Age | Commit message (Collapse) | Author |
|
Markdown footnotes not working
Closes #26375
See merge request gitlab-org/gitlab-ce!24168
|
|
and additional spec
|
|
Instead of querying relations into ids we just pass them to the model
scope because the scope supports it now.
Also changes other calls to `Milestone.for_projects_and_groups`
|
|
|
|
All the ids and classes were stripped. Add them back in
and make ids unique
|
|
[master] Escape html entities when no label found
See merge request gitlab/gitlabhq!2706
|
|
[master] Set URL rel attribute for broken URLs
See merge request gitlab/gitlabhq!2695
|
|
|
|
|
|
|
|
It's possible that URI fails to parse a link, but browsers
still recognize given URL as a link, we should make sure
that 'rel' attribute is set also in this case.
|
|
|
|
languages
|
|
CE backport of https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/8632
|
|
into 'master'
[master] XSS in markdown following unrecognized HTML element
Closes #2732
See merge request gitlab/gitlabhq!2599
|
|
In Ruby 2.4, `URI.join("http://test//", "a").to_s` will
remove the double slash, however it's not the case in
Ruby 2.5. Using chomp should work better for the intention,
as we're not trying to allow things like ../ or / paths
resolution.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/53180
|
|
|
|
Enables frozen for the following:
* lib/*.rb
* lib/banzai/**/*.rb
* lib/bitbucket/**/*.rb
* lib/constraints/**/*.rb
* lib/container_registry/**/*.rb
* lib/declarative_policy/**/*.rb
Partially addresses #47424.
|
|
|
|
[master] Fix leaking private project namespace
Closes #2708
See merge request gitlab/gitlabhq!2529
|
|
Preload project features in reference parser
Closes #43094
See merge request gitlab-org/gitlab-ce!22008
|
|
Banzai label ref finder - minimize SQL calls by sharing context more aggresively
Closes #48221
See merge request gitlab-org/gitlab-ce!22070
|
|
Changes `Banzai::CrossProjectReference#parent_from_ref` to return the
project in the context if the project's `full_path` matches the ref
we're looking for, as it makes no sense to go to the database to find a
Project we already have loaded.
|
|
- add a direct project parent (group) to Banzai context
- if an epic is referenced from a direct descendant
-> change epic to_reference to use short reference
|
|
|
|
Preloading of project_features mitigates N+1 queries when checking
references in other projects.
When loading projects for resources referenced in comments it
makes sense to include also associated project_features because
in the following step (`can_read_reference?(user, projects[node],
node)`) project features is used for checking permissions for the given
project.
|
|
https://gitlab.com/gitlab-org/gitlab-ce/issues/52009
|
|
Even if it doesn’t save lines of code, since people will tend to use
code they’ve seen. And `SafeRequestStore` is safer since you
don’t have to remember to check `RequestStore.active?`.
|
|
These are clear wins.
|
|
- utilize the 'out' method to output the 'fence_info',
which converts to utf8
- output 'sourcepos' again
|
|
|
|
|
|
|
|
|
|
'43096-controller-projects-issuescontroller-referenced_merge_requests-json-executes-more-than-100-sql-queries' into 'master'
Resolve "Controller Projects::IssuesController#referenced_merge_requests.json executes more than 100 SQL queries"
Closes #43096
See merge request gitlab-org/gitlab-ce!21237
|
|
Sorting here needs the project routes to be loaded, including the namespace
routes.
|
|
|
|
|
|
Resolve "GFM : provide 'project' reference in comment"
Closes #28930
See merge request gitlab-org/gitlab-ce!20285
|
|
|
|
This can be done trough the API for the current user, or on the
profile page.
|
|
The sanitize transformers were being duplicated each time the Markdown
renderer was called, leading to expontential growth in rendering times.
The problem was that although HTML::Pipeline::SanitizationFilter.WHITELIST
is a frozen hash, the `:transformers` array can be modified. We need
to do deep copy of this to avoid adding duplicates.
Closes #49409
|
|
Enable frozen strings in remaining lib/banzai/filter/*.rb files
See merge request gitlab-org/gitlab-ce!20777
|
|
This also fixes a bug with the ImageLazyLoadFilter not doing the right
thing when an existing class attribute is present.
Part of #47424
|
|
Excludes a few filters that require more work:
* lib/banzai/filter/image_lazy_load_filter_spec.rb
* lib/banzai/filter/syntax_highlight_filter_spec.rb
* lib/banzai/filter/table_of_contents_filter_spec.rb
Part of #47424
|
|
Extract EE-specific lines from Banzai pipelines
See merge request gitlab-org/gitlab-ce!20636
|
|
'master'
Include full image URL in webhooks for uploaded images
Closes #20720
See merge request gitlab-org/gitlab-ce!18109
|
|
|
|
|
|
|