- 28 Apr, 2021 40 commits
-
-
GitLab Release Tools Bot authored
-
Arturo Herrero authored
Add Merge Requests and Requirements Menu See merge request gitlab-org/gitlab!59374
-
Yorick Peterse authored
-
Savas Vedova authored
Rename routeQuery to queryString in standard_filter.vue See merge request gitlab-org/gitlab!60371
-
Yorick Peterse authored
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
David Fernandez authored
Any objects other than `User` (such as `DeployToken`) are not allowed Changelog: security
-
Alex Kalderimis authored
Verify that read_api tokens cannot run mutations. Also: adds tests use of OAuth tokens for GraphQL We make some changes to the sessionless_authentication module in order to capture the request_authenticator, so that we can access the token scopes, without making any extra queries. We ensure we always authorize the mutation, which, like all resolvers, needs to opt in to the check. Unlike resolvers, mutations should always raise. So `BaseMutation.authorized?` raises on failure. Logic for handling scopes is pushed down to the `ObjectAuthorization` class, and encapsulated in the `ScopeValidator`, which limits the methods that can be called by resolvers.
-
Alexandru Croitor authored
When an issue is created or updated though API for import purposes we allow providing created_at and updated_at params these would then be reflected also in system notes. Only admins and project owners should be able to set these dates.
-
Mike Kozono authored
-
Nick Thomas authored
It seems that with this feature flag enabled, pagination doesn't work correctly in conjunction with a search. The FF is already disabled on GitLab.com, but disabling it in the YAML file means that self-managed instances will also be protected from the security issue (unless they explicitly opt-in to some beta code, of course). Changelog: security
-
Vasilii Iakliushin authored
Contributes to https://gitlab.com/gitlab-org/gitlab/-/issues/230864 * Remove password value from the pull mirror form * Hide username from mirror url
-
Savas Vedova authored
Subscription Activation: Success Banner See merge request gitlab-org/gitlab!60389
-
Marcia Ramos authored
Docs: Remove create_default examples with freeze See merge request gitlab-org/gitlab!60379
-
Marcia Ramos authored
Document all the configuration options See merge request gitlab-org/gitlab!59562
-
Viktor Nagy authored
-
Marcia Ramos authored
Document order-dependent flaky tests See merge request gitlab-org/gitlab!59369
-
Albert Salim authored
-
GitLab Bot authored
-
Matthias Käppler authored
ImportExport: Validate URL before downloading See merge request gitlab-org/gitlab!60388
-
Rémy Coutable authored
ci: Streamline our usage of 'needs' after latest improvements See merge request gitlab-org/gitlab!60030
-
David O'Regan authored
Change success variant for primary button in upload file modal to confirm See merge request gitlab-org/gitlab!59463
-
Yogi authored
-
GitLab Release Tools Bot authored
-
Dmytro Zaporozhets (DZ) authored
Merge branch '21033-controller-groups-groupmemberscontroller-index-executes-more-than-100-sql-queries-p80-108-5' into 'master' Resolve admin_group_member group policy n+1 See merge request gitlab-org/gitlab!58948
-
Doug Stull authored
-
Kamil Trzciński authored
Link change management for feature flag rollout in issue template See merge request gitlab-org/gitlab!60470
-
GitLab Bot authored
-
Arturo Herrero authored
Update Usage Ping Metrics Definitions for group::release See merge request gitlab-org/gitlab!60377
-
Marcia Ramos authored
Correct load balancer typo in database load balancing doc See merge request gitlab-org/gitlab!60156
-
Sean McGivern authored
Remove optimized_timebox_queries feature flag [RUN ALL RSPEC] [RUN AS-IF-FOSS] See merge request gitlab-org/gitlab!60326
-
Markus Koller authored
Revert '323357-mlunoe-subscription-plans-service' See merge request gitlab-org/gitlab!59371
-
Michael Lunøe authored
This reverts commit 636c36aa, reversing changes made to ce6ed97f.
-
Dmytro Zaporozhets (DZ) authored
Refresh cache on user for assigned open issues count after cache invalidation [RUN ALL RSPEC] [RUN AS-IF-FOSS] See merge request gitlab-org/gitlab!59961
-
charlie ablett authored
Refresh cache on user for assigned open issues count after cache invalidation [RUN ALL RSPEC] [RUN AS-IF-FOSS]
-