Commits · v15.8.6-jh · gitlab-cn / Gitlab

This project is mirrored from https://jihulab.com/gitlab-cn/gitlab.git. Pull mirroring updated 15 minutes ago.

Apr 19, 2023
- Merge branch '15-8-stable-jh-patch-6' into '15-8-stable-jh' · 6ff8d7ad
  Wenju Liu authored 2 years ago
```
Prepare 15.8.6 release for gitlab-jh

See merge request gitlab-cn/gitlab!1561
```
  v15.8.6-jh
  
  6ff8d7ad
- Update VERSION files · f409b196
  JiHu Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
  f409b196
- Update changelog for 15.8.6 · af28fa76
  JiHu Release Tools Bot authored 2 years ago
```
[ci skip]
```
  af28fa76
Apr 18, 2023
- Merge tag 'v15.8.6-ee' into 15-8-stable-jh-patch-6 · 32edc2c1
  RELEASE_BOT_PRODUCTION_TOKEN authored 2 years ago
  
  32edc2c1
- Update VERSION files · db102d6a
  GitLab Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
  v15.8.6-ee
  
  db102d6a
- Update changelog for 15.8.6 · 092fae30
  GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
  092fae30
- Update managed components version to 15.8.6 · 0f02a8d0
  GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
  0f02a8d0
Apr 14, 2023

Merge branch 'sh-fix-auto-retry-builds-15-8' into '15-8-stable-ee' · d83bf72c

Mayra Cabrera authored 2 years ago

[15.8] Fix automatically-retried jobs stuck in pending state

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/117283



Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Mark Lapierre <mlapierre@gitlab.com>
Co-authored-by: Stan Hu <stanhu@gmail.com>

d83bf72c

Apr 11, 2023

Fix automatically-retried jobs stuck in pending state · 6db2bf65

Stan Hu authored 2 years ago

This fixes an issue where concurrent runners would not pick up retried
builds due to the runner tick value not being invalidated.

Previously when a job failed, `Ci::RetryJobService` would clone the
failed job, add its own `after_commit` hooks, and immediately attempt
to start the pipeline. However, starting a pipeline loads its own
instances of `Ci::Build`, and for builds that are updated, the state
changes add their own `after_commit` hooks.

For a given transaction, Rails only runs one `after_commit` hook for a
specific model (see https://github.com/rails/rails/pull/45280), so the
`after_commit` hooks performed when starting the build would be
discarded. As a result, `BuildQueueWorker` was never executed for the
build, causing the runner tick value to be left in a stale
state. Other `run_after_commit` blocks were not executed as well, such
as build hooks.

To avoid this double `after_commit` business, move the starting of the
pipeline into the `run_...

6db2bf65

Merge branch 'sh-quarantine-tests-15-8' into '15-8-stable-ee' · 18ff4d59

Mayra Cabrera authored 2 years ago

[15.8] Quarantine flaky test in spec/features/callouts/registration_enabled_spec.rb

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/117304



Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Nao Hashizume <nhashizume@gitlab.com>
Approved-by: Jennifer Li <jli@gitlab.com>
Co-authored-by: Stan Hu <stanhu@gmail.com>

18ff4d59

Quarantine flaky test in registration_enabled_spec.rb · 4b08ef33

Stan Hu authored 2 years ago

This backports a single change from
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/111605 for
the 15-8-stable-ee branch.

4b08ef33

Mar 31, 2023
- Update VERSION files · 8016edf1
  JiHu Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
  v15.8.5-jh
  
  8016edf1
- Update changelog for 15.8.5 · 576af07b
  JiHu Release Tools Bot authored 2 years ago
```
[ci skip]
```
  576af07b
- Merge branch '15-8-stable-jh-patch-5' into '15-8-stable-jh' · f7da568f
  Wenju Liu authored 2 years ago
```
Prepare 15.8.5 release for gitlab-jh

See merge request gitlab-cn/gitlab!1517
```
  f7da568f
Mar 30, 2023
- Merge branch 'skip-danger-local-for-patch-release-mr' into 'main-jh' · cac0862d
  Wenju Liu authored 2 years ago and JiHu Release Tools Bot committed 2 years ago
```
Skip danger-local for patch release prepare mr

See merge request gitlab-cn/gitlab!1445

(cherry picked from commit 50481bbe)

43531c62 Skip danger-local for patch release prepare mr
```
  cac0862d
- Merge tag 'v15.8.5-ee' into 15-8-stable-jh-patch-5 · 1a26696e
  RELEASE_BOT_PRODUCTION_TOKEN authored 2 years ago
  
  1a26696e
- Merge remote-tracking branch 'dev/15-8-stable-ee' into 15-8-stable-ee · ceeae893
  GitLab Release Tools Bot authored 2 years ago
  
  ceeae893
- Update VERSION files · b46679ba
  GitLab Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
  v15.8.5-ee
  
  b46679ba
- Update changelog for 15.8.5 · 3af0d792
  GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
  3af0d792
- Update managed components version to 15.8.5 · a804a814
  GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
  a804a814
- Merge branch 'fix-rubocop-url-sanitizer-🤖' into '15-8-stable-ee' · 134aebee
  Vladimir Glafirov authored 2 years ago
```
Fix rubocop offenses in lib/gitlab/url_sanitizer.rb

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3175



Merged-by: Vladimir Glafirov <vglafirov@gitlab.com>
Approved-by: Sean McGivern <sean@gitlab.com>
Approved-by: Reuben Pereira <2967854-rpereira2@users.noreply.gitlab.com>
Co-authored-by: Alessio Caiazza <acaiazza@gitlab.com>
```
  134aebee
- Fix rubocop offenses in lib/gitlab/url_sanitizer.rb · ddc04cf7
  Alessio Caiazza authored 2 years ago
```
Merge branch 'fix-rubocop-url-sanitizer-🤖' into '15-8-stable-ee'

See merge request gitlab-org/security/gitlab!3175

Changelog: security
```
  ddc04cf7
Mar 29, 2023

Merge branch 'security-embed-remove-redirects-stable-15-8-ee' into '15-8-stable-ee' · 9c9dde65

Mayra Cabrera authored 2 years ago

Add checks to remove open redirects from Observability URL

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3032



Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Ottilia Westerlund <owesterlund@gitlab.com>
Co-authored-by: Ankit Panchal <apanchal@gitlab.com>

9c9dde65

Add checks to remove open redirects from Observability URL · a22ce385

Ankit Panchal authored 2 years ago

Merge branch 'security-embed-remove-redirects-stable-15-8-ee' into '15-8-stable-ee'

See merge request gitlab-org/security/gitlab!3032

Changelog: security

a22ce385

Merge branch 'security-388962-ambiguous-branch-name-tree-view-simple-15-8' into '15-8-stable-ee' · 2f041676

Mayra Cabrera authored 2 years ago

Redirect to tree from project root on ref collision

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3134



Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Vasilii Iakliushin <viakliushin@gitlab.com>
Co-authored-by: j.seto <jseto@gitlab.com>

2f041676

Redirect to tree from project root on ref collision · fad24ae9

Jerry Seto authored 2 years ago

Merge branch 'security-388962-ambiguous-branch-name-tree-view-simple-15-8' into '15-8-stable-ee'

See merge request gitlab-org/security/gitlab!3134

Changelog: security

fad24ae9

Merge branch 'security-fix-soft-email-confirmation-alert-15-8' into '15-8-stable-ee' · 0be67307

Mayra Cabrera authored 2 years ago

Fixes soft email confirmation alert vulnerability

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3125



Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Brian Williams <bwilliams@gitlab.com>
Co-authored-by: Jay Montal <jmontal@gitlab.com>

0be67307

Fixes soft email confirmation alert vulnerability · 85be0fbf

Jay Montal authored 2 years ago

Merge branch 'security-fix-soft-email-confirmation-alert-15-8' into '15-8-stable-ee'

See merge request gitlab-org/security/gitlab!3125

Changelog: security

85be0fbf

Merge branch 'security-pl-dos-prometheus-endpoint-15-8' into '15-8-stable-ee' · 57ba838d

GitLab Release Tools Bot authored 2 years ago

Restrict Prometheus API access on public projects

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3164

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Vitali Tatarintev <vtatarintev@gitlab.com>
Co-authored-by: Peter Leitzen <pleitzen@gitlab.com>

57ba838d

Restrict Prometheus API access on public projects · 2df2fa2d

Peter Leitzen authored 2 years ago

Merge branch 'security-pl-dos-prometheus-endpoint-15-8' into '15-8-stable-ee'

See merge request gitlab-org/security/gitlab!3164

Changelog: security

2df2fa2d

Merge branch 'security-fork-permission-15.10-15-8' into '15-8-stable-ee' · fcf3bb7a

GitLab Release Tools Bot authored 2 years ago

Verify that users have access to the parent of the fork

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3085

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Drew Blessing <drew@gitlab.com>
Co-authored-by: Vasilii Iakliushin <viakliushin@gitlab.com>

fcf3bb7a

Verify that users have access to the parent of the fork · 53f7f068

Vasilii Iakliushin authored 2 years ago

Merge branch 'security-fork-permission-15.10-15-8' into '15-8-stable-ee'

See merge request gitlab-org/security/gitlab!3085

Changelog: security

53f7f068

Merge branch 'security-391685-confidential-issue-15-8' into '15-8-stable-ee' · 042b2c2a

GitLab Release Tools Bot authored 2 years ago

Protect webhook secrets by resetting url_variables

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3141

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Vitali Tatarintev <vtatarintev@gitlab.com>
Co-authored-by: bmarjanovic <bmarjanovic@gitlab.com>

042b2c2a

Protect webhook secrets by resetting url_variables · 9fa9dbff

Bojan Marjanovic authored 2 years ago

Merge branch 'security-391685-confidential-issue-15-8' into '15-8-stable-ee'

See merge request gitlab-org/security/gitlab!3141

Changelog: security

9fa9dbff

Merge branch 'security-replace-unicode-space-characters-15-8' into '15-8-stable-ee' · 172247d1

GitLab Release Tools Bot authored 2 years ago

Replace Unicode space chars with spaces

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3137



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Robert May <rmay@gitlab.com>
Co-authored-by: Igor Drozdov <idrozdov@gitlab.com>

172247d1

Replace Unicode space chars with spaces · 20d77d4d

Igor Drozdov authored 2 years ago

Merge branch 'security-replace-unicode-space-characters-15-8' into '15-8-stable-ee'

See merge request gitlab-org/security/gitlab!3137

Changelog: security

20d77d4d

Merge branch 'security-fix-create-epic-with-parent-permissions-15-8' into '15-8-stable-ee' · 4094b875

GitLab Release Tools Bot authored 2 years ago

Check access to parent when creating and updating epics

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3150

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Kerri Miller <kerrizor@kerrizor.com>
Co-authored-by: Eugenia Grieff <egrieff@gitlab.com>

4094b875

Check access to parent when creating and updating epics · 0fed1137

Eugenia Grieff authored 2 years ago

Merge branch 'security-fix-create-epic-with-parent-permissions-15-8' into '15-8-stable-ee'

See merge request gitlab-org/security/gitlab!3150

Changelog: security

0fed1137

Merge branch 'security-url-sanitizer-15-8' into '15-8-stable-ee' · f895bfdb

GitLab Release Tools Bot authored 2 years ago

Improve Gitlab::UrlSanitizer regex to match more URIs

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3109



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Ethan Urie <eurie@gitlab.com>
Approved-by: Diogo Frazão <dfrazao@gitlab.com>
Co-authored-by: Joe Woodward <jwoodward@gitlab.com>

f895bfdb

Improve Gitlab::UrlSanitizer regex to match more URIs · 2285088f

Joe Woodward authored 2 years ago

Merge branch 'security-url-sanitizer-15-8' into '15-8-stable-ee'

See merge request gitlab-org/security/gitlab!3109

Changelog: security

2285088f