Commits · ce125b970e4a7feb24d1253bac05d447f7369e28 · gpt / large_projects / gitlabhq1

Dec 13, 2019
- Update VERSION to 12.0.12 · ce125b97
  John Skarbek authored 5 years ago
  
  View commits for tag v12.0.12 v12.0.12 Unverified
  
  ce125b97
- Update CHANGELOG.md for 12.0.12 · c05a4979
  John Skarbek authored 5 years ago
  
  [ci skip]
  c05a4979
- Merge branch 'ac-fix-12-0' into 12-0-stable · ef56e662
  Alessio Caiazza authored 5 years ago
  
  ef56e662
- Simplify static-analysis output generation · 7fae3ce5
  Stan Hu authored 5 years ago and Alessio Caiazza committed 5 years ago
  
  The buffering of the output may be causing issues, so let's disable it for now.
  7fae3ce5
- Revert "Add latest changes from gitlab-org/gitlab@12-0-stable-ee" · fe022014
  Alessio Caiazza authored 5 years ago
  
  This reverts commit a21e4112
  fe022014
- Add latest changes from gitlab-org/gitlab@12-0-stable-ee · a21e4112
  GitLab Bot authored 5 years ago
  
  a21e4112
- Merge branch 'backport-21510-12-0' into '12-0-stable' · 96b52080
  John Skarbek authored 5 years ago
  
  Backport 21510 12-0-stable See merge request gitlab/gitlabhq!3590
  96b52080
- Install lsb-release for repo URL construction · 0a111e60
  Kyle Wiebers authored 5 years ago
  
  0a111e60
- Adds message to indicate we are skipping release 12.0.11 · b2c60454
  John Skarbek authored 5 years ago
  
  Unverified
  
  b2c60454
- Revert "Update CHANGELOG.md for 12.0.10" · 54a0d4aa
  John Skarbek authored 5 years ago
  
  This reverts commit aeb730b3.
  Unverified
  
  54a0d4aa
- Revert "Update VERSION to 12.0.10" · 0aa472f8
  John Skarbek authored 5 years ago
  
  This reverts commit 3b3ce335.
  Unverified
  
  0aa472f8
Dec 12, 2019
- Update VERSION to 12.0.10 · 3b3ce335
  John Skarbek authored 5 years ago
  
  Unverified
  
  3b3ce335
- Update CHANGELOG.md for 12.0.10 · aeb730b3
  John Skarbek authored 5 years ago
  
  [ci skip]
  aeb730b3
- Adds message to indicate we are skipping release 12.0.10 · 7c9a29bb
  John Skarbek authored 5 years ago
  
  Unverified
  
  7c9a29bb
- Revert "Update CHANGELOG.md for 12.0.10" · 3472e4b8
  John Skarbek authored 5 years ago
  
  This reverts commit 20fe63d1.
  Unverified
  
  3472e4b8
- Revert "Update VERSION to 12.0.10" · f4260cac
  John Skarbek authored 5 years ago
  
  This reverts commit 66e5d19d.
  Unverified
  
  f4260cac
Dec 11, 2019
- Update VERSION to 12.0.10 · 66e5d19d
  John Skarbek authored 5 years ago
  
  View commits for tag v12.0.10 v12.0.10 Unverified
  
  66e5d19d
- Update CHANGELOG.md for 12.0.10 · 20fe63d1
  John Skarbek authored 5 years ago
  
  [ci skip]
  20fe63d1
Dec 10, 2019
- Merge branch '12-0-reliable-fetch-backport' into '12-0-stable' · 15ca1733
  John Skarbek authored 5 years ago
  
  Backport Reliable fetcher to 12.0 See merge request gitlab/gitlabhq!3583
  15ca1733
Dec 09, 2019

Valery Sizov authored 5 years ago

backport https://gitlab.com/gitlab-org/gitlab/commit/2be136b6cdf59f4664d9fbbe91e16498a47ba227
see https://gitlab.com/gitlab-org/gitlab/commit/3baeb0c7fd6829b8c083a43370163d16f7700263
see https://gitlab.com/gitlab-org/gitlab/merge_requests/21161

875ffafe

Backport reliable fetcher · fbf71fb8
Valery Sizov authored 5 years ago

fbf71fb8

Sep 11, 2019
- Merge remote-tracking branch 'dev/12-0-stable' into 12-0-stable · fff92356
  GitLab Release Tools Bot authored 5 years ago
  
  fff92356
Sep 10, 2019
- Update VERSION to 12.0.9 · 891da142
  GitLab Release Tools Bot authored 5 years ago
  
  View commits for tag v12.0.9 v12.0.9
  
  891da142
- Update CHANGELOG.md for 12.0.9 · 2973d01e
  GitLab Release Tools Bot authored 5 years ago
  
  [ci skip]
  2973d01e
- Merge branch 'security-12-0-bump-pages' into '12-0-stable' · 0811b37d
  GitLab Release Tools Bot authored 5 years ago
  
  Set max-age and secure flag for pages auth cookies See merge request gitlab/gitlabhq!3381
  0811b37d
Sep 09, 2019
- Upgrade pages to 1.6.3 · b1cd838b
  Vladimir Shushlin authored 5 years ago
  
  b1cd838b
Aug 28, 2019
- Update VERSION to 12.0.8 · 36325e12
  GitLab Release Tools Bot authored 5 years ago
  
  View commits for tag v12.0.8 v12.0.8
  
  36325e12
- Update CHANGELOG.md for 12.0.8 · 3672b97a
  GitLab Release Tools Bot authored 5 years ago
  
  [ci skip]
  3672b97a
- Merge branch... · 6d297bf8
  Jan Provaznik authored 5 years ago and John Skarbek committed 5 years ago
  
  Merge branch '66641-broken-master-real-http-connections-are-disabled-unregistered-request' into 'master' Use `stub_full_request` to fix spec failure Closes #66641 See merge request gitlab-org/gitlab-ce!32259
  Unverified
  
  6d297bf8
- Revert "Update CHANGELOG.md for 12.0.7" · dce99389
  John Jarvis authored 5 years ago
  
  This reverts commit 49858350.
  dce99389
- Merge branch 'security-fix-something-went-wrong-on-when-not-logged-in-ce-12-0' into '12-0-stable' · 1b4a88f0
  GitLab Release Tools Bot authored 5 years ago
  
  Return NO_ACCESS if user is nil See merge request gitlab/gitlabhq!3388
  1b4a88f0
- Return NO_ACCESS if user is nil · e15a6bc1
  Patrick Derichs authored 5 years ago
  
  e15a6bc1
Aug 27, 2019
- Update VERSION to 12.0.7 · 7321d0ab
  GitLab Release Tools Bot authored 5 years ago
  
  View commits for tag v12.0.7 v12.0.7
  
  7321d0ab
- Update CHANGELOG.md for 12.0.7 · 49858350
  GitLab Release Tools Bot authored 5 years ago
  
  [ci skip]
  49858350
Aug 26, 2019

Merge branch 'security-exposed-default-branch-12-0' into '12-0-stable' · 49cee936
GitLab Release Tools Bot authored 5 years ago
```
Avoid exposing unaccessible repo data upon GFM post processing

See merge request gitlab/gitlabhq!3384
```
49cee936

Avoid exposing unaccessible repo data upon GFM processing · c559611a

Oswaldo Ferreir authored 5 years ago

When post-processing relative links to absolute links
RelativeLinkFilter didn't take into consideration that
internal repository data could be exposed for users
that do not have repository access to the project.

This commit solves that by checking whether the user
can `download_code` at this repository, avoiding any
processing of this filter if the user can't.

Additionally, if we're processing for a group (
no project was given), we check if the user can
read it in order to expand the href as an extra.
That doesn't seem necessarily a breach now,
but an extra check doesn't hurt as after all
the user needs to be able to `read_group`.

c559611a

Merge branch 'security-hide_merge_request_ids_on_emails-12-0' into '12-0-stable' · 34034372
GitLab Release Tools Bot authored 5 years ago
```
Prevent disclosure of merge request id via email

See merge request gitlab/gitlabhq!3352
```
34034372
Merge branch 'security-64711-fix-commit-todos-12-0' into '12-0-stable' · 59813521
GitLab Release Tools Bot authored 5 years ago
```
Send TODOs for comments on commits correctly

See merge request gitlab/gitlabhq!3367
```
59813521
Merge branch 'security-59549-add-capcha-for-failed-logins-12-0' into '12-0-stable' · 94bf7a4b
GitLab Release Tools Bot authored 5 years ago
```
Require a captcha after unique failed logins from the same IP

See merge request gitlab/gitlabhq!3296
```
94bf7a4b

Add captcha if there are multiple failed login attempts · 0d3ab841

mksionek authored 5 years ago

Add method to store session ids by ip

Add new specs for storing session ids

Add cleaning up records after login

Add retrieving anonymous sessions

Add login recaptcha setting

Add new setting to sessions controller

Add conditions for showing captcha

Add sessions controller specs

Add admin settings specs for login protection

Add new settings to api

Add stub to devise spec

Add new translation key

Add cr remarks

Rename class call

Add cr remarks

Change if-clause for consistency

Add cr remarks

Add code review remarks

Refactor AnonymousSession class

Add changelog entry

Move AnonymousSession class to lib

Move store unauthenticated sessions to sessions controller

Move link to recaptcha info

Regenerate text file

Improve copy on the spam page

Change action filter for storing anonymous sessions

Fix rubocop offences

Add code review remarks

Fix specs

Update schema version

0d3ab841

Admin message

Admin message