- 29 11月, 2018 10 次提交
-
-
由 Cindy Pallares 提交于
[master] Resolve "Personal access token with only `read_user` scope can be used to authenticate any web request" See merge request gitlab/gitlabhq!2583
-
由 Cindy Pallares 提交于
[master]Fixed ability to comment on and edit/delete comments on locked or confidential issues See merge request gitlab/gitlabhq!2612
-
由 Cindy Pallares 提交于
[master] XSS in markdown following unrecognized HTML element Closes #2732 See merge request gitlab/gitlabhq!2599
-
由 Cindy Pallares 提交于
[master] Fix XSS in mermaid diagrams See merge request gitlab/gitlabhq!2597
-
由 Cindy Pallares 提交于
[master] Don't expose confidential information in commit message list See merge request gitlab/gitlabhq!2626
-
由 Cindy Pallares 提交于
[master] Resolve: Promoting a milestone is missing an authorization check See merge request gitlab/gitlabhq!2598
-
由 Cindy Pallares 提交于
[master] Do not follow redirects in prometheus service See merge request gitlab/gitlabhq!2617
-
由 Cindy Pallares 提交于
[master] Stored XSS for Environments Closes #2727 See merge request gitlab/gitlabhq!2594
-
由 Cindy Pallares 提交于
[master] Fixed read private group names See merge request gitlab/gitlabhq!2589
-
由 George Tsiolis 提交于
-
- 28 11月, 2018 15 次提交
-
-
由 Shinya Maeda 提交于
-
由 Paul Slaughter 提交于
Resolve "Bug - Web Based IDE - The "Merge" Requests Selection displays Merge Requests from other projects"
-
由 Shinya Maeda 提交于
-
由 Filipa Lacerda 提交于
-
由 Tiago Botelho 提交于
Caches repository.path into Repository#readme_path
-
由 Toon Claes 提交于
Or otherwise do not try to write repo config.
-
由 Toon Claes 提交于
-
由 Toon Claes 提交于
-
由 Toon Claes 提交于
-
由 Toon Claes 提交于
And run in intervals.
-
由 Toon Claes 提交于
-
由 Toon Claes 提交于
In https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/16027 it was added to write `gitlab.fullpath` in the git config of all repositories. But this only writes them on move or migrate to hashed storage. This adds a migration that writes the fullpath to all the repositories. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/41776
-
由 Nick Thomas 提交于
If the EncryptColumns background migration runs in a sidekiq with a stale view of the database schema, or when the purported destination columns don't actually exist, data loss can result. Attempt to work around these issues by reloading schema information before running the migration, and raising errors if the model reports that any of its source or destination columns are missing.
-
由 Sam Bigelow 提交于
-
由 Kamil Trzciński 提交于
-
- 27 11月, 2018 15 次提交
-
-
由 Phil Hughes 提交于
This suggests possibly related issues when the user types a title. This uses GraphQL to allow the frontend to request the exact data that is requires. We also get free caching through the Vue Apollo plugin. With this we can include the ability to import .graphql files in JS and Vue files. Also we now have the Vue test utils library to make testing Vue components easier. Closes #22071
-
由 Dylan Griffith 提交于
-
由 Tiago Botelho 提交于
Clears the import related columns and code from the Project model over to the ProjectImportState model
-
由 Zeger-Jan van de Weg 提交于
To separate the different kinds of repositories we have at GitLab this table will be renamed to pool_repositories. A project can, for now at least, be member of none, or one of these. The table will get additional columns in a later merge request where more logic is implemented for the model. Further included is a small refactor of logic around hashing ids for the disk_path, mainly to ensure a previous implementation is reusable. The disk_path for the pool_repositories table no longer has a NOT NULL constraint, but given the hashing of the ID requires the DB to assign the record an ID, an after_create hook is used to update the value. A related MR is: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/23143, adding tables for 'normal' repositories and wiki_repositories.
-
由 Dylan Griffith 提交于
We want to keep failed install pods around so that it is easier to debug why a failure occured. With this change we also need to ensure that we remove a previous pod with the same name before installing so that re-install does not fail. Another change here is that we no longer need to catch errors from delete_pod! in CheckInstallationProgressService as we now catch the ResourceNotFoundError in Helm::Api. The catch statement in CheckInstallationProgressService was also probably too broad before and should have been narrowed down simply to ResourceNotFoundError.
-
由 Phil Hughes 提交于
Improve the renderign of new and existing discussions by reducing the number of watchers on each object & array. Previously every discussion change would trigger an update for every discussion component. Also tidied up some components to get them closer to our docs. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/51506
-
由 Toon Claes 提交于
It might happen you want to make the reference column have a unique value, or you want to create partial indexes. So instead of only accepting a `true` value, also accept a hash of options.
-
由 Sam Bigelow 提交于
-
由 Winnie Hellmann 提交于
-
由 Gabriel Mazetto 提交于
This approach caused many different problems as we tightened the query execution timeout.
-
由 Stan Hu 提交于
Addressable::URI interprets the `#` in a URI as a URI fragment and does not escape it, but Rails has special helpers that treats these as bona-fide characters that need to be escaped. Closes https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/23368
-
由 Stan Hu 提交于
`Rugged::Reference.valid_name?` used in `Gitlab::GitRefValidator.validate` fails on strings containing null bytes because it uses `StringValueCStr()`. Per https://silverhammermba.github.io/emberb/c/: Ruby’s String kinda corresponds to C’s char*. The simplest macro is StringValueCStr() which returns a null-terminated char* for a String. The problem here is that a Ruby String might contain nulls - in which case StringValueCStr() will raise an ArgumentError! Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54466
-
由 Chris Baumbauer 提交于
-
-
由 Robert Speicher 提交于
A feature spec to test this simple behavior takes about 2 minutes to run in CI. Everything it's testing is conditionals and `href` attributes, which can easily be done in a view spec that runs in about 8 seconds.
-