1. 10 Dec, 2019 1 commit
  2. 04 Dec, 2019 1 commit
  3. 03 Dec, 2019 1 commit
  4. 29 Nov, 2019 1 commit
  5. 28 Nov, 2019 1 commit
  6. 26 Nov, 2019 1 commit
  7. 19 Nov, 2019 1 commit
  8. 14 Nov, 2019 1 commit
  9. 12 Nov, 2019 1 commit
    • Victor Zagorodny's avatar
      Implement Create Vulnerability from Finding · a5bc331c
      Victor Zagorodny authored
      Make title_html field optional in order to be
      controlled by CacheMarkdownField logic. Add
      POST /projects/:id/vulnerabilities API call.
      Add create_vulnerability ability for User.
      Add Vulnerabilities::CreateService and
      model methods and scopes required for its
      functioning. Add new factories and traits.
      a5bc331c
  10. 07 Nov, 2019 1 commit
  11. 06 Nov, 2019 1 commit
  12. 31 Oct, 2019 1 commit
    • David Fernandez's avatar
      Check for NPM packages before path updates · 5e400e08
      David Fernandez authored
      NPM packages presence is checked before these actions:
      * group at the root namespace has a path update
      * subgroup is transfered to a different root namespace
      * project is transfered to a different root namespace
      5e400e08
  13. 30 Oct, 2019 1 commit
  14. 28 Oct, 2019 2 commits
  15. 21 Oct, 2019 2 commits
  16. 17 Oct, 2019 1 commit
  17. 16 Oct, 2019 1 commit
  18. 15 Oct, 2019 1 commit
  19. 14 Oct, 2019 1 commit
  20. 10 Oct, 2019 1 commit
    • Avielle Wolfe's avatar
      Fix empty security dashboard for public projects · da903949
      Avielle Wolfe authored and Grzegorz Bizon's avatar Grzegorz Bizon committed
      Project security dashboards were displaying no vulnerabilities for
      public projects, even when the latest pipeline reported
      vulnerabilities.
      
      The issue was our Namespace#store_security_reports_available? method,
      which had no knowledge of the project or whether it was public, and
      only checked for availability based on the instance's license.
      
      I've added Project#can_store_security_reports?, which calls into
      Namespace to check for license availability and _also_ checks
      whether the project is public. Now public projects can get the
      security scanning they've been wanting!
      
      https://gitlab.com/gitlab-org/gitlab/issues/13422
      da903949
  21. 08 Oct, 2019 1 commit
  22. 07 Oct, 2019 1 commit
    • Victor Zagorodny's avatar
      Add DB schema migrations for Vulnerability · 8ad1881c
      Victor Zagorodny authored
      This is the DB layout for first-class
      vulnerabilities backend MVC. Added
      vulnerabilities table, FK to it from
      vulnerability_occurrences table, add all
      required foreign keys for associations
      between Vulnerability and other models
      8ad1881c
  23. 04 Oct, 2019 1 commit
  24. 03 Oct, 2019 3 commits
  25. 02 Oct, 2019 2 commits
  26. 01 Oct, 2019 2 commits
  27. 25 Sep, 2019 1 commit
  28. 24 Sep, 2019 1 commit
  29. 18 Sep, 2019 1 commit
  30. 17 Sep, 2019 1 commit
    • Kerri Miller's avatar
      Migration to move MRRCOA from project to branch · e48a3b62
      Kerri Miller authored and James Lopez's avatar James Lopez committed
      I've set this up as a post-deploy background migration, taking advantage
      of `each_batch` to set up jobs for Sidekiq workers to copy the project's
      `merge_requests_require_code_owner_approval` to each of its protected
      branch's `code_owner_approval_required` attribute. I've added some basic
      tests here, as well.
      
      I initially added a pair of #after_commit hooks to make sure projects
      get updated while we were asynchronously chewing through the projects
      and branches. However, I abandoned this, as a database reviewer supplied
      a faster approach that shouldn't be an issue in terms of the total time
      required to process the entities.
      e48a3b62
  31. 13 Sep, 2019 1 commit
  32. 10 Sep, 2019 1 commit
  33. 09 Sep, 2019 1 commit
    • Mo Khan's avatar
      Refresh license compliance checks · ae997cdf
      Mo Khan authored
      When a new software license policy is created,
      this will refresh the license check approval rules associated
      with each open merge request for the project that the
      software license policy was created for.
      ae997cdf
  34. 04 Sep, 2019 1 commit