Commits · 88f00c714cc69121b831d0324cfd3d4956529e01 · gpt / large_projects / gitlabhq1

Oct 10, 2019
- Sanitize search text to prevent XSS · 88f00c71
  Samantha Ming authored 5 years ago and Samantha Ming committed 5 years ago
  
  88f00c71
Oct 07, 2019
- Merge remote-tracking branch 'dev/12-1-stable' into 12-1-stable · 3e2d0afa
  GitLab Release Tools Bot authored 5 years ago
  
  3e2d0afa
- Update VERSION to 12.1.14 · ef8aaefd
  GitLab Release Tools Bot authored 5 years ago
  
  View commits for tag v12.1.14 v12.1.14
  
  ef8aaefd
- Update CHANGELOG.md for 12.1.14 · 6e62be75
  GitLab Release Tools Bot authored 5 years ago
  
  [ci skip]
  6e62be75
Oct 02, 2019
- Merge remote-tracking branch 'dev/12-1-stable' into 12-1-stable · ed21ca8e
  GitLab Release Tools Bot authored 5 years ago
  
  ed21ca8e
Oct 01, 2019
- Update VERSION to 12.1.13 · c6128d82
  GitLab Release Tools Bot authored 5 years ago
  
  View commits for tag v12.1.13 v12.1.13
  
  c6128d82
- Update CHANGELOG.md for 12.1.13 · 6317d49c
  GitLab Release Tools Bot authored 5 years ago
  
  [ci skip]
  6317d49c
- Merge branch 'security-29491-12-1-ce' into '12-1-stable' · cdfcbb00
  Marin Jankovski authored 5 years ago
  
  Fix private feature Elasticsearch leak See merge request gitlab/gitlabhq!3452
  cdfcbb00
- EE port: Fix private feature Elasticsearch leak · ccb6a5a5
  Mark Chao authored 5 years ago
  
  Add spec to test different combinations. Accept string for required_minimum_access_level Allow more flexible project membership query
  ccb6a5a5
Sep 30, 2019

Merge branch 'fix_expired_gpg_key_specs' into 'master' · f84dc8c1

Stan Hu authored 5 years ago

Fix broken specs : Generate new GPG key in place of expired one

Closes #32956

See merge request gitlab-org/gitlab!17853

Unverified

f84dc8c1

Sep 26, 2019
- Update VERSION to 12.1.12 · fd62f3a1
  GitLab Release Tools Bot authored 5 years ago
  
  View commits for tag v12.1.12 v12.1.12
  
  fd62f3a1
- Update CHANGELOG.md for 12.1.12 · e728ba7e
  GitLab Release Tools Bot authored 5 years ago
  
  [ci skip]
  e728ba7e
- Merge branch 'security-gitaly-1-53-4' into '12-1-stable' · 47949f6a
  GitLab Release Tools Bot authored 5 years ago
  
  Fix Gitaly SearchBlobs flag RPC injection [Gitaly v1.53.4] See merge request gitlab/gitlabhq!3435
  47949f6a
- Merge branch 'security-sarcila-verify-saml-request-origin-12-1' into '12-1-stable' · 1791e3e6
  GitLab Release Tools Bot authored 5 years ago
  
  Check that SAML identity linking validates the origin of the request See merge request gitlab/gitlabhq!3376
  1791e3e6
- Merge branch 'security-xss-mermaid-12-1' into '12-1-stable' · 65a022ad
  GitLab Release Tools Bot authored 5 years ago
  
  Gitlab XSS in markdown preview page See merge request gitlab/gitlabhq!3400
  65a022ad
- Merge branch... · 254b09ef
  GitLab Release Tools Bot authored 5 years ago
  
  Merge branch 'security-12717-fix-confidential-issue-assignee-visible-to-guests-12-1' into '12-1-stable' Display only participants that user has permission to see See merge request gitlab/gitlabhq!3403
  254b09ef
- Merge branch 'security-bypass-email-verification-using-salesforce-12-1' into '12-1-stable' · 116fb15b
  GitLab Release Tools Bot authored 5 years ago
  
  Prevent Bypassing Email Verification using Salesforce See merge request gitlab/gitlabhq!3407
  116fb15b
- Merge branch 'security-mermaid-block-12-1' into '12-1-stable' · 84fd8316
  GitLab Release Tools Bot authored 5 years ago
  
  Only render fixed number of mermaid blocks See merge request gitlab/gitlabhq!3413
  84fd8316
- Merge branch 'security-12718-project-milestones-disclosed-via-groups-12-1-ce' into '12-1-stable' · 61d21609
  GitLab Release Tools Bot authored 5 years ago
  
  Hide disabled project milestones in project settings on group level See merge request gitlab/gitlabhq!3416
  61d21609
- Merge branch 'security-64938-dont-disclose-path-12-1-ce' into '12-1-stable' · 18771468
  GitLab Release Tools Bot authored 5 years ago
  
  Redirect user to root path after unsubscribing from private resource See merge request gitlab/gitlabhq!3418
  18771468
- Merge branch 'security-12630-private-system-note-disclosed-in-graphql-12-1-ce' into '12-1-stable' · f6fce08b
  GitLab Release Tools Bot authored 5 years ago
  
  Add policy check if cross reference system notes are accessible See merge request gitlab/gitlabhq!3428
  f6fce08b
- Merge branch 'security-fp-stop-jobs-when-blocking-user-12-1' into '12-1-stable' · 142522c9
  GitLab Release Tools Bot authored 5 years ago
  
  Cancel all running CI jobs when user is blocked See merge request gitlab/gitlabhq!3438
  142522c9
- Merge branch 'security-cross-reference-fix-ce-12-1' into '12-1-stable' · d3f758ab
  GitLab Release Tools Bot authored 5 years ago
  
  Filter not accessible label events See merge request gitlab/gitlabhq!3442
  d3f758ab
Sep 25, 2019
- Hide disabled project milestones in project settings on group level · 6ce5368d
  Alexandru Croitor authored 5 years ago
  
  6ce5368d
- Add policy check if cross reference system notes are accessible · c01ad00e
  Alexandru Croitor authored 5 years ago
  
  c01ad00e
Sep 24, 2019
- Fix Gitaly SearchBlobs flag RPC injection · e0befbdc
  Paul Okstad authored 5 years ago
  
  e0befbdc
- Merge branch 'ss/fix-sast-failure-on-master-ee' into 'master' · 0be35b49
  Kushal Pandya authored 5 years ago
  
  Add argument to catch See merge request gitlab-org/gitlab-ee!15911
  Unverified
  
  0be35b49
- Filter not accessible label events · a7a6a074
  Jan Provaznik authored 5 years ago
  
  Label events may use cross-project or cross-group references, if the projects are not accessible by user, we don't show these label events.
  a7a6a074
- Cancel all running CI jobs when user is blocked · eb1c5b57
  Fabio Pitino authored 5 years ago
  
  This prevents a MITM attack where attacker could still access Git repository if any jobs were running long enough.
  eb1c5b57
Sep 20, 2019
- Display only participants that user has permission to see · 4ffd8efd
  Alexandru Croitor authored 5 years ago
  
  4ffd8efd
- Redirect user to root path after unsubscribing from private resource · f991af9a
  Alexandru Croitor authored 5 years ago
  
  If user unsubsrcribes from a resource that they no longer have access to they should not be revealed the resource path, but be redirected to app root instead. https://gitlab.com/gitlab-org/gitlab-ce/issues/64938
  f991af9a
Sep 19, 2019
- Update VERSION to 12.1.11 · 2e08a701
  GitLab Release Tools Bot authored 5 years ago
  
  View commits for tag v12.1.11 v12.1.11
  
  2e08a701
- Update CHANGELOG.md for 12.1.11 · 3667ca90
  GitLab Release Tools Bot authored 5 years ago
  
  [ci skip]
  3667ca90
- Update VERSION to 12.1.10 · c011b445
  GitLab Release Tools Bot authored 5 years ago
  
  View commits for tag v12.1.10 v12.1.10
  
  c011b445
- Update CHANGELOG.md for 12.1.10 · 6c82fea5
  GitLab Release Tools Bot authored 5 years ago
  
  [ci skip]
  6c82fea5
- Merge branch '12-1-stable-patch-10' into '12-1-stable' · 18b968b3
  John Jarvis authored 5 years ago
  
  Prepare 12.1.10 release See merge request gitlab-org/gitlab-foss!32979
  18b968b3
- Merge branch 'sh-fix-captcha-state-pollution-spec' into 'master' · 216a6b4f
  Mayra Cabrera authored 5 years ago and John Jarvis committed 5 years ago
  
  Fix order-dependent spec failures with reCAPTCHA Closes #67133 See merge request gitlab-org/gitlab-ce!32771
  216a6b4f
- Only render fixed number of mermaid blocks · 308ab9fb
  Rajat Jain authored 5 years ago
  
  308ab9fb
- Merge branch 'sh-fix-no-downtime-upgrades-ce' into '12-1-stable-patch-10' · 7dc637c1
  John Jarvis authored 5 years ago
  
  [12-1-stable] Re-add ignore_column for import columns See merge request gitlab-org/gitlab-foss!32977
  7dc637c1
Sep 18, 2019

Re-add ignore_column for import columns · 55bdab49

Stan Hu authored 5 years ago

This `ignore_column` was present for a while but recently removed, but
to ensure we don't get error 500s let's keep it for a while.

55bdab49

Admin message

Admin message