Commits · 075efefa5f88454cb1afda1f0270e91edcb55ed3 · Mark Lapierre / GitLab

Aug 31, 2023
- Update VERSION files · 075efefa
  GitLab Release Tools Bot authored 1 year ago
  
  [merge-train skip]
  View commits for tag v16.1.5-ee v16.1.5-ee
  
  075efefa
- Update changelog for 16.1.5 · fefd9d16
  GitLab Release Tools Bot authored 1 year ago
  
  [ci skip]
  fefd9d16
- Update managed components version to 16.1.5 · 6c5381eb
  GitLab Release Tools Bot authored 1 year ago
  
  [ci skip]
  6c5381eb
Aug 30, 2023

Merge branch 'security-415117-confidential-issue-16-1' into '16-1-stable-ee' · ffa91fbd

GitLab Release Tools Bot authored 1 year ago

Add authorization checks to import status endpoint

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3515



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Dylan Griffith <dyl.griffith@gmail.com>
Approved-by: Luke Duncalfe <lduncalfe@gitlab.com>
Co-authored-by: bmarjanovic <bmarjanovic@gitlab.com>

ffa91fbd

Add authorization checks to import status endpoint · c2dad079
Bojan Marjanović authored 1 year ago and GitLab Release Tools Bot committed 1 year ago
```
Merge branch 'security-415117-confidential-issue-16-1' into '16-1-stable-ee'

See merge request gitlab-org/security/gitlab!3515

Changelog: security
```
c2dad079

Merge branch 'security-update-commonmarker-16-1' into '16-1-stable-ee' · b56a85c4

GitLab Release Tools Bot authored 1 year ago

Update commonmarker to 0.23.10

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3509



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Mario Celi <mcelicalderon@gitlab.com>
Co-authored-by: Brett Walker <bwalker@gitlab.com>

b56a85c4

Update commonmarker to 0.23.10 · 13c49cfe

Brett Walker authored 1 year ago and

GitLab Release Tools Bot committed 1 year ago

Merge branch 'security-update-commonmarker-16-1' into '16-1-stable-ee'

See merge request gitlab-org/security/gitlab!3509

Changelog: security

13c49cfe

Merge branch 'security-dast-reset-secrets-16-1' into '16-1-stable-ee' · a12c98a5

GitLab Release Tools Bot authored 1 year ago

Remove DAST secret variables when URL is updated

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3500



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Aboobacker MK <akarakath@gitlab.com>
Approved-by: Himanshu Kapoor <info@fleon.org>
Co-authored-by: Dheeraj Joshi <djoshi@gitlab.com>

a12c98a5

Remove DAST secret variables when URL is updated · 8c5c9eda
Dheeraj Joshi authored 1 year ago and GitLab Release Tools Bot committed 1 year ago
```
Merge branch 'security-dast-reset-secrets-16-1' into '16-1-stable-ee'

See merge request gitlab-org/security/gitlab!3500

Changelog: security
```
8c5c9eda

Merge branch 'security-422134-confidential-issue-16-1' into '16-1-stable-ee' · 312078e5

GitLab Release Tools Bot authored 1 year ago

Maintainer can leak sentry token by changing the configured URL

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3518

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Allen Cook <acook@gitlab.com>
Co-authored-by: bmarjanovic <bmarjanovic@gitlab.com>

312078e5

Maintainer can leak sentry token by changing the configured URL · 9d961725
Bojan Marjanović authored 1 year ago and GitLab Release Tools Bot committed 1 year ago
```
Merge branch 'security-422134-confidential-issue-16-1' into '16-1-stable-ee'

See merge request gitlab-org/security/gitlab!3518

Changelog: security
```
9d961725

Merge branch... · 2bc91b06

GitLab Release Tools Bot authored 1 year ago

Merge branch 'security-smriti-417664/external_user_escalated_service_account-16-1' into '16-1-stable-ee'

Service account users are external by default

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3503

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Aboobacker MK <akarakath@gitlab.com>
Co-authored-by: smriti <sgarg@gitlab.com>

2bc91b06

Service account users are external by default · 64d11f5e

Smriti Garg authored 1 year ago and

GitLab Release Tools Bot committed 1 year ago

Merge branch 'security-smriti-417664/external_user_escalated_service_account-16-1' into '16-1-stable-ee'

See merge request gitlab-org/security/gitlab!3503

Changelog: security

64d11f5e

Merge branch 'security-reporter-group-labels-16-1' into '16-1-stable-ee' · bbb7cd5a

GitLab Release Tools Bot authored 1 year ago

Additional permission check when editing label

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3506



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Mark Chao <mchao@gitlab.com>
Co-authored-by: Brett Walker <bwalker@gitlab.com>

bbb7cd5a

Additional permission check when editing label · f2cb7eba

Brett Walker authored 1 year ago and

GitLab Release Tools Bot committed 1 year ago

Merge branch 'security-reporter-group-labels-16-1' into '16-1-stable-ee'

See merge request gitlab-org/security/gitlab!3506

Changelog: security

f2cb7eba

Merge branch 'security-415067-redos-in-bulk_imports-api-16-1' into '16-1-stable-ee' · c7359025

GitLab Release Tools Bot authored 1 year ago

Fix ReDOS in bulk_imports endpoint params

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3512



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Bojan Marjanovic <bmarjanovic@gitlab.com>
Co-authored-by: Luke Duncalfe <lduncalfe@eml.cc>

c7359025

Fix ReDOS in bulk_imports endpoint params · c5815c2b

Luke Duncalfe authored 1 year ago and

GitLab Release Tools Bot committed 1 year ago

Merge branch 'security-415067-redos-in-bulk_imports-api-16-1' into '16-1-stable-ee'

See merge request gitlab-org/security/gitlab!3512

Changelog: security

c5815c2b

Merge branch... · d2e2021c

GitLab Release Tools Bot authored 1 year ago

Merge branch 'security-prevent-namespace-level-banned-users-from-accessing-api-16-1' into '16-1-stable-ee'

Prevent namespace level banned users from accessing API

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3485

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Kassio Borges <kborges@gitlab.com>
Co-authored-by: Alex Buijs <abuijs@gitlab.com>

d2e2021c

Prevent namespace level banned users from accessing API · c99f5af5

Alex Buijs authored 1 year ago and

GitLab Release Tools Bot committed 1 year ago

Merge branch 'security-prevent-namespace-level-banned-users-from-accessing-api-16-1' into '16-1-stable-ee'

See merge request gitlab-org/security/gitlab!3485

Changelog: security

c99f5af5

Merge branch 'security-415338-16-1' into '16-1-stable-ee' · 88cdcd51

GitLab Release Tools Bot authored 1 year ago

Check prohibit_outer_forks in fork relationship api

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3478

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Alexandru Croitor <acroitor@gitlab.com>
Co-authored-by: ghinfeydesktop <ghinfey@gitlabdesktop.com>

88cdcd51

Check prohibit_outer_forks in fork relationship api · 8d2c0249
Gavin Hinfey authored 1 year ago and GitLab Release Tools Bot committed 1 year ago
```
Merge branch 'security-415338-16-1' into '16-1-stable-ee'

See merge request gitlab-org/security/gitlab!3478

Changelog: security
```
8d2c0249

Merge branch 'security-refs-switch-redirect-16-1' into '16-1-stable-ee' · 5e5c211c

GitLab Release Tools Bot authored 1 year ago

Prevent traversal for `path` parameter in refs/switch endpoint

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3476

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Michael Kozono <mkozono@gitlab.com>
Co-authored-by: Thong Kuah <tkuah@gitlab.com>

5e5c211c

Prevent traversal for `path` parameter in refs/switch endpoint · ce664649
Thong Kuah authored 1 year ago and GitLab Release Tools Bot committed 1 year ago
```
Merge branch 'security-refs-switch-redirect-16-1' into '16-1-stable-ee'

See merge request gitlab-org/security/gitlab!3476

Changelog: security
```
ce664649

Merge branch 'security-414502-confidential-gitaly-keyset-16-1' into '16-1-stable-ee' · 995f3e61

GitLab Release Tools Bot authored 1 year ago

Gitaly keyset pager when pagination none only with tree view

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3482

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Dmitry Gruzd <dgruzd@gitlab.com>
Co-authored-by: Patrick Cyiza <jpcyiza@gitlab.com>

995f3e61

Gitaly keyset pager when pagination none only with tree view · 884a061d

Patrick Cyiza authored 1 year ago and

GitLab Release Tools Bot committed 1 year ago

Merge branch 'security-414502-confidential-gitaly-keyset-16-1' into '16-1-stable-ee'

See merge request gitlab-org/security/gitlab!3482

Changelog: security

884a061d

Aug 23, 2023

Merge branch 'cherry-pick--3' into '16-1-stable-ee' · 41163032

Mayra Cabrera authored 1 year ago

Backport "Geo: Resync direct upload object stored artifacts" to 16.1

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129884

Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Douglas Barbosa Alexandre <dbalexandre@gmail.com>
Approved-by: Mayra Cabrera <mcabrera@gitlab.com>
Co-authored-by: Douglas Barbosa Alexandre <dbalexandre@gmail.com>

41163032

Aug 22, 2023

Geo: Resync direct upload object stored artifacts · 2bb514a6

Douglas Barbosa Alexandre authored 1 year ago

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/128939



Merged-by: Douglas Barbosa Alexandre <dbalexandre@gmail.com>
Approved-by: Gregory Havenga <11164960-ghavenga@users.noreply.gitlab.com>
Approved-by: Douglas Barbosa Alexandre <dbalexandre@gmail.com>
Co-authored-by: Mike Kozono <mkozono@gitlab.com>

(cherry picked from commit eaa8da04)

33f2f25d Resync direct upload object stored artifacts
15737ede Perform update queries in Sidekiq job

Changelog: fixed
EE: true

Unverified

2bb514a6

Aug 14, 2023

Merge branch '16-1-danger-current-stable-version' into '16-1-stable-ee' · 1e95bbbc

Reuben Pereira authored 1 year ago

Adjust Danger logic for stable branches

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/128764



Merged-by: Reuben Pereira <2967854-rpereira2@users.noreply.gitlab.com>
Approved-by: David Dieulivol <ddieulivol@gitlab.com>
Co-authored-by: Steve Abrams <sabrams@gitlab.com>

1e95bbbc

Aug 11, 2023

Merge branch 'revert--16-1-backport' into '16-1-stable-ee' · 2a7d064a

Reuben Pereira authored 1 year ago

Revert "Log rails response length" - 16.1 Backport

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/128779



Merged-by: Reuben Pereira <2967854-rpereira2@users.noreply.gitlab.com>
Approved-by: Bob Van Landuyt <bob@gitlab.com>
Co-authored-by: Robert May <rmay@gitlab.com>

2a7d064a

Aug 08, 2023
- Revert "Log rails response length" · 7bb2cc71
  Robert May authored 1 year ago
  
  This reverts commit cd158c29.
  7bb2cc71
- Adjust Danger logic for stable branches · 6fabeba3
  Steve Abrams authored 1 year ago
  
  Danger only considers the current stable version when checking if it is within the maintenance policy.
  6fabeba3
Aug 03, 2023
- Update VERSION files · 191f3331
  GitLab Release Tools Bot authored 1 year ago
  
  [merge-train skip]
  View commits for tag v16.1.4-ee v16.1.4-ee
  
  191f3331
- Update changelog for 16.1.4 · aa295aa5
  GitLab Release Tools Bot authored 1 year ago
  
  [ci skip]
  aa295aa5
- Update managed components version to 16.1.4 · 04589e13
  GitLab Release Tools Bot authored 1 year ago
  
  [ci skip]
  04589e13
- Merge branch 'cherry-pick-8f9de66a -2' into '16-1-stable-ee' · ff7a2267
  Steve Abrams authored 1 year ago
  
  Backport "Fix artifacts object storage geo replication" to 16.1 See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/128291 Merged-by: Steve Abrams <sabrams@gitlab.com> Approved-by: Michael Kozono <mkozono@gitlab.com> Approved-by: Steve Abrams <sabrams@gitlab.com> Co-authored-by: Michael Kozono <mkozono@gitlab.com>
  ff7a2267
Aug 02, 2023

Merge branch 'eb-fix-object-storage-store-geo' into 'master' · ec2c2eeb

Michael Kozono authored 1 year ago and

Frederick Bajao committed 1 year ago

Fix artifacts object storage geo replication

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/127733



Merged-by: Michael Kozono <mkozono@gitlab.com>
Approved-by: Michael Kozono <mkozono@gitlab.com>
Reviewed-by: Michael Kozono <mkozono@gitlab.com>
Reviewed-by: Erick Bajao <fbajao@gitlab.com>
Reviewed-by: Albert Salim <asalim@gitlab.com>
Co-authored-by: Erick Bajao <fbajao@gitlab.com>

(cherry picked from commit 8f9de66a)

eeef8e59 Fix artifacts object storage geo replication
69f402ed Explain why we need to override store method
ccdd72cd Improve specs and explanation

ec2c2eeb

Aug 01, 2023
- Merge remote-tracking branch 'dev/16-1-stable-ee' into 16-1-stable-ee · 955429c2
  GitLab Release Tools Bot authored 1 year ago
  
  955429c2
- Update VERSION files · 6bcf60f9
  GitLab Release Tools Bot authored 1 year ago
  
  [merge-train skip]
  View commits for tag v16.1.3-ee v16.1.3-ee
  
  6bcf60f9
- Update changelog for 16.1.3 · 7542b129
  GitLab Release Tools Bot authored 1 year ago
  
  [ci skip]
  7542b129
- Update managed components version to 16.1.3 · 77940bde
  GitLab Release Tools Bot authored 1 year ago
  
  [ci skip]
  77940bde

Admin message

Admin message