Age | Commit message (Collapse) | Author |
|
minor typo fix
See merge request gitlab-org/gitlab-ce!16543
|
|
Move rugged-call from Project#write_repository_config to Git::Repository#write_config
See merge request gitlab-org/gitlab-ce!16572
|
|
'42231-protected-branches-api-route-returns-404-for-branches-with-dots' into 'master'
Resolve "Protected branches API route returns 404 for branches with dots"
Closes #42231
See merge request gitlab-org/gitlab-ce!16591
|
|
|
|
|
|
rework indexes on redirect_routes
See merge request gitlab-org/gitlab-ce!16211
|
|
Git::Repository#write_config
|
|
Fix dereferenced_target naming in Gitlab::Git::Ref initialize
See merge request gitlab-org/gitlab-ce!16504
|
|
Correctly escape UTF-8 path elements for uploads
Closes #42159
See merge request gitlab-org/gitlab-ce!16560
|
|
with 'issues_enabled=false'"
|
|
insensitive unique path
|
|
Reduce UPDATEs for background column type changes
Closes #42158
See merge request gitlab-org/gitlab-ce!16551
|
|
|
|
Retrieve commit signatures with Gitaly
Closes gitaly#923
See merge request gitlab-org/gitlab-ce!16467
|
|
|
|
|
|
Prior to this commit we would essentially update all rows in a table,
even those where the source column (e.g. `issues.closed_at`) was NULL.
This in turn could lead to statement timeouts when using the default
batch size of 10 000 rows per job.
To work around this we don't schedule jobs for rows where the source
value is NULL. We also don't update rows where the source column is NULL
(as an extra precaution) or the target column already has a non-NULL
value. Using this approach it should be possible to update 10 000 rows
in the "issues" table in about 7.5 - 8 seconds.
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/42158
|
|
System hooks for Merge Requests
See merge request gitlab-org/gitlab-ce!14387
|
|
Fix the user-agent detail API endpoint for project snippets
Closes #42129
See merge request gitlab-org/gitlab-ce!16521
|
|
|
|
Backport 10.3.4 security fixes into master
See merge request gitlab-org/gitlab-ce!16509
|
|
|
|
|
|
The performance bar is still displayed by default in development.
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Resolve "Enable ordering and sorting for the Deployments API"
Closes #41118
See merge request gitlab-org/gitlab-ce!16396
|
|
|
|
Fix running manual action tooltip
Closes #41418
See merge request gitlab-org/gitlab-ce!16489
|
|
Adds sorting to deployments API through the `order_by` and sort
`fields`.
|
|
[10.3] Prevent login with disabled OAuth providers
See merge request gitlab/gitlabhq!2296
(cherry picked from commit 4936650427ffc88e6ee927aedbb2c724d24b094c)
a0f9d222 Prevents login with disabled OAuth providers
|
|
[10.3] Fix RCE via project import mechanism
See merge request gitlab/gitlabhq!2294
(cherry picked from commit dcfec507d6f9ee119d65a832393e7c593af1d3b2)
86d75812 Fix RCE via project import mechanism
|
|
'41293-fix-command-injection-vulnerability-on-system_hook_push-queue-through-web-hook' into 'security-10-3'
Don't allow line breaks on HTTP headers
See merge request gitlab/gitlabhq!2277
(cherry picked from commit 7fc0a6fc096768a5604d6dd24d7d952e53300c82)
073b8f9c Don't allow line breaks on HTTP headers
|
|
'security-10-3'
[10.3] Migrate `can_push` column from `keys` to `deploy_keys_project`
See merge request gitlab/gitlabhq!2276
(cherry picked from commit f6ca52d31bac350a23938e0aebf717c767b4710c)
1f2bd3c0 Backport to 10.3
|
|
[10.3] Fix path traversal in gitlab-ci.yml cache:key
See merge request gitlab/gitlabhq!2270
(cherry picked from commit c32d0c6807dfd41d7838a35742e6d0986871b389)
df29094a Fix path traversal in gitlab-ci.yml cache:key
|
|
[10.3] Fix XSS vulnerability in Pipeline job trace
See merge request gitlab/gitlabhq!2258
(cherry picked from commit 44caa80ed9a2514a74a5eeab10ff51849d64851b)
5f86f3ff Fix XSS vulnerability in Pipeline job trace
|
|
'security-10-3-do-not-expose-passwords-or-tokens-in-service-integrations-api' into 'security-10-3'
Filter out sensitive fields from the project services API
See merge request gitlab/gitlabhq!2281
(cherry picked from commit 476f2576444632f2a9a61b4cead9c1077f2c81d7)
2bcbbda0 Filter out sensitive fields from the project services API
|
|
|
|
Prevent RevList failing on non utf8 paths
Closes #41627
See merge request gitlab-org/gitlab-ce!16440
|
|
Resolve "N+1 queries with /projects/:project_id/builds API endpoint"
Closes #41957
See merge request gitlab-org/gitlab-ce!16445
|
|
Resolve "Wiki uploaded files are missing"
Closes #42031
See merge request gitlab-org/gitlab-ce!16499
|
|
List backups avilable for restore
See merge request gitlab-org/gitlab-ce!16465
|
|
|
|
Resolve "Cannot search with keyword "merge""
Closes #41666
See merge request gitlab-org/gitlab-ce!16462
|
|
|
|
Enables project milestone deletion via DELETE /projects/:id/milestones/:milestone_id
|
|
A file containing /:\d+:/ in its contents would break the search results if
those contents were part of the results, because we were splitting on colons,
which can't work with untrusted input.
Changing to use the null byte as a separator is much safer.
|
|
|
|
Migrate Commit#uri_type to Gitaly
Closes gitaly#915
See merge request gitlab-org/gitlab-ce!16453
|
|
|
|
|
|
CE: Override module to specify that we're overriding
See merge request gitlab-org/gitlab-ce!16131
|