Коммиты · 12-4-stable · nt_test134 / nt_project_0mr5aoytso1m

13.01.2020 3 коммита
- Merge remote-tracking branch 'dev/12-4-stable' into 12-4-stable
  
  · 3f91efcd
  
  GitLab Release Tools Bot создал Янв 13, 2020
  
  3f91efcd
- Update VERSION to 12.4.8
  
  · 24cecbe1
  
  GitLab Release Tools Bot создал Янв 13, 2020
  
  24cecbe1
- Update CHANGELOG.md for 12.4.8
  
  · 2c42669c
  
  GitLab Release Tools Bot создал Янв 13, 2020
```
[ci skip]
```
  2c42669c
10.01.2020 1 коммит
- Add latest changes from gitlab-org/security/gitlab@12-4-stable-ee
  
  · 73e4dfe3
  
  GitLab Bot создал Янв 10, 2020
  
  73e4dfe3
02.01.2020 3 коммита
- Merge remote-tracking branch 'dev/12-4-stable' into 12-4-stable
  
  · ec377c38
  
  GitLab Release Tools Bot создал Янв 02, 2020
  
  ec377c38
- Update VERSION to 12.4.7
  
  · 5159b8de
  
  GitLab Release Tools Bot создал Янв 02, 2020
  
  5159b8de
- Update CHANGELOG.md for 12.4.7
  
  · 9c4673ab
  
  GitLab Release Tools Bot создал Янв 02, 2020
```
[ci skip]
```
  9c4673ab
31.12.2019 1 коммит
- Add latest changes from gitlab-org/security/gitlab@12-4-stable-ee
  
  · c11b8def
  
  GitLab Bot создал Дек 31, 2019
  
  c11b8def
16.12.2019 1 коммит
- Add latest changes from gitlab-org/gitlab@12-4-stable-ee
  
  · 52d0c833
  
  GitLab Bot создал Дек 16, 2019
  
  52d0c833
10.12.2019 1 коммит
- Merge remote-tracking branch 'dev/12-4-stable' into 12-4-stable
  
  · d0fee3f5
  
  GitLab Release Tools Bot создал Дек 10, 2019
  
  d0fee3f5
09.12.2019 3 коммита
- Update VERSION to 12.4.6
  
  · 2efeb5d9
  
  GitLab Release Tools Bot создал Дек 09, 2019
  
  2efeb5d9
- Update CHANGELOG.md for 12.4.6
  
  · 0fb61d96
  
  GitLab Release Tools Bot создал Дек 09, 2019
```
[ci skip]
```
  0fb61d96
- Merge branch 'security-37766-transfer-group-reindex-ce-12-4' into '12-4-stable'
  
  · 591c745c
  
  Alessio Caiazza создал Дек 09, 2019
```
Trigger Elasticsearch indexing when public group moved to private

See merge request gitlab/gitlabhq!3578
```
  591c745c
06.12.2019 2 коммита
- Trigger Elasticsearch indexing when public group moved to private
  
  · 2509f797
  
  Dylan Griffith создал Дек 06, 2019
```
This fixes https://gitlab.com/gitlab-org/gitlab/issues/37766 which is
caused by the fact that we leave the stale permissions data in the index
after a group is moved to another group.
```
  2509f797
- Add latest changes from gitlab-org/gitlab@12-4-stable-ee
  
  · 97a41ac6
  
  GitLab Bot создал Дек 06, 2019
  
  97a41ac6
27.11.2019 6 коммитов
- Merge remote-tracking branch 'dev/12-4-stable' into 12-4-stable
  
  · 6051a4b2
  
  GitLab Release Tools Bot создал Ноя 27, 2019
  
  6051a4b2
- Update VERSION to 12.4.5
  
  · 539f5fc0
  
  GitLab Release Tools Bot создал Ноя 27, 2019
  
  539f5fc0
- Update CHANGELOG.md for 12.4.5
  
  · 3f0859ad
  
  GitLab Release Tools Bot создал Ноя 27, 2019
```
[ci skip]
```
  3f0859ad
- Merge remote-tracking branch 'dev/12-4-stable' into 12-4-stable
  
  · ed299e83
  
  GitLab Release Tools Bot создал Ноя 27, 2019
  
  ed299e83
- Update VERSION to 12.4.4
  
  · 0a3b14ec
  
  GitLab Release Tools Bot создал Ноя 26, 2019
  
  0a3b14ec
- Update CHANGELOG.md for 12.4.4
  
  · b475ac65
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
[ci skip]
```
  b475ac65
26.11.2019 15 коммитов
- Merge branch 'security-dos-issue-and-commit-comments-12-4' into '12-4-stable'
  
  · 8539ed88
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
Fix invalid byte sequence

See merge request gitlab/gitlabhq!3548
```
  8539ed88
- Merge branch 'security-29660-update-dependencies-12-4' into '12-4-stable'
  
  · f9db08fd
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
Update Workhorse and Gitaly to fix a security issue

See merge request gitlab/gitlabhq!3500
```
  f9db08fd
- Merge branch 'security-dns-rebind-ssrf-in-slack-notifications-12-4-ce' into '12-4-stable'
  
  · 774a7ed2
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
Use Gitlab::HTTP for all chat notifications

See merge request gitlab/gitlabhq!3516
```
  774a7ed2
- Merge branch 'security-33712-ce-12-4' into '12-4-stable'
  
  · 7e789039
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
Fix private comment Elasticsearch leak

See merge request gitlab/gitlabhq!3524
```
  7e789039
- Merge branch 'security-aws-secret-key-2937-ce-12-4' into '12-4-stable'
  
  · 6bfdba8b
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
Hide AWS secret on Admin Integration page

See merge request gitlab/gitlabhq!3526
```
  6bfdba8b
- Hide AWS secret on Admin Integration page
  
  · 4c192319
  
  Justin Ho Tuan Duong создал Ноя 26, 2019
  
  4c192319
- Merge branch 'security-ag-cycle-analytics-guest-permissions-12-4' into '12-4-stable'
  
  · ddd05f24
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
Prevent guests from seeing commits for cycle analytics

See merge request gitlab/gitlabhq!3533
```
  ddd05f24
- Merge branch 'security-filter-related-branches-from-activity-feed-12.4' into '12-4-stable'
  
  · 1a51bc93
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
Related Branches Visible to Guests in Issue Activity

See merge request gitlab/gitlabhq!3539
```
  1a51bc93
- Merge branch 'security-2943-encrypt-plaintext-tokens-12-4' into '12-4-stable'
  
  · 170c1104
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
GitLab stores AWS, Slack, Askimet, reCaptcha tokens in plaintext

See merge request gitlab/gitlabhq!3542
```
  170c1104
- Merge branch 'security-fix-xss-in-label-namespace-12-4' into '12-4-stable'
  
  · 5d5c906b
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
Escape namespace in label references

See merge request gitlab/gitlabhq!3551
```
  5d5c906b
- Merge branch 'security-28802-respect-fork-parent-visibility-12-4' into '12-4-stable'
  
  · b72162e7
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
Check permissions before showing a forked project's source

See merge request gitlab/gitlabhq!3556
```
  b72162e7
- Merge branch 'security-exclude_ids_attribute_cleaning-12-4-ce' into '12-4-stable'
  
  · 52444f10
  
  GitLab Release Tools Bot создал Ноя 26, 2019
```
Ensure attributes that end in `_ids` are cleaned

See merge request gitlab/gitlabhq!3559
```
  52444f10
- Spec to ensure `_ids` are cleaned by ImportExport::AttributeCleaner
  
  · 7aea2c20
  
  Imre Farkas создал Ноя 26, 2019
  
  7aea2c20
- Ensure attributes that end in `_ids` are cleaned
  
  · 483d36b2
  
  DJ Mountney создал Ноя 25, 2019
```
This prevents an issue where you can steal other projects objects by
asking for ids that don't belong to you in import.
```
  483d36b2
- Add latest changes from gitlab-org/gitlab@12-4-stable-ee
  
  · 3d7b56c5
  
  GitLab Bot создал Ноя 26, 2019
  
  3d7b56c5
25.11.2019 3 коммита

Check permissions before showing a forked project's source

· b49d06e4

Nick Thomas создал Ноя 19, 2019

b49d06e4

Encrypt application settings with pre and post deployments

· 4cb93023

Arturo Herrero создал Ноя 22, 2019

We had concerns about the cached values on Redis with the previous two
releases strategy:

First release (this commit):
  - Create new encrypted fields in the database.
  - Start populating new encrypted fields, read the encrypted fields or
    fallback to the plaintext fields.
  - Backfill the data removing the plaintext fields to the encrypted
    fields.
Second release:
  - Remove the virtual attribute (created in step 2).
  - Drop plaintext columns from the database (empty columns after
    step 3).

We end up with a better strategy only using migration scripts in one
release:
  - Pre-deployment migration: Add columns required for storing encrypted
    values.
  - Pre-deployment migration: Store the encrypted values in the new
    columns.
  - Post-deployment migration: Remove the old unencrypted columns

4cb93023

Escape namespace in label references

· ddfdc0dc

Heinrich Lee Yu создал Окт 26, 2019

When referencing cross-namespace labels, we append the namespace name
to the rendered label.

This MR escapes the name to prevent XSS attacks.

ddfdc0dc

22.11.2019 1 коммит
- Fix invalid byte sequence
  
  · 0cc8e021
  
  Patrick Derichs создал Ноя 22, 2019
  
  0cc8e021