- 22 Apr, 2016 7 commits
-
-
Rémy Coutable authored
Always read diff_view setting from the cookie Prior, when the user had their view set to "parallel" and then visited a merge request's changes tab _without_ passing the `view` parameter via query string, the view would be parallel but the `Notes` class was always instantiated with the default value from `diff_view` ("inline"), resulting in broken markup when the form to add a line note was dynamically inserted. The cookie is set whenever the view is changed, so this value should always be up-to-date. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/14557 and https://gitlab.com/gitlab-org/gitlab-ce/issues/15285 See merge request !3732
-
Grzegorz Bizon authored
Fix vulnerability that leaks private labels and milestones ## Summary This fixes vulnerability that leaks information about private labels and milestones because of insecure direct object reference in issueable create service. This affects merge requests and issues. See https://gitlab.com/gitlab-org/gitlab-ce/issues/15439 ## Fix This MR introduces additional check that rejects labels and milestone that does not belong to the same project issue/merg request does. ## Further work `IssuableBaseService` may benefit from encapsulating filters in separate class/module, which then may improve coherency in this class. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15439 See merge request !1954
-
Grzegorz Bizon authored
-
Grzegorz Bizon authored
-
Grzegorz Bizon authored
-
Grzegorz Bizon authored
-
Grzegorz Bizon authored
This also verify if milestone belongs to correct project before creating a new issue. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15439
-
- 21 Apr, 2016 33 commits
-
-
Robert Speicher authored
Fixes text color on labels in sidebar Previously the labels in the sidebar would just have `#FFF` text color which could cause problems with a light background color. With this, the text color comes from the JSON. See merge request !3846
-
Yorick Peterse authored
Remove the `.distinct` when finding issues See merge request !3858
-
Yorick Peterse authored
Disable 'repository check' feature in 8.7.0 See merge request !3856
-
Yorick Peterse authored
Removed JS update templates See merge request !3814
-
Jacob Schatz authored
Remove float from blame link icon Closes #15413 <img src="/uploads/af6aea9102e1b42e5e92783ce818863c/Screen_Shot_2016-04-21_at_1.57.56_PM.png" width="200px"> See merge request !3861
-
Robert Speicher authored
-
Robert Speicher authored
Fixes window.opener bug Adds `noreferrer` value to rel attribute for external links REF: https://gitlab.com/gitlab-org/gitlab-ce/issues/15331 See merge request !1953
-
Annabel Dunstone authored
-
Achilleas Pipinellis authored
Refactor the update documentation See merge request !3822
-
Alfredo Sumaran authored
-
Stan Hu authored
Add db:migrate:reset task to CI Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> cc @DouweM @stanhu See merge request !3788
-
Rémy Coutable authored
Instrument Gitlab::GitAccess/GitAccessWiki See merge request !3859
-
Dmitriy Zaporozhets authored
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-
Phil Hughes authored
-
Phil Hughes authored
-
-
Rémy Coutable authored
-
Jacob Schatz authored
Fixes "create label" functionality on label dropdown **Issue sidebar** ![label_dropdown](/uploads/2a056136fc88626530fc275ded0c2aa3/label_dropdown.gif) **Issues page** ![label_dropdown_issues](/uploads/965fd20f5b206499e9b11a64556c5240/label_dropdown_issues.gif) See merge request !3670
-
Robert Speicher authored
Fix undefined local variable error in Invalid MR template Closes #15408 See merge request !3857
-
Yorick Peterse authored
-
Rémy Coutable authored
This is not needed anymore after !3815. Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Jacob Schatz authored
Diff highlight fixes This fixes a couple of issues with linking/highlight diff lines: - Fixed issue with lines not being selectable when expanding diff - Fixed issue with incorrect line being highlighted if line is in discussion view See merge request !3725
-
Robert Speicher authored
Closes #15408
-
Phil Hughes authored
-
Jacob Schatz authored
Fixes XSS injection REF: https://gitlab.com/gitlab-org/gitlab-ce/issues/15434 **Without the fix** ![xss1](/uploads/0a7b0b15fb87066965a7c73f1dbaa815/xss1.gif) **With the fix** ![xss2](/uploads/473cfa0aa80656f24c58aebf1fd97fff/xss2.gif) See merge request !1952
-
Jacob Schatz authored
File name change appears on one line Closes #15445 <img src="/uploads/51714555be63af16b810cf528de49192/Screen_Shot_2016-04-21_at_9.22.43_AM.png" width="500px"> See merge request !3854
-
Jacob Schatz authored
Fixed issue with author link color on dark diffs Correctly added a color to the author link ![Screen_Shot_2016-04-21_at_08.55.05](/uploads/ffa9e12e868c7b71fa4dd9244114274a/Screen_Shot_2016-04-21_at_08.55.05.png) Fixes #15444 See merge request !3847
-
Stan Hu authored
Use SIGTERM during Sidekiq memory shutdown This makes the memory killer behave more like 'sidekiqctl stop'. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/15359 Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/14462 See merge request !3853
-
Jacob Vosmaer authored
It still causes too many false alarms.
-
Annabel Dunstone authored
-
Douwe Maan authored
Filter labels by including ALL filter titles Fixed query to use `AND` and not `OR`. Refactored relevant specs See merge request !3815
-
Jacob Vosmaer authored
This makes the memory killer behave more like 'sidekiqctl stop'.
-
Jacob Schatz authored
Revert "Merge branch 'sentry-js' into 'master'" This reverts commit 0f309794, reversing changes made to 1e596fef. See merge request !3851
-