| Age | Commit message (Collapse) | Author |
|---|
|
Fix for three open redirect vulns using redirect_to url_for(params.merge)))
See merge request !2082
|
|
Previously accidently added a test for a feature that does not exist in this release
: preserved styles in labels
|
|
Fix for open redirect vuln involving continue[to] params
See merge request !2083
|
|
Fix for path disclosure in project import/export
See merge request !2080
|
|
Don’t show source project name when user does not have access
See merge request !2081
|
|
Remove class from SanitizationFilter whitelist
See merge request !2079
|
|
fix for render json include leaks
See merge request !2074
Conflicts:
app/controllers/projects/merge_requests_controller.rb
spec/controllers/projects/issues_controller_spec.rb
|
|
Protect server against SSRF in project import URLs
See merge request !2068
|
|
Only show public emails in atom feeds
See merge request !2066
|
|
In 8.17+, this takes two arguments to `new`, and two for `execute`. In
8.16, it takes four to `execute`.
|
|
This reverts commit f948c2f4ec03c544a1453714189599d02bcd99e8.
|
|
Fix MR changes tab size count
Closes #27563
See merge request !9091
|
|
Allow searching issues for strings containing colons
Closes #28357
See merge request !9400
|
|
Show merge errors in merge request widget
Closes #28124 and gitlab-ee#1652
See merge request !9229
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
refactoring a little so this is not a complete fix
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Don't delete assigned MRs/issues when user is deleted
See merge request !8634
|
|
Reduce hits to LDAP on Git HTTP auth by reordering auth mechanisms
Closes #24462
See merge request !8752
|
|
into 'master'
Fix filtered search user autocomplete for gitlab instances that are hosted on a subdirectory
Closes #27343
See merge request !8891
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
API: Fix file downloading
See merge request !8953
|
|
Fix broken anchor links when special characters are used
Closes #26778
See merge request !8961
|
|
Fixes ajax requests when current URL has a trailing slash
Closes #27756
See merge request !9010
|
|
'master'
Make deploy key not show in User's keys list
Closes #27480
See merge request !9024
|
|
Refresh authorizations when transferring projects
See merge request !9029
|
|
Fix for XSS vulnerability in SVG attachments
See https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2059
|
|
Fix XSS in rdoc and other markups
See https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2058
|
|
Add sanitization filter to asciidocs output to prevent XSS
See https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2057
|
|
|
|
Apply the same spam checks to public snippets (either personal snippets
that are public, or public snippets on public projects) as to issues on
public projects.
|
|
'27067-mention-user-dropdown-does-not-suggest-by-non-ascii-characters-in-name' into 'master'
Resolve "Mention @user dropdown does not suggest by non-ASCII characters in name"
Closes #27067
See merge request !8729
|
|
Fixes broken build: Use jquery to get the element position in the page
See merge request !8926
|
|
Fix filtering usernames with multiple words
Closes #27404
See merge request !8851
|
|
into 'master'
Fix permalink discussion note being collapsed
Closes #26860, #27089, and #27151
See merge request !8773
|
|
Fix user validation error in Import/Export
Closes #23833
See merge request !8909
|
|
Fix a transient failure in the `Explore::ProjectsController` spec
Closes #27350
See merge request !8847
|
|
'27248-filtered-search-does-not-allow-filtering-labels-with-multiple-words' into 'master'
Fix filtering label and milestone with multiple words
Closes #27248 and #27334
See merge request !8830
|
|
into 'master'
Fix project name label's for reference in project settings
Closes #27259
See merge request !8795
|
|
Fix search bar search param encoding
Closes #27398
See merge request !8753
|
|
Fix Error 500 when repositories contain annotated tags pointing to blobs
Closes #27228
See merge request !8800
|
|
Fix /explore sorting (trending)
Closes #27044
See merge request !8792
|
|
Revert filter-assigned-to-me
Closes #27176
See merge request !8785
|
|
Fix access to the wiki code via HTTP when repository feature disabled
Closes #26518
See merge request !8758
|
|
'27124-search-bar-does-not-load-discussion-notes-selected-labels' into 'master'
Fix filtered search so that labels selected from discussion notes display correctly
Closes #27124
See merge request !8756
|
|
'master'
Add caching of droplab ajax requests
Closes #26844
See merge request !8725
|
|
Fix race conditions for AuthorizedProjectsWorker
Closes #26194 and #26310
See merge request !8701
|
|
Fix autocomplete initial undefined state (loading)
Closes #26775
See merge request !8667
|
|
Fixed label select toggle not updating correctly
Closes #26119
See merge request !8601
|
|
|
|
Fix CI requests concurrency
See merge request !8760
|
|
Backport changes introduced by https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1078
See merge request !8657
|
