Commits · e2a56af930f9f7d17a6a9b638f52007a60e4cc60 · gpt / large_projects / gitlabhq1

Jan 24, 2018

Return a blank JSON response for a missing .js file to prevent Rails CSRF errors · 79a829a0

Stan Hu authored 7 years ago

The default 404 handler would return the Content-Type format based on the
given format extension. This would cause the Rails CSRF protection to flag an
error, since the .js extension gets mapped to text/javascript format.

Closes #40771

79a829a0

Nov 23, 2017
- Allow password authentication to be disabled entirely · 257fd571
  Markus Koller authored 7 years ago and Douwe Maan committed 7 years ago
  
  257fd571
Nov 20, 2017
- Impersonation no longer gets stuck on password change. · 053a1988
  Tiago Botelho authored 7 years ago
  
  053a1988
Nov 17, 2017
- Applied some code review comments · aecc3eb0
  Francisco Javier López authored 7 years ago
  
  aecc3eb0
- Some fixes after rebase · 41ebd06d
  Francisco Javier López authored 7 years ago
  
  41ebd06d
- Fix OAuth API and RSS rate limiting · 43a682cc
  Michael Kozono authored 7 years ago and Francisco Javier López committed 7 years ago
  
  43a682cc
- Add request throttles · dc9266fb
  Michael Kozono authored 7 years ago and Francisco Javier López committed 7 years ago
  
  dc9266fb
Nov 16, 2017
- Adds Rubocop rule for line break after guard clause · 181cd299
  Jacopo authored 7 years ago
  
  Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses.
  181cd299
Nov 02, 2017
- Remove authentication using user.private_token · 294fa6fc
  Douwe Maan authored 7 years ago
  
  294fa6fc
Oct 21, 2017
- URI decode Page-Title header to preserve UTF-8 characters · f846abdb
  Toon Claes authored 7 years ago and Winnie Hellmann committed 7 years ago
  
  f846abdb
Oct 20, 2017
- URI decode Page-Title header to preserve UTF-8 characters · d8d7faf6
  Toon Claes authored 7 years ago and Winnie Hellmann committed 7 years ago
  
  d8d7faf6
Oct 04, 2017

Fix username and ID not logging in production_json.log for Git activity · 5d52bb59

Stan Hu authored 7 years ago

Devise sets `current_user`, but not all controllers authenticate users by
session tokens. Try to use the controller-defined `authenticated_user` if
`current_user` is not available.

Closes gitlab-org/gitlab-ee#3611

5d52bb59

Sep 26, 2017
- Encode Page-Title header as ISO-8859-1 · 5adae3d8
  Douwe Maan authored 7 years ago
  
  5adae3d8
- Add Page-Title header to tree and blob JSON endpoints · 711bb285
  Douwe Maan authored 7 years ago
  
  711bb285
Sep 01, 2017
- Rollsback changes made to signing_enabled. · 37383d9a
  Tiago Botelho authored 7 years ago
  
  37383d9a
Aug 09, 2017
- Enable the Layout/SpaceBeforeBlockBraces cop · c946ee12
  Rémy Coutable authored 7 years ago
  
  Signed-off-by: Rémy Coutable <remy@rymai.me>
  Verified
  
  c946ee12
Aug 07, 2017
- GRPC::Unavailable (< GRPC::BadStatus) is wrapped in a CommandError · faabcbd3
  Bob Van Landuyt authored 7 years ago
  
  faabcbd3
Aug 04, 2017
- Add a Circuitbreaker for storage paths · 3598e60b
  Bob Van Landuyt :neckbeard: authored 7 years ago
  
  3598e60b
Jul 28, 2017
- Add remote IP, user ID and username to JSON lograge output · 9bc176b2
  Stan Hu authored 7 years ago
  
  This makes the logs a bit more useful to search requests by users.
  9bc176b2
Jul 13, 2017

Fixes needed when GitLab sign-in is not enabled · 672a68d3

Robin Bobbitt authored 7 years ago

When sign-in is disabled:
 - skip password expiration checks
 - prevent password reset requests
 - don’t show Password tab in User Settings
 - don’t allow login with username/password for Git over HTTP requests
 - render 404 on requests to Profiles::PasswordsController

672a68d3

Jul 06, 2017

Allow to enable the performance bar per user or Flipper group · 186048a4

Rémy Coutable authored 7 years ago


A `performance_team` Flipper group has been created. By default this
group is nil but this can be customized in `gitlab.yml` via the
performance_bar.allowed_group setting.

Signed-off-by: Rémy Coutable <remy@rymai.me>

186048a4

Jul 04, 2017

Log rescued exceptions to Sentry · 73d019e1

Stan Hu authored 7 years ago

Support noticed that a number of exceptions, such as
"Encoding::CompatibilityError (incompatible character encodings: UTF-8 and
ASCII-8BIT)", failed to report to Sentry. The `rescue_from` in the
ApplicationController prevented these exceptions from being recorded.
This change ensures that these exceptions are properly captured.

73d019e1

Jun 20, 2017
- Add rescue_from(ActionController::UnknownFormat) in Application Controller · 15b7b9ec
  Pawel Chojnacki authored 7 years ago
  
  15b7b9ec
Jun 09, 2017
- Fix linting, route, and specs · b173ae6b
  Rémy Coutable authored 7 years ago
  
  Signed-off-by: Rémy Coutable <remy@rymai.me>
  b173ae6b
- Small adjustments · f45094a4
  Rémy Coutable authored 7 years ago
  
  Signed-off-by: Rémy Coutable <remy@rymai.me>
  f45094a4
- Don't use Pygment,rb, use Rouge instead, and put peek-pg in the :postgres group · 47054451
  Rémy Coutable authored 7 years ago
  
  Signed-off-by: Rémy Coutable <remy@rymai.me>
  47054451
- New performance bar that can be enabled with the `p b` shortcut · d39ecf1c
  Rémy Coutable authored 7 years ago
  
  Signed-off-by: Rémy Coutable <remy@rymai.me>
  d39ecf1c
May 25, 2017

Bugfix: Always use the default language when generating emails. · 5c921809

Ruben Davila authored 7 years ago

There was a race condition issue when the application was generating an
email and was using a language that was previously being used in other
request.

5c921809

May 24, 2017
- atom links with rss token instead of private token · 6efe9c2f
  Alexis Reigel authored 7 years ago
  
  6efe9c2f
May 09, 2017
- Merge request widget redesign · 0151325d
  Fatih Acet authored 7 years ago and Jacob Schatz committed 7 years ago
  
  0151325d
May 05, 2017
- Redirect from redirect routes to canonical routes · 7d02bcd2
  Michael Kozono authored 7 years ago
  
  7d02bcd2
May 04, 2017
- More updates for translations plus some refactoring. · dbd1bdae
  Ruben Davila authored 7 years ago
  
  dbd1bdae
May 03, 2017
- First round of updates from the code review. · 6d5364cf
  Ruben Davila authored 7 years ago
  
  6d5364cf
Apr 28, 2017
- Resolve "Add more tests for spec/controllers/projects/builds_controller_spec.rb" · 73ac7b2d
  Dosuken shinya authored 7 years ago
  
  73ac7b2d
Apr 20, 2017
- Fix Rubocop complains plus some small refactor · 1de135bc
  Ruben Davila authored 7 years ago
  
  1de135bc
Apr 13, 2017
- Set locale through controller filter · 73d0730d
  Ruben Davila authored 7 years ago
  
  73d0730d
Apr 06, 2017
- Extract 2FA-related code from ApplicationController · 7140e09e
  Markus Koller authored 8 years ago
  
  7140e09e
- Support 2FA requirement per-group · a3430f01
  Markus Koller authored 8 years ago
  
  a3430f01
- Move AuthHelper#two_factor_skippable? into ApplicationController · 57374fea
  Markus Koller authored 8 years ago
  
  57374fea
Mar 22, 2017
- Don't try to find a user by personal_access_token if the token is nil · 8b6041bc
  Rémy Coutable authored 7 years ago
  
  Signed-off-by: Rémy Coutable <remy@rymai.me>
  8b6041bc

Admin message

Admin message