Commits · 7db49da77b9e02de81f3d8a8a538fdae5a803923 · projects.thm.de / GitLab

04 Apr, 2019 2 commits
- Forbid paths matching the pattern of THM usernames · 7db49da7
  Daniel Gerhardt authored Apr 14, 2015
  
  7db49da7
- Use UID instead of e-mail address as username · 95c2e8f6
  Daniel Gerhardt authored Apr 14, 2015
  
  95c2e8f6
28 Mar, 2019 5 commits
- Update VERSION to 11.7.10 · f788a1e0
  GitLab Release Tools Bot authored Mar 28, 2019
  
  f788a1e0
- Update CHANGELOG.md for 11.7.10 · 88ca603d
  GitLab Release Tools Bot authored Mar 28, 2019
```
[ci skip]
```
  88ca603d
- Revert "Update CHANGELOG.md for 11.7.9" · 08586325
  Robert Speicher authored Mar 28, 2019
```
This reverts commit 136cc132.
```
  08586325
- Merge branch 'security-exif-fix-orientation-11-7' into '11-7-stable' · be9e4975
  GitLab Release Tools Bot authored Mar 28, 2019
```
Preserve Orientation when removing EXIF

See merge request gitlab/gitlabhq!3045
```
  be9e4975
- Preserve Orientation when removing EXIF · db7b5f41
  Jan Provaznik authored Mar 28, 2019
  
  db7b5f41
27 Mar, 2019 4 commits
- Update VERSION to 11.7.9 · 8d2c6f01
  GitLab Release Tools Bot authored Mar 27, 2019
  
  8d2c6f01
- Update CHANGELOG.md for 11.7.9 · 136cc132
  GitLab Release Tools Bot authored Mar 27, 2019
```
[ci skip]
```
  136cc132
- Revert "Update CHANGELOG.md for 11.7.8" · b3ae33a2
  Robert Speicher authored Mar 27, 2019
```
This reverts commit eccc8f05.
```
  b3ae33a2
- Merge branch '11-7-stable' of dev.gitlab.org:gitlab/gitlabhq into 11-7-stable · 74ad0c51
  Robert Speicher authored Mar 27, 2019
  
  74ad0c51
26 Mar, 2019 12 commits
- Update VERSION to 11.7.8 · 5789fdca
  GitLab Release Tools Bot authored Mar 26, 2019
  
  5789fdca
- Update CHANGELOG.md for 11.7.8 · eccc8f05
  GitLab Release Tools Bot authored Mar 26, 2019
```
[ci skip]
```
  eccc8f05
- Merge branch 'security-55503-fix-pdf-js-11-7' into '11-7-stable' · e0a40301
  Yorick Peterse authored Mar 26, 2019
```
Fix PDF.js vulnerability

See merge request gitlab/gitlabhq!3026
```
  e0a40301
- Merge branch 'security-mass-assignment-on-project-update-11-7' into '11-7-stable' · 9426a45f
  Yorick Peterse authored Mar 26, 2019
```
Disallow changing namespace of a project in update method

See merge request gitlab/gitlabhq!3031
```
  9426a45f
- Merge branch 'security-milestone-labels-11-7' into '11-7-stable' · 8ab12f76
  GitLab Release Tools Bot authored Mar 26, 2019
```
Check label_ids parent when updating issue board

See merge request gitlab/gitlabhq!3037
```
  8ab12f76
- Merge branch 'security-use-untrusted-regexp-11-7' into '11-7-stable' · 915ab7e4
  GitLab Release Tools Bot authored Mar 26, 2019
```
Use UntrustedRegexp for CI refs matching

See merge request gitlab/gitlabhq!3008
```
  915ab7e4
- Merge branch 'security-exif-migration-11-7' into '11-7-stable' · 7dbabf74
  GitLab Release Tools Bot authored Mar 26, 2019
```
Rake task for removing exif from uploads

See merge request gitlab/gitlabhq!3012
```
  7dbabf74
- Merge branch 'security-2819-xss-resolve-conflicts-branch-name-11-7' into '11-7-stable' · 5db323b2
  GitLab Release Tools Bot authored Mar 26, 2019
```
Fix XSS in resolve conflicts form

See merge request gitlab/gitlabhq!2988
```
  5db323b2
- Merge branch 'security-56224-11-7' into '11-7-stable' · f6474895
  GitLab Release Tools Bot authored Mar 26, 2019
```
Fix related branches visible in issues for guests

See merge request gitlab/gitlabhq!3020
```
  f6474895
- Merge branch 'security-disallow-guests-to-access-releases-11-7' into '11-7-stable' · 90578991
  GitLab Release Tools Bot authored Mar 26, 2019
```
Disallow guest users from accessing Releases

See merge request gitlab/gitlabhq!3044
```
  90578991
- Disallow guest users from accessing Releases · 535761c9
  Shinya Maeda authored Mar 22, 2019
```
As they do not have a permission to read git tag
```
  535761c9
- Refactor specs according to the code review · e70564ff
  Małgorzata Ksionek authored Mar 26, 2019
  
  e70564ff
25 Mar, 2019 3 commits
- Rake task for removing exif from uploads · bbc9fde9
  Jan Provaznik authored Jan 30, 2019
```
Adds a rake task which can be used for removing EXIF
data from existing uploads.
```
  bbc9fde9
- Add cr remarks · 8e281c9e
  Małgorzata Ksionek authored Mar 25, 2019
  
  8e281c9e
- Check if labels are available for target issuable · 392650e3
  Jarka Košanová authored Feb 12, 2019
```
- labels have to be in the same project/group
as an issuable
```
  392650e3
21 Mar, 2019 1 commit
- Disallow changing namespace of a project in update method · 41af40d4
  Małgorzata Ksionek authored Mar 20, 2019
  
  41af40d4
20 Mar, 2019 2 commits
- Updated PDF.js to 2.0.943 · 6582c653
  Natalia Tepluhina authored Mar 20, 2019
```
fix: changed PDFJS prop to GlobalWorkerOptions

Fixed pdf tests

Added changelog entry
```
  6582c653
- Hide related branches when user does not have permission · 53e34ced
  Mark Chao authored Mar 11, 2019
```
Guest user of a project should not see branches
```
  53e34ced
19 Mar, 2019 3 commits
- Update VERSION to 11.7.7 · 9d826aed
  GitLab Release Tools Bot authored Mar 19, 2019
  
  9d826aed
- Update CHANGELOG.md for 11.7.7 · 772c302c
  GitLab Release Tools Bot authored Mar 19, 2019
```
[ci skip]
```
  772c302c
- Merge branch 'security-11-7-2826-fix-project-serialization-in-quick-actions' into '11-7-stable' · 794e4471
  Yorick Peterse authored Mar 19, 2019
```
Fix project serialization in quick actions response

See merge request gitlab/gitlabhq!3017
```
  794e4471
18 Mar, 2019 1 commit

Only return `commands_changes` used in frontend · ac76ec79

Heinrich Lee Yu authored Mar 15, 2019

When executing quick actions, this limits the `commands_changes`
response to only those used by the frontend

ac76ec79

15 Mar, 2019 1 commit

Make CI refs matching to to use UntrustedRegexp · 0b6dc415

Kamil Trzciński authored Feb 25, 2019

This makes ref validation to use always `UntrustedRegexp`.
This also splits the existing RubySyntax into separate
class.

0b6dc415

05 Mar, 2019 1 commit

Fix XSS in resolve conflicts form · ad7d7bed

Paul Slaughter authored Feb 26, 2019

The issue arose when the branch name contained Vue template
JavaScript. The fix is to use `v-pre` which disables Vue
compilation in a template.

ad7d7bed

04 Mar, 2019 1 commit
- Merge branch 'security-shared-project-private-group-11-7' into '11-7-stable' · 68df5737
  Yorick Peterse authored Mar 04, 2019
```
Sharing a public project with a private group makes the group page publicly accessible

See merge request gitlab/gitlabhq!2985
```
  68df5737
28 Feb, 2019 3 commits
- Secure vulerability and add specs · 97b595d4
  Małgorzata Ksionek authored Feb 11, 2019
  
  97b595d4
- Update VERSION to 11.7.6 · bcd4e1f5
  GitLab Release Tools Bot authored Feb 28, 2019
  
  bcd4e1f5
- Update CHANGELOG.md for 11.7.6 · 75da2f5e
  GitLab Release Tools Bot authored Feb 28, 2019
```
[ci skip]
```
  75da2f5e
27 Feb, 2019 1 commit
- Merge branch '11-7-security-2774-milestones-detail' into '11-7-stable' · a94c8852
  Robert Speicher authored Feb 27, 2019
```
Display only information visible to current user on Milestone detail

See merge request gitlab/gitlabhq!2918
```
  a94c8852