Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
continuation of #109595
pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.
python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
|
|
Part of: https://github.com/NixOS/nixpkgs/issues/108938
meta = with stdenv.lib;
is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.
This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.
The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
|
|
|
|
These were added again in https://github.com/NixOS/nixpkgs/pull/107558
because the update script still ran vgo2nix.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Changed ruby version to 2.7.x to match upstream.
Added a gem config for gitlab-pg_query as it tries to download a source
tarball during the build process.
Also removed a patch for gitaly that has become obsolete by upstream fix
[here](https://gitlab.com/gitlab-org/gitaly/-/commit/de04077c25cc23b001317d2efdf5a9ead0bc86b9).
|
|
|
|
|
|
13.4.3
|
|
|
|
|
|
Security release: https://about.gitlab.com/releases/2020/07/06/critical-security-release-gitlab-13-1-3-released/
|
|
|
|
CI Token Access Control
An authorization issue discovered in the mirroring logic allowed read access to private repositories. This issue is now mitigated in the latest release and is waiting for a CVE ID to be assigned.
https://about.gitlab.com/releases/2020/06/10/critical-security-release-13-0-6-released/
|
|
https://about.gitlab.com/releases/2020/06/03/critical-security-release-13-0-4-released/
|
|
https://about.gitlab.com/releases/2020/05/22/gitlab-13-0-released/
https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
https://about.gitlab.com/releases/2020/05/29/gitlab-13-0-3-released/
The gitaly gitlab-shell config has moved into gitaly.toml. See
https://gitlab.com/gitlab-org/gitaly/-/issues/2182 for more info.
|
|
gitlab: 12.8.10 -> 12.10.6
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
It seems the atom feed now needs authentication. Use the /refs endpoint,
which is used for the switch branch/tag dropdown. It doesn't show all
records, but has some pagination, but works well enough for now.
|
|
|
|
|
|
|
|
|
|
|
|
See
https://about.gitlab.com/releases/2020/04/14/critical-security-release-gitlab-12-dot-9-dot-3-released/
for details.
|
|
`bundix -l` doesn't work, as it treats bundler's warning about upgrading
the lockfile version as an error, so invoke `bundle lock` manually.
|
|
While it's already possible to invoke `update-data` with the `--rev`
argument, one still needs to run all later phases manually.
Fix this, by having `update-all` also accept a `--rev` argument, and
pass it down to `update-data`.
Also, make the help text a bit more usable, by suggesting the usual
versioning scheme used these times.
|
|
|
|
|
|
|
|
https://about.gitlab.com/releases/2020/03/16/gitlab-12-8-7-released/
|
|
|
|
https://about.gitlab.com/releases/2020/03/11/critical-security-release-gitlab-12-dot-8-dot-6-released/
|
|
or vgo2nix might not be able to resolve some dependencies.
|
|
https://about.gitlab.com/releases/2020/03/09/gitlab-12-8-5-released/
|
|
Includes multiple security fixes mentioned in
https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
(unfortunately, no CVE numbers as of yet)
- Directory Traversal to Arbitrary File Read
- Account Takeover Through Expired Link
- Server Side Request Forgery Through Deprecated Service
- Group Two-Factor Authentication Requirement Bypass
- Stored XSS in Merge Request Pages
- Stored XSS in Merge Request Submission Form
- Stored XSS in File View
- Stored XSS in Grafana Integration
- Contribution Analytics Exposed to Non-members
- Incorrect Access Control in Docker Registry via Deploy Tokens
- Denial of Service via Permission Checks
- Denial of Service in Design For Public Issue
- GitHub Tokens Displayed in Plaintext on Integrations Page
- Incorrect Access Control via LFS Import
- Unescaped HTML in Header
- Private Merge Request Titles Leaked via Widget
- Project Namespace Exposed via Vulnerability Feedback Endpoint
- Denial of Service Through Recursive Requests
- Project Authorization Not Being Updated
- Incorrect Permission Level For Group Invites
- Disclosure of Private Group Epic Information
- User IP Address Exposed via Badge images
- Update postgresql (GitLab Omnibus)
|
|
This fixes issue #79374, where gitaly prints warning messages on the
client side when running push or fetch.
|