Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-03-11 | Merge branch 'sh-fix-issue-58103' into 'master' | Grzegorz Bizon | |
Properly handle multiple X-Forwarded-For addresses in runner IP Closes #58103 See merge request gitlab-org/gitlab-ce!25511 (cherry picked from commit dbf0a92292dd054843d28ec27d52222418400ca5) d03b7bb1 Properly handle multiple X-Forwarded-For addresses in runner IP | |||
2019-02-27 | Merge branch 'security-id-restricted-access-to-private-repo-11-8' into ↵ | Yorick Peterse | |
'11-8-stable' Forbid creating discussions for users with restricted access See merge request gitlab/gitlabhq!2890 | |||
2019-02-27 | Merge branch 'security-tags-oracle-11-8' into '11-8-stable' | Yorick Peterse | |
Prevent Releases links API to leak tag existence See merge request gitlab/gitlabhq!2908 | |||
2019-02-27 | Merge branch 'security-commit-private-related-mr-11-8' into '11-8-stable' | Yorick Peterse | |
Don't allow non-members to see private related MRs See merge request gitlab/gitlabhq!2930 | |||
2019-02-27 | Merge branch 'security-protect-private-repo-information-11-8' into '11-8-stable' | Yorick Peterse | |
Fix leaking private repository information in API See merge request gitlab/gitlabhq!2948 | |||
2019-02-20 | Change policy regarding group visibility | Małgorzata Ksionek | |
2019-02-20 | Prevent leaking of private repo data through API | Luke Duncalfe | |
default_branch, statistics and config_ci_path are now only exposed if the user has permissions to the repository. | |||
2019-02-15 | Don't allow non-members to see private related MRs | Patrick Bajao | |
2019-02-13 | Prevent Releases links API to leak tag existance | Alessio Caiazza | |
2019-02-07 | Forbid creating discussions for users with restricted access | Igor Drozdov | |
2019-02-07 | Merge branch 'local-markdown-version' into 'master' | Douglas Barbosa Alexandre | |
Add local markdown version Closes #32789 See merge request gitlab-org/gitlab-ce!24822 | |||
2019-02-07 | Merge branch '56014-api-merge-request-squash-commit-messages' into 'master' | Nick Thomas | |
API support for setting squash commit message during squash Closes #56014 See merge request gitlab-org/gitlab-ce!24784 | |||
2019-02-07 | Merge branch 'api-group-labels' into 'master' | Sean McGivern | |
API group labels Closes #44901 See merge request gitlab-org/gitlab-ce!21368 | |||
2019-02-07 | API support for squash commit message during merge | Luke Duncalfe | |
Issues https://gitlab.com/gitlab-org/gitlab-ce/issues/47149 https://gitlab.com/gitlab-org/gitlab-ce/issues/56014 | |||
2019-02-06 | Add local markdown version | Jan Provaznik | |
Cached markdown version is composed both from global and local markdown version. This allows admins to bump version locally when needed (e.g. when external URL is changed). | |||
2019-02-06 | Add documentation | Robert Schilling | |
2019-02-06 | Merge branch 'security-makrdown-release-description-vulnerability' into 'master' | Yorick Peterse | |
[master] Markdown of release notes leaks confidential issue titles and MR titles to any users See merge request gitlab/gitlabhq!2869 | |||
2019-02-05 | Merge branch 'sh-encode-content-disposition' into 'master' | Sean McGivern | |
Encode Content-Disposition filenames Closes #47673 See merge request gitlab-org/gitlab-ce!24919 | |||
2019-02-05 | Merge branch 'search-title' into 'master' | Sean McGivern | |
Add 'in' filter that modifies scope of 'search' filter to issues and merge requests API See merge request gitlab-org/gitlab-ce!24350 | |||
2019-02-05 | Fix grammar and spelling | Hiroyuki Sato | |
2019-02-05 | Encode Content-Disposition filenames | Stan Hu | |
Users downloading non-ASCII attachments would see garbled characters. When used with object storage, AWS S3 would return an InvalidArgument error: Header value cannot be represented using ISO-8859-1. Per RFC 5987 and RFC 6266, Content-Disposition should be encoded properly. This commit takes the Rails 6 implementation of ActiveSuppport::Http::ContentDisposition (https://github.com/rails/rails/pull/33829) and ports it here. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/47673 | |||
2019-02-04 | Add programming language filtering to `/projects` | Dylan MacKenzie | |
2019-02-01 | Merge branch '51913-api-getting-projects-for-users-with-dot-gets-404' into ↵ | Rémy Coutable | |
'master' API: Support username with dots Closes #51913 See merge request gitlab-org/gitlab-ce!24395 | |||
2019-01-31 | [master] Pipelines section is available to unauthorized users | Kamil Trzciński | |
2019-01-31 | Present all pipeline triggers using trigger presenter | Grzegorz Bizon | |
2019-01-31 | Do not expose trigger token when user should not see it | Grzegorz Bizon | |
2019-01-31 | Simplify label helper and correct version | Robert Schilling | |
2019-01-31 | Factor out common label API | Robert Schilling | |
2019-01-31 | Incorporate feedback from Robert | Robert Schilling | |
2019-01-31 | Correctly search for labels in parent groups | Robert Schilling | |
2019-01-31 | Factor out group labels entity | Robert Schilling | |
2019-01-31 | Use proper finder helper to get existing labels | Robert Schilling | |
2019-01-31 | fix rebasing | Robert Schilling | |
2019-01-31 | Replace finders | Robert Schilling | |
2019-01-31 | Incorporate feedback from Nick | Robert Schilling | |
2019-01-31 | Add changelog, version information, frozen string literals | Robert Schilling | |
2019-01-31 | Add subscription API for the group label API | Robert Schilling | |
2019-01-31 | Add specs | Robert Schilling | |
2019-01-31 | Inital API implementation for group labels | Robert Schilling | |
2019-01-31 | Unify user requirements for API slugs | Robert Schilling | |
2019-01-30 | Fix Markdown of release notes | Shinya Maeda | |
It was leaings confidential issue titles and MR titles to any users Fix spec Fix spec Fix tests | |||
2019-01-28 | [master] Pipelines section is available to unauthorized users | Kamil Trzciński | |
2019-01-25 | Merge branch 'container-repository-cleanup-api' into 'master' | Grzegorz Bizon | |
Container repository cleanup API Closes #55978 See merge request gitlab-org/gitlab-ce!24303 | |||
2019-01-25 | Add Container Registry API | Kamil Trzciński | |
This includes a set of APIs to manipulate container registry. This includes also an ability to delete tags based on requested criteria, like keep-last-n, matching-name, older-than. | |||
2019-01-24 | Merge branch '56392-enable-the-layout-extraspacing-cop' into 'master' | Lin Jen-Shin | |
Enable the Layout/ExtraSpacing cop Closes #56392 See merge request gitlab-org/gitlab-ce!24423 | |||
2019-01-24 | Merge branch 'security-pipeline-trigger-tokens-exposure' into 'master' | Yorick Peterse | |
[master] Do not expose trigger token when user should not see it See merge request gitlab/gitlabhq!2735 | |||
2019-01-24 | Enable the Layout/ExtraSpacing cop | Rémy Coutable | |
Signed-off-by: Rémy Coutable <remy@rymai.me> | |||
2019-01-24 | Get remote address for runner | Steve Azzopardi | |
Check if `X-Forwarded-For` is set before getting the IP of the request, with this the real IP address of the runner is shown if it's behind a proxy. closes https://gitlab.com/gitlab-org/gitlab-ce/issues/53676 | |||
2019-01-23 | Merge branch ↵ | Nick Thomas | |
'52674-api-v4-projects-project_id-jobs-endpoint-hits-statement-timeout' into 'master' [API] Omit `X-Total` and `X-Total-Pages` headers when items count is more than 10,000 Closes #42194 and #52674 See merge request gitlab-org/gitlab-ce!23931 | |||
2019-01-23 | Merge branch ↵ | Filipa Lacerda | |
'25569-changing-wording-to-delete-when-referring-to-removing-a-branch' into 'master' Resolve "Changing wording to "Delete" when referring to removing a branch" Closes #25569 See merge request gitlab-org/gitlab-ce!23966 |