Commits · fc6cef05fe76fb3675818372ba334d1f719d87fc · gpt / large_projects / gitlabhq1

Mar 12, 2019

Merge branch 'rs-fix-time-based-broken-master' into 'master' · fc6cef05

Fatih Acet authored 6 years ago

Freeze date in merge request status view spec

See merge request gitlab-org/gitlab-ce!25671

(cherry picked from commit c994484d)

a05aba61 Freeze date in merge request status view spec

fc6cef05

Mar 11, 2019

Merge branch 'qa-quarantine-failing-push-mirror-repo-spec' into 'master' · 77f5a72b

Ramya Authappan authored 6 years ago

Quarantine failing push_mirroring_over_http_spec

See merge request gitlab-org/gitlab-ce!25590

(cherry picked from commit 68b1ed92)

141c5e4e Quarantine failing spec

77f5a72b

Merge branch 'jc-fix-set-project-writable' into 'master' · 8cb05f91

Douglas Barbosa Alexandre authored 6 years ago

Fix method to mark a project repository as writable

See merge request gitlab-org/gitlab-ce!25546

(cherry picked from commit a8a02387)

df044542 Fix project set_repository_writable!

8cb05f91

Merge branch '58149-fix-read-list-board-policy' into 'master' · 5995ff97

Nick Thomas authored 6 years ago

Allow `:read_list` when `:read_group` is allowed

Closes #58149

See merge request gitlab-org/gitlab-ce!25524

(cherry picked from commit 61c1509c)

b81e7c52 Enable `:read_list` when `:read_group` is enabled

5995ff97

Merge branch 'sh-fix-issue-58103' into 'master' · fbe2f04a

Grzegorz Bizon authored 6 years ago

Properly handle multiple X-Forwarded-For addresses in runner IP

Closes #58103

See merge request gitlab-org/gitlab-ce!25511

(cherry picked from commit dbf0a922)

d03b7bb1 Properly handle multiple X-Forwarded-For addresses in runner IP

fbe2f04a

Merge branch 'jl-update-ruby-2-5-docs' into 'master' · aec68fbd

Evan Read authored 6 years ago

Update minimum ruby version to 2.5.

See merge request gitlab-org/gitlab-ce!25496

(cherry picked from commit 74cf92aa)

ac34b4ac Update minimum ruby version to 2.5.
a538b6db Update example versions

aec68fbd

Merge branch 'ps-remove-mr-widget-section-padding' into 'master' · d94c6510

Annabel Dunstone Gray authored 6 years ago

Remove padding for mr-widget-section

See merge request gitlab-org/gitlab-ce!25475

(cherry picked from commit a6d52ff8)

7bd65593 Remove padding for mr-widget-section

d94c6510

Merge branch 'docs-review-mr-diffs-admin' into 'master' · a1624833

Sean McGivern authored 6 years ago

Docs review: MR diffs external storage

Closes #57335

See merge request gitlab-org/gitlab-ce!25433

(cherry picked from commit 56b82db6)

1387983b Docs review: wording, styles, missing links
01680510 Copy edit - add missing preposition

a1624833

Merge branch 'qa-team-tasks-92-test-failure-retries' into 'master' · b4186403

Mark Lapierre authored 6 years ago

Retry failing tests

Closes gitlab-org/quality/team-tasks#92

See merge request gitlab-org/gitlab-ce!25391

(cherry picked from commit b570f53d)

d54cb37d Retry failed tests with rspec-retry

b4186403

Merge branch '57579-gitlab-project-import-fails-sidekiq-undefined-method-import_jid' into 'master' · f69066a2

Stan Hu authored 6 years ago

Resolve "Gitlab Project import fails: sidekiq undefined method import_jid"

Closes #57579

See merge request gitlab-org/gitlab-ce!25239

(cherry picked from commit c06ebe51)

401a3bca Fix import_jid error on project import

f69066a2

Feb 28, 2019
- Update VERSION to 11.8.1 · 657d5085
  GitLab Release Tools Bot authored 6 years ago
  
  View commits for tag v11.8.1 v11.8.1
  
  657d5085
- Update CHANGELOG.md for 11.8.1 · ae001ece
  GitLab Release Tools Bot authored 6 years ago
  
  [ci skip]
  ae001ece
Feb 27, 2019
- Merge branch '11-8-security-2774-milestones-detail' into '11-8-stable' · ea9734fa
  Robert Speicher authored 6 years ago
  
  Display only information visible to current user on Milestone detail See merge request gitlab/gitlabhq!2917
  ea9734fa
- Display only informaton visible to current user · 4e893f03
  Jarka Kadlecova authored 6 years ago
  
  Display only labels and assignees of issues visible by the currently logged user Display only issues visible to user in the burndown chart
  4e893f03
- Merge branch 'security-id-fix-mr-visibility-11-8' into '11-8-stable' · 1207153b
  Yorick Peterse authored 6 years ago
  
  Display the correct number of MRs a user has access to See merge request gitlab/gitlabhq!2929
  1207153b
- Display the correct number of MRs a user has access to · b1bc3b81
  Igor Drozdov authored 6 years ago
  
  b1bc3b81
- Merge branch 'security-2818_filter_impersonated_sessions-11-8' into '11-8-stable' · b001a30f
  Yorick Peterse authored 6 years ago
  
  Filter impersonated sessions from active sessions and remove ability to revoke session See merge request gitlab/gitlabhq!2981
  b001a30f
- Merge branch 'security-id-restricted-access-to-private-repo-11-8' into '11-8-stable' · 0688d49f
  Yorick Peterse authored 6 years ago
  
  Forbid creating discussions for users with restricted access See merge request gitlab/gitlabhq!2890
  0688d49f
- Merge branch '11-8-security-2773-milestones-fix' into '11-8-stable' · a5ee0810
  Yorick Peterse authored 6 years ago
  
  Check issue milestone availability See merge request gitlab/gitlabhq!2904
  a5ee0810
- Merge branch 'security-tags-oracle-11-8' into '11-8-stable' · cefed976
  Yorick Peterse authored 6 years ago
  
  Prevent Releases links API to leak tag existence See merge request gitlab/gitlabhq!2908
  cefed976
- Merge branch 'security-2798-fix-boards-policy-11-8' into '11-8-stable' · 5ba20d39
  Yorick Peterse authored 6 years ago
  
  Disable issue board policies when issues are disabled See merge request gitlab/gitlabhq!2910
  5ba20d39
- Merge branch '11-8-security-2797-milestone-mrs' into '11-8-stable' · f44d4b3d
  Yorick Peterse authored 6 years ago
  
  Show only MRs visible to user on milestone detail See merge request gitlab/gitlabhq!2923
  f44d4b3d
- Merge branch 'security-commit-private-related-mr-11-8' into '11-8-stable' · f29fb475
  Yorick Peterse authored 6 years ago
  
  Don't allow non-members to see private related MRs See merge request gitlab/gitlabhq!2930
  f29fb475
- Merge branch 'security-kubernetes-google-login-csrf-11-8' into '11-8-stable' · 36682146
  Yorick Peterse authored 6 years ago
  
  Validate session key when authorizing with GCP to create a cluster See merge request gitlab/gitlabhq!2934
  36682146
- Merge branch 'security-50334-11-8' into '11-8-stable' · 1b00e2bf
  Yorick Peterse authored 6 years ago
  
  Fix git clone revealing private repo's presence See merge request gitlab/gitlabhq!2938
  1b00e2bf
- Merge branch 'security-56348-11-8' into '11-8-stable' · 8b269cad
  Yorick Peterse authored 6 years ago
  
  Check snippet attached file to be moved is within designated directory See merge request gitlab/gitlabhq!2941
  8b269cad
- Merge branch 'security-55468-check-validity-before-querying-11-8' into '11-8-stable' · 7ac2691a
  Yorick Peterse authored 6 years ago
  
  Fix blind SSRF in Prometheus Integration See merge request gitlab/gitlabhq!2944
  7ac2691a
- Check validity of prometheus_service before query · 515bb4e6
  Reuben Pereira authored 6 years ago
  
  Check validity before querying so that if the dns entry for the api_url has been changed to something invalid after the model was saved and checked for validity, it will not query. This is to solve a toctou (time of check to time of use) issue.
  515bb4e6
- Merge branch 'security-protect-private-repo-information-11-8' into '11-8-stable' · ae54a129
  Yorick Peterse authored 6 years ago
  
  Fix leaking private repository information in API See merge request gitlab/gitlabhq!2948
  ae54a129
- Merge branch 'security-fj-diff-import-file-read-fix-11-8' into '11-8-stable' · 5eb62fb9
  Yorick Peterse authored 6 years ago
  
  Arbitrary file read via MergeRequestDiff See merge request gitlab/gitlabhq!2951
  5eb62fb9
- Arbitrary file read via MergeRequestDiff · a624cec9
  Francisco Javier López authored 6 years ago
  
  a624cec9
- Merge branch '11-8-security-2799-emails' into '11-8-stable' · 86363c20
  Yorick Peterse authored 6 years ago
  
  Remove link after issue move when no permissions See merge request gitlab/gitlabhq!2955
  86363c20
- Merge branch 'security-kubernetes-local-ssrf-11-8' into '11-8-stable' · 79132514
  Yorick Peterse authored 6 years ago
  
  Block local URLs for Kubernetes integration See merge request gitlab/gitlabhq!2959
  79132514
- Merge branch... · a738d031
  Yorick Peterse authored 6 years ago
  
  Merge branch 'security-add-public-internal-groups-as-members-to-your-project-idor-11-8' into '11-8-stable' Add public/internal groups as members to your Project(IDOR) See merge request gitlab/gitlabhq!2962
  a738d031
- Merge branch 'security-osw-stop-linking-to-packages-11-8' into '11-8-stable' · 361151f1
  Yorick Peterse authored 6 years ago
  
  Stop linking to unrecognized package sources See merge request gitlab/gitlabhq!2969
  361151f1
- Merge branch 'security-issue_54789_2-11-8' into '11-8-stable' · 0a328bc5
  Yorick Peterse authored 6 years ago
  
  [11.8] Prevent disclosing project milestone titles See merge request gitlab/gitlabhq!2973
  0a328bc5
- Merge branch 'security-mermaid-11-8' into '11-8-stable' · eeb1974a
  Yorick Peterse authored 6 years ago
  
  Limit number of characters allowed in mermaidjs See merge request gitlab/gitlabhq!2978
  eeb1974a
- Remove ability to revoke active session · 8343a1ac
  Imre (Admin) authored 6 years ago
  
  Session ID is used as a parameter for the revoke session endpoint but it should never be included in the HTML as an attacker could obtain it via XSS.
  Unverified
  
  8343a1ac
- Filter active sessions belonging to an admin impersonating the user · 6e86d5e6
  Imre (Admin) authored 6 years ago
  
  Unverified
  
  6e86d5e6
- Limit number of characters allowed in mermaidjs · d50ad7e6
  Rajat Jain authored 6 years ago
  
  d50ad7e6

Admin message

Admin message