- 29 Aug, 2019 15 commits
-
-
GitLab Release Tools Bot authored
Enforce max chars and max render time in markdown math See merge request gitlab/gitlab-ee!1138
-
GitLab Release Tools Bot authored
Require a captcha after unique failed logins from the same IP See merge request gitlab/gitlab-ee!1148
-
GitLab Release Tools Bot authored
Fix DNS rebind vulnerability for JIRA integration See merge request gitlab/gitlab-ee!1163
-
GitLab Release Tools Bot authored
Project visibility restriction bypass See merge request gitlab/gitlab-ee!1174
-
GitLab Release Tools Bot authored
Introduce JobActivity limit for alive jobs Closes #376 See merge request gitlab/gitlab-ee!1182
-
GitLab Release Tools Bot authored
DNS Rebind SSRF in Kubernetes Integration See merge request gitlab/gitlab-ee!1188
-
GitLab Release Tools Bot authored
Clear reset_password_tokens when login (email or username) change See merge request gitlab/gitlab-ee!1193
-
GitLab Release Tools Bot authored
Prevent disclosure of merge request id via email See merge request gitlab/gitlab-ee!1198
-
GitLab Release Tools Bot authored
Restrict MergeRequests#test_reports to authenticated users with read-access on Builds See merge request gitlab/gitlab-ee!1203
-
GitLab Release Tools Bot authored
Add direct upload support for personal snippets See merge request gitlab/gitlab-ee!1208
-
GitLab Release Tools Bot authored
admin_group authorization for Groups::RunnersController See merge request gitlab/gitlab-ee!1213
-
GitLab Release Tools Bot authored
Re-escape the whole HTML content when finding HTML references See merge request gitlab/gitlab-ee!1217
-
GitLab Release Tools Bot authored
Send TODOs for comments on commits correctly See merge request gitlab/gitlab-ee!1219
-
GitLab Release Tools Bot authored
Gitaly: ignore git redirects See merge request gitlab/gitlab-ee!1226
-
GitLab Release Tools Bot authored
Avoid exposing unaccessible repo data upon GFM post processing See merge request gitlab/gitlab-ee!1235
-
- 28 Aug, 2019 2 commits
-
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
- 27 Aug, 2019 4 commits
-
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
- 26 Aug, 2019 8 commits
-
-
Oswaldo Ferreira authored
When post-processing relative links to absolute links RelativeLinkFilter didn't take into consideration that internal repository data could be exposed for users that do not have repository access to the project. This commit solves that by checking whether the user can `download_code` at this repository, avoiding any processing of this filter if the user can't. Additionally, if we're processing for a group ( no project was given), we check if the user can read it in order to expand the href as an extra. That doesn't seem necessarily a breach now, but an extra check doesn't hurt as after all the user needs to be able to `read_group`.
-
Jacob Vosmaer authored
-
GitLab Bot authored
-
Ash McKenzie authored
Bump ruby-prof to 1.0.0 See merge request gitlab-org/gitlab-ce!29588
-
Thong Kuah authored
Install Unleash Client Gem See merge request gitlab-org/gitlab-ce!32065
-
Jason Goodman authored
-
GitLab Bot authored
-
Ash McKenzie authored
Backport expired job artifact trait See merge request gitlab-org/gitlab-ce!32179
-
- 25 Aug, 2019 5 commits
-
-
GitLab Bot authored
-
Stan Hu authored
Add helpers to exactly undo cleanup_concurrent_column_rename See merge request gitlab-org/gitlab-ce!32183
-
Reuben Pereira authored
- Also add helper to undo rename_column_concurrently.
-
Stan Hu authored
Add helper to exactly undo cleanup_concurrent_column_rename See merge request gitlab-org/gitlab-ee!15614
-
Reuben Pereira authored
- Also add helper to undo rename_column_concurrently.
-
- 24 Aug, 2019 6 commits
-
-
Stan Hu authored
This is significant improvement over the previous releases: https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES
-
Gabriel Mazetto authored
-
GitLab Bot authored
-
Fatih Acet authored
Resolve "Show the paths for groups in productivity analytics" Closes #13637 See merge request gitlab-org/gitlab-ee!15513
-
Martin Wortschack authored
- Add changelog entry - Add specs for displaying the full group path - Add selector to component
-
Stan Hu authored
Preload tags when loading Ci::Pipeline Closes #60925 See merge request gitlab-org/gitlab-ce!32149
-