Commits · bbe836b2042079b4728c8b25a474399682af466f · nexedi / gitlab-ce

01 Sep, 2017 1 commit

Unmark the commit author/committer link as HTML-safe · bbe836b2

Robert Speicher authored Sep 01, 2017

We now make use of the `content_tag` helper so that the untrusted input
is escaped and the trusted output is then automatically safe. When we
don't need to wrap the name in a `span` tag (when `avatar` is falsey),
it's treated as unsafe by default, so no further sanitization/escaping
is necessary.

bbe836b2

31 Aug, 2017 1 commit
- Update commits_helper.rb to use sanitize instead of simple_sanitize · 65649b9f
  Tim Zallmann authored Aug 31, 2017
  
  65649b9f
30 Aug, 2017 1 commit
- Fixes Username Value Exposing · 285fadcb
  Tim Zallmann authored Aug 30, 2017
  
  285fadcb
29 Aug, 2017 2 commits
- resolve conflicts from 4c7449e4 · e7757486
  Simon Knox authored Aug 29, 2017
  
  e7757486
- Merge branch 'race-condition-in-project-uploads-fix-9-4' into 'security-9-4' · 4c7449e4
  Sean McGivern authored Jul 24, 2017
```
Fixes race condition in project uploads

See merge request !2141
```
  4c7449e4
28 Aug, 2017 3 commits
- Merge branch 'dm-go-get-xss' into 'security-9-3' · f4a4aa0d
  Robert Speicher authored Jun 29, 2017
```
Fix XSS issue in go-get handling

See merge request !2128
```
  f4a4aa0d
- Merge branch '9-5-stable' into security-9-5 · ade602fd
  Simon Knox authored Aug 29, 2017
  
  ade602fd
- Merge branch 'fix-user-select-dropdown-escaping' into 'security-9-5' · a587bf29
  Clement Ho authored Aug 28, 2017
```
Fixes the User Selection Display (9.5)

See merge request gitlab/gitlabhq!2177
```
  a587bf29
27 Aug, 2017 1 commit
- Merge branch 'sh-system-hooks-ldap-users' into 'master' · 7e7d2524
  Grzegorz Bizon authored Aug 27, 2017
```
Fire system hooks when a user is created via LDAP or OAuth

Closes #37073

See merge request !13846
```
  7e7d2524
26 Aug, 2017 1 commit
- Merge branch '9-5-stable' into security-9-5 · fd60f374
  Gabriel Mazetto authored Aug 27, 2017
  
  fd60f374
25 Aug, 2017 8 commits
- Merge branch 'fix-old-mr-diffs' into 'master' · 9031bb47
  Douwe Maan authored Aug 24, 2017
```
Fix old MR diffs

Closes #36516

See merge request !13744
```
  9031bb47
- Merge branch 'fix-push-events-branch-removals' into 'master' · f7d04e34
  Sean McGivern authored Aug 23, 2017
```
Fix displaying events of removed events and events without commit messages

Closes #36685 and #36722

See merge request !13721
```
  f7d04e34
- Merge branch 'remove-tooltip-filtered-search-user' into 'master' · 5cd8b331
  Tim Zallmann authored Aug 23, 2017
```
Remove tooltip from filtered search user

Closes #36696

See merge request !13752
```
  5cd8b331
- Merge branch 'zj-fix-fe-blank-button' into 'master' · 24e2c39f
  Clement Ho authored Aug 23, 2017
```
Fix blank button not resetting project template value

Closes #36816

See merge request !13757
```
  24e2c39f
- Merge branch 'fix/gitlay-raw-blame-request-encoding' into 'master' · fcbca7d9
  Robert Speicher authored Aug 23, 2017
```
Properly encode Gitaly RawBlame request params

See merge request !13764
```
  fcbca7d9
- Merge branch 'dm-ldap-adapter-attributes' into 'master' · ccdc2604
  Robert Speicher authored Aug 23, 2017
```
Support simple string LDAP attribute specifications, and search for name rather…

Closes #36841

See merge request !13776
```
  ccdc2604
- Merge branch '36709-gpg-status' into 'master' · 844dd34a
  Clement Ho authored Aug 23, 2017
```
Fix alignment of gpg status

Closes #36709

See merge request !13772
```
  844dd34a
- Merge branch '36589-hide-group-name-on-collapse' into 'master' · 4c477418
  Clement Ho authored Aug 24, 2017
```
Hide group title on sidebar collapse; use more generic class for titles

Closes #36589

See merge request !13777
```
  4c477418
24 Aug, 2017 6 commits
- Merge branch 'rs-stub-storage-availability-check' into 'master' · bc70d156
  Douwe Maan authored Aug 23, 2017
```
Stub `ForkedStorageCheck.storage_available?` by default in all specs

See merge request !13726
```
  bc70d156
- Merge branch 'fix-broken-testing-of-some-integrations' into 'master' · 23eae7ed
  Douwe Maan authored Aug 23, 2017
```
Fix inability to test some project integrations

Closes gitlab-ee#3194

See merge request !13729
```
  23eae7ed
- Merge branch '36496-badges-should-not-be-huge' into 'master' · e9c4fe9f
  Clement Ho authored Aug 22, 2017
```
Resolve "Badges should not be HUGE"

Closes #36496

See merge request !13635
```
  e9c4fe9f
- Fixes the User Selection Display · ae321c89
  Tim Zallmann authored Aug 24, 2017
  
  ae321c89
- Merge branch 'update-pages-9-5' into 'security-9-5' · b01f5e85
  Douwe Maan authored Aug 24, 2017
```
Update GitLab Pages (9.5)

See merge request !2159
```
  b01f5e85
- Merge branch '9-5-stable' into security-9-5 · 667917ab
  Gabriel Mazetto authored Aug 24, 2017
  
  667917ab
23 Aug, 2017 3 commits
- Update VERSION to 9.5.1 · c47ae372
  Simon Knox authored Aug 23, 2017
  
  c47ae372
- Update CHANGELOG.md for 9.5.1 · 760b45f0
  Simon Knox authored Aug 23, 2017
```
[ci skip]
```
  760b45f0
- Merge branch '9-5-stable' into security-9-5 · f024f7ef
  Gabriel Mazetto authored Aug 23, 2017
  
  f024f7ef
22 Aug, 2017 13 commits
- Include missing Gitlab::GitalyClient.encode method in 9-5-stable · 72f26255
  Alejandro Rodríguez authored Aug 22, 2017
  
  72f26255
- Merge branch 'fix/gb/fix-head-pipeline-when-pipeline-has-errors' into 'master' · 613a02b4
  Kamil Trzciński authored Aug 21, 2017
```
Fix merge request head pipeline when pipeline has errors

Closes #36657

See merge request !13664
# Conflicts:
#	spec/services/ci/create_pipeline_service_spec.rb
```
  613a02b4
- Merge branch 'fix-broadcast-message-caching' into 'master' · 853fa726
  Sean McGivern authored Aug 22, 2017
```
Fix caching of future broadcast messages

Closes #36661

See merge request !13667
```
  853fa726
- Merge branch 'zj-fix-import-gitlab-export-form' into 'master' · cc370bc8
  Douwe Maan authored Aug 22, 2017
```
Update form to properly set the path

Closes #36519

See merge request !13722
```
  cc370bc8
- Merge branch '36721-rename-repo-text' into 'master' · 652817fb
  Annabel Dunstone Gray authored Aug 22, 2017
```
36721 Remove incorrect paragraph regarding renaming repos in settings

Closes #36721

See merge request !13718
```
  652817fb
- Merge branch 'git-gc-raise-lease-timeotu' into 'master' · 54830c85
  Sean McGivern authored Aug 22, 2017
```
Raise Git GC (Housekeeping) Lease Timeout to 24h

See merge request !13719
```
  54830c85
- Merge branch 'bvl-circuitbreaker-settings-to-avoid-failures' into 'master' · 8171e1f6
  Rémy Coutable authored Aug 16, 2017
```
Circuitbreaker settings to avoid spec-failures

Closes #36324

See merge request !13519
```
  8171e1f6
- Merge branch 'gitaly-tree-entries-encoding' into 'master' · 809ac80a
  Robert Speicher authored Aug 21, 2017
```
Correctly encode string params for Gitaly's TreeEntries RPC

Closes #36720

See merge request !13724
```
  809ac80a
- Merge branch 'rs-git-access-spec-speed' into 'master' · b7712260
  Douwe Maan authored Aug 21, 2017
```
Greatly reduce test duration for git_access_spec

See merge request !13675
```
  b7712260
- Merge branch '36533-add-docs-for-group-issues-page-and-group-merge-requests-page' into 'master' · 664b1d36
  Marcia Ramos authored Aug 21, 2017
```
Add docs for group issues page and group merge requests page

Closes #36533

See merge request !13678
```
  664b1d36
- Merge branch 'only-limit-fetch-when-requested' into 'master' · a1a4351a
  Robert Speicher authored Aug 21, 2017
```
Only require sidekiq-limit_fetch when enabled in settings

Closes #36253

See merge request !13715
```
  a1a4351a
- Merge branch '36458-user-profile-activity-feed-contains-broken-image-links' into 'master' · 47888482
  Phil Hughes authored Aug 21, 2017
```
Resolve "User profile activity feed contains broken image links"

Closes #36458

See merge request !13606
```
  47888482
- Merge branch 'remove-user-bundle' into 'master' · 4e813f1d
  Tim Zallmann authored Aug 21, 2017
```
Remove superfluous users bundle

See merge request !13684
```
  4e813f1d