root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
gitlab-ce/app
History
Jacob Vosmaer (GitLab) b7e6da5a4b Merge branch 'gitlab-workhorse-safeties' into 'master' 
Security and safety improvements for gitlab-workhorse integration

Companion to https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/60

- Use a custom content type when sending data to gitlab-workhorse
- Verify (using JWT and a shared secret on disk) that internal API requests came from gitlab-workhorse

This will allow us to build features in gitlab-workhorse that require
more trust, and protect us against programming mistakes in the future.

This is designed so that no action is required for installations from
source. For omnibus-gitlab we need to add code that manages the shared
secret.

See merge request !5907
 		2016-09-09 11:33:08 +00:00
..
assets Merge branch 'support-long-branch-namers' into 'master' 2016-09-08 18:19:32 +00:00
controllers Merge branch 'gitlab-workhorse-safeties' into 'master' 2016-09-09 11:33:08 +00:00
finders Use PipelinesFinder in Pipelines API 2016-09-07 15:38:03 +02:00
helpers Merge branch 'gitlab-workhorse-safeties' into 'master' 2016-09-09 11:33:08 +00:00
mailers
models Merge branch 'smart-pipeline-duration' into 'master' 2016-09-08 17:38:20 +00:00
policies Project tools visibility level 2016-09-01 11:47:59 -03:00
services Refresh todos count cache when an Issue/MR is deleted 2016-09-08 15:50:07 -03:00
uploaders
validators
views Merge branch 'sidekiq-ps-parsing' into 'master' 2016-09-09 09:53:24 +00:00
workers Optimized event pruning query to avoid two queries. 2016-09-07 12:55:25 -07:00