root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
104,522 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

44 Commits

Author SHA1 Message Date
GitLab Bot 71da5de44f Add latest changes from gitlab-org/gitlab@master 2020-08-05 15:09:59 +00:00
GitLab Bot 4ab94bde3a Add latest changes from gitlab-org/gitlab@master 2020-07-22 00:09:26 +00:00
GitLab Bot 651917dbac Add latest changes from gitlab-org/gitlab@master 2020-07-15 21:09:26 +00:00
GitLab Bot 2f147005c5 Add latest changes from gitlab-org/gitlab@master 2020-07-11 00:09:17 +00:00
GitLab Bot 3caf5a8a00 Add latest changes from gitlab-org/gitlab@master 2020-06-15 18:08:43 +00:00
GitLab Bot b5249f2d99 Add latest changes from gitlab-org/gitlab@master 2020-05-25 12:08:23 +00:00
GitLab Bot 87f286558d Add latest changes from gitlab-org/gitlab@master 2020-05-14 15:08:14 +00:00
GitLab Bot 2e4d8b3449 Add latest changes from gitlab-org/gitlab@master 2020-04-28 03:09:53 +00:00
GitLab Bot e33f87ac0f Add latest changes from gitlab-org/gitlab@master 2020-04-21 15:21:10 +00:00
GitLab Bot 2fd92f2dc7 Add latest changes from gitlab-org/gitlab@master 2020-03-04 21:07:54 +00:00
GitLab Bot f82d5dcab7 Add latest changes from gitlab-org/gitlab@master 2020-02-26 21:09:11 +00:00
GitLab Bot 2b3bfe8fc5 Add latest changes from gitlab-org/gitlab@master 2020-01-08 00:07:43 +00:00
GitLab Bot 8f210aebe1 Add latest changes from gitlab-org/gitlab@master 2019-10-31 21:06:28 +00:00
GitLab Bot 8c7eab92cd Add latest changes from gitlab-org/gitlab@master 2019-10-23 03:06:01 +00:00
GitLab Bot c157f963db Add latest changes from gitlab-org/gitlab@master 2019-10-10 09:06:08 +00:00
Thong Kuah d4ef3be35b Frozen string cannot change encoding 
This was shown in specs but surely this will be happening in application
code as well if this method is passes a frozen string.

We were also trying to force_encode a OmniAuth::AuthHash which had the
very confusing behaviour of returning nil when it was sent a method that
it did not define. Fix that by only force_encoding a String.
 2019-07-26 00:13:25 +12:00
Reuben Pereira e5bdcfbc9b [ADD] outbound requests whitelist 
Signed-off-by: Istvan szalai <istvan.szalai@savoirfairelinux.com>
 2019-07-24 17:59:38 +00:00
Yorick Peterse ae9838d035
Backport try_megabytes_to_bytes from EE 
EE adds this method to Gitlab::Utils, which is also required by our
SimpleCov helper. This prevents us from injecting EE modules into
Gitlab::Utils, because the necessary bits for this are not yet in place.

To work around this we just backport try_megabytes_to_bytes, as there's
no particular reason to keep this in EE only.
 2019-03-12 14:04:05 +01:00
Kamil Trzciński 0103d5be96 Add config_options|variables to BuildMetadata 
These are data columns that store runtime configuration
of build needed to execute it on runner and within pipeline.

The definition of this data is that once used, and when no longer
needed (due to retry capability) they can be freely removed.

They use `jsonb` on PostgreSQL, and `text` on MySQL (due to lacking
support for json datatype on old enough version).
 2019-01-04 16:38:17 +01:00
Rémy Coutable f233c3bce0
Fix a frozen string error in lib/gitlab/utils.rb 
Signed-off-by: Rémy Coutable <remy@rymai.me>
 2018-12-10 16:08:58 +01:00
Cindy Pallares a50c777d95 Merge branch '54857-fix-templates-path-traversal' into 'master' 
[master]: Prevent a path traversal attack on global file templates

Closes #2745

See merge request gitlab/gitlabhq!2677
 2018-12-06 18:38:43 +00:00
Nick Thomas 69645389e9
Prevent a path traversal attack on global file templates 
The API permits path traversal characters like '../' to be passed down
to the template finder. Detect these requests and cause them to fail
with a 500 response code.
 2018-12-05 14:12:35 +00:00
Grzegorz Bizon 4c7665f2f9 Pad encryption keys with UTF-8 0 instead of \0 char 2018-11-28 12:00:17 +01:00
Grzegorz Bizon 37add27a00 Improve token authenticable tests and exceptions 2018-11-27 14:34:05 +01:00
Grzegorz Bizon d1311119fa Fix static analysis in utf8 helper methods 2018-11-23 10:03:43 +01:00
Grzegorz Bizon 777b6713bb Ensure that db encryption keys have proper bytesize 2018-11-22 15:35:49 +01:00
Douglas Barbosa Alexandre 5c519d1194 Add a helper method to append path to a base URL 
In Ruby 2.4, `URI.join("http://test//", "a").to_s` will
remove the double slash, however it's not the case in
Ruby 2.5. Using chomp should work better for the intention,
as we're not trying to allow things like ../ or / paths
resolution.

This helper method append path to host, making sure
there's one single slash as path separator.
 2018-11-06 21:32:01 -08:00
gfyoung c858f70d07 Enable frozen string for lib/gitlab/*.rb 2018-10-22 07:00:50 +00:00
Rubén Dávila d28b1dfc46 Backport of EE !4989 2018-04-11 22:05:07 -05:00
Eric Eastwood a6c7d8050e Add custom additonal email text to all emails 
Fix https://gitlab.com/gitlab-org/gitlab-ee/issues/4474

Conflicts:
	db/schema.rb
	ee/app/controllers/ee/admin/application_settings_controller.rb
	ee/app/helpers/ee/application_settings_helper.rb
	ee/app/models/ee/application_setting.rb
	ee/app/models/license.rb
	ee/app/views/layouts/service_desk.html.haml
	ee/app/views/notify/approved_merge_request_email.html.haml
	ee/app/views/notify/service_desk_new_note_email.text.erb
	ee/app/views/notify/service_desk_thank_you_email.text.erb
	ee/app/views/notify/unapproved_merge_request_email.html.haml
	ee/lib/ee/api/entities.rb
	ee/spec/controllers/admin/application_settings_controller_spec.rb
	ee/spec/models/application_setting_spec.rb
	ee/spec/requests/api/settings_spec.rb
	lib/api/settings.rb
	spec/mailers/previews/notify_preview.rb
 2018-04-04 12:29:03 -05:00
Mario de la Ossa f9d61717cf Gitlab::Utils - backport `.ensure_array_from_string` from EE 2018-03-06 21:16:55 +00:00
Robert Speicher 791ca43f3f Merge branch '41293-fix-command-injection-vulnerability-on-system_hook_push-queue-through-web-hook' into 'security-10-3' 
Don't allow line breaks on HTTP headers

See merge request gitlab/gitlabhq!2277

(cherry picked from commit 7fc0a6fc096768a5604d6dd24d7d952e53300c82)

073b8f9c Don't allow line breaks on HTTP headers
 2018-01-16 17:04:51 -08:00
Michael Kozono ab814e4dd3 Backport `which` from EE 2017-12-01 15:26:40 -08:00
Bob Van Landuyt bde39322f1 Add a linter for PO files 2017-08-31 14:10:04 +02:00
vanadium23 e99444bb2d Fix CI_PROJECT_PATH_SLUG slugify 2017-08-15 08:22:56 +03:00
Lin Jen-Shin efebdba21d Frontend implementation, tests, and changelog 2017-05-25 19:31:21 +08:00
Felipe Artur f4e31b820e Fix project features default values 2016-11-01 11:03:56 -02:00
Lin Jen-Shin f3e8b88814 Use travel_to instead of dependency injection, feedback: 
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5734#note_14056642
 2016-08-19 16:57:25 +08:00
Lin Jen-Shin ce64133516 Introduce Gitlab::Utils.now so that it's easier to stub 2016-08-15 21:32:36 +08:00
Onur Küçük 0ae574007d add common method to force utf8 and force oauth properties to be utf8 2015-05-03 00:43:46 +03:00
Valery Sizov bf8b874117 fix system silent call 2014-11-06 13:07:42 +02:00
Valery Sizov d1b489e048 Revert "Revert "Don't output to stdout from lib non-interactive methods"" 
This reverts commit b33d4bc2f1.
 2014-11-06 13:07:16 +02:00
Valery Sizov b33d4bc2f1 Revert "Don't output to stdout from lib non-interactive methods" 
This reverts commit 0b1084a453.
 2014-11-06 11:58:00 +02:00
Ciro Santilli 0b1084a453 Don't output to stdout from lib non-interactive methods 
It pollutes the test output too much.
 2014-11-05 12:35:33 +01:00