- 07 Aug, 2019 37 commits
-
-
GitLab Bot authored
-
Evan Read authored
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/65499 Closes #65499 See merge request gitlab-org/gitlab-ce!31458
-
-
Evan Read authored
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/62446 Closes #62446 See merge request gitlab-org/gitlab-ce!31448
-
-
Evan Read authored
Update DinD example for 19.03.1 See merge request gitlab-org/gitlab-ce!31051
-
GitLab Bot authored
-
Sean McGivern authored
Merge branch '33401-follow-up-from-add-prometheus-metrics-endpoint-and-basic-infrastructure-to-meter-code' into 'master' Clean tmpdirs in metrics endpoint specs Closes #33401 See merge request gitlab-org/gitlab-ce!31529
-
Peter Leitzen authored
-
Kushal Pandya authored
Productivity Analytics: Move specs to correct subfolder See merge request gitlab-org/gitlab-ee!15025
-
Martin Wortschack authored
- Move actions and mutations to /filters
-
GitLab Bot authored
-
Evan Read authored
Fix assorted links in the docs See merge request gitlab-org/gitlab-ce!31559
-
Marcel Amirault authored
Fix links as discovered by the lint in the docs project
-
Ash McKenzie authored
Remove duplicate 'Issue Boards' from export page See merge request gitlab-org/gitlab-ee!15027
-
GitLab Bot authored
-
Ash McKenzie authored
Add support for Content-Security-Policy Closes #65330 See merge request gitlab-org/gitlab-ce!31402
-
Ash McKenzie authored
[EE] Add support for Content-Security-Policy Closes gitlab-ce#65330 See merge request gitlab-org/gitlab-ee!14975
-
GitLab Bot authored
-
Thong Kuah authored
Provide separate namespaces for each project environment See merge request gitlab-org/gitlab-ce!30711
-
Tiger Watson authored
Kubernetes deployments on new clusters will now have a separate namespace per project environment, instead of sharing a single namespace for the project. Behaviour of existing clusters is unchanged. All new functionality is controlled by the :kubernetes_namespace_per_environment feature flag, which is safe to enable/disable at any time.
-
GitLab Bot authored
-
Evan Read authored
Follow-up: Tweak line to improve badge placement Closes #65417 See merge request gitlab-org/gitlab-ce!31528
-
Marcel Amirault authored
-
Evan Read authored
Follow-Up: Change code blocks to shell type Closes #65605 See merge request gitlab-org/gitlab-ce!31526
-
Marcel Amirault authored
-
Sanad Liaquat authored
Added a Secure E2E test for auto-remediation Closes #9192 See merge request gitlab-org/gitlab-ee!14945
-
Aleksandr Soborov authored
Updated selectors where necessary. Updated fixture and tests that have changed results.
-
GitLab Bot authored
-
Ash McKenzie authored
Resolve "Use Gitlab::HTTP in PrometheusClient instead of RestClient" Closes #60024 See merge request gitlab-org/gitlab-ce!31053
-
David Wilkins authored
- Closes #60024 - Change PrometheusClient.new to accept a base url instead of an already created RestClient - Use Gitlab::HTTP in PrometheusClient instead of creating RestClient in PrometheusService - Move http_options from PrometheusService to PrometheusClient (follow_redirects: false) - ensure that base urls don't have the trailing slash - Created a `PrometheusClient#url` method that might not be strictly required - Change rescued exceptions from RestClient::* to HTTParty::ResponseError where possible and StandardError for the rest
-
Stan Hu authored
A nonce-based Content-Security-Policy thwarts XSS attacks by allowing inline JavaScript to execute if the script nonce matches the header value. Rails 5.2 supports nonce-based Content-Security-Policy headers, so provide configuration to enable this and make it work. To support this, we need to change all `:javascript` HAML filters to the following form: ``` = javascript_tag nonce: true do :plain ... ``` We use `%script` throughout our HAML to store JSON and other text, but since this doesn't execute, browsers don't appear to block this content from being used and require the nonce value to be present.
-
Evan Read authored
Docs - Update link in SSL_TLS Certificates Page to Let's Encrypt Intergration See merge request gitlab-org/gitlab-ce!30984
-
Dean Leggo authored
-
Luke Duncalfe authored
-
Stan Hu authored
A nonce-based Content-Security-Policy thwarts XSS attacks by allowing inline JavaScript to execute if the script nonce matches the header value. Rails 5.2 supports nonce-based Content-Security-Policy headers, so provide configuration to enable this and make it work. To support this, we need to change all `:javascript` HAML filters to the following form: ``` = javascript_tag nonce: true do :plain ... ``` We use `%script` throughout our HAML to store JSON and other text, but since this doesn't execute, browsers don't appear to block this content from being used and require the nonce value to be present.
-
GitLab Bot authored
-
- 06 Aug, 2019 3 commits
-
-
Stan Hu authored
Fix nil take regression Closes #65725 See merge request gitlab-org/gitlab-ce!31554
-
Douglas Barbosa Alexandre authored
Add project security dashboard vulnerabilities endpoints Closes #12244 and #12381 See merge request gitlab-org/gitlab-ee!14896
-
Avielle Wolfe authored
* Adds Projects::Security::VulnerabilitiesController * Adds Projects::Security::DashboardHelper * Adds project security dashboard vulnerabilities routes * Includes Vulnerable module in Project Fixes https://gitlab.com/gitlab-org/gitlab-ee/issues/12381 and https://gitlab.com/gitlab-org/gitlab-ee/issues/12244
-