- 21 Oct, 2021 18 commits
-
-
Luke Duncalfe authored
Quarantine flaky DST specs See merge request gitlab-org/gitlab!72748
-
Sean Arnold authored
-
Evan Read authored
Update GroupSync section to enhance clarity See merge request gitlab-org/gitlab!72749
-
Alvin Gounder authored
-
Evan Read authored
Enable MR approval setting cascading by default See merge request gitlab-org/gitlab!72675
-
Lin Jen-Shin authored
Revert change to review-cleanup rule See merge request gitlab-org/gitlab!72489
-
Heinrich Lee Yu authored
Allow encoded newlines in HTTP URLs See merge request gitlab-org/gitlab!72655
-
Mark Lapierre authored
E2E: Reduce repeater log verbosity if first attempt is successfull See merge request gitlab-org/gitlab!72455
-
Andrejs Cunskis authored
-
Russell Dickenson authored
Add documentation for all Browser Based DAST scanner Passive checks See merge request gitlab-org/gitlab!72354
-
Craig Smith authored
-
Luke Duncalfe authored
Fix ZenTao spelling See merge request gitlab-org/gitlab!72561
-
Evan Read authored
doc: Document change in Gitaly binary paths See merge request gitlab-org/gitlab!72702
-
Patrick Steinhardt authored
-
Stan Hu authored
Previously we explicitly considered the Git scheme, but this allowed FTP and other protocols to have multi-line URLs. We now allowed encoded newlines in HTTP(s) calls.
-
Stan Hu authored
We saw in https://gitlab.com/gitlab-com/gl-infra/production/-/issues/5756 that restricting newlines in query strings blocks Google Cloud Storage (GCS) URLs from working since GCS uses a multi-line `Signature` query string. The original check was introduced to prevent CRLF injection in the Git protocol (https://gitlab.com/gitlab-org/gitlab/-/issues/8438). Git has since added protection against newlines in the URL (https://github.com/git/git/commit/a02ea577174ab8ed18f847cf1693f213e0b9c473), but they haven't blocked the carriage return (CR) case. To ensure defense in depth, we continue to block Git requests with CRLF, but allow multi-line HTTP queries. Changelog: fixed
-
James Fargher authored
Hide badge row if there are no pipeline badges See merge request gitlab-org/gitlab!72538
-
Payton Burdette authored
-
- 20 Oct, 2021 22 commits
-
-
Mayra Cabrera authored
Downgrade EMOJI_VERSION to 1 See merge request gitlab-org/gitlab!72730
-
Baodong authored
Rename "Zentao" to "ZenTao". Because "ZenTao" is its official English name. Changelog: changed EE: true
-
James Fargher authored
Merge branch '342722-fetch-shared-runners-constants-from-the-backend-for-the-frontend' into 'master' Use shared runners constants from the backend for the frontend See merge request gitlab-org/gitlab!72532
-
Doug Stull authored
-
Thong Kuah authored
Merge branch '342795-use-yaml-file-to-define-gitlab_schema-reduce-allowlist-cross-modification-only' into 'master' Shrink cross-database-modification-allowlist for new gitlab_schema See merge request gitlab-org/gitlab!72576
-
Luke Duncalfe authored
Refactor ping method of ZenTao client See merge request gitlab-org/gitlab!72563
-
James Fargher authored
Fix nil value in location column in vulnerability_occurrences See merge request gitlab-org/gitlab!72224
-
Russell Dickenson authored
Update docs for Pipeline Security tab See merge request gitlab-org/gitlab!72156
-
Krasimir Angelov authored
ReplaceTable helper should be passed a connection See merge request gitlab-org/gitlab!72402
-
Stan Hu authored
In a mixed deployment situation, `-/emojis/2/emojis.json` may not exist yet, so we need to make sure we preserve the expand and contract pattern. Relates to https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71313
-
Dylan Griffith authored
Now that we've introduced the YAML format for gitlab_schema it fixed a lot of cross-joins.
-
pbair authored
Update the `ReplaceTable` helper to accept an external database connection rather than relying directly on `ActiveRecord::Base.connection`
-
Thong Kuah authored
Use a YAML file to define gitlab_schema for tables See merge request gitlab-org/gitlab!72353
-
Thong Kuah authored
Support multiple dbs when monitoring partitions See merge request gitlab-org/gitlab!71421
-
Mayra Cabrera authored
Exclude users who wouldn’t be able to take action from the `security_reports_mr_widget_prompt` experiment See merge request gitlab-org/gitlab!71432
-
Jeremy Jackson authored
Exclude users who wouldn’t be able to take action from the `security_reports_mr_widget_prompt` experiment
-
Suzanne Selhorn authored
Fix noun verb agreement See merge request gitlab-org/gitlab!72719
-
James Fargher authored
Ensure specs are under saas context when needed See merge request gitlab-org/gitlab!72481
-
Igor Drozdov authored
Add atomic sidekiq scheduler See merge request gitlab-org/gitlab!72380
-
Heinrich Lee Yu authored
This retrieves jobs from Sidekiq scheduled sets using a Lua script. This allows multiple processes to process the queue efficiently.
-
Nick Gaskill authored
Move Health Check page to Monitor group See merge request gitlab-org/gitlab!72345
-
Medved authored
-