- 29 11月, 2018 13 次提交
-
-
由 Cindy Pallares 提交于
[master] Resolve "Personal access token with only `read_user` scope can be used to authenticate any web request" See merge request gitlab/gitlabhq!2583
-
由 Cindy Pallares 提交于
[master]Fixed ability to comment on and edit/delete comments on locked or confidential issues See merge request gitlab/gitlabhq!2612
-
由 Chantal Rollison 提交于
-
由 Cindy Pallares 提交于
[master] [pages] Possible symlink time of check to time of use race condition Closes #2742 See merge request gitlab/gitlabhq!2638
-
由 Cindy Pallares 提交于
[master] XSS in markdown following unrecognized HTML element Closes #2732 See merge request gitlab/gitlabhq!2599
-
由 Cindy Pallares 提交于
[master] Fix XSS in mermaid diagrams See merge request gitlab/gitlabhq!2597
-
由 Winnie Hellmann 提交于
-
由 Cindy Pallares 提交于
[master] Don't expose confidential information in commit message list See merge request gitlab/gitlabhq!2626
-
由 Cindy Pallares 提交于
[master] Resolve: Promoting a milestone is missing an authorization check See merge request gitlab/gitlabhq!2598
-
由 Cindy Pallares 提交于
[master] Do not follow redirects in prometheus service See merge request gitlab/gitlabhq!2617
-
由 Cindy Pallares 提交于
[master] Stored XSS for Environments Closes #2727 See merge request gitlab/gitlabhq!2594
-
由 Cindy Pallares 提交于
[master] Fixed read private group names See merge request gitlab/gitlabhq!2589
-
由 Cindy Pallares 提交于
[Master] Redact sensitive information on gitlab-workhorse log See merge request gitlab/gitlabhq!2584
-
- 27 11月, 2018 11 次提交
-
-
由 GitLab Release Tools Bot 提交于
[ci skip]
-
由 GitLab Release Tools Bot 提交于
[ci skip]
-
由 GitLab Release Tools Bot 提交于
[ci skip]
-
由 Stan Hu 提交于
Fix deadlock on ChunkedIO See merge request gitlab-org/gitlab-ce!23329
-
由 Robert Speicher 提交于
Rails 5 deprecation: Passing an argument to force an association to reload is now deprecated See merge request gitlab-org/gitlab-ce!23337
-
由 Stan Hu 提交于
Allow profiler to authenticate by stubbing users directly Closes #54327 See merge request gitlab-org/gitlab-ce!23320
-
由 Robert Speicher 提交于
Backport of gitlab-ee!8470 See merge request gitlab-org/gitlab-ce!23150
-
Add events index on project_id and created_at Closes #53992 See merge request gitlab-org/gitlab-ce!23354
-
由 Robert Speicher 提交于
Upgrade better_errors gem to 2.5.0 See merge request gitlab-org/gitlab-ce!23312
-
由 Tim Zallmann 提交于
Fix Image Lazy Loader for some older browsers Closes #54407 See merge request gitlab-org/gitlab-ce!23349
-
由 Rémy Coutable 提交于
Override CI_COMMIT_REF_SLUG for QA branches See merge request gitlab-org/gitlab-ce!23346
-
- 26 11月, 2018 16 次提交
-
-
由 Lin Jen-Shin 提交于
-
由 Jasper Maes 提交于
-
由 Filipa Lacerda 提交于
CE port of "Move merge request approval settings" See merge request gitlab-org/gitlab-ce!23157
-
由 Rémy Coutable 提交于
The `gitlab:assets:compile` job isn't run for the QA branches, thus there's no Docker image correspinding these branches in the registry. By overriding `CI_COMMIT_REF_SLUG` to `master` for QA branches, the `fetch-assets` job in the `omnibus-gitlab` pipeline will pull the `master` assets Docker image. Signed-off-by: NRémy Coutable <remy@rymai.me>
-
由 Fatih Acet 提交于
Update externalized strings from `/app/views/project/runners` See merge request gitlab-org/gitlab-ce!23347
-
由 Dmitriy Zaporozhets 提交于
i18n: externalize strings from 'app/views/shared/members' See merge request gitlab-org/gitlab-ce!23125
-
由 Lukas Eipert 提交于
Some older browsers do not ship with isIntersecting, while they already have IntersectionObserver support. We make use of `intersectionRatio` now to fix the Lazy Loader for those browsers.
-
由 Stan Hu 提交于
Batch load only data from same repository when lazy object is accessed See merge request gitlab-org/gitlab-ce!23309
-
由 Tao Wang 提交于
Signed-off-by: NTao Wang <twang2218@gmail.com> Signed-off-by: NRémy Coutable <remy@rymai.me>
-
由 Kamil Trzciński 提交于
-
由 Grzegorz Bizon 提交于
Cache project HEAD to prevent unnecessary Gitaly calls See merge request gitlab-org/gitlab-ce!23307
-
由 Grzegorz Bizon 提交于
Allow to store null variables Closes #54379 See merge request gitlab-org/gitlab-ce!23299
-
由 Grzegorz Bizon 提交于
CE Backport: Extract Gitlab::Prometheus::QueryVariables See merge request gitlab-org/gitlab-ce!23335
-
由 Fatih Acet 提交于
Refactor issue boards switcher to single file Vue component (CE-port) See merge request gitlab-org/gitlab-ce!23274
-
由 Grzegorz Bizon 提交于
CE port for qa-193-ldap-group-sync EE branch See merge request gitlab-org/gitlab-ce!22834
-
由 Sean McGivern 提交于
Previously, we used a personal access token. This had a couple of problems: 1. If the user didn't have a PAT, we couldn't impersonate them. 2. It depended on reading the raw PAT from the database. Instead, we can monkey-patch the authentication methods on ApplicationController (overriding the Devise ones), and remove them once we're done. This does mean that profiles will not profile auth correctly, so for that, use a PAT directly.
-