gitlab (13.1.3-1) experimental; urgency=medium * Use packaged versions of d3 and d3-sankey node modules * Use packaged version of codemirror * New upstream version 13.1.3 (Fixes: CVE-2020-15525) -- Pirate Praveen Thu, 09 Jul 2020 12:54:05 +0530 gitlab (13.1.2-1) experimental; urgency=medium * New upstream version 13.1.2 with many security fixes (CVE IDs not assigned yet) * Refresh patches * Update minimum version of ruby-kaminari to 1.2.1 -- Pirate Praveen Thu, 02 Jul 2020 01:55:18 +0530 gitlab (13.1.1-1) experimental; urgency=medium * Use packaged version of node-compression-webpack-plugin * Update minimum version of ruby-oauth2 to 1.4.4 * Add patch to fix ruby 2.5 compatibility issue * Use packaged versions: node-brace-expansion and node-cache-loader * Use packaged version of node-glob * New upstream version 13.1.1 * Update minimum version of ruby-mail-room * Refresh patches -- Pirate Praveen Wed, 01 Jul 2020 17:09:20 +0530 gitlab (13.1.0-1) experimental; urgency=medium * Update minimum version of webpack to 4.30~ * Drop dependency on ruby-liquid and ruby-influxdb * New upstream version 13.1.0 * Refresh patches * Update debian/upstream-file-list for new release * Relax dependency on faraday gem * Add rack-timeout gem to Gemfile * Tighten dependencies (remove ruby-omniauth-ultraauth) * Update dependencies on ruby-faraday, ruby-sentry-raven and ruby-grape-entity * Switch to using structure.sql from schema.rb for database initialization -- Pirate Praveen Mon, 29 Jun 2020 15:51:48 +0530 gitlab (13.0.6-2) experimental; urgency=medium * Switch to using structure.sql from schema.rb for database initialization * Add rack-timeout gem to Gemfile * Relax dependency on ruby-grape-entity -- Pirate Praveen Sat, 27 Jun 2020 23:07:50 +0530 gitlab (13.0.6-1) experimental; urgency=medium * New upstream version 13.0.6 with a security fix (CVE ID not assigned yet) -- Pirate Praveen Thu, 11 Jun 2020 17:01:47 +0530 gitlab (13.0.4-1) experimental; urgency=medium * Add link to issue about missing rack-timeout * Tighten dependency on ruby-gitaly and yarnpkg * Update minimum version for rm_conffile to include 12.10.7 * New upstream version 13.0.4 with a security fix (CVE ID not assigned yet) -- Pirate Praveen Thu, 04 Jun 2020 15:26:50 +0530 gitlab (13.0.3-1) experimental; urgency=medium * New upstream version 13.0.0 * Refresh patches * Handle newly added files in this release * Add (ruby-)rack-timeout to Gemfile and Depends * Remove obsolete initializer from /etc/gitlab * Use packaged version of node-vue-template-compiler * Tighten minimum version of gitaly * New upstream version 13.0.3 -- Pirate Praveen Sat, 30 May 2020 21:13:54 +0530 gitlab (12.10.7-1) experimental; urgency=medium * New upstream version 12.10.7 with many security fixes (CVE IDs not assigned yet) -- Pirate Praveen Thu, 28 May 2020 23:13:13 +0530 gitlab (12.10.3-3) experimental; urgency=medium * Update css-loader options in config/webpack.config.js -- Pirate Praveen Mon, 18 May 2020 16:35:38 +0530 gitlab (12.10.3-2) experimental; urgency=medium * Update dependency on node-css-loader to 2.1.1 -- Pirate Praveen Sat, 16 May 2020 15:57:44 +0530 gitlab (12.10.3-1) experimental; urgency=medium * New upstream version 12.10.3 * Use packaged version of vue node module * Update minimum version of ruby-faraday -- Pirate Praveen Sat, 09 May 2020 16:28:56 +0530 gitlab (12.10.2-2) experimental; urgency=medium * Use packaged version of node-babel-loader * Relax dependency on net-ssh gem to allow new major version -- Pirate Praveen Mon, 04 May 2020 07:00:12 +0530 gitlab (12.10.2-1) experimental; urgency=medium * Fix debian/watch for new gitlab.com tags page change * New upstream version 12.10.2 (Fixes: CVE-2020-12448, CVE-2020-10187) * Update minimum version of ruby-nokogiri to 1.10.9 -- Pirate Praveen Fri, 01 May 2020 12:38:53 +0530 gitlab (12.10.1-1) experimental; urgency=medium * Use packaged version of babel node module * New upstream version 12.10.1 -- Pirate Praveen Sat, 25 Apr 2020 11:02:26 +0530 gitlab (12.10.0-1) experimental; urgency=medium * Drop embedded copy of derailed_benchmarks and use packaged version * Stop excluding non-dfsg files (removed upstream) * New upstream version 12.10.0 * Refresh patches * Update gitlab.install (remove files not present) * Update upstream file list * Tighten dependencies * Fix typo in dependency name * Update lintian overrides * Make db/structure.sql writable by gitlab user * Tighten dependency on gitaly * Remove initializer not needed (we have the required rails version) * Relax dependency on gitaly ruby gem in Gemfile -- Pirate Praveen Wed, 22 Apr 2020 23:51:56 +0530 gitlab (12.9.3+dfsg-1) experimental; urgency=medium * New upstream version 12.9.3+dfsg (Fixes: CVE-2020-11505, CVE-2020-11506, CVE-2020-11649) * Refresh patches -- Pirate Praveen Wed, 15 Apr 2020 14:49:03 +0530 gitlab (12.9.2+dfsg-1) experimental; urgency=medium * Exclude one_password binaries and embed snowplow-javascript-tracker (Closes: #943987) * New upstream version 12.9.2+dfsg * Add comments to all patches -- Pirate Praveen Mon, 13 Apr 2020 15:19:33 +0530 gitlab (12.9.2-6) experimental; urgency=medium * Move source package also to contrib as gitlab-common is moved to src:gitaly * Update lintian overrides * Update copyright file with missing attributions -- Pirate Praveen Sun, 12 Apr 2020 19:46:25 +0530 gitlab (12.9.2-5) experimental; urgency=medium [ vv221 ] * Build assets generated by webpack in production mode (Closes: #956508, #927297) [ Pirate Praveen ] * Drop gitlab-common binary (moved to src:gitaly) * Drop work around for missing assets/select2.png (not required in NODE_ENV=production mode for webpack) -- Pirate Praveen Sun, 12 Apr 2020 17:52:22 +0530 gitlab (12.9.2-4) experimental; urgency=medium * Remove --max-old-path option to webpack (correctly passed in NODE_OPTIONS) * Exclude packaged modules from transpiling (webpack/babel-loader) (Closes: #956449) -- Pirate Praveen Sat, 11 Apr 2020 19:53:38 +0530 gitlab (12.9.2-3) experimental; urgency=medium * Tighten dependency on gitlab-common -- Pirate Praveen Sat, 11 Apr 2020 16:37:06 +0530 gitlab (12.9.2-2) experimental; urgency=medium * Tighten dependency on ruby-graphql (for backports) * Pass NODE_OPTIONS="--max-old-space-size=2048" to webpack to work with nodejs 10 (Closes: #956211) -- Pirate Praveen Sat, 11 Apr 2020 01:29:14 +0530 gitlab (12.9.2-1) experimental; urgency=medium * Switch to gitlab's fork of derailed_benchmarks gem * New upstream version 12.9.2 * Change dependency: ruby-slack-notifier -> ruby-slack-messenger * Tighten dependencies: ruby-rouge, ruby-diffy, ruby-gitlab-labkit * Tighten dependencies: ruby-mail-room, ruby-gitaly, gitaly * Tighten dependencies: gitlab-shell, gitlab-workhorse * Update node-* dependencies * Remove dependencies: node-cache-loader, node-raw-loader, node-file-loader * Update minimum version of nodejs to 12 (See #956211) * Add special handling for webpack to find .json file (Closes: #956218) * Override json evil license lintian error (listed as an example license) -- Pirate Praveen Fri, 10 Apr 2020 09:25:28 +0530 gitlab (12.8.8-6) experimental; urgency=medium * Start nginx after letsencrypt configuration * Drop dependency on libjs-pdf (not needed anymore) * Remove obsolete initializer: active_record_becomes.rb (Closes: #955732) -- Pirate Praveen Sat, 04 Apr 2020 16:11:16 +0530 gitlab (12.8.8-5) experimental; urgency=medium * Add a work around for missing assets/select2.png error on web console (See upstream issue #213245) -- Pirate Praveen Fri, 03 Apr 2020 17:44:31 +0530 gitlab (12.8.8-4) experimental; urgency=medium * Refresh protobuf compat patch (remove fuzz) * Use jquery.waitforimages from npmjs.com (packaged version is broken) -- Pirate Praveen Thu, 02 Apr 2020 20:22:43 +0530 gitlab (12.8.8-3) experimental; urgency=medium * Tighten dependencies for dependencies in buster-backports * Tighten dependency on ruby-grape-path-helpers (fixes issue creation) -- Pirate Praveen Wed, 01 Apr 2020 20:24:55 +0530 gitlab (12.8.8-2) experimental; urgency=medium * Exclude core-js from transpiling (Closes: #954993) -- Pirate Praveen Sat, 28 Mar 2020 19:55:14 +0530 gitlab (12.8.8-1) experimental; urgency=medium * New upstream version 12.8.8 (Fixes: CVE-2020-9795, CVE-2020-10956, CVE-2020-10955, CVE-2020-10954, CVE-2020-10952) * Bump Standards-Version to 4.5.0 (no changes needed) * Add new dependencies for embedded derailed_benchmarks gem -- Pirate Praveen Sat, 28 Mar 2020 18:12:33 +0530 gitlab (12.8.6-1) experimental; urgency=medium [ Sruthi Chandran ] * New upstream version 12.8.6 * Update embedded module versions * Remove embedded doorkeeper as it is available in experimental * Deleted patches already applied upstream - 0488-relax-rdoc.patch, 0670-allow-doorkeepr-4_3.patch, 0770-bump-node-d3.patch * Refresh patches [ Pirate Praveen ] * Add ruby-stackprof as dependency * Drop unused patch files * Drop patch to lower minimum ruby version (already satsfied in buster) * Removed now unused d3 modules from dependencies * Tighten dependency on ruby-method-source and ruby-grape * Cherry pick patch from upstream merge request to support grape 1.3 * Fix protobuf compatibility issue with patch (Closes: #942633) * Tighten dependency on ruby-rack and ruby-rails -- Pirate Praveen Thu, 26 Mar 2020 17:25:38 +0530 gitlab (12.6.8-2) experimental; urgency=medium * Relax dependency on rails in Gemfile * Relax deckar01-task_list dependency in Gemfile -- Pirate Praveen Tue, 17 Mar 2020 17:31:39 +0530 gitlab (12.6.8-1) experimental; urgency=medium * Refresh stable gems in test group * Update autopkgtest Depends * Include development, test group in Gemfile for autopkgtest * Use packaged version of node-xterm * New upstream version 12.6.8 -- Pirate Praveen Sat, 07 Mar 2020 23:23:03 +0530 gitlab (12.6.7-2) experimental; urgency=medium * Use more packaged node modules * Don't run full autopkgtest till some gems are packaged -- Pirate Praveen Sun, 23 Feb 2020 19:48:40 +0530 gitlab (12.6.7-1) experimental; urgency=medium [ Abhijith PA ] * New upstream version 12.6.6 (Fixes: CVE-2020-7973, CVE-2020-7968) * Remove patch 0760-bump-rubyzip.patch * Refresh patches. [ Pirate Praveen ] * Update minimum version of ruby-excon and ruby-rack-cors * New upstream version 12.6.7 * Relax ruby-rack-cors version in Gemfile * Add lines removed by mistake in an earlier commit * Relax dependency on rdoc (ruby 2.5 comes with rdoc 6.0) * Refresh patches again to relax all stable gems -- Pirate Praveen Sat, 15 Feb 2020 14:12:32 +0100 gitlab (12.6.4-1) experimental; urgency=medium * New upstream version 12.6.4 * Fix and restore 0740-use-packaged-modules.patch contents of which was deleted by mistake earlier * Remove embedded core-js as required version is now available -- Sruthi Chandran Tue, 14 Jan 2020 01:24:48 +0530 gitlab (12.6.2-2) experimental; urgency=medium [ Utkarsh Gupta ] * Embed doorkeeper (Closes: #947754) * Fix d/control [ Sruthi Chandran ] * Remove .eslintrc.yml files to fix lintian errors * Remove embedded module heapy as packaged version is now available -- Utkarsh Gupta Sat, 04 Jan 2020 02:59:10 +0530 gitlab (12.6.2-1) experimental; urgency=medium * New upstream version 12.6.2 (Fixes: CVE-2019-20142, CVE-2019-20143, CVE-2019-20144, CVE-2019-20145, CVE-2019-20146, CVE-2019-20147, CVE-2019-20148, CVE-2020-5197) -- Pirate Praveen Fri, 03 Jan 2020 19:14:46 +0530 gitlab (12.6.1-1) experimental; urgency=medium [ Sruthi Chandran ] * New upstream version 12.6.1 * Remove embedded gitlab peek as no longer required * Refresh patches * Override false lintian error [ Pirate Praveen ] * Tighten dependencies * Remove gitlab-peek from upstream-file-list (component removed) * Update minimum version of ruby-aws-sdk for bug fix * Remove obsolete initializer: rack_attack_git_basic_auth.rb -- Pirate Praveen Thu, 02 Jan 2020 01:12:27 +0530 gitlab (12.5.4-2) experimental; urgency=medium * Update minimum version of ruby-gpgme to 2.0.19 * Update minimum version of ruby-premailer-rails to 1.10.3 -- Pirate Praveen Tue, 31 Dec 2019 15:48:16 +0530 gitlab (12.5.4-1) experimental; urgency=medium * New upstream version 12.5.4 * Refresh patches * Update upstream file list * Relax dependency on responders in Gemfile * Tighten dependencies * Relax dependency on grpc and google-protobuf gems (to fix ssh access) -- Pirate Praveen Mon, 30 Dec 2019 17:36:49 +0530 gitlab (12.4.6-1) experimental; urgency=medium [ Pirate Praveen ] * Update minimum version of yarnpkg to 1.19~ * Check if yarn cache directory is present before updating permissions * Update minimum version of git to 2.24~ * New upstream version 12.3.8 * Refresh patches * Remove EE only gems from Gemfile * Update minimum versions of ruby-graphql and ruby-fog-google * [Embedded dependencies] Remove snowplow-tracker and add elasticsearch-model, elasticsearch-rails, faraday-middleware-aws-signers-v4 and gitlab-peek * Update minimum versions of ruby-aws-sdk, ruby-gitlab-sidekiq-fetcher, ruby-jira, ruby-chronic-duration, ruby-prof, gitlab-shell * Relax dependency on kubeclient in Gemfile to allow 4.3 * Remove gitlab-license gem from Gemfile (EE only) * Add new dependencies: ruby-net-ntp, ruby-unleash, ruby-net-dns, ruby-countries, ruby-elasticsearch as dependency [ Abhijith PA ] * New upstream version 12.3.9 [ Pirate Praveen ] * New upstream version 12.4.6 * Don't install 16790-render-xml-artifacts.yml * Update ignored files and upstream files lists * Relax asciidoctor-plantuml and rouge in Gemfile * Add dependency on ruby-gitlab-net-dns * Remove obsolete config file * Update asciidoctor-plantuml require statement for new api * Update minimum version of gitaly, asciidoctor-plantuml, ruby-rouge -- Pirate Praveen Thu, 26 Dec 2019 21:03:03 +0530 gitlab (12.2.9-5) experimental; urgency=medium * Bump minimum version of ruby-font-awesome-rails to allow rails 5.2.3 * Add patches for CVEs (Fixes: CVE-2019-19254, CVE-2019-19257) * Tighten dependency on gitlab-workhorse and gitaly (Fixes: CVE-2019-19260) * Set minimum version of ruby-gitlab-labkit as 0.5~ (for gitaly 1.65.2) -- Pirate Praveen Fri, 29 Nov 2019 12:10:38 +0530 gitlab (12.2.9-4) experimental; urgency=medium * Update node-d3 to version 5.12 (required to update rollup to 1.x) -- Pirate Praveen Fri, 22 Nov 2019 21:25:38 +0530 gitlab (12.2.9-3) experimental; urgency=medium [ Dmitry Smirnov ] * Revert "Add sp.js to debian/missing-sources" [ Pirate Praveen ] * Add gitlab-rails-console command as a convenience script * Update minimum version for rm_confifile maintscript option [ Utkarsh Gupta ] * Add patch to bump rubyzip (Closes: #944906) [ Pirate Praveen ] * Bump minimum version of ruby-zip to 2.0 to match Gemfile -- Pirate Praveen Wed, 20 Nov 2019 13:16:32 +0530 gitlab (12.2.9-2) experimental; urgency=medium * Change .cache/yarn/v4 -> .cache/yarn/v6 * Add sp.js to debian/missing-sources -- Utkarsh Gupta Sat, 02 Nov 2019 01:40:43 +0530 gitlab (12.2.9-1) experimental; urgency=high * New upstream version 12.2.9 (Fixes: CVE-2019-18446 CVE-2019-18447 CVE-2019-18448 CVE-2019-18449 CVE-2019-18450 CVE-2019-18451 CVE-2019-18452 CVE-2019-18453 CVE-2019-18454 CVE-2019-18455 CVE-2019-18457 CVE-2019-18458 CVE-2019-18459 CVE-2019-18460 CVE-2019-18461 CVE-2019-18462 CVE-2019-18463) -- Utkarsh Gupta Thu, 31 Oct 2019 01:43:16 +0530 gitlab (12.2.8-2) experimental; urgency=medium [ Dmitry Smirnov ] * CI: new lintian job + minor corrections * CI: re-factored [ Pirate Praveen ] * Update minimum versions of bundler and nodejs * Update minimum versions of gitaly, gitlab-workhorse and gitlab-shell -- Pirate Praveen Thu, 24 Oct 2019 23:47:12 +0530 gitlab (12.2.8-1) experimental; urgency=medium [ Dmitry Smirnov ] * CI: unpack MUT components [ Sruthi Chandran ] * New upstream version 12.2.8 * Update deps * Embed snowplow-tracker as component * Use system ruby-statistics * Add contracts, dependency of embedded snowplow in dependencies * Refresh patches and delete obselete patches * Remove old config files [ Pirate Praveen ] * Add ruby-invisible-captcha as dependency * Tighten dependency on ruby-gitlab-labkit * Remove obsolete conf file: initializers/postgresql_opclasses_support.rb -- Sruthi Chandran Sun, 20 Oct 2019 22:59:27 +0530 gitlab (12.1.14-1) experimental; urgency=medium [ Pirate Praveen ] * Add node-core-js (<< 3~) constraint to use embedded core-js module (Closes: #941909) [ Utkarsh Gupta ] * New upstream version 12.1.14 * Bump Standards-Version to 4.4.1 -- Utkarsh Gupta Mon, 07 Oct 2019 21:29:31 +0530 gitlab (12.1.13-2) experimental; urgency=medium * Fix last version of initializers/active_record_verbose_query_logs.rb (this fixes the failure during installation) -- Pirate Praveen Sat, 05 Oct 2019 23:08:35 +0530 gitlab (12.1.13-1) experimental; urgency=medium [ Sruthi Chandran ] * New upstream version 12.1.13 * Refresh patches and delete patches already applied upstream * Remove already packaged embedded modules (arel, gitlab-labkit, jwt, omniauth-google-oauth2 and rails) * Add patch to relax gitlab-labkit * Add derailed_benchmarks, heapy and ruby-statistics gems as components [ Pirate Praveen ] * Tighten dependencies * Fix relative path in config/initializers * Set path for gitlab.rb * Remove obsolete initializers [ Dmitry Smirnov ] * Added helper script to unpack MUT components; CI orig tarball handling correction. -- Sruthi Chandran Sat, 05 Oct 2019 12:15:28 +0530 gitlab (12.0.9-4) experimental; urgency=medium * Update minimum version of gitaly to 1.47.3 -- Pirate Praveen Fri, 27 Sep 2019 22:46:22 +0530 gitlab (12.0.9-3) experimental; urgency=medium * Update watch file (gitlab-ce is now gitlab-foss) * Add core-js 3 as component (require transition) -- Pirate Praveen Wed, 25 Sep 2019 15:52:54 +0530 gitlab (12.0.9-2) experimental; urgency=medium * Add patch to bump asciidoctor (Closes: #940814) * Update minimum version for asciidoctor and ruby-octokit -- Utkarsh Gupta Mon, 16 Sep 2019 22:37:08 +0530 gitlab (12.0.9-1) experimental; urgency=high * Team Upload * New upstream version 12.0.9 (Closes: #940007) (Fixes: CVE-2019-16170) -- Nilesh Wed, 11 Sep 2019 10:12:18 -0400 gitlab (12.0.8-3) experimental; urgency=medium * Update minimum version of ruby-gitaly-proto dependency -- Pirate Praveen Wed, 11 Sep 2019 11:13:07 +0530 gitlab (12.0.8-2) experimental; urgency=medium * Add missing dependencies -- Pirate Praveen Tue, 10 Sep 2019 23:33:54 +0530 gitlab (12.0.8-1) experimental; urgency=high * New upstream version 12.0.8 (Fixes: CVE-2019-15728 CVE-2019-15730 CVE-2019-15722 CVE-2019-15729 CVE-2019-15721 CVE-2019-15727 CVE-2019-15726 CVE-2019-15724 CVE-2019-15725 CVE-2019-15723 CVE-2019-15732 CVE-2019-15731 CVE-2019-15738 CVE-2019-15737 CVE-2019-15734 CVE-2019-15739 CVE-2019-15740 CVE-2019-15733 CVE-2019-15736 CVE-2019-15741) * Remove dfsg as the files are removed upstream * Refresh patches and delete obsolete patches * Remove already packaged embedded modules (ruby-omniauth-ultraauth, ruby-omniauth-salesforce, ruby-apollo-upload-server and ruby-sassc-rails) -- Sruthi Chandran Sat, 07 Sep 2019 21:38:23 +0530 gitlab (11.11.8+dfsg-1) experimental; urgency=medium * New upstream security release 11.11.8+dfsg (Closes: #934708) (Fixes: CVE-2019-14942 CVE-2019-14944) * Remove embedded jaeger-client, opentracing and thrift -- Sruthi Chandran Wed, 14 Aug 2019 17:14:06 +0530 gitlab (11.11.7+dfsg-1) experimental; urgency=medium [ Pirate Praveen ] * New upstream security release 11.11.7+dfsg (Closes: #933785) (Fixes: CVE-2019-5470, CVE-2019-5469, CVE-2019-5468, CVE-2019-5466, CVE-2019-5465, CVE-2019-5464, CVE-2019-5463, CVE-2019-5462, CVE-2019-5461) * Use packaged version of node-d3 * Refresh patches * Bump standards version to 4.4.0 * Install security.txt * Update embedded rails version to 5.1.7 * Add ruby-omniauth-openid-connect, ruby-sassc and ruby-jaeger-client as new dependencies. * Embed omniauth-ultraauth, omniauth-salesforce, apollo_upload_server, sassc-rails, gitlab-labkit * Update dependency on ruby-sidekiq and ruby-nokogiri, gitaly, ruby-fog-google, ruby-batch-loader, ruby-gitaly-proto, ruby-grpc [ Dmitry Smirnov ] * CI: dropped .git directory and added job to build on Buster. [ Pirate Praveen ] * Update minimum version of gitaly * Switch to packaged version of webpack * Use packaged versions of node-worker-loader, node-cache-loader, node-imports-loader, node-exports-loader, node-url-loader, node-raw-loader and node-file-loader * Remove upstream-file-list.new in clean -- Pirate Praveen Sun, 11 Aug 2019 13:00:50 +0530 gitlab (11.10.8+dfsg-1) experimental; urgency=medium [ Pirate Praveen ] * New upstream security release 11.10.8+dfsg (Fixes: CVE-2019-13001, CVE-2019-13002, CVE-2019-13003, CVE-2019-13004, CVE-2019-13005, CVE-2019-13006, CVE-2019-13007, CVE-2019-13009,CVE-2019-13010, CVE-2019-13011, CVE-2019-13121) * Refresh patches * Use packaged versions of node-autosize, axios, brace-expansion, chart.js, core-js, css-loader, d3-* sub modules, fuzzaldrin-plus, glob, jed, jquery, jquery-ujs, jquery.waitforimages, js-cookie, jszip, jszip-utils, mousetrap, popper.js, raven-js, bootstrap, three-orbit-control, three-stl-loader, timeago.js, dateformat, webpack-stats-plugin and vue-resource * Use packaged pikaday and update path in application.scss (Closes: #930529) -- Pirate Praveen Sun, 07 Jul 2019 13:14:52 +0530 gitlab (11.10.5+dfsg-1) experimental; urgency=medium [ Pirate Praveen ] * New upstream security release 11.10.5+dfsg (Closes: #930004) (Fixes: CVE-2019-12428, CVE-2019-12431, CVE-2019-12432, CVE-2019-12433, CVE-2019-12434, CVE-2019-12441, CVE-2019-12442, CVE-2019-12443, CVE-2019-12444, CVE-2019-12445, CVE-2019-12446) * Arrange changelog in chronological order * Refresh patches [ Abhijith PA ] * Update changelog -- Pirate Praveen Wed, 05 Jun 2019 12:35:18 +0530 gitlab (11.8.10+dfsg-1) unstable; urgency=medium * Team upload * New upstream release. * Remove unwanted lintian-overrides. [ 26a2fcc3] -- Abhijith PA Thu, 30 May 2019 16:15:39 +0530 gitlab (11.10.4+dfsg-2) experimental; urgency=medium * Bump devise to 4.6.2 * Add patch to bump devise to 4.6.2 -- Utkarsh Gupta Tue, 21 May 2019 21:07:19 +0530 gitlab (11.10.4+dfsg-1) experimental; urgency=medium [ Utkarsh Gupta ] * New upstream version 11.10.4+dfsg * Update d/changelog * Update 0050-relax-stable-libs.patch * Refresh d/patches * Install graphql-tag via yarnpkg * Update d/copyright to exclude pdf.* * Add lintian-overrides for false-positive errors * Update d/control to update gem versions * Do not use --frozen-lockfile with yarnpkg * Update d/upstream-file-list * Make yarn.lock writable * Add myself as an uploader [ Abhijith PA ] * remove embedded pdf.js and use libjs-pdf [ Pirate Praveen ] * Remove obsolete configuration files -- Utkarsh Gupta Sat, 18 May 2019 01:40:29 +0530 gitlab (11.8.9+dfsg-1) unstable; urgency=medium * Team upload * New upstream version 11.8.9+dfsg (Fixes: CVE-2019-11544, CVE-2019-11546, CVE-2019-11547, CVE-2019-11548, CVE-2019-11549) (Closes: #928221) * Update d/patches/* -- Utkarsh Gupta Sat, 04 May 2019 00:56:51 +0530 gitlab (11.8.6+dfsg-1) unstable; urgency=medium * Team upload * New upstream version 11.8.6 (Fixes: CVE-2018-5158, CVE-2019-10109, CVE-2019-10110, CVE-2019-10111, CVE-2019-10113, CVE-2019-10115, CVE-2019-10116, CVE-2019-10640) * Use libjs-pdf instead of embedded pdf.js * Add gitlab.examples -- Abhijith PA Wed, 03 Apr 2019 18:19:49 +0530 gitlab (11.8.3-1) unstable; urgency=high [ Pirate Praveen ] * Set minimum version of git to 2.18 [ Sruthi Chandran ] * New upstream version 11.8.3 (Closes: #925196) (Fixes: CVE-2019-9866) -- Sruthi Chandran Fri, 22 Mar 2019 00:19:33 +0530 gitlab (11.8.2-3) unstable; urgency=medium * Add link to gitlab page on Debian wiki in README.Debian * Set minimum version of ruby to 1:2.5~ and add conflict with libruby2.3 (to support smooth upgrading from stretch-backports) * Tighten dependency on ruby-lograge * Remove obsolete config files * Drop patch which expected rails 5.2 * Handle migration from rails 4.2 -- Pirate Praveen Sun, 17 Mar 2019 18:34:25 +0530 gitlab (11.8.2-2) unstable; urgency=medium [ Sruthi Chandran ] * Refactor tmpfiles.d/ conf files * Embed omniauth-google-oauth2 and jwt-2.1.0 (as we are in freeze) * Relax nokogiri [ Pirate Praveen ] * Remove dependency on npm and use yarnpkg directly instead * Tighten dependency on gitaly and gitlab-shell * Move gitlab-shell dependency to gitlab-common -- Pirate Praveen Fri, 15 Mar 2019 22:12:52 +0530 gitlab (11.8.2-1) experimental; urgency=medium * New upstream version 11.8.2 (Closes: #924447) (Fixes: CVE-2019-9170, CVE-2019-9171, CVE-2019-9172, CVE-2019-9174, CVE-2019-9175, CVE-2019-9176, CVE-2019-9178, CVE-2019-9179, CVE-2019-9217, CVE-2019-9219, CVE-2019-9220, CVE-2019-9221, CVE-2019-9222, CVE-2019-9223, CVE-2019-9224, CVE-2019-9225, CVE-2019-9485) * Refresh patches and remove 0120-remove-tracing-group.patch * Embed opentracing, jaeger-client and thrift -- Sruthi Chandran Thu, 14 Mar 2019 17:09:17 +0530 gitlab (11.8.0-1) experimental; urgency=medium [ Dmitry Smirnov ] * Moved list of files from Files-Excluded to "clean" file to avoid error in `mk-origtargz`. [ Sruthi Chandran ] * New upstream version 11.8.0 * Refresh patches * Update script in debian/upstream-file-count-check.sh to identify new/removed files [ Pirate Praveen ] * Refresh patches with fuzz * Update dependency on ruby-rack, ruby-pg, ruby-fog*, ruby-truncato, ruby-nokogiri, ruby-acts-as-taggable-on, ruby-kubeclient, ruby-gitaly-proto, ruby-omniauth-azure-oauth2, ruby-google-api-client, ruby-sidekiq-cron, ruby-oauth2, ruby-googleauth * Remove tracing group from Gemfile * Replace rails 5.2 patch with rails 5.1 patch from upstream * Remove monkey patch not needed with rails 5.2 * Embed rails 5.1 temporarily till gitlab supports rails 5.2 * Create target file of secrets.yml symbolic link * Set GEM_PATH for using embedded gems * Tighten dependency on libjs-uglify -- Pirate Praveen Tue, 12 Mar 2019 21:29:55 +0530 gitlab (11.5.10+dfsg-1) unstable; urgency=medium * New upstream version 11.5.10+dfsg (Closes: #921059) (Fixes: CVE-2019-6781, CVE-2019-6782, CVE-2019-6783, CVE-2019-6784, CVE-2019-6785, CVE-2019-6786, CVE-2019-6787, CVE-2019-6788, CVE-2019-6789, CVE-2019-6790, CVE-2019-6791, CVE-2019-6792, CVE-2019-6794, CVE-2019-6795, CVE-2019-6796, CVE-2019-6960, CVE-2019-6995, CVE-2019-6997, CVE-2019-7155, CVE-2019-7176) * Refresh patches * Add ruby-zip as dependency * Relax dependency on ruby-carrierwave -- Pirate Praveen Sat, 02 Feb 2019 18:14:16 +0530 gitlab (11.5.7+dfsg-1) unstable; urgency=medium * Team upload * New upstream version 11.5.7+dfsg * Fix CVE-2019-6240: Arbitrary repo read in Gitlab project import (Closes: #919822) -- Abhijith PA Sun, 20 Jan 2019 21:37:01 +0530 gitlab (11.5.6+dfsg-1) unstable; urgency=high * New upstream version 11.5.6+dfsg (Closes: #918086) (Fixes: CVE-2018-20488, CVE-2018-20489, CVE-2018-20490, CVE-2018-20491, CVE-2018-20492, CVE-2018-20493, CVE-2018-20494, CVE-2018-20495, CVE-2018-20496, CVE-2018-20497, CVE-2018-20498, CVE-2018-20499, CVE-2018-20500, CVE-2018-20501, CVE-2018-20507) * Bump Standards-Version to 4.3.0 -- Sruthi Chandran Thu, 03 Jan 2019 12:56:20 +0530 gitlab (11.6.0+dfsg-1) experimental; urgency=medium * New upstream version 11.6.0+dfsg * Refresh patches * Remove 0650-fix-8-to-10-migration.patch * Don't install .eslintrc.yml * Add patch to relax rails in Gemfile * Relax gitlab-sidekiq-fetcher * Add patch 0680-rails-5_2.patch to make it work with rails5.2 * Remove config/initializers/active_record_verbose_query_logs.rb * Set path for yarn -- Sruthi Chandran Sun, 23 Dec 2018 12:16:18 +0530 gitlab (11.5.5+dfsg-1) unstable; urgency=high [ Pirate Praveen ] * Restart gitlab before checks in postinst (fixes failures in some checks) * Explicitly call /usr/bin/bundle to avoid gem installed bundler * Move gitlab-rake to /usr/sbin (depends on /sbin/runuser) * Remove optional bullet dependency from Gemfile * Add Gemfile.autopkgtest to specify test only dependencies * Install test only dependencies from rubygems.org for autopkgtest * Drop autopkgtest dependencies installed from rubygems.org * Relax dependency on rspec-rails * Add golang-any as autopkgtest dependency (to build gitlab-shell) * Add gitaly: client_path to gitlab.yml [ Sruthi Chandran ] * New upstream version 11.5.5+dfsg (Fixes: CVE-2018-20229) * Add myself to uploaders -- Sruthi Chandran Fri, 21 Dec 2018 20:27:36 +0530 gitlab (11.5.4+dfsg-1) unstable; urgency=medium * New upstream version 11.5.4+dfsg (Fixes: CVE-2018-20144) * Add a note about reusing existing system users for Gitlab instance (Closes: #916243) * Add an example fqdn in debconf template (Closes: #916306) * Update minimum version of ruby-nokogiri to 1.8.4 * Look for changes in /usr/share/rubygems-integration as well for triggering Gemfile.lock refresh * Remove world write permissions of .yarn-metadata.json files (Closes: #915860) * Restart gitaly before gitlab:check in postinst -- Pirate Praveen Sat, 15 Dec 2018 14:43:41 +0530 gitlab (11.5.3+dfsg-1) experimental; urgency=medium * New upstream version 11.5.3+dfsg * Only gitlab binary needs to be in contrib (Closes: #915759) * Tighten dependency on ruby-octokit * Set minimum version of ruby-sass to 3.5 * Refresh patches * Update dependencies -- Pirate Praveen Thu, 13 Dec 2018 14:57:24 +0530 gitlab (11.4.9+dfsg-2) unstable; urgency=medium * Reupload to unstable -- Pirate Praveen Sat, 08 Dec 2018 12:49:53 +0530 gitlab (11.4.9+dfsg-1) experimental; urgency=medium * New upstream version 11.4.9+dfsg * Refresh patches * Update dependencies * Remove gitlab-markup dependency (replaced by github-markup) -- Pirate Praveen Thu, 06 Dec 2018 13:21:50 +0530 gitlab (11.3.11+dfsg-1) unstable; urgency=high * New upstream security release 11.3.11+dfsg (Fixes: CVE-2018-19493, CVE-2018-19494, CVE-2018-19495, CVE-2018-19496, CVE-2018-19569, CVE-2018-19570, CVE-2018-19571, CVE-2018-19572, CVE-2018-19573, CVE-2018-19574, CVE-2018-19575, CVE-2018-19576, CVE-2018-19577, CVE-2018-19580, CVE-2018-19583, CVE-2018-19585) -- Pirate Praveen Thu, 29 Nov 2018 21:57:18 +0530 gitlab (11.3.10+dfsg-2) unstable; urgency=medium * Reupload to unstable -- Pirate Praveen Thu, 22 Nov 2018 20:44:42 +0530 gitlab (11.3.10+dfsg-1) experimental; urgency=medium * New upstream version 11.3.10+dfsg (Closes: #914166) (Fixes: CVE-2018-19359) * Relax ruby-js-regex version * Tighten dependencies (update minimum versions) -- Pirate Praveen Wed, 21 Nov 2018 11:49:29 +0530 gitlab (11.2.8+dfsg-2) unstable; urgency=medium * Add gitlab-rake as a command (Closes: #814506) * Revert to using github-linguist 5 -- Pirate Praveen Tue, 20 Nov 2018 10:46:03 +0530 gitlab (11.2.8+dfsg-1) experimental; urgency=medium * New upstream version 11.2.8+dfsg (Fixes: CVE-2018-18646, CVE-2018-18645, CVE-2018-18641, CVE-2018-18640) -- Pirate Praveen Sun, 18 Nov 2018 18:42:27 +0530 gitlab (11.1.8+dfsg-2) unstable; urgency=medium * Reupload to unstable * Add CVEs fixed in 11.1.6 release (Fixes: CVE-2018-16049, CVE-2018-16050, CVE-2018-16051, Missing CSRF in System Hooks, Persistent XSS in Pipeline Tooltip) -- Pirate Praveen Sat, 17 Nov 2018 12:56:07 +0530 gitlab (11.1.8+dfsg-1) experimental; urgency=medium * New upstream version 11.1.8+dfsg (Fixes: CVE-2018-17450, CVE-2018-17454, CVE-2018-15472, CVE-2018-17449, CVE-2018-17452, CVE-2018-17451, CVE-2018-17453, CVE-2018-17455, CVE-2018-17537, CVE-2018-17536) -- Pirate Praveen Fri, 16 Nov 2018 16:45:36 +0530 gitlab (10.8.7+dfsg-1) unstable; urgency=medium * New upstream version 10.8.7+dfsg (Fixes: CVE-2018-14602, CVE-2018-14603, CVE-2018-14604, CVE-2018-14605, CVE-2018-14606) * Refresh and rename patches (to make numbering consistent) * Add dependency on bzip2 (Closes: #910058) * Add ruby-device-detector as new dependency and tighten dependency versions * Remove chmod/chown -R usage in postinst -- Pirate Praveen Mon, 15 Oct 2018 15:55:10 +0530 gitlab (10.7.7+dfsg-3) unstable; urgency=medium * Give gitlab_user ownership of gitlab_data_dir after creating user (Closes: #910929) * Relax default_value_for, dropzonejs-rails, net-ssh in Gemfile * Remove .eslintrc from binary package * Add ruby-ed25519 and remove ruby-rbnacl * Remove chown -R commands from postinst -- Pirate Praveen Sat, 13 Oct 2018 22:29:59 +0530 gitlab (10.7.7+dfsg-2) unstable; urgency=medium [ Lucas Kanashiro ] * Relax recaptcha version (Closes: #907488) [ Pirate Praveen ] * Reupload to unstable (required protobuf and grpc is now in unstable) * Bump dependency on gitaly (for user management via gitlab-common) * Bump Standards-Version to 4.2.1 (no changes needed) -- Pirate Praveen Sat, 13 Oct 2018 00:11:14 +0530 gitlab (10.7.7+dfsg-1) experimental; urgency=medium * New upstream version 10.7.7+dfsg (Fixes: CVE-2018-14364) (Closes: #904026) * Bump Standards-Version to 4.2.0 (no changes needed) -- Pirate Praveen Mon, 20 Aug 2018 21:38:35 +0530 gitlab (10.7.6+dfsg-2) experimental; urgency=medium * Support html-sanitizer >= 2.7.1 (see upstream issue 48415) -- Pirate Praveen Sat, 30 Jun 2018 16:51:41 +0530 gitlab (10.7.6+dfsg-1) experimental; urgency=medium * New upstream version 10.7.6+dfsg * Refresh patches * Move common dependencies to gitlab-common * Don't remove gitlab_data_dir in purge * Support upgrading from 8.13 to 10.x (Upstream issue 48040) -- Pirate Praveen Wed, 27 Jun 2018 16:14:20 +0530 gitlab (10.7.5+dfsg-3) experimental; urgency=medium * Relax ruby version check (2.3.3 includes security fixes) * Add gitlab-common binary to handle user creation for gitlab and gitaly (Closes: #901310) -- Pirate Praveen Wed, 13 Jun 2018 10:57:34 +0530 gitlab (10.7.5+dfsg-2) experimental; urgency=medium * Bump minimum version of gitlab-workhorse to 4.1.0 -- Pirate Praveen Sun, 03 Jun 2018 20:54:56 +0530 gitlab (10.7.5+dfsg-1) experimental; urgency=medium * New upstream version 10.7.5+dfsg (Closes: #900522) -- Pirate Praveen Sun, 03 Jun 2018 19:54:01 +0530 gitlab (10.7.3+dfsg-1) experimental; urgency=medium [ Dmitry Smirnov ] * CI: experimental CI. * CI: origtargz * copyright: format URL to HTTPS. * watch file to version 4; get tar.bz2 instead of tar.gz; [ Pirate Praveen ] * Fix filenamemagle as well to use bz2 * New upstream version 10.7.3+dfsg * Refresh patches * Upload to experimental (required versions of ruby-rugged and ruby-grpc are only available in experimental. libgit2-dev and libgrpc-dev needs library transitions and coordination.) -- Pirate Praveen Sat, 12 May 2018 20:52:12 +0530 gitlab (10.6.5+dfsg-2) unstable; urgency=medium * Set minimum version of nodejs to 6 (punycode@2.1.0 needs nodejs >= 6) * Use yarn installed webpack * Remove symlinks for vendored files (now using it directly) -- Pirate Praveen Wed, 02 May 2018 18:11:00 +0530 gitlab (10.6.5+dfsg-1) unstable; urgency=medium * Use vendored js files (to ease backporting to jessie) * Update watch file for new gitlab.com download url pattern * New upstream version 10.6.5+dfsg * Bump Standards-Version to 4.1.4 (no changes needed) -- Pirate Praveen Tue, 01 May 2018 15:13:49 +0530 gitlab (10.6.3+dfsg-3) unstable; urgency=medium * Relax dependency on asciidoctor-plantuml -- Pirate Praveen Sun, 29 Apr 2018 16:59:15 +0530 gitlab (10.6.3+dfsg-2) unstable; urgency=medium [ Dmitry Smirnov ] * Build-Depends tightening: ruby-grape-entity (>= 0.7.1~) * gitlab.yml.example: fixed path to "gitaly.socket". * Recommends += gitaly; (Closes: #894015) * Fixed versioning of dependencies (ruby-arel (>= 6.0.4~) is crucial). * New patch to fix Markdown rendering (Closes: #895871). [ Pirate Praveen ] * Fix ruby-unf-ext version constraint * Update description, webpack is in main now * Install all frontend dependencies via npm (to ease backporting to stretch) -- Pirate Praveen Fri, 27 Apr 2018 13:26:18 +0530 gitlab (10.6.3+dfsg-1) unstable; urgency=medium * New upstream version 10.6.3 (Closes: #894867, #894868, #894869) -- Pirate Praveen Thu, 05 Apr 2018 14:05:46 +0530 gitlab (10.6.2+dfsg-1) unstable; urgency=medium * New upstream version 10.6.2 * Refresh patches * Tighten dependency on ruby-loofah * Relax dependency on grape-entity (Closes: #894668) -- Pirate Praveen Wed, 04 Apr 2018 22:27:43 +0530 gitlab (10.6.0+dfsg-1) unstable; urgency=medium * New upstream version 10.6.0 -- Pirate Praveen Tue, 27 Mar 2018 20:01:24 +0530 gitlab (10.5.6+dfsg-1) unstable; urgency=medium [ Dmitry Smirnov ] * Tighten/version dependency ruby-net-ldap: [ Pirate Praveen ] * New upstream version 10.5.6 (Closes: #893905) Fixes: CVE-2018-8801 CVE-2018-8971 * Tighten dependency on ruby-omniauth-auth0 -- Pirate Praveen Mon, 26 Mar 2018 14:41:54 +0530 gitlab (10.5.5+dfsg-3) unstable; urgency=medium * Relax kubeclient dependency * Remove plantuml_lexer.rb initializer from /etc (Closes: #893867) -- Pirate Praveen Fri, 23 Mar 2018 21:01:56 +0530 gitlab (10.5.5+dfsg-2) unstable; urgency=medium * Tighten ruby-devise to 4.4.3 * Remove devDependencies from package.json * Start using system node libs, don't add yarn to package.json * Isolate yarn to its own directory -- Pirate Praveen Thu, 22 Mar 2018 21:32:02 +0530 gitlab (10.5.5+dfsg-1) unstable; urgency=medium [ Dmitry Smirnov ] * Depends += "ruby-excon (>= 0.60.0~)" * Added new patch to fix Markdown rendering (Closes: #890757). * Depends: set minimum version for "rake". [ Pirate Praveen ] * New upstream version 10.5.5 (Closes: #888508) - Fixes multiple security vulnerabilities in 10.3.4 (CVE-2017-0914, CVE-2017-0916, CVE-2017-0917, CVE-2017-0918, CVE-2017-0923, CVE-2017-0925, CVE-2017-0926, CVE-2017-0927, CVE-2017-3710) * Remove files no longer present in vendor from Files-Excluded * Refresh patches * Add new node-* dependencies already in the archive as depends * Tighten dependencies * Bump debhelper compat to 10 and standards version to 4.1.3 -- Pirate Praveen Sun, 18 Mar 2018 15:17:08 +0530 gitlab (9.5.4+dfsg-7) unstable; urgency=medium * Reupload to unstable * Remove locale directory during purge * Locales should be compiled before precompiling assets -- Pirate Praveen Thu, 01 Mar 2018 23:45:44 +0530 gitlab (9.5.4+dfsg-6) experimental; urgency=medium * Relax dependencies in Gemfile for rdoc ruby-prof * Build locale and make locale directory writable by symlinking to /var/lib (Closes: #890877) * Remove work around for libjs-jquery-atwho bug (1.5.4+dfsg.1-2 works) -- Pirate Praveen Fri, 23 Feb 2018 00:01:33 +0530 gitlab (9.5.4+dfsg-5) experimental; urgency=medium * Use jquery from system for compatibility with at.js in node_modules * Use document-register-element 1.3.0 (1.7.2 is not compatible) -- Pirate Praveen Wed, 14 Feb 2018 20:10:18 +0530 gitlab (9.5.4+dfsg-4) experimental; urgency=medium * Add workaround for broken libjs-jquery-atwho (#890391) (Download at.js from npmjs.com dist tarball) -- Pirate Praveen Wed, 14 Feb 2018 17:19:26 +0530 gitlab (9.5.4+dfsg-3) experimental; urgency=medium [ Dmitry Smirnov ] * Fixed dependencies. [ Pirate Praveen ] * Update npm itself using npm (for @ support in module names) -- Pirate Praveen Wed, 14 Feb 2018 14:45:11 +0530 gitlab (9.5.4+dfsg-2) experimental; urgency=medium * Relax dependencies in Gemfile * Tighten dependencies in control * Bump standards * Add missing attributions * Fix permissions for .gitlab_shell_secret -- Pirate Praveen Tue, 26 Dec 2017 17:31:57 +0530 gitlab (9.5.4+dfsg-1) experimental; urgency=medium * New upstream release * Move to contrib (packaging of node modules for front end is not complete) * Use npm install for front end dependencies * Refresh patches * Tighten/update dependencies * Update gitlab.yml.example * Fix gitlab-mailroom service * Update overrides * Replace vendored js with system libs -- Pirate Praveen Wed, 13 Dec 2017 10:50:15 +0530 gitlab (8.13.11+dfsg1-11) unstable; urgency=medium * Tighten dependency on ruby-truncato -- Pirate Praveen Mon, 14 Aug 2017 12:21:40 +0530 gitlab (8.13.11+dfsg1-10) unstable; urgency=medium * Relax dependency on ruby-net-ssh (Closes: #868246) -- Pirate Praveen Sun, 30 Jul 2017 16:14:02 +0530 gitlab (8.13.11+dfsg1-9) unstable; urgency=medium * Relax dependency on ruby-asana and ruby-webmock -- Pirate Praveen Tue, 18 Jul 2017 14:07:05 +0530 gitlab (8.13.11+dfsg1-8) unstable; urgency=medium * Export all variables declared in gitlab-debian.conf from /etc/default/gitlab (Closes: #863950) Thanks to yyoshino -- Pirate Praveen Mon, 05 Jun 2017 22:00:03 +0530 gitlab (8.13.11+dfsg1-7) unstable; urgency=medium * Correctly bind dbconfig-common configuration file to gitlab package (and not to $gitlab_user) in debian/config * Revert change in debian/postinst from previous upload which incorrectly binds dbconfig-common configuration file to $gitlab_user package -- Pirate Praveen Fri, 12 May 2017 10:12:55 +0530 gitlab (8.13.11+dfsg1-6) unstable; urgency=medium * Remove hard coded gitlab user in postinst (Closes: #862329) * Remove dbconfig-common config files on purge -- Pirate Praveen Thu, 11 May 2017 22:29:06 +0530 gitlab (8.13.11+dfsg1-5) unstable; urgency=medium * Fix letsencrypt email handling in config * Minor update in postrm output -- Pirate Praveen Thu, 27 Apr 2017 11:23:43 +0530 gitlab (8.13.11+dfsg1-4) unstable; urgency=medium * Check if gitlab_data_dir is defined before using it * Ask email address for letsencrypt updates -- Pirate Praveen Wed, 26 Apr 2017 21:12:25 +0530 gitlab (8.13.11+dfsg1-3) unstable; urgency=medium * Quote variable in test -n (Thanks to Benjamin Drung) -- Pirate Praveen Fri, 21 Apr 2017 16:02:25 +0530 gitlab (8.13.11+dfsg1-2) unstable; urgency=medium * Integrate dbconfig-common (Closes: #859200) * Don't set default gitlab user in postinst * Change template name from purge to purge_data * Switch to runuser from su (runuser correctly handles PAM sessions) -- Pirate Praveen Fri, 21 Apr 2017 13:16:43 +0530 gitlab (8.13.11+dfsg1-1) unstable; urgency=medium [ Balasankar C ] * Repack source to remove fuzzaldrin-plus.js (Closes: #858725) [ Pirate Praveen ] * debian/postrm: Make checks idempotent (use if in place of &&) * debian/postrm: Check variables are defined before using them * debian/config: pre-seed variables to debconf db from config files * debian/postinst: - make sure all required variables are present in the config file - handle reconfiguration correctly by reapplying variables from debconf db to config files - Don't touch systemd override.conf if already exist -- Pirate Praveen Thu, 20 Apr 2017 11:47:49 +0530 gitlab (8.13.11+dfsg-8) unstable; urgency=medium * Don't fail if gitlab-debian.defaults not found (to support upgrading from older versions) * Be more defensive in rm -rf -- Pirate Praveen Thu, 23 Mar 2017 17:16:50 +0530 gitlab (8.13.11+dfsg-7) unstable; urgency=medium [ Balasankar C ] * Add patch cve-2017-0882.patch (Fixes: CVE-2017-0882) [ Pirate Praveen ] * Move gitlab_log_dir variable to /etc (needed got gitlab-unicorn service) -- Pirate Praveen Tue, 21 Mar 2017 18:28:43 +0530 gitlab (8.13.11+dfsg-6) unstable; urgency=medium * Improve configuration file parsing by using source (Closes: #857967) -- Pirate Praveen Fri, 17 Mar 2017 22:29:40 +0530 gitlab (8.13.11+dfsg-5) unstable; urgency=medium * Move variables used only in maintainer scripts to /usr/lib from /etc (Closes: #856606) * Use command -v to check existence of dropdb command in postrm -- Pirate Praveen Tue, 14 Mar 2017 17:21:21 +0530 gitlab (8.13.11+dfsg-4) unstable; urgency=medium [ Balasankar C ] * Update description to specify that the package is non-omnibus, unlike the official one from GitLab. * Remove database on purge only if necessary commands are available (Closes: #855579) [ Pirate Praveen ] * Use /usr/lib/gitlab/templates for config file templates used in postinst (See 854658#34) * Add more checks in postrm to avoid failures which can be ignored -- Balasankar C Fri, 24 Feb 2017 17:06:52 +0530 gitlab (8.13.11+dfsg-3) unstable; urgency=medium * Allow choosing gitlab user (Closes: #854617) * Optionally remove all data on purge (Closes: #821087, #839929) [ Johannes Schauer ] * Amend the README.Debian with instructions of how to upgrade from non-Debian installations (Closes: #823743) -- Pirate Praveen Thu, 16 Feb 2017 17:35:29 +0530 gitlab (8.13.11+dfsg-2) unstable; urgency=medium * Use upstream patch for git 2.11 support (Closes: #853251) * Set minimum version of gitlab-shell to 3.6.6-3 (required for git 2.11 support) -- Pirate Praveen Tue, 07 Feb 2017 11:24:36 +0530 gitlab (8.13.11+dfsg-1) unstable; urgency=medium * New upstream release * Remove WoSign from suggested free SSL providers (they stopped providing free SSL certificates from September 2016) * Backport git 2.11 support (Closes: #851714) -- Pirate Praveen Wed, 18 Jan 2017 13:21:17 +0530 gitlab (8.13.6+dfsg2-2) unstable; urgency=medium * Add patch cve-2016-9469.diff (Fixes: CVE-2016-9469) (Closes: #847157) * Use ruby-jquery-ui-rails 6 (Closes: #847337) * Enable more tests * Use -C for specifing sidekiq queues, Thanks to Justin F. Hallett (Closes: #847114) * Add dpkg trigger to refresh Gemfile.lock if a dependency is changed (Closes: #847420) -- Pirate Praveen Sun, 11 Dec 2016 22:06:59 +0530 gitlab (8.13.6+dfsg2-1) unstable; urgency=medium * Run tests with RAILS_ENV=test * Relax dependency on ruby-grape-entity * Remove tasks related to linting from orig.tar -- Pirate Praveen Wed, 30 Nov 2016 16:15:29 +0530 gitlab (8.13.6+dfsg1-3) unstable; urgency=medium * Fix autopkgtest with upstream patch (Closes: #845656) -- Pirate Praveen Mon, 28 Nov 2016 23:52:13 +0530 gitlab (8.13.6+dfsg1-2) unstable; urgency=medium * Replace embedded copy of fuzzaldrin-plus with libjs-fuzzaldrin-plus (Closes: #814871) -- Pirate Praveen Fri, 25 Nov 2016 22:05:14 +0530 gitlab (8.13.6+dfsg1-1) unstable; urgency=medium * New upstream release (Closes: #845180) * Replace embedded copy of fuzzaldrin-plus with libjs-fuzzaldrin-plus -- Pirate Praveen Thu, 24 Nov 2016 15:29:27 +0530 gitlab (8.13.3+dfsg1-2) unstable; urgency=medium * Reupload to unstable (Closes: #843519) -- Pirate Praveen Fri, 11 Nov 2016 10:56:31 +0530 gitlab (8.13.3+dfsg1-1) experimental; urgency=medium * New upstream release (Fixes: CVE-2016-9086) * Refresh patches * Add dependency on lsb-base -- Pirate Praveen Fri, 04 Nov 2016 16:23:49 +0530 gitlab (8.12.3+dfsg1-1) unstable; urgency=medium * New upstream release (Closes: #838256) * Use spec.rake and spec.pattern to select tests * Use INCLUDE_TEST_DEPENDS variable in Gemfile to select test dependencies (--without does not work with --local in bundle install) * Move /usr/share/gitlab/.bundle to /var/lib/gitlab * Create db/schema.rb only in postinst (Closes: #838668) [ Dmitry Smirnov ] * Fix failure to start masked gitlab.service after reinstall -- Pirate Praveen Sat, 01 Oct 2016 15:23:17 +0530 gitlab (8.11.3+dfsg1-3) unstable; urgency=medium * Run some of gitlab provided tests as autopkgtests -- Pirate Praveen Sat, 17 Sep 2016 21:41:51 +0530 gitlab (8.11.3+dfsg1-2) unstable; urgency=medium * Use config/initializers/secret_token.rb to create secrets.yml (backup your secrets.yml if you are upgrading) -- Pirate Praveen Sat, 17 Sep 2016 14:53:04 +0530 gitlab (8.11.3+dfsg1-1) unstable; urgency=medium * New upstream release * Remove ruby-devise-async dependency -- Pirate Praveen Fri, 16 Sep 2016 12:44:05 +0530 gitlab (8.10.5+dfsg-3) unstable; urgency=high * Remove ruby-activerecord-deprecated-finders dependency (removed from Gemfile) * Setting urgency=high as it helps fix #835749 -- Pirate Praveen Wed, 07 Sep 2016 23:18:08 +0530 gitlab (8.10.5+dfsg-2) unstable; urgency=medium * Reupload to unstable -- Pirate Praveen Thu, 01 Sep 2016 13:17:03 +0530 gitlab (8.10.5+dfsg-1) experimental; urgency=medium * New upstream release rouge 2.0 is now compatible (Closes: #830111) * Refresh patches * Update dependencies -- Pirate Praveen Wed, 31 Aug 2016 19:24:55 +0530 gitlab (8.9.0+dfsg-10) unstable; urgency=medium * Relax dependency on rails in Gemfile (Closes: #834907) -- Pirate Praveen Mon, 22 Aug 2016 11:07:21 +0530 gitlab (8.9.0+dfsg-9) unstable; urgency=medium * Create gitlab user as system user (Closes: #834037) [ Dmitry Smirnov ] * New patch to fix error 500 on runners page (Closes: #819903) Thanks, Libor Klepáč. -- Pirate Praveen Mon, 15 Aug 2016 19:51:05 +0530 gitlab (8.9.0+dfsg-8) unstable; urgency=medium * Update ruby-unicorn-worker-killer dependency * Don't fail when .ssh exist -- Pirate Praveen Tue, 26 Jul 2016 15:03:10 +0530 gitlab (8.9.0+dfsg-7) unstable; urgency=medium * Tighten dependencies * Allow unicorn 5.0 -- Pirate Praveen Thu, 21 Jul 2016 13:51:37 +0530 gitlab (8.9.0+dfsg-6) unstable; urgency=medium * Create .ssh/authorized_keys in postinst -- Pirate Praveen Wed, 20 Jul 2016 23:13:59 +0530 gitlab (8.9.0+dfsg-5) unstable; urgency=medium * Tighten dependencies * Don't run gitlab:shell:install in postinst (Closes: #831877) (installed config.yml works) * Add a note about CAcert and browser trust [ Dmitry Smirnov ] * Do not leave dangling symlinks behind after purge * Remove generated assets on purge * rules: do not install LICENSE files * rules: properly use dh-systemd (Closes: #820991) * Rewrite terrible upstream .service files: - added meta "gitlab.service" that work alike corresponding init.d script - new .service files with support for "reload" and propagation of "reload" from "gitlab.service" - non-forking PIDFILE-less implementation This change fixes services' start-up and postinst error on first install. * templates: Replace StartSSL with CACert -- Pirate Praveen Wed, 20 Jul 2016 20:28:21 +0530 gitlab (8.9.0+dfsg-4) unstable; urgency=medium * Move config files to /usr/share/doc as examples and copy them to /var/lib for modification (Closes: #821086) * Fix gitlab-shell's config.yml handling (Closes: #827846) -- Pirate Praveen Thu, 14 Jul 2016 19:53:16 +0530 gitlab (8.9.0+dfsg-3) unstable; urgency=medium * Relax grape and rouge in Gemfile -- Pirate Praveen Sun, 10 Jul 2016 20:23:41 +0530 gitlab (8.9.0+dfsg-2) unstable; urgency=medium * Reupload to unstable * Relax omniauth-google-oauth2 in Gemfile -- Pirate Praveen Sat, 09 Jul 2016 20:14:24 +0530 gitlab (8.9.0+dfsg-1) experimental; urgency=medium * New upstream release * Refresh patches and update dependencies -- Pirate Praveen Thu, 23 Jun 2016 23:54:28 +0530 gitlab (8.9.0+dfsg~rc4-1) experimental; urgency=medium * New upstream release candidate * Refresh patches * Use jquery in place of jquery2 (debian has only jquery and it has same API) * Remove /etc/gitlab/initializers/devise_async.rb (removed upstream) * Symlink /usr/share/gitlab/.ssh to var/lib/gitlab/.ssh -- Pirate Praveen Wed, 22 Jun 2016 13:57:27 +0530 gitlab (8.8.2+dfsg-5) unstable; urgency=medium * Relax dependencies for all stable libraries (>= 1.0) (Closes: #827374) -- Pirate Praveen Thu, 16 Jun 2016 12:31:40 +0530 gitlab (8.8.2+dfsg-4) unstable; urgency=high * Allow minor updates for ruby-state-machines-activerecord (Closes: #827013) -- Pirate Praveen Sun, 12 Jun 2016 12:51:19 +0530 gitlab (8.8.2+dfsg-3) unstable; urgency=medium * Update minimum version of rails to 4.2.6 * Update minimum version of ruby-request-store to 1.3 * Add postgresql-contrib as dependency for pg_trgm extension (Closes: #826302) * Add ruby-coffee-script-source (>= 1.10.0~) as dependency -- Pirate Praveen Sun, 05 Jun 2016 18:20:51 +0530 gitlab (8.8.2+dfsg-2) unstable; urgency=medium * Move gitlab-shell's config.yml to /etc * Update minimum version of gitlab-shell to 3.0.0 -- Pirate Praveen Sat, 04 Jun 2016 21:47:12 +0530 gitlab (8.8.2+dfsg-1) unstable; urgency=medium * New upstream release (Closes: #823290) * Refresh patches * Bump standards version to 3.9.8 (no changes) * Enable the pg_trgm extension for postgresql * Check if nginx site configuration directory is present before copying (Closes: #821085) * Symlink /run/gitlab/cache to /var/lib/gitlab/cache (or /run gets filled up) * Remove debconf db on purge -- Pirate Praveen Thu, 02 Jun 2016 22:27:15 +0530 gitlab (8.5.8+dfsg-5) unstable; urgency=medium * Make nginx optional (Closes: #819260) * Manage nginx configuration via ucf (Closes: #819262) * Manage gitlab-debian.conf and gitlab.yml via ucf * Make postinst more verbose -- Pirate Praveen Fri, 08 Apr 2016 17:29:34 +0530 gitlab (8.5.8+dfsg-4) unstable; urgency=medium * Tighten version requirements for dependencies * Fix permissions for uploads * Run db:migrate when db exist * Restrict file permissions for secret files (Closes: #819412) * Move db to /var/lib/gitlab (fix migrations) [ Libor Klepáč ] * Create builds directory in /var/log (Closes: #819907) -- Pirate Praveen Tue, 05 Apr 2016 22:55:36 +0530 gitlab (8.5.8+dfsg-3) unstable; urgency=medium * Reupload to unstable * Add mail-transport-agent as dependency * Symlink 'shared' to /var/lib/gitlab instead of 'shared/cache' - gitlab expects everything inside shared to be in the same file system. * Use embedded copy of fuzzaldrin-plus (See #814871 for more details) * Bring back db check in postinst (initialize the db only if it is empty) * Choose unicode for db encoding * Don't run letsencrypt if certificate is already present -- Pirate Praveen Tue, 05 Apr 2016 00:14:30 +0530 gitlab (8.5.8+dfsg-2) experimental; urgency=medium * Change letsencrypt from depends to recommends -- Pirate Praveen Sun, 03 Apr 2016 11:09:51 +0530 gitlab (8.5.8+dfsg-1) experimental; urgency=medium * New upstream release -- Pirate Praveen Sat, 02 Apr 2016 21:30:27 +0530 gitlab (8.4.3+dfsg-12) unstable; urgency=medium [ Libor Klepáč ] * Add fix-wiki.patch: Fix wiki display (Closes: #815465) [ Pirate Praveen ] * Use redis-server.service instead of redis.service (which is an alias to redis-server.service and won't be available if redis-server.service is disabled) in systemd files. -- Pirate Praveen Fri, 18 Mar 2016 19:12:10 +0530 gitlab (8.4.3+dfsg-11) unstable; urgency=medium * Relax stable library versions requirement * Relax dependency on grape-entity [ Johannes Schauer ] * Add diagnostic info to README.Debian * Add steps of migrating a source install to debian package -- Pirate Praveen Wed, 16 Mar 2016 20:16:47 +0530 gitlab (8.4.3+dfsg-10) unstable; urgency=medium [ Balasankar C ] * Team upload. * Bump Standards Version (No Changes). * Fix typo in debian/README.Debian. * 0038-relax-net-ssh.patch : Add dep3 header. [ Pirate Praveen ] * Replace gitlab:setup with db:schema:load and db:seed_fu (Closes: #815798) * Relax rails dependency in Gemfile (Closes: #817150) -- Pirate Praveen Tue, 15 Mar 2016 19:42:59 +0530 gitlab (8.4.3+dfsg-9) unstable; urgency=medium * Reorganize directory layout (Closes: #814476) - Move gitlab user's home directory to /var/lib - Add config as a symlink to /etc/gitlab - Add log as a symlink to /var/log/gitlab - Add public as a symlink to /var/lib/gitlab/public - Add more files that needs write permission to /var -- Pirate Praveen Thu, 18 Feb 2016 22:51:32 +0530 gitlab (8.4.3+dfsg-8) unstable; urgency=medium * Install tmpfiles.d/gitlab.conf and allow www-data user to read /run/gitlab (Closes: #814714) * Switch to sendmail method by default. -- Pirate Praveen Tue, 16 Feb 2016 13:58:16 +0530 gitlab (8.4.3+dfsg-7) unstable; urgency=medium * bc should be in build-dep (Closes: #814695) * fix pid file mismatch between /etc/default/gitlab and systemd service files (Closes: #814714) * use tmpfiles.d for /run/gitlab (Closes: #814713) Thanks to Christian Seiler -- Pirate Praveen Tue, 16 Feb 2016 00:08:18 +0530 gitlab (8.4.3+dfsg-6) unstable; urgency=medium * Fix pid and sockets path for gitlab-workhorse -- Pirate Praveen Sun, 14 Feb 2016 12:45:24 +0530 gitlab (8.4.3+dfsg-5) unstable; urgency=medium * Switch to su from sudo -- Pirate Praveen Sat, 13 Feb 2016 23:53:42 +0530 gitlab (8.4.3+dfsg-4) unstable; urgency=medium * Don't overwrite existing database (Closes: #814458) * Write logs, pids and sockets to /var (Closes: #814476) * Add more files to debian/install (Closes: #814503) * Add a check in debian/rules for installing all files -- Pirate Praveen Sat, 13 Feb 2016 21:55:51 +0530 gitlab (8.4.3+dfsg-3) unstable; urgency=medium * Check if /run/systemd/system dirctory exist for systemd -- Pirate Praveen Fri, 12 Feb 2016 01:01:59 +0530 gitlab (8.4.3+dfsg-2) unstable; urgency=medium [ Balasankar C ] * Add email configuration via sendmail method [ Pirate Praveen ] * Download certificates via letsencrypt * Check /proc/1/cmdline for systemd (Closes: #814413) -- Pirate Praveen Fri, 12 Feb 2016 00:17:01 +0530 gitlab (8.4.3+dfsg-1) unstable; urgency=medium * New upstream release * Refresh patches (rails version is in sync) * Configure ssl for nginx if selected * Use letsencrypt certificate paths if selected * Add git as dependency (Closes: #813807) * SSH key upload is working (Closes: #812861) * Configure gitlab_url as workwround (Closes: #813770 ) -- Pirate Praveen Tue, 09 Feb 2016 23:39:34 +0530 gitlab (8.4.0+dfsg-2) unstable; urgency=medium * Add systemd units (Closes: #812841) * Remove Gemfile.lock if found before bundle install (Closes: #813550) (Closes: #812907) -- Pirate Praveen Thu, 04 Feb 2016 16:28:26 +0530 gitlab (8.4.0+dfsg-1) unstable; urgency=medium * New upstream release * Use su instead of sudo everywhere (Closes: #812951) * Add rake and ruby-sentry-raven as dependencies * Remove patch 0107-relax-omniauth-facebook.patch -- Pirate Praveen Tue, 02 Feb 2016 19:28:45 +0530 gitlab (8.4.0+dfsg~rc2-4) unstable; urgency=medium * Reupload to unstable * Relax ruby-net-ssh dependency -- Pirate Praveen Thu, 28 Jan 2016 02:01:57 +0530 gitlab (8.4.0+dfsg~rc2-3) experimental; urgency=medium * Read gitlab-debian.conf from /etc/default/gitlab - Use debian specific configuration in init script * Add nginx to dependencies (Closes: #812724) * Add ruby-influxdb to dependencies (Closes: #812839) * Add missing dependecies from Gemfile and tighen versions * Use environmental variables by commenting out defaults in gitlab.yml -- Pirate Praveen Wed, 27 Jan 2016 13:40:31 +0530 gitlab (8.4.0+dfsg~rc2-2) experimental; urgency=medium * Add README.Debian to document debian specific changes * Make mysql optional (Closes: #812345) * Configure hostname via debconf and integrate nginx -- Pirate Praveen Sun, 24 Jan 2016 15:19:19 +0530 gitlab (8.4.0+dfsg~rc2-1) experimental; urgency=medium * Initial release (Closes: #651606) -- Pirate Praveen Wed, 20 Jan 2016 00:56:59 +0530