- 02 9月, 2019 1 次提交
-
-
由 Grzegorz Bizon 提交于
Fix permissions check in `RelativeLinkFilter` See merge request gitlab-org/gitlab-ce!32448
-
- 30 8月, 2019 2 次提交
-
-
由 Stan Hu 提交于
Add helpers to exactly undo cleanup_concurrent_column_rename See merge request gitlab-org/gitlab-ce!32183 (cherry picked from commit fc08d48c) 9b592a59 Add helper to exactly undo cleanup_concurrent_column_rename 61777843 Add spec for undo_rename_column_concurrently d28ad870 Add spec for when default is false
-
由 Mayra Cabrera 提交于
Fix N+1 Gitaly calls in /api/v4/projects/:id/issues See merge request gitlab-org/gitlab-ce!32171 (cherry picked from commit bbd39021) 44063501 Fix N+1 Gitaly calls in /api/v4/projects/:id/issues
-
- 27 8月, 2019 1 次提交
-
-
由 Oswaldo Ferreira 提交于
When post-processing relative links to absolute links RelativeLinkFilter didn't take into consideration that internal repository data could be exposed for users that do not have repository access to the project. This commit solves that by checking whether the user can `download_code` at this repository, avoiding any processing of this filter if the user can't. Additionally, if we're processing for a group ( no project was given), we check if the user can read it in order to expand the href as an extra. That doesn't seem necessarily a breach now, but an extra check doesn't hurt as after all the user needs to be able to `read_group`.
-
- 26 8月, 2019 1 次提交
-
-
由 George Koltsov 提交于
Add Gitlab::VisibilityLevelChecker that verifies selected project visibility level (or overridden param) is not restricted when creating or importing a project
-
- 23 8月, 2019 3 次提交
-
-
由 Sean McGivern 提交于
Fix Gitaly N+1 calls with listing issues/MRs via API Closes #66202 See merge request gitlab-org/gitlab-ce!31938 (cherry picked from commit 57ec78d5) ba7c501f Fix Gitaly N+1 calls with listing issues/MRs via API
-
由 Jan Provaznik 提交于
When we un-escape HTML text to find references in it, we should then re-escape the whole text again, not only found matches. Because we replace matches with milestone/label links (which contain HTML tags we don't want to escape again), we re-escape HTML text with placeholders instead of these links and then replace placeholders in the escaped text.
-
由 Jan Provaznik 提交于
-
- 22 8月, 2019 1 次提交
-
-
由 Alexandru Croitor 提交于
Limiting the size of issuable description and comments to 1_000_000, which is close to ~1MB of ASCII characters, which represents 99.9% of all descriptions and comments we have in DB at the moment. This should help prevent DoS attacks when comments contain refference strings. Also this change updates regexp matching the namespaces paths by limiting the namespaces paths to Namespace::NUMBER_OF_ANCESTORS_ALLOWED, as we allow 20 levels deep groups. see https://gitlab.com/gitlab-org/gitlab-ce/issues/61974#note_191274234
-
- 21 8月, 2019 2 次提交
-
-
由 Małgorzata Ksionek 提交于
Add method to store session ids by ip Add new specs for storing session ids Add cleaning up records after login Add retrieving anonymous sessions Add login recaptcha setting Add new setting to sessions controller Add conditions for showing captcha Add sessions controller specs Add admin settings specs for login protection Add new settings to api Add stub to devise spec Add new translation key Add cr remarks Rename class call Add cr remarks Change if-clause for consistency Add cr remarks Add code review remarks Refactor AnonymousSession class Add changelog entry Move AnonymousSession class to lib Move store unauthenticated sessions to sessions controller Move link to recaptcha info Regenerate text file Improve copy on the spam page Change action filter for storing anonymous sessions Fix rubocop offences Add code review remarks
-
由 Fabio Pitino 提交于
This is a port from EE changes where we introduce a new limit for Plan model. https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/1182
-
- 20 8月, 2019 1 次提交
-
-
由 Brett Walker 提交于
User images and videos will get proxied through the Camo server in order to keep malicious sites from collecting the IP address of users.
-
- 19 8月, 2019 3 次提交
-
-
由 Patrick Derichs 提交于
-
由 Felipe Artur 提交于
Uses Gitlab::HTTP for JIRA requests instead of Net::Http. Gitlab::Http comes with some built in SSRF protections.
-
由 Nick Thomas 提交于
Fix pipelines not always being created after a push Closes #66196 See merge request gitlab-org/gitlab-ce!31927 (cherry picked from commit c7d12e60) b46b9d5e Fix pipelines not always being created after a push
-
- 17 8月, 2019 3 次提交
-
-
由 Stan Hu 提交于
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/31741 introduced a regression where not all the right parameters would be passed into `Ci::CreatePipelineService`. We fix this by breaking out the pipeline parameters and reusing a method from `Gitlab::DataBuilder::Push`. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66196
-
由 Stan Hu 提交于
Previously `ProjectCacheWorker` would be scheduled once per ref, which would generate unnecessary I/O and load on Sidekiq, especially if many tags or branches were pushed at once. `ProjectCacheWorker` would expire three items: 1. Repository size: This only needs to be updated once per push. 2. Commit count: This only needs to be updated if the default branch is updated. 3. Project method caches: This only needs to be updated if the default branch changes, but only if certain files change (e.g. README, CHANGELOG, etc.). Because the third item requires looking at the actual changes in the commit deltas, we schedule one `ProjectCacheWorker` to handle the first two cases, and schedule a separate `ProjectCacheWorker` for the third case if it is needed. As a result, this brings down the number of `ProjectCacheWorker` jobs from N to 2. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/52046
-
由 rossfuhrman 提交于
This removes the group_overview_security_dashboard feature flag
-
- 16 8月, 2019 5 次提交
-
-
由 Jarka Košanová 提交于
- move uploads created by AttachmentUploader - handle also files created for legacy_diff_notes
-
由 Sarah Yasonik 提交于
https://gitlab.com/gitlab-org/gitlab-ce/issues/62971 Adds support for embedding specific charts from the metrics dashboard. Expected parameters are dashboard, title, group, and y_label.
-
由 Hordur Freyr Yngvason 提交于
As per https://gitlab.com/gitlab-org/gitlab-ce/issues/46043, project templates should be squashed before updating, so that repositories created from these templates don't include the full history of the backing repository.
-
由 Mayra Cabrera 提交于
This will avoid Danger to suggest a database review for files inside db/fixtures
-
由 Brett Walker 提交于
- Adds UI to configure in group and project settings - Removes notification configuration for users when disabled at group or project level
-
- 15 8月, 2019 8 次提交
-
-
由 Stan Hu 提交于
Previously, the API to retrieve discussions from merge requests often generated hundreds of Gitaly calls to determine whether a system note should be shown to the user. It did this by: 1. Rendering the Markdown 2. Extracting cross-references from the Markdown 3. For cross-references that were commits, a Gitaly FindCommit RPC would be issued to validate that the commit exists. The last step is unnecessary because we don't need to display a commit if the user doesn't have access to the project in the first place. `RendersNotes#prepare_notes_for_rendering` is already used in `MergeRequestsController`, which is why we don't see N+1 Gitaly calls there. We use it here to optimize the note redaction process. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/65957
-
由 Alex Kalderimis 提交于
-
由 Luke Duncalfe 提交于
This was added in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/31789
-
由 Luke Duncalfe 提交于
CE-specific changes for: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/15129Co-Authored-By: NAlex Kalderimis <akalderimis@gitlab.com> Co-Authored-By: NLuke Duncalfe <lduncalfe@eml.cc>
-
由 Hordur Freyr Yngvason 提交于
-
由 João Cunha 提交于
- refactor Knative and Prometheus
-
由 Jeremy Jackson 提交于
This introduces several changes, but these are all just ported from the EE project.
-
由 Adam Hegyi 提交于
This change adds a new counter 'cycle_analytics_views' to the usage data metrics to count the page views for cycle analytics show page.
-
- 14 8月, 2019 5 次提交
-
-
由 Aleksei Lipniagov 提交于
We don't use phase restarts, as we use `preload_app`: https://github.com/puma/puma/blob/master/README.md#clustered-mode `:puma_phase` values will always be zero.
-
由 Kamil Trzciński 提交于
This makes to limit `needs:` to 5 by default. Allow to increase the limit to 50 with disable of FF.
-
由 Igor 提交于
Source Code Usage Ping for Create SMAU
-
由 Kamil Trzciński 提交于
This makes us to expand variables only when needed, instead of requesting all variables each time. This specifically helps in situation when explicit name of `environment: production` is used.
-
由 Stan Hu 提交于
Previously each tag in a push would invoke the Gitaly `FindAllTags` RPC since the tag cache would be invalidated with every tag. We can eliminate those extraneous calls by expiring the tag cache once in `PostReceive` and taking advantage of the cached tags. Relates to https://gitlab.com/gitlab-org/gitlab-ce/issues/65795
-
- 13 8月, 2019 4 次提交
-
-
由 Kamil Trzciński 提交于
This changes the `needs:` logic to require that all jobs to be present. Instead of skipping do fail the pipeline creation if `needs:` dependency is not found.
-
由 Kamil Trzciński 提交于
Since we are unsure what would be the behavior of `stage:` when we work on DAG. Let's make `stage:` to be required today with `needs:`.
-
由 GitalyBot 提交于
-
由 Stan Hu 提交于
This commit reduces I/O load and memory utilization during PostReceive for the common case when no project hooks or services are set up. We saw a Gitaly N+1 issue in `CommitDelta` when many tags or branches are pushed. We can reduce this overhead in the common case because we observe that most new projects do not have any Web hooks or services, especially when they are first created. Previously, `BaseHooksService` unconditionally iterated through the last 20 commits of each ref to build the `push_data` structure. The `push_data` structured was used in numerous places: 1. Building the push payload in `EventCreateService` 2. Creating a CI pipeline 3. Executing project Web or system hooks 4. Executing project services 5. As the return value of `BaseHooksService#execute` 6. `BranchHooksService#invalidated_file_types` We only need to generate the full `push_data` for items 3, 4, and 6. Item 1: `EventCreateService` only needs the last commit and doesn't actually need the commit deltas. Item 2: In addition, `Ci::CreatePipelineService` only needed a subset of the parameters. Item 5: The return value of `BaseHooksService#execute` also wasn't being used anywhere. Item 6: This is only used when pushing to the default branch, so if many tags are pushed we can save significant I/O here. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/65878 Fic
-