An error occurred fetching the project authors.
- 25 Mar, 2020 1 commit
-
-
GitLab Release Tools Bot authored
Validate NPM package versions to be SemVer compliant Closes #96 See merge request gitlab-org/security/gitlab!359
-
- 24 Mar, 2020 39 commits
-
-
GitLab Release Tools Bot authored
Authorize create snippet through API request Closes #59 See merge request gitlab-org/security/gitlab!206
-
GitLab Release Tools Bot authored
Reject blocked users in Gitlab::Auth.find_for_git_client Closes #65 See merge request gitlab-org/security/gitlab!233
-
GitLab Release Tools Bot authored
Fix XSS vulnerability in admin email "Recipient Group" dropdown See merge request gitlab-org/security/gitlab!268
-
Peter Hegman authored
Dropdown is found at `admin/email`. Passes dropdown options through `sanitizeItem`. To prevent errors `sanitizeItem` is updated to check if `name` and `namespace` keys exist before sanitizing.
-
GitLab Release Tools Bot authored
Prevent updating trigger by other maintainers See merge request gitlab-org/security/gitlab!269
-
GitLab Release Tools Bot authored
Restrict mirroring changes to admins only when mirroring is disabled See merge request gitlab-org/security/gitlab!275
-
GitLab Release Tools Bot authored
Prevent malicious entry for group name See merge request gitlab-org/security/gitlab!281
-
GitLab Release Tools Bot authored
Redact notes in moved confidential issues See merge request gitlab-org/security/gitlab!294
-
GitLab Release Tools Bot authored
Deny localhost requests on fogbugz importer See merge request gitlab-org/security/gitlab!295
-
GitLab Release Tools Bot authored
Ignore empty remote_id params from Workhorse See merge request gitlab-org/security/gitlab!314
-
Markus Koller authored
In https://gitlab.com/gitlab-org/security/gitlab-workhorse/-/merge_requests/3 we're changing Workhorse to always send empty values for unused fields, to avoid any injected client parameters overriding them. This causes an error in Rails because we're not checking for empty strings in `remote_id` and attempting to store a remote file: ``` ObjectStorage::RemoteStoreError - Bad file path: app/uploaders/object_storage.rb:353:in `cache_remote_file!' ```
-
GitLab Release Tools Bot authored
Restrict access to project pipeline metrics reports See merge request gitlab-org/security/gitlab!323
-
GitLab Release Tools Bot authored
Add permission check for pipeline status of MR See merge request gitlab-org/security/gitlab!336
-
GitLab Release Tools Bot authored
Exclude carrierwave remote url methods from import Closes #97 See merge request gitlab-org/security/gitlab!364
-
GitLab Release Tools Bot authored
UploadRewriter Path Traversal Security Fix See merge request gitlab-org/security/gitlab!365
-
Sean McGivern authored
Improve discord messages See merge request gitlab-org/gitlab!27812
-
Peter Leitzen authored
Ensure VSM stage has relative position See merge request gitlab-org/gitlab!27801
-
Sean McGivern authored
Fix broadcast message rendering See merge request gitlab-org/gitlab!27755
-
Sean McGivern authored
Revert has_parent? optimization Closes #36938 See merge request gitlab-org/gitlab!27668
-
Peter Leitzen authored
Separate code review, design, group module into own module files See merge request gitlab-org/gitlab!27860
-
Rajendra Kadam authored
-
Sean McGivern authored
Attribute background migrations to database category See merge request gitlab-org/gitlab!27777
-
Imre Farkas authored
Remove state column ignore rule See merge request gitlab-org/gitlab!27690
-
Phil Hughes authored
Migrate security-dashboard vulnerability mutations specs to Jest See merge request gitlab-org/gitlab!27286
-
Dmytro Zaporozhets authored
#30526 (B) [BE] Wiki Events (services) See merge request gitlab-org/gitlab!26533
-
Sean McGivern authored
Cache ES enabled namespaces and projects See merge request gitlab-org/gitlab!27348
-
Dmitry Gruzd authored
SELECT query involving `elasticsearch_indexed_projects` table consumes a lot of resources. The query itself is not slow (13.224 ms/call), but it happens almost 100 times per second. This change implements caching of `elasticsearch_indexed_projects` and `elasticsearch_indexed_namespaces`.
-
Bob Van Landuyt authored
De-duplicate groups_controller spec See merge request gitlab-org/gitlab!27874
-
Bob Van Landuyt authored
Expose created_at property in Groups API See merge request gitlab-org/gitlab!27824
-
Bob Van Landuyt authored
Prevent creation of .env file See merge request gitlab-org/gitlab!21174
-
Dmytro Zaporozhets authored
Use `license_scanning` licensed feature in tests See merge request gitlab-org/gitlab!27752
-
Tetiana Chupryna authored
All code related to `license_management` is scheduled to be deprecated after 13.0 https://gitlab.com/gitlab-org/gitlab/-/issues/8912
-
Phil Hughes authored
Add toggle all discussions button to MRs Closes #15328 See merge request gitlab-org/gitlab!24670
-
Diego Louzán authored
New button 'Toggle all discussions' next to 'Jump to next unresolved thread', toggles expanded / not expanded state of all discussions
-
Bob Van Landuyt authored
Add issues to graphQL group endpoint See merge request gitlab-org/gitlab!27789
-
David Fernandez authored
Using the official SemVer regex: https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
-
Shinya Maeda authored
Multiple Evidences for a Release See merge request gitlab-org/gitlab!26509
-
Sean Carroll authored
Part of https://gitlab.com/gitlab-org/gitlab/issues/199065 See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/26509
-
Phil Hughes authored
Add notification dot on user avatar See merge request gitlab-org/gitlab!27626
-