| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
Changelog: https://github.com/getsentry/raven-ruby/releases
|
|
|
|
Hamlit is a library that's faster than Haml while implementing most of its features: https://github.com/k0kubun/hamlit
Not sure if this breaks anything, but as far as I can tell most things work the same. No obvious regressions that I've been able to find.
|
|
Update mail_room to 0.8.0 to resolve #13357
Update mail_room to 0.8.0 to resolve #13357
Which includes the fix from:
https://github.com/tpitale/mail_room/pull/73
See merge request !4835
|
|
Which includes the fix from:
https://github.com/tpitale/mail_room/pull/73
|
|
Fixes https://github.com/fnando/browser/issues/241
|
|
Export project functionality
This is a MR for the export functionality of https://gitlab.com/gitlab-org/gitlab-ce/issues/3050, which adds the ability to export single projects.
- [x] members
- DB data
- [x] issues
- [x] issue comments
- [x] merge requests
- [x] merge request diff
- [x] merge request comments
- [x] labels
- [x] milestones
- [x] snippets
- [x] releases
- [x] events
- [x] commit statuses
- [x] CI builds
- File system data
- [x] Git repository
- [x] wiki
- [x] uploads
- [ ] ~~CI build traces~~
- [ ] ~~CI build artifacts~~
- [ ] ~~LFS objects~~
- DB configuration
- [x] services
- [x] web hooks
- [x] protected branches
- [x] deploy keys
- [x] CI variables
- [x] CI triggers
See merge request !3114
|
|
|
|
|
|
Replace raphael-rails with raphael.js and split it from the rest of the JS
## What does this MR do?
Removes raphael.js and its related libraries from the default JS bundle.
It also removes raphael-rails because the gem is unmaintained and – for whatever reason – didn't want to cooperate with the way I was trying to require it.
This brings the default (compressed and minified) application.js from 354KB after the d3 MR (!4394) down to 324KB.
## Are there points in the code the reviewer needs to double check?
That tests pass and that there aren't errors on any pages (especially the Network page).
## Why was this MR needed?
It's only used on the Network page and was using way too much bandwidth for just one page.
## What are the relevant issue numbers?
#14372 #13165
Follow-up to !4394 and !4516.
cc: @jschatz1
See merge request !4519
|
|
|
|
'feature/project-import' of gitlab.com:gitlab-org/gitlab-ce into feature/project-export-ui-experimental
# Conflicts:
# Gemfile.lock
# app/helpers/todos_helper.rb
# app/models/todo.rb
# app/views/projects/edit.html.haml
# lib/gitlab/import_export/import_service.rb
|
|
|
|
Removes a few dependencies.
Changelog: https://github.com/presidentbeef/brakeman/blob/master/CHANGES
|
|
the JavaScript. The gem isn't maintained anymore anyway. Added a network folder with an application.js including raphael components, since that's the only page using it currently.
|
|
Add fog-azure to supported backup list
!4396 left out Azure by accident.
See merge request !4444
|
|
|
|
Closes #18210
|
|
|
|
# Conflicts:
# .gitlab-ci.yml
|
|
License finder gem
Every time a gem is added to the Gemfile, or a gem is updated with a new dependency or change of license, LicenseFinder will check to ensure that the license in use has been whitelisted for use in the project. GPLv2 and GPLv3 libraries are not allowed to be linked-to from non-GPL projects (e.g. the MIT-licensed GitLab CE or proprietary EE), otherwise we're violating the license.
https://github.com/pivotal/LicenseFinder
See also: gitlab-com/operations#164
See merge request !3775
|
|
|
|
In order to rehost all our gems in our own gem host, we need to have the legal rights to do so for every gem should they be taken down from RubyGems. License Finder automates checking of gems to ensure that we're in the clear legally.
Approved the MIT License because it essentially allows us to do "whatever" with those gems.
I am not a lawyer.
https://github.com/pivotal/LicenseFinder
|
|
- Need the `mobile?` detection (that the new version provides) for the
U2F registration/ authentication flow
|
|
- To hold registrations from U2F devices, and to authenticate them.
- Previously, `User#two_factor_enabled` was aliased to the
`otp_required_for_login` column on `users`.
- This commit changes things a bit:
- `User#two_factor_enabled` is not a method anymore
- `User#two_factor_enabled?` checks both the
`otp_required_for_login` column, as well as `U2fRegistration`s
- Change all instances of `User#two_factor_enabled` to
`User#two_factor_enabled?`
- Add the `u2f` gem, and implement registration/authentication at the
model level.
|
|
Colorize is a gem licensed under the GPLv2, so we can’t use it in GitLab without relicensing GitLab under the terms of the GPL. Rainbow is licensed under the MIT license and does the exact same thing as Colorize, so Rainbow was added in place of Colorize.
The syntax is slightly different for Rainbow vs. Colorize, and was updated in accordance.
The gem is still a dependency of Spinach, so it’s included in the development/test environments, but won’t be packaged with the actual product, and therefore doesn’t require we relicense the product.
An attempt at relicensing Colorize was made, but didn’t succeed as the library owner never responded.
Rainbow library: https://github.com/sickill/rainbow
Relevant issue regarding licensing in GitLab's gems: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3775
|
|
|
|
|
|
|
|
Reduce number of fog gem dependencies
Currently supported:
* AWS
* Azure
* OpenStack
* Google
* local storage
Closes #15352
See merge request !4396
|
|
Upgrade devise, devise-two-factor, and attr_encrypted
Devise 4 includes support for Rails 5, working towards #14286. devise-async doesn't support Devise 4.0 and in 4.1 the bug that was blocking using Devise's built-in ActiveJob integration was fixed. So devise-async is removed. devise-two-factor 3.0.0 is required for Devise 4 support.
attr_encrypted and encryptor are optional but recommended upgrades for devise-two-factor 3.0.0. The mode and algorithm will need to be changed in order to update to attr_encrypted 4.x in the future.
See merge request !4216
|
|
Closes #15352
|
|
Changelog: https://github.com/amatsuda/kaminari/blob/master/CHANGELOG.rdoc#0170
Deprecates num_pages in favor of total_pages and includes Rails 5 support.
|
|
attr_encrypted (1.3.4 => 3.0.1) Changelog:
https://github.com/attr-encrypted/attr_encrypted/blob/master/CHANGELOG.m
d
attr_encrypted 2.x included a vulnerability, so that major version is
skipped. 3.x requires that the algorithm and mode used by each
encrypted attribute is specified explicitly.
`nil` is no longer a valid value for the encrypted_value_iv field, so
it’s changed to a randomly generated string.
|
|
Devise (3.5.4 => 4.1.1) Changelog:
https://github.com/plataformatec/devise/blob/master/CHANGELOG.md
devise-two-factor (2.0.1 => 3.0.0) Changelog:
https://github.com/tinfoil/devise-two-factor/blob/master/CHANGELOG.md
These are reliant on each other, so they have to be upgraded together.
devise-async is no longer necessary as Devise 4.1 fixes a bug with the
ActiveJob integration.
|
|
POC: Updated contrib calendar
In an effort to cut down the JS file size - i've removed the heatmap calendar used for the contributing calendar on users profiles. We already have d3 on the page so why not use it instead of using a library which uses it?
cc. @jschatz1
See merge request !3944
|
|
No changelog, see commits: https://github.com/state-machines/state_machines-activerecord/commits/master
Includes Rails 5 support.
|
|
Almost all cops are starting as disabled until we can fix their
violations.
|
|
|
|
Changelog: https://github.com/rails/activerecord-session_store/releases/tag/v1.0.0
Includes Rails 5 support.
|
|
|
|
# Conflicts:
# config/initializers/1_settings.rb
|
|
Remove activerecord-deprecated_finders gem
We don’t use any of the deprecated finders, so it should be safe to remove.
See https://github.com/rails/activerecord-deprecated_finders#active-record-deprecated-finders for more information.
Resolves #17015.
See merge request !3981
|
|
# Conflicts:
# db/schema.rb
|
|
We don’t use any of the deprecated finders, so it should be safe to
remove.
Resolves #17015.
|
|
Instead the script is now included directly from the vendor directory.
Resolves #17166.
|
|
|
