An error occurred fetching the project authors.
- 04 Feb, 2019 1 commit
-
-
Jan Provaznik authored
This engine was replaced with CommonMarker in 11.4, it was deprecated since then.
-
- 31 Jan, 2019 3 commits
-
-
Yorick Peterse authored
In commit 6fa5fd85 the `require: false` was removed to ensure the Gem was loaded at run time. Unfortunately, the `require` necessary for the rubyzip Gem is "zip" and not "rubyzip". As a result, Bundler would not require the Gem. This meant that we would still run into constant errors when referring to `Zip::File`.
-
Stan Hu authored
pages:deploy step was failing with the following error: ``` unitialized constant SafeZip::Extract::Zip ``` Since license_finder already pulls in rubyzip, we can make it a required gem. We also use the scope operator to make the reference to Zip::File explicit.
-
Kamil Trzciński authored
RubyZip allows us to perform strong validation of expanded paths where we do extract file. We introduce the following additional checks to extract routines: 1. None of path components can be symlinked, 2. We drop privileges support for directories, 3. Symlink source needs to point within the target directory, like `public/`, 4. The symlink source needs to exist ahead of time.
-
- 30 Jan, 2019 3 commits
-
-
Fatih Acet authored
v2.1.0 was published wrongly by the package author.
-
Fatih Acet authored
-
Fatih Acet authored
-
- 25 Jan, 2019 1 commit
-
-
Thong Kuah authored
http_max_redirects was introduced in 4.2.2, so upgrade kubeclient. The monkey-patch was global so we will have to check that all instances of Kubeclient::Client are handled. Spec all methods of KubeClient This should provide better confidence that we are indeed disallowing redirection in all cases
-
- 17 Jan, 2019 2 commits
-
-
Brett Walker authored
-
Andrew Newdigate authored
This change will instantiate an OpenTracing tracer and configure it as the global tracer when the GITLAB_TRACING environment variable is configured. GITLAB_TRACING takes a "connection string"-like value, encapsulating the driver (eg jaeger, etc) and options for the driver. Since each service, whether it's written in Ruby or Golang, uses the same connection-string, it should be very easy to configure all services in a cluster, or even a single development machine to be setup to use tracing. Note that this change does not include instrumentation or propagation changes as this is a way of breaking a previous larger change into components. The instrumentation and propagation changes will follow in separate changes.
-
- 15 Jan, 2019 1 commit
-
-
Pirate Praveen authored
-
- 11 Jan, 2019 1 commit
-
-
Jared Deckard authored
-
- 08 Jan, 2019 1 commit
-
-
Brett Walker authored
and truncato to 0.7.11
-
- 03 Jan, 2019 1 commit
-
-
Stan Hu authored
This will allow developers to run `bundle install` on both directories and avoid additional calls to RubyGems for local development. Also sets up the possibility of improved caching as mentioned in https://gitlab.com/gitlab-org/gitlab-ce/issues/55843.
-
- 30 Dec, 2018 1 commit
-
-
Stan Hu authored
This prevents us from shipping duplicate versions of this gem.
-
- 29 Dec, 2018 1 commit
-
-
Stan Hu authored
* omniauth-google-oauth2: Google will be deprecating its support for the Google+ API, which currently omniauth-google-oauth2 uses to retrieve user info. The bump in omniauth-google-oauth2 requires an upgrade to ruby-jwt v2+ to support the verification of multiple issue providers (https://github.com/zquestz/omniauth-google-oauth2/pull/345). * jwt: This has the most number of changes that need to be reviewed: https://github.com/jwt/ruby-jwt/blob/master/CHANGELOG.md * oauth2: Needed to support ruby-jwt v2+: https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md * omniauth-azure-oauth2 needs a version bump to support ruby-jwt v2+. * omniauth: This version bump only involves backstage improvements: https://github.com/omniauth/omniauth/releases Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/55668
-
- 27 Dec, 2018 1 commit
-
-
Pirate Praveen authored
-
- 24 Dec, 2018 1 commit
-
-
Stan Hu authored
Full list of changes: https://github.com/carrierwaveuploader/carrierwave/blob/master/CHANGELOG.md
-
- 21 Dec, 2018 3 commits
-
-
Jan Provaznik authored
should fix issue with: undefined method `schema_migrations_table_name' for ActiveRecord::Migrator:Class https://gitlab.com/gitlab-org/gitlab-ee/-/jobs/135978879
-
blackst0ne authored
Fix the CVE-2018-16476 vulnerability.
-
Pirate Praveen authored
Fixes: ActionView::Template::Error (undefined method `add_class' for #<Nokogiri::XML::Element:0x0055dbff5252e8>
-
- 19 Dec, 2018 2 commits
-
-
Valery Sizov authored
-
Zeger-Jan van de Weg authored
This action doesn't lean on reduplication, so a short call can me made to the Gitaly server to have the object pool remove its remote to the project pending deletion. https://gitlab.com/gitlab-org/gitaly/blob/f6cd55357/internal/git/objectpool/link.go#L58 When an object pool doesn't have members, this would invalidate the need for a pool. So when a project leaves the pool, the pool will be destroyed on the background. Fixes: https://gitlab.com/gitlab-org/gitaly/issues/1415
-
- 17 Dec, 2018 3 commits
-
-
Stan Hu authored
Even in AWS S3 compatibility mode, Google now appears to reject requests that includes this header with this error: ``` Requests cannot specify both x-amz and x-goog headers ``` This has been submitted upstream via https://github.com/carrierwaveuploader/carrierwave/pull/2356. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/53846.
-
Valery Sizov authored
-
Jasper Maes authored
-
- 14 Dec, 2018 1 commit
-
-
Jasper Maes authored
-
- 12 Dec, 2018 1 commit
-
-
Pirate Praveen authored
-
- 06 Dec, 2018 2 commits
-
-
Francisco Javier López authored
-
Nick Thomas authored
-
- 04 Dec, 2018 1 commit
-
-
Douwe Maan authored
-
- 03 Dec, 2018 2 commits
-
-
Matthias Fechner authored
-
Abulhair Saparov authored
-
- 29 Nov, 2018 1 commit
-
-
Matthias Fechner authored
Currently a dependency for grape `~> 1.1` is defined but gitlab does not work with `grape` version `1.2` installed. Fix version of `grape` to 1.1.x.
-
- 28 Nov, 2018 1 commit
-
-
Kamil Trzciński authored
Rack with Unicorn is unable to handle chunked requests due to private `eof?` method. This exposes `eof?` not changing `rack` behavior. Issue: https://gitlab.com/gitlab-org/gitlab-ee/issues/8539
-
- 27 Nov, 2018 1 commit
-
-
Nick Thomas authored
-
- 26 Nov, 2018 2 commits
-
-
Thong Kuah authored
Bumps kubeclient and its dependencies from 3.1.0 to 4.0.0.
-
Bob Van Landuyt authored
-
- 22 Nov, 2018 1 commit
-
-
Stan Hu authored
This gem is only used for development, and the latest version has been tested with Rails 5/Ruby 2.5. Changes: https://github.com/BetterErrors/better_errors/releases
-
- 19 Nov, 2018 1 commit
-
-
Stan Hu authored
loofah: CVE-2018-16468: https://github.com/flavorjones/loofah/issues/154 nokogiri: CVE-2018-14404 and CVE-2018-14567 https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md rack: CVE-2018-16471 https://github.com/rack/rack/commit/e5d58031b766e49687157b45edab1b8457d972bd i18n: https://github.com/svenfuchs/i18n/releases concurrent-ruby: https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md
-