- 27 Nov, 2019 6 commits
-
-
Alessio Caiazza authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
- 26 Nov, 2019 27 commits
-
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
Update Workhorse and Gitaly to fix a security issue See merge request gitlab/gitlabhq!3499
-
GitLab Release Tools Bot authored
Escape namespace in label references Closes #2941 See merge request gitlab/gitlabhq!3509
-
GitLab Release Tools Bot authored
Use Gitlab::HTTP for all chat notifications See merge request gitlab/gitlabhq!3517
-
GitLab Release Tools Bot authored
GitLab stores AWS, Slack, Askimet, reCaptcha tokens in plaintext See merge request gitlab/gitlabhq!3518
-
GitLab Release Tools Bot authored
Prevent guests from seeing commits for cycle analytics See merge request gitlab/gitlabhq!3519
-
GitLab Release Tools Bot authored
Fix private comment Elasticsearch leak See merge request gitlab/gitlabhq!3521
-
GitLab Release Tools Bot authored
Hide AWS secret on Admin Integration page See merge request gitlab/gitlabhq!3525
-
Justin Ho Tuan Duong authored
-
GitLab Release Tools Bot authored
Related Branches Visible to Guests in Issue Activity See merge request gitlab/gitlabhq!3537
-
GitLab Release Tools Bot authored
Fix invalid byte sequence See merge request gitlab/gitlabhq!3545
-
GitLab Release Tools Bot authored
Check permissions before showing a forked project's source See merge request gitlab/gitlabhq!3554
-
GitLab Release Tools Bot authored
Ensure attributes that end in `_ids` are cleaned See merge request gitlab/gitlabhq!3561
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Bot authored
-
Arturo Herrero authored
We had concerns about the cached values on Redis with the previous two releases strategy: First release (this commit): - Create new encrypted fields in the database. - Start populating new encrypted fields, read the encrypted fields or fallback to the plaintext fields. - Backfill the data removing the plaintext fields to the encrypted fields. Second release: - Remove the virtual attribute (created in step 2). - Drop plaintext columns from the database (empty columns after step 3). We end up with a better strategy only using migration scripts in one release: - Pre-deployment migration: Add columns required for storing encrypted values. - Pre-deployment migration: Store the encrypted values in the new columns. - Post-deployment migration: Remove the old unencrypted columns
-
Arturo Herrero authored
This is the plan to encrypt the plaintext tokens: First release (this commit): 1. Create new encrypted fields in the database. 2. Start populating new encrypted fields, read the encrypted fields or fallback to the plaintext fields. 3. Backfill the data removing the plaintext fields to the encrypted fields. Second release: 4. Remove the virtual attribute (created in step 2). 5. Drop plaintext columns from the database (empty columns after step 3).
-
GitLab Bot authored
-
Imre Farkas authored
-
DJ Mountney authored
This prevents an issue where you can steal other projects objects by asking for ids that don't belong to you in import.
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
- 25 Nov, 2019 7 commits
-
-
GitLab Bot authored
-
GitLab Bot authored
-
GitLab Bot authored
-
Nick Thomas authored
-
GitLab Bot authored
-
Nick Thomas authored
-
GitLab Bot authored
-