- 26 Mar, 2015 10 commits
-
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
Prevent unnecessary doubling of js events on import pages and user calendar Adding document.ready in Turbolinks make duplicating of events EVERY visit of page. In example of user calendar it causes N+1 times ajax request every time you visit user page. cc @vsizov See merge request !456
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
Fix code unfold not working on Compare commits page ### What does this MR do? The code unfold buttons (`...`) don't work when you go to Commits -> Compare mode. This MR fixes that. ### Are there points in the code the reviewer needs to double check? Check to make sure all the right initializers are run in the `projects:compare:xxx` case. I'm also not sure if there are other cases where a diff is shown but the code unfolding is not activated. ### What are the relevant issue numbers / [Feature requests](http://feedback.gitlab.com/)? Closes #1274 See merge request !434
-
Dmitriy Zaporozhets authored
Change ordering so that confirm is removed from attrs before attempting to User.build_user Possible fix gitlab-org/gitlab-ce#1296 See merge request !445
-
Dmitriy Zaporozhets authored
[doc] Groups can be browsable if they contain at least one public project. See merge request !451
-
Dmitriy Zaporozhets authored
Notification on project moving Moving of project should respect notification settings https://dev.gitlab.org/gitlab/gitlabhq/issues/2091 See merge request !452
-
Dmitriy Zaporozhets authored
Prevent doubling AJAX request with each commit visit via Turbolink Be careful with `document.ready` in views
😃 cc @vsizov @marin See merge request !454
-
- 25 Mar, 2015 19 commits
-
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
Faster merge request processing for large repository
-
Dmitriy Zaporozhets authored
Allow HTML tags in user Markdown input
-
Valery Sizov authored
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
More rubocop styles See merge request !449
-
nicklegr authored
[ci skip]
-
nicklegr authored
* Reduces overhead of git checkout
-
Achilleas Pipinellis authored
-
Hannes Rosenögger authored
Documentation - Markdown - added missing line-break info as promised, I updated the Markdown documentation with the line-breaks info See merge request !186
-
Robert Schilling authored
-
Robert Schilling authored
Fix GitLab shell setup spacing
-
Dmitriy Zaporozhets authored
Respond with full GitAccess error if user has project read access. Should help with debugging #1236. cc @marin See merge request !437
-
Dmitriy Zaporozhets authored
Improve sticky headers in diffs * disable sticky headers in discussion * enable sticky header on mr page with you click changes tab See merge request !450
-
Vinnie Okada authored
-
Dmitriy Zaporozhets authored
* disable sticky headers in discussion * enable sticky header on mr page with you click changes tab
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
Milestones and labels can be used even when issues are disabled. When Issues are disabled for a project Milestones and Labels can still be used for Merge Requests. See merge request !1739
-
- 24 Mar, 2015 11 commits
-
-
Dmitriy Zaporozhets authored
Change merge request button color based on CI status Green button looks confusing when CI fails Screenshots: ![ci-warn](https://gitlab.com/gitlab-org/gitlab-ce/uploads/f8166c9acf35f9d886f37f52f975acfb/ci-warn.png) ![ci-can](https://gitlab.com/gitlab-org/gitlab-ce/uploads/d7319c4c567c42a47d79953191384f96/ci-can.png) See merge request !448
-
Dmitriy Zaporozhets authored
Link note avatar to user. See merge request !446
-
Dmitriy Zaporozhets authored
Clean up subscriptions when user is deleted. cc @vsizov See merge request !439
-
Dmitriy Zaporozhets authored
Update rugments to 1.0.0.beta6 to fix C# highlighting. Fixes #1259. See merge request !435
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
-
Dmitriy Zaporozhets authored
Unescape branch param to delete
-
Dmitriy Zaporozhets authored
Complete transition to using color_field for selecting colors
-
Marin Jankovski authored
-
Dmitriy Zaporozhets authored
Reduce Rack Attack false positives causing 403 errors during HTTP authentication ### What does this MR do? This MR reduces false positives causing `403 Forbidden` messages after HTTP authentication. A Git client may attempt to access a repository without a password. If it receives a 401 error, the client often will try again, this time supplying a password. The problem is that `grack_auth.rb` considers a blank password an authentication failure and increases a Redis counter each time this happens. With enough requests, an IP can be banned temporarily even though previous attempts may have been successful. This leads users to see `403 Forbidden` errors until the ban times out (default: 1 hour). To reduce the chance of a false positive, this MR resets the counter upon a successful authentication from an IP. In addition, this MR logs when a user has been banned and introduces the ability to disable Rack Attack via a config variable. ### Are there points in the code the reviewer needs to double check? rack-attack v4.2.0 doesn't support the ability to clear counters out of the box, so `rack_attack_helpers.rb` includes a number of monkey patches to make it work. It looks like this functionality may be added in v4.3.0. I've also sent pull requests to rack-attack to add the functionality necessary to delete a key. Each time an authentication is successful, the Redis counter for that IP is cleared. I deemed it better to clear the counter than to allow for blank passwords, since the latter seems like a security risk. ### Why was this MR needed? It was quite difficult to figure out why users were seeing `403 Forbidden`, which is why the log message was added. Users were getting a lot of false positives when accessing repositories with HTTPS. Including the username in the HTTPS URL (e.g. `https://username@mydomain.com/account/repo.git`) caused authentication failures because while the git client provided the username, it left the password blank, leading to an authentication failure. ### What are the relevant issue numbers / [Feature requests](http://feedback.gitlab.com/)? See Issue #1171 https://github.com/kickstarter/rack-attack/issues/113 See merge request !392
-