Commits · d9c95c957e512602c5355a136bc6a376e14e7823 · nexedi / gitlab-ce

14 Oct, 2018 1 commit

Fix XSS in Security Reports and License Management · d9c95c95

Lukas Eipert authored Oct 11, 2018

The modals in the Security Reports and License Management simply exposed
urls as link href's without proper sanitation.

They now use a proper Vue component `<safe-link>` which only renders a
link if the href is an absolute http or https link. It falls back to a
<span> if the link contains something else.

d9c95c95

13 Oct, 2018 4 commits
- Merge branch 'ce-to-ee-2018-10-13' into 'master' · beb54aa6
  🤖 GitLab Bot 🤖 authored Oct 13, 2018
```
CE upstream - 2018-10-13 10:22 UTC

See merge request gitlab-org/gitlab-ee!7918
```
  beb54aa6
- Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-10-13 · a7e6098c
  GitLab Bot authored Oct 13, 2018
  
  a7e6098c
- Merge branch 'fix-dupilicate-key-license-management' into 'master' · 4127b357
  Dmitriy Zaporozhets authored Oct 13, 2018
```
Fix duplicated key in license management job gitlab-org/gitlab-ce#52609

Closes #52609

See merge request gitlab-org/gitlab-ce!22311
```
  4127b357
- add changelog entry · dfef5ba2
  Adam Lemanski authored Oct 13, 2018
  
  dfef5ba2
12 Oct, 2018 35 commits
- Merge branch 'ce-to-ee-2018-10-12' into 'master' · 041420ff
  🤖 GitLab Bot 🤖 authored Oct 12, 2018
```
CE upstream - 2018-10-12 21:21 UTC

See merge request gitlab-org/gitlab-ee!7916
```
  041420ff
- Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-10-12 · b79578ce
  GitLab Bot authored Oct 12, 2018
  
  b79578ce
- Merge branch 'ce-to-ee-2018-10-12' into 'master' · 931b858f
  🤖 GitLab Bot 🤖 authored Oct 12, 2018
```
CE upstream - 2018-10-12 20:21 UTC

See merge request gitlab-org/gitlab-ee!7915
```
  931b858f
- Merge branch 'bw-fix-unicorn-rubocop' into 'master' · 79ba3892
  Robert Speicher authored Oct 12, 2018
```
Fix rubocop complaining about unicorn.rb

See merge request gitlab-org/gitlab-ce!22332
```
  79ba3892
- Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-10-12 · 8654270f
  GitLab Bot authored Oct 12, 2018
  
  8654270f
- Merge branch 'jr-merge-file-tree-docs' into 'master' · ed8d6e8c
  Marcia Ramos authored Oct 12, 2018
```
Update merge request diff navigation docs

See merge request gitlab-org/gitlab-ce!22275
```
  ed8d6e8c
- Update merge request diff navigation docs · 17394e94
  James Ramsay authored Oct 12, 2018
  
  17394e94
- Merge branch 'docs-go1.10' into 'master' · 64fa3543
  Marcia Ramos authored Oct 12, 2018
```
Drop support for Go 1.9 in GitLab 11.4

Closes #51982

See merge request gitlab-org/gitlab-ce!22324
```
  64fa3543
- Merge branch 'sh-update-ee-upgrade-docs' into 'master' · 8a34c7cb
  Marcia Ramos authored Oct 12, 2018
```
Fix 11.3 CE -> EE upgrade docs for frontend compliation

See merge request gitlab-org/gitlab-ee!7911
```
  8a34c7cb
- Fix rubocop complaining about unicorn.rb · f4803993
  Brett Walker authored Oct 12, 2018
  
  f4803993
- Merge branch 'ce-to-ee-2018-10-12' into 'master' · 346fb639
  🤖 GitLab Bot 🤖 authored Oct 12, 2018
```
CE upstream - 2018-10-12 17:21 UTC

See merge request gitlab-org/gitlab-ee!7914
```
  346fb639
- Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-10-12 · 6ccbe640
  GitLab Bot authored Oct 12, 2018
  
  6ccbe640
- Merge branch '52614-update-job-started-check' into 'master' · 1103f589
  Tim Zallmann authored Oct 12, 2018
```
Updates the check for started in job header

See merge request gitlab-org/gitlab-ce!22329
```
  1103f589
- Merge branch '52618-incorrect-stage-being-shown-in-side-bar-of-job-view-api' into 'master' · 7e342757
  Tim Zallmann authored Oct 12, 2018
```
Add stage name in job.json response

Closes #52618

See merge request gitlab-org/gitlab-ce!22317
```
  7e342757
- Add stage name in job.json response · 464655ed
  Steve Azzopardi authored Oct 12, 2018
  
  464655ed
- Merge branch 'ce-to-ee-2018-10-12' into 'master' · e06e9796
  Stan Hu authored Oct 12, 2018
```
CE upstream - 2018-10-12 15:21 UTC

See merge request gitlab-org/gitlab-ee!7912
```
  e06e9796
- Merge branch 'gt-fix-add-gitlab-to-slack-layout' into 'master' · 40ea5fa7
  Annabel Dunstone Gray authored Oct 12, 2018
```
Fix add GitLab to Slack layout

Closes gitlab-ce#51277

See merge request gitlab-org/gitlab-ee!7801
```
  40ea5fa7
- Updates the check for started in job header · 85c30d74
  Filipa Lacerda authored Oct 12, 2018
```
The function that was checking if the job was started or not
was expecting a boolean, however it was receiving a null.
During the refactor the condition was changed, causing the function
to break with null

This commit fixes the check
```
  85c30d74
- Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-10-12 · 56933b33
  GitLab Bot authored Oct 12, 2018
  
  56933b33
- Merge branch '52512-fix-event-api-docs' into 'master' · 982aaa04
  Robert Speicher authored Oct 12, 2018
```
Fix the event API docs

Closes #52512

See merge request gitlab-org/gitlab-ce!22320
```
  982aaa04
- Merge branch 'ce-to-ee-2018-10-12' into 'master' · 6ae46053
  Filipa Lacerda authored Oct 12, 2018
```
CE upstream - 2018-10-12 13:21 UTC

See merge request gitlab-org/gitlab-ee!7909
```
  6ae46053
- Fix 11.3 CE -> EE upgrade docs for frontend compliation · 4c6e3ef1
  Stan Hu authored Oct 12, 2018
  
  4c6e3ef1
- Merge branch '5781-operations-homepage-mvc' into 'master' · fbec87b4
  Sean McGivern authored Oct 12, 2018
```
Backport CE changes for Ops Dashboard in EE

See merge request gitlab-org/gitlab-ce!22136
```
  fbec87b4
- Backport CE changes for Ops Dashboard in EE · 4d9ede0b
  Peter Leitzen authored Oct 12, 2018
  
  4d9ede0b
- Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-10-12 · 0329e677
  GitLab Bot authored Oct 12, 2018
  
  0329e677
- Merge branch 'fl-update-svgs' into 'master' · 0047869c
  Mike Greiling authored Oct 12, 2018
```
Updates gitlab-svg dependency

See merge request gitlab-org/gitlab-ce!22299
```
  0047869c
- Merge branch 'ce-to-ee-2018-10-12' into 'master' · 8ea0dcda
  Marin Jankovski authored Oct 12, 2018
```
CE upstream - 2018-10-12 12:21 UTC

See merge request gitlab-org/gitlab-ee!7907
```
  8ea0dcda
- Merge branch 'update-pages-to-1-2-again' into 'master' · 32055e21
  Stan Hu authored Oct 12, 2018
```
Update GitLab Pages to v1.2.1

See merge request gitlab-org/gitlab-ce!22318
```
  32055e21
- Drop support for Go 1.9 in GitLab 11.4 · fc4acfa9
  Jacob Vosmaer authored Oct 12, 2018
  
  fc4acfa9
- Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-10-12 · 2090b217
  GitLab Bot authored Oct 12, 2018
  
  2090b217
- Merge branch 'ce-to-ee-2018-10-12' into 'master' · d05e0ae3
  Filipa Lacerda authored Oct 12, 2018
```
CE upstream - 2018-10-12 11:21 UTC

See merge request gitlab-org/gitlab-ee!7906
```
  d05e0ae3
- Fix the event API docs · ae0e7566
  Nick Thomas authored Oct 12, 2018
  
  ae0e7566
- Merge branch '52608-sidebar' into 'master' · e6a6e15e
  Tim Zallmann authored Oct 12, 2018
```
Hide job sidebar on mobile

Closes #52608

See merge request gitlab-org/gitlab-ce!22314
```
  e6a6e15e
- Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-10-12 · 5b39f56a
  GitLab Bot authored Oct 12, 2018
  
  5b39f56a
- Merge branch '52361-fix-file-tree-mobile' into 'master' · 8d9f4670
  Filipa Lacerda authored Oct 12, 2018
```
Resolve "Make file browser hidden by default for mobile screens" and improve layout in small screens too

Closes #52361

See merge request gitlab-org/gitlab-ce!22273
```
  8d9f4670