Commits · 11-4-stable-salsa · Salsa / GitLab Salsa Edition

20 Nov, 2018 1 commit
- Merge branch '11-4-stable' into 11-4-stable-salsa · 20979a27
  Alexander Wirt authored Nov 20, 2018
  
  20979a27
19 Nov, 2018 1 commit
- Merge branch '11-4-stable' into 11-4-stable-salsa · 8d2d4c74
  Alexander Wirt authored Nov 19, 2018
  
  8d2d4c74
18 Nov, 2018 4 commits
- Update VERSION to 11.4.6 · 10ecd452
  GitLab Release Tools Bot authored Nov 18, 2018
  
  10ecd452
- Update CHANGELOG.md for 11.4.6 · 528b59d3
  GitLab Release Tools Bot authored Nov 18, 2018
```
[ci skip]
```
  528b59d3
- Merge branch 'sh-fix-issue-54189-11-4' into 'security-11-4' · 721e484d
  Steve Azzopardi authored Nov 18, 2018
```
[11.4] Prevent templated services from being imported

See merge request gitlab/gitlabhq!2636
```
  721e484d
- Merge branch 'security-11-4-2717-xss-username-autocomplete' into 'security-11-4' · ec90eb99
  Steve Azzopardi authored Nov 18, 2018
```
[11.4] Escape user fullname while rendering autocomplete template to prevent XSS

See merge request gitlab/gitlabhq!2607
```
  ec90eb99
04 Nov, 2018 4 commits
- Update VERSION to 11.4.5 · f5536c61
  GitLab Release Tools Bot authored Nov 04, 2018
  
  f5536c61
- Update CHANGELOG.md for 11.4.5 · c548abd0
  GitLab Release Tools Bot authored Nov 04, 2018
```
[ci skip]
```
  c548abd0
- Merge branch '11-4-stable-patch-5' into 11-4-stable · 722ce843
  Thiago Presa authored Nov 04, 2018
  
  722ce843
- Merge branch '11-4-stable-patch-5' into 11-4-stable · 5ffc5d66
  Thiago Presa authored Nov 04, 2018
  
  5ffc5d66
02 Nov, 2018 4 commits
- Update gitlab-ui dependency to 1.8.0-hotfix.1 · 3b03ec53
  Clement Ho authored Oct 31, 2018
  
  3b03ec53
- Fix stage dropdown rendering only in English · 4341e7d4
  Filipa Lacerda authored Oct 26, 2018
```
The default value of the selected stage was a translated string.
This commit removes the string and uses a flag property instead.
The stage dropdown is now only rendered after the stages endpoint
is received.
```
  4341e7d4
- Remove duplicate escape in job sidebar · 6fe7fcd7
  Filipa Lacerda authored Oct 23, 2018
  
  6fe7fcd7
- Merge branch '11-4-stable' into 11-4-stable-salsa · eee1bea0
  Alexander Wirt authored Nov 02, 2018
  
  eee1bea0
01 Nov, 2018 5 commits
- Merge branch 'docs/download-2fa-codes' into 'master' · 3366a056
  Achilleas Pipinellis authored Oct 19, 2018
```
Documentation: Add mention that recovery codes are downloadable.

See merge request gitlab-org/gitlab-ce!22483
```
  3366a056
- Merge branch 'docs/highlight-mentions' into 'master' · 037a9181
  Marcia Ramos authored Oct 19, 2018
```
Document highlighted mentions

See merge request gitlab-org/gitlab-ce!22488
```
  037a9181
- Merge branch '11-4-stable' into 11-4-stable-salsa · 7ae5d4a1
  Alexander Wirt authored Nov 01, 2018
  
  7ae5d4a1
- Merge branch '53070-fix-usage-ping-link' into 'master' · 391f80df
  Stan Hu authored Oct 24, 2018
```
Fix usage ping link

Closes #53070

See merge request gitlab-org/gitlab-ce!22545
```
  391f80df
- Merge branch 'mr-file-tree-inline-fluid-width-fix' into 'master' · f19ae85a
  Filipa Lacerda authored Oct 19, 2018
```
Fixed merge request fill tree not respecting fluid width

Closes #52916

See merge request gitlab-org/gitlab-ce!22487
```
  f19ae85a
30 Oct, 2018 3 commits
- Update VERSION to 11.4.4 · 2e8fd64b
  GitLab Release Tools Bot authored Oct 30, 2018
  
  2e8fd64b
- Update CHANGELOG.md for 11.4.4 · 07b8f398
  GitLab Release Tools Bot authored Oct 30, 2018
```
[ci skip]
```
  07b8f398
- Merge branch 'security-kubeclient-ssrf-11-4' into 'security-11-4' · 390bcc70
  Jan Provaznik authored Oct 30, 2018
```
[11.4] Security kubeclient ssrf

See merge request gitlab/gitlabhq!2573
```
  390bcc70
26 Oct, 2018 3 commits
- Update VERSION to 11.4.3 · adea99b2
  GitLab Release Tools Bot authored Oct 26, 2018
  
  adea99b2
- Update CHANGELOG.md for 11.4.3 · 755dcd5a
  GitLab Release Tools Bot authored Oct 26, 2018
```
[ci skip]
```
  755dcd5a
- Merge branch 'fix_pat_auth-11-4' into 'security-11-4' · ba9a9b98
  Robert Speicher authored Oct 26, 2018
```
[11.4] Fix Token lookup for Git over HTTP and registry authentication

See merge request gitlab/gitlabhq!2577
```
  ba9a9b98
25 Oct, 2018 9 commits
- Update VERSION to 11.4.2 · 872549f7
  GitLab Release Tools Bot authored Oct 25, 2018
  
  872549f7
- Update CHANGELOG.md for 11.4.2 · a1e4ecdd
  GitLab Release Tools Bot authored Oct 25, 2018
```
[ci skip]
```
  a1e4ecdd
- Merge branch 'sh-block-other-localhost' into 'master' · b04c737d
  Thiago Presa authored Oct 25, 2018
```
Block additional localhost addresses in UrlBlocker

See merge request gitlab/gitlabhq!2487
```
  b04c737d
- Merge branch 'security-11-4-2717-fix-issue-title-xss' into 'security-11-4' · 5342df04
  Jan Provaznik authored Oct 24, 2018
```
[11.4] Escape issue title while template rendering to prevent XSS

See merge request gitlab/gitlabhq!2571
```
  5342df04
- Merge branch 'security-redact-links-11-4' into 'security-11-4' · 82c12bd8
  Jan Provaznik authored Oct 24, 2018
```
[11.4] Redact unsubscribe links in issuable texts

See merge request gitlab/gitlabhq!2565
```
  82c12bd8
- Merge branch 'security-fix/control-headers-11-4' into 'security-11-4' · 5e125b0f
  Jan Provaznik authored Oct 24, 2018
```
: [11.4] Resolve "Sensitive information is stored in browser history"

See merge request gitlab/gitlabhq!2562
```
  5e125b0f
- Merge branch 'sh-validate-wiki-attachments-11-4' into 'security-11-4' · e05636e2
  Thiago Presa authored Oct 24, 2018
```
[11.4] Validate Wiki attachments are valid temporary files

See merge request gitlab/gitlabhq!2569
```
  e05636e2
- Merge branch 'security-11-4-junit-test-report-exposes-stacktrace' into 'security-11-4' · b9b68fe7
  Jan Provaznik authored Oct 23, 2018
```
[11.4] JUnit test reports endpoint exposes full stack trace in production mode

See merge request gitlab/gitlabhq!2517
```
  b9b68fe7
- Merge branch 'security-if-51113-hash_tokens-11-4' into 'security-11-4' · daed01a5
  Jan Provaznik authored Oct 23, 2018
```
[11.4] Persist only SHA digest of PersonalAccessToken#token

See merge request gitlab/gitlabhq!2551
```
  daed01a5
23 Oct, 2018 4 commits
- Update VERSION to 11.4.1 · 9266cb27
  GitLab Release Tools Bot authored Oct 23, 2018
  
  9266cb27
- Update CHANGELOG.md for 11.4.1 · af39fdc6
  GitLab Release Tools Bot authored Oct 23, 2018
```
[ci skip]
```
  af39fdc6
- Merge branch 'security-11-4-51527-xss-in-mr-source-branch' into 'security-11-4' · aca5fb4e
  Thiago Presa authored Oct 23, 2018
```
[11.4] Fix XSS in MR source branch name

See merge request gitlab/gitlabhq!2550
```
  aca5fb4e
- Merge branch 'sh-block-other-localhost-11-4' into 'security-11-4' · f17e36fe
  Thiago Presa authored Oct 23, 2018
```
[11.4] Prevent SSRF attacks in HipChat integration

See merge request gitlab/gitlabhq!2547
```
  f17e36fe
22 Oct, 2018 2 commits
- SALSA: Ignore job requests for rate limit · 2acafe66
  Bastian Blank authored Jul 05, 2018
```
See https://gitlab.com/gitlab-org/gitlab-ce/issues/46951
```
  2acafe66
- SALSA: Don't send notifications for project moves within the debian group · ad4492fa
  Alexander Wirt authored Mar 23, 2018 and Bastian Blank committed Oct 22, 2018
  
  ad4492fa