry picked from commit 0ead6f886e437d3a99c22e0adf85f768d8293cad) 0be8c4c9 Prevent award_emoji to notes not visible to user
-
由 Yorick Peterse 提交于
[11.7] Verify that LFS upload requests are genuine See merge request gitlab/gitlabhq!2862 (cherry picked from commit 54f089a47ef1706edc809ac90cbd6ef889de4e5e) 006f5e6b Verify that LFS upload requests are genuine
-
- 22 1月, 2019 3 次提交
-
-
由 GitLab Release Tools Bot 提交于
-
由 GitLab Release Tools Bot 提交于
[ci skip]
-
由 Brett Walker 提交于
Such as those with IDN homographs or embedded right-to-left (RTLO) characters. Autolinked hrefs should be escaped
-
- 19 1月, 2019 3 次提交
-
-
由 GitLab Release Tools Bot 提交于
-
由 Robert Speicher 提交于
-
由 Robert Speicher 提交于
Prepare 11.7.0-rc7 release See merge request gitlab-org/gitlab-ce!24442
-
- 18 1月, 2019 4 次提交
-
-
由 Kamil Trzciński 提交于
Fix runner eternal loop when update job result Closes #56518 See merge request gitlab-org/gitlab-ce!24481 (cherry picked from commit 20de391b) 91c1dc57 Fix runner eternal loop when update job result
-
由 Sean McGivern 提交于
Remove import_issues_csv feature flag See merge request gitlab-org/gitlab-ce!24324 (cherry picked from commit f598daf2) 993cff04 Remove import_issues_csv feature flag
-
由 Sanad Liaquat 提交于
Add script to revoke personal access tokens See merge request gitlab-org/gitlab-ce!24318 (cherry picked from commit 66c1141c) 88189d31 Add script to revoke personal access tokens ffb17a3b Use qa element with wait 7643a872 Created some more qa elements
-
由 Mark Lapierre 提交于
[QA] Retrieve the current user name and email Closes gitlab-org/quality/staging#25 See merge request gitlab-org/gitlab-ce!24298 (cherry picked from commit 9b9b9b91) f48f9460 [QA] Retrieve the current user name and email
-
- 17 1月, 2019 4 次提交
-
-
由 Douwe Maan 提交于
Only send one notification for failed remote mirror Closes #56222 See merge request gitlab-org/gitlab-ce!24381 (cherry picked from commit 9cd5c5f5) 6fbbd4ab Only send one notification for failed remote mirror
-
由 Robert Speicher 提交于
Pick "Sentry MVC" in 11.7 See merge request gitlab-org/gitlab-ce!24342
-
由 Robert Speicher 提交于
Upgrade to gitaly 1.12.1 See merge request gitlab-org/gitlab-ce!24361
-
由 Evan Read 提交于
Refactor the API OAuth docs See merge request gitlab-org/gitlab-ce!24295 [ci skip]
-