Age | Commit message (Collapse) | Author |
|
* dev/master:
Update CHANGELOG.md for 11.8.3
Update CHANGELOG.md for 11.7.7
Only return `commands_changes` used in frontend
|
|
'master'
Fix project serialization in quick actions response
Closes #2826
See merge request gitlab/gitlabhq!3001
|
|
Move out link\unlink ability checks to a policy
See merge request gitlab-org/gitlab-ce!26278
|
|
In production, we see high error rates due to clients attempting to use
the dumb Git HTTP protocol with HEAD /foo/bar.git/info/refs
endpoint. This isn't supported and causes Error 500s because Workhorse
doesn't send along its secret because it's not proxying this request.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54579
|
|
We can extend the policy in EE for additional behavior
|
|
So the fake can enjoy it, too. We don't use `prepend`
because that'll require we change `allow_any_instance_of` to
`expect_next_instance_of`, but that's not very easy to do.
We can do that later.
|
|
This mistake seems to have always been there, but it only resulted in
errors on the `/explore*.json` since they were the one that _actually_
relied on the local variables.
|
|
When executing quick actions, this limits the `commands_changes`
response to only those used by the frontend
|
|
Refactor groups and projects boards actions
See merge request gitlab-org/gitlab-ce!25568
|
|
Add a supporting code to separate groups#show
and groups#details which is required for the
proper implementation of the Group Overview
content and Security Dashboard option for it
|
|
Move this to EE-only. It isn't useful here since there's only one board
|
|
Move common functionality to BoardsActions concern
|
|
- Includes instance methods on Group model to detect when a group has
AutoDevOps explicitly/implicitly enabled/disabled.
- Includes migration to add a new column to namespaces table
- Add UI necessary modifications
- Add service and controller to update auto devops
related instances
- Updates project and groups auto devops badges
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/52447
|
|
|
|
Edit Knative domain after it has been deployed
Closes #56937
See merge request gitlab-org/gitlab-ce!25386
|
|
Expand diff to entire file
Closes #19054
See merge request gitlab-org/gitlab-ce!24406
|
|
Update spec
|
|
With this we allow authentication using a session or using personal
access token.
Authentication using a session, and CSRF token makes it easy to play
with GraphQL from the Graphiql endpoint we expose.
But we cannot enforce CSRF validity, otherwise authentication for
regular API clients would fail when they use personal access tokens to
authenticate.
|
|
|
|
Returns all diff lines for frontend if full is true.
Turn UnfoldForm into presenter, and move controller logic to presenter.
|
|
- This is to avoid colision with EE ClusterUpdateAppWorker
|
|
- Creates new route
- Creates new controller action
- Creates call stack:
Clusterss::ApplciationsController calls -->
Clusters::Applications::UpdateService calls -->
Clusters::Applications::ScheduleUpdateService calls -->
ClusterUpdateAppWorker calls -->
Clusters::Applications::PatchService -->
ClusterWaitForAppInstallationWorker
DRY req params
Adds gcp_cluster:cluster_update_app queue
Schedule_update_service is uneeded
Extract common logic to a parent class (UpdateService will need it)
Introduce new UpdateService
Fix rescue class namespace
Fix RuboCop offenses
Adds BaseService for create and update services
Remove request_handler code duplication
Fixes update command
Move update_command to ApplicationCore so all apps can use it
Adds tests for Knative update_command
Adds specs for PatchService
Raise error if update receives an unistalled app
Adds update_service spec
Fix RuboCop offense
Use subject in favor of go
Adds update endpoint specs for project namespace
Adds update endpoint specs for group namespace
|
|
|
|
[master] Check issue milestone availability
See merge request gitlab/gitlabhq!2788
|
|
'2802-security-add-public-internal-groups-as-members-to-your-project-idor' into 'master'
Add public/internal groups as members to your Project(IDOR)
See merge request gitlab/gitlabhq!2898
|
|
Validate session key when authorizing with GCP to create a cluster
Closes #2805
See merge request gitlab/gitlabhq!2902
|
|
Check snippet attached file to be moved is within designated directory
Closes #2806
See merge request gitlab/gitlabhq!2903
|
|
[master] Prevent disclosing project milestone titles
Closes #2794
See merge request gitlab/gitlabhq!2965
|
|
Ensure request to link GroupSAML acount was GitLab initiated
See merge request gitlab/gitlabhq!2976
|
|
Eliminate most N+1 queries loading UserController#calendar_activities
Closes #58392
See merge request gitlab-org/gitlab-ce!25697
|
|
We can reduce a significant number of queries by preloading the
associations for events.
On GitLab.com, for a date that had 456 events, this brought the load
time down from 8.7 to 1.2 s.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/58392
|
|
- Move some specs into contexts
- Let get_slugs method take a parameter and return a specific slug.
- Add rescues when using Addressable::URI.
|
|
Bump fog-aws to 3.3.0 and associated dependencies
See merge request gitlab-org/gitlab-ce!21788
|
|
IssuableFinder - Always use CTE for group counts
Closes #54643
See merge request gitlab-org/gitlab-ce!25411
|
|
Fixes issue with AWS V4 signatures not working with Ceph S3:
https://github.com/fog/fog-aws/issues/462
|
|
Since the CTE is faster than a subquery and the only reason we're using
a subquery is that the CTE can't handle sorting by certain attributes,
let's use the CTE always (when the feature flag is enabled) when
counting, since we can ignore ordering if we just want a count of
results.
|
|
* Add email_header_and_footer_enabled flag to appearances table
* Set email_header_and_footer_enabled default value to false
* Add checkbox to appearance to toggle show header and footer in emails
* Add email_header_and_footer_enabled to allowed params in controller
* Add header and footer messages to the html and text email layouts
* Remove the color styling for emails header and footer
* Add empty_mailer layout for emails without layout,
to have the header and footer applied
|
|
As discussed in https://github.com/mbleigh/acts-as-taggable-on/issues/91,
we can avoid N+1 queries if we use `tags` instead of `tag_list`.
Seen while reviewing
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/19740.
|
|
It's needed to show shorter names in environments "folders"
|
|
Fix ETag caching not being used for AJAX requests
Closes #57905
See merge request gitlab-org/gitlab-ce!25400
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Ability to filter confidential issues
Closes #50747
See merge request gitlab-org/gitlab-ce!24960
|
|
This reverts commit d133bf84c668df3dfc9938bb04150754cb873c8b, reversing
changes made to 7981c0292b07a0138b096fa082341fcb13e9ce2b.
|
|
Load repository language from the DB if detected
Closes #47390
See merge request gitlab-org/gitlab-ce!25518
|
|
The repository charts page used to detect the repository language for
each request that was made to the page. Given the detection is an
expensive operation and the same data is stored in the database the
database is now serving the request.
The same goes for an API endpoint that serves the languages.
When a repository is empty or non-existent the languages will always be
empty. And the language detection RPC isn't requested.
Closes: https://gitlab.com/gitlab-org/gitlab-ce/issues/47390
|
|
Prevent unauthorized users having access to milestone titles
through autocomplete endpoint.
|
|
Move remove_pages permission to maintainer
Fix before_action in pages controller to check `remove_pages`
permission
Add specs
|
|
Make Admin::UsersController work with Ruby 2.6
See merge request gitlab-org/gitlab-ce!25316
|
|
Ability to filter confidential issues
Closes #50747
See merge request gitlab-org/gitlab-ce!24960
|
|
Removes unneeded params from permitted list
This also fixes commenting on commits with a hash starting with a large
number
|