| Age | Commit message (Collapse) | Author |
|---|
|
Hashed Storage: Only set as `read_only` when starting the per-project migration
See merge request gitlab-org/gitlab-ce!24128
|
|
Import issues from CSV
Closes #49231
See merge request gitlab-org/gitlab-ce!23532
|
|
In the previous code, we locked the project during the migration
scheduling step, which works fine for small setups, but can be
problematic in really big installations.
We now moved the logic to inside the worker, so we minimize the time a
project will be read-only. We also make sure we only do that if
reference counter is `0` (no current operation is in progress).
|
|
Re-use operations controller which already handles tracing settings.
|
|
Refactor the logic of updating head pipelines for merge requests
See merge request gitlab-org/gitlab-ce!23502
|
|
Load whole file in memory to simplify code
|
|
Also refactored cleanup view to use the same localized string
|
|
Also changes old calls to the service
|
|
Process CSV uploads async using a worker then email results
|
|
This commit prepares the structure for the upcoming feature error
tracking.
|
|
These are data columns that store runtime configuration
of build needed to execute it on runner and within pipeline.
The definition of this data is that once used, and when no longer
needed (due to retry capability) they can be freely removed.
They use `jsonb` on PostgreSQL, and `text` on MySQL (due to lacking
support for json datatype on old enough version).
|
|
Many changes were also made to tests that expected this to default to
false.
|
|
Sort out some logic
|
|
[CE] Don't run checks for changed refs when specific changes are unknown
See merge request gitlab-org/gitlab-ce!23990
|
|
Handle 'git push -o ci.skip'
Closes #18667
See merge request gitlab-org/gitlab-ce!15643
|
|
|
|
[master] Secret CI variables can exposed by creating a tag with the same name as an existing protected branch
See merge request gitlab/gitlabhq!2596
|
|
[master] Security todos not redacted for guests
See merge request gitlab/gitlabhq!2697
|
|
|
|
'security-53543-user-keeps-access-to-mr-issue-when-removed-from-team' into 'master'
[master] Adds validation to check if user can read project
See merge request gitlab/gitlabhq!2645
|
|
[master] Validate projects in MR build service
See merge request gitlab/gitlabhq!2678
|
|
[master] SSRF in project imports with LFS
See merge request gitlab/gitlabhq!2720
|
|
Upgrade Omniauth and JWT gems to switch away from Google+ API
Closes #55668
See merge request gitlab-org/gitlab-ce!24068
|
|
gitlab-org/gitlab-shell!166 added support for collecting push options
from the environment, and passing them along to the
/internal/post_receive API endpoint.
This change handles the new push_options JSON element in the payload,
and passes them on through to the GitPushService and GitTagPushService
services.
Futhermore, it adds support for the first push option, ci.skip. With
this change, one can use 'git push -o ci.skip' to skip CI pipe
execution. Note that the pipeline is still created, but in the "skipped"
state, just like with the 'ci skip' commit message text.
Implements #18667
|
|
Add spec for all release API - GET, POST, PUT, DELETE.
Also, fixes some minior bugs.
|
|
Introduce DELETE endpoint in Release API
|
|
CreateReleaseService and UpdateReleaseService now takes all the release
attributes as constructor parameters. This will simplify attribute
expansion
|
|
This commit introduces Releases API under /api/v4/projects/:id/releases
* We are introducing release policies at project level.
* We are deprecating releases changes from tags, both api and web
interface.
* Tags::CreateService no longer create a release
This feature is controlled by :releases_page feature flag
|
|
By default, the JWT decode only allows HS256 mode (HMAC using SHA-256
hash algorithm). The specs using RSA tokens failed per
https://github.com/jwt/ruby-jwt#algorithms-and-usage:
It is strongly recommended that you hard code the algorithm, as you may
leave yourself vulnerable by dynamically picking the algorithm.
|
|
|
|
|
|
|
|
|
|
- we now use the hierarchy class also for epics
- also rename supports_nested_groups? into supports_nested_objects?
- move it to a concern
|
|
An issuable should not be available to a user if the
project is not visible to that specific user
|
|
|
|
Adds system notes for labels, milestone and due date on create
|
|
Fix leaking information of confidential issues on TODOs
when user is downgraded to guest access.
|
|
Add name, author and sha to releases
See merge request gitlab-org/gitlab-ce!23763
|
|
This validates the correct abilities for both projects. Only
`read_project` isn't enough:
For the `source_project` we validate `create_merge_request_from` this
also validates that the user has developer access to the project.
For the `target_project` we validate `create_merge_reqeust_in` this
also validates that the user has access to the project's repository.
To avoid generating diffs for unrelated projects we also validate that
the projects are in the same fork network now.
|
|
* dev/master:
Update CHANGELOG.md for 11.3.13
Validate LFS hrefs before downloading them
|
|
[MASTER]: Validate LFS hrefs before downloading them
Closes #2754
See merge request gitlab/gitlabhq!2696
|
|
|
|
This commit adds a name to each release, defaulting it to tag name,
keeps track of the SHA when a new release is created and tracks the
current user as release author.
|
|
|
|
'54650-send-an-email-to-project-owners-when-a-mirror-update-fails' into 'master'
Send a notification email on mirror update errors
Closes #54650
See merge request gitlab-org/gitlab-ce!23595
|
|
The email is sent to project maintainers containing the last mirror
update error. This will allow maintainers to set alarms and react
accordingly.
|
|
|
|
|
|
|
