Commit ec45122c authored by Yorick Peterse's avatar Yorick Peterse

Merge dev.gitlab.org master into GitLab.com master

parents 4e24db32 b6a43731
...@@ -2,6 +2,20 @@ ...@@ -2,6 +2,20 @@
documentation](doc/development/changelog.md) for instructions on adding your own documentation](doc/development/changelog.md) for instructions on adding your own
entry. entry.
## 11.7.5 (2019-02-06)
### Fixed (8 changes)
- Fix import handling errors in Bitbucket Server importer. !24499
- Adjusts suggestions unable to be applied. !24603
- Fix 500 errors with legacy appearance logos. !24615
- Fix form functionality for edit tag page. !24645
- Update Workhorse to v8.0.2. !24870
- Downcase aliased OAuth2 callback providers. !24877
- Fix Detect Host Keys not working. !24884
- Changed external wiki query method to prevent attribute caching. !24907
## 11.7.2 (2019-01-29) ## 11.7.2 (2019-01-29)
### Fixed (1 change) ### Fixed (1 change)
......
---
title: Fix form functionality for edit tag page
merge_request: 24645
author:
type: fixed
---
title: Changed external wiki query method to prevent attribute caching
merge_request: 24907
author:
type: fixed
---
title: Adjusts suggestions unable to be applied
merge_request: 24603
author:
type: fixed
---
title: Fix Detect Host Keys not working
merge_request: 24884
author:
type: fixed
---
title: Fix 500 errors with legacy appearance logos
merge_request: 24615
author:
type: fixed
---
title: Downcase aliased OAuth2 callback providers
merge_request: 24877
author:
type: fixed
---
title: Fix import handling errors in Bitbucket Server importer
merge_request: 24499
author:
type: fixed
...@@ -1116,7 +1116,9 @@ module API ...@@ -1116,7 +1116,9 @@ module API
class Release < TagRelease class Release < TagRelease
expose :name expose :name
expose :description_html expose :description_html do |entity|
MarkupHelper.markdown_field(entity, :description)
end
expose :created_at expose :created_at
expose :author, using: Entities::UserBasic, if: -> (release, _) { release.author.present? } expose :author, using: Entities::UserBasic, if: -> (release, _) { release.author.present? }
expose :commit, using: Entities::Commit expose :commit, using: Entities::Commit
......
...@@ -127,6 +127,31 @@ describe API::Releases do ...@@ -127,6 +127,31 @@ describe API::Releases do
.to match_array(release.sources.map(&:url)) .to match_array(release.sources.map(&:url))
end end
context "when release description contains confidential issue's link" do
let(:confidential_issue) do
create(:issue,
:confidential,
project: project,
title: 'A vulnerability')
end
let!(:release) do
create(:release,
project: project,
tag: 'v0.1',
sha: commit.id,
author: maintainer,
description: "This is confidential #{confidential_issue.to_reference}")
end
it "does not expose confidential issue's title" do
get api("/projects/#{project.id}/releases/v0.1", maintainer)
expect(json_response['description_html']).to include(confidential_issue.to_reference)
expect(json_response['description_html']).not_to include('A vulnerability')
end
end
context 'when release has link asset' do context 'when release has link asset' do
let!(:link) do let!(:link) do
create(:release_link, create(:release_link,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment