| Age | Commit message (Collapse) | Author |
|---|
|
Add reminder to not paste private SSH keys
## What does this MR do?
Just got the "How would you make GitLab better?" mail and thought that I could follow it.
This commit adds a short reminder to not paste the private part of an SSH key to the form where one can add SSH keys to one's account. I think that's an useful message, both for people who aren't that experienced yet and for people who are sleep-deprived. :-)
I decided to just list the most common key type, `ssh-rsa`. The full list of key types in the [CVS repository of OpenSSH](http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.bin/ssh/sshkey.c?rev=HEAD&content-type=text/plain) contains some types which I'd regard as a bit obscure. Mentioning all of those types would probably clutter the form too much. We could think about whether to list what is probably the second most common key type, namely `ssh-dss`. But note that this key type [seems to be deprecated](https://security.stackexchange.com/questions/5096/rsa-vs-dsa-for-ssh-authentication-keys).
## Are there points in the code the reviewer needs to double check?
I didn't actually test this one-line change.
## Why was this MR needed?
It's not, strictly speaking, needed, but could be considered a nice addition.
See merge request !4399
|
|
Fix commit avatar alignment in compare view
Closes #19567
See merge request !5128
|
|
|
|
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
|
|
No longer shows New Snippet button to users who aren't able to create a new snippet in the given context.
Also removes the plus icon from the New Snippet buttons, as they're no longer used in other creation buttons.
Fixes #14595.
|
|
Split Cropper.js from the main JavaScript manifest.
## What does this MR do?
Splits Cropper.js from the main JavaScript file.
## Are there points in the code the reviewer needs to double check?
That the avatar uploader works. (It did in my testing)
## Why was this MR needed?
Smaller JS payload.
## What are the relevant issue numbers?
#14372
## Does this MR meet the acceptance criteria?
- Tests
- [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !4978
|
|
Add min attribute to projects_limit field on user's form
This PR adds `min=0` attribute to `:projects_limit` field on user's form in the admin panel. It improves UX disallowing user to enter negative values in this field.
See merge request !3622
|
|
Enable Style/IdenticalConditionalBranches Rubocop cop
## What does this MR do?
This MR enables Rubocop cop that checks for identical lines at the end of each branch of a conditional statement.
Examples:
```ruby
@bad
if condition
do_x
do_z
else
do_y
do_z
end
@good
if condition
do_x
else
do_y
end
do_z
```
## What are the relevant issue numbers?
#17478
See merge request !5011
|
|
|
|
Avoid calculation of closes_issues.
## What does this MR do?
Avoid unneeded calls to MR closes issues
## Are there points in the code the reviewer needs to double check?
I'm not sure if calling this method from a view is a good practice, but I cannot see another simple way of avoiding this problem. In case we want to avoid this in the controller we need to specify the action, format and status of the merge request, because in that case we know that the `_open` partial will render. We could add some lazy evaluation but it not a thing I see in use along the app but feedback is welcome
## What are the relevant issue numbers?
#14202 , #19490
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- ~~[ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~
- ~~[ ] API support added~~
- Tests
- ~~[ ] Added for this feature/bug~~
- [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !5140
|
|
Fix comment for project argument in commit_range.rb
## What does this MR do?
It fixes the documentation for commit_range project argument
## Are there points in the code the reviewer needs to double check?
## Why was this MR needed?
## What are the relevant issue numbers?
## Screenshots (if relevant)
## Does this MR meet the acceptance criteria?
- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- [ ] Tests
- [ ] Added for this feature/bug
- [ ] All builds are passing
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !4805
|
|
|
|
|
|
|
|
|
|
Added setting to set new users by default as external
## What does this MR do?
This implements the feature request #14508. It adds an option in the application settings to set new users by default as external.
## Are there points in the code the reviewer needs to double check?
Everything. Like I mentioned in the discussion of the issue my knowledge of Ruby basically doesn't exists. I tested it on my machine and it seems to work, but as I am very unexperienced in Ruby I highly recommend to take a close look at the code.
## Why was this MR needed?
It was requested by @DouweM to work on the issue with the proposed changes by me.
## What are the relevant issue numbers?
This MR is for the issue #14508 that followed up after the implementation of #4009.
See merge request !4545
|
|
|
|
Link to the user's profile in the abuse reports
Link to the user's profile in the abuse reports and add a link to the
admin area view if the user viewing the profile is an admin
Fixes #9127
See merge request !5118
|
|
This reverts commit bf2a86b73cce332ff8f4392ffc8df501193f32ec.
|
|
matcher.
|
|
Use scope rather than class method
## What does this MR do?
Use scope rather than class method
## Why was this MR needed?
I assume this would be useful and more clear.
See merge request !5133
|
|
Prefer ref rather than id because id is shadowing database id
## What does this MR do?
Just a local variable renaming.
## Why was this MR needed?
Prefer ref rather than id because id is shadowing database id.
See merge request !5134
|
|
|
|
Allow specifying protected branches using wildcards
Closes #18627
# Tasks
- [ ] #18627 !4665 Allow specifying protected branches using wildcards
- [x] Find existing usages of protected branches
- Protecting branches
- `ProtectedBranchesController` is used to mark a branch protected/unprotected
- `API::Branches` can be used to mark a branch protected/unprotected
- Enforcing branch protection
- `Gitlab::GitAccess` has helpers (`can_push_to_branch?`, `check`) that are used to deny pushes if a branch is protected
- Over SSH: `gitlab-shell` receives a push, and calls `/allowed` on the GitLab API, which calls `GitAccess.check`
- Over HTTP:
- `gitlab-workhorse` receives the request, and forwards it to rails
- Rails (in the `GitHttpController#git-recieve-pack`) runs basic checks (is the user logged in, not protected branch checks) and returns ok with `GL_ID` and `RepoPath`
- `gitlab-workhorse` looks at the response, and calls the relevant `gitlab-shell` action from `git-http/handlePostRPC`
- Rest of this flow is the same as the SSH flow above
- [x] Implementation
- [x] Backend
- [x] Change `project#protected_branch?` to look at wildcard protected branches
- [x] Change `project#developers_can_push_to_protected_branch?`
- [x] Change `project#open_branches`
- [x] Better error message when creating a disallowed branch from the Web UI
- [x] Frontend
- [x] Protected branches page should allow typing out a wildcard pattern
- [x] Add help text explaining the use of wildcards
- [x] Show matching branches for each protected branch
- [x] ~~On the index page~~
- [x] On a show page
- [x] Index?
- [x] Can't have the "last commit" column for wildcard protected branches
- [x] Fix / write tests
- [x] What happens if a hook is missing in dev?
- [x] Refactor
- [x] Test workflows
- Create a branch matching a wildcard pattern
- Push to a branch matching a wildcard pattern
- Force push to a branch matching a wildcard pattern
- Delete a branch matching a wildcard pattern
- [x] Test using Web UI
- [x] Test over SSH
- [x] Test over HTTP
- [x] Test as developer and master
- [x] Investigate performance
- [x] Test with a large number of protected branches / branches
- [x] Paginate list of protected branches
- [x] ~~Possibly rewrite `open_branches`~~
- [x] Add `iid`s to existing `ProtectedBranch`es
- [x] Add documentation
- [x] Add CHANGELOG entry
- [x] Add screenshots
- [x] Make sure [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/2f753e3ed2ce681b4444944d521f4419e8ed37f7/builds) passes
- [x] Assign to endboss for review
- [x] Address @DouweM's comments
- [x] `protected_branch_params`
- [x] `exact_match` instead of `explicit_match`
- [x] When would self.name be blank?
- [x] Move `protected_branches.each` to a partial
- [x] Move `matching_branches.each` to a partial
- [x] If the branch is in @matching_branches, it's not been removed
- [x] move this regex to a method and memoize it
- [x] `commit_sha` directly for exact matches
- [x] Number of matches for wildcard matches, with a link
- [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/43f9ce0e88194b8f719bb1c1e656b7fc13278d56/builds) to pass
- [x] Respond to @DouweM's comments
- [x] Don't use iid
- [x] Controller should use `@project.protected_branches.new`
- [x] move the memoization to `def wildcard_regex`
- [x] render with `collection: @protected_branches`
- [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/f7beedf122fa0c7aa89e86181fe7499321fb10ca/builds) to pass
- [x] Wait for @DouweM's review
- [x] Wait for @jschatz1's review
- [x] Respond to @jschatz1's comments
- [x] Use the new dropdown style
- [x] description should be moved to the description section without the styling
- [x] Protect button should be disabled when no branch is selected
- [x] Update screenshots
- [x] Merge conflicts
- [x] Make sure [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/20f3cfe8d5540eab64c2ba548043d600b28c61ba/builds) passes
- [ ] Revisit performance, possibly with staging/production data
- [ ] Get a dump of staging / run against staging live
- [ ] Get SSH access to staging
- [ ] Wait for review/merge
# Screenshots
## Creating wildcard protected branches
### Using the `GLDropdown` component
## Enforcing wildcard protected branches
### From the Web UI
### Over SSH
### Over HTTPS
## Listing matching branches
See merge request !4665
|
|
This reverts commit 68155ee73b549a4f79744bb325542c29d45c71ea, reversing
changes made to 7ebd011ed1de7aee706f07a53c63c90f1c8aa5d4.
|
|
Update time format of pipeline duration
Closes #18181
Part of #18920
See merge request !5121
|
|
|
|
Added blank state to issues
## What does this MR do?
Adds new blank state to issues when no issues exist.
Part of #18519
## Screenshots (if relevant)
See merge request !4908
|
|
New diff notes
Fixes #12732, #14731, #19375, #14783
Builds on https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4110
To do:
- [x] Get it mostly working
- [x] Validate position validity
- [x] Fix: Don’t link to `#`
- [x] Fix: Base ref can be `nil`, potentially, when the MR has an oprhan source branch => Yep, doesn’t work. We need to store a `start_id`
- [x] Optimize: Fewer duplicate `git diff` compares
- [x] Optimize: Pass paths to `PositionTracer#diff` for faster diffs
- [x] Refactor: Use `head_id` in `MergeRequest`/`MergeRequestDiff` instead of `source_sha`
- [x] Refactor: Convert existing array-based diff refs to the DiffRefs model
- [x] Tweak: Use `note_type` in `Autosave` key
- [x] Tweak: Remove `line_code: note.line_code` from `link_to_reply_discussion`
- [x] Update: `SentNotifications` and reply-by-email receiver
- [x] Update: MR diff notification email
- [x] Update: API (MR, Commit note creation and entity)
- [x] Update: GitHub importer
- [x] Address any other TODO comments
- [x] Fix: Suppress "edited 4 minutes ago"
- [x] Write tests
- [x] `LineMapper`
- [x] `PositionTracer`
- [x] `Position`
- [x] `DiffPositionUpdateService`
- [x] `DiffNote`
- [x] `MergeRequests::RefreshService` / `MergeRequest#update_diff_notes_positions`
- [x] Make sure commits with diff notes don't get cleaned up, since this would prevent the diff notes from being rendered (https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5062)
Future improvements:
- Display unresolved comments on files outside the diff, if the comment was added when that file _was_ part of the diff
- Allow commenting on sections between hunks, when expanding the diff using `...`
- (We'd need to generate line code based on Position if we have it, even if it falls outside bounds of diff)
- `diff_hunk` on diff note API entity
- Show diff hunk in notification email
- Resolved line notes would have a boolean, and be inactive through `notes.any? { !active? || resolved? }`
- Multi line notes would store a number of positions, and do the right thing (™) in grouping and then rendering if the first item is multiline? => true
- Image diff notes could store x,y,width,height instead of old_line,new_line for similar grouping. Does it need a reference to say if it's on old or new? These can't have line_codes, clearly. Rendering would be interesting.
- Show commit line comments in the MR diff
- Comment on specific selected words
- Comment on file header
- Unfold top of discussion diff note
- New diff notes API for commits and MRs
/cc @rspeicher
See merge request !4101
|
|
Exclude projects pending delete from notifications
Make `NotificationSetting.for_projects` exclude projects that are excluded by the default scope on `Project`. (At the moment, that's projects with `pending_delete: true`.)
See https://gitlab.com/gitlab-com/support-forum/issues/819
See merge request !5138
|
|
|
|
|
|
Improve UI consistency for admin area
Closes #3946
See merge request !4424
|
|
Remove icons from file edit tabs
We don't need this icons and it also inconsistent with current UI
See merge request !5072
|
|
If the Sidekiq job fails for some reason, a project can be 'stuck'
pending deletion. The project can't be viewed, so it shouldn't be
available through the notification settings association as this will
throw an exception when we try to show the link.
|
|
|
|
|
|
|
|
|
|
|
|
Escape file extension when parsing search results
When a file extension contains characters which have a meaning in regular expressions, the search may crash.
Fixes #18553
See merge request !5141
|
|
As requested by the issue #14508 this adds an option in the application
settings to set newly registered users by default as external. The
default setting is set to false to stay backward compatible.
|
|
|
|
We just need to get merge requests closes issues when
we’re going to show them
|
|
|
|
|
|
Some context:
http://doc.gitlab.com/ce/api/repository_files.html#get-file-from-repository
http://doc.gitlab.com/ce/api/repositories.html#list-repository-tree
Slack:
https://gitlab.slack.com/archives/questions/p1467890450002077
|
|
|
|
Closes #19567
|
