- Mar 19, 2020
-
-
GitLab Bot authored
-
- Jan 06, 2020
-
-
GitLab Bot authored
-
- Nov 12, 2019
-
-
GitLab Bot authored
-
- Nov 05, 2019
-
-
GitLab Bot authored
-
- Oct 24, 2019
-
-
GitLab Bot authored
-
- Oct 22, 2019
-
-
GitLab Bot authored
-
- Oct 18, 2019
-
-
GitLab Bot authored
-
- Oct 07, 2019
-
-
GitLab Bot authored
-
- Aug 28, 2019
-
-
Arun Kumar Mohan authored
-
- Aug 07, 2019
-
-
A nonce-based Content-Security-Policy thwarts XSS attacks by allowing inline JavaScript to execute if the script nonce matches the header value. Rails 5.2 supports nonce-based Content-Security-Policy headers, so provide configuration to enable this and make it work. To support this, we need to change all `:javascript` HAML filters to the following form: ``` = javascript_tag nonce: true do :plain ... ``` We use `%script` throughout our HAML to store JSON and other text, but since this doesn't execute, browsers don't appear to block this content from being used and require the nonce value to be present.
-
- Jul 30, 2019
-
-
Donald Cook authored
-
- Jun 25, 2019
-
-
Roger Meier authored
-
- Jun 15, 2019
-
-
- May 11, 2019
-
-
Luke "Jared" Bennett authoredPart of single codebase changes.
-
- Feb 22, 2019
-
-
Simon Knox authored
-
- Feb 15, 2019
-
-
Simon Knox authored
Compile highlight CSS separately Move highlight-specific mixins out of mixins.scss Rename solarized themes to match theme name as this was a smaller change than changing all instances to snake_case
-
- Jan 24, 2019
-
-
Rémy Coutable authored
Signed-off-by:Rémy Coutable <remy@rymai.me>
-
- Dec 08, 2018
-
-
Clement Ho authored
-
- Jul 26, 2018
-
-
Tim Zallmann authored
-
- Jun 05, 2018
-
-
Alexis Reigel authored
the initial reason for this change was that graphicsmagick does not support writing to ico files. this fact lead to a chain of changes: 1. use png instead of ico (browser support is good enough) 2. render the overlays on the client using the canvas API. this way we only need to store the original favion and generate the overlay versions dynamically. this change also enables (next step) to simplify the handling of the stock favicons as well, as we don't need to generate all the versions upfront.
-
Alexis Reigel authored
-
- May 01, 2018
-
-
Mike Greiling authored
-
- Mar 01, 2018
-
-
Mike Greiling authored
-
- Feb 02, 2018
-
-
Mario de la Ossa authored
-
Mike Greiling authored
-
Mike Greiling authored
-
- Jan 24, 2018
-
-
Phil Hughes authored
-
- Oct 18, 2017
-
-
Bob Van Landuyt authored
The locale code is turned into an asset path with an underscore instead of a dash. The language codes are transformed by `I18n.locale` into a code with a dash. But the resources for translating are always stored in a path using a `_` separating the language and the region code.
-
- Oct 06, 2017
-
-
Tim Zallmann authored
Made the insertion of the English Translation File conditional + removed window.translations from the global object to save some memory
-
- Oct 04, 2017
-
-
Tim Zallmann authored
-
- Sep 25, 2017
-
-
Annabel Dunstone Gray authored
-
- Sep 08, 2017
-
-
Jacob Schatz authored
-
- Sep 06, 2017
-
-
- Aug 04, 2017
-
-
Phil Hughes authored
Closes #35985
-
- Jul 18, 2017
-
-
Mike Greiling authored
-
Luke "Jared" Bennett authored
Remove multiple methods of including monaco related code and remove static monaco assets from public
-
- Jul 06, 2017
-
-
Rémy Coutable authored
-
Rémy Coutable authored
Signed-off-by:
-
- Jun 29, 2017
-
-
Douwe Maan authored
-
- Jun 28, 2017
-
-
Mike Greiling authored
move webpack publicPath setup earlier in the bootstrap processes to avoid ES module execution order issues
-
