Commit graph

14 commits

Author SHA1 Message Date
GitLab Bot
2f147005c5 Add latest changes from gitlab-org/gitlab@master 2020-07-11 00:09:17 +00:00
Mark Chao
d8bddb1662 Validate MR branch names
Prevents refspec as branch name, which would bypass branch protection
when used in conjunction with rebase.

HEAD seems to be a special case with lots of occurrence,
so it is considered valid for now.

Another special case is `refs/head/*`, which can be imported.
2019-05-03 03:02:58 +08:00
Stan Hu
e36c347ff9 Gracefully handle references with null bytes
`Rugged::Reference.valid_name?` used in
`Gitlab::GitRefValidator.validate` fails on strings containing null
bytes because it uses `StringValueCStr()`. Per
https://silverhammermba.github.io/emberb/c/:

Ruby’s String kinda corresponds to C’s char*. The simplest macro is
StringValueCStr() which returns a null-terminated char* for a
String. The problem here is that a Ruby String might contain nulls - in
which case StringValueCStr() will raise an ArgumentError!

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54466
2018-11-26 14:14:16 -08:00
gfyoung
c858f70d07 Enable frozen string for lib/gitlab/*.rb 2018-10-22 07:00:50 +00:00
Ahmad Hassan
8ea9c81593 Use rugged to validate ref name 2018-07-19 12:23:46 +02:00
Jacob Schatz
351fde1b90 Prevent branches or tags from starting with invalid characters (e.g. -, .)
Closes #38817
2017-10-05 14:56:36 -07:00
Jacob Vosmaer
a87cca5f9c More Gitaly annotations 2017-07-13 18:05:55 +02:00
Matthieu Tardy
7a399b7061 Strip reference prefixes on branch creation
Signed-off-by: Matthieu Tardy <matthieu.tardy@gmail.com>
2017-01-09 13:38:44 +01:00
Robert Speicher
d09d62b6b8 Replace all usages of git command with configurable binary path
Closes #3311
2015-11-03 17:11:09 -05:00
Valery Sizov
bf8b874117 fix system silent call 2014-11-06 13:07:42 +02:00
Valery Sizov
d1b489e048 Revert "Revert "Don't output to stdout from lib non-interactive methods""
This reverts commit b33d4bc2f1.
2014-11-06 13:07:16 +02:00
Valery Sizov
b33d4bc2f1 Revert "Don't output to stdout from lib non-interactive methods"
This reverts commit 0b1084a453.
2014-11-06 11:58:00 +02:00
Ciro Santilli
0b1084a453 Don't output to stdout from lib non-interactive methods
It pollutes the test output too much.
2014-11-05 12:35:33 +01:00
Robert Schilling
551145bc98 Validate branch-names and references in WebUI, API
Add specs for GitRefValidator
2014-09-03 13:08:35 +02:00