- 28 Nov, 2018 8 commits
-
-
Cindy Pallares authored
[master] Fix XSS in mermaid diagrams See merge request gitlab/gitlabhq!2597
-
Winnie Hellmann authored
-
Cindy Pallares authored
[master] Don't expose confidential information in commit message list See merge request gitlab/gitlabhq!2626
-
Cindy Pallares authored
[master] Resolve: Promoting a milestone is missing an authorization check See merge request gitlab/gitlabhq!2598
-
Cindy Pallares authored
[master] Do not follow redirects in prometheus service See merge request gitlab/gitlabhq!2617
-
Cindy Pallares authored
[master] Stored XSS for Environments Closes #2727 See merge request gitlab/gitlabhq!2594
-
Cindy Pallares authored
[master] Fixed read private group names See merge request gitlab/gitlabhq!2589
-
Cindy Pallares authored
[Master] Redact sensitive information on gitlab-workhorse log See merge request gitlab/gitlabhq!2584
-
- 27 Nov, 2018 1 commit
-
-
GitLab Release Tools Bot authored
[ci skip]
-
- 26 Nov, 2018 31 commits
-
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
Stan Hu authored
Fix deadlock on ChunkedIO See merge request gitlab-org/gitlab-ce!23329
-
Robert Speicher authored
Rails 5 deprecation: Passing an argument to force an association to reload is now deprecated See merge request gitlab-org/gitlab-ce!23337
-
Stan Hu authored
Allow profiler to authenticate by stubbing users directly Closes #54327 See merge request gitlab-org/gitlab-ce!23320
-
Robert Speicher authored
Backport of gitlab-ee!8470 See merge request gitlab-org/gitlab-ce!23150
-
Douglas Barbosa Alexandre authored
Add events index on project_id and created_at Closes #53992 See merge request gitlab-org/gitlab-ce!23354
-
Robert Speicher authored
Upgrade better_errors gem to 2.5.0 See merge request gitlab-org/gitlab-ce!23312
-
Tim Zallmann authored
Fix Image Lazy Loader for some older browsers Closes #54407 See merge request gitlab-org/gitlab-ce!23349
-
Rémy Coutable authored
Override CI_COMMIT_REF_SLUG for QA branches See merge request gitlab-org/gitlab-ce!23346
-
Lin Jen-Shin authored
-
Jasper Maes authored
-
Filipa Lacerda authored
CE port of "Move merge request approval settings" See merge request gitlab-org/gitlab-ce!23157
-
Rémy Coutable authored
The `gitlab:assets:compile` job isn't run for the QA branches, thus there's no Docker image correspinding these branches in the registry. By overriding `CI_COMMIT_REF_SLUG` to `master` for QA branches, the `fetch-assets` job in the `omnibus-gitlab` pipeline will pull the `master` assets Docker image. Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Fatih Acet authored
Update externalized strings from `/app/views/project/runners` See merge request gitlab-org/gitlab-ce!23347
-
Dmitriy Zaporozhets authored
i18n: externalize strings from 'app/views/shared/members' See merge request gitlab-org/gitlab-ce!23125
-
Lukas Eipert authored
Some older browsers do not ship with isIntersecting, while they already have IntersectionObserver support. We make use of `intersectionRatio` now to fix the Lazy Loader for those browsers.
-
Stan Hu authored
Batch load only data from same repository when lazy object is accessed See merge request gitlab-org/gitlab-ce!23309
-
Tao Wang authored
Signed-off-by: Tao Wang <twang2218@gmail.com> Signed-off-by: Rémy Coutable <remy@rymai.me>
-
Kamil Trzciński authored
-
Grzegorz Bizon authored
Cache project HEAD to prevent unnecessary Gitaly calls See merge request gitlab-org/gitlab-ce!23307
-
Grzegorz Bizon authored
Allow to store null variables Closes #54379 See merge request gitlab-org/gitlab-ce!23299
-
Grzegorz Bizon authored
CE Backport: Extract Gitlab::Prometheus::QueryVariables See merge request gitlab-org/gitlab-ce!23335
-
Fatih Acet authored
Refactor issue boards switcher to single file Vue component (CE-port) See merge request gitlab-org/gitlab-ce!23274
-
Grzegorz Bizon authored
CE port for qa-193-ldap-group-sync EE branch See merge request gitlab-org/gitlab-ce!22834
-
Sean McGivern authored
Previously, we used a personal access token. This had a couple of problems: 1. If the user didn't have a PAT, we couldn't impersonate them. 2. It depended on reading the raw PAT from the database. Instead, we can monkey-patch the authentication methods on ApplicationController (overriding the Devise ones), and remove them once we're done. This does mean that profiles will not profile auth correctly, so for that, use a PAT directly.
-
George Tsiolis authored
-
Phil Hughes authored
Add @vue/test-utils as dev dependency See merge request gitlab-org/gitlab-ce!23345
-
Douwe Maan authored
-
Douwe Maan authored
By specifying `key`, we get a different lazy batch loader for each repository, which means that accessing a lazy object from one repository will only result in that repository's objects being fetched, not those of other repositories, saving us some unnecessary Gitaly lookups.
-
Fatih Acet authored
Externalize strings from `/app/views/project/runners` See merge request gitlab-org/gitlab-ce!23208
-