disable markdown in comments when referencing disabled features
fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23548
This MR prevents the following references when tool is disabled:
- issues
- snippets
- commits - when repo is disabled
- commit range - when repo is disabled
- milestones
This MR does not prevent references to repository files, since they are just markdown links and don't leak
information.
See merge request !2011
Signed-off-by: Rémy Coutable <remy@rymai.me>
* master: (121 commits)
Dedupe labels in labels selector in Dashboard pages
Refactor colors and lists
Add a safeguard in MergeRequest#compute_diverged_commits_count
Fix an issue when the target branch of a MR had been deleted
Add avatar to issue and MR pages header
Cleanup somce css colors
Re-group scss variables
Refactor `Todo#target`
Fixes issue with filter label missing on labels & milestones
Rename `Todo#to_reference` to `Todo#target_reference`
Fixed failing tests
Updated controller with before_action Fixed other issues based on feedback
Fixes issue on dashboard issues
Full labels data in JSON
Fixed issue with labels dropdown getting wrong labels
Update CHANGELOG
Use `Note#for_project_snippet?` to skip notes on project snippet
Use `Commit#short_id` instead of `Commit.truncate_sha`
Reuse `for_commit?` on conditional validations
Update schema info comment on todo related files
...
Conflicts:
app/models/issue.rb
db/schema.rb
spec/models/issue_spec.rb
Disable reference generation in preformatted/code blocks
### Summary
If a user adds text in code or preformatted text via Markdown or HTML that contains `#XXX`, the system adds a note that issue `XXX` was mentioned. This is particularly annoying because we often list gdb backtrace dumps into our issues, and many issues get mentioned as a result. For example:
```
(gdb) bt
#0 0x00000000004004c4 in second () at main.cc:6
#1 0x00000000004004d2 in first () at main.cc:11
#2 0x00000000004004dd in main () at main.cc:17
(gdb)
```
### Steps to reproduce
1. In an issue, write the above text using Markdown or HTML tags (e.g. `<code>`, `<pre>`).
2. Observe that [issue 1](https://gitlab.com/gitlab-org/gitlab-ce/issues/1) and [issue 2](https://gitlab.com/gitlab-org/gitlab-ce/issues/2) have a note that says they were mentioned.
### Expected behavior
Everything enclosed in the code blocks should be ignored as references.
### Observed behavior
Issues get referenced unnecessarily.
### Fix
I've made `reference_extractor.rb` strip out HTML and Markdown blocks before processing. I considered running the raw text through the entire Markdown processor, but this seems overkill and perhaps could lead to some unintended side effects.
See merge request !365
Store both the project and identifier of extracted references. This
prevents `ReferenceExtractor` from returning objects in the wrong
project for cross-project references.
Any mention of Issues, MergeRequests, or Commits via GitLab-flavored markdown
references in descriptions, titles, or attached Notes creates a back-reference
Note that links to the original referencer. Furthermore, pushing commits with
commit messages that match a (configurable) regexp to a project's default
branch will close any issues mentioned by GFM in the matched closing phrase.
If accepting a merge request would close any Issues in this way, a banner is
appended to the merge request's main panel to indicate this.
Robert Speicher
Rémy Coutable
Jarka Kadlecova
Ershad Kunnakkadan
Douwe Maan
Ilan Shamir
Grzegorz Bizon
Douglas Barbosa Alexandre
Drew Blessing
Dmitriy Zaporozhets
Stan Hu
Jeroen van Baarsen
Marin Jankovski
Vinnie Okada
Marin Jankovski
ash wilson