1. 05 Dec, 2018 1 commit
    • Nick Thomas's avatar
      Use a 32-byte version of db_key_base for web hooks · 2f2b0ad3
      Nick Thomas authored
      AES-256-GCM cipher mode requires a key that is exactly 32 bytes long.
      We already handle the case when the key is too long, by truncating, but
      the key can also be too short in some installations. Switching to a key
      that is always exactly the right length (by virtue of right-padding
      ASCII 0 characters) allows encryption to proceed, without breaking
      backward compatibility.
      
      When the key is too short, encryption fails with an `ArgumentError`,
      causing the web hooks functionality to be unusable. As a result, zero
      rows can exist with values encrypted with the too-short key.
      
      When the key is too long, it is silently truncated. In this case, the
      key is unchanged, so values encrypted with the new too-long key will
      still be successfully decrypted.
      2f2b0ad3
  2. 15 Nov, 2018 1 commit
    • Yorick Peterse's avatar
      Backport ServiceHook#execute from EE · 4ee8bd11
      Yorick Peterse authored
      In EE this method takes an additional argument that specifies the name
      of the hook to trigger. There is no particular reason to not backport
      this to CE, since by default the behaviour remains the same. By
      backporting this code we remove the need for prepending ServiceHook with
      a module in EE.
      4ee8bd11
  3. 09 Oct, 2018 1 commit
  4. 01 Oct, 2018 1 commit
  5. 11 Sep, 2018 2 commits
  6. 13 Aug, 2018 2 commits
  7. 07 Aug, 2018 1 commit
  8. 03 Jul, 2018 1 commit
    • Yorick Peterse's avatar
      Fixed pagination of web hook logs · f3008907
      Yorick Peterse authored
      For reasons unknown, the logs of a web hook were paginated in memory.
      This would result in the "Edit" page of a web hook timing out once it
      has more than a few thousand log entries.
      
      This commit makes the following changes:
      
      1. We use LIMIT/OFFSET to paginate the data, instead of doing this in
         memory.
      
      2. We limit the logs to the last two days, just like the documentation
         says (instead of retrieving everything).
      
      3. We change the indexes on "web_hook_logs" so the query to get the data
         can perform a backwards index scan, without the need for a Filter.
      
      These changes combined ensure that Projects::HooksController#edit no
      longer times out.
      f3008907
  9. 01 Jun, 2018 1 commit
  10. 05 Apr, 2018 1 commit
  11. 17 Jan, 2018 3 commits
  12. 04 Jan, 2018 1 commit
  13. 20 Jul, 2017 1 commit
  14. 06 Jul, 2017 2 commits
    • Yorick Peterse's avatar
      Rename ActiverecordSerialize cop · e1a3bf30
      Yorick Peterse authored
      This cop has been renamed to ActiveRecordSerialize to match the way
      "ActiveRecord" is usually written.
      e1a3bf30
    • Yorick Peterse's avatar
      Added Cop to blacklist the use of `dependent:` · 8fbbf41e
      Yorick Peterse authored
      This is allowed for existing instances so we don't end up 76 offenses
      right away, but for new code one should _only_ use this if they _have_
      to remove non database data. Even then it's usually better to do this in
      a service class as this gives you more control over how to remove the
      data (e.g. in bulk).
      8fbbf41e
  15. 31 May, 2017 1 commit
  16. 25 May, 2017 1 commit
    • Alexander Randa's avatar
      Implement web hooks logging · 330789c2
      Alexander Randa authored
      * implemented logging of project and system web hooks
      * implemented UI for user area (project hooks)
      * implemented UI for admin area (system hooks)
      * implemented retry of logged webhook
      * NOT imeplemented log remover
      330789c2
  17. 16 May, 2017 1 commit
  18. 15 May, 2017 2 commits
  19. 13 May, 2017 2 commits
  20. 10 May, 2017 1 commit
  21. 31 Aug, 2016 2 commits
  22. 02 Aug, 2016 1 commit
  23. 29 Jul, 2016 1 commit
  24. 03 Jun, 2016 2 commits
  25. 10 May, 2016 1 commit
    • Jacob Vosmaer's avatar
      Remove extra sanitization · ebf80db3
      Jacob Vosmaer authored
      Robert Speicher and I believe this string gets sanitized further down
      the stack anyway. Doing this in a model class feels wrong.
      ebf80db3
  26. 09 May, 2016 1 commit
  27. 06 May, 2016 2 commits
  28. 03 May, 2016 1 commit
  29. 30 Apr, 2016 1 commit
  30. 20 Apr, 2016 1 commit