root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
105,533 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

56 Commits

Author SHA1 Message Date
GitLab Bot 77831d580c Add latest changes from gitlab-org/gitlab@master 2021-03-05 09:09:07 +00:00
GitLab Bot bcfab67c0f Add latest changes from gitlab-org/gitlab@master 2021-02-25 09:10:45 +00:00
GitLab Bot 91e247b531 Add latest changes from gitlab-org/gitlab@master 2021-02-24 09:11:09 +00:00
GitLab Bot 3c53fbc50b Add latest changes from gitlab-org/gitlab@master 2021-02-09 12:09:48 +00:00
GitLab Bot 3f64903c39 Add latest changes from gitlab-org/gitlab@master 2021-02-03 03:09:33 +00:00
GitLab Bot 2516f0d87b Add latest changes from gitlab-org/gitlab@master 2021-01-29 18:09:17 +00:00
GitLab Bot c6ee7ef0f5 Add latest changes from gitlab-org/gitlab@master 2021-01-28 15:09:06 +00:00
GitLab Bot 507c0e71cd Add latest changes from gitlab-org/gitlab@master 2021-01-27 12:09:01 +00:00
GitLab Bot dafbc31897 Add latest changes from gitlab-org/gitlab@master 2021-01-26 21:09:04 +00:00
GitLab Bot 9c07ab8c69 Add latest changes from gitlab-org/gitlab@master 2021-01-12 09:10:49 +00:00
GitLab Bot d06b4740da Add latest changes from gitlab-org/gitlab@master 2021-01-08 00:10:44 +00:00
GitLab Bot a060caf3db Add latest changes from gitlab-org/gitlab@master 2021-01-05 09:10:15 +00:00
GitLab Bot b69895951e Add latest changes from gitlab-org/gitlab@master 2020-12-31 12:10:35 +00:00
GitLab Bot 5c9f6c66fa Add latest changes from gitlab-org/gitlab@master 2020-12-23 12:10:26 +00:00
GitLab Bot ac5d39c2c4 Add latest changes from gitlab-org/gitlab@master 2020-12-06 03:09:38 +00:00
GitLab Bot bbd9e2c915 Add latest changes from gitlab-org/gitlab@master 2020-12-03 15:09:46 +00:00
GitLab Bot 27c4555a42 Add latest changes from gitlab-org/gitlab@master 2020-09-22 21:10:04 +00:00
GitLab Bot 7985071975 Add latest changes from gitlab-org/gitlab@master 2020-09-21 12:09:34 +00:00
GitLab Bot 37ea4b5fbf Add latest changes from gitlab-org/gitlab@master 2020-09-18 03:09:28 +00:00
GitLab Bot bf1600d157 Add latest changes from gitlab-org/gitlab@master 2020-09-16 18:09:47 +00:00
GitLab Bot 6b9b8a52ba Add latest changes from gitlab-org/gitlab@master 2020-09-16 06:09:24 +00:00
GitLab Bot 0f5dcf55e5 Add latest changes from gitlab-org/gitlab@master 2020-09-12 00:08:44 +00:00
GitLab Bot a66475b6be Add latest changes from gitlab-org/gitlab@master 2020-09-11 21:08:44 +00:00
GitLab Bot a865379008 Add latest changes from gitlab-org/gitlab@master 2020-09-07 12:08:27 +00:00
GitLab Bot e28b754d23 Add latest changes from gitlab-org/gitlab@master 2020-09-02 03:10:30 +00:00
GitLab Bot 0bfb62457b Add latest changes from gitlab-org/gitlab@master 2020-08-19 06:10:04 +00:00
GitLab Bot da1962d9ac Add latest changes from gitlab-org/gitlab@master 2020-07-15 18:09:09 +00:00
GitLab Bot 8584b7d7ce Add latest changes from gitlab-org/gitlab@master 2020-07-02 00:09:51 +00:00
GitLab Bot c59765a50a Add latest changes from gitlab-org/gitlab@master 2020-06-24 18:09:03 +00:00
GitLab Bot a89912871c Add latest changes from gitlab-org/gitlab@master 2020-06-17 12:08:42 +00:00
GitLab Bot 607646ef52 Add latest changes from gitlab-org/gitlab@master 2020-06-03 12:08:21 +00:00
GitLab Bot 21539fe9ab Add latest changes from gitlab-org/gitlab@master 2020-05-22 00:08:07 +00:00
GitLab Bot 41e8b05e8d Add latest changes from gitlab-org/gitlab@master 2020-05-13 12:07:54 +00:00
GitLab Bot 5c8c561ac6 Add latest changes from gitlab-org/gitlab@master 2020-04-24 12:10:16 +00:00
GitLab Bot fdd0b0fd45 Add latest changes from gitlab-org/gitlab@master 2020-04-23 18:09:46 +00:00
GitLab Bot c6c7437861 Add latest changes from gitlab-org/gitlab@master 2020-03-04 12:07:52 +00:00
GitLab Bot c7e385e282 Add latest changes from gitlab-org/gitlab@master 2020-02-19 15:09:09 +00:00
GitLab Bot b69f406585 Add latest changes from gitlab-org/gitlab@master 2020-02-15 00:08:48 +00:00
GitLab Bot 26384c9a61 Add latest changes from gitlab-org/gitlab@master 2020-02-05 09:08:43 +00:00
GitLab Bot 511e761b41 Add latest changes from gitlab-org/gitlab@master 2020-01-03 15:08:33 +00:00
GitLab Bot 75687c79df Add latest changes from gitlab-org/gitlab@master 2019-11-12 00:06:21 +00:00
GitLab Bot 25989ab7ef Add latest changes from gitlab-org/gitlab@master 2019-10-18 11:11:44 +00:00
GitLab Bot 0a850868df Add latest changes from gitlab-org/gitlab@master 2019-10-09 12:06:13 +00:00
GitLab Bot 1dd77c7113 Add latest changes from gitlab-org/gitlab@master 2019-10-01 06:06:13 +00:00
GitLab Bot 98dbb0a488 Add latest changes from gitlab-org/gitlab@master 2019-09-23 00:06:29 +00:00
Nick Thomas 6ce21a9c17
Add a predicate to check for strong memoization 2019-09-10 13:45:21 +01:00
Thong Kuah 8c42a0eac0 Add frozen_string_literal to lib part 2 
Using the sed script from
https://gitlab.com/gitlab-org/gitlab-ce/issues/59758
 2019-08-23 00:15:24 +12:00
Kerri Miller acc694ead6 Extract SanitizeNodeLink and apply to WikiLinkFilter 
The SanitizationFilter was running before the WikiFilter. Since
WikiFilter can modify links, we could see links that _should_ be stopped
by SanatizationFilter being rendered on the page. I (kerrizor) had
previously addressed the bug in: 7bc971915b
However, an additional exploit was discovered after that was merged.
Working through the issue, we couldn't simply shuffle the order of
filters, due to some implicit assumptions about the order of filters, so
instead we've extracted the logic that sanitizes a Nokogiri-generated
Node object, and applied it to the WikiLinkFilter as well.

On moving filters around:
Once we start moving around filters, we get cascading failures; fix one,
another one crops up. Many of the existing filters in the WikiPipeline
chain seem to assume that other filters have already done their work,
and thus operate on a "transform anything that's left" basis;
WikiFilter, for instance, assumes any link it finds in the markdown
should be prepended with the wiki_base_path.. but if it does that, it
also turns `href="@user"` into `href="/path/to/wiki/@user"`, which the
UserReferenceFilter doesn't see as a user reference it needs to
transform into a user profile link. This is true for all the reference
filters in the WikiPipeline.
 2019-07-26 13:41:11 +00:00
Fabio Pitino abceda6cc5 Prevent Billion Laughs attack 
It keeps track of the memory being used when loading the YAML file
as well as the depth of nesting.
Track exception when YAML is too big
 2019-07-02 06:23:06 +00:00
Jacopo d2851f41ba Extend override check to also check arity 
Override now cares about parents method arity: if parents arity
doesn't match raises an error.
 2018-12-22 14:10:43 +01:00