84f243bc95
Sanitize search text to prevent XSS
2019-10-02 19:06:25 -07:00
427b23c127
Add latest changes from gitlab-org/gitlab@master
2019-10-03 00:05:59 +00:00
6d60f91076
Add latest changes from gitlab-org/gitlab@master
2019-10-02 21:06:22 +00:00
de2ae3154f
Add latest changes from gitlab-org/gitlab@master
2019-10-02 18:06:20 +00:00
4f4dcd3c5d
Add latest changes from gitlab-org/gitlab@master
2019-10-02 15:06:12 +00:00
2cf5eb1498
Update CHANGELOG.md for 12.3.4
...
[ci skip]
2019-10-02 15:03:34 +00:00
81c6c53d6c
Add latest changes from gitlab-org/gitlab@master
2019-10-02 12:06:04 +00:00
f7e0be9bbe
Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq
2019-10-02 11:09:24 +02:00
95793b2325
Add latest changes from gitlab-org/gitlab@master
2019-10-02 09:05:53 +00:00
32a97baefb
Merge branch 'security-29491-ce' into 'master'
...
Fix private feature Elasticsearch leak
Closes gitlab-ee#381
See merge request gitlab/gitlabhq!3457
2019-10-02 09:03:15 +00:00
404bb44ef7
Add latest changes from gitlab-org/gitlab@master
2019-10-02 06:06:28 +00:00
d14219486e
Add latest changes from gitlab-org/gitlab@master
2019-10-02 03:06:35 +00:00
587794b4b8
Add latest changes from gitlab-org/gitlab@master
2019-10-02 00:06:26 +00:00
e0bd3a45d9
Add latest changes from gitlab-org/gitlab@master
2019-10-01 21:06:09 +00:00
ed3b169888
Add latest changes from gitlab-org/gitlab@master
2019-10-01 18:06:28 +00:00
8a67c99a17
Update CHANGELOG.md for 12.1.13
...
[ci skip]
2019-10-01 17:03:42 +00:00
05f4b2fb34
Add latest changes from gitlab-org/gitlab@master
2019-10-01 15:06:05 +00:00
9adcdaab51
Fix private feature Elasticsearch leak
...
Add spec to test different combinations.
2019-10-01 14:30:34 +02:00
7b621c274c
Accept string for required_minimum_access_level
...
Add spec
2019-10-01 14:30:34 +02:00
9e27f0d920
Add latest changes from gitlab-org/gitlab@master
2019-10-01 12:05:59 +00:00
1bab0ba591
Add latest changes from gitlab-org/gitlab@master
2019-10-01 09:10:39 +00:00
2d03845a76
Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq
2019-10-01 10:56:49 +02:00
1dd77c7113
Add latest changes from gitlab-org/gitlab@master
2019-10-01 06:06:13 +00:00
ec60358d52
Add latest changes from gitlab-org/gitlab@master
2019-10-01 03:05:57 +00:00
b38cf7ccdf
Add latest changes from gitlab-org/gitlab@master
2019-10-01 00:06:42 +00:00
08f4ce10c0
Add latest changes from gitlab-org/gitlab@master
2019-09-30 21:06:41 +00:00
4542a994b1
Merge branch 'master' into dev-master
2019-09-30 13:11:17 -07:00
b4cdff15ca
Add latest changes from gitlab-org/gitlab@master
2019-09-30 18:06:34 +00:00
538fff823d
Add latest changes from gitlab-org/gitlab@master
2019-09-30 15:08:09 +00:00
3692e9f8a2
Validate that SAML requests are originated from gitlab
...
If the request wasn't initiated by gitlab we shouldn't add the new
identity to the user, and instead show that we weren't able to link
the identity to the user.
This should fix: https://gitlab.com/gitlab-org/gitlab-ce/issues/56509
2019-09-30 14:22:06 +02:00
010e3c5ed4
Display only participants that user has permission to see
2019-09-30 14:22:05 +02:00
306fed6afd
Redirect user to root path after unsubscribing from private resource
...
If user unsubsrcribes from a resource that they no longer have
access to they should not be revealed the resource path, but be
redirected to app root instead.
https://gitlab.com/gitlab-org/gitlab-ce/issues/64938
2019-09-30 14:22:05 +02:00
c9396f31c6
Cancel all running CI jobs when user is blocked
...
This prevents a MITM attack where attacker could
still access Git repository if any jobs were
running long enough.
2019-09-30 14:22:05 +02:00
58290d90e5
Hide disabled project milestones in project settings on group level
2019-09-30 14:22:05 +02:00
48bb855ece
Add checking for email_verified key
...
Fix rubocop offences and add changelog
Add email_verified key for feature specs
Add code review remarks
Add code review remarks
Fix specs
2019-09-30 14:22:05 +02:00
c99402c05f
Add policy check if cross reference system notes are accessible
2019-09-30 14:22:05 +02:00
e5fdd91318
Only render fixed number of mermaid blocks
2019-09-30 14:22:04 +02:00
2bb752322e
Filter not accessible label events
...
Label events may use cross-project or cross-group references,
if the projects are not accessible by user, we don't show these
label events.
2019-09-30 14:22:04 +02:00
6a49482316
Fix Gitaly SearchBlobs flag RPC injection
2019-09-30 14:22:04 +02:00
1b4dd9c56a
Update CHANGELOG.md for 12.1.12
...
[ci skip]
2019-09-30 14:22:04 +02:00
1141cdbf81
Update CHANGELOG.md for 12.2.6
...
[ci skip]
2019-09-30 14:22:04 +02:00
0855876623
Update CHANGELOG.md for 12.3.2
...
[ci skip]
2019-09-30 14:22:03 +02:00
dea6ebd31a
Add latest changes from gitlab-org/gitlab@master
2019-09-30 12:06:01 +00:00
94611567bd
Add latest changes from gitlab-org/gitlab@master
2019-09-30 09:06:31 +00:00
42572f63ea
Add latest changes from gitlab-org/gitlab@master
2019-09-30 06:06:02 +00:00
e8185569bf
Add latest changes from gitlab-org/gitlab@master
2019-09-30 03:06:11 +00:00
da2b297213
Add latest changes from gitlab-org/gitlab@master
2019-09-30 00:06:04 +00:00
e7c9b53c76
Add latest changes from gitlab-org/gitlab@master
2019-09-29 18:06:11 +00:00
c1e135e703
Add latest changes from gitlab-org/gitlab@master
2019-09-29 15:06:20 +00:00
ce14080c6f
Add latest changes from gitlab-org/gitlab@master
2019-09-28 18:06:28 +00:00
samantha-dev
GitLab Bot
GitLab Release Tools Bot
Marin Jankovski
Mark Chao
Stan Hu
Sebastian Arcila Valenzuela
Alexandru Croitor
Fabio Pitino
Małgorzata Ksionek
Rajat Jain
Jan Provaznik
Paul Okstad