Age | Commit message (Collapse) | Author |
|
Fix permissions check in `RelativeLinkFilter`
See merge request gitlab-org/gitlab-ce!32448
|
|
|
|
Fix snippets API not working with visibility level
Closes #66050
See merge request gitlab-org/gitlab-ce!32286
(cherry picked from commit 1843502ff4d9841f9abf635ffb57d72068ec90c9)
680f4377 Fix snippets API not working with visibility level
|
|
Fix Piwik not working
Closes #66627
See merge request gitlab-org/gitlab-ce!32234
(cherry picked from commit 0c639b2463a4d70bb275e4f139a88594e674a240)
f6058981 Fix Piwik not working
|
|
Add helpers to exactly undo cleanup_concurrent_column_rename
See merge request gitlab-org/gitlab-ce!32183
(cherry picked from commit fc08d48cf0a596dc151cb7bc7ab0f7d2721f3333)
9b592a59 Add helper to exactly undo cleanup_concurrent_column_rename
61777843 Add spec for undo_rename_column_concurrently
d28ad870 Add spec for when default is false
|
|
Fix N+1 Gitaly calls in /api/v4/projects/:id/issues
See merge request gitlab-org/gitlab-ce!32171
(cherry picked from commit bbd39021c39b66ecb954a7fb8276320556b65a3b)
44063501 Fix N+1 Gitaly calls in /api/v4/projects/:id/issues
|
|
'66641-broken-master-real-http-connections-are-disabled-unregistered-request' into 'master'
Use `stub_full_request` to fix spec failure
Closes #66641
See merge request gitlab-org/gitlab-ce!32259
|
|
When post-processing relative links to absolute links
RelativeLinkFilter didn't take into consideration that
internal repository data could be exposed for users
that do not have repository access to the project.
This commit solves that by checking whether the user
can `download_code` at this repository, avoiding any
processing of this filter if the user can't.
Additionally, if we're processing for a group (
no project was given), we check if the user can
read it in order to expand the href as an extra.
That doesn't seem necessarily a breach now,
but an extra check doesn't hurt as after all
the user needs to be able to `read_group`.
|
|
* Prevent creating notes on inaccessible MRs
This applies the notes rules at the MR scope. Rather than adding extra
rules to the Project level policy, preventing :create_note here is
better since it only prevents creating notes on MRs.
* Prevent creating notes in inaccessible Issues
without this policy, non-team-members are allowed to comment on issues
even when the project has the private-issues policy set. This means that
without this change, users are allowed to comment on issues that they
cannot read.
* Add CHANGELOG entry
|
|
Prevent disclosure of merge request id via email
See merge request gitlab/gitlabhq!3350
|
|
Send TODOs for comments on commits correctly
See merge request gitlab/gitlabhq!3365
|
|
Add Gitlab::VisibilityLevelChecker that verifies
selected project visibility level (or overridden param)
is not restricted when creating or importing a project
|
|
DNS Rebind SSRF in Kubernetes Integration
See merge request gitlab/gitlabhq!3268
|
|
into '12-2-stable'
Fix HTML injection for label description
See merge request gitlab/gitlabhq!3315
|
|
Permission fix for MergeRequestsController#pipeline_status
See merge request gitlab/gitlabhq!3322
|
|
Limit the size of issuable description and comments
See merge request gitlab/gitlabhq!3323
|
|
Use image proxy to mitigate stealing ip addresses
See merge request gitlab/gitlabhq!3333
|
|
Fix DNS rebind vulnerability for JIRA integration
See merge request gitlab/gitlabhq!3338
|
|
'12-2-stable'
Clear reset_password_tokens when login (email or username) change
See merge request gitlab/gitlabhq!3346
|
|
'12-2-stable'
Require a captcha after unique failed logins from the same IP
See merge request gitlab/gitlabhq!3349
|
|
Enforce max chars and max render time in markdown math
See merge request gitlab/gitlabhq!3353
|
|
Restrict MergeRequests#test_reports to authenticated users with read-access on Builds
See merge request gitlab/gitlabhq!3354
|
|
Add direct upload support for personal snippets
See merge request gitlab/gitlabhq!3359
|
|
admin_group authorization for Groups::RunnersController
See merge request gitlab/gitlabhq!3362
|
|
Re-escape the whole HTML content when finding HTML references
See merge request gitlab/gitlabhq!3370
|
|
At present, the TodoService uses the `:read_project` ability to decide
whether a user can read a note on a commit. However, commits can have a
visibility level that is more restricted than the project, so this is a
security issue.
This commit changes the code to use the `:read_commit` ability in this
case instead, which ensures TODOs are only generated for commit notes
if the users can see the commit.
|
|
Embed metrics undefined param fix
Closes #66177
See merge request gitlab-org/gitlab-ce!31975
(cherry picked from commit 04b37e429466c9ec750936067c0a9c326e57a1c4)
1ebc87e9 Remove dashboard param when undefined
8122a21a Insert additional assertion
2c4e17f9 Ensure all params have the option to be dropped when falsy
3812e4f3 Use isNil check
5ed2c263 Add tests and null check
2ebe1715 Add change log entry
|
|
Fix Gitaly N+1 calls with listing issues/MRs via API
Closes #66202
See merge request gitlab-org/gitlab-ce!31938
(cherry picked from commit 57ec78d53066cf9184859a0202609eb01567eab9)
ba7c501f Fix Gitaly N+1 calls with listing issues/MRs via API
|
|
When we un-escape HTML text to find references in it, we should then
re-escape the whole text again, not only found matches.
Because we replace matches with milestone/label links (which contain
HTML tags we don't want to escape again), we re-escape HTML text
with placeholders instead of these links and then replace placeholders
in the escaped text.
|
|
|
|
- Use authorize_admin_group! instead of authorize_admin_pipeline!
- Added role-based permission specs for Groups::RunnersController
|
|
Limiting the size of issuable description and comments to 1_000_000,
which is close to ~1MB of ASCII characters, which represents 99.9% of
all descriptions and comments we have in DB at the moment. This should
help prevent DoS attacks when comments contain refference strings.
Also this change updates regexp matching the namespaces paths by
limiting the namespaces paths to Namespace::NUMBER_OF_ANCESTORS_ALLOWED,
as we allow 20 levels deep groups.
see https://gitlab.com/gitlab-org/gitlab-ce/issues/61974#note_191274234
|
|
on Builds
|
|
KaTeX math will now render progressivly and asynchronously. There
are upper limits on the character count of each formula, and on
cumulative render time.
|
|
Do not disclosure merge request id via email for unauthorized users
when closing issues.
|
|
Add method to store session ids by ip
Add new specs for storing session ids
Add cleaning up records after login
Add retrieving anonymous sessions
Add login recaptcha setting
Add new setting to sessions controller
Add conditions for showing captcha
Add sessions controller specs
Add admin settings specs for login protection
Add new settings to api
Add stub to devise spec
Add new translation key
Add cr remarks
Rename class call
Add cr remarks
Change if-clause for consistency
Add cr remarks
Add code review remarks
Refactor AnonymousSession class
Add changelog entry
Move AnonymousSession class to lib
Move store unauthenticated sessions to sessions controller
Move link to recaptcha info
Regenerate text file
Improve copy on the spam page
Change action filter for storing anonymous sessions
Fix rubocop offences
Add code review remarks
|
|
Devise checks before updating any of the authentication_keys if it
needs to clear the reset_password_tokens.
This should fix:
https://gitlab.com/gitlab-org/gitlab-ce/issues/42733 (Weak
authentication and session management)
|
|
|
|
Kubeclient uses rest-client. We hack into to access the net/http object
so that we can patch to connect to the resolved IP + set
hostname_override.
Add specs for discord. The discord integration also uses rest-client, so
since we patched rest-client, spec that the DNS rebinding protection
works
|
|
for ApplicationSettings
|
|
User images and videos will get proxied through
the Camo server in order to keep malicious
sites from collecting the IP address of users.
|
|
- Use set_pipeline_variables to filter for visible pipelines
- Mimic response of nonexistent pipeline if not found
- Provide set_pipeline_variables as a before_filter for other actions
|
|
|
|
Uses Gitlab::HTTP for JIRA requests instead of Net::Http.
Gitlab::Http comes with some built in SSRF protections.
|
|
Fix pipelines not always being created after a push
Closes #66196
See merge request gitlab-org/gitlab-ce!31927
(cherry picked from commit c7d12e602120bc0ec801b9696c7ac344dda10fc4)
b46b9d5e Fix pipelines not always being created after a push
|
|
- Adds UI to configure in group and project settings
- Removes notification configuration for users when
disabled at group or project level
|
|
Migrate legacy uploads rake tasks
See merge request gitlab-org/gitlab-ce!29409
|
|
Fix starrers counts after searching
See merge request gitlab-org/gitlab-ce!31823
|
|
Look up upstream commits once before queuing ProcessCommitWorkers
Closes #65464
See merge request gitlab-org/gitlab-ce!31871
|
|
Previously `ProjectCacheWorker` would be scheduled once per ref, which
would generate unnecessary I/O and load on Sidekiq, especially if many
tags or branches were pushed at once. `ProjectCacheWorker` would expire
three items:
1. Repository size: This only needs to be updated once per push.
2. Commit count: This only needs to be updated if the default branch
is updated.
3. Project method caches: This only needs to be updated if the default
branch changes, but only if certain files change (e.g. README,
CHANGELOG, etc.).
Because the third item requires looking at the actual changes in the
commit deltas, we schedule one `ProjectCacheWorker` to handle the first
two cases, and schedule a separate `ProjectCacheWorker` for the third
case if it is needed. As a result, this brings down the number of
`ProjectCacheWorker` jobs from N to 2.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/52046
|