realaravinth/debian-mirror-gitlab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

refresh patches

Browse source
This commit is contained in:
Pirate Praveen 2017-08-17 23:00:15 +05:30
parent 6e758cd33e
commit 9c632eddb6
12 changed files with 191 additions and 836 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
debian/patches/0005-use-debian-omniauth-ldap.patch vendored
View file

@ -1,11 +1,9 @@
Debian package contains gitlab patches
Bug: https://gitlab.com/gitlab-org/gitlab-ce/issues/13280
Index: gitlab/Gemfile
===================================================================
--- gitlab.orig/Gemfile
+++ gitlab/Gemfile
@@ -56,7 +56,7 @@ gem 'gitlab_git', '~> 10.6.8'
--- a/Gemfile
+++ b/Gemfile
@@ -60,7 +60,7 @@
# LDAP Auth
# GitLab fork with several improvements to original library. For full list of changes
# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master

13
debian/patches/0018-loosen-rdoc.patch vendored
View file

@ -1,13 +0,0 @@
Bug: https://gitlab.com/gitlab-org/gitlab-ce/issues/2814
--- a/Gemfile
+++ b/Gemfile
@@ -104,7 +104,7 @@
gem 'gitlab-markup', '~> 1.5.1'
gem 'redcarpet', '~> 3.3.3'
gem 'RedCloth', '~> 4.3.2'
-gem 'rdoc', '~>3.6'
+gem 'rdoc', '~> 4.1'
gem 'org-ruby', '~> 0.9.12'
gem 'creole', '~> 0.5.0'
gem 'wikicloth', '0.8.1'

282
debian/patches/0050-relax-stable-libs.patch vendored
View file

@ -3,20 +3,18 @@ gitlab Gemfile
--- a/Gemfile
+++ b/Gemfile
@@ -1,16 +1,16 @@
@@ -1,15 +1,15 @@
source 'https://rubygems.org'
-gem 'rails', '4.2.7.1'
-gem 'rails-deprecated_sanitizer', '~> 1.0.3'
+gem 'rails', '~> 4.2', '>= 4.2.7.1'
+gem 'rails-deprecated_sanitizer', '~> 1.0', '>= 1.0.3'
-gem 'rails', '4.2.8'
+gem 'rails', '~> 4.2.8'
gem 'rails-deprecated_sanitizer', '~> 1.0.3'
# Responders respond_to and respond_with
gem 'responders', '~> 2.0'
-gem 'sprockets', '~> 3.7.0'
+gem 'sprockets', '~> 3.7'
gem 'sprockets-es6', '~> 0.9.2'
# Default values for AR models
-gem 'default_value_for', '~> 3.0.0'
@ -24,42 +22,46 @@ gitlab Gemfile
# Supported DBs
gem 'mysql2', '~> 0.3.16', group: :mysql
@@ -18,22 +18,22 @@
@@ -21,38 +21,38 @@
# Authentication libraries
gem 'devise', '~> 4.2'
-gem 'doorkeeper', '~> 4.2.0'
-gem 'omniauth', '~> 1.3.1'
-gem 'omniauth-auth0', '~> 1.4.1'
+gem 'doorkeeper', '~> 4.2'
+gem 'omniauth', '~> 1.3', '>= 1.3.1'
+gem 'omniauth-auth0', '~> 1.4', '>= 1.4.1'
gem 'omniauth-azure-oauth2', '~> 0.0.6'
gem 'omniauth-bitbucket', '~> 0.0.2'
-gem 'omniauth-cas3', '~> 1.1.2'
-gem 'omniauth-facebook', '~> 4.0.0'
-gem 'omniauth-github', '~> 1.1.1'
-gem 'omniauth-gitlab', '~> 1.0.0'
+gem 'omniauth-cas3', '~> 1.1', '>= 1.1.2'
+gem 'omniauth-facebook', '~> 4.0'
+gem 'omniauth-github', '~> 1.1', '>= 1.1.1'
+gem 'omniauth-gitlab', '~> 1.0'
gem 'devise', '~> 4.2'
-gem 'doorkeeper', '~> 4.2.0'
-gem 'doorkeeper-openid_connect', '~> 1.1.0'
-gem 'omniauth', '~> 1.4.2'
-gem 'omniauth-auth0', '~> 1.4.1'
+gem 'doorkeeper', '~> 4.2'
+gem 'doorkeeper-openid_connect', '~> 1.1'
+gem 'omniauth', '~> 1.4', '>= 1.4.2'
+gem 'omniauth-auth0', '~> 1.4', '>= 1.4.1'
gem 'omniauth-azure-oauth2', '~> 0.0.6'
-gem 'omniauth-cas3', '~> 1.1.2'
-gem 'omniauth-facebook', '~> 4.0.0'
-gem 'omniauth-github', '~> 1.1.1'
-gem 'omniauth-gitlab', '~> 1.0.2'
+gem 'omniauth-cas3', '~> 1.1', '>= 1.1.2'
+gem 'omniauth-facebook', '~> 4.0'
+gem 'omniauth-github', '~> 1.1', '>= 1.1.1'
+gem 'omniauth-gitlab', '~> 1.0', '>= 1.0.2'
gem 'omniauth-google-oauth2', '~> 0.4.1'
gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
-gem 'omniauth-saml', '~> 1.7.0'
-gem 'omniauth-shibboleth', '~> 1.2.0'
-gem 'omniauth-twitter', '~> 1.2.0'
-gem 'omniauth_crowd', '~> 2.2.0'
-gem 'rack-oauth2', '~> 1.2.1'
+gem 'omniauth-saml', '~> 1.7'
+gem 'omniauth-shibboleth', '~> 1.2'
+gem 'omniauth-twitter', '~> 1.2'
+gem 'omniauth_crowd', '~> 2.2'
+gem 'rack-oauth2', '~> 1.2', '>= 1.2.1'
gem 'jwt'
gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
gem 'omniauth-oauth2-generic', '~> 0.2.2'
-gem 'omniauth-saml', '~> 1.7.0'
-gem 'omniauth-shibboleth', '~> 1.2.0'
-gem 'omniauth-twitter', '~> 1.2.0'
-gem 'omniauth_crowd', '~> 2.2.0'
+gem 'omniauth-saml', '~> 1.7'
+gem 'omniauth-shibboleth', '~> 1.2'
+gem 'omniauth-twitter', '~> 1.2'
+gem 'omniauth_crowd', '~> 2.2'
gem 'omniauth-authentiq', '~> 0.3.0'
-gem 'rack-oauth2', '~> 1.2.1'
-gem 'jwt', '~> 1.5.6'
+gem 'rack-oauth2', '~> 1.2', '>= 1.2.1'
+gem 'jwt', '~> 1.5', '>= 1.5.6'
# Spam and anti-bot protection
@@ -41,9 +41,9 @@
gem 'recaptcha', '~> 3.0', require: 'recaptcha/rails'
gem 'akismet', '~> 2.0'
# Two-factor authentication
@ -70,14 +72,13 @@ gitlab Gemfile
+gem 'attr_encrypted', '~> 3.0'
gem 'u2f', '~> 0.2.1'
# GitLab Pages
-gem 'validates_hostname', '~> 1.0.6'
+gem 'validates_hostname', '~> 1.0', '>= 1.0.6'
# Browser detection
@@ -51,12 +51,12 @@
# Extracting information from a git repository
# Provide access to Gitlab::Git library
-gem 'gitlab_git', '~> 10.7.0'
+gem 'gitlab_git', '~> 10.7'
gem 'browser', '~> 2.2'
@@ -60,7 +60,7 @@
# LDAP Auth
# GitLab fork with several improvements to original library. For full list of changes
# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
@ -86,16 +87,16 @@ gitlab Gemfile
# Git Wiki
# Required manually in config/initializers/gollum.rb to control load order
@@ -64,7 +64,7 @@
gem 'gollum-rugged_adapter', '~> 0.4.2', require: false
@@ -68,7 +68,7 @@
gem 'gollum-rugged_adapter', '~> 0.4.4', require: false
# Language detection
-gem 'github-linguist', '~> 4.7.0', require: 'linguist'
+gem 'github-linguist', '~> 4.7', require: 'linguist'
# API
gem 'grape', '~> 0.15.0'
@@ -75,7 +75,7 @@
gem 'grape', '~> 0.19.0'
@@ -82,7 +82,7 @@
gem 'kaminari', '~> 0.17.0'
# HAML
@ -103,33 +104,29 @@ gitlab Gemfile
+gem 'hamlit', '~> 2.6', '>= 2.6.1'
# Files attachments
gem 'carrierwave', '~> 0.10.0'
@@ -96,39 +96,39 @@
gem 'unf', '~> 0.1.4'
# Seed data
-gem 'seed-fu', '~> 2.3.5'
+gem 'seed-fu', '~> 2.3', '>= 2.3.5'
gem 'carrierwave', '~> 1.0'
@@ -108,37 +108,37 @@
gem 'seed-fu', '~> 2.3.5'
# Markdown and HTML processing
-gem 'html-pipeline', '~> 1.11.0'
-gem 'deckar01-task_list', '1.0.5', require: 'task_list/railtie'
-gem 'gitlab-markup', '~> 1.5.1'
-gem 'redcarpet', '~> 3.3.3'
-gem 'RedCloth', '~> 4.3.2'
+gem 'html-pipeline', '~> 1.11'
+gem 'deckar01-task_list', '~> 1.0', '>= 1.0.5', require: 'task_list/railtie'
+gem 'gitlab-markup', '~> 1.5', '>= 1.5.1'
+gem 'redcarpet', '~> 3.3', '>= 3.3.3'
+gem 'RedCloth', '~> 4.3', '>= 4.3.2'
gem 'rdoc', '~> 4.1'
gem 'org-ruby', '~> 0.9.12'
gem 'creole', '~> 0.5.0'
gem 'wikicloth', '0.8.1'
-gem 'asciidoctor', '~> 1.5.2'
+gem 'asciidoctor', '~> 1.5', '>= 1.5.2'
gem 'rouge', '~> 2.0'
gem 'truncato', '~> 0.7.8'
-gem 'html-pipeline', '~> 1.11.0'
-gem 'deckar01-task_list', '1.0.6', require: 'task_list/railtie'
-gem 'gitlab-markup', '~> 1.5.1'
+gem 'html-pipeline', '~> 1.11'
+gem 'deckar01-task_list', '1.0', '>= 1.0.6', require: 'task_list/railtie'
+gem 'gitlab-markup', '~> 1.5','>= 1.5.1'
gem 'redcarpet', '~> 3.4'
-gem 'RedCloth', '~> 4.3.2'
+gem 'RedCloth', '~> 4.3', '>= 4.3.2'
gem 'rdoc', '~> 4.2'
gem 'org-ruby', '~> 0.9.12'
gem 'creole', '~> 0.5.0'
gem 'wikicloth', '0.8.1'
-gem 'asciidoctor', '~> 1.5.2'
+gem 'asciidoctor', '~> 1.5','>= 1.5.2'
gem 'asciidoctor-plantuml', '0.0.7'
gem 'rouge', '~> 2.0'
gem 'truncato', '~> 0.7.8'
# See https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
# and https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM
@ -137,8 +134,8 @@ gitlab Gemfile
+gem 'nokogiri', '~> 1.6', '>= 1.6.7.2'
# Diffs
-gem 'diffy', '~> 3.0.3'
+gem 'diffy', '~> 3.0', '>= 3.0.3'
-gem 'diffy', '~> 3.1.0'
+gem 'diffy', '~> 3.1'
# Application server
group :unicorn do
@ -155,12 +152,17 @@ gitlab Gemfile
# Issue tags
gem 'acts-as-taggable-on', '~> 4.0'
@@ -136,39 +136,39 @@
@@ -146,49 +146,49 @@
# Background jobs
gem 'sidekiq', '~> 4.2'
gem 'sidekiq-cron', '~> 0.4.0'
gem 'sidekiq', '~> 5.0'
gem 'sidekiq-cron', '~> 0.4.4'
-gem 'redis-namespace', '~> 1.5.2'
+gem 'redis-namespace', '~> 1.5', '>= 1.5.2'
gem 'sidekiq-limit_fetch', '~> 3.4'
# Cron Parser
-gem 'rufus-scheduler', '~> 3.1.10'
+gem 'rufus-scheduler', '~> 3.1', '>= 3.1.10'
# HTTP requests
gem 'httparty', '~> 0.13.3'
@ -173,14 +175,18 @@ gitlab Gemfile
-gem 'settingslogic', '~> 2.0.9'
+gem 'settingslogic', '~> 2.0', '>= 2.0.9'
# Linear-time regex library for untrusted regular expressions
-gem 're2', '~> 1.0.0'
+gem 're2', '~> 1.0'
# Misc
-gem 'version_sorter', '~> 2.1.0'
+gem 'version_sorter', '~> 2.1'
# Cache
-gem 'redis-rails', '~> 4.0.0'
+gem 'redis-rails', '~> 4.0'
-gem 'redis-rails', '~> 5.0.1'
+gem 'redis-rails', '~> 5.0', '>= 5.0.1'
# Redis
gem 'redis', '~> 3.2'
@ -190,6 +196,10 @@ gitlab Gemfile
-gem 'hipchat', '~> 1.5.0'
+gem 'hipchat', '~> 1.5'
# JIRA integration
-gem 'jira-ruby', '~> 1.1.2'
+gem 'jira-ruby', '~> 1.1', '>= 1.1.2'
# Flowdock integration
-gem 'gitlab-flowdock-git-hook', '~> 1.0.1'
+gem 'gitlab-flowdock-git-hook', '~> 1.0', '>= 1.0.1'
@ -198,14 +208,18 @@ gitlab Gemfile
gem 'gemnasium-gitlab-service', '~> 0.2'
# Slack integration
-gem 'slack-notifier', '~> 1.2.0'
+gem 'slack-notifier', '~> 1.2'
-gem 'slack-notifier', '~> 1.5.1'
+gem 'slack-notifier', '~> 1.5', '>= 1.5.1'
# Asana integration
gem 'asana', '~> 0.4.0'
@@ -177,63 +177,63 @@
gem 'asana', '~> 0.6.0'
@@ -197,38 +197,38 @@
gem 'ruby-fogbugz', '~> 0.2.1'
# Kubernetes integration
-gem 'kubeclient', '~> 2.2.0'
+gem 'kubeclient', '~> 2.2'
# d3
-gem 'd3_rails', '~> 3.5.0'
+gem 'd3_rails', '~> 3.5'
@ -224,12 +238,12 @@ gitlab Gemfile
+gem 'loofah', '~> 2.0', '>= 2.0.3'
# Working with license
-gem 'licensee', '~> 8.0.0'
+gem 'licensee', '~> 8.0'
-gem 'licensee', '~> 8.7.0'
+gem 'licensee', '~> 8.7'
# Protect against bruteforcing
-gem 'rack-attack', '~> 4.3.1'
+gem 'rack-attack', '~> 4.3', '>= 4.3.1'
-gem 'rack-attack', '~> 4.4.1'
+gem 'rack-attack', '~> 4.4', '>= 4.4.1'
# Ace editor
-gem 'ace-rails-ap', '~> 4.1.0'
@ -248,78 +262,52 @@ gitlab Gemfile
# Parse time & duration
gem 'chronic', '~> 0.10.2'
gem 'chronic_duration', '~> 0.10.6'
@@ -237,32 +237,32 @@
gem 'webpack-rails', '~> 0.9.10'
gem 'rack-proxy', '~> 0.6.0'
-gem 'sass-rails', '~> 5.0.6'
-gem 'coffee-rails', '~> 4.1.0'
-gem 'uglifier', '~> 2.7.2'
+gem 'sass-rails', '~> 5.0', '>= 5.0.6'
+gem 'coffee-rails', '~> 4.1'
+gem 'uglifier', '>= 2.7.2'
gem 'gitlab-turbolinks-classic', '~> 2.5', '>= 2.5.6'
+gem 'uglifier', '~> 2.7', '>= 2.7.2'
-gem 'addressable', '~> 2.3.8'
-gem 'bootstrap-sass', '~> 3.3.0'
-gem 'font-awesome-rails', '~> 4.6.1'
+gem 'addressable', '~> 2.3', '>= 2.3.8'
+gem 'bootstrap-sass', '~> 3.3'
+gem 'font-awesome-rails', '~> 4.6', '>= 4.6.1'
gem 'gemojione', '~> 3.0'
-gem 'gon', '~> 6.1.0'
-gem 'addressable', '~> 2.3.8'
-gem 'bootstrap-sass', '~> 3.3.0'
+gem 'addressable', '~> 2.3', '>= 2.3.8'
+gem 'bootstrap-sass', '~> 3.3'
gem 'font-awesome-rails', '~> 4.7'
gem 'gemojione', '~> 3.0'
-gem 'gon', '~> 6.1.0'
-gem 'jquery-atwho-rails', '~> 1.3.2'
-gem 'jquery-rails', '~> 4.1.0'
-gem 'jquery-ui-rails', '~> 5.0.0'
+gem 'gon', '~> 6.1'
-gem 'jquery-rails', '~> 4.1.0'
+gem 'gon', '~> 6.1'
+gem 'jquery-atwho-rails', '~> 1.3', '>= 1.3.2'
+gem 'jquery-rails', '~> 4.1'
+gem 'jquery-ui-rails', '~> 5.0'
gem 'request_store', '~> 1.3'
-gem 'select2-rails', '~> 3.5.9'
-gem 'virtus', '~> 1.0.1'
-gem 'net-ssh', '~> 3.0.1'
+gem 'select2-rails', '~> 3.5', '>= 3.5.9'
+gem 'virtus', '~> 1.0', '>= 1.0.1'
+gem 'net-ssh', '~> 3.0', '>= 3.0.1'
gem 'base32', '~> 0.3.0'
+gem 'jquery-rails', '~> 4.1'
gem 'request_store', '~> 1.3'
-gem 'select2-rails', '~> 3.5.9'
-gem 'virtus', '~> 1.0.1'
-gem 'net-ssh', '~> 3.0.1'
+gem 'select2-rails', '~> 3.5', '>= 3.5.9'
+gem 'virtus', '~> 1.0', '>= 1.0.1'
+gem 'net-ssh', '~> 3.0', '>= 3.0.1'
gem 'base32', '~> 0.3.0'
# Sentry integration
-gem 'sentry-raven', '~> 2.0.0'
+gem 'sentry-raven', '~> 2.0'
-gem 'sentry-raven', '~> 2.4.0'
+gem 'sentry-raven', '~> 2.4'
-gem 'premailer-rails', '~> 1.9.0'
+gem 'premailer-rails', '~> 1.9'
# I18n
-gem 'ruby_parser', '~> 3.8.4', require: false
-gem 'gettext_i18n_rails', '~> 1.8.0'
-gem 'gettext_i18n_rails_js', '~> 1.2.0'
+gem 'ruby_parser', '~> 3.8', '>= 3.8.4', require: false
+gem 'gettext_i18n_rails', '~> 1.8'
+gem 'gettext_i18n_rails_js', '~> 1.2'
gem 'gettext', '~> 3.2.2', require: false, group: :development
# Metrics
group :metrics do
@@ -323,7 +323,7 @@
gem 'newrelic_rpm', '~> 3.16'
-gem 'octokit', '~> 4.3.0'
+gem 'octokit', '~> 4.3'
gem 'mail_room', '~> 0.8.1'
@@ -332,18 +332,18 @@
gem 'ruby-prof', '~> 0.16.2'
## CI
-gem 'activerecord-session_store', '~> 1.0.0'
+gem 'activerecord-session_store', '~> 1.0'
gem 'nested_form', '~> 0.3.2'
# OAuth
-gem 'oauth2', '~> 1.2.0'
+gem 'oauth2', '~> 1.2'
# Soft deletion
gem 'paranoia', '~> 2.0'
# Health check
-gem 'health_check', '~> 2.2.0'
+gem 'health_check', '~> 2.2'
# System information
gem 'vmstat', '~> 2.2'
-gem 'sys-filesystem', '~> 1.1.6'
+gem 'sys-filesystem', '~> 1.1', '>= 1.1.6'

102
debian/patches/0100-remove-development-test.patch vendored
View file

@ -2,110 +2,74 @@ Bundler will fail when it can't find these locally
--- a/Gemfile
+++ b/Gemfile
@@ -242,87 +242,34 @@
@@ -272,70 +272,6 @@
gem 'influxdb', '~> 0.2', require: false
end
-group :development do
- gem 'foreman', '~> 0.78.0'
- gem 'brakeman', '~> 3.3.0', require: false
- gem 'brakeman', '~> 3.6.0', require: false
-
- gem 'letter_opener_web', '~> 1.3.0'
- gem 'rerun', '~> 0.11.0'
- gem 'bullet', '~> 5.2.0', require: false
- gem 'rblineprof', '~> 0.3.6', platform: :mri, require: false
- gem 'web-console', '~> 2.0'
-
- # Better errors handler
- gem 'better_errors', '~> 1.0.1'
- gem 'better_errors', '~> 2.1.0'
- gem 'binding_of_caller', '~> 0.7.2'
+#group :development, :test do
+if ENV["INCLUDE_TEST_DEPENDS"] == "true"
+ gem 'database_cleaner', '~> 1.5'
+ gem 'factory_girl_rails', '~> 4.6'
+ gem 'rspec-rails', '~> 3.4'
- # Docs generator
- gem 'sdoc', '~> 0.3.20'
-
- # thin instead webrick
- gem 'thin', '~> 1.7.0'
-end
-
-group :development, :test do
- gem 'byebug', '~> 8.2.1', platform: :mri
- gem 'bullet', '~> 5.5.0', require: !!ENV['ENABLE_BULLET']
- gem 'pry-byebug', '~> 3.4.1', platform: :mri
- gem 'pry-rails', '~> 0.3.4'
-
- gem 'awesome_print', '~> 1.2.0', require: false
- gem 'fuubar', '~> 2.0.0'
-
- gem 'database_cleaner', '~> 1.5.0'
- gem 'factory_girl_rails', '~> 4.6.0'
- gem 'rspec-rails', '~> 3.5.0'
- gem 'rspec-retry', '~> 0.4.5'
- gem 'spinach-rails', '~> 0.2.1'
- gem 'database_cleaner', '~> 1.5.0'
- gem 'factory_girl_rails', '~> 4.7.0'
- gem 'rspec-rails', '~> 3.5.0'
- gem 'rspec-retry', '~> 0.4.5'
- gem 'spinach-rails', '~> 0.2.1'
- gem 'spinach-rerun-reporter', '~> 0.0.2'
+ gem 'awesome_print', '~> 1.2', require: false
+ gem 'fuubar', '~> 2.0'
# Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826)
- gem 'rspec_profiling', '~> 0.0.5'
- gem 'rspec-set', '~> 0.1.3'
-
- # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826)
- gem 'minitest', '~> 5.7.0'
+ gem 'minitest', '~> 5.7'
# Generate Fake data
- gem 'ffaker', '~> 2.0.0'
-
- gem 'capybara', '~> 2.6.2'
- # Generate Fake data
- gem 'ffaker', '~> 2.4'
-
- gem 'capybara', '~> 2.6.2'
- gem 'capybara-screenshot', '~> 1.0.0'
- gem 'poltergeist', '~> 1.9.0'
- gem 'poltergeist', '~> 1.9.0'
-
- gem 'teaspoon', '~> 1.1.0'
- gem 'teaspoon-jasmine', '~> 2.2.0'
- gem 'spring', '~> 2.0.0'
- gem 'spring-commands-rspec', '~> 1.0.4'
- gem 'spring-commands-spinach', '~> 1.1.0'
-
- gem 'spring', '~> 1.7.0'
- gem 'spring-commands-rspec', '~> 1.0.4'
- gem 'spring-commands-spinach', '~> 1.1.0'
- gem 'spring-commands-teaspoon', '~> 0.0.2'
-
- gem 'rubocop', '~> 0.43.0', require: false
- gem 'rubocop-rspec', '~> 1.5.0', require: false
- gem 'rubocop', '~> 0.47.1', require: false
- gem 'rubocop-rspec', '~> 1.15.0', require: false
- gem 'scss_lint', '~> 0.47.0', require: false
- gem 'haml_lint', '~> 0.18.2', require: false
- gem 'simplecov', '0.12.0', require: false
- gem 'flay', '~> 2.6.1', require: false
- gem 'haml_lint', '~> 0.21.0', require: false
- gem 'simplecov', '~> 0.14.0', require: false
- gem 'flay', '~> 2.8.0', require: false
- gem 'bundler-audit', '~> 0.5.0', require: false
-
- gem 'benchmark-ips', '~> 2.3.0', require: false
+ gem 'ffaker', '~> 2.0'
-
- gem 'license_finder', '~> 2.1.0', require: false
- gem 'knapsack', '~> 1.11.0'
-
- gem 'activerecord_sane_schema_dumper', '0.2'
-
- gem 'stackprof', '~> 0.2.10'
-end
-
-group :test do
- gem 'shoulda-matchers', '~> 2.8.0', require: false
- gem 'email_spec', '~> 1.6.0'
- gem 'json-schema', '~> 2.6.2'
- gem 'webmock', '~> 1.21.0'
- gem 'test_after_commit', '~> 0.4.2'
- gem 'sham_rack', '~> 1.3.6'
+ gem 'capybara', '~> 2.5'
+ gem 'capybara-screenshot', '~> 1.0'
+ gem 'poltergeist', '~> 1.9'
+
+ gem 'license_finder', '~> 2.1', require: false
+ gem 'shoulda-matchers', '~> 2.8', require: false
+ gem 'email_spec', '~> 1.6'
+ gem 'json-schema', '~> 2.6', '>= 2.6.2'
+ gem 'webmock', '~> 1.21'
+ gem 'sham_rack', '~> 1.3', '>= 1.3.6'
gem 'timecop', '~> 0.8.0'
end
-gem 'newrelic_rpm', '~> 3.16'
-
gem 'octokit', '~> 4.3'
gem 'mail_room', '~> 0.8.1'
group :test do
gem 'shoulda-matchers', '~> 2.8.0', require: false
gem 'email_spec', '~> 1.6.0'

12
debian/patches/0108-make-mysql-optional.patch vendored
View file

@ -7,11 +7,9 @@ Subject: [PATCH] allow specifying DB choice via ENV variable
Gemfile | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
Index: gitlab/Gemfile
===================================================================
--- gitlab.orig/Gemfile
+++ gitlab/Gemfile
@@ -13,8 +13,9 @@ gem 'sprockets-es6', '~> 0.9.2'
--- a/Gemfile
+++ b/Gemfile
@@ -12,8 +12,9 @@
gem 'default_value_for', '~> 3.0'
# Supported DBs
@ -21,5 +19,5 @@ Index: gitlab/Gemfile
+gem "mysql2", '~> 0.3.16' if ENV["DB"] == "all" || ENV["DB"] == "mysql"
+gem "pg", '~> 0.18.2' if ENV["DB"] == "all" || ENV["DB"] == "postgres"
# Authentication libraries
gem 'devise', '~> 4.2'
gem 'rugged', '~> 0.25.1.1'

41
debian/patches/0210-use-jquery-ui-rails6.patch vendored
View file

@ -1,41 +0,0 @@
adapt gitlab to use jquery-ui 6 directory structure
--- a/Gemfile
+++ b/Gemfile
@@ -224,7 +224,7 @@
gem 'gon', '~> 6.1'
gem 'jquery-atwho-rails', '~> 1.3', '>= 1.3.2'
gem 'jquery-rails', '~> 4.1'
-gem 'jquery-ui-rails', '~> 5.0'
+gem 'jquery-ui-rails', '~> 6.0'
gem 'request_store', '~> 1.3'
gem 'select2-rails', '~> 3.5', '>= 3.5.9'
gem 'virtus', '~> 1.0', '>= 1.0.1'
--- a/app/assets/javascripts/application.js
+++ b/app/assets/javascripts/application.js
@@ -5,11 +5,11 @@
// the compiled file.
//
/*= require jquery2 */
-/*= require jquery-ui/autocomplete */
-/*= require jquery-ui/datepicker */
-/*= require jquery-ui/draggable */
-/*= require jquery-ui/effect-highlight */
-/*= require jquery-ui/sortable */
+/*= require jquery-ui/widgets/autocomplete */
+/*= require jquery-ui/widgets/datepicker */
+/*= require jquery-ui/widgets/draggable */
+/*= require jquery-ui/effects/effect-highlight */
+/*= require jquery-ui/widgets/sortable */
/*= require jquery_ujs */
/*= require jquery.cookie */
/*= require jquery.endless-scroll */
--- a/spec/javascripts/new_branch_spec.js
+++ b/spec/javascripts/new_branch_spec.js
@@ -1,5 +1,5 @@
-/*= require jquery-ui/autocomplete */
+/*= require jquery-ui/widgets/autocomplete */
/*= require new_branch_form */
(function() {

39
debian/patches/0220-relax-dependencies.patch vendored
View file

@ -1,29 +1,20 @@
--- a/Gemfile
+++ b/Gemfile
@@ -172,7 +172,7 @@
gem 'slack-notifier', '~> 1.2'
# Asana integration
-gem 'asana', '~> 0.4.0'
+gem 'asana', '~> 0.4'
# FogBugz integration
gem 'ruby-fogbugz', '~> 0.2.1'
@@ -228,7 +228,7 @@
gem 'request_store', '~> 1.3'
gem 'select2-rails', '~> 3.5', '>= 3.5.9'
gem 'virtus', '~> 1.0', '>= 1.0.1'
-gem 'net-ssh', '~> 3.0', '>= 3.0.1'
+gem 'net-ssh', '~> 4.0'
gem 'base32', '~> 0.3.0'
@@ -252,7 +252,7 @@
gem 'request_store', '~> 1.3'
gem 'select2-rails', '~> 3.5', '>= 3.5.9'
gem 'virtus', '~> 1.0', '>= 1.0.1'
-gem 'net-ssh', '~> 3.0', '>= 3.0.1'
+gem 'net-ssh', '~> 4.0'
gem 'base32', '~> 0.3.0'
# Sentry integration
@@ -266,7 +266,7 @@
gem 'shoulda-matchers', '~> 2.8', require: false
gem 'email_spec', '~> 1.6'
gem 'json-schema', '~> 2.6', '>= 2.6.2'
- gem 'webmock', '~> 1.21'
+ gem 'webmock', '>= 1.21'
gem 'sham_rack', '~> 1.3', '>= 1.3.6'
@@ -277,7 +277,7 @@
gem 'shoulda-matchers', '~> 2.8.0', require: false
gem 'email_spec', '~> 1.6.0'
gem 'json-schema', '~> 2.6.2'
- gem 'webmock', '~> 1.24.0'
+ gem 'webmock', '>= 1.24.0'
gem 'test_after_commit', '~> 1.1'
gem 'sham_rack', '~> 1.3.6'
gem 'timecop', '~> 0.8.0'
end

438
debian/patches/0300-git-2-11-support.patch vendored
View file

@ -1,438 +0,0 @@
From daf83fa62c940b0da7dc4e0893586b6a9a2dbbf9 Mon Sep 17 00:00:00 2001
From: Douglas Barbosa Alexandre <dbalexandre@gmail.com>
Date: Mon, 19 Dec 2016 09:37:16 +0000
Subject: [PATCH 1/3] [8.13 Backport] Merge branch
'25301-git-2.11-force-push-bug' into 'master'
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Accept environment variables from the `pre-receive` script
1. Starting version 2.11, git changed the way the pre-receive flow works.
- Previously, the new potential objects would be added to the main repo. If the pre-receive passes, the new objects stay in the repo but are linked up. If the pre-receive fails, the new objects stay orphaned in the repo, and are cleaned up during the next `git gc`.
- In 2.11, the new potential objects are added to a temporary "alternate object directory", that git creates for this purpose. If the pre-receive passes, the objects from the alternate object directory are migrated to the main repo. If the pre-receive fails the alternate object directory is simply deleted.
2. In our workflow, the pre-recieve script (in `gitlab-shell`) calls the
`/allowed` endpoint, which calls out directly to git to perform
various checks. These direct calls to git do _not_ have the necessary
environment variables set which allow access to the "alternate object
directory" (explained above). Therefore these calls to git are not able to
access any of the new potential objects to be added during this push.
3. We fix this by accepting the relevant environment variables
(`GIT_ALTERNATE_OBJECT_DIRECTORIES`, `GIT_OBJECT_DIRECTORY`, and
`GIT_QUARANTINE_PATH`) on the `/allowed` endpoint, and then include
these environment variables while calling out to git.
4. This commit includes these environment variables while making the "force
push" check.
See https://gitlab.com/gitlab-org/gitlab-shell/merge_requests/120
Signed-off-by: Rémy Coutable <remy@rymai.me>
---
.../unreleased/25301-git-2-11-force-push-bug.yml | 4 ++
lib/api/internal.rb | 14 +++++-
lib/gitlab/checks/change_access.rb | 5 +-
lib/gitlab/checks/force_push.rb | 11 +++--
lib/gitlab/git/rev_list.rb | 42 +++++++++++++++++
lib/gitlab/git_access.rb | 5 +-
lib/gitlab/popen.rb | 4 +-
spec/lib/gitlab/checks/force_push_spec.rb | 19 ++++++++
spec/lib/gitlab/git/rev_list_spec.rb | 53 ++++++++++++++++++++++
9 files changed, 147 insertions(+), 10 deletions(-)
create mode 100644 changelogs/unreleased/25301-git-2-11-force-push-bug.yml
create mode 100644 lib/gitlab/git/rev_list.rb
create mode 100644 spec/lib/gitlab/checks/force_push_spec.rb
create mode 100644 spec/lib/gitlab/git/rev_list_spec.rb
diff --git a/changelogs/unreleased/25301-git-2-11-force-push-bug.yml b/changelogs/unreleased/25301-git-2-11-force-push-bug.yml
new file mode 100644
index 0000000..afe5772
--- /dev/null
+++ b/changelogs/unreleased/25301-git-2-11-force-push-bug.yml
@@ -0,0 +1,4 @@
+---
+title: Accept environment variables from the `pre-receive` script
+merge_request: 7967
+author:
diff --git a/lib/api/internal.rb b/lib/api/internal.rb
index 9a5d1ec..89e47a7 100644
--- a/lib/api/internal.rb
+++ b/lib/api/internal.rb
@@ -43,6 +43,14 @@ module API
:push_code
]
end
+
+ def parse_allowed_environment_variables
+ return if params[:env].blank?
+
+ JSON.parse(params[:env])
+
+ rescue JSON::ParserError
+ end
end
post "/allowed" do
@@ -61,7 +69,11 @@ module API
if wiki?
Gitlab::GitAccessWiki.new(actor, project, protocol, authentication_abilities: ssh_authentication_abilities)
else
- Gitlab::GitAccess.new(actor, project, protocol, authentication_abilities: ssh_authentication_abilities)
+ Gitlab::GitAccess.new(actor,
+ project,
+ protocol,
+ authentication_abilities: ssh_authentication_abilities,
+ env: parse_allowed_environment_variables)
end
access_status = access.check(params[:action], params[:changes])
diff --git a/lib/gitlab/checks/change_access.rb b/lib/gitlab/checks/change_access.rb
index cb10652..3d20301 100644
--- a/lib/gitlab/checks/change_access.rb
+++ b/lib/gitlab/checks/change_access.rb
@@ -3,11 +3,12 @@ module Gitlab
class ChangeAccess
attr_reader :user_access, :project
- def initialize(change, user_access:, project:)
+ def initialize(change, user_access:, project:, env: {})
@oldrev, @newrev, @ref = change.values_at(:oldrev, :newrev, :ref)
@branch_name = Gitlab::Git.branch_name(@ref)
@user_access = user_access
@project = project
+ @env = env
end
def exec
@@ -68,7 +69,7 @@ module Gitlab
end
def forced_push?
- Gitlab::Checks::ForcePush.force_push?(@project, @oldrev, @newrev)
+ Gitlab::Checks::ForcePush.force_push?(@project, @oldrev, @newrev, env: @env)
end
def matching_merge_request?
diff --git a/lib/gitlab/checks/force_push.rb b/lib/gitlab/checks/force_push.rb
index 5fe8655..de0c904 100644
--- a/lib/gitlab/checks/force_push.rb
+++ b/lib/gitlab/checks/force_push.rb
@@ -1,15 +1,20 @@
module Gitlab
module Checks
class ForcePush
- def self.force_push?(project, oldrev, newrev)
+ def self.force_push?(project, oldrev, newrev, env: {})
return false if project.empty_repo?
# Created or deleted branch
if Gitlab::Git.blank_ref?(oldrev) || Gitlab::Git.blank_ref?(newrev)
false
else
- missed_ref, _ = Gitlab::Popen.popen(%W(#{Gitlab.config.git.bin_path} --git-dir=#{project.repository.path_to_repo} rev-list --max-count=1 #{oldrev} ^#{newrev}))
- missed_ref.present?
+ missed_ref, exit_status = Gitlab::Git::RevList.new(oldrev, newrev, project: project, env: env).execute
+
+ if exit_status == 0
+ missed_ref.present?
+ else
+ raise "Got a non-zero exit code while calling out to `git rev-list` in the force-push check."
+ end
end
end
end
diff --git a/lib/gitlab/git/rev_list.rb b/lib/gitlab/git/rev_list.rb
new file mode 100644
index 0000000..25e9d61
--- /dev/null
+++ b/lib/gitlab/git/rev_list.rb
@@ -0,0 +1,42 @@
+module Gitlab
+ module Git
+ class RevList
+ attr_reader :project, :env
+
+ ALLOWED_VARIABLES = %w[GIT_OBJECT_DIRECTORY GIT_ALTERNATE_OBJECT_DIRECTORIES].freeze
+
+ def initialize(oldrev, newrev, project:, env: nil)
+ @project = project
+ @env = env.presence || {}
+ @args = [Gitlab.config.git.bin_path,
+ "--git-dir=#{project.repository.path_to_repo}",
+ "rev-list",
+ "--max-count=1",
+ oldrev,
+ "^#{newrev}"]
+ end
+
+ def execute
+ Gitlab::Popen.popen(@args, nil, parse_environment_variables)
+ end
+
+ def valid?
+ environment_variables.all? do |(name, value)|
+ value.start_with?(project.repository.path_to_repo)
+ end
+ end
+
+ private
+
+ def parse_environment_variables
+ return {} unless valid?
+
+ environment_variables
+ end
+
+ def environment_variables
+ @environment_variables ||= env.slice(*ALLOWED_VARIABLES)
+ end
+ end
+ end
+end
diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb
index bcbf645..74e8713 100644
--- a/lib/gitlab/git_access.rb
+++ b/lib/gitlab/git_access.rb
@@ -17,12 +17,13 @@ module Gitlab
attr_reader :actor, :project, :protocol, :user_access, :authentication_abilities
- def initialize(actor, project, protocol, authentication_abilities:)
+ def initialize(actor, project, protocol, authentication_abilities:, env: {})
@actor = actor
@project = project
@protocol = protocol
@authentication_abilities = authentication_abilities
@user_access = UserAccess.new(user, project: project)
+ @env = env
end
def check(cmd, changes)
@@ -99,7 +100,7 @@ module Gitlab
end
def change_access_check(change)
- Checks::ChangeAccess.new(change, user_access: user_access, project: project).exec
+ Checks::ChangeAccess.new(change, user_access: user_access, project: project, env: @env).exec
end
def protocol_allowed?
diff --git a/lib/gitlab/popen.rb b/lib/gitlab/popen.rb
index cc74bb2..4bc5cda 100644
--- a/lib/gitlab/popen.rb
+++ b/lib/gitlab/popen.rb
@@ -5,13 +5,13 @@ module Gitlab
module Popen
extend self
- def popen(cmd, path = nil)
+ def popen(cmd, path = nil, vars = {})
unless cmd.is_a?(Array)
raise "System commands must be given as an array of strings"
end
path ||= Dir.pwd
- vars = { "PWD" => path }
+ vars['PWD'] = path
options = { chdir: path }
unless File.directory?(path)
diff --git a/spec/lib/gitlab/checks/force_push_spec.rb b/spec/lib/gitlab/checks/force_push_spec.rb
new file mode 100644
index 0000000..f628801
--- /dev/null
+++ b/spec/lib/gitlab/checks/force_push_spec.rb
@@ -0,0 +1,19 @@
+require 'spec_helper'
+
+describe Gitlab::Checks::ChangeAccess, lib: true do
+ let(:project) { create(:project) }
+
+ context "exit code checking" do
+ it "does not raise a runtime error if the `popen` call to git returns a zero exit code" do
+ allow(Gitlab::Popen).to receive(:popen).and_return(['normal output', 0])
+
+ expect { Gitlab::Checks::ForcePush.force_push?(project, 'oldrev', 'newrev') }.not_to raise_error
+ end
+
+ it "raises a runtime error if the `popen` call to git returns a non-zero exit code" do
+ allow(Gitlab::Popen).to receive(:popen).and_return(['error', 1])
+
+ expect { Gitlab::Checks::ForcePush.force_push?(project, 'oldrev', 'newrev') }.to raise_error(RuntimeError)
+ end
+ end
+end
diff --git a/spec/lib/gitlab/git/rev_list_spec.rb b/spec/lib/gitlab/git/rev_list_spec.rb
new file mode 100644
index 0000000..444639a
--- /dev/null
+++ b/spec/lib/gitlab/git/rev_list_spec.rb
@@ -0,0 +1,53 @@
+require 'spec_helper'
+
+describe Gitlab::Git::RevList, lib: true do
+ let(:project) { create(:project) }
+
+ context "validations" do
+ described_class::ALLOWED_VARIABLES.each do |var|
+ context var do
+ it "accepts values starting with the project repo path" do
+ env = { var => "#{project.repository.path_to_repo}/objects" }
+ rev_list = described_class.new('oldrev', 'newrev', project: project, env: env)
+
+ expect(rev_list).to be_valid
+ end
+
+ it "rejects values starting not with the project repo path" do
+ env = { var => "/some/other/path" }
+ rev_list = described_class.new('oldrev', 'newrev', project: project, env: env)
+
+ expect(rev_list).not_to be_valid
+ end
+
+ it "rejects values containing the project repo path but not starting with it" do
+ env = { var => "/some/other/path/#{project.repository.path_to_repo}" }
+ rev_list = described_class.new('oldrev', 'newrev', project: project, env: env)
+
+ expect(rev_list).not_to be_valid
+ end
+ end
+ end
+ end
+
+ context "#execute" do
+ let(:env) { { "GIT_OBJECT_DIRECTORY" => project.repository.path_to_repo } }
+ let(:rev_list) { Gitlab::Git::RevList.new('oldrev', 'newrev', project: project, env: env) }
+
+ it "calls out to `popen` without environment variables if the record is invalid" do
+ allow(rev_list).to receive(:valid?).and_return(false)
+
+ expect(Open3).to receive(:popen3).with(hash_excluding(env), any_args)
+
+ rev_list.execute
+ end
+
+ it "calls out to `popen` with environment variables if the record is valid" do
+ allow(rev_list).to receive(:valid?).and_return(true)
+
+ expect(Open3).to receive(:popen3).with(hash_including(env), any_args)
+
+ rev_list.execute
+ end
+ end
+end
--
2.10.2
From 0ce20138298eaebfb9e8225d21e7b0088716e5ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Tue, 20 Dec 2016 09:45:37 +0100
Subject: [PATCH 2/3] Reject blank environment vcariables in
Gitlab::Git::RevList
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Rémy Coutable <remy@rymai.me>
---
lib/gitlab/git/rev_list.rb | 4 ++--
spec/lib/gitlab/git/rev_list_spec.rb | 7 +++++++
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/lib/gitlab/git/rev_list.rb b/lib/gitlab/git/rev_list.rb
index 25e9d61..79dd0cf 100644
--- a/lib/gitlab/git/rev_list.rb
+++ b/lib/gitlab/git/rev_list.rb
@@ -22,7 +22,7 @@ module Gitlab
def valid?
environment_variables.all? do |(name, value)|
- value.start_with?(project.repository.path_to_repo)
+ value.to_s.start_with?(project.repository.path_to_repo)
end
end
@@ -35,7 +35,7 @@ module Gitlab
end
def environment_variables
- @environment_variables ||= env.slice(*ALLOWED_VARIABLES)
+ @environment_variables ||= env.slice(*ALLOWED_VARIABLES).compact
end
end
end
diff --git a/spec/lib/gitlab/git/rev_list_spec.rb b/spec/lib/gitlab/git/rev_list_spec.rb
index 444639a..1f9c987 100644
--- a/spec/lib/gitlab/git/rev_list_spec.rb
+++ b/spec/lib/gitlab/git/rev_list_spec.rb
@@ -26,6 +26,13 @@ describe Gitlab::Git::RevList, lib: true do
expect(rev_list).not_to be_valid
end
+
+ it "ignores nil values" do
+ env = { var => nil }
+ rev_list = described_class.new('oldrev', 'newrev', project: project, env: env)
+
+ expect(rev_list).to be_valid
+ end
end
end
end
--
2.10.2
From b54b031638e7a98c1e51b369cff53602db40e4b0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Mon, 6 Feb 2017 10:04:21 +0100
Subject: [PATCH 3/3] Update gitlab-shell to 3.6.7
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Rémy Coutable <remy@rymai.me>
---
changelogs/unreleased/use-gitlab-shell-3-6-7.yml | 4 ++++
doc/update/8.12-to-8.13.md | 4 ++--
3 files changed, 7 insertions(+), 3 deletions(-)
create mode 100644 changelogs/unreleased/use-gitlab-shell-3-6-7.yml
diff --git a/changelogs/unreleased/use-gitlab-shell-3-6-7.yml b/changelogs/unreleased/use-gitlab-shell-3-6-7.yml
new file mode 100644
index 0000000..c6600ce
--- /dev/null
+++ b/changelogs/unreleased/use-gitlab-shell-3-6-7.yml
@@ -0,0 +1,4 @@
+---
+title: Use gitlab-shell v3.6.7
+merge_request:
+author:
diff --git a/doc/update/8.12-to-8.13.md b/doc/update/8.12-to-8.13.md
index c0084d9..6457ec9 100644
--- a/doc/update/8.12-to-8.13.md
+++ b/doc/update/8.12-to-8.13.md
@@ -72,7 +72,7 @@ sudo -u git -H git checkout 8-13-stable-ee
```bash
cd /home/git/gitlab-shell
sudo -u git -H git fetch --all --tags
-sudo -u git -H git checkout v3.6.6
+sudo -u git -H git checkout v3.6.7
```
### 6. Update gitlab-workhorse
@@ -166,7 +166,7 @@ See [smtp_settings.rb.sample] as an example.
Ensure you're still up-to-date with the latest init script changes:
sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
-
+
For Ubuntu 16.04.1 LTS:
sudo systemctl daemon-reload
--
2.10.2

13
debian/patches/052-relax-grape.patch vendored
View file

@ -1,13 +0,0 @@
https://gitlab.com/gitlab-org/gitlab-ce/issues/19670
--- a/Gemfile
+++ b/Gemfile
@@ -68,7 +68,7 @@
gem 'github-linguist', '~> 4.7', require: 'linguist'
# API
-gem 'grape', '~> 0.15.0'
+gem 'grape', '~> 0.16.0'
gem 'grape-entity', '~> 0.6.0'
gem 'rack-cors', '~> 0.4.0', require: 'rack/cors'

47
debian/patches/cve-2016-9086-fix.patch vendored
View file

@ -1,47 +0,0 @@
Description: Fix file disclosure via hidden symlinks using the project import
Author: Rémy Coutable <remy@gitlab.com>
Bug: https://gitlab.com/gitlab-org/gitlab-ce/issues/36091
Last-Update: 2017-08-17
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/lib/gitlab/import_export/file_importer.rb
+++ b/lib/gitlab/import_export/file_importer.rb
@@ -47,12 +47,16 @@
end
def remove_symlinks!
- Dir["#{@shared.export_path}/**/*"].each do |path|
+ extracted_files.each do |path|
FileUtils.rm(path) if File.lstat(path).symlink?
end
true
end
+
+ def extracted_files
+ Dir.glob("#{@shared.export_path}/**/*", File::FNM_DOTMATCH).reject { |f| f =~ /.*\/\.{1,2}$/ }
+ end
end
end
end
--- a/spec/lib/gitlab/import_export/file_importer_spec.rb
+++ b/spec/lib/gitlab/import_export/file_importer_spec.rb
@@ -5,6 +5,7 @@
let(:export_path) { "#{Dir::tmpdir}/file_importer_spec" }
let(:valid_file) { "#{shared.export_path}/valid.json" }
let(:symlink_file) { "#{shared.export_path}/invalid.json" }
+ let(:hidden_symlink_file) { "#{shared.export_path}/.hidden" }
let(:subfolder_symlink_file) { "#{shared.export_path}/subfolder/invalid.json" }
before do
@@ -25,6 +26,10 @@
expect(File.exist?(symlink_file)).to be false
end
+ it 'removes hidden symlinks in root folder' do
+ expect(File.exist?(hidden_symlink_file)).to be false
+ end
+
it 'removes symlinks in subfolders' do
expect(File.exist?(subfolder_symlink_file)).to be false
end

26
debian/patches/cve-2017-0882.patch vendored
View file

@ -1,26 +0,0 @@
diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index cb64926..d7928cb 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -112,7 +112,7 @@ class Projects::IssuesController < Projects::ApplicationController
end
format.json do
- render json: @issue.to_json(include: { milestone: {}, assignee: { methods: :avatar_url }, labels: { methods: :text_color } })
+ render json: @issue.to_json(include: { milestone: {}, assignee: { only: [:name, :username], methods: [:avatar_url] }, labels: { methods: :text_color } })
end
end
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index 6e15c06..317011c 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -278,7 +278,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
@merge_request.target_project, @merge_request])
end
format.json do
- render json: @merge_request.to_json(include: { milestone: {}, assignee: { methods: :avatar_url }, labels: { methods: :text_color } })
+ render json: @merge_request.to_json(include: { milestone: {}, assignee: { only: [:name, :username], methods: [:avatar_url] }, labels: { methods: :text_color } })
end
end
else

6
debian/patches/series vendored
View file

@ -1,14 +1,8 @@
cve-2016-9086-fix.patch
0005-use-debian-omniauth-ldap.patch
0018-loosen-rdoc.patch
0050-relax-stable-libs.patch
0100-remove-development-test.patch
0108-make-mysql-optional.patch
source-init-functions.patch
pid-log-paths.patch
052-relax-grape.patch
0200-remove-order-dependency-in-label-finder-spec.patch
0210-use-jquery-ui-rails6.patch
0220-relax-dependencies.patch
0300-git-2-11-support.patch
cve-2017-0882.patch