ba79d1e5b8
Enable Devise paranoid mode and ensure the returned message is the same every time. This will prevent user enumeration (low impact). Prior to this change a user could type an email in the password reset field and if the email didn't exist it returned an error. If the email was valid it returned a message saying the forgot password link had been emailed. After this change the user will receive a message that if the email is in our database the reset link will be emailed. I also changed the throttle mechanism so it still works the same but now returns the exact same message as above. Previously it would say 'You've already sent a request. Wait a few minutes'. This also allows user enumeration, although it requires a double-check. Related to https://dev.gitlab.org/gitlab/gitlabhq/issues/2624 See merge request !2044 |
||
|---|---|---|
| app | ||
| bin | ||
| builds | ||
| config | ||
| db | ||
| doc | ||
| docker | ||
| features | ||
| lib | ||
| log | ||
| public | ||
| scripts | ||
| shared | ||
| spec | ||
| tmp | ||
| vendor/assets | ||
| .flayignore | ||
| .foreman | ||
| .gitattributes | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .hound.yml | ||
| .pkgr.yml | ||
| .rspec | ||
| .rubocop.yml | ||
| .ruby-version | ||
| .simplecov | ||
| .teatro.yml | ||
| CHANGELOG | ||
| config.ru | ||
| CONTRIBUTING.md | ||
| doc_styleguide.md | ||
| docker-compose.yml | ||
| Gemfile | ||
| Gemfile.lock | ||
| GITLAB_SHELL_VERSION | ||
| GITLAB_WORKHORSE_VERSION | ||
| LICENSE | ||
| MAINTENANCE.md | ||
| PROCESS.md | ||
| Procfile | ||
| Rakefile | ||
| README.md | ||
| VERSION | ||
GitLab
Canonical source
The source of GitLab Community Edition is hosted on GitLab.com and there are mirrors to make contributing as easy as possible.
Open source software to collaborate on code
To see how GitLab looks please see the features page on our website.
- Manage Git repositories with fine grained access controls that keep your code secure
- Perform code reviews and enhance collaboration with merge requests
- Each project can also have an issue tracker and a wiki
- Used by more than 100,000 organizations, GitLab is the most popular solution to manage Git repositories on-premises
- Completely free and open source (MIT Expat license)
- Powered by Ruby on Rails
Editions
There are two editions of GitLab:
- GitLab Community Edition (CE) is available freely under the MIT Expat license.
- GitLab Enterprise Edition (EE) includes extra features that are more useful for organizations with more than 100 users. To use EE and get official support please become a subscriber.
Website
On about.gitlab.com you can find more information about:
- Subscriptions
- Consultancy
- Community
- Hosted GitLab.com use GitLab as a free service
- GitLab Enterprise Edition with additional features aimed at larger organizations.
- GitLab CI a continuous integration (CI) server that is easy to integrate with GitLab.
Requirements
Please see the requirements documentation for system requirements and more information about the supported operating systems.
Installation
The recommended way to install GitLab is with the Omnibus packages on our package server. Compared to an installation from source, this is faster and less error prone. Just select your operating system, download the respective package (Debian or RPM) and install it using the system's package manager.
There are various other options to install GitLab, please refer to the installation page on the GitLab website for more information.
You can access a new installation with the login root and password 5iveL!fe, after login you are required to set a unique password.
Install a development environment
To work on GitLab itself, we recommend setting up your development environment with the GitLab Development Kit. If you do not use the GitLab Development Kit you need to install and setup all the dependencies yourself, this is a lot of work and error prone. One small thing you also have to do when installing it yourself is to copy the example development unicorn configuration file:
cp config/unicorn.rb.example.development config/unicorn.rb
Instructions on how to start GitLab and how to run the tests can be found in the development section of the GitLab Development Kit.
Software stack
GitLab is a Ruby on Rails application that runs on the following software:
- Ubuntu/Debian/CentOS/RHEL
- Ruby (MRI) 2.1
- Git 1.7.10+
- Redis 2.4+
- MySQL or PostgreSQL
For more information please see the architecture documentation.
Third-party applications
There are a lot of third-party applications integrating with GitLab. These include GUI Git clients, mobile applications and API wrappers for various languages.
GitLab release cycle
For more information about the release process see the release documentation.
Upgrading
For upgrading information please see our update page.
Documentation
All documentation can be found on doc.gitlab.com/ce/.
Getting help
Please see Getting help for GitLab on our website for the many options to get help.
Is it any good?
Is it awesome?
Thanks for asking this question Joshua. These people seem to like it.