| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
An upcoming update to rubocop-gitlab-security added additional
violations.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Removing those weird setup in assign_change_commit_vars
fixed all the failures in the tests. I still cannot say
why but clearly we need to have better names. It's so
confusing right now. We should seriously stop fiddling
those instance variables.
|
|
* master: (1031 commits)
Add changelog entry for renaming API param [ci skip]
Add missing milestone parameter
Refactor issues filter in API
Fix project hooks params
Gitlab::LDAP::Person uses LDAP attributes configuration
Don't delete files from spec/fixtures
Copy, don't move uploaded avatar files
Minor improvements to changelog docs
Rename logo, apply for Slack too
Fix Gemfile.lock for the octokit update
Fix cross-project references copy to include the project reference
Add logo in public files
Use stable icon for Mattermost integration
rewrite the item.respond_to?(:x?) && item.x? to item.try(:x?)
API: extern_uid is a string
Increases pipeline graph drowdown width in order to prevent strange position on chrome on ubuntu
Removed bottom padding from merge manually from CLI because of repositioning award emoji's
Make haml_lint happy
Improve spec
Add feature tests for Cycle Analytics
...
|
|
Feedback:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7237#note_19747556
|
|
|
|
fix-git-hooks-when-creating-file
* upstream/master: (60 commits)
Refactor SSH keys docs
Improvements to setting up ssh
Do not reload diff for merge request made from fork when target branch in fork is updated
Add 8.12.10, 8.12.11, and 8.12.12 CHANGELOG.md items
Changes after review
Fix broken test
Adds CHANGELOG entry
Adds tests
Uniformize props name format
Replace commit icon svg logic
Replace play icon svg logic
Update docs to reflect new defaults on omnibus
Merge branch 'jej-23867-use-mr-finder-instead-of-access-check' into 'security'
Merge branch 'html-safe-diff-line-content' into 'security'
Merge branch 'rs-filter-authentication_token' into 'security'
Merge branch 'destroy-session' into 'security'
remove unnecessary issues event filter on comments tab
Updating reference to database password
Add CHANGELOG entry
Displays milestone remaining days only when it's present
...
|
|
Replace MR access checks with use of MergeRequestsFinder
Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867
:warning: - Potentially untested
:bomb: - No test coverage
:traffic_light: - Test coverage of some sort exists (a test failed when error raised)
:vertical_traffic_light: - Test coverage of return value (a test failed when nil used)
:white_check_mark: - Permissions check tested
- [x] :bomb: app/finders/notes_finder.rb:17
- [x] :warning: app/views/layouts/nav/_project.html.haml:80 [`.count`]
- [x] :bomb: app/controllers/concerns/creates_commit.rb:84
- [x] :traffic_light: app/controllers/projects/commits_controller.rb:24
- [x] :traffic_light: app/controllers/projects/compare_controller.rb:56
- [x] :vertical_traffic_light: app/controllers/projects/discussions_controller.rb:29
- [x] :white_check_mark: app/controllers/projects/todos_controller.rb:27
- [x] :vertical_traffic_light: app/models/commit.rb:268
- [x] :white_check_mark: lib/gitlab/search_results.rb:71
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_267_266 Memoize ` merged_merge_request(current_user)`
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_248_247 Expected side effect for `merged_merge_request!`, consider `skip_authorization: true`.
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#d1c10892daedb4d4dd3d4b12b6d071091eea83df_269_269 Scary use of unchecked `merged_merge_request?`
See merge request !2033
|
|
more consistent across different methodst
|
|
Feedback:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7237/diffs#note_19210818
|
|
If `source_branch` option is passed, and target branch cannot be found,
`Repository#update_branch_with_hooks` would try to create a new branch
from `source_branch`.
This way, we could make changes in the new branch while only firing
the hooks once for the changes. Previously, we can only create a new
branch first then make changes to the new branch, firing hooks twice.
This behaviour is bad for CI.
Fixes #7237
|
|
This reverts commit a431ca0f8b7f8967e89a35caddf1e41e53eee290.
|
|
Currently, our procedure for adding a commit requires us to execute `CreateBranchService` before file creation.
It's OK, but also we do execute `git hooks` (the `PostReceive` sidekiq job) as part of this process.
However, this hook is execute before the file is actually committed, so the ref is updated.
Secondly, we do execute a `git hooks` after committing file and updating ref.
This results in duplicate `PostReceive` jobs, where the first one is completely invalid.
This change makes the branch creation, something that is intermediate step of bigger process (file creation or update, commit cherry pick or revert) to not execute git hooks.
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50.
See !4892.
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
This reverts commit 9ca633eb4c62231e4ddff5466c723cf8e2bdb25d, reversing
changes made to fb229bbf7970ba908962b837b270adf56f14098f.
|
|
1. Don't use case statements for dispatch anymore. This leads to a lot
of duplication, and makes the logic harder to follow.
2. Remove duplicated logic.
- For example, the `can_push_to_branch?` exists, but we also have a
different way of checking the same condition within `change_access_check`.
- This kind of duplication is removed, and the `can_push_to_branch?`
method is used in both places.
3. Move checks returning true/false to `UserAccess`.
- All public methods in `GitAccess` now return an instance of
`GitAccessStatus`. Previously, some methods would return
true/false as well, which was confusing.
- It makes sense for these kinds of checks to be at the level of a
user, so the `UserAccess` class was repurposed for this. The prior
`UserAccess.allowed?` classmethod is converted into an instance
method.
- All external uses of these checks have been migrated to use the
`UserAccess` class
4. Move the "change_access_check" into a separate class.
- Create the `GitAccess::ChangeAccessCheck` class to run these
checks, which are quite substantial.
- `ChangeAccessCheck` returns an instance of `GitAccessStatus` as
well.
5. Break out the boolean logic in `ChangeAccessCheck` into `if/else`
chains - this seems more readable.
6. I can understand that this might look like overkill for !4892, but I
think this is a good opportunity to clean it up.
- http://martinfowler.com/bliki/OpportunisticRefactoring.html
|
|
|
|
|
|
expects and make the `protocol` param in `GitAccess` mandatory.
|
|
Issue: https://gitlab.com/gitlab-org/gitlab-ce/issues/12785
Merge Request: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3514
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Now checking if a commit is already reverted or there is a conflict is
much more faster.
* No longer need to create a new branch.
|
|
|
|
|
|
|
|
|
