Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-03-28 | Update VERSION to 11.7.10v11.7.10 | GitLab Release Tools Bot | |
2019-03-28 | Update CHANGELOG.md for 11.7.10 | GitLab Release Tools Bot | |
[ci skip] | |||
2019-03-28 | Revert "Update CHANGELOG.md for 11.7.9" | Robert Speicher | |
This reverts commit 136cc1324f2142b6e35db673d8ab1683c2da8d8d. | |||
2019-03-28 | Merge branch 'security-exif-fix-orientation-11-7' into '11-7-stable' | GitLab Release Tools Bot | |
Preserve Orientation when removing EXIF See merge request gitlab/gitlabhq!3045 | |||
2019-03-28 | Preserve Orientation when removing EXIF | Jan Provaznik | |
2019-03-27 | Update VERSION to 11.7.9v11.7.9 | GitLab Release Tools Bot | |
2019-03-27 | Update CHANGELOG.md for 11.7.9 | GitLab Release Tools Bot | |
[ci skip] | |||
2019-03-27 | Revert "Update CHANGELOG.md for 11.7.8" | Robert Speicher | |
This reverts commit eccc8f056b200cdef235648f721dca01fd1514c4. | |||
2019-03-27 | Merge branch '11-7-stable' of dev.gitlab.org:gitlab/gitlabhq into 11-7-stable | Robert Speicher | |
2019-03-27 | Update VERSION to 11.7.8v11.7.8 | GitLab Release Tools Bot | |
2019-03-27 | Update CHANGELOG.md for 11.7.8 | GitLab Release Tools Bot | |
[ci skip] | |||
2019-03-26 | Merge branch 'security-55503-fix-pdf-js-11-7' into '11-7-stable' | Yorick Peterse | |
Fix PDF.js vulnerability See merge request gitlab/gitlabhq!3026 | |||
2019-03-26 | Merge branch 'security-mass-assignment-on-project-update-11-7' into ↵ | Yorick Peterse | |
'11-7-stable' Disallow changing namespace of a project in update method See merge request gitlab/gitlabhq!3031 | |||
2019-03-26 | Merge branch 'security-milestone-labels-11-7' into '11-7-stable' | GitLab Release Tools Bot | |
Check label_ids parent when updating issue board See merge request gitlab/gitlabhq!3037 | |||
2019-03-26 | Merge branch 'security-use-untrusted-regexp-11-7' into '11-7-stable' | GitLab Release Tools Bot | |
Use UntrustedRegexp for CI refs matching See merge request gitlab/gitlabhq!3008 | |||
2019-03-26 | Merge branch 'security-exif-migration-11-7' into '11-7-stable' | GitLab Release Tools Bot | |
Rake task for removing exif from uploads See merge request gitlab/gitlabhq!3012 | |||
2019-03-26 | Merge branch 'security-2819-xss-resolve-conflicts-branch-name-11-7' into ↵ | GitLab Release Tools Bot | |
'11-7-stable' Fix XSS in resolve conflicts form See merge request gitlab/gitlabhq!2988 | |||
2019-03-26 | Merge branch 'security-56224-11-7' into '11-7-stable' | GitLab Release Tools Bot | |
Fix related branches visible in issues for guests See merge request gitlab/gitlabhq!3020 | |||
2019-03-26 | Merge branch 'security-disallow-guests-to-access-releases-11-7' into ↵ | GitLab Release Tools Bot | |
'11-7-stable' Disallow guest users from accessing Releases See merge request gitlab/gitlabhq!3044 | |||
2019-03-26 | Disallow guest users from accessing Releases | Shinya Maeda | |
As they do not have a permission to read git tag | |||
2019-03-26 | Refactor specs according to the code review | Małgorzata Ksionek | |
2019-03-25 | Rake task for removing exif from uploads | Jan Provaznik | |
Adds a rake task which can be used for removing EXIF data from existing uploads. | |||
2019-03-25 | Add cr remarks | Małgorzata Ksionek | |
2019-03-25 | Check if labels are available for target issuable | Jarka Košanová | |
- labels have to be in the same project/group as an issuable | |||
2019-03-21 | Disallow changing namespace of a project in update method | Małgorzata Ksionek | |
2019-03-20 | Updated PDF.js to 2.0.943 | Natalia Tepluhina | |
fix: changed PDFJS prop to GlobalWorkerOptions Fixed pdf tests Added changelog entry | |||
2019-03-20 | Hide related branches when user does not have permission | Mark Chao | |
Guest user of a project should not see branches | |||
2019-03-19 | Update VERSION to 11.7.7v11.7.7 | GitLab Release Tools Bot | |
2019-03-19 | Update CHANGELOG.md for 11.7.7 | GitLab Release Tools Bot | |
[ci skip] | |||
2019-03-19 | Merge branch 'security-11-7-2826-fix-project-serialization-in-quick-actions' ↵ | Yorick Peterse | |
into '11-7-stable' Fix project serialization in quick actions response See merge request gitlab/gitlabhq!3017 | |||
2019-03-18 | Only return `commands_changes` used in frontend | Heinrich Lee Yu | |
When executing quick actions, this limits the `commands_changes` response to only those used by the frontend | |||
2019-03-15 | Make CI refs matching to to use UntrustedRegexp | Kamil Trzciński | |
This makes ref validation to use always `UntrustedRegexp`. This also splits the existing RubySyntax into separate class. | |||
2019-03-05 | Fix XSS in resolve conflicts form | Paul Slaughter | |
The issue arose when the branch name contained Vue template JavaScript. The fix is to use `v-pre` which disables Vue compilation in a template. | |||
2019-03-04 | Merge branch 'security-shared-project-private-group-11-7' into '11-7-stable' | Yorick Peterse | |
Sharing a public project with a private group makes the group page publicly accessible See merge request gitlab/gitlabhq!2985 | |||
2019-02-28 | Secure vulerability and add specs | Małgorzata Ksionek | |
2019-02-28 | Update VERSION to 11.7.6v11.7.6 | GitLab Release Tools Bot | |
2019-02-28 | Update CHANGELOG.md for 11.7.6 | GitLab Release Tools Bot | |
[ci skip] | |||
2019-02-28 | Merge branch '11-7-security-2774-milestones-detail' into '11-7-stable' | Robert Speicher | |
Display only information visible to current user on Milestone detail See merge request gitlab/gitlabhq!2918 | |||
2019-02-27 | Display only informaton visible to current user | Jarka Košanová | |
Display only labels and assignees of issues visible by the currently logged user Display only issues visible to user in the burndown chart | |||
2019-02-27 | Merge branch 'security-id-fix-mr-visibility-11-7' into '11-7-stable' | Yorick Peterse | |
Display the correct number of MRs a user has access to See merge request gitlab/gitlabhq!2928 | |||
2019-02-27 | Display the correct number of MRs a user has access to | Igor Drozdov | |
2019-02-27 | Merge branch 'security-2818_filter_impersonated_sessions-11-7' into ↵ | Yorick Peterse | |
'11-7-stable' Filter impersonated sessions from active sessions and remove ability to revoke session See merge request gitlab/gitlabhq!2982 | |||
2019-02-27 | Merge branch 'security-id-restricted-access-to-private-repo-11-7' into ↵ | Yorick Peterse | |
'11-7-stable' Forbid creating discussions for users with restricted access See merge request gitlab/gitlabhq!2891 | |||
2019-02-27 | Merge branch '11-7-security-2773-milestones-fix' into '11-7-stable' | Yorick Peterse | |
Check issue milestone availability See merge request gitlab/gitlabhq!2905 | |||
2019-02-27 | Merge branch 'security-tags-oracle-11-7' into '11-7-stable' | Yorick Peterse | |
Prevent Releases links API to leak tag existence See merge request gitlab/gitlabhq!2909 | |||
2019-02-27 | Merge branch 'security-2798-fix-boards-policy-11-7' into '11-7-stable' | Yorick Peterse | |
Disable issue board policies when issues are disabled See merge request gitlab/gitlabhq!2911 | |||
2019-02-27 | Merge branch '11-7-security-2797-milestone-mrs' into '11-7-stable' | Yorick Peterse | |
Show only MRs visible to user on milestone detail See merge request gitlab/gitlabhq!2924 | |||
2019-02-27 | Merge branch 'security-commit-private-related-mr-11-7' into '11-7-stable' | Yorick Peterse | |
Don't allow non-members to see private related MRs See merge request gitlab/gitlabhq!2931 | |||
2019-02-27 | Merge branch 'security-kubernetes-google-login-csrf-11-7' into '11-7-stable' | Yorick Peterse | |
Validate session key when authorizing with GCP to create a cluster See merge request gitlab/gitlabhq!2935 | |||
2019-02-27 | Merge branch 'security-50334-11-7' into '11-7-stable' | Yorick Peterse | |
Fix git clone revealing private repo's presence See merge request gitlab/gitlabhq!2939 |