1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-25 03:17:13 +00:00
Commit graph

58 commits

Author SHA1 Message Date
Florian Klink 5aa6b4c2a1
gitlab: 13.0.9 -> 13.0.12 (#94968) 2020-08-11 14:11:39 +02:00
Milan Pässler f3a353f184 gitlab: 13.0.8 -> 13.0.9
Security release: https://about.gitlab.com/releases/2020/07/06/critical-security-release-gitlab-13-1-3-released/
2020-07-07 22:15:03 +02:00
Florian Klink d986fccd9d
gitlab: 13.0.6 -> 13.0.8 (#92060) 2020-07-06 22:44:18 +02:00
Florian Klink 38a4af7d19 gitlab: 13.0.4 -> 13.0.6
CI Token Access Control

An authorization issue discovered in the mirroring logic allowed read access to private repositories. This issue is now mitigated in the latest release and is waiting for a CVE ID to be assigned.

https://about.gitlab.com/releases/2020/06/10/critical-security-release-13-0-6-released/
2020-06-11 00:27:11 +02:00
talyz 0b5c534598
gitlab: 13.0.3 -> 13.0.4
https://about.gitlab.com/releases/2020/06/03/critical-security-release-13-0-4-released/
2020-06-04 14:32:45 +02:00
Robin Gloster 79454f15ac
gitlab: 12.10.8 -> 13.0.3
https://about.gitlab.com/releases/2020/05/22/gitlab-13-0-released/
https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
https://about.gitlab.com/releases/2020/05/29/gitlab-13-0-3-released/

The gitaly gitlab-shell config has moved into gitaly.toml. See
https://gitlab.com/gitlab-org/gitaly/-/issues/2182 for more info.
2020-06-04 14:32:39 +02:00
Robin Gloster b64205d164
Merge pull request #85293 from petabyteboy/feature/gitlab-12-9-x
gitlab: 12.8.10 -> 12.10.6
2020-05-31 06:10:29 +02:00
Robin Gloster af05325f10
gitlab: 12.10.6 -> 12.10.8 2020-05-31 03:11:57 +02:00
Robin Gloster 7060927382
gitaly: fix gitlab-shell-config path patching 2020-05-31 03:07:50 +02:00
Kimat Boven c270ecd5ee gitaly: use libgit2 from all-packages.nix 2020-05-22 10:39:24 +02:00
Milan Pässler e32bf64da0 gitaly: revert a commit that broke config loading 2020-05-19 01:31:14 +02:00
Milan Pässler f61370214c gitlab: 12.8.10 -> 12.10.6 2020-05-18 18:34:46 +02:00
Frederik Rietdijk afb1041148 Merge master into staging-next 2020-05-02 09:39:00 +02:00
Florian Klink 9eb6dc762f gitaly: 12.8.9 -> 12.8.10 2020-04-30 23:16:43 +02:00
zowoq b5dc07a4b4 treewide: use $out instead of $bin with buildGoPackage 2020-04-28 20:30:29 +10:00
Florian Klink 81c34ec54f gitaly: 12.8.8 -> 12.8.9 2020-04-27 10:31:36 +02:00
Michael Reilly 84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Michael Fellinger f92600b406
update versions in Gemfile.lock 2020-04-06 15:02:13 +02:00
Florian Klink 8ab04fd87b gitlab: 12.8.7 -> 12.8.8 2020-03-27 10:08:59 +01:00
Kim Lindberger 3a173c1d75
gitlab: 12.8.6 -> 12.8.7 (#82838)
https://about.gitlab.com/releases/2020/03/16/gitlab-12-8-7-released/
2020-03-24 18:45:39 +01:00
Florian Klink 281bd03242 gitaly: 12.8.5 -> 12.8.6 2020-03-12 12:49:23 +01:00
Milan f391999026
gitlab: 12.8.2 -> 12.8.5 (#82142)
https://about.gitlab.com/releases/2020/03/09/gitlab-12-8-5-released/
2020-03-09 17:23:51 +01:00
Milan c25756f91c
gitlab: 12.8.1 -> 12.8.2 (#81803)
Includes multiple security fixes mentioned in
https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
(unfortunately, no CVE numbers as of yet)

 - Directory Traversal to Arbitrary File Read
 - Account Takeover Through Expired Link
 - Server Side Request Forgery Through Deprecated Service
 - Group Two-Factor Authentication Requirement Bypass
 - Stored XSS in Merge Request Pages
 - Stored XSS in Merge Request Submission Form
 - Stored XSS in File View
 - Stored XSS in Grafana Integration
 - Contribution Analytics Exposed to Non-members
 - Incorrect Access Control in Docker Registry via Deploy Tokens
 - Denial of Service via Permission Checks
 - Denial of Service in Design For Public Issue
 - GitHub Tokens Displayed in Plaintext on Integrations Page
 - Incorrect Access Control via LFS Import
 - Unescaped HTML in Header
 - Private Merge Request Titles Leaked via Widget
 - Project Namespace Exposed via Vulnerability Feedback Endpoint
 - Denial of Service Through Recursive Requests
 - Project Authorization Not Being Updated
 - Incorrect Permission Level For Group Invites
 - Disclosure of Private Group Epic Information
 - User IP Address Exposed via Badge images
 - Update postgresql (GitLab Omnibus)
2020-03-05 16:37:21 +01:00
talyz 74769b6799 gitaly: Copy gem files into bundler env instead of symlinking
This fixes issue #79374, where gitaly prints warning messages on the
client side when running push or fetch.
2020-03-03 21:19:01 +01:00
talyz 17721d3b33 gitaly: Add myself to maintainers 2020-03-03 21:19:01 +01:00
talyz facef28665 gitaly: 1.83.0 -> 12.8.1
In order to build gitaly, this locally overrides the version of
libgit2, since gitaly is not compatible with the latest version.
2020-03-03 21:19:01 +01:00
Florian Klink 0a87568b03 gitlab: 12.7.5 -> 12.7.6 2020-02-13 22:18:27 +01:00
Florian Klink 0142bd49cc gitlab: 12.7.4 -> 12.7.5
https://about.gitlab.com/releases/2020/01/31/gitlab-12-7-5-released/
2020-02-01 17:07:55 +01:00
Florian Klink 968f7c2890 gitaly: 1.77.1 -> 1.83.0 2020-01-31 12:25:55 +01:00
Florian Klink e1e61f31a3 gitaly: a4b6c71d4b7c1588587345e2dfe0c6bd7cc63a83 -> 1.77.1 2020-01-13 21:49:18 +01:00
talyz 445bc1494c gitaly: 1.72.1 -> a4b6c71d4b7c1588587345e2dfe0c6bd7cc63a83
For some reason this untagged commit is the one referred to in the
main repository; this might be a mistake, but we'll have to package it
for now to follow upstream.
2019-12-23 00:18:39 +01:00
Milan Pässler a43003d633 gitlab: 12.5.2 -> 12.5.3 2019-12-04 11:30:40 +01:00
Florian Klink 02eae2c3aa gitaly: 1.72.0 -> 1.72.1 2019-11-28 00:17:50 +01:00
talyz ce2aa10765 gitlab: 12.4.3 -> 12.5.0 2019-11-26 17:32:01 +01:00
talyz a30facc96e gitlab: Don't build any gitlab component outside linux
For some reason hydra seems to have issues downloading the
gitlab-workhorse source on macOS. Since we don't build the rails app
for macOS, the other components seem a bit useless there, so we
limit them to linux for now.
2019-11-06 10:56:20 +01:00
talyz 5081a6cd56 gitlab: 12.3.5 -> 12.4.0
- gitlab-shell no longer requires ruby for anything else than the
  install script, so the bundlerEnv stuff could be dropped

- gitlab-shell and gitlab-workhorse now report their versions
  correctly
2019-10-28 14:56:37 +01:00
Robin Gloster eadeca9ea7
Merge pull request #70216 from talyz/gitlab_12_3_2
gitlab: 12.1.6 -> 12.3.5, bundler: 1.17.2 -> 1.17.3
2019-10-09 00:27:04 +02:00
Christine Koppelt ee06d27cf2 treewide: add some missing meta: descriptions and homepages (#70497) 2019-10-06 00:59:26 -04:00
talyz f3eb063ecf gitlab: 12.1.6 -> 12.3.4
- Update GitLab to 12.3.4

- Update update.py to cope with the new upstream repository structure

- Refactor gitlab-shell to use buildGoPackage and bundlerEnv for
  dependencies

- Refactor gitlab-workhorse to use buildGoPackage for dependencies

- Make update.py able to update gitlab-shell and gitlab-workhorse
  dependencies

- Various fixes necessary for update to work
2019-10-04 18:03:05 +02:00
Vladimír Čunát 2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
volth 46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
Florian Klink 48da993627 gitaly: 1.47.0 -> 1.53.2 2019-08-14 14:52:16 +02:00
Florian Klink 89aae903da gitaly: fix hashes
It seems the sha256 hashes of 3 gitaly dependencies were wrong or
changed.
2019-07-27 14:29:29 +02:00
Ben Gamari 9f77b4a599 gitaly: Fix IFD import 2019-07-15 21:29:57 -04:00
Robin Gloster 6c98b0ff43
gitaly: add go mod deps 2019-07-16 01:17:38 +02:00
Ben Gamari 363b352af3 gitlab: 11.10.8 -> 12.0.3
This is a major version bump but things were generally straightforward
save two wrinkles:

 * it is necessary to ignore collisions in the gitlab bundler
   environment as both `omniauth_oauth2_generic` and
   `apollo_upload_server` provide a `console` executable.

 * grpc had to be patched since its build system expects the `AR`
   environment variable to contain not just the path to `ar` but
   also the `rpc` flags (see the discussion in nixpkgs #63056).
2019-07-14 23:03:39 +02:00
Florian Klink 80c35fb2a5 gitaly: 1.34.1 -> 1.34.3 2019-07-05 00:44:10 +02:00
Robin Gloster 2ec5786a4d
gitaly: fix build 2019-05-06 19:11:43 +02:00
Florian Klink 030bc8086b gitaly: 1.27.2 -> 1.34.1 2019-05-03 20:20:20 +02:00
Florian Klink cc785b3b9a gitaly: 1.27.1 -> 1.27.2 2019-05-01 14:49:16 +02:00