Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • 12-9-stable
  • 12-7-stable
  • 12-6-stable
  • 12-8-stable
  • github/fork/Kloppi313/patch-1
  • 12-5-stable
  • 12-4-stable
  • github/fork/ramalokesh8477/master
  • 12-1-stable
  • 12-2-stable
  • 12-0-stable
  • 12-3-stable
  • 42-42-stable
  • github/fork/hussamgit398/patch-2
  • 12-3-auto-deploy-20190911
  • 12-3-auto-deploy-20190916
  • 12-3-auto-deploy-20190908
  • 12-3-auto-deploy-20190901
  • 12-3-auto-deploy-20190901-32664
  • v12.10.0.pre
  • v12.9.0
  • v12.9.0-rc42
  • v12.8.7
  • v12.8.6
  • v12.8.5
  • v12.8.4
  • v12.8.3
  • v12.6.8
  • v12.7.7
  • v12.8.2
  • v12.8.1
  • v12.9.0.pre
  • v12.8.0
  • v12.8.0-rc42
  • v12.5.10
  • v12.7.6
  • v12.6.7
  • v12.7.5
  • v12.5.9
40 results
Search by author
  • Any Author
  • Grant Young Grant Young grantyoung
  • Nailia Iskhakova Nailia Iskhakova niskhakova
  • gitlab-qa-bot gitlab-qa-bot gitlab-qa-bot
3 authors
  1. Mar 10, 2020
  3. Mar 01, 2020
  5. Feb 14, 2020
  7. Feb 13, 2020
  9. Feb 07, 2020
  11. Feb 05, 2020
  13. Jan 30, 2020
  15. Jan 22, 2020
  17. Jan 15, 2020
  19. Jan 13, 2020
  21. Jan 06, 2020
  23. Dec 16, 2019
  25. Dec 10, 2019
  27. Nov 26, 2019
  29. Nov 07, 2019
  31. Nov 04, 2019
  33. Nov 01, 2019
  35. Oct 30, 2019
  37. Oct 16, 2019
  39. Oct 08, 2019
  41. Oct 04, 2019
  43. Sep 16, 2019
  45. Sep 12, 2019
  47. Sep 09, 2019
  49. Sep 06, 2019
    • Krasimir Angelov's avatar
      Add skeleton Pages internal API · 477ba2b3
      Krasimir Angelov authored 
      Basic `/internal/pages` endpoint that will be used for Pages virtual
domains internal API. The endpoint is currently behind feature flag and
provides authetication similar to how Workhorse is authenticating with
the GitLab.
      477ba2b3
  51. Sep 04, 2019
  53. Sep 03, 2019
  55. Aug 27, 2019
  57. Aug 22, 2019
  59. Aug 20, 2019
    • Diego Louzán's avatar
      feat: SMIME signed notification emails · 0dcb9d21
      Diego Louzán authored 
      - Add mail interceptor the signs outgoing email with SMIME
- Add lib and helpers to work with SMIME data
- New configuration params for setting up SMIME key and cert files
      0dcb9d21
  61. Aug 07, 2019
    • Stan Hu's avatar
      Add support for Content-Security-Policy · 5fbbd3dd
      Stan Hu authored and Ash McKenzie's avatar Ash McKenzie committed 
      A nonce-based Content-Security-Policy thwarts XSS attacks by allowing
inline JavaScript to execute if the script nonce matches the header
value. Rails 5.2 supports nonce-based Content-Security-Policy headers,
so provide configuration to enable this and make it work.

To support this, we need to change all `:javascript` HAML filters to the
following form:

```
= javascript_tag nonce: true do
  :plain
    ...
```

We use `%script` throughout our HAML to store JSON and other text, but
since this doesn't execute, browsers don't appear to block this content
from being used and require the nonce value to be present.
      Unverified
      5fbbd3dd
  63. Aug 01, 2019
  65. Jul 24, 2019
  67. Jul 16, 2019
  69. Jul 09, 2019
  71. Jun 28, 2019
  73. Jun 20, 2019
    • Yorick Peterse's avatar
      Backport gitlab.yml.example from EE · 0e415647
      Yorick Peterse authored 
      To make this happen, we need to conditionally add the group_saml
strategy when running tests, but only on EE. This requires some changes
to Gitlab.ee? so that it can be used before/without loading the Rails
environment. We also have to change how we require a few files, so this
can run outside of Rails.
      Verified
      0e415647
  75. May 29, 2019
    • Jan Provaznik's avatar
      Add Puma sampler · a5adc6a0
      Jan Provaznik authored 
      This sampler gathers Puma-specific metrics which can be used by
Prometheus then.
      a5adc6a0
  77. May 09, 2019