GitLab

[ci skip]

Prepare 11.10.6 release

See merge request gitlab-org/gitlab-ce!28991

Use a path for the related merge requests endpoint

Closes #61280

See merge request gitlab-org/gitlab-ce!28171

Use source ref in pipeline webhook

Closes #61553

See merge request gitlab-org/gitlab-ce!28772

(cherry picked from commit 2714f85c)

7e05f3b7 Use source ref for pipeline webhook

Fix height of input groups

Closes #61304, #61303, #59254, and #60778

See merge request gitlab-org/gitlab-ce!28495

(cherry picked from commit 52758b92)

360646ea Fix height of input groups

API: Fix recursive flag not working with Rugged get_tree_entries flag

Closes #61979

See merge request gitlab-org/gitlab-ce!28494

(cherry picked from commit d951f047)

c1827f1c API: Fix recursive flag not working with Rugged get_tree_entries flag

Fix project visibility level validation

Closes #59379

See merge request gitlab-org/gitlab-ce!28305

(cherry picked from commit 99637084)

b5540112 Fix project visibility level validation

Don't run full gc in AfterImportService

Closes gitlab-ee#11556

See merge request gitlab-org/gitlab-ce!28239

(cherry picked from commit 4c16ce11)

36b1a2d7 Don't run full gc in AfterImportService

Merge branch 'ce-11099-removing-the-project-that-holds-the-insights-configuration-raises-an-error' into 'master'

Add remove_foreign_key_if_exists

See merge request gitlab-org/gitlab-ce!28172

(cherry picked from commit 7b7416d9)

24eff5e0 Add remove_foreign_key_if_exists

Fix uploading of LFS tracked file through UI

Closes #61203

See merge request gitlab-org/gitlab-ce!28052

(cherry picked from commit 4d2d8124)

3f192e8a Fix Lfs::FileTransformer to work with file objects
48fcdf1f Add changelog entry

Allow a member to have an access level equal to parent group

Closes gitlab-ee#11323

See merge request gitlab-org/gitlab-ce!27913

(cherry picked from commit 2b3b0bb1)

32ddc3fe Allow a member to have an access level equal to parent group

Upgrade CI to use Chrome V73

See merge request gitlab-org/gitlab-ce!27863

[11.10] Use 3-way merge for squashing commits

See merge request gitlab-org/gitlab-ce!28078

[ci skip]

Add DNS rebinding protection settings

See merge request gitlab/gitlabhq!3131

This was renamed in GitLab 11.11, so the backport needs to use
the original name.

Reject slug+uri concat if slug is deemed unsafe

See merge request gitlab/gitlabhq!3106

Persistent XSS in note objects CE

See merge request gitlab/gitlabhq!3080

Fix url redaction for issue links

See merge request gitlab/gitlabhq!3090

Disallow invalid MR branch name

See merge request gitlab/gitlabhq!3094

Hide issue title on unsubscribe for anonymous users

See merge request gitlab/gitlabhq!3100

Fix confidential issue label disclosure on milestone view

See merge request gitlab/gitlabhq!3103

Resolve: Milestones leaked via search API

See merge request gitlab/gitlabhq!3111

Protect Gitlab::HTTP against DNS rebinding attack

See merge request gitlab/gitlabhq!3114

Prevent password sign in restriction bypass

See merge request gitlab/gitlabhq!3120

Update Knative version due to a security vulnerability

See merge request gitlab/gitlabhq!3123

Fix project visibility level validation

See merge request gitlab/gitlabhq!3125

First reported:
  https://gitlab.com/gitlab-org/gitlab-ce/issues/60143

When the page slug is "javascript:" and we attempt to link to a relative
path (using `.` or `..`) the code will concatenate the slug and the uri.
This MR adds a guard to that concat step that will return `nil` if the
incoming slug matches against any of the "unsafe" slug regexes;
currently this is only for the slug "javascript:" but can be extended if
needed. Manually tested against a non-exhaustive list from OWASP of
common javascript XSS exploits that have to to with mangling the
"javascript:" method, and all are caught by this change or by existing
code that ingests the user-specified slug.

Replaces a hard-coded date in the job app spec

Closes #62283

See merge request gitlab-org/gitlab-ce!28709