Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
9de0225f
Commit
9de0225f
authored
Feb 06, 2019
by
GitLab Bot
Browse files
Options
Browse Files
Download
Plain Diff
Automatic merge of gitlab-org/gitlab-ce master
parents
1eac9910
5bfa8e2f
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
28 additions
and
1 deletion
+28
-1
lib/api/entities.rb
lib/api/entities.rb
+3
-1
spec/requests/api/releases_spec.rb
spec/requests/api/releases_spec.rb
+25
-0
No files found.
lib/api/entities.rb
View file @
9de0225f
...
...
@@ -1118,7 +1118,9 @@ module API
class
Release
<
TagRelease
expose
:name
expose
:description_html
expose
:description_html
do
|
entity
|
MarkupHelper
.
markdown_field
(
entity
,
:description
)
end
expose
:created_at
expose
:author
,
using:
Entities
::
UserBasic
,
if:
->
(
release
,
_
)
{
release
.
author
.
present?
}
expose
:commit
,
using:
Entities
::
Commit
...
...
spec/requests/api/releases_spec.rb
View file @
9de0225f
...
...
@@ -127,6 +127,31 @@ describe API::Releases do
.
to
match_array
(
release
.
sources
.
map
(
&
:url
))
end
context
"when release description contains confidential issue's link"
do
let
(
:confidential_issue
)
do
create
(
:issue
,
:confidential
,
project:
project
,
title:
'A vulnerability'
)
end
let!
(
:release
)
do
create
(
:release
,
project:
project
,
tag:
'v0.1'
,
sha:
commit
.
id
,
author:
maintainer
,
description:
"This is confidential
#{
confidential_issue
.
to_reference
}
"
)
end
it
"does not expose confidential issue's title"
do
get
api
(
"/projects/
#{
project
.
id
}
/releases/v0.1"
,
maintainer
)
expect
(
json_response
[
'description_html'
]).
to
include
(
confidential_issue
.
to_reference
)
expect
(
json_response
[
'description_html'
]).
not_to
include
(
'A vulnerability'
)
end
end
context
'when release has link asset'
do
let!
(
:link
)
do
create
(
:release_link
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment