delta/gitlab/gitlab-ce.git/spec/requests, branch docs/single-codebase-dev-guides gitlab.com: gitlab-org/gitlab-ce.git #46469 - Added ref querystring parameter to project search to allow searching on branches other than master 2019-05-17T06:10:08+00:00 Lee Tickett lee@tickett.net 2019-05-17T06:10:08+00:00 a4e9259d8a39c0f1777af025fd7255dafb5d0e44 






Add correlation id to all sentry errors
2019-05-13T18:27:41+00:00

Bob Van Landuyt
bob@vanlanduyt.co

2019-05-10T21:12:33+00:00

4c2f6814907f3988c86c9f79a155d1d48ba61793

Before this, we were only adding the correlation id to the "acceptable
exceptions" which we handle in code.

But we need to add it to the default raven context so the information
would be available for uncaught exceptions.





Before this, we were only adding the correlation id to the "acceptable
exceptions" which we handle in code.

But we need to add it to the default raven context so the information
would be available for uncaught exceptions.







Merge branch '58404-set-default-max-depth-for-GraphQL' into 'master'
2019-05-08T08:46:56+00:00

Sean McGivern
sean@gitlab.com

2019-05-08T08:46:56+00:00

9f888c7440a99f0c9bd59ac066fae88e7c863e41

58404 - setup max depth for graphql

Closes #58404

See merge request gitlab-org/gitlab-ce!25737




58404 - setup max depth for graphql

Closes #58404

See merge request gitlab-org/gitlab-ce!25737






Confirm existence of head_pipeline if pipeline success required
2019-05-07T16:06:53+00:00

Kerri Miller
kerrizor@kerrizor.com

2019-05-07T16:06:53+00:00

29f9d92642539eaa04bdb485425d6f1cd3b459fd

Pipelines are created by an async worker, so a rapid sequence of API
calls can trigger a state where the pipeline, whose existence is part of
determining if we wait for the pipeline to successfully complete before
merging, can trigger the MR to be immediately merged instead.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/55127





Pipelines are created by an async worker, so a rapid sequence of API
calls can trigger a state where the pipeline, whose existence is part of
determining if we wait for the pipeline to successfully complete before
merging, can trigger the MR to be immediately merged instead.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/55127







Add improvements to the global search process
2019-05-07T11:08:25+00:00

Francisco Javier López
fjlopez@gitlab.com

2019-05-07T11:08:25+00:00

68e533dc219be27f3485d2335e70aa61a193dabb

Removed the conditions added to
Project.with_feature_available_for_user, and moved to the
IssuableFinder. Now, we ensure that, in the projects retrieved
in the Finder, the user has enough access for the feature.





Removed the conditions added to
Project.with_feature_available_for_user, and moved to the
IssuableFinder. Now, we ensure that, in the projects retrieved
in the Finder, the user has enough access for the feature.







Allow replying to an individual note in the API
2019-05-06T18:48:32+00:00

Sean McGivern
sean@gitlab.com

2019-05-06T10:59:02+00:00

00af4c6d6a8ea2997f57d6e872992b9fc72839d8

If you can do this in the UI, you should be able to do it in the API. If
a discussion is not a single note discussion, or it is replyable, you
can reply to it.





If you can do this in the UI, you should be able to do it in the API. If
a discussion is not a single note discussion, or it is replyable, you
can reply to it.







58404 - setup max depth for graphql
2019-05-06T15:02:29+00:00

Ken Ding
ken.ding@mail.com

2019-05-06T14:00:03+00:00

f80f68d520b98ae60300ecf0758ff241218e9cd0

58404 - add change log


58404 - add spec


58404 - add more spec to test depth 2


58404 - fix spec


58404 - fix rubocop


58404 - refactor the code by Bob's advice


58404 - revert changes of all_graphql_fields_for


58404 - change text only


58404 - fix rspec according to gitlab's standard


58404 - revert previous spec


58404 - fix rubocop






58404 - add change log


58404 - add spec


58404 - add more spec to test depth 2


58404 - fix spec


58404 - fix rubocop


58404 - refactor the code by Bob's advice


58404 - revert changes of all_graphql_fields_for


58404 - change text only


58404 - fix rspec according to gitlab's standard


58404 - revert previous spec


58404 - fix rubocop








Implement support for CI variables of type file
2019-05-06T13:11:42+00:00

Krasimir Angelov
kangelov@gitlab.com

2019-05-06T13:11:42+00:00

85609c117e2b96a786204069669c66d36d971733

Add env_var and file as supported types for CI variables. Variables of
type file expose to users existing gitlab-runner behaviour - save
variable value into a temp file and set the path to this file in an ENV
var named after the variable key.

Resolves https://gitlab.com/gitlab-org/gitlab-ce/issues/46806.





Add env_var and file as supported types for CI variables. Variables of
type file expose to users existing gitlab-runner behaviour - save
variable value into a temp file and set the path to this file in an ENV
var named after the variable key.

Resolves https://gitlab.com/gitlab-org/gitlab-ce/issues/46806.







Allow guests users to access project releases
2019-05-03T13:29:20+00:00

Krasimir Angelov
kangelov@gitlab.com

2019-05-03T13:29:20+00:00

241ba4be7989547b3bc3f9a1a20b8dee7a4e9a0c

This is step one of resolving
https://gitlab.com/gitlab-org/gitlab-ce/issues/56838.

Here is what changed:
- Revert the security fix from bdee9e8412d.
- Do not leak repository information (tag name, commit) to guests in API
responses.
- Do not include links to source code in API responses for users that do
not have download_code access.
- Show Releases in sidebar for guests.
- Do not display links to source code under Assets for users that do not
have download_code access.

GET ':id/releases/:tag_name' still do not allow guests to access
releases. This is to prevent guessing tag existence.





This is step one of resolving
https://gitlab.com/gitlab-org/gitlab-ce/issues/56838.

Here is what changed:
- Revert the security fix from bdee9e8412d.
- Do not leak repository information (tag name, commit) to guests in API
responses.
- Do not include links to source code in API responses for users that do
not have download_code access.
- Show Releases in sidebar for guests.
- Do not display links to source code under Assets for users that do not
have download_code access.

GET ':id/releases/:tag_name' still do not allow guests to access
releases. This is to prevent guessing tag existence.







Whitelist query limits for internal API
2019-05-03T04:02:15+00:00

Stan Hu
stanhu@gmail.com

2019-05-03T04:02:15+00:00

0595c6d5cd45fbf34f8779be544df72f83647915

When creating a merge request for push options, there may be over 100
queries that are run to create a merge request. Even after we reduce the
number of queries by disabling the Sidekiq jobs, it appears we still
hover near this limit.

Closes https://gitlab.com/gitlab-org/gitlab-ee/issues/11450





When creating a merge request for push options, there may be over 100
queries that are run to create a merge request. Even after we reduce the
number of queries by disabling the Sidekiq jobs, it appears we still
hover near this limit.

Closes https://gitlab.com/gitlab-org/gitlab-ee/issues/11450