From a872c3e886528016d5383ef9260277b8120e2cc4 Mon Sep 17 00:00:00 2001 From: Tiago Botelho Date: Mon, 24 Jul 2017 19:27:29 +0100 Subject: [PATCH] Bumps Gitlab Omniauth LDAP version --- Gemfile | 2 +- Gemfile.lock | 16 ++++++++-------- .../bump-omniauth-ldap-gem-version.yml | 4 ++++ 3 files changed, 13 insertions(+), 9 deletions(-) create mode 100644 changelogs/unreleased/bump-omniauth-ldap-gem-version.yml diff --git a/Gemfile b/Gemfile index 5758b1b554e..d45c15fd650 100644 --- a/Gemfile +++ b/Gemfile @@ -60,7 +60,7 @@ gem 'browser', '~> 2.2' # LDAP Auth # GitLab fork with several improvements to original library. For full list of changes # see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master -gem 'gitlab_omniauth-ldap', '~> 1.2.1', require: 'omniauth-ldap' +gem 'gitlab_omniauth-ldap', '~> 2.0.3', require: 'omniauth-ldap' # Git Wiki # Required manually in config/initializers/gollum.rb to control load order diff --git a/Gemfile.lock b/Gemfile.lock index 6ffff0d8735..7b1d5dfdc6e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -288,11 +288,11 @@ GEM mime-types (>= 1.16, < 3) posix-spawn (~> 0.3) gitlab-markup (1.5.1) - gitlab_omniauth-ldap (1.2.1) - net-ldap (~> 0.9) - omniauth (~> 1.0) - pyu-ruby-sasl (~> 0.0.3.1) - rubyntlm (~> 0.3) + gitlab_omniauth-ldap (2.0.3) + net-ldap (~> 0.16) + omniauth (~> 1.3) + pyu-ruby-sasl (>= 0.0.3.3, < 0.1) + rubyntlm (~> 0.5) globalid (0.3.7) activesupport (>= 4.1.0) gollum-grit_adapter (1.0.1) @@ -467,7 +467,7 @@ GEM mustermann-grape (1.0.0) mustermann (~> 1.0.0) mysql2 (0.4.5) - net-ldap (0.12.1) + net-ldap (0.16.0) netrc (0.11.0) nokogiri (1.6.8.1) mini_portile2 (~> 2.1.0) @@ -740,7 +740,7 @@ GEM nokogiri (>= 1.5.10) ruby_parser (3.9.0) sexp_processor (~> 4.1) - rubyntlm (0.5.2) + rubyntlm (0.6.2) rubypants (0.2.0) rubyzip (1.2.1) rufus-scheduler (3.4.0) @@ -974,7 +974,7 @@ DEPENDENCIES github-linguist (~> 4.7.0) gitlab-flowdock-git-hook (~> 1.0.1) gitlab-markup (~> 1.5.1) - gitlab_omniauth-ldap (~> 1.2.1) + gitlab_omniauth-ldap (~> 2.0.3) gollum-lib (~> 4.2) gollum-rugged_adapter (~> 0.4.4) gon (~> 6.1.0) diff --git a/changelogs/unreleased/bump-omniauth-ldap-gem-version.yml b/changelogs/unreleased/bump-omniauth-ldap-gem-version.yml new file mode 100644 index 00000000000..42e1c9e8f83 --- /dev/null +++ b/changelogs/unreleased/bump-omniauth-ldap-gem-version.yml @@ -0,0 +1,4 @@ +--- +title: Prevent LDAP login callback from being called with a GET request +merge_request: 13059 +author: