Commits · v17.1.1-jh · gitlab-cn / Gitlab Backup

Jun 27, 2024
- Update VERSION files · 07bda085
  JiHu Release Tools Bot authored 1 year ago
```
[merge-train skip]
```
  v17.1.1-jh
  
  07bda085
- Update changelog for 17.1.1 · 1834b2e8
  JiHu Release Tools Bot authored 1 year ago
```
[ci skip]
```
  1834b2e8
- Merge branch '17-1-stable-jh-patch-1' into '17-1-stable-jh' · 32518397
  Qian Zhang authored 1 year ago
```
Prepare 17.1.1 release for gitlab-jh

See merge request gitlab-cn/gitlab!2553
```
  32518397
- Add tag "memory-intensive" for jobs: · 64dd99b3
  路小鹿 authored 1 year ago
```
rspec-ee unit predictive
```
  64dd99b3
- Revert "Add tag "memory-intensive" for jobs:" · b3561616
  路小鹿 authored 1 year ago
```
This reverts commit 6b3f276d.
```
  b3561616
- Add tag "memory-intensive" for jobs: · 6b3f276d
  路小鹿 authored 1 year ago
```
rspec-ee unit predictive
```
  6b3f276d
Jun 26, 2024
- Update jh graphql doc · 403efa4e
  Chao Mao authored 1 year ago
  
  403efa4e
- Merge tag 'v17.1.1-ee' into 17-1-stable-jh-patch-1 · 54feb1f2
  RELEASE_BOT_PRODUCTION_TOKEN authored 1 year ago
  
  54feb1f2
Jun 25, 2024

Update VERSION files · d0ac56e0
GitLab Release Tools Bot authored 1 year ago
```
[merge-train skip]
```
v17.1.1-ee

d0ac56e0
Update changelog for 17.1.1 · 8abaadf2
GitLab Release Tools Bot authored 1 year ago
```
[ci skip]
```
8abaadf2
Update managed components version to 17.1.1 · 4ab68957
GitLab Release Tools Bot authored 1 year ago
```
[ci skip]
```
4ab68957

Merge branch 'sh-fix-mailroom-startup-17-1' into '17-1-stable-ee' · 5bb7ee34

Stan Hu authored 1 year ago

Fix MailRoom not loading in Omnibus

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/157347



Merged-by: Stan Hu <stanhu@gmail.com>
Approved-by: Mario Celi <mcelicalderon@gitlab.com>

5bb7ee34

Merge branch 'security-banzai-pipeline-17-1' into '17-1-stable-ee' · 5ac983da

Jenny Kim authored 1 year ago

Security fixes for banzai pipeline

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4184



Merged-by: Jenny Kim <yjeankim@gitlab.com>
Approved-by: Jerry Seto <jseto@gitlab.com>
Co-authored-by: Brett Walker <bwalker@gitlab.com>

5ac983da

Security fixes for banzai pipeline · bb484256

Brett Walker authored 1 year ago

Merge branch 'security-banzai-pipeline-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4184

Changelog: security

bb484256

Merge branch 'security-1112-redos-openapi' into '17-1-stable-ee' · 9b41a2c5

Jenny Kim authored 1 year ago

Fix the catastrophic backtracking in openapi regex

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4135



Merged-by: Jenny Kim <yjeankim@gitlab.com>
Approved-by: Dmitry Gruzd <dgruzd@gitlab.com>
Co-authored-by: rkumar555 <rkumar@gitlab.com>

9b41a2c5

Fix the catastrophic backtracking in openapi regex · d9f51d83

Ravi Kumar authored 1 year ago

Merge branch 'security-1112-redos-openapi' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4135

Changelog: security

d9f51d83

Merge branch 'security-introspection-query-multiplex-fix-17-1' into '17-1-stable-ee' · 3390dbe8

GitLab Release Tools Bot authored 1 year ago

Use permitted_params for standalone and multiplex queries

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4173

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Heinrich Lee Yu <heinrich@gitlab.com>
Co-authored-by: Roy Zwambag <rzwambag@gitlab.com>

3390dbe8

Use permitted_params for standalone and multiplex queries · 62475855

Roy Zwambag authored 1 year ago

Merge branch 'security-introspection-query-multiplex-fix-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4173

Changelog: security

62475855

Merge branch 'security-security_deny_access_to_private_artifacts-17-1' into '17-1-stable-ee' · 6bce3e04

GitLab Release Tools Bot authored 1 year ago

Fix for Private job artifacts can be accessed by any user

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4194

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Max Orefice <morefice@gitlab.com>
Co-authored-by: Shabini Rajadas <srajadas@gitlab.com>

6bce3e04

Fix for Private job artifacts can be accessed by any user · 4c5ac043

Shabini Rajadas authored 1 year ago

Merge branch 'security-security_deny_access_to_private_artifacts-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4194

Changelog: security

4c5ac043

Merge branch 'security-zoekt-omit-private-repos-from-public-projects-17-1' into '17-1-stable-ee' · 01c22328

GitLab Release Tools Bot authored 1 year ago

Remove search results from public projects with unauthorized repos

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4210

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Dmitry Gruzd <dgruzd@gitlab.com>
Co-authored-by: John Mason <jmason@gitlab.com>

01c22328

Remove search results from public projects with unauthorized repos · 74bebdd2

Ravi Kumar authored 1 year ago

Merge branch 'security-zoekt-omit-private-repos-from-public-projects-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4210

Changelog: security

74bebdd2

Merge branch 'security-retarget-no-pipeline-squash-17-1' into '17-1-stable-ee' · 017a9ba1

GitLab Release Tools Bot authored 1 year ago

Do not run a new pipeline on re-target

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4187



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Sashi Kumar Kumaresan <skumar@gitlab.com>
Approved-by: Dylan Griffith <dyl.griffith@gmail.com>
Approved-by: Payton Burdette <pburdette@gitlab.com>
Co-authored-by: Patrick Bajao <ebajao@gitlab.com>

017a9ba1

Do not run a new pipeline on re-target · 0a90eb06

Patrick Bajao authored 1 year ago

Merge branch 'security-retarget-no-pipeline-squash-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4187

Changelog: security

0a90eb06

Merge branch 'security-redos-autolink-filter-17-1' into '17-1-stable-ee' · 81b95689

GitLab Release Tools Bot authored 1 year ago

Add limits on autolinker regex

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4126



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Greg Alfaro <galfaro@gitlab.com>
Approved-by: Jessie Young <jessieyoung@gitlab.com>
Co-authored-by: Brett Walker <bwalker@gitlab.com>

81b95689

Add limits on autolinker regex · 4854ff9d

Brett Walker authored 1 year ago

Merge branch 'security-redos-autolink-filter-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4126

Changelog: security

4854ff9d

Merge branch 'security-security_clickjacking_authorize-17-1' into '17-1-stable-ee' · 2f8a2f3a

GitLab Release Tools Bot authored 1 year ago

Fix clickjacking on OAuth application page

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4186



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Imre Farkas <ifarkas@gitlab.com>
Co-authored-by: Aboobacker MK <akarakath@gitlab.com>

2f8a2f3a

Fix clickjacking on OAuth application page · 3620cdab

Smriti Garg authored 1 year ago

Merge branch 'security-security_clickjacking_authorize-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4186

Changelog: security

3620cdab

Merge branch 'security-ph/1122/hideBranchMergeRequest-17-1' into '17-1-stable-ee' · bb481612

GitLab Release Tools Bot authored 1 year ago

Hide branch merge request if merge requests are private

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4200

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Kushal Pandya <kushal@gitlab.com>
Co-authored-by: Phil Hughes <me@iamphill.com>

bb481612

Hide branch merge request if merge requests are private · 551999ae

Phil Hughes authored 1 year ago

Merge branch 'security-ph/1122/hideBranchMergeRequest-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4200

Changelog: security

551999ae

Merge branch... · af4bd166

GitLab Release Tools Bot authored 1 year ago

Merge branch 'security-ph/1121/removeCollapseLongCommitListFromDeprecatedNotes-17-1' into '17-1-stable-ee'

Remove collapseLongCommitList method

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4203

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Kushal Pandya <kushal@gitlab.com>
Co-authored-by: Phil Hughes <me@iamphill.com>

af4bd166

Remove collapseLongCommitList method · 35a86b9d

Phil Hughes authored 1 year ago

Merge branch 'security-ph/1121/removeCollapseLongCommitListFromDeprecatedNotes-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4203

Changelog: security

35a86b9d

Merge branch 'security-452548-sso-2-17-1' into '17-1-stable-ee' · acf41033

GitLab Release Tools Bot authored 1 year ago

Pass SSO session data to Sidekiq

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4197



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Gosia Ksionek <mksionek@gitlab.com>
Co-authored-by: Mark Chao <mchao@gitlab.com>

acf41033

Pass SSO session data to Sidekiq · 14359872

Mark Chao authored 1 year ago

Merge branch 'security-452548-sso-2-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4197

Changelog: security

14359872

Merge branch 'jj-457235-promote-quick-action-prevent-non-member-17-1' into '17-1-stable-ee' · 84b81c03

GitLab Release Tools Bot authored 1 year ago

Prevent non-members from using promote_to quick action for quick actions

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4190

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Javiera Tapia <jtapia@gitlab.com>
Co-authored-by: Joseph Wambua <jjoshua@gitlab.com>

84b81c03

Prevent non-members from using promote_to quick action for quick actions · ce44d723

Joseph Wambua authored 1 year ago

Merge branch 'jj-457235-promote-quick-action-prevent-non-member-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4190

Changelog: security

ce44d723

Merge branch 'security-464017-confidential-issue-17-1' into '17-1-stable-ee' · e5025019

GitLab Release Tools Bot authored 1 year ago

Reject deletion of security policy project approval rules

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4172



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Marc Saleiko <msaleiko@gitlab.com>
Approved-by: Jerry Seto <jseto@gitlab.com>
Reviewed-by: Marc Saleiko <msaleiko@gitlab.com>
Co-authored-by: Dominic Bauer <dbauer@gitlab.com>

e5025019

Reject deletion of security policy project approval rules · 92685593

Dominic Bauer authored 1 year ago

Merge branch 'security-464017-confidential-issue-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4172

Changelog: security

92685593

Merge branch 'security-method_call_regex-17-1' into '17-1-stable-ee' · bca7402b

GitLab Release Tools Bot authored 1 year ago

Mitigate ReDoS attacks via `method_call_regex`

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4174



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Terri Chu <tchu@gitlab.com>
Co-authored-by: Joe Woodward <j@joewoodward.me>

bca7402b

Mitigate ReDoS attacks via `method_call_regex` · 350aa934

Joe Woodward authored 1 year ago

Merge branch 'security-method_call_regex-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4174

Changelog: security

350aa934