- 27 May, 2020 1 commit
-
-
Marc Jeanmougin authored
-
- 23 May, 2020 5 commits
-
-
Stan Hu authored
Go Module Proxy MVC Closes #27376 See merge request gitlab-org/gitlab!27746
-
Ethan Reesor authored
- Various fixes and improvements - Hide proxy behind a feature flag, due to performance issues: #218083 - Add a feature flag for testing to disable strict go.mod validation - Document why case en/decoding is necessary - Refactor pseudo-version processing - Move logic from VersionFinder to ModuleHelpers - Document reasoning for matching and validation - Replace BasicAuthHelper and custom method with route setting - Use serach_files_by_name instead of tree to improve performance - Use correct content type for zip: closes #214876
-
Ethan Reesor authored
- Reduce coupling between GoModule and VersionFinder - Do not fetch go.mod when blobs have already been fetched
-
Ethan Reesor authored
-
Ethan Reesor authored
- Various fixes and tweaks - Improve checksum database documentation
-
- 22 May, 2020 34 commits
-
-
Ethan Reesor authored
-
Ethan Reesor authored
-
Ethan Reesor authored
-
Ethan Reesor authored
- Resolve discussions on !27746 - Document fetching private packages via `.netrc` - Include required scope for API token
-
Ethan Reesor authored
- Clean up pseudo-version logic - Batch and memoize fetching blobs for a version + Fixes Gitaly N+1 - Remove archive generation from GoProxy (into GoModuleVersion) - Test module finder for path traversal - Also, add GitLab version to GoProxy API details
-
Ethan Reesor authored
See !27746 - Fix rubocop disable comments - Move `before` block to before tests - Correct rubocop alerts due to new rules - Use shared examples to clarify Go proxy spec - Enable HTTP Basic authentication for Go proxy + Support both HTTP basic and normal token header/query var + Remove custom `find_project!` helper and use basic auth helpers - Validate GoModuleVersion type attribute - Implement testing factories - Implement specs for untested new classes - Add a Settings helper for Go URLs
-
Ethan Reesor authored
-
Ethan Reesor authored
- Allow CI job tokens - Return 401 when project is not public and request is not authenticated - Add assertions to spec to verify authn/authz
-
Ethan Reesor authored
-
Ethan Reesor authored
-
Ethan Reesor authored
- Fix zip entry paths. The Go proxy spec requires zip entries to conform to `module@version/file`, where `file` is the path within the module. - Fix /v2+ handling. For major versions 2+, the module name must include the major version as a suffix, e.g. /v2. - Handle case encoding. Requests to the Go proxy encode uppercase characters in URLs as '!' followed by the character in lowercase. - Per Zoom discussion with @trizzi, @sabrams, and team, modules with an invalid module name in go.mod will be ignored, initially.
-
Ethan Reesor authored
-
Ethan Reesor authored
- Call package authorization helpers - Add change long entry - Fix rubocop violations - Add basic documentation
-
Ethan Reesor authored
Implement models, entities, presenters
-
Ethan Reesor authored
-
Suzanne Selhorn authored
Docs: Add pages global configs descriptions See merge request gitlab-org/gitlab!30901
-
Keven Hughes authored
-
Mayra Cabrera authored
Remove connection pool metrics env var See merge request gitlab-org/gitlab!32550
-
Enrique Alcántara authored
Update data fetch strategy when variable updates See merge request gitlab-org/gitlab!32720
-
Douglas Barbosa Alexandre authored
Revert "Refactor project_or_wiki to container" See merge request gitlab-org/gitlab!32828
-
Enrique Alcántara authored
Pin @gitlab/ui to v14.14.2 See merge request gitlab-org/gitlab!32855
-
Nathan Friend authored
Add direct links to environments/index.md See merge request gitlab-org/gitlab!32853
-
Douglas Barbosa Alexandre authored
Resolve "Geo: Design thumbnails are not replicated" Closes #218557 See merge request gitlab-org/gitlab!32703
-
Nick Nguyen authored
-
Igor Drozdov authored
Extend "Remember me" token after each login Closes #20340 See merge request gitlab-org/gitlab!32730
-
Robert Speicher authored
Merge branch '215195-update-api-responses-to-include-section-of-approvalmergerequestrule' into 'master' Update API responses to include "section" of ApprovalMergeRequestRule Closes #215195 See merge request gitlab-org/gitlab!32800
-
Kerri Miller authored
-
Dhiraj Bodicherla authored
Currently, the variables section component fetches data. This MR updates it so that when variable values update action is called, data is fetched via vuex actions
-
Illya Klymov authored
Geo Form Validations Closes #213732 See merge request gitlab-org/gitlab!32263
-
Illya Klymov authored
Migrate toggle_buttons spec to Jest See merge request gitlab-org/gitlab!32869
-
Paul Slaughter authored
Refactor state initialization for monitoring dashboard See merge request gitlab-org/gitlab!32529
-
Paul Gascou-Vaillancourt authored
-
Stan Hu authored
[GQL] Add author and merged-at fields to MergeRequest type See merge request gitlab-org/gitlab!30935
-
Stan Hu authored
This change will allow users to be logged in continuously as long as they access GitLab once every 2 weeks and they click the "Remember me" button upon login. Previously the session limit would be fixed to a hard deadline of 2 weeks after the login. In more detail, GitLab uses both a session and a persistent cookie: 1. Session Cookie: The `_gitlab_session` is a cookie with no expiration date. A cookie with no expiration date specified will expire when the browser is closed. These are often called session cookies because they are removed after the browser session ends, usually when the browser is closed. 2. Persistent Cookie: The `remember_me_token` is a cookie with a 2-week expiration date. This is used if you click `Remember Me` upon login. 3. By default, the server will set a time-to-live (TTL) of 1-week on any session that is used. Note that browsers don't always remove session cookies if they are closed. For example, Chrome has the `Continue where you left off` option that restores session cookies after they are closed. This means as long as your browser tab is open, you could remain signed in with GitLab as long as you accessed GitLab at least once every 2 weeks, whether or not 2FA is installed. The server will keep resetting the TTL for that session. If you close your browser and open it up again, the `Remember me` token will allow your user to reauthenticate itself. Without the `extend_remember_period` flag, the cookie expires after a fixed 2 weeks, and you are forced to login again. Closes https://gitlab.com/gitlab-org/gitlab/-/issues/20340
-