Commits · d583a0b927dd91eee63ea44991f0e713e3722e3b · projects.thm.de / GitLab FOSS

Oct 11, 2019
- Remove 2FA from UI for CAS users · d583a0b9
  Daniel Gerhardt authored Apr 21, 2016 and Tom Käsler committed Oct 11, 2019
```
2FA could be enabled but still was not usedi on sign-in.
```
  d583a0b9
- Remove users' ability to remove their auth connections · 1a54d347
  Daniel Gerhardt authored Apr 21, 2016 and Tom Käsler committed Oct 11, 2019
  
  1a54d347
- Directly link sign in button on page headers with CAS login · 2ff52a21
  Daniel Gerhardt authored Jun 15, 2015 and Tom Käsler committed Oct 11, 2019
```
The following formerly separate commits have been merged in:

* Adjust 'Sign in' button for GitLab's CSRF protection

  GitLab introduced CSRF protection for authentication requests in
  571ba5a7. The 'Sign in' button has been
  adjusted to send a POST request.

* Opt out of turbolinks for 'Sign in' button
```
  2ff52a21
- Prevent group names of length < 5 when updating settings · 4ba95a01
  Daniel Gerhardt authored May 04, 2015 and Tom Käsler committed Oct 11, 2019
```
This restriction does not apply to admins.
```
  4ba95a01
- Forbid creation of groups with a path length < 5 · 26c2383c
  Daniel Gerhardt authored Apr 28, 2015 and Tom Käsler committed Oct 11, 2019
```
This restriction does not apply to admins.
```
  26c2383c
- Adjust version info shown in documentation · 53f57618
  Daniel Gerhardt authored Apr 15, 2015 and Tom Käsler committed Oct 11, 2019
  
  53f57618
- Remove promotional links from dashboard's sidebar · 5438a5eb
  Daniel Gerhardt authored Apr 15, 2015 and Tom Käsler committed Oct 11, 2019
  
  5438a5eb
- Change example URLs and info for repository import · c7eeacd4
  Daniel Gerhardt authored Apr 15, 2015 and Tom Käsler committed Oct 11, 2019
  
  c7eeacd4
- Always check visibility on correct project for clone panel · adf1aef7
  Daniel Gerhardt authored Aug 26, 2015 and Tom Käsler committed Oct 11, 2019
```
The project variable can hold an object which is not an instance of
Project (e.g. ProjectWiki). In this case, visibility_level is not
defined.
```
  adf1aef7
- Hide HTTPS clone button for non-public projects for CAS users · c411cf0c
  Daniel Gerhardt authored Apr 15, 2015 and Tom Käsler committed Oct 11, 2019
```
Additionally, the prompt to set a password is no longer shown for CAS
users.
```
  c411cf0c
- Disable project import via Oauth providers · 5dd5a9c9
  Daniel Gerhardt authored Apr 15, 2015 and Tom Käsler committed Oct 11, 2019
  
  5dd5a9c9
- Disable Oauth application settings for end users · 452973c9
  Daniel Gerhardt authored Apr 14, 2015 and Tom Käsler committed Oct 11, 2019
  
  452973c9
- Forbid password changing for CAS users · 67a39854
  Daniel Gerhardt authored Apr 14, 2015 and Tom Käsler committed Oct 11, 2019
  
  67a39854
- Add CAS specifc methods to user model · 0cd0ea3f
  Daniel Gerhardt authored Apr 14, 2015 and Tom Käsler committed Oct 11, 2019
  
  0cd0ea3f
- Forbid paths matching the pattern of THM usernames · 59dead44
  Daniel Gerhardt authored Apr 14, 2015 and Tom Käsler committed Oct 11, 2019
  
  59dead44
- Use UID instead of e-mail address as username · 04ffe639
  Daniel Gerhardt authored Apr 14, 2015 and Tom Käsler committed Oct 11, 2019
  
  04ffe639
Oct 07, 2019
- Update VERSION to 12.2.8 · f47a1712
  GitLab Release Tools Bot authored Oct 07, 2019
  
  f47a1712
- Update CHANGELOG.md for 12.2.8 · 22d18024
  GitLab Release Tools Bot authored Oct 07, 2019
```
[ci skip]
```
  22d18024
Oct 02, 2019
- Merge remote-tracking branch 'dev/12-2-stable' into 12-2-stable · 21374af2
  GitLab Release Tools Bot authored Oct 02, 2019
  
  21374af2
Oct 01, 2019
- Update VERSION to 12.2.7 · 8a527e4b
  GitLab Release Tools Bot authored Oct 01, 2019
  
  8a527e4b
- Update CHANGELOG.md for 12.2.7 · bd3c1d5f
  GitLab Release Tools Bot authored Oct 01, 2019
```
[ci skip]
```
  bd3c1d5f
- Merge branch 'security-29491-12-2-ce' into '12-2-stable' · ec1d874e
  Marin Jankovski authored Oct 01, 2019
```
Fix private feature Elasticsearch leak

See merge request gitlab/gitlabhq!3451
```
  ec1d874e
- EE port: Fix private feature Elasticsearch leak · b9c5d6db
  Mark Chao authored Sep 16, 2019
```
Add spec to test different combinations.
Accept string for required_minimum_access_level
Allow more flexible project membership query
```
  b9c5d6db
Sep 30, 2019

Merge branch 'fix_expired_gpg_key_specs' into 'master' · 74a9fe35

Stan Hu authored Sep 29, 2019

Fix broken specs : Generate new GPG key in place of expired one

Closes #32956

See merge request gitlab-org/gitlab!17853

74a9fe35

Sep 27, 2019
- Update VERSION to 12.2.6 · dd7ffbdd
  GitLab Release Tools Bot authored Sep 26, 2019
  
  dd7ffbdd
- Update CHANGELOG.md for 12.2.6 · 1125a889
  GitLab Release Tools Bot authored Sep 26, 2019
```
[ci skip]
```
  1125a889
Sep 26, 2019
- Merge branch 'security-gitaly-1-59-3' into '12-2-stable' · e6e7d935
  GitLab Release Tools Bot authored Sep 26, 2019
```
Fix Gitaly SearchBlobs flag RPC injection [Gitaly v1.59.3]

See merge request gitlab/gitlabhq!3434
```
  e6e7d935
- Merge branch 'security-sarcila-verify-saml-request-origin-12-2' into '12-2-stable' · ce0e54f3
  GitLab Release Tools Bot authored Sep 26, 2019
```
Check that SAML identity linking validates the origin of the request

See merge request gitlab/gitlabhq!3377
```
  ce0e54f3
- Merge branch... · 565e9b22
  GitLab Release Tools Bot authored Sep 26, 2019
```
Merge branch 'security-12717-fix-confidential-issue-assignee-visible-to-guests-12-2' into '12-2-stable'

Display only participants that user has permission to see

See merge request gitlab/gitlabhq!3402
```
  565e9b22
- Merge branch 'security-bypass-email-verification-using-salesforce-12-2' into '12-2-stable' · f1de42f5
  GitLab Release Tools Bot authored Sep 26, 2019
```
Prevent Bypassing Email Verification using Salesforce

See merge request gitlab/gitlabhq!3406
```
  f1de42f5
- Merge branch 'security-mermaid-block-12-2' into '12-2-stable' · 4ae8923b
  GitLab Release Tools Bot authored Sep 26, 2019
```
Only render fixed number of mermaid blocks

See merge request gitlab/gitlabhq!3412
```
  4ae8923b
- Merge branch 'security-12718-project-milestones-disclosed-via-groups-12-2-ce' into '12-2-stable' · 225a4821
  GitLab Release Tools Bot authored Sep 26, 2019
```
Hide disabled project milestones in project settings on group level

See merge request gitlab/gitlabhq!3415
```
  225a4821
- Merge branch 'security-64938-dont-disclose-path-12-2-ce' into '12-2-stable' · bd94dfe3
  GitLab Release Tools Bot authored Sep 26, 2019
```
Redirect user to root path after unsubscribing from private resource

See merge request gitlab/gitlabhq!3417
```
  bd94dfe3
- Merge branch 'security-12630-private-system-note-disclosed-in-graphql-12-2-ce' into '12-2-stable' · fccaf914
  GitLab Release Tools Bot authored Sep 26, 2019
```
Add policy check if cross reference system notes are accessible

See merge request gitlab/gitlabhq!3427
```
  fccaf914
- Merge branch 'security-fp-stop-jobs-when-blocking-user-12-2' into '12-2-stable' · fb9cf61f
  GitLab Release Tools Bot authored Sep 26, 2019
```
Cancel all running CI jobs when user is blocked

See merge request gitlab/gitlabhq!3437
```
  fb9cf61f
- Merge branch 'security-cross-reference-fix-ce-12-2' into '12-2-stable' · bbab7b62
  GitLab Release Tools Bot authored Sep 26, 2019
```
Filter not accessible label events

See merge request gitlab/gitlabhq!3441
```
  bbab7b62
Sep 25, 2019
- Hide disabled project milestones in project settings on group level · abc34af5
  Alexandru Croitor authored Sep 13, 2019
  
  abc34af5
- Add policy check if cross reference system notes are accessible · b06a0923
  Alexandru Croitor authored Sep 18, 2019
  
  b06a0923
Sep 24, 2019
- Fix Gitaly SearchBlobs flag RPC injection · 980868a4
  Paul Okstad authored Sep 23, 2019
  
  980868a4
- Merge branch 'ss/fix-sast-failure-on-master-ee' into 'master' · 4be19d5f
  Kushal Pandya authored Sep 02, 2019
```
Add argument to catch

See merge request gitlab-org/gitlab-ee!15911
```
  4be19d5f

Admin message