Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-12-16 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-12-12 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-12-10 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-12-06 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-11-30 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-11-26 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-11-12 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-11-08 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-11-07 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-11-07 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-11-06 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-10-29 | Improper access control allows the attacker to comment in internal commit ↵ | Charlie Ablett | |
after they are no longer admin | |||
2019-10-29 | Merge branch 'security-developer-transfer-project' into 'master' | GitLab Release Tools Bot | |
Require Maintainer permission on group where project is transferred to See merge request gitlab/gitlabhq!3420 | |||
2019-10-23 | Change Note#to_ability_name to 'note' | Dylan Griffith | |
This is to be more consistent as there is already a :read_note policy in NotePolicy. To keep other behaviour the same we've introduced a Note#noteable_ability_name that is used anywhere this was expected. | |||
2019-10-17 | Add latest changes from gitlab-org/gitlab@masterlist | GitLab Bot | |
2019-10-17 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-10-17 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-10-16 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-10-15 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-10-14 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-10-11 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-10-10 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-10-09 | Require maintainer permission to transfer projects | manojmj | |
2019-10-02 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-09-30 | Add policy check if cross reference system notes are accessible | Alexandru Croitor | |
2019-09-30 | Filter not accessible label events | Jan Provaznik | |
Label events may use cross-project or cross-group references, if the projects are not accessible by user, we don't show these label events. | |||
2019-09-26 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-09-18 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-09-13 | Add latest changes from gitlab-org/gitlab@master | GitLab Bot | |
2019-09-07 | Add method to authorize reading from prometheus proxy | Ryan Cobb | |
2019-09-06 | If user can't activate error tracking display a learn more button pointing | Maneschi Romain | |
to doc | |||
2019-09-04 | Let project reporters create issue from group boards | Felipe Artur | |
The current state of group issue boards does not show the "Add issues" button on the UI for users that are reporters of group child projects. | |||
2019-08-30 | Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq | Robert Speicher | |
2019-08-30 | Merge branch 'security-2853-prevent-comments-on-private-mrs' into 'master' | GitLab Release Tools Bot | |
Ensure only authorised users can create notes on merge requests and issues See merge request gitlab/gitlabhq!3137 | |||
2019-08-26 | Guard against deleted project feature entry | Stan Hu | |
In https://gitlab.com/gitlab-org/gitlab-ce/issues/66482, we see that a project's `project_feature` association may be lazily loaded and hence return `nil` if the entry is deleted if the `Project` is already loaded in memory. To ensure we don't fail hard when this happens, assume all features are disabled. We can fix this issue by eager loading the `project_feature` in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/32169, but we shouldn't have to depend on that. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66482 | |||
2019-08-23 | Expose namespace storage statistics with GraphQL | Alessio Caiazza | |
Root namespaces have storage statistics. This commit allows namespace owners to get those stats via GraphQL queries like the following one { namespace(fullPath: "a_namespace_path") { rootStorageStatistics { storageSize repositorySize lfsObjectsSize buildArtifactsSize packagesSize wikiSize } } } | |||
2019-08-15 | Allow disabling group/project email notifications | Brett Walker | |
- Adds UI to configure in group and project settings - Removes notification configuration for users when disabled at group or project level | |||
2019-08-14 | Merge remote-tracking branch ↵ | John T Skarbek | |
'dev/security-2873-restrict-slash-commands-to-users-who-can-log-in' | |||
2019-08-07 | Prevent unauthorised comments on merge requests | Alex Kalderimis | |
* Prevent creating notes on inaccessible MRs This applies the notes rules at the MR scope. Rather than adding extra rules to the Project level policy, preventing :create_note here is better since it only prevents creating notes on MRs. * Prevent creating notes in inaccessible Issues without this policy, non-team-members are allowed to comment on issues even when the project has the private-issues policy set. This means that without this change, users are allowed to comment on issues that they cannot read. * Add CHANGELOG entry | |||
2019-08-05 | Add group level container repository endpoints | Steve Abrams | |
API endpoints for requesting container repositories and container repositories with their tag information are enabled for users that want to specify the group containing the repository rather than the specific project. | |||
2019-07-25 | Remove code related to object hierarchy in MySQL | Heinrich Lee Yu | |
These are not required because MySQL is not supported anymore | |||
2019-07-19 | Add policy to allow maintainers to create subgroups when enabled | Fabio Papa | |
2019-07-19 | Reset group policy to only allow >= owners to create subgroups | Fabio Papa | |
2019-07-19 | Update the group policy to allow >= maintainer to create subgroups | Fabio Papa | |
All specs passing | |||
2019-07-19 | Restrict slash commands to users who can log in | Hordur Freyr Yngvason | |
2019-07-15 | Allow use of legacy triggers with feature flag | Fabio Pitino | |
Keep feature flag disabled by default and turn off all functionality related to legacy triggers. * Block legacy triggers from creating pipeline * Highlight legacy triggers to be invalid via the UI * Make legacy triggers invalid in the model | |||
2019-07-11 | Refactor: model errors for multi cluster validation | Dylan Griffith | |
The current approach requires catching exceptions to handle these errors and callers are already handling model validations so it seems more appropriate. Also it seemed to convoluted to add this logic directly to the model since the model needs to check too many possible associations to determine whether or not there are more than one cluster since the model doesn't know what it's being created on. Additionally we only wanted to validate during create to avoid the risk of existing models becoming invalid by many different edge cases. | |||
2019-07-03 | Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ce | Marin Jankovski | |
2019-07-03 | Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq | Marin Jankovski | |
2019-06-28 | Merge branch '62826-graphql-emoji-mutations' into 'master' | Jan Provaznik | |
GraphQL mutations for add, remove and toggle emoji See merge request gitlab-org/gitlab-ce!29919 |