root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
111,883 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

92 Commits

Author SHA1 Message Date
Robert Speicher 791ca43f3f Merge branch '41293-fix-command-injection-vulnerability-on-system_hook_push-queue-through-web-hook' into 'security-10-3' 
Don't allow line breaks on HTTP headers

See merge request gitlab/gitlabhq!2277

(cherry picked from commit 7fc0a6fc096768a5604d6dd24d7d952e53300c82)

073b8f9c Don't allow line breaks on HTTP headers
 2018-01-16 17:04:51 -08:00
Alexander Randa e0ab5618a0 Wrong data type when testing webhooks 2017-07-20 15:12:06 +00:00
Yorick Peterse 8fbbf41e29
Added Cop to blacklist the use of `dependent:` 
This is allowed for existing instances so we don't end up 76 offenses
right away, but for new code one should _only_ use this if they _have_
to remove non database data. Even then it's usually better to do this in
a service class as this gives you more control over how to remove the
data (e.g. in bulk).
 2017-07-06 12:01:36 +02:00
Alexander Randa 330789c23c Implement web hooks logging 
* implemented logging of project and system web hooks
* implemented UI for user area (project hooks)
* implemented UI for admin area (system hooks)
* implemented retry of logged webhook
* NOT imeplemented log remover
 2017-05-25 10:07:52 +03:00
Douwe Maan 1fd83f972c Merge branch 'bvl-rename-build-events-to-job-events' into 'master' 
Rename `build_events` to `job_events`

Closes #31620

See merge request !11287
 2017-05-16 14:12:19 +02:00
Douwe Maan 950fa32a7c Revert "Merge branch 'bvl-rename-build-events-to-job-events' into 'master'" 
This reverts merge request !11287
 2017-05-15 20:24:19 +00:00
Bob Van Landuyt cac7e03fa1 Rename `build_events` to `job_events` in code 2017-05-15 14:27:01 +02:00
Gabriel Mazetto f661980904 Added repository_update hook 2017-05-12 23:26:48 +01:00
Rémy Coutable d40e1f547e Enable the Style/TrailingCommaInLiteral cop 
Use the EnforcedStyleForMultiline: no_comma option.

Signed-off-by: Rémy Coutable <remy@rymai.me>
 2017-05-10 18:25:45 +02:00
Douglas Barbosa Alexandre a103a5d9cc Add option to confidential issues events to trigger Webhooks 2016-08-31 18:34:23 -03:00
Lin Jen-Shin 020ea32e76 Implement pipeline hooks, extracted from !5525 
Closes #20115
 2016-08-02 18:22:24 +08:00
Robert Speicher d8415389de Merge branch 'hook-docs-behavior' into 'master' 
Improve documentation and web test for web hooks

Tips and documentation of actual hook behavior. Improved user feedback
when testing hooks via the web UI.

See merge request !4015
 2016-05-11 16:34:00 +00:00
Jacob Vosmaer ebf80db3ab Remove extra sanitization 
Robert Speicher and I believe this string gets sanitized further down
the stack anyway. Doing this in a model class feels wrong.
 2016-05-10 11:14:46 +02:00
Jeroen van Baarsen f1479b56b7
Remove the annotate gem and delete old annotations 
In 8278b763d9 the default behaviour of annotation
has changes, which was causing a lot of noise in diffs. We decided in #17382
that it is better to get rid of the whole annotate gem, and instead let people
look at schema.rb for the columns in a table.

Fixes: #17382
 2016-05-09 18:00:28 +02:00
Dmitriy Zaporozhets 2dcd3f29dd
Annotate models 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2016-05-06 16:13:35 +02:00
Zeger-Jan van de Weg 47da013cf8 Annotate the models 2016-05-06 08:27:46 +02:00
Jacob Vosmaer f4e0c56279 Improve documentation and web test for web hooks 
I wanted to share what I learned trying to debug web hooks using
netcat.
 2016-05-03 13:03:10 +02:00
Gabriel Mazetto 0cd5edf35c Backported minimal safewebhook implementation to GitLab CE 2016-04-30 05:04:10 -03:00
Gabriel Mazetto f6fa18668a moving overlapping scopes to webhook 2016-04-19 11:00:30 +02:00
Kirilll Zaycev e80113593c Raise hook url limit 2016-01-15 00:35:12 +03:00
Jason Lee 932a247f5f Use CGI.escape instead of URI.escape, because URI is obsoleted. 
ref: 238b979f17
 2016-01-12 18:20:03 +08:00
Dmitriy Zaporozhets 08213ed4f5 Merge branch 'accept-2xx-status-codes-for-webhooks' into 'master' 
Accept 2xx status codes for successful Web hook triggers

Closes https://github.com/gitlabhq/gitlabhq/issues/9956

See merge request !2332
 2016-01-08 10:56:39 +00:00
Stan Hu 8386edafd1 Accept 2xx status codes for successful Web hook triggers 
Closes https://github.com/gitlabhq/gitlabhq/issues/9956
 2016-01-07 06:28:24 -08:00
Stan Hu 79c0e7212a Annotate models 2016-01-06 13:09:55 +00:00
Kamil Trzcinski 2988e1fbf5 Migrate CI::Services and CI::WebHooks to Services and WebHooks 2015-12-10 16:04:08 +01:00
Robert Speicher d5ea93469b Add custom UrlValidator 2015-12-07 16:57:26 -05:00
Stan Hu a120b78940 Handle and report SSL errors in Web hook test. Check for status 200 for success. 
If a Web hook test fails due to an SSL error or some other error, report
the result back to the user instead of an Error 500.

Closes #3656

Handle response
 2015-12-04 07:13:28 -08:00
Dmitriy Zaporozhets a237999f00
Annotate models 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2015-11-13 19:22:46 +01:00
Valery Sizov ce4defaf2f enable SSL by default 2015-09-17 09:51:24 +03:00
Valery Sizov bafffb2d14 Enable SSL verification for Webhooks 2015-08-26 15:48:31 +03:00
Stan Hu deeff56967 Add support for Webhook note events 
Closes https://github.com/gitlabhq/gitlabhq/issues/6745
 2015-05-21 23:48:16 -04:00
bugagazavr acac788902 Added X-GitLab-Event header for web hooks 2015-05-08 16:49:03 +03:00
Valery Sizov bc9ba5237c Revert "Added X-GitLab-Event header for web hooks" 
This reverts commit 548f182814.
 2015-04-27 16:29:31 +03:00
bugagazavr 548f182814 Added X-GitLab-Event header for web hooks 2015-04-25 21:31:52 +03:00
Douwe Maan 9e52a2dcab Don't use URI.regexp to validate since it doens't have start/end anchors. 2015-04-11 11:38:14 +02:00
Dmitriy Zaporozhets 62ed1c537e Explicitly define ordering in models using default_scope 2015-02-05 14:20:55 -08:00
Dmitriy Zaporozhets a89d7adfa4 Rescue connection reset for web hooks 2015-02-03 13:57:28 -08:00
Dmitriy Zaporozhets e890582681 Rubocop enabled for: Use spaces inside hash literal braces 2015-02-02 20:36:54 -08:00
Dmitriy Zaporozhets b07802ab68
Rescue Net::OpenTimeout exception in web hook 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2014-12-29 16:41:10 +02:00
Dmitriy Zaporozhets db2edff937
Handle web hook exception 
Write to log if web hook cant be executed. This prevents 500 error when
test web hook with invalid URL and prevent exceptions and retries in
sidekiq

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2014-12-04 15:07:01 +02:00
Kirill Zaitsev b4963e9dda Add tag_push_events to project hook api 2014-10-03 10:23:32 +04:00
Dmitriy Zaporozhets 38ed0deaac
Move hook models in separate dir 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2014-09-15 11:31:30 +03:00