From 7021455bd1ed7b125c55eb1b33c5a01f2bc55ee0 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Thu, 17 Nov 2022 11:33:21 +0000
Subject: Add latest changes from gitlab-org/gitlab@15-6-stable-ee

---
 app/controllers/concerns/web_hooks/hook_actions.rb | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'app/controllers/concerns/web_hooks/hook_actions.rb')

diff --git a/app/controllers/concerns/web_hooks/hook_actions.rb b/app/controllers/concerns/web_hooks/hook_actions.rb
index ea11f13c7ef..75065ef9d24 100644
--- a/app/controllers/concerns/web_hooks/hook_actions.rb
+++ b/app/controllers/concerns/web_hooks/hook_actions.rb
@@ -20,7 +20,7 @@ module WebHooks
 
       unless hook.valid?
         self.hooks = relation.select(&:persisted?)
-        flash[:alert] = hook.errors.full_messages.join.html_safe
+        flash[:alert] = hook.errors.full_messages.to_sentence.html_safe
       end
 
       redirect_to action: :index
@@ -53,6 +53,8 @@ module WebHooks
 
       ps = params.require(:hook).permit(*permitted).to_h
 
+      ps.delete(:token) if action_name == 'update' && ps[:token] == WebHook::SECRET_MASK
+
       ps[:url_variables] = ps[:url_variables].to_h { [_1[:key], _1[:value].presence] } if ps.key?(:url_variables)
 
       if action_name == 'update' && ps.key?(:url_variables)
@@ -64,7 +66,9 @@ module WebHooks
     end
 
     def hook_param_names
-      %i[enable_ssl_verification token url push_events_branch_filter]
+      param_names = %i[enable_ssl_verification token url push_events_branch_filter]
+      param_names.push(:branch_filter_strategy) if Feature.enabled?(:enhanced_webhook_support_regex)
+      param_names
     end
 
     def destroy_hook(hook)
-- 
cgit v1.2.3