Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
08086ff5
Commit
08086ff5
authored
Jun 07, 2021
by
GitLab Bot
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add latest changes from gitlab-org/gitlab@13-12-stable-ee
parent
8f3fbbf0
Changes
24
Show whitespace changes
Inline
Side-by-side
Showing
24 changed files
with
129 additions
and
86 deletions
+129
-86
.gitlab/ci/rails.gitlab-ci.yml
.gitlab/ci/rails.gitlab-ci.yml
+1
-1
app/services/spam/akismet_service.rb
app/services/spam/akismet_service.rb
+6
-2
app/views/devise/sessions/_new_base.html.haml
app/views/devise/sessions/_new_base.html.haml
+1
-1
app/views/devise/shared/_signup_box.html.haml
app/views/devise/shared/_signup_box.html.haml
+2
-2
app/views/groups/_new_group_fields.html.haml
app/views/groups/_new_group_fields.html.haml
+1
-1
app/views/notify/ssh_key_expired_email.html.haml
app/views/notify/ssh_key_expired_email.html.haml
+1
-1
app/views/notify/ssh_key_expired_email.text.erb
app/views/notify/ssh_key_expired_email.text.erb
+1
-1
app/views/notify/ssh_key_expiring_soon.text.erb
app/views/notify/ssh_key_expiring_soon.text.erb
+1
-1
app/views/notify/ssh_key_expiring_soon_email.html.haml
app/views/notify/ssh_key_expiring_soon_email.html.haml
+1
-1
app/views/shared/_recaptcha_form.html.haml
app/views/shared/_recaptcha_form.html.haml
+1
-1
config/feature_flags/development/remove_description_html_in_release_api.yml
...gs/development/remove_description_html_in_release_api.yml
+0
-8
config/feature_flags/development/remove_description_html_in_release_api_override.yml
...pment/remove_description_html_in_release_api_override.yml
+0
-8
doc/api/releases/index.md
doc/api/releases/index.md
+4
-1
doc/user/project/merge_requests/test_coverage_visualization.md
...ser/project/merge_requests/test_coverage_visualization.md
+5
-9
lib/api/entities/release.rb
lib/api/entities/release.rb
+1
-6
lib/api/releases.rb
lib/api/releases.rb
+7
-2
lib/gitlab/content_security_policy/config_loader.rb
lib/gitlab/content_security_policy/config_loader.rb
+8
-4
locale/gitlab.pot
locale/gitlab.pot
+2
-2
spec/lib/api/entities/release_spec.rb
spec/lib/api/entities/release_spec.rb
+4
-18
spec/lib/gitlab/content_security_policy/config_loader_spec.rb
.../lib/gitlab/content_security_policy/config_loader_spec.rb
+14
-4
spec/mailers/emails/profile_spec.rb
spec/mailers/emails/profile_spec.rb
+1
-1
spec/requests/api/releases_spec.rb
spec/requests/api/releases_spec.rb
+29
-0
spec/services/spam/akismet_service_spec.rb
spec/services/spam/akismet_service_spec.rb
+38
-8
spec/spec_helper.rb
spec/spec_helper.rb
+0
-3
No files found.
.gitlab/ci/rails.gitlab-ci.yml
View file @
08086ff5
...
@@ -344,7 +344,7 @@ db:migrate-from-previous-major-version:
...
@@ -344,7 +344,7 @@ db:migrate-from-previous-major-version:
-
sed -i -e "s/gem 'grpc', '~> 1.24.0'/gem 'grpc', '~> 1.30.2'/" Gemfile
# Update gRPC for Ruby 2.7
-
sed -i -e "s/gem 'grpc', '~> 1.24.0'/gem 'grpc', '~> 1.30.2'/" Gemfile
# Update gRPC for Ruby 2.7
-
sed -i -e "s/gem 'google-protobuf', '~> 3.8.0'/gem 'google-protobuf', '~> 3.12'/" Gemfile
-
sed -i -e "s/gem 'google-protobuf', '~> 3.8.0'/gem 'google-protobuf', '~> 3.12'/" Gemfile
-
sed -i -e "s/gem 'nokogiri', '~> 1.10.5'/gem 'nokogiri', '~> 1.11.0'/" Gemfile
-
sed -i -e "s/gem 'nokogiri', '~> 1.10.5'/gem 'nokogiri', '~> 1.11.0'/" Gemfile
-
sed -i -e "s/gem 'mimemagic', '~> 0.3.2'/gem 'ruby-magic', '~> 0.
3.2
'/" Gemfile
-
sed -i -e "s/gem 'mimemagic', '~> 0.3.2'/gem 'ruby-magic', '~> 0.
4.0
'/" Gemfile
-
run_timed_command "gem install bundler:1.17.3"
-
run_timed_command "gem install bundler:1.17.3"
-
run_timed_command "bundle update google-protobuf nokogiri grpc mimemagic bootsnap"
-
run_timed_command "bundle update google-protobuf nokogiri grpc mimemagic bootsnap"
-
run_timed_command "bundle install ${BUNDLE_INSTALL_FLAGS}"
-
run_timed_command "bundle install ${BUNDLE_INSTALL_FLAGS}"
...
...
app/services/spam/akismet_service.rb
View file @
08086ff5
...
@@ -20,14 +20,18 @@ module Spam
...
@@ -20,14 +20,18 @@ module Spam
created_at:
DateTime
.
current
,
created_at:
DateTime
.
current
,
author:
owner_name
,
author:
owner_name
,
author_email:
owner_email
,
author_email:
owner_email
,
referer:
options
[
:referer
]
refer
r
er:
options
[
:referer
]
}
}
begin
begin
is_spam
,
is_blatant
=
akismet_client
.
check
(
options
[
:ip_address
],
options
[
:user_agent
],
params
)
is_spam
,
is_blatant
=
akismet_client
.
check
(
options
[
:ip_address
],
options
[
:user_agent
],
params
)
is_spam
||
is_blatant
is_spam
||
is_blatant
rescue
ArgumentError
=>
e
Gitlab
::
ErrorTracking
.
track_and_raise_for_dev_exception
(
e
)
false
rescue
StandardError
=>
e
rescue
StandardError
=>
e
Gitlab
::
AppLogger
.
error
(
"Unable to connect to Akismet:
#{
e
}
, skipping check"
)
Gitlab
::
ErrorTracking
.
track_exception
(
e
)
Gitlab
::
AppLogger
.
error
(
"Error during Akismet spam check, flagging as not spam:
#{
e
}
"
)
false
false
end
end
end
end
...
...
app/views/devise/sessions/_new_base.html.haml
View file @
08086ff5
...
@@ -17,7 +17,7 @@
...
@@ -17,7 +17,7 @@
=
link_to
_
(
'Forgot your password?'
),
new_password_path
(
:user
)
=
link_to
_
(
'Forgot your password?'
),
new_password_path
(
:user
)
%div
%div
-
if
captcha_enabled?
||
captcha_on_login_required?
-
if
captcha_enabled?
||
captcha_on_login_required?
=
recaptcha_tags
=
recaptcha_tags
nonce:
content_security_policy_nonce
.submit-container.move-submit-down
.submit-container.move-submit-down
=
f
.
submit
_
(
'Sign in'
),
class:
'gl-button btn btn-confirm'
,
data:
{
qa_selector:
'sign_in_button'
}
=
f
.
submit
_
(
'Sign in'
),
class:
'gl-button btn btn-confirm'
,
data:
{
qa_selector:
'sign_in_button'
}
app/views/devise/shared/_signup_box.html.haml
View file @
08086ff5
...
@@ -11,7 +11,7 @@
...
@@ -11,7 +11,7 @@
.devise-errors
.devise-errors
=
render
'devise/shared/error_messages'
,
resource:
resource
=
render
'devise/shared/error_messages'
,
resource:
resource
-
if
Gitlab
::
CurrentSettings
.
invisible_captcha_enabled
-
if
Gitlab
::
CurrentSettings
.
invisible_captcha_enabled
=
invisible_captcha
=
invisible_captcha
nonce:
true
.name.form-row
.name.form-row
.col.form-group
.col.form-group
=
f
.
label
:first_name
,
_
(
'First name'
),
for:
'new_user_first_name'
,
class:
'label-bold'
=
f
.
label
:first_name
,
_
(
'First name'
),
for:
'new_user_first_name'
,
class:
'label-bold'
...
@@ -34,7 +34,7 @@
...
@@ -34,7 +34,7 @@
%p
.gl-field-hint.text-secondary
=
s_
(
'SignUp|Minimum length is %{minimum_password_length} characters.'
)
%
{
minimum_password_length:
@minimum_password_length
}
%p
.gl-field-hint.text-secondary
=
s_
(
'SignUp|Minimum length is %{minimum_password_length} characters.'
)
%
{
minimum_password_length:
@minimum_password_length
}
%div
%div
-
if
show_recaptcha_sign_up?
-
if
show_recaptcha_sign_up?
=
recaptcha_tags
=
recaptcha_tags
nonce:
content_security_policy_nonce
.submit-container
.submit-container
=
f
.
submit
button_text
,
class:
'btn gl-button btn-confirm'
,
data:
{
qa_selector:
'new_user_register_button'
}
=
f
.
submit
button_text
,
class:
'btn gl-button btn-confirm'
,
data:
{
qa_selector:
'new_user_register_button'
}
=
render
'devise/shared/terms_of_service_notice'
,
button_text:
button_text
=
render
'devise/shared/terms_of_service_notice'
,
button_text:
button_text
...
...
app/views/groups/_new_group_fields.html.haml
View file @
08086ff5
...
@@ -20,7 +20,7 @@
...
@@ -20,7 +20,7 @@
-
if
captcha_required?
-
if
captcha_required?
.row.recaptcha
.row.recaptcha
.col-sm-4
.col-sm-4
=
recaptcha_tags
=
recaptcha_tags
nonce:
content_security_policy_nonce
.row
.row
.form-actions.col-sm-12
.form-actions.col-sm-12
=
f
.
submit
_
(
'Create group'
),
class:
"btn gl-button btn-confirm"
=
f
.
submit
_
(
'Create group'
),
class:
"btn gl-button btn-confirm"
...
...
app/views/notify/ssh_key_expired_email.html.haml
View file @
08086ff5
%p
%p
=
_
(
'Hi %{username}!'
)
%
{
username:
sanitize_name
(
@user
.
name
)
}
=
_
(
'Hi %{username}!'
)
%
{
username:
sanitize_name
(
@user
.
name
)
}
%p
%p
=
_
(
'Your SSH keys with the following fingerprints ha
s expired
:'
)
=
_
(
'Your SSH keys with the following fingerprints ha
ve expired. Expired SSH keys will not be usable in future versions of GitLab
:'
)
%table
%table
%tbody
%tbody
-
@fingerprints
.
each
do
|
fingerprint
|
-
@fingerprints
.
each
do
|
fingerprint
|
...
...
app/views/notify/ssh_key_expired_email.text.erb
View file @
08086ff5
<%=
_
(
'Hi %{username}!'
)
%
{
username:
sanitize_name
(
@user
.
name
)
}
%>
<%=
_
(
'Hi %{username}!'
)
%
{
username:
sanitize_name
(
@user
.
name
)
}
%>
<%=
_
(
'Your SSH keys with the following fingerprints ha
s expired
:'
)
%>
<%=
_
(
'Your SSH keys with the following fingerprints ha
ve expired. Expired SSH keys will not be usable in future versions of GitLab
:'
)
%>
<%
@fingerprints
.
each
do
|
fingerprint
|
%>
<%
@fingerprints
.
each
do
|
fingerprint
|
%>
-
<%=
fingerprint
%>
-
<%=
fingerprint
%>
...
...
app/views/notify/ssh_key_expiring_soon.text.erb
View file @
08086ff5
<%=
_
(
'Hi %{username}!'
)
%
{
username:
sanitize_name
(
@user
.
name
)
}
%>
<%=
_
(
'Hi %{username}!'
)
%
{
username:
sanitize_name
(
@user
.
name
)
}
%>
<%=
_
(
'Your SSH keys with the following fingerprints are scheduled to expire soon:'
)
%>
<%=
_
(
'Your SSH keys with the following fingerprints are scheduled to expire soon
. Expired SSH keys will not be usable in future versions of GitLab
:'
)
%>
<%
@fingerprints
.
each
do
|
fingerprint
|
%>
<%
@fingerprints
.
each
do
|
fingerprint
|
%>
-
<%=
fingerprint
%>
-
<%=
fingerprint
%>
...
...
app/views/notify/ssh_key_expiring_soon_email.html.haml
View file @
08086ff5
%p
%p
=
_
(
'Hi %{username}!'
)
%
{
username:
sanitize_name
(
@user
.
name
)
}
=
_
(
'Hi %{username}!'
)
%
{
username:
sanitize_name
(
@user
.
name
)
}
%p
%p
=
_
(
'Your SSH keys with the following fingerprints are scheduled to expire soon:'
)
=
_
(
'Your SSH keys with the following fingerprints are scheduled to expire soon
. Expired SSH keys will not be usable in future versions of GitLab
:'
)
%table
%table
%tbody
%tbody
-
@fingerprints
.
each
do
|
fingerprint
|
-
@fingerprints
.
each
do
|
fingerprint
|
...
...
app/views/shared/_recaptcha_form.html.haml
View file @
08086ff5
...
@@ -10,7 +10,7 @@
...
@@ -10,7 +10,7 @@
=
hidden_field
(
resource_name
,
field
,
value:
value
)
=
hidden_field
(
resource_name
,
field
,
value:
value
)
=
hidden_field_tag
(
:spam_log_id
,
spammable
.
spam_log
.
id
)
=
hidden_field_tag
(
:spam_log_id
,
spammable
.
spam_log
.
id
)
-# The reCAPTCHA response value will be returned in the 'g-recaptcha-response' field
-# The reCAPTCHA response value will be returned in the 'g-recaptcha-response' field
=
recaptcha_tags
script:
script
,
callback:
'recaptchaDialogCallback'
unless
Rails
.
env
.
test?
=
recaptcha_tags
script:
script
,
callback:
'recaptchaDialogCallback'
,
nonce:
content_security_policy_nonce
unless
Rails
.
env
.
test?
-# Fake the 'g-recaptcha-response' field in the test environment, so that the feature spec
-# Fake the 'g-recaptcha-response' field in the test environment, so that the feature spec
-# can get to the (mocked) SpamVerdictService check.
-# can get to the (mocked) SpamVerdictService check.
=
hidden_field_tag
(
'g-recaptcha-response'
,
'abc123'
)
if
Rails
.
env
.
test?
=
hidden_field_tag
(
'g-recaptcha-response'
,
'abc123'
)
if
Rails
.
env
.
test?
...
...
config/feature_flags/development/remove_description_html_in_release_api.yml
deleted
100644 → 0
View file @
8f3fbbf0
---
name
:
remove_description_html_in_release_api
introduced_by_url
:
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60380
rollout_issue_url
:
https://gitlab.com/gitlab-org/gitlab/-/issues/329188
milestone
:
'
13.12'
type
:
development
group
:
group::release
default_enabled
:
true
config/feature_flags/development/remove_description_html_in_release_api_override.yml
deleted
100644 → 0
View file @
8f3fbbf0
---
name
:
remove_description_html_in_release_api_override
introduced_by_url
:
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60380
rollout_issue_url
:
https://gitlab.com/gitlab-org/gitlab/-/issues/329188
milestone
:
'
13.12'
type
:
development
group
:
group::release
default_enabled
:
false
doc/api/releases/index.md
View file @
08086ff5
...
@@ -10,7 +10,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w
...
@@ -10,7 +10,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w
> - Using this API you can manipulate GitLab [Release](../../user/project/releases/index.md) entries.
> - Using this API you can manipulate GitLab [Release](../../user/project/releases/index.md) entries.
> - For manipulating links as a release asset, see [Release Links API](links.md).
> - For manipulating links as a release asset, see [Release Links API](links.md).
> - Release Evidences were [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26019) in GitLab 12.5.
> - Release Evidences were [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26019) in GitLab 12.5.
> - `description_html` field was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/299447) in GitLab 13.12.
> - `description_html` became an opt-in field [with GitLab 13.12 for performance reasons](https://gitlab.com/gitlab-org/gitlab/-/issues/299447).
Please pass the
`include_html_description`
query string parameter if you need it.
## List Releases
## List Releases
...
@@ -25,6 +26,7 @@ GET /projects/:id/releases
...
@@ -25,6 +26,7 @@ GET /projects/:id/releases
|
`id`
| integer/string | yes | The ID or
[
URL-encoded path of the project
](
../README.md#namespaced-path-encoding
)
. |
|
`id`
| integer/string | yes | The ID or
[
URL-encoded path of the project
](
../README.md#namespaced-path-encoding
)
. |
|
`order_by`
| string | no | The field to use as order. Either
`released_at`
(default) or
`created_at`
. |
|
`order_by`
| string | no | The field to use as order. Either
`released_at`
(default) or
`created_at`
. |
|
`sort`
| string | no | The direction of the order. Either
`desc`
(default) for descending order or
`asc`
for ascending order. |
|
`sort`
| string | no | The direction of the order. Either
`desc`
(default) for descending order or
`asc`
for ascending order. |
|
`include_html_description`
| boolean | no | If
`true`
, a response includes HTML rendered Markdown of the release description. |
Example request:
Example request:
...
@@ -228,6 +230,7 @@ GET /projects/:id/releases/:tag_name
...
@@ -228,6 +230,7 @@ GET /projects/:id/releases/:tag_name
| ------------- | -------------- | -------- | ----------------------------------------------------------------------------------- |
| ------------- | -------------- | -------- | ----------------------------------------------------------------------------------- |
|
`id`
| integer/string | yes | The ID or
[
URL-encoded path of the project
](
../README.md#namespaced-path-encoding
)
. |
|
`id`
| integer/string | yes | The ID or
[
URL-encoded path of the project
](
../README.md#namespaced-path-encoding
)
. |
|
`tag_name`
| string | yes | The Git tag the release is associated with. |
|
`tag_name`
| string | yes | The Git tag the release is associated with. |
|
`include_html_description`
| boolean | no | If
`true`
, a response includes HTML rendered Markdown of the release description. |
Example request:
Example request:
...
...
doc/user/project/merge_requests/test_coverage_visualization.md
View file @
08086ff5
...
@@ -149,7 +149,7 @@ test-jdk11:
...
@@ -149,7 +149,7 @@ test-jdk11:
stage
:
test
stage
:
test
image
:
maven:3.6.3-jdk-11
image
:
maven:3.6.3-jdk-11
script
:
script
:
-
'
mvn
$MAVEN_CLI_OPTS
clean
org.jacoco:jacoco-maven-plugin:prepare-agent
test
jacoco:report'
-
mvn $MAVEN_CLI_OPTS clean org.jacoco:jacoco-maven-plugin:prepare-agent test jacoco:report
artifacts
:
artifacts
:
paths
:
paths
:
-
target/site/jacoco/jacoco.xml
-
target/site/jacoco/jacoco.xml
...
@@ -161,10 +161,8 @@ coverage-jdk11:
...
@@ -161,10 +161,8 @@ coverage-jdk11:
stage
:
visualize
stage
:
visualize
image
:
registry.gitlab.com/haynes/jacoco2cobertura:1.0.7
image
:
registry.gitlab.com/haynes/jacoco2cobertura:1.0.7
script
:
script
:
# convert report from jacoco to cobertura, use relative project path
# convert report from jacoco to cobertura, using relative project path
-
'
python
/opt/cover2cover.py
target/site/jacoco/jacoco.xml
src/main/java
>
target/site/cobertura.xml'
-
python /opt/cover2cover.py target/site/jacoco/jacoco.xml $CI_PROJECT_DIR/src/main/java/ > target/site/cobertura.xml
# read the <source></source> tag and prepend the path to every filename attribute
-
'
python
/opt/source2filename.py
target/site/cobertura.xml'
needs
:
[
"
test-jdk11"
]
needs
:
[
"
test-jdk11"
]
dependencies
:
dependencies
:
-
test-jdk11
-
test-jdk11
...
@@ -201,10 +199,8 @@ coverage-jdk11:
...
@@ -201,10 +199,8 @@ coverage-jdk11:
stage
:
visualize
stage
:
visualize
image
:
registry.gitlab.com/haynes/jacoco2cobertura:1.0.7
image
:
registry.gitlab.com/haynes/jacoco2cobertura:1.0.7
script
:
script
:
# convert report from jacoco to cobertura, use relative project path
# convert report from jacoco to cobertura, using relative project path
-
'
python
/opt/cover2cover.py
build/jacoco/jacoco.xml
src/main/java
>
build/cobertura.xml'
-
python /opt/cover2cover.py build/jacoco/jacoco.xml $CI_PROJECT_DIR/src/main/java/ > build/cobertura.xml
# read the <source></source> tag and prepend the path to every filename attribute
-
'
python
/opt/source2filename.py
build/cobertura.xml'
needs
:
[
"
test-jdk11"
]
needs
:
[
"
test-jdk11"
]
dependencies
:
dependencies
:
-
test-jdk11
-
test-jdk11
...
...
lib/api/entities/release.rb
View file @
08086ff5
...
@@ -8,7 +8,7 @@ module API
...
@@ -8,7 +8,7 @@ module API
expose
:name
expose
:name
expose
:tag
,
as: :tag_name
,
if:
->
(
_
,
_
)
{
can_download_code?
}
expose
:tag
,
as: :tag_name
,
if:
->
(
_
,
_
)
{
can_download_code?
}
expose
:description
expose
:description
expose
:description_html
,
unless:
->
(
_
,
_
)
{
remove_description_html?
}
do
|
entity
|
expose
:description_html
,
if:
->
(
_
,
options
)
{
options
[
:include_html_description
]
}
do
|
entity
|
MarkupHelper
.
markdown_field
(
entity
,
:description
,
current_user:
options
[
:current_user
])
MarkupHelper
.
markdown_field
(
entity
,
:description
,
current_user:
options
[
:current_user
])
end
end
expose
:created_at
expose
:created_at
...
@@ -45,11 +45,6 @@ module API
...
@@ -45,11 +45,6 @@ module API
def
can_read_milestone?
def
can_read_milestone?
Ability
.
allowed?
(
options
[
:current_user
],
:read_milestone
,
object
.
project
)
Ability
.
allowed?
(
options
[
:current_user
],
:read_milestone
,
object
.
project
)
end
end
def
remove_description_html?
::
Feature
.
enabled?
(
:remove_description_html_in_release_api
,
object
.
project
,
default_enabled: :yaml
)
&&
::
Feature
.
disabled?
(
:remove_description_html_in_release_api_override
,
object
.
project
)
end
end
end
end
end
end
end
lib/api/releases.rb
View file @
08086ff5
...
@@ -29,6 +29,8 @@ module API
...
@@ -29,6 +29,8 @@ module API
desc:
'Return releases ordered by `released_at` or `created_at`.'
desc:
'Return releases ordered by `released_at` or `created_at`.'
optional
:sort
,
type:
String
,
values:
%w[asc desc]
,
default:
'desc'
,
optional
:sort
,
type:
String
,
values:
%w[asc desc]
,
default:
'desc'
,
desc:
'Return releases sorted in `asc` or `desc` order.'
desc:
'Return releases sorted in `asc` or `desc` order.'
optional
:include_html_description
,
type:
Boolean
,
desc:
'If `true`, a response includes HTML rendered markdown of the release description.'
end
end
get
':id/releases'
do
get
':id/releases'
do
releases
=
::
ReleasesFinder
.
new
(
user_project
,
current_user
,
declared_params
.
slice
(
:order_by
,
:sort
)).
execute
releases
=
::
ReleasesFinder
.
new
(
user_project
,
current_user
,
declared_params
.
slice
(
:order_by
,
:sort
)).
execute
...
@@ -43,7 +45,8 @@ module API
...
@@ -43,7 +45,8 @@ module API
# context is unnecessary here.
# context is unnecessary here.
cache_context:
->
(
_
)
{
"user:{
#{
current_user
&
.
id
}
}"
},
cache_context:
->
(
_
)
{
"user:{
#{
current_user
&
.
id
}
}"
},
expires_in:
5
.
minutes
,
expires_in:
5
.
minutes
,
current_user:
current_user
current_user:
current_user
,
include_html_description:
params
[
:include_html_description
]
end
end
desc
'Get a single project release'
do
desc
'Get a single project release'
do
...
@@ -53,11 +56,13 @@ module API
...
@@ -53,11 +56,13 @@ module API
end
end
params
do
params
do
requires
:tag_name
,
type:
String
,
desc:
'The name of the tag'
,
as: :tag
requires
:tag_name
,
type:
String
,
desc:
'The name of the tag'
,
as: :tag
optional
:include_html_description
,
type:
Boolean
,
desc:
'If `true`, a response includes HTML rendered markdown of the release description.'
end
end
get
':id/releases/:tag_name'
,
requirements:
RELEASE_ENDPOINT_REQUIREMENTS
do
get
':id/releases/:tag_name'
,
requirements:
RELEASE_ENDPOINT_REQUIREMENTS
do
authorize_download_code!
authorize_download_code!
present
release
,
with:
Entities
::
Release
,
current_user:
current_user
present
release
,
with:
Entities
::
Release
,
current_user:
current_user
,
include_html_description:
params
[
:include_html_description
]
end
end
desc
'Create a new release'
do
desc
'Create a new release'
do
...
...
lib/gitlab/content_security_policy/config_loader.rb
View file @
08086ff5
...
@@ -9,21 +9,20 @@ module Gitlab
...
@@ -9,21 +9,20 @@ module Gitlab
def
self
.
default_settings_hash
def
self
.
default_settings_hash
settings_hash
=
{
settings_hash
=
{
'enabled'
=>
true
,
'enabled'
=>
Rails
.
env
.
development?
||
Rails
.
env
.
test?
,
'report_only'
=>
false
,
'report_only'
=>
false
,
'directives'
=>
{
'directives'
=>
{
'default_src'
=>
"'self'"
,
'default_src'
=>
"'self'"
,
'base_uri'
=>
"'self'"
,
'base_uri'
=>
"'self'"
,
'child_src'
=>
"'none'"
,
'connect_src'
=>
"'self'"
,
'connect_src'
=>
"'self'"
,
'font_src'
=>
"'self'"
,
'font_src'
=>
"'self'"
,
'form_action'
=>
"'self' https: http:"
,
'form_action'
=>
"'self' https: http:"
,
'frame_ancestors'
=>
"'self'"
,
'frame_ancestors'
=>
"'self'"
,
'frame_src'
=>
"'self' https://www.recaptcha.net/ https://content.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://content-cloudresourcemanager.googleapis.com"
,
'frame_src'
=>
"'self' https://www.
google.com/recaptcha/ https://www.
recaptcha.net/ https://content.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://content-cloudresourcemanager.googleapis.com"
,
'img_src'
=>
"'self' data: blob: http: https:"
,
'img_src'
=>
"'self' data: blob: http: https:"
,
'manifest_src'
=>
"'self'"
,
'manifest_src'
=>
"'self'"
,
'media_src'
=>
"'self'"
,
'media_src'
=>
"'self'"
,
'script_src'
=>
"'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https://www.recaptcha.net https://apis.google.com"
,
'script_src'
=>
"'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https://www.
google.com/recaptcha/ https://www.
recaptcha.net https://apis.google.com"
,
'style_src'
=>
"'self' 'unsafe-inline'"
,
'style_src'
=>
"'self' 'unsafe-inline'"
,
'worker_src'
=>
"'self'"
,
'worker_src'
=>
"'self'"
,
'object_src'
=>
"'none'"
,
'object_src'
=>
"'none'"
,
...
@@ -31,6 +30,11 @@ module Gitlab
...
@@ -31,6 +30,11 @@ module Gitlab
}
}
}
}
# frame-src was deprecated in CSP level 2 in favor of child-src
# CSP level 3 "undeprecated" frame-src and browsers fall back on child-src if it's missing
# However Safari seems to read child-src first so we'll just keep both equal
settings_hash
[
'directives'
][
'child_src'
]
=
settings_hash
[
'directives'
][
'frame_src'
]
allow_webpack_dev_server
(
settings_hash
)
if
Rails
.
env
.
development?
allow_webpack_dev_server
(
settings_hash
)
if
Rails
.
env
.
development?
allow_cdn
(
settings_hash
)
if
ENV
[
'GITLAB_CDN_HOST'
].
present?
allow_cdn
(
settings_hash
)
if
ENV
[
'GITLAB_CDN_HOST'
].
present?
...
...
locale/gitlab.pot
View file @
08086ff5
...
@@ -37597,10 +37597,10 @@ msgstr ""
...
@@ -37597,10 +37597,10 @@ msgstr ""
msgid "Your SSH keys (%{count})"
msgid "Your SSH keys (%{count})"
msgstr ""
msgstr ""
msgid "Your SSH keys with the following fingerprints are scheduled to expire soon:"
msgid "Your SSH keys with the following fingerprints are scheduled to expire soon
. Expired SSH keys will not be usable in future versions of GitLab
:"
msgstr ""
msgstr ""
msgid "Your SSH keys with the following fingerprints ha
s expired
:"
msgid "Your SSH keys with the following fingerprints ha
ve expired. Expired SSH keys will not be usable in future versions of GitLab
:"
msgstr ""
msgstr ""
msgid "Your To-Do List"
msgid "Your To-Do List"
...
...
spec/lib/api/entities/release_spec.rb
View file @
08086ff5
...
@@ -8,7 +8,8 @@ RSpec.describe API::Entities::Release do
...
@@ -8,7 +8,8 @@ RSpec.describe API::Entities::Release do
let
(
:release
)
{
create
(
:release
,
project:
project
)
}
let
(
:release
)
{
create
(
:release
,
project:
project
)
}
let
(
:evidence
)
{
release
.
evidences
.
first
}
let
(
:evidence
)
{
release
.
evidences
.
first
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:user
)
{
create
(
:user
)
}
let
(
:entity
)
{
described_class
.
new
(
release
,
current_user:
user
).
as_json
}
let
(
:entity
)
{
described_class
.
new
(
release
,
current_user:
user
,
include_html_description:
include_html_description
).
as_json
}
let
(
:include_html_description
)
{
false
}
before
do
before
do
::
Releases
::
CreateEvidenceService
.
new
(
release
).
execute
::
Releases
::
CreateEvidenceService
.
new
(
release
).
execute
...
@@ -58,10 +59,8 @@ RSpec.describe API::Entities::Release do
...
@@ -58,10 +59,8 @@ RSpec.describe API::Entities::Release do
expect
(
description_html
).
to
be_nil
expect
(
description_html
).
to
be_nil
end
end
context
'when remove_description_html_in_release_api feature flag is disabled'
do
context
'when include_html_description option is true'
do
before
do
let
(
:include_html_description
)
{
true
}
stub_feature_flags
(
remove_description_html_in_release_api:
false
)
end
it
'renders special references if current user has access'
do
it
'renders special references if current user has access'
do
project
.
add_reporter
(
user
)
project
.
add_reporter
(
user
)
...
@@ -77,18 +76,5 @@ RSpec.describe API::Entities::Release do
...
@@ -77,18 +76,5 @@ RSpec.describe API::Entities::Release do
expect
(
description_html
).
not_to
include
(
issue_title
)
expect
(
description_html
).
not_to
include
(
issue_title
)
end
end
end
end
context
'when remove_description_html_in_release_api_override feature flag is enabled'
do
before
do
stub_feature_flags
(
remove_description_html_in_release_api_override:
project
)
end
it
'renders special references if current user has access'
do
project
.
add_reporter
(
user
)
expect
(
description_html
).
to
include
(
issue_path
)
expect
(
description_html
).
to
include
(
issue_title
)
end
end
end
end
end
end
spec/lib/gitlab/content_security_policy/config_loader_spec.rb
View file @
08086ff5
...
@@ -20,9 +20,9 @@ RSpec.describe Gitlab::ContentSecurityPolicy::ConfigLoader do
...
@@ -20,9 +20,9 @@ RSpec.describe Gitlab::ContentSecurityPolicy::ConfigLoader do
end
end
describe
'.default_settings_hash'
do
describe
'.default_settings_hash'
do
it
'returns defaults for all keys'
do
let
(
:settings
)
{
described_class
.
default_settings_hash
}
settings
=
described_class
.
default_settings_hash
it
'returns defaults for all keys'
do
expect
(
settings
[
'enabled'
]).
to
be_truthy
expect
(
settings
[
'enabled'
]).
to
be_truthy
expect
(
settings
[
'report_only'
]).
to
be_falsey
expect
(
settings
[
'report_only'
]).
to
be_falsey
...
@@ -35,6 +35,17 @@ RSpec.describe Gitlab::ContentSecurityPolicy::ConfigLoader do
...
@@ -35,6 +35,17 @@ RSpec.describe Gitlab::ContentSecurityPolicy::ConfigLoader do
expect
(
directives
.
has_key?
(
'report_uri'
)).
to
be_truthy
expect
(
directives
.
has_key?
(
'report_uri'
)).
to
be_truthy
expect
(
directives
[
'report_uri'
]).
to
be_nil
expect
(
directives
[
'report_uri'
]).
to
be_nil
expect
(
directives
[
'child_src'
]).
to
eq
(
directives
[
'frame_src'
])
end
context
'when in production'
do
before
do
allow
(
Rails
).
to
receive
(
:env
).
and_return
(
ActiveSupport
::
StringInquirer
.
new
(
'production'
))
end
it
'is disabled'
do
expect
(
settings
[
'enabled'
]).
to
be_falsey
end
end
end
context
'when GITLAB_CDN_HOST is set'
do
context
'when GITLAB_CDN_HOST is set'
do
...
@@ -43,10 +54,9 @@ RSpec.describe Gitlab::ContentSecurityPolicy::ConfigLoader do
...
@@ -43,10 +54,9 @@ RSpec.describe Gitlab::ContentSecurityPolicy::ConfigLoader do
end
end
it
'adds GITLAB_CDN_HOST to CSP'
do
it
'adds GITLAB_CDN_HOST to CSP'
do
settings
=
described_class
.
default_settings_hash
directives
=
settings
[
'directives'
]
directives
=
settings
[
'directives'
]
expect
(
directives
[
'script_src'
]).
to
eq
(
"'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https://www.recaptcha.net https://apis.google.com https://example.com"
)
expect
(
directives
[
'script_src'
]).
to
eq
(
"'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https://www.
google.com/recaptcha/ https://www.
recaptcha.net https://apis.google.com https://example.com"
)
expect
(
directives
[
'style_src'
]).
to
eq
(
"'self' 'unsafe-inline' https://example.com"
)
expect
(
directives
[
'style_src'
]).
to
eq
(
"'self' 'unsafe-inline' https://example.com"
)
end
end
end
end
...
...
spec/mailers/emails/profile_spec.rb
View file @
08086ff5
...
@@ -264,7 +264,7 @@ RSpec.describe Emails::Profile do
...
@@ -264,7 +264,7 @@ RSpec.describe Emails::Profile do
include_examples
'valid use case'
include_examples
'valid use case'
it_behaves_like
'has the correct subject'
,
/Your SSH key has expired/
it_behaves_like
'has the correct subject'
,
/Your SSH key has expired/
it_behaves_like
'has the correct body text'
,
/Your SSH keys with the following fingerprints ha
s
expired/
it_behaves_like
'has the correct body text'
,
/Your SSH keys with the following fingerprints ha
ve
expired/
end
end
context
'when invalid'
do
context
'when invalid'
do
...
...
spec/requests/api/releases_spec.rb
View file @
08086ff5
...
@@ -50,6 +50,12 @@ RSpec.describe API::Releases do
...
@@ -50,6 +50,12 @@ RSpec.describe API::Releases do
expect
(
json_response
.
second
[
'tag_name'
]).
to
eq
(
release_1
.
tag
)
expect
(
json_response
.
second
[
'tag_name'
]).
to
eq
(
release_1
.
tag
)
end
end
it
'does not include description_html'
do
get
api
(
"/projects/
#{
project
.
id
}
/releases"
,
maintainer
)
expect
(
json_response
.
map
{
|
h
|
h
[
'description_html'
]
}).
to
contain_exactly
(
nil
,
nil
)
end
RSpec
.
shared_examples
'release sorting'
do
|
order_by
|
RSpec
.
shared_examples
'release sorting'
do
|
order_by
|
subject
{
get
api
(
url
,
access_level
),
params:
{
sort:
sort
,
order_by:
order_by
}
}
subject
{
get
api
(
url
,
access_level
),
params:
{
sort:
sort
,
order_by:
order_by
}
}
...
@@ -107,6 +113,15 @@ RSpec.describe API::Releases do
...
@@ -107,6 +113,15 @@ RSpec.describe API::Releases do
expect
(
json_response
.
second
[
'commit_path'
]).
to
eq
(
"/
#{
release_1
.
project
.
full_path
}
/-/commit/
#{
release_1
.
commit
.
id
}
"
)
expect
(
json_response
.
second
[
'commit_path'
]).
to
eq
(
"/
#{
release_1
.
project
.
full_path
}
/-/commit/
#{
release_1
.
commit
.
id
}
"
)
expect
(
json_response
.
second
[
'tag_path'
]).
to
eq
(
"/
#{
release_1
.
project
.
full_path
}
/-/tags/
#{
release_1
.
tag
}
"
)
expect
(
json_response
.
second
[
'tag_path'
]).
to
eq
(
"/
#{
release_1
.
project
.
full_path
}
/-/tags/
#{
release_1
.
tag
}
"
)
end
end
context
'when include_html_description option is true'
do
it
'includes description_html field'
do
get
api
(
"/projects/
#{
project
.
id
}
/releases"
,
maintainer
),
params:
{
include_html_description:
true
}
expect
(
json_response
.
map
{
|
h
|
h
[
'description_html'
]
})
.
to
contain_exactly
(
instance_of
(
String
),
instance_of
(
String
))
end
end
end
end
it
'returns an upcoming_release status for a future release'
do
it
'returns an upcoming_release status for a future release'
do
...
@@ -328,6 +343,12 @@ RSpec.describe API::Releases do
...
@@ -328,6 +343,12 @@ RSpec.describe API::Releases do
.
to
match_array
(
release
.
sources
.
map
(
&
:url
))
.
to
match_array
(
release
.
sources
.
map
(
&
:url
))
end
end
it
'does not include description_html'
do
get
api
(
"/projects/
#{
project
.
id
}
/releases/v0.1"
,
maintainer
)
expect
(
json_response
[
'description_html'
]).
to
eq
(
nil
)
end
context
'with evidence'
do
context
'with evidence'
do
let!
(
:evidence
)
{
create
(
:evidence
,
release:
release
)
}
let!
(
:evidence
)
{
create
(
:evidence
,
release:
release
)
}
...
@@ -403,6 +424,14 @@ RSpec.describe API::Releases do
...
@@ -403,6 +424,14 @@ RSpec.describe API::Releases do
end
end
end
end
context
'when include_html_description option is true'
do
it
'includes description_html field'
do
get
api
(
"/projects/
#{
project
.
id
}
/releases/v0.1"
,
maintainer
),
params:
{
include_html_description:
true
}
expect
(
json_response
[
'description_html'
]).
to
be_instance_of
(
String
)
end
end
context
'when user is a guest'
do
context
'when user is a guest'
do
it
'responds 403 Forbidden'
do
it
'responds 403 Forbidden'
do
get
api
(
"/projects/
#{
project
.
id
}
/releases/v0.1"
,
guest
)
get
api
(
"/projects/
#{
project
.
id
}
/releases/v0.1"
,
guest
)
...
...
spec/services/spam/akismet_service_spec.rb
View file @
08086ff5
...
@@ -4,12 +4,15 @@ require 'spec_helper'
...
@@ -4,12 +4,15 @@ require 'spec_helper'
RSpec
.
describe
Spam
::
AkismetService
do
RSpec
.
describe
Spam
::
AkismetService
do
let
(
:fake_akismet_client
)
{
double
(
:akismet_client
)
}
let
(
:fake_akismet_client
)
{
double
(
:akismet_client
)
}
let
(
:ip
)
{
'1.2.3.4'
}
let
(
:user_agent
)
{
'some user_agent'
}
let
(
:referer
)
{
'some referer'
}
let_it_be
(
:text
)
{
"Would you like to buy some tinned meat product?"
}
let_it_be
(
:text
)
{
"Would you like to buy some tinned meat product?"
}
let_it_be
(
:spam_owner
)
{
create
(
:user
)
}
let_it_be
(
:spam_owner
)
{
create
(
:user
)
}
subject
do
subject
do
options
=
{
ip_address:
'1.2.3.4'
,
user_agent:
'some user_agent'
,
referrer:
'some referrer'
}
options
=
{
ip_address:
ip
,
user_agent:
user_agent
,
referer:
referer
}
described_class
.
new
(
spam_owner
.
name
,
spam_owner
.
email
,
text
,
options
)
described_class
.
new
(
spam_owner
.
name
,
spam_owner
.
email
,
text
,
options
)
end
end
...
@@ -56,6 +59,21 @@ RSpec.describe Spam::AkismetService do
...
@@ -56,6 +59,21 @@ RSpec.describe Spam::AkismetService do
it_behaves_like
'no activity if Akismet is not enabled'
,
:spam?
,
:check
it_behaves_like
'no activity if Akismet is not enabled'
,
:spam?
,
:check
context
'if Akismet is enabled'
do
context
'if Akismet is enabled'
do
it
'correctly transforms options for the akismet client'
do
expected_check_params
=
{
type:
'comment'
,
text:
text
,
created_at:
anything
,
author:
spam_owner
.
name
,
author_email:
spam_owner
.
email
,
# NOTE: The akismet_client needs the option to be named `:referrer`, not `:referer`
referrer:
referer
}
expect
(
fake_akismet_client
).
to
receive
(
:check
).
with
(
ip
,
user_agent
,
expected_check_params
)
subject
.
spam?
end
context
'the text is spam'
do
context
'the text is spam'
do
before
do
before
do
allow
(
fake_akismet_client
).
to
receive
(
:check
).
and_return
([
true
,
false
])
allow
(
fake_akismet_client
).
to
receive
(
:check
).
and_return
([
true
,
false
])
...
@@ -86,21 +104,33 @@ RSpec.describe Spam::AkismetService do
...
@@ -86,21 +104,33 @@ RSpec.describe Spam::AkismetService do
end
end
end
end
context
'if Akismet is not available
'
do
describe
'error handling
'
do
before
do
before
do
allow
(
fake_akismet_client
).
to
receive
(
:check
).
and_raise
(
StandardError
.
new
(
"oh noes!"
)
)
allow
(
fake_akismet_client
).
to
receive
(
:check
).
and_raise
(
error
)
end
end
context
'StandardError other than ArgumentError is raised'
do
let
(
:error
)
{
Akismet
::
Error
.
new
(
"Lovely spam! Wonderful spam!"
)
}
specify
do
specify
do
expect
(
subject
.
spam?
).
to
be_falsey
expect
(
subject
.
spam?
).
to
be_falsey
end
end
it
'logs an error'
do
it
'logs an error'
do
expect
(
Gitlab
::
AppLogger
).
to
receive
(
:error
).
with
(
/skipping check
/
)
expect
(
Gitlab
::
AppLogger
).
to
receive
(
:error
).
with
(
/Error during Akismet.*flagging as not spam.*Lovely spam
/
)
subject
.
spam?
subject
.
spam?
end
end
end
end
context
'ArgumentError is raised in dev'
do
let
(
:error
)
{
ArgumentError
}
it
'raises original error'
do
expect
{
subject
.
spam?
}.
to
raise_error
(
error
)
end
end
end
end
end
end
end
...
...
spec/spec_helper.rb
View file @
08086ff5
...
@@ -286,9 +286,6 @@ RSpec.configure do |config|
...
@@ -286,9 +286,6 @@ RSpec.configure do |config|
# As we're ready to change `master` usages to `main`, let's enable it
# As we're ready to change `master` usages to `main`, let's enable it
stub_feature_flags
(
main_branch_over_master:
false
)
stub_feature_flags
(
main_branch_over_master:
false
)
# Selectively disable by actor https://docs.gitlab.com/ee/development/feature_flags/#selectively-disable-by-actor
stub_feature_flags
(
remove_description_html_in_release_api_override:
false
)
# Disable issue respositioning to avoid heavy load on database when importing big projects.
# Disable issue respositioning to avoid heavy load on database when importing big projects.
# This is only turned on when app is handling heavy project imports.
# This is only turned on when app is handling heavy project imports.
# Can be removed when we find a better way to deal with the problem.
# Can be removed when we find a better way to deal with the problem.
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment