- 29 Aug, 2019 9 commits
-
-
GitLab Release Tools Bot authored
Clear reset_password_tokens when login (email or username) change See merge request gitlab/gitlab-ee!1193
-
GitLab Release Tools Bot authored
Prevent disclosure of merge request id via email See merge request gitlab/gitlab-ee!1198
-
GitLab Release Tools Bot authored
Restrict MergeRequests#test_reports to authenticated users with read-access on Builds See merge request gitlab/gitlab-ee!1203
-
GitLab Release Tools Bot authored
Add direct upload support for personal snippets See merge request gitlab/gitlab-ee!1208
-
GitLab Release Tools Bot authored
admin_group authorization for Groups::RunnersController See merge request gitlab/gitlab-ee!1213
-
GitLab Release Tools Bot authored
Re-escape the whole HTML content when finding HTML references See merge request gitlab/gitlab-ee!1217
-
GitLab Release Tools Bot authored
Send TODOs for comments on commits correctly See merge request gitlab/gitlab-ee!1219
-
GitLab Release Tools Bot authored
Gitaly: ignore git redirects See merge request gitlab/gitlab-ee!1226
-
GitLab Release Tools Bot authored
Avoid exposing unaccessible repo data upon GFM post processing See merge request gitlab/gitlab-ee!1235
-
- 28 Aug, 2019 2 commits
-
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
- 27 Aug, 2019 4 commits
-
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
- 26 Aug, 2019 8 commits
-
-
Oswaldo Ferreira authored
When post-processing relative links to absolute links RelativeLinkFilter didn't take into consideration that internal repository data could be exposed for users that do not have repository access to the project. This commit solves that by checking whether the user can `download_code` at this repository, avoiding any processing of this filter if the user can't. Additionally, if we're processing for a group ( no project was given), we check if the user can read it in order to expand the href as an extra. That doesn't seem necessarily a breach now, but an extra check doesn't hurt as after all the user needs to be able to `read_group`.
-
Jacob Vosmaer authored
-
GitLab Bot authored
-
Ash McKenzie authored
Bump ruby-prof to 1.0.0 See merge request gitlab-org/gitlab-ce!29588
-
Thong Kuah authored
Install Unleash Client Gem See merge request gitlab-org/gitlab-ce!32065
-
Jason Goodman authored
-
GitLab Bot authored
-
Ash McKenzie authored
Backport expired job artifact trait See merge request gitlab-org/gitlab-ce!32179
-
- 25 Aug, 2019 5 commits
-
-
GitLab Bot authored
-
Stan Hu authored
Add helpers to exactly undo cleanup_concurrent_column_rename See merge request gitlab-org/gitlab-ce!32183
-
Reuben Pereira authored
- Also add helper to undo rename_column_concurrently.
-
Stan Hu authored
Add helper to exactly undo cleanup_concurrent_column_rename See merge request gitlab-org/gitlab-ee!15614
-
Reuben Pereira authored
- Also add helper to undo rename_column_concurrently.
-
- 24 Aug, 2019 12 commits
-
-
Stan Hu authored
This is significant improvement over the previous releases: https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES
-
Gabriel Mazetto authored
-
GitLab Bot authored
-
Fatih Acet authored
Resolve "Show the paths for groups in productivity analytics" Closes #13637 See merge request gitlab-org/gitlab-ee!15513
-
Martin Wortschack authored
- Add changelog entry - Add specs for displaying the full group path - Add selector to component
-
Stan Hu authored
Preload tags when loading Ci::Pipeline Closes #60925 See merge request gitlab-org/gitlab-ce!32149
-
GitLab Bot authored
-
Fatih Acet authored
Fix Serverless entry page layout Closes #64764 See merge request gitlab-org/gitlab-ce!32029
-
Fatih Acet authored
Moves container scanning logic to the backend Closes #13518 See merge request gitlab-org/gitlab-ee!15226
-
Sam Beckham authored
- Uses the baceng API to parse container scanning logic on the MR page. - Maps the slightly misaligned data in the vulnerabilities - Uses polling because the end point is a polling one - Adds an action for storing the endpoint in vuex - Adds a new action for calling the endpoint - Puts all the above behind a feature flag - Adds action tests - Adds mutation tests - Adds component tests - Fixes issues the tests brought up - - Text generation failed without a head or base path - - Report visibilty failed without a head or base path
-
GitLab Bot authored
-
Tim Zallmann authored
Enable line charts in dashbaord panels and embedded charts Closes #66073 See merge request gitlab-org/gitlab-ce!31920
-