Milan Pässler
44108c5d7c
gitlab: take care of vendorSha256 in updater script
2020-12-27 00:39:20 +01:00
Milan Pässler
3157904d4a
gitlab: remove unused deps.nix files
...
These were added again in https://github.com/NixOS/nixpkgs/pull/107558
because the update script still ran vgo2nix.
2020-12-27 00:39:20 +01:00
Jeff Slight
e86efbc48b
gitlab: 13.6.1 -> 13.7.1 ( #107558 )
2020-12-26 22:06:22 +01:00
Milan Pässler
72ba4fce76
gitaly: build with system libgit2
2020-11-26 14:12:14 +01:00
Milan Pässler
c1c2ff4a97
gitlab: 13.6.0 -> 13.6.1
2020-11-26 14:12:14 +01:00
Milan Pässler
844eddf330
gitlab-workhorse: use buildGoModule
2020-11-26 14:12:13 +01:00
Milan Pässler
2e4862d3ba
gitlab-shell: use buildGoModule
2020-11-26 14:12:13 +01:00
Milan Pässler
0f344cc0db
gitaly: use buildGoModule
2020-11-26 14:12:06 +01:00
Milan Pässler
2429d5a307
gitlab: 13.5.1 -> 13.6.0
...
Changed ruby version to 2.7.x to match upstream.
Added a gem config for gitlab-pg_query as it tries to download a source
tarball during the build process.
Also removed a patch for gitaly that has become obsolete by upstream fix
[here](de04077c25
).
2020-11-21 01:38:35 +01:00
Milan Pässler
4555a26b06
gitlab: 13.4.3 -> 13.5.1
2020-11-20 19:26:30 +01:00
Jeff Slight
2cf524c825
gitlab: add new line to end of data.json file
2020-11-20 19:26:30 +01:00
Jeff Slight
c16a977386
gitlab: 13.0.14 -> 13.4.3
...
13.4.3
2020-11-20 19:26:30 +01:00
Milan Pässler
6956ce821d
gitlab: 13.0.12 -> 13.0.14
2020-08-30 11:24:25 -07:00
Florian Klink
5aa6b4c2a1
gitlab: 13.0.9 -> 13.0.12 ( #94968 )
2020-08-11 14:11:39 +02:00
Milan Pässler
f3a353f184
gitlab: 13.0.8 -> 13.0.9
...
Security release: https://about.gitlab.com/releases/2020/07/06/critical-security-release-gitlab-13-1-3-released/
2020-07-07 22:15:03 +02:00
Florian Klink
d986fccd9d
gitlab: 13.0.6 -> 13.0.8 ( #92060 )
2020-07-06 22:44:18 +02:00
Florian Klink
38a4af7d19
gitlab: 13.0.4 -> 13.0.6
...
CI Token Access Control
An authorization issue discovered in the mirroring logic allowed read access to private repositories. This issue is now mitigated in the latest release and is waiting for a CVE ID to be assigned.
https://about.gitlab.com/releases/2020/06/10/critical-security-release-13-0-6-released/
2020-06-11 00:27:11 +02:00
talyz
0b5c534598
gitlab: 13.0.3 -> 13.0.4
...
https://about.gitlab.com/releases/2020/06/03/critical-security-release-13-0-4-released/
2020-06-04 14:32:45 +02:00
Robin Gloster
79454f15ac
gitlab: 12.10.8 -> 13.0.3
...
https://about.gitlab.com/releases/2020/05/22/gitlab-13-0-released/
https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
https://about.gitlab.com/releases/2020/05/29/gitlab-13-0-3-released/
The gitaly gitlab-shell config has moved into gitaly.toml. See
https://gitlab.com/gitlab-org/gitaly/-/issues/2182 for more info.
2020-06-04 14:32:39 +02:00
Robin Gloster
b64205d164
Merge pull request #85293 from petabyteboy/feature/gitlab-12-9-x
...
gitlab: 12.8.10 -> 12.10.6
2020-05-31 06:10:29 +02:00
Robin Gloster
af05325f10
gitlab: 12.10.6 -> 12.10.8
2020-05-31 03:11:57 +02:00
Robin Gloster
7060927382
gitaly: fix gitlab-shell-config path patching
2020-05-31 03:07:50 +02:00
Kimat Boven
c270ecd5ee
gitaly: use libgit2 from all-packages.nix
2020-05-22 10:39:24 +02:00
Milan Pässler
e32bf64da0
gitaly: revert a commit that broke config loading
2020-05-19 01:31:14 +02:00
Milan Pässler
755554808f
gitlab: increase webpack memory limit
2020-05-18 18:35:08 +02:00
Milan Pässler
f61370214c
gitlab: 12.8.10 -> 12.10.6
2020-05-18 18:34:46 +02:00
Frederik Rietdijk
afb1041148
Merge master into staging-next
2020-05-02 09:39:00 +02:00
Florian Klink
fc64bca95b
gitlab: update.py: use the /refs endpoint
...
It seems the atom feed now needs authentication. Use the /refs endpoint,
which is used for the switch branch/tag dropdown. It doesn't show all
records, but has some pagination, but works well enough for now.
2020-05-01 00:13:43 +02:00
Florian Klink
fdd0d0de1f
gitlab: 12.8.9 -> 12.8.10
2020-04-30 23:16:50 +02:00
Florian Klink
9eb6dc762f
gitaly: 12.8.9 -> 12.8.10
2020-04-30 23:16:43 +02:00
zowoq
b5dc07a4b4
treewide: use $out instead of $bin with buildGoPackage
2020-04-28 20:30:29 +10:00
Florian Klink
81c34ec54f
gitaly: 12.8.8 -> 12.8.9
2020-04-27 10:31:36 +02:00
Florian Klink
b1f66bfcb2
gitlab-workhorse: 8.21.1 -> 8.21.2
2020-04-27 10:31:36 +02:00
Florian Klink
d1902923fa
gitlab: 12.8.8 -> 12.8.9
...
See
https://about.gitlab.com/releases/2020/04/14/critical-security-release-gitlab-12-dot-9-dot-3-released/
for details.
2020-04-27 10:31:36 +02:00
Michael Fellinger
4c26ab4198
gitlab: update.py: invoke bundle lock manually
...
`bundix -l` doesn't work, as it treats bundler's warning about upgrading
the lockfile version as an error, so invoke `bundle lock` manually.
2020-04-27 10:31:36 +02:00
Florian Klink
412bb5e04d
gitlab: support passing --rev to the update-all
script
...
While it's already possible to invoke `update-data` with the `--rev`
argument, one still needs to run all later phases manually.
Fix this, by having `update-all` also accept a `--rev` argument, and
pass it down to `update-data`.
Also, make the help text a bit more usable, by suggesting the usual
versioning scheme used these times.
2020-04-27 10:31:36 +02:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs
2020-04-10 17:54:53 +01:00
Michael Fellinger
f92600b406
update versions in Gemfile.lock
2020-04-06 15:02:13 +02:00
Florian Klink
8ab04fd87b
gitlab: 12.8.7 -> 12.8.8
2020-03-27 10:08:59 +01:00
Kim Lindberger
3a173c1d75
gitlab: 12.8.6 -> 12.8.7 ( #82838 )
...
https://about.gitlab.com/releases/2020/03/16/gitlab-12-8-7-released/
2020-03-24 18:45:39 +01:00
Florian Klink
281bd03242
gitaly: 12.8.5 -> 12.8.6
2020-03-12 12:49:23 +01:00
Florian Klink
ab3b836350
gitlab: 12.8.5 -> 12.8.6
...
https://about.gitlab.com/releases/2020/03/11/critical-security-release-gitlab-12-dot-8-dot-6-released/
2020-03-12 02:57:39 +01:00
Florian Klink
d2061f024c
gitlab: update script: unset GOROOT
...
or vgo2nix might not be able to resolve some dependencies.
2020-03-12 02:56:48 +01:00
Milan
f391999026
gitlab: 12.8.2 -> 12.8.5 ( #82142 )
...
https://about.gitlab.com/releases/2020/03/09/gitlab-12-8-5-released/
2020-03-09 17:23:51 +01:00
Milan
c25756f91c
gitlab: 12.8.1 -> 12.8.2 ( #81803 )
...
Includes multiple security fixes mentioned in
https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
(unfortunately, no CVE numbers as of yet)
- Directory Traversal to Arbitrary File Read
- Account Takeover Through Expired Link
- Server Side Request Forgery Through Deprecated Service
- Group Two-Factor Authentication Requirement Bypass
- Stored XSS in Merge Request Pages
- Stored XSS in Merge Request Submission Form
- Stored XSS in File View
- Stored XSS in Grafana Integration
- Contribution Analytics Exposed to Non-members
- Incorrect Access Control in Docker Registry via Deploy Tokens
- Denial of Service via Permission Checks
- Denial of Service in Design For Public Issue
- GitHub Tokens Displayed in Plaintext on Integrations Page
- Incorrect Access Control via LFS Import
- Unescaped HTML in Header
- Private Merge Request Titles Leaked via Widget
- Project Namespace Exposed via Vulnerability Feedback Endpoint
- Denial of Service Through Recursive Requests
- Project Authorization Not Being Updated
- Incorrect Permission Level For Group Invites
- Disclosure of Private Group Epic Information
- User IP Address Exposed via Badge images
- Update postgresql (GitLab Omnibus)
2020-03-05 16:37:21 +01:00
talyz
74769b6799
gitaly: Copy gem files into bundler env instead of symlinking
...
This fixes issue #79374 , where gitaly prints warning messages on the
client side when running push or fetch.
2020-03-03 21:19:01 +01:00
talyz
17721d3b33
gitaly: Add myself to maintainers
2020-03-03 21:19:01 +01:00
talyz
a3b2828de3
gitlab-shell: Change name from gitlab-shell-go to gitlab-shell
...
This is left over from when gitlab-shell had a ruby part and a go
part. The ruby part is now gone, so let's call the go part
gitlab-shell.
2020-03-03 21:19:01 +01:00
talyz
f2bb5238aa
gitlab-workhorse: 8.20.0 -> 8.21.0
2020-03-03 21:19:01 +01:00
talyz
facef28665
gitaly: 1.83.0 -> 12.8.1
...
In order to build gitaly, this locally overrides the version of
libgit2, since gitaly is not compatible with the latest version.
2020-03-03 21:19:01 +01:00