Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-10-26 | Update CHANGELOG.md for 11.2.6 | GitLab Release Tools Bot | |
[ci skip] | |||
2018-10-25 | Merge branch 'security-11-2-2717-fix-issue-title-xss' into 'security-11-2' | Jan Provaznik | |
[11.2] Escape issue title while template rendering to prevent XSS See merge request gitlab/gitlabhq!2558 | |||
2018-10-25 | Merge branch 'security-redact-links-11-2' into 'security-11-2' | Jan Provaznik | |
[11.2] Redact unsubscribe links in issuable texts See merge request gitlab/gitlabhq!2567 | |||
2018-10-25 | Merge branch 'security-if-51113-hash_tokens-11-2' into 'security-11-2' | Jan Provaznik | |
[11.2] Persist only SHA digest of PersonalAccessToken#token See merge request gitlab/gitlabhq!2553 | |||
2018-10-25 | Merge branch 'security-11-2-51527-xss-in-mr-source-branch' into 'security-11-2' | Thiago Presa | |
[11.2] Fix XSS in MR source branch name See merge request gitlab/gitlabhq!2546 | |||
2018-10-25 | Merge branch 'sh-block-other-localhost-11-2' into 'security-11-2' | Thiago Presa | |
[11.2] Prevent SSRF attacks in HipChat integration See merge request gitlab/gitlabhq!2549 | |||
2018-10-05 | Update CHANGELOG.md for 11.2.5 | GitLab Release Tools Bot | |
[ci skip] | |||
2018-10-04 | Merge branch 'security-bw-confidential-titles-through-markdown-api-11-2' ↵ | Bob Van Landuyt | |
into 'security-11-2' [11.2] Confidential issue/private snippet titles can be read by unauthenticated user through GFM markdown API See merge request gitlab/gitlabhq!2534 | |||
2018-10-04 | Merge branch 'security-fix-leaking-private-project-namespace-11-2' into ↵ | Bob Van Landuyt | |
'security-11-2' [11-2] Fix leaking private project namespace See merge request gitlab/gitlabhq!2541 | |||
2018-10-04 | Merge branch 'security-osw-user-info-leak-discussions-11-2' into 'security-11-2' | Bob Van Landuyt | |
[11.2] Filter user sensitive data from discussions JSON See merge request gitlab/gitlabhq!2538 | |||
2018-09-26 | Update CHANGELOG.md for 11.2.4 | GitLab Release Tools Bot | |
[ci skip] | |||
2018-09-25 | Merge branch 'security-fj-stored-xss-in-repository-imports-11-2' into ↵ | Bob Van Landuyt | |
'security-11-2' [11.2] Stored XSS in Gitlab Merge Request from imported repository See merge request gitlab/gitlabhq!2501 | |||
2018-09-25 | Merge branch 'security-package-json-xss-11-2' into 'security-11-2' | Bob Van Landuyt | |
[11.2] Fix XSS vulnerability sourced from package.json's homepage See merge request gitlab/gitlabhq!2509 | |||
2018-09-24 | Merge branch 'fix-events-finder-incomplete-11-2' into 'security-11-2' | Bob Van Landuyt | |
[11.2] Redact events shown in the events API See merge request gitlab/gitlabhq!2519 | |||
2018-09-24 | Merge branch 'sh-sh-block-other-localhost-11-2' into 'security-11-2' | Bob Van Landuyt | |
Block loopback addresses in UrlBlocker (11.2 port) See merge request gitlab/gitlabhq!2522 | |||
2018-09-24 | Merge branch 'security-acet-issue-details-11-2' into 'security-11-2' | Bob Van Landuyt | |
[11.2] Fix XSS on Issue details page. See merge request gitlab/gitlabhq!2471 | |||
2018-09-24 | Merge branch 'security-security-2697-code-highlight-timeout-11-2' into ↵ | Bob Van Landuyt | |
'security-11-2' [11.2] Fix syntax highlight taking too long See merge request gitlab/gitlabhq!2484 | |||
2018-08-27 | Update CHANGELOG.md for 11.2.2 | GitLab Release Tools Bot | |
[ci skip] | |||
2018-08-24 | Merge branch 'security-fj-missing-csrf-system-hooks-resend-11-2' into ↵ | José Iván Vargas López | |
'security-11-2' [11.2] Missing CSRF in System Hooks resend action See merge request gitlab/gitlabhq!2476 | |||
2018-08-24 | Merge branch 'security-49085-11.2-persistent-xss-rendering' into 'security-11-2' | José Iván Vargas López | |
[11.2] Port of Fixed persistent XSS rendering/escaping of diff location lines to 11.2 See merge request gitlab/gitlabhq!2473 | |||
2018-08-24 | Merge branch 'sh-block-link-local-master-11-2-port' into 'security-11-2' | Nick Thomas | |
Block link-local addresses in URLBlocker (11.2 port) See merge request gitlab/gitlabhq!2460 | |||
2018-08-23 | Update CHANGELOG.md for 11.2.1 | GitLab Release Tools Bot | |
[ci skip] | |||
2018-08-23 | Merge branch 'sh-fix-broken-ldap-clones' into 'master' | Alejandro Rodríguez | |
Fix broken Git over HTTP clones with LDAP users Closes #50579 See merge request gitlab-org/gitlab-ce!21352 | |||
2018-08-22 | Merge branch 'sh-conditional-system-hook-push' into 'master' | Sean McGivern | |
Eliminate unnecessary and duplicate system hook fires Closes #50549 See merge request gitlab-org/gitlab-ce!21337 | |||
2018-08-22 | Merge branch 'sh-fix-wrong-commit-count-in-push' into 'master' | Alejandro Rodríguez | |
Fix wrong commit count in push event payload Closes #49971 See merge request gitlab-org/gitlab-ce!21338 | |||
2018-08-22 | Update CHANGELOG.md for 11.2.0 | GitLab Release Tools Bot | |
[ci skip] | |||
2018-08-20 | Merge branch ↵ | Sean McGivern | |
'49907-commits-and-merge-requests-does-not-list-all-files-when-one-file-exceeds-size-limits' into 'master' Resolve "Commits and Merge Requests does not list all files when one file exceeds size limits" Closes #49907 See merge request gitlab-org/gitlab-ce!21125 | |||
2018-08-17 | Merge branch 'sh-bump-rugged-0.27.4' into 'master' | Robert Speicher | |
Bump rugged to 0.27.4 for security fixes See merge request gitlab-org/gitlab-ce!21170 | |||
2018-08-17 | Merge branch 'sh-bump-gitaly-for-11-2' into 'master' | Douwe Maan | |
Bump Gitaly to 0.117.1 for Rouge update See merge request gitlab-org/gitlab-ce!21277 | |||
2018-08-17 | Merge branch 'rouge_3.2.1' into 'master' | Stan Hu | |
Update Rouge to 3.2.1. Includes a critical fix for the Perl Lexer See merge request gitlab-org/gitlab-ce!21263 | |||
2018-08-17 | Merge branch ↵ | Mike Greiling | |
'50312-instance-statistics-convdev-index-intro-banner-is-not-dismissable' into 'master' Resolve "Instance Statistics: ConvDev index intro banner is not dismissable" Closes #50312 See merge request gitlab-org/gitlab-ce!21211 | |||
2018-08-15 | Merge branch '50281-js-pages-do-not-load-on-windows-8-ie-11' into 'master' | Tim Zallmann | |
Resolve "JS Pages do not load on windows 8, IE 11" Closes #50281 See merge request gitlab-org/gitlab-ce!21214 | |||
2018-08-14 | Merge branch '50257-fix-auto-devops-glibc-pubkey-url' into 'master' | Grzegorz Bizon | |
Resolve "Auto Devops failing to fetch Alpine glibc pubkey" Closes gitlab-org/quality/nightly#3 and #50257 See merge request gitlab-org/gitlab-ce!21182 | |||
2018-08-08 | Porting MR Vue Memory Fixes to current master | Tim Zallmann | |
2018-08-08 | Resolve "Group dashboard > Line height is too tall for group names" | Adriel Santiago | |
2018-08-08 | Don't set gon variables in JSON requests | Peter Leitzen | |
2018-08-08 | Merge branch 'winh-restyle-user-status' into 'master' | Mike Greiling | |
Restyle status message input on profile settings Closes #49645 See merge request gitlab-org/gitlab-ce!20903 | |||
2018-08-07 | Restyle status message input on profile settings | Winnie Hellmann | |
2018-08-07 | Resolve "Board label edit drop down is showing incorrect selected labels ↵ | Constance Okoghenun | |
summary" | |||
2018-08-07 | Fix UI error whereby prometheus application status is updated | Clement Ho | |
2018-08-07 | Merge branch 'osw-fix-missing-and-duplicated-milestones-on-list' into 'master' | Sean McGivern | |
Fix missing and duplicates on project milestone listing page Closes #37078 See merge request gitlab-org/gitlab-ce!21058 | |||
2018-08-07 | Merge branch 'todos-visibility-migration' into 'master' | Sean McGivern | |
Remove todos of users without access to targets (migration) See merge request gitlab-org/gitlab-ce!20927 | |||
2018-08-07 | Merge branch 'ce-5666-backport' into 'master' | Yorick Peterse | |
CE port of "List groups with developer maintainer access on project creation" See merge request gitlab-org/gitlab-ce!21051 | |||
2018-08-07 | Fix missing and duplicates on project milestone listing page | Oswaldo Ferreira | |
2018-08-07 | Add a link to the homepage to the GitLab logo. | Jason Funk | |
2018-08-07 | Remove todos of users without access to targets migration | Jarka Kadlecová | |
2018-08-07 | Create Web IDE MR and branch picker | Paul Slaughter | |
2018-08-07 | Merge branch 'improve-junit-support-be' into 'master' | Kamil Trzciński | |
Improve JUnit test reports in merge request widgets Closes #49966 See merge request gitlab-org/gitlab-ce!21039 | |||
2018-08-07 | Merge branch '46535-orphaned-uploads' into 'master' | Kamil Trzciński | |
Rake task for checking orphaned object store uploads Closes #46535 See merge request gitlab-org/gitlab-ce!20918 | |||
2018-08-07 | Merge branch 'kp-6927-epic-dates-from-milestone' into 'master' | Phil Hughes | |
Add `tabindex` attribute support on Icon component to show BS4 popover on trigger `focus` See merge request gitlab-org/gitlab-ce!21066 |