Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • 12-9-stable
  • 12-7-stable
  • 12-6-stable
  • 12-8-stable
  • github/fork/Kloppi313/patch-1
  • 12-5-stable
  • 12-4-stable
  • github/fork/ramalokesh8477/master
  • 12-1-stable
  • 12-2-stable
  • 12-0-stable
  • 12-3-stable
  • 42-42-stable
  • github/fork/hussamgit398/patch-2
  • 12-3-auto-deploy-20190911
  • 12-3-auto-deploy-20190916
  • 12-3-auto-deploy-20190908
  • 12-3-auto-deploy-20190901
  • 12-3-auto-deploy-20190901-32664
  • v12.10.0.pre
  • v12.9.0
  • v12.9.0-rc42
  • v12.8.7
  • v12.8.6
  • v12.8.5
  • v12.8.4
  • v12.8.3
  • v12.6.8
  • v12.7.7
  • v12.8.2
  • v12.8.1
  • v12.9.0.pre
  • v12.8.0
  • v12.8.0-rc42
  • v12.5.10
  • v12.7.6
  • v12.6.7
  • v12.7.5
  • v12.5.9
40 results
Search by author
  • Any Author
  • Grant Young Grant Young grantyoung
  • Nailia Iskhakova Nailia Iskhakova niskhakova
  • gitlab-qa-bot gitlab-qa-bot gitlab-qa-bot
3 authors
  1. Feb 21, 2020
  3. Dec 20, 2019
  5. Sep 25, 2019
  7. Sep 04, 2019
  9. Jan 31, 2019
    • Kamil Trzcińśki's avatar
      Extract GitLab Pages using RubyZip · 66744469
      Kamil Trzcińśki authored 
      RubyZip allows us to perform strong validation of
expanded paths where we do extract file.

We introduce the following additional checks
to extract routines:

1. None of path components can be symlinked,
2. We drop privileges support for directories,
3. Symlink source needs to point within the target directory,
   like `public/`,
4. The symlink source needs to exist ahead of time.
      Verified
      66744469
  11. Jan 22, 2019
    • Kamil Trzcińśki's avatar
      Extract GitLab Pages using RubyZip · 1a8100cf
      Kamil Trzcińśki authored 
      RubyZip allows us to perform strong validation of
expanded paths where we do extract file.

We introduce the following additional checks
to extract routines:

1. None of path components can be symlinked,
2. We drop privileges support for directories,
3. Symlink source needs to point within the target directory,
   like `public/`,
4. The symlink source needs to exist ahead of time.
      1a8100cf
  13. Jul 17, 2018
  15. Apr 27, 2018
  17. Apr 03, 2018
  19. Mar 30, 2018
  21. Mar 09, 2018
  23. Mar 06, 2018
  25. Feb 28, 2018
  27. Feb 05, 2018
    • Grzegorz Bizon's avatar
      Revert create job service because of load balancing · 5f57c7a5
      Grzegorz Bizon authored 
      Currently we still need to run EnsureStageService within a transaction,
because when it runs within in a transaction we are going to stick to
the primary database when using database load balancing. Extracting this
out of the transaction makes it possible to hit into problems with
replication lag in pipeline commit status API, which can cause a lot of
trouble.
      5f57c7a5
  29. Feb 02, 2018
  31. Jan 24, 2018
  33. Dec 03, 2017
  35. Sep 05, 2017
  37. Aug 31, 2017
    • Sean McGivern's avatar
      `current_application_settings` belongs on `Gitlab::CurrentSettings` · 5883ce95
      Sean McGivern authored 
      The initializers including this were doing so at the top level, so every object
loaded after them had a `current_application_settings` method. However, if
someone had rack-attack enabled (which was loaded before these initializers), it
would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't
have that method.

To fix this:

1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need
   `Object.new.current_application_settings` to work.
2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it
   like that in several places.
3. Change the initializers to use that new form.
      5883ce95
  39. Aug 10, 2017
  41. Jul 31, 2017
  43. Jul 26, 2017
  45. Jul 25, 2017
  47. Jun 28, 2017
  49. Mar 31, 2017
  51. Mar 05, 2017
  53. Feb 23, 2017
  55. Feb 01, 2017