Age | Commit message (Collapse) | Author |
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
'66139-remove-kubernetes_namespace_per_environment-feature-flag' into 'master'
Remove :kubernetes_namespace_per_environment feature flag
See merge request gitlab-org/gitlab-ce!32140
|
|
Improve chatops help output
See merge request gitlab-org/gitlab-ce!32208
|
|
This change limits the number of emails
for new access requests notifications to
10 most recently active owners/maintainers
|
|
- Use "results" instead of "blobs", "wiki blobs", "snippet blobs"
- Use "comments" instead of "notes"
- Use correct pluralization
- Don't add "1 - 10 of" if there's only one page
|
|
Feature flag has been defaulting to `true` since 12.2
|
|
This allows the be_url matcher to be more specific. By default, it only
matches HTTP and HTTPS URIs.
|
|
|
|
Use image proxy to mitigate stealing ip addresses
Closes #2812
See merge request gitlab/gitlabhq!2926
|
|
Add direct upload support for personal snippets
See merge request gitlab/gitlabhq!3226
|
|
Limit the size of issuable description and comments
See merge request gitlab/gitlabhq!3267
|
|
Re-escape the whole HTML content when finding HTML references
See merge request gitlab/gitlabhq!3340
|
|
This improves the output produced when running an unknown command,
running the "help" command, and when trying to run a command you are not
allowed to run. The new help output includes links to the project of the
chatops integration, and a link to the chatops documentation.
|
|
Changes the document event listener to listen to
mousedown instead of click
|
|
A new param with_security_reports was added to
GET /groups/:id/projects API and the code to
support this logic in GroupProjectsFinder and
Project model. Also, a DB index was added to
ci_job_artifacts table to speed up the search
of security reports artifacts for projects
|
|
- local tests that assume certain parameters to queries from
QueryRecorder fail. These same tests don't fail in the runners,
and I can't tell why. This fixes the local failures
|
|
Notes call `#after_note_created` and `#after_note_destroyed` on their
noteable in callbacks, so the noteable can perform tasks particular to
them, like cache expiry.
This is in preparation of the EE-specific class
`DesignManagement::Design` clearing its `user_notes_count` cache when
its note are created or destroyed.
Refactoring Rspec behaviour testing of a counter caching service into a
shared example.
https://gitlab.com/gitlab-org/gitlab-ee/issues/13353
|
|
Call QuickActionsService on Note update
Add support for notes which just contain
commands after editing
Return http status gone (410) if note was deleted
Temporary frontend addition so it is not
failing when a note is deleted
Move specs to shared examples
Fix rubocop style issue
Deleting note on frontend when status is 410
Use guard clause for note which got deleted
Simplified condition for nil note
This method should no longer be called
with nil note
Refactoring of execute method to reduce
complexity
Move errors update to delete_note method
Note is now deleted visually when it only
contains commands after update
Add expectation
Fix style issues
Changing action to fix tests
Add tests for removeNote and update
deleteNote expectations
|
|
User images and videos will get proxied through
the Camo server in order to keep malicious
sites from collecting the IP address of users.
|
|
Add to the service and migration both.
|
|
Allow users to read pipelines for public projects
with public builds enabled without providing an access token.
|
|
- Introducting StageEvents to define the available events
- Define the event pairing rules, since some events are not compatible
- Express default Cycle Analytics stages with the event structure
|
|
Eliminate Gitaly N+1 queries with notes API
See merge request gitlab-org/gitlab-ce!32089
|
|
|
|
|
|
When we un-escape HTML text to find references in it, we should then
re-escape the whole text again, not only found matches.
Because we replace matches with milestone/label links (which contain
HTML tags we don't want to escape again), we re-escape HTML text
with placeholders instead of these links and then replace placeholders
in the escaped text.
|
|
Similar to https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/31834,
we see that in https://gitlab.com/gitlab-org/gitlab-ce/issues/65957
there can be hundreds, even thousands, of Gitaly requests in the
`/api/:version/projects/:id/merge_requests/:noteable_id/notes` endpoint.
Previously, the API to retrieve notes generated hundreds of Gitaly calls
to determine whether a system note should be shown to the user. It did
this by:
1. Rendering the Markdown
2. Extracting cross-references from the Markdown
3. Issuing a Gitaly `FindCommit` RPC for every reference to validate
that the commit exists.
The last step is unnecessary because we don't need to display a commit
if the user doesn't have access to the project in the first place.
`RendersNotes#prepare_notes_for_rendering` is already used in
`MergeRequestsController`, which is why we don't see N+1 Gitaly calls
there. We use it here to optimize the note redaction process.
|
|
Root namespaces have storage statistics.
This commit allows namespace owners to get those stats via GraphQL
queries like the following one
{
namespace(fullPath: "a_namespace_path") {
rootStorageStatistics {
storageSize
repositorySize
lfsObjectsSize
buildArtifactsSize
packagesSize
wikiSize
}
}
}
|
|
This enables CSP in dev and CI
|
|
feat: smime signed notification emails
See merge request gitlab-org/gitlab-ce!30644
|
|
Limiting the size of issuable description and comments to 1_000_000,
which is close to ~1MB of ASCII characters, which represents 99.9% of
all descriptions and comments we have in DB at the moment. This should
help prevent DoS attacks when comments contain refference strings.
Also this change updates regexp matching the namespaces paths by
limiting the namespaces paths to Namespace::NUMBER_OF_ANCESTORS_ALLOWED,
as we allow 20 levels deep groups.
see https://gitlab.com/gitlab-org/gitlab-ce/issues/61974#note_191274234
|
|
Sorting preference functionality has been extracted
from `IssuableCollections` to a new `SortingPreference`
concern in order to reuse this functionality in projects
(and groups in the future).
|
|
Adding, destroying and toggling emoji previously lacked services and
instead were performed through methods called on Awardable models.
This led to inconsistencies where relevant todos would be marked as done
only when emoji were awarded through our controllers, but not through
the API. Todos could also be marked as done when an emoji was being
removed.
Behaviour changes
- Awarding emoji through the API will now mark a relevant Todo as done
- Toggling an emoji off (destroying it) through our controllers will no
longer mark a relevant Todo as done
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/63372
|
|
- Added Gitlab::Ci::Config::Entry::Rules and Gitlab::Ci::Config::Entry::Rules:Rule
to handle lists of Rule objects to be evalauted for job inclusion
- Added `if:` and `changes:` as available Rules::Rule::Clause classes
- Added Rules handling logic to Seed::Build#included? with extra specs
- Use DisallowedKeysValidator to mutually exclude rules: from only:/except: on job config
|
|
- Add mail interceptor the signs outgoing email with SMIME
- Add lib and helpers to work with SMIME data
- New configuration params for setting up SMIME key and cert files
|
|
Fixes deprecation warning:
```
DEPRECATION WARNING: The success? predicate is deprecated and
will be removed in Rails 6.0.
Please use successful? as provided by Rack::Response::Helpers.
```
|
|
Add feature specs for multiple issue boards for groups
|
|
- Adds UI to configure in group and project settings
- Removes notification configuration for users when
disabled at group or project level
|
|
'dev/security-2873-restrict-slash-commands-to-users-who-can-log-in'
|
|
Improve cluster policy spec coverage
See merge request gitlab-org/gitlab-ce!31700
|
|
Standardize punctuation and format
|
|
|
|
This makes `epic_issues` consistent with other tables
using our `RelativePositioning` class
|
|
https://gitlab.com/gitlab-org/gitlab-ce/issues/62971
Adds support to EnvironmentsController#metrics_dashboard
for the following params: group, title, y_label
These params are used to uniquely identify a panel on
the metrics dashboard.
Metrics are stored in several places, so this adds
utilities to find a specific panel from the database
or filesystem depending on the metric specified.
Also moves some shared utilities into separate classes,
notably default values and errors.
|
|
Send a `persist_filter: false` param to backend when
opening links to notes and auto-switching to show
all notes
|
|
Kubernetes deployments on new clusters will now have
a separate namespace per project environment, instead
of sharing a single namespace for the project.
Behaviour of existing clusters is unchanged.
All new functionality is controlled by the
:kubernetes_namespace_per_environment feature flag,
which is safe to enable/disable at any time.
|
|
- Closes #60024
- Change PrometheusClient.new to accept a base url instead of an
already created RestClient
- Use Gitlab::HTTP in PrometheusClient instead of creating RestClient
in PrometheusService
- Move http_options from PrometheusService to
PrometheusClient (follow_redirects: false)
- ensure that base urls don't have the trailing slash
- Created a `PrometheusClient#url` method that might not be strictly
required
- Change rescued exceptions from RestClient::* to
HTTParty::ResponseError where possible and StandardError for the
rest
|
|
API endpoints for requesting container repositories
and container repositories with their tag information
are enabled for users that want to specify the group
containing the repository rather than the specific project.
|
|
Also removes unnecessary methods causing extra queries
|
|
Moving of neighbour items was done recursively - this
was extremely expensive when multiple items had to be moved.
This change optimizes the code to find nearest possible gap where
items can be moved and moves all of them with single update query.
|