This prevents a MITM attack where attacker could
still access Git repository if any jobs were
running long enough.

This prevents a MITM attack where attacker could
still access Git repository if any jobs were
running long enough.

https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32554 removed the
support_bot column, but nodes were not told to ignore this column.
As a result, after the post-deploy migration ran, nodes attempted
to use this column, causing 500 errors.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/67295

Dmitriy Zaporozhets authored 5 years ago and Peter Leitzen committed 5 years ago

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

It consists of two parts:

1. Redirecting users to the configured external storage
1. Allowing the external storage to request the static object(s)
   on behalf of the user by means of specific tokens

Part of https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/6829

Because we don't have any destroy callbacks (or other logic
triggered on event destroy), there is no reason for deleting events
inefficiently one by one, instead we can use :delete_all.

This is to accomodate prepended modules.

Removed unused method for name setter method

Devise checks before updating any of the authentication_keys if it
needs to clear the reset_password_tokens.

This should fix:
https://gitlab.com/gitlab-org/gitlab-ce/issues/42733 (Weak
authentication and session management)

to 30 days

Expose time since starring on project/:id/starrers API endpoint; exclude private profiles here as well