- Jan 24, 2019
-
-
Yorick Peterse authored
[11.4/EE] Bump Rails version to 4.2.11 See merge request gitlab/gitlab-ee!768 (cherry picked from commit 9e1823e3c6deaed25a0048b37ff982bc3f25edc1) db3d7359 Bump Ruby on Rails to 4.2.11
-
- Jan 15, 2019
-
-
GitLab Release Tools Bot authored
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
Yorick Peterse authored
[11.4] Validate bundle files before unpacking them See merge request gitlab/gitlabhq!2776 (cherry picked from commit 6176b02aa6577079986410719884bd253dc5e7be) e5e5e77e Validate bundle files before unpacking them
-
- Jan 10, 2019
-
-
Marin Jankovski authored
Stop using deprecated argument to `gem` See merge request gitlab-org/gitlab-ce!24079
-
- Dec 28, 2018
-
-
GitLab Release Tools Bot authored
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
Stan Hu authored
CI/CD group settings can now only be modified by owners per https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2750/diffs.
-
- Dec 27, 2018
-
-
Stan Hu authored
Now that users must be able to read the project to access an issue, this spec needed to be updated to grant the user sufficient access to close issues.
-
Stan Hu authored
A merge request can only be created if its project and branches are valid. `feature-branch` did not actually exist in the test repo, so use `feature` instead.
-
John Jarvis authored
-
John Jarvis authored
-
John Jarvis authored
[11.4] Resolve "Removing a user from a private group doesn't remove them from group's project, if their project's role was changed" See merge request gitlab/gitlabhq!2714
-
John Jarvis authored
-
James Lopez authored
# Conflicts: # app/services/members/destroy_service.rb
-
John Jarvis authored
-
John Jarvis authored
-
John Jarvis authored
[11.4] Group Ex-Maintainer Could maintain Access to Project's Source Code/Jobs/Pipelines/Artifacts if it had Shared Group Runner Configured See merge request gitlab/gitlabhq!2752
-
John Jarvis authored
-
John Jarvis authored
-
John Jarvis authored
-
Clement Ho authored
Disable docs lint internal_links check Closes #55038 See merge request gitlab-org/gitlab-ce!23665
-
Clement Ho authored
Disable docs lint internal_links check Closes #55038 See merge request gitlab-org/gitlab-ce!23665
-
John Jarvis authored
[11.4] Secret CI variables can exposed by creating a tag with the same name as an existing protected branch See merge request gitlab/gitlabhq!2683
-
John Jarvis authored
Merge branch 'security-11-4-53543-user-keeps-access-to-mr-issue-when-removed-from-team' into 'security-11-4' [11.4] Adds validation to check if user can read project See merge request gitlab/gitlabhq!2680
-
John Jarvis authored
[11.4] Project guests no longer are able to see refs page See merge request gitlab/gitlabhq!2688
-
John Jarvis authored
[11.4] SSRF in project imports with LFS See merge request gitlab/gitlabhq!2727
-
John Jarvis authored
[11.4] Stored XSS in latest IE See merge request gitlab/gitlabhq!2674
-
Francisco Javier López authored
-
John Jarvis authored
[11.4] Escape html entities when no label found See merge request gitlab/gitlabhq!2749
-
John Jarvis authored
[11.4] Guest users have access to all Job information via the API See merge request gitlab/gitlabhq!2746
-
John Jarvis authored
[11.4/EE]: Ensure that build token is always running See merge request gitlab/gitlab-ee!744
-
John Jarvis authored
[11.4] Ensure that build token is always running See merge request gitlab/gitlabhq!2663
-
John Jarvis authored
[11.4] SSRF - Scan Internal Ports and GCP/AWS endpoints See merge request gitlab/gitlabhq!2710
-
Francisco Javier López authored
-
- Dec 26, 2018
-
-
John Jarvis authored
[11.4] Escape label and milestone titles to prevent XSS in GFM autocomplete See merge request gitlab/gitlabhq!2742
-
John Jarvis authored
[11.4] Add a shared secret to prevent abuse of the alert endpoint See merge request gitlab/gitlab-ee!742
-
Reuben Pereira authored
-