| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
Enable serving static objects from an external storage
See merge request gitlab-org/gitlab-ce!31025
|
|
Replace 'chronic_duration' to 'gitlab_chronic_duration', to make
relevant method calls thread-safe.
|
|
|
|
|
|
Sidekiq monitor namespace change
See merge request gitlab-org/gitlab-ce!32878
|
|
Move Gitlab::SidekiqMonitor to namespace Gitlab::SidekiqDaemon::Monitor
- Class name and file name change
- File path change to lib/gitlab/sidekiq_daemon/monitor.rb
- Update class usage/reference in other files, including documentation
|
|
filenames.
|
|
It consists of two parts:
1. Redirecting users to the configured external storage
1. Allowing the external storage to request the static object(s)
on behalf of the user by means of specific tokens
Part of https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/6829
|
|
|
|
JSON logs include arguments by default, and they're easier to
parse/filter.
|
|
Add skeleton Pages internal API
See merge request gitlab-org/gitlab-ce!32732
|
|
Port CreateGithubPullRequestEvents migration from EE
See merge request gitlab-org/gitlab-ce!31802
|
|
'59729-estimate-quick-action-does-not-produce-correct-time-for-1mo' into 'master'
Resolve "estimate quick action does not produce correct time for 1mo"
See merge request gitlab-org/gitlab-ce!32165
|
|
Basic `/internal/pages` endpoint that will be used for Pages virtual
domains internal API. The endpoint is currently behind feature flag and
provides authetication similar to how Workhorse is authenticating with
the GitLab.
|
|
|
|
Detect if pipeline runs for a GitHub pull request
When using a mirror for CI/CD only we register a pull_request
webhook. When a pull_request webhook is received, if the
source branch SHA matches the actual head of the branch in the
repository we create immediately a new pipeline for the
external pull request. Otherwise we store the
pull request info for when the push webhook is received.
When using "only/except: external_pull_requests" we can detect
if the pipeline has a open pull request on GitHub and create or
not the job based on that.
|
|
Patches ChronicDuration to use our custom conversions
when parsing months
|
|
Backport EE "Track repository pushes as audit events"
See merge request gitlab-org/gitlab-ce!32304
|
|
|
|
|
|
Fix outdated comment
See merge request gitlab-org/gitlab-ce!32598
|
|
|
|
|
|
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
|
|
|
|
Use image proxy to mitigate stealing ip addresses
Closes #2812
See merge request gitlab/gitlabhq!2926
|
|
Add direct upload support for personal snippets
See merge request gitlab/gitlabhq!3226
|
|
Require a captcha after unique failed logins from the same IP
See merge request gitlab/gitlabhq!3270
|
|
DNS Rebind SSRF in Kubernetes Integration
See merge request gitlab/gitlabhq!3345
|
|
Add custom endpoint for new registrations
See merge request gitlab-org/gitlab-ce!32233
|
|
This is the same as gitlab-shell's default. This is to ensure
that it's always set.
It needs to be the same as gitlab-shell's default because we
don't set a default value in omnibus-gitlab. If users don't
set the value of that config in their install and they upgraded,
we must ensure that it's still going to point to the same
authorized keys file.
|
|
Add warnings to performance bar response
See merge request gitlab-org/gitlab-ce!31054
|
|
This key is useful to reduce the amount of logic needed on the frontend:
if `has_warnings` is true, then the frontend knows that the request in
question has warnings for some metric.
|
|
|
|
(cherry picked from commit 897a9d308db46b620b738b98f2b0e5630ac7d2dd)
|
|
allow_bypass_two_factor configration dose not work with saml provider
|
|
|
|
|
|
User images and videos will get proxied through
the Camo server in order to keep malicious
sites from collecting the IP address of users.
|
|
Remove the visual review toolbar code
in favor of using the NPM package.
|
|
This change adds Distributed Tracing support for two new types of events
1. Redis Calls
1. ActiveSupport (Rails) Caching Operations
The intention is to help application developers and infrastructure
SREs to understand the pressure that caching operations can have on
the application when running at scale.
The Redis and Caching spans can be viewed in the Jaeger UI by clicking
the "Trace" link in the performance bar when running on GDK.
|
|
|
|
Fix "ERR value is not an integer or out of range" errors
Closes #66449
See merge request gitlab-org/gitlab-ce!32126
|
|
`ActiveSupport::Cache::RedisCacheStore` is not compatible with the
version of Rack Attack we are using (v4.4.1) per
https://github.com/kickstarter/rack-attack/issues/281. Users that had
rate limits enabled might see `Redis::CommandError: ERR value is not an
integer or out of range` because the `raw` parameter wasn't passed along
properly. As a result, the Rack Attack entry would be stored as an
`ActiveSupport::Cache::Entry` instead of a raw string holding an integer
value.
Let's partially revert the change in
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30966 to use the
original cache store until we can update to Rack Attack v5.2.3 that has
support for `ActiveSupport::Cache::RedisCacheStore` via
https://github.com/kickstarter/rack-attack/pull/350.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66449
|
|
This enables CSP in dev and CI
|
|
Fix typo in Content Security Policy example
See merge request gitlab-org/gitlab-ce!32103
|
|
|
|
|
