Commits · 398ac950bd5564f0fc1b928526b29c8eb7c0a18d · gl-gitaly / GitLab

Jul 01, 2020
- Update VERSION to 13.0.8-ee · 398ac950
  GitLab Release Tools Bot authored 4 years ago
  
  View commits for tag v13.0.8-ee v13.0.8-ee
  
  398ac950
- Update CHANGELOG.md for 13.0.8 · 5244c711
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  5244c711
- Update CHANGELOG-EE.md for 13.0.8-ee · 4440c7c9
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  4440c7c9
- Update GITALY_SERVER_VERSION to 13.0.8 · febe48a5
  GitLab Release Tools Bot authored 4 years ago
  
  febe48a5
Jun 29, 2020
- Merge branch... · 3ce85098
  Mayra Cabrera authored 4 years ago
  
  Merge branch 'security-fj-add-snippet-repository-validation-bundle-import-13-0' into '13-0-stable-ee' Lack of validations importing snippet repository from bundle See merge request gitlab-org/security/gitlab!612
  3ce85098
- Merge branch 'security-private-profile-api-13-0' into '13-0-stable-ee' · 7f1befc1
  GitLab Release Tools Bot authored 4 years ago
  
  Do not show activity for users with private profiles See merge request gitlab-org/security/gitlab!688
  7f1befc1
- Merge branch 'security-215175-filter-merge-participants-13-0' into '13-0-stable-ee' · 8e2f9e7c
  GitLab Release Tools Bot authored 4 years ago
  
  Check access when sending TODOs related to merge requests See merge request gitlab-org/security/gitlab!673
  8e2f9e7c
- Merge branch 'security-disable-caching-for-wiki-attachments-13-0' into '13-0-stable-ee' · 34f09e32
  GitLab Release Tools Bot authored 4 years ago
  
  Disable caching for wiki attachments See merge request gitlab-org/security/gitlab!659
  34f09e32
- Merge branch 'security-fix-malicious-comment-13-0' into '13-0-stable-ee' · 61c54161
  GitLab Release Tools Bot authored 4 years ago
  
  Fix null byte error in upload path See merge request gitlab-org/security/gitlab!573
  61c54161
- Merge branch 'security-xss-bitbucket-import-13-0' into '13-0-stable-ee' · 3290a525
  GitLab Release Tools Bot authored 4 years ago
  
  Resolve "Cross-Site Scripting In BitbucketServer Import" See merge request gitlab-org/security/gitlab!679
  3290a525
- Merge branch 'security-user-name-html-13-0' into '13-0-stable-ee' · c01476c3
  GitLab Release Tools Bot authored 4 years ago
  
  Fix note author name rendering See merge request gitlab-org/security/gitlab!658
  c01476c3
- Merge branch 'security-disable-github-import-api-by-seetings-13-0' into '13-0-stable-ee' · 04b84c9f
  GitLab Release Tools Bot authored 4 years ago
  
  Disable github import api by seetings See merge request gitlab-org/security/gitlab!559
  04b84c9f
- Merge branch 'security-212469-fix-deploy-token-api-13-0' into '13-0-stable-ee' · 22515470
  GitLab Release Tools Bot authored 4 years ago
  
  Fixed group deploy token API authorizations See merge request gitlab-org/security/gitlab!676
  22515470
- Merge branch 'security-dblessing-cookie-serializer-13-0' into '13-0-stable-ee' · ca624906
  GitLab Release Tools Bot authored 4 years ago
  
  Change from hybrid to JSON cookies serializer See merge request gitlab-org/security/gitlab!691
  ca624906
- Change from hybrid to JSON cookies serializer · 2caa8586
  Drew Blessing authored 4 years ago and GitLab Release Tools Bot committed 4 years ago
  
  JSON has been the default serializer since Rails 4.1. Hybrid serializer was meant to allow backward compatibility when upgrading pre-Rails 4.1. It's been some time since we upgraded to Rails 4.1 so now we don't need the hybrid serializer anymore. This also causes security concerns since the previous serializer was Marshal.
  2caa8586
- Merge branch 'security-xss-error-tracking-13-0' into '13-0-stable-ee' · b0002a5e
  GitLab Release Tools Bot authored 4 years ago
  
  Stored XSS on the Error Tracking page See merge request gitlab-org/security/gitlab!626
  b0002a5e
- Merge branch 'security-208685-fix-swagger-ui-xss-13-0' into '13-0-stable-ee' · 33f92bfb
  GitLab Release Tools Bot authored 4 years ago
  
  Upgrade swagger-ui to solve XSS issues See merge request gitlab-org/security/gitlab!636
  33f92bfb
- Merge branch 'security-dblessing-sanitize-group-names-13-0' into '13-0-stable-ee' · 30d82564
  GitLab Release Tools Bot authored 4 years ago
  
  Validate group names with Rails HTML sanitizer See merge request gitlab-org/security/gitlab!630
  30d82564
- Merge branch 'security-150-xss-reference-redactor-13-0' into '13-0-stable-ee' · 594946b5
  GitLab Release Tools Bot authored 4 years ago
  
  Fix XSS in Banzai's `#data_attributes_for` See merge request gitlab-org/security/gitlab!599
  594946b5
- Merge branch 'security-update-xterm-128-backport-13-0' into '13-0-stable-ee' · 93eb7107
  GitLab Release Tools Bot authored 4 years ago
  
  Update xterm js dependency to latest stable 3.X version See merge request gitlab-org/security/gitlab!607
  93eb7107
- Merge branch 'security-fix-time-tracking-permissions-api-13-0' into '13-0-stable-ee' · 1700c6a6
  GitLab Release Tools Bot authored 4 years ago
  
  Update permissions for time tracking endpoints See merge request gitlab-org/security/gitlab!617
  1700c6a6
- Update permissions for time tracking endpoints · a86a3467
  Eugenia Grieff authored 4 years ago and GitLab Release Tools Bot committed 4 years ago
  
  a86a3467
- Merge branch 'security-kaminari-update-13-0' into '13-0-stable-ee' · 86b5f694
  GitLab Release Tools Bot authored 4 years ago
  
  Update Kaminari gem See merge request gitlab-org/security/gitlab!670
  86b5f694
- Merge branch 'security-13-0-xss-issuables-list' into '13-0-stable-ee' · 8db26d89
  GitLab Release Tools Bot authored 4 years ago
  
  Make sure user info is sanitized when rendered See merge request gitlab-org/security/gitlab!597
  8db26d89
- Make sure user info is sanitized when rendered · e2804ee5
  Scott Stern authored 4 years ago and GitLab Release Tools Bot committed 4 years ago
  
  e2804ee5
- Merge branch 'security-fix_project_authorizations_for_security_dashboard-13-0'... · 7b4d31dd
  GitLab Release Tools Bot authored 4 years ago
  
  Merge branch 'security-fix_project_authorizations_for_security_dashboard-13-0' into '13-0-stable-ee' Security fix project authorizations for security dashboard See merge request gitlab-org/security/gitlab!583
  7b4d31dd
- Security fix project authorizations for security dashboard · 3e72d9ae
  Mehmet Emin Inaç authored 4 years ago and GitLab Release Tools Bot committed 4 years ago
  
  3e72d9ae
- Merge branch 'security-215640-pypi-13-0' into '13-0-stable-ee' · a369c5e7
  GitLab Release Tools Bot authored 4 years ago
  
  Fixes pypi XSS See merge request gitlab-org/security/gitlab!557
  a369c5e7
- Do not show activity for users with private profiles · c74d9490
  Michelle Gill authored 4 years ago
  
  c74d9490
Jun 25, 2020
- Update VERSION to 13.0.7-ee · f129bedb
  GitLab Release Tools Bot authored 4 years ago
  
  View commits for tag v13.0.7-ee v13.0.7-ee
  
  f129bedb
- Update CHANGELOG.md for 13.0.7 · f2d3b978
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  f2d3b978
- Update CHANGELOG-EE.md for 13.0.7-ee · bed98008
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  bed98008
- Update GITALY_SERVER_VERSION to 13.0.7 · 1afae8a1
  GitLab Release Tools Bot authored 4 years ago
  
  1afae8a1
- Merge branch '13-0-stable-ee-patch-7' into '13-0-stable-ee' · afaea451
  Yorick Peterse authored 4 years ago
  
  Prepare 13.0.7-ee release See merge request gitlab-org/gitlab!35243
  afaea451
- Merge branch 'if-205273-project_auth_periodic_recompute-13-0' into '13-0-stable-ee-patch-7' · b80be4ff
  Yorick Peterse authored 4 years ago
  
  Cherry picks !34071 into 13.0 prep branch See merge request gitlab-org/gitlab!35270
  b80be4ff
- Merge branch 'if-205273-project_auth_periodic_recompute' into 'master' · fb8f1ee7
  Mayra Cabrera authored 4 years ago
  
  Periodically recompute project authorizations See merge request gitlab-org/gitlab!34071
  fb8f1ee7
- Merge branch 'bvl-fix-git-http-user-logging-13-0' into '13-0-stable-ee-patch-7' · 3ee76455
  Yorick Peterse authored 4 years ago
  
  Cherry-picks !34923 into 13.0 prep branch See merge request gitlab-org/gitlab!35272
  3ee76455
Jun 24, 2020

Merge branch 'bvl-fix-git-http-user-logging' into 'master' · 212a96c9
Stan Hu authored 4 years ago and Mayra Cabrera committed 4 years ago
```
Load user before logging git http-requests

Closes #223027

See merge request gitlab-org/gitlab!34923
```
212a96c9
Merge branch 'fixes-broken-spec-on-13-0-patch-7' into '13-0-stable-ee-patch-7' · b68bf119
Mayra Cabrera authored 4 years ago
```
Fixes 13.0 latest prep branch

See merge request gitlab-org/gitlab!35277
```
b68bf119

Add built in variable called __range · 552b0014

Mayra Cabrera authored 4 years ago

- This variable can be used in a Prometheus query, when you want a value
equalling the range of the dashboard/chart.

- If the range of the dashboard is 8 hours, '28800s' will be
substituted in place of __range.

552b0014

Admin message

Admin message