GitLab FOSS issueshttps://gitlab.com/gitlab-org/gitlab-foss/-/issues2018-03-26T09:48:49Zhttps://gitlab.com/gitlab-org/gitlab-foss/-/issues/44520Insert short link texts for links to files in comments2018-03-26T09:48:49ZClaas AugnerInsert short link texts for links to files in comments### Description
In Markdown fields, when including links to issues, merge requests or comments within GitLab, a corresponding short link text is automatically inserted, e.g.
* `https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/121...### Description
In Markdown fields, when including links to issues, merge requests or comments within GitLab, a corresponding short link text is automatically inserted, e.g.
* `https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12183` <br> :arrow_right: `!12183`
* `https://gitlab.com/gitlab-org/gitlab-ce/issues/32515` <br> :arrow_right: `#32515`
* `https://gitlab.com/gitlab-org/gitlab-ce/issues/32515#note_29997037` <br> :arrow_right: `#32515 (comment 29997037)`
However, this is not (yet) the case for links to files, e.g.
* `https://gitlab.com/gitlab-org/gitlab-ce/blob/master/.gitlab-ci.yml` <br> :x: `.gitlab-ci.yml (in master)`
* `https://gitlab.com/gitlab-org/gitlab-ce/blob/d14b842820a9672a8a7bbd85c636e7d16ec58c3d/.gitlab-ci.yml` <br> :x: `.gitlab-ci.yml (at d14b8428)`
### Proposal
For file links, corresponding short link texts should automatically be inserted (see examples above).
### Links / referenceshttps://gitlab.com/gitlab-org/gitlab-foss/-/issues/43835Extraction of related issues from text2019-08-07T08:25:58ZPatrick Lehmannpaebbels@gmail.comExtraction of related issues from text### Description
Currently GitLab extracts related merge requests from the issue description text. The found items are listed below the description text in a separate section like related issues. But incontrast to merge requests, related...### Description
Currently GitLab extracts related merge requests from the issue description text. The found items are listed below the description text in a separate section like related issues. But incontrast to merge requests, related issues are not extracted from text, but need manual interaction.
See this issue as an example: https://gitlab.com/gitlab-org/gitlab-ce/issues/43834
### Proposal
* Automatically extract related issues from issue description text.
* Automatically extract related issues from comments
If this does not fit into the proposed workflow of GitLab, then please offer a hint after issue creation to add the found issue references to the *related issues* list.
### Links / referenceshttps://gitlab.com/gitlab-org/gitlab-foss/-/issues/43834Mark closed issues by color but not by text2019-08-07T08:25:58ZPatrick Lehmannpaebbels@gmail.comMark closed issues by color but not by text### Description
Currently closed issues are displayed with an additional text like this `#35994 (closed)`. This requires space in the text and distracts the user from reading. In contrast merge requests (MRs) have no open/merged represe...### Description
Currently closed issues are displayed with an additional text like this `#35994 (closed)`. This requires space in the text and distracts the user from reading. In contrast merge requests (MRs) have no open/merged representation. The same is true for milestones. Haven't reviewed this inconsistent behavior for epics in my installation.
**Examples (by 03.03.2018):**
* Issues
* open: #43833
* closed: #35994
* Merge Requests
* open: !17504
* closed: !17029
* Milestones
* open: https://gitlab.com/gitlab-org/gitlab-ce/milestones/41
* closed: https://gitlab.com/gitlab-org/gitlab-ce/milestones/10
### Proposal
* Display *open* and *closed* issues through the use of colors, but not through an attached text
* Display *open* and *merged* merge requests through the use of colors
* Display *open* and *closed* milestones through the use of colors
I think the proposed behavior can also be applied to CI entities like jobs.
### Links / referenceshttps://gitlab.com/gitlab-org/gitlab-foss/-/issues/43192Asciidoc inter document cross reference rendered in .html instead of .adoc2019-08-07T08:26:33ZNail GilazievAsciidoc inter document cross reference rendered in .html instead of .adoc> This issue is referenced with https://gitlab.com/gitlab-org/gitlab-ce/issues/17602 but I don't
now how to reopen it. Here I provide more necessary info about this issue.
### Summary
If *asciidoctor* file contains inter document cros...> This issue is referenced with https://gitlab.com/gitlab-org/gitlab-ce/issues/17602 but I don't
now how to reopen it. Here I provide more necessary info about this issue.
### Summary
If *asciidoctor* file contains inter document cross reference (reference to another **.adoc** file in repository) it renders this link with **.html** suffix instead of **.adoc** suffix.
This cause 404 Not Found when you click this link.
### Steps to reproduce
Create a *README.adoc* file and paste this content
```
= Test links
ifdef::env-github,env-browser[:outfilesuffix: .adoc]
link:refme{outfilesuffix}[link_example2]
```
### Example Project
A lot of detailed info inside this repo file: <br />
https://gitlab.com/nailgilaziev/testasciidoc/blob/master/README.adoc <br />
And same file in github with correct behavior: <br />
https://github.com/nailgilaziev/testadoc/blob/master/README.adoc
### What is the current *bug* behavior?
After pressing a link browser try to open a file *refme.html*(not exist) instead of *refme.adoc*(exist). And after that 404 Not Found shown.
### What is the expected *correct* behavior?
When `ifdef::env-github,env-browser[:outfilesuffix: .adoc]` exist - inter document cross reference must be rendered with **.adoc** suffix. <br />
Or automatically do it like in github without this ifdef code line [details here](https://github.com/asciidoctor/asciidoctor.org/blob/master/docs/_includes/xref-source-to-source.adoc)
### Output of checks
This bug happens on GitLab.com check out my example repo.https://gitlab.com/gitlab-org/gitlab-foss/-/issues/42834Gitlab breaks its own *.patch and *.diff commit links when rendering issues2018-02-13T15:39:10ZÆvar Arnfjörð Bjarmasonavar@gitlab.comGitlab breaks its own *.patch and *.diff commit links when rendering issuesThese should link to different URLs, but are cut off at the commit:
* https://gitlab.com/gitlab-org/gitlab-ce/commit/5dd8c05a537bc8961b9a3089e11e21e1bb74a123
* https://gitlab.com/gitlab-org/gitlab-ce/commit/5dd8c05a537bc8961b9a3089e1...These should link to different URLs, but are cut off at the commit:
* https://gitlab.com/gitlab-org/gitlab-ce/commit/5dd8c05a537bc8961b9a3089e11e21e1bb74a123
* https://gitlab.com/gitlab-org/gitlab-ce/commit/5dd8c05a537bc8961b9a3089e11e21e1bb74a123.patch
* https://gitlab.com/gitlab-org/gitlab-ce/commit/5dd8c05a537bc8961b9a3089e11e21e1bb74a123.diff
It should instead show:
* [5dd8c05a](https://gitlab.com/gitlab-org/gitlab-ce/commit/5dd8c05a537bc8961b9a3089e11e21e1bb74a123)
* [5dd8c05a.patch](https://gitlab.com/gitlab-org/gitlab-ce/commit/5dd8c05a537bc8961b9a3089e11e21e1bb74a123.patch)
* [5dd8c05a.diff](https://gitlab.com/gitlab-org/gitlab-ce/commit/5dd8c05a537bc8961b9a3089e11e21e1bb74a123.diff)https://gitlab.com/gitlab-org/gitlab-foss/-/issues/42620Permission footnotes links don't work2018-02-07T17:20:42ZEdward Breyedward@breyfamily.netPermission footnotes links don't workWhen you click on a footnote in the tables on the [Permissions](https://gitlab.com/help/user/permissions) page, nothing happens. There are footnotes at the end of the page, but they have no anchors and don't seem to correlate to the foot...When you click on a footnote in the tables on the [Permissions](https://gitlab.com/help/user/permissions) page, nothing happens. There are footnotes at the end of the page, but they have no anchors and don't seem to correlate to the footnote references in the tables (at least not in the "Project members permissions" table). I didn't check all the tables.https://gitlab.com/gitlab-org/gitlab-foss/-/issues/42459image not show in md when "#" in branch name2018-03-15T13:38:31Zliyananimage not show in md when "#" in branch name### Summary
image not show in markdown when "#" in branch name
see this project https://gitlab.com/lightmaster/asdf/blob/asdf%23123/readme.md### Summary
image not show in markdown when "#" in branch name
see this project https://gitlab.com/lightmaster/asdf/blob/asdf%23123/readme.mdhttps://gitlab.com/gitlab-org/gitlab-foss/-/issues/42076Referencing files in GFM2018-01-16T12:52:47ZBob Van Landuytbob@gitlab.comReferencing files in GFMIt would be nice to be able to reference files in GFM when pasting a GitLab link.
For example:
- linking on the default branch: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/app/controllers/root_controller.rb -> [`app/controllers...It would be nice to be able to reference files in GFM when pasting a GitLab link.
For example:
- linking on the default branch: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/app/controllers/root_controller.rb -> [`app/controllers/root_controller.rb`](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/app/controllers/root_controller.rb)
- Linking to another branch: https://gitlab.com/gitlab-org/gitlab-ce/blob/gitaly-commit-signature/app/controllers/root_controller.rb -> [`app/controllers/root_controller.rb@gitaly-commit-signature`](https://gitlab.com/gitlab-org/gitlab-ce/blob/gitaly-commit-signature/app/controllers/root_controller.rb)
- Linking to a specific SHA: https://gitlab.com/gitlab-org/gitlab-ce/blob/c7f79e5a2849c56d87151ae99cdbbb1af8c37bd3/app/controllers/root_controller.rb -> [`app/controllers/root_controller@c7f79e5a2`](https://gitlab.com/gitlab-org/gitlab-ce/blob/c7f79e5a2849c56d87151ae99cdbbb1af8c37bd3/app/controllers/root_controller.rb)https://gitlab.com/gitlab-org/gitlab-foss/-/issues/42052Mermaid drawings not rendering due to "<svg> attribute viewBox: Expected numb...2021-08-17T05:53:30ZStan HuMermaid drawings not rendering due to "<svg> attribute viewBox: Expected number, "0 0 -Infinity -Infin…"In https://gitlab.com/gitlab-com/migration/issues/20#note_54606798, I don't see Mermaid drawings due to:
![image](/uploads/95ee5ffd7d744752429ae46ede09bedf/image.png)
### Sample drawing
```mermaid
graph TD;
A-->B;
A-->C;
B...In https://gitlab.com/gitlab-com/migration/issues/20#note_54606798, I don't see Mermaid drawings due to:
![image](/uploads/95ee5ffd7d744752429ae46ede09bedf/image.png)
### Sample drawing
```mermaid
graph TD;
A-->B;
A-->C;
B-->D;
C-->D;
D-->E;
```
https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41934Separate Line Math Not Working2019-08-07T08:27:40ZPaul DurbabaSeparate Line Math Not Working### Summary
Separate line math is not showing up properly on my Gitlab instance or gitlab.com. It shows as a code block instead of as formatted math.
### Steps to reproduce
**It should be visible here that the separate line math is not...### Summary
Separate line math is not showing up properly on my Gitlab instance or gitlab.com. It shows as a code block instead of as formatted math.
### Steps to reproduce
**It should be visible here that the separate line math is not showing up**
(Copied from https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/user/markdown.md#math)
This math is inline $`a^2+b^2=c^2`$.
This is on a separate line
```math
a^2+b^2=c^2
```
### Screenshots
the following shows up in Firefox:
![screenshot.328](/uploads/28cb11ae88cba2aa3b6713864961d4c0/screenshot.328.png)
And in Google Chrome:
![screenshot.329](/uploads/7a80bf01692c8d7f66c63edbd0ddb226/screenshot.329.png)
### What is the expected *correct* behavior?
Both math blocks (the inline one and the separate line one) should look identical.https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41790Stored XSS for Mermaid markdown vulnerability2021-07-23T16:40:16ZKathy WangStored XSS for Mermaid markdown vulnerabilityhttps://hackerone.com/reports/301832
This vulnerability was reported through HackerOne by nilsjuenemann :
To reproduce, just enter the following in markdown:
```
```mermaid
</pre>
<script>alert(1);</script>
```
Screenshot provided:
!...https://hackerone.com/reports/301832
This vulnerability was reported through HackerOne by nilsjuenemann :
To reproduce, just enter the following in markdown:
```
```mermaid
</pre>
<script>alert(1);</script>
```
Screenshot provided:
![image](/uploads/9bac2fb71c65b50f4a957b0f98a2ce40/image.png)Sean McGivernSean McGivernhttps://gitlab.com/gitlab-org/gitlab-foss/-/issues/41500URL rel attribute not set for broken URLs2019-08-07T08:28:05ZJobert AbmaURL rel attribute not set for broken URLs### Summary
There seems to be a minor bug where the `rel` attribute isn't set for some URLs in a Markdown field. I believe this has been abused by spammers in the past for PageRank / similar purposes. I don't believe there are immediate...### Summary
There seems to be a minor bug where the `rel` attribute isn't set for some URLs in a Markdown field. I believe this has been abused by spammers in the past for PageRank / similar purposes. I don't believe there are immediate security implications, but you want want to consider fixing this nonetheless.
### Steps to reproduce
- http://google.com
- http://google.com\
- http://google.com/"--
Inspect the URLs above. You'll notice that the `rel` attribute is only set for the first URL.11.7James RitcheyJames Ritchey2019-02-01https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41442If the Markdown URL [](url) is not valid, display it as plaintext2019-08-07T08:28:07ZLee MatosIf the Markdown URL [](url) is not valid, display it as plaintextZD: https://gitlab.zendesk.com/agent/tickets/86361
For example, you might have a log format that displays as such:
```
[68342:2104825] (open(/var/tmp/): Library not loaded: /location
10:09:37 Referenced from: /var/tmp/
10:09:37 Reason:...ZD: https://gitlab.zendesk.com/agent/tickets/86361
For example, you might have a log format that displays as such:
```
[68342:2104825] (open(/var/tmp/): Library not loaded: /location
10:09:37 Referenced from: /var/tmp/
10:09:37 Reason: Incompatible thing:)
```
If you do not put this in a code block (as above) and just paste it into an issue, GitLab will 500 with:
```
Completed 500 Internal Server Error in 373ms (ActiveRecord: 32.1ms | Elasticsearch: 0.0ms)
Addressable::URI::InvalidURIError (Cannot assemble URI string with ambiguous path: 'open(/var/tmp/): Library not loaded: /location
10:09:37 Referenced from: /var/tmp/
10:09:37 Reason: Incompatible thing:'):
lib/banzai/filter/relative_link_filter.rb:56:in `rebuild_relative_uri'
lib/gitlab/metrics/instrumentation.rb:156:in `block in rebuild_relative_uri'
lib/gitlab/metrics/method_call.rb:23:in `measure'
lib/gitlab/metrics/instrumentation.rb:156:in `rebuild_relative_uri'
lib/banzai/filter/relative_link_filter.rb:42:in `process_link_attr'
lib/gitlab/metrics/instrumentation.rb:156:in `block in process_link_attr'
lib/gitlab/metrics/method_call.rb:23:in `measure'
lib/gitlab/metrics/instrumentation.rb:156:in `process_link_attr'
lib/banzai/filter/relative_link_filter.rb:20:in `block in call'
lib/banzai/filter/relative_link_filter.rb:19:in `call'
lib/gitlab/metrics/instrumentation.rb:156:in `block in call'
lib/gitlab/metrics/method_call.rb:23:in `measure'
lib/gitlab/metrics/instrumentation.rb:156:in `call'
lib/banzai/pipeline/base_pipeline.rb:21:in `block (2 levels) in singleton class'
lib/banzai/object_renderer.rb:61:in `block in post_process_documents'
lib/banzai/object_renderer.rb:59:in `map'
lib/banzai/object_renderer.rb:59:in `post_process_documents'
lib/gitlab/metrics/instrumentation.rb:156:in `block in post_process_documents'
lib/gitlab/metrics/method_call.rb:23:in `measure'
lib/gitlab/metrics/instrumentation.rb:156:in `post_process_documents'
lib/banzai/object_renderer.rb:35:in `render'
lib/gitlab/metrics/instrumentation.rb:156:in `block in render'
lib/gitlab/metrics/method_call.rb:23:in `measure'
lib/gitlab/metrics/instrumentation.rb:156:in `render'
lib/banzai/note_renderer.rb:18:in `render'
lib/gitlab/metrics/instrumentation.rb:156:in `block in render'
lib/gitlab/metrics/method_call.rb:23:in `measure'
lib/gitlab/metrics/instrumentation.rb:156:in `render'
app/controllers/concerns/renders_notes.rb:5:in `prepare_notes_for_rendering'
app/controllers/projects/merge_requests_controller.rb:557:in `define_discussion_vars'
app/controllers/projects/merge_requests_controller.rb:82:in `block (2 levels) in show'
app/controllers/projects/merge_requests_controller.rb:80:in `show'
app/controllers/application_controller.rb:285:in `set_locale'
lib/gitlab/middleware/multipart.rb:93:in `call'
lib/gitlab/request_profiler/middleware.rb:14:in `call'
lib/gitlab/middleware/go.rb:16:in `call'
lib/gitlab/etag_caching/middleware.rb:11:in `call'
lib/gitlab/middleware/rails_queue_duration.rb:20:in `call'
lib/gitlab/metrics/rack_middleware.rb:29:in `block in call'
lib/gitlab/metrics/transaction.rb:49:in `run'
lib/gitlab/m
```
Can we fail gracefully here and just display it as text?
cc/ @smcgivern @victorwuStan HuStan Huhttps://gitlab.com/gitlab-org/gitlab-foss/-/issues/40993namespace /project~name2019-08-07T08:28:36ZAaronnamespace /project~nameI create the content of the project problem,If the project content contains “namespace /project~name” ,You will be prompted for 500 during the visit![___G3B3L1S___E0SQ__8DSN](/uploads/83e1b8527fa6518324cbb23e3ccf3e1d/___G3B3L1S___E0SQ__8...I create the content of the project problem,If the project content contains “namespace /project~name” ,You will be prompted for 500 during the visit![___G3B3L1S___E0SQ__8DSN](/uploads/83e1b8527fa6518324cbb23e3ccf3e1d/___G3B3L1S___E0SQ__8DSN.png)https://gitlab.com/gitlab-org/gitlab-foss/-/issues/40502Full URLs to referenced issues or MRs I don't have access to, are not autolinked2019-08-07T08:29:07ZDouwe MaanFull URLs to referenced issues or MRs I don't have access to, are not autolinkedI noticed that in https://gitlab.com/gitlab-com/infrastructure/issues/3287#note_48490255, the URL was not autolinked:
![Screen_Shot_2017-11-23_at_17.17.09](/uploads/6e76a1faf1ac785c80312e2f553f6ce7/Screen_Shot_2017-11-23_at_17.17.09.png...I noticed that in https://gitlab.com/gitlab-com/infrastructure/issues/3287#note_48490255, the URL was not autolinked:
![Screen_Shot_2017-11-23_at_17.17.09](/uploads/6e76a1faf1ac785c80312e2f553f6ce7/Screen_Shot_2017-11-23_at_17.17.09.png)
@smcgivern correctly theorized that this was our [`Banzai::Redactor`](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/banzai/redactor.rb) [replacing](https://gitlab.com/gitlab-org/gitlab-ce/blob/d22c885743510d5bdc990d7224489ea8e4156f2c/lib/banzai/redactor.rb#L47) a merge request reference link with the link's plain text content, because I don't have access to the private project in question.
If Pablo's comment had included a URL to a nonexistent project, or a nonexistent MR inside an existent project, it would never have been [turned into a reference link](https://gitlab.com/gitlab-org/gitlab-ce/blob/d22c885743510d5bdc990d7224489ea8e4156f2c/lib/banzai/filter/abstract_reference_filter.rb#L123) by our `MergeRequestReferenceFilter`, would have remained untouched by the `Redactor`, and would have looked like a simple autolinked link. This means that, technically, GitLab is leaking private project existence, because URLs to private and nonexistent projects end up being rendered differently.
However, the link would not have been turned into a reference at all if Pablo didn’t have access to that project and MR, and it would have remained autolinked just like a link to a nonexistent project would. With and without this bug, existence of the project would have been leaked by Pablo posting a comment linking to it in a place where people without access to the project could find it.
We could/should still fix this, but it's a cosmetic issue, not a security one.
We already have a `link_reference` attribute in [`AbstractReferenceFilter#object_link_filter`](https://gitlab.com/gitlab-org/gitlab-ce/blob/d22c885743510d5bdc990d7224489ea8e4156f2c/lib/banzai/filter/abstract_reference_filter.rb#L154), which we could add to the `<a>` tag in a `data` attribute, which the [`Redactor`](https://gitlab.com/gitlab-org/gitlab-ce/blob/d22c885743510d5bdc990d7224489ea8e4156f2c/lib/banzai/redactor.rb#L46) would then use to determine whether to completely replace the link with its contents (as it does now), or to keep the link, but remove any "identifying" information, like `data` attributes and the tooltip `title`.10.6https://gitlab.com/gitlab-org/gitlab-foss/-/issues/40239Printing markdown that fits exactly on one A4 page appends empty second page.2018-05-18T04:39:37ZJeroen Wiert PluimersPrinting markdown that fits exactly on one A4 page appends empty second page.### Summary
Printing markdown that fits exactly on one A4 page appends empty second page.
No similar issues found with:
- https://gitlab.com/gitlab-org/gitlab-ce/issues?search=markdown+print&label_name%5B%5D=regression
- https://gitla...### Summary
Printing markdown that fits exactly on one A4 page appends empty second page.
No similar issues found with:
- https://gitlab.com/gitlab-org/gitlab-ce/issues?search=markdown+print&label_name%5B%5D=regression
- https://gitlab.com/gitlab-org/gitlab-ce/issues?search=markdown+print&label_name%5B%5D=bug
- https://gitlab.com/gitlab-com/support-forum/issues?search=markdown+print&label_name%5B%5D=bug
- https://gitlab.com/gitlab-com/support-forum/issues?search=markdown+print&label_name%5B%5D=regression
### Steps to reproduce
Print a file with markdown that fits on exactly one A4 page.
### Example Project
Print https://gitlab.com/wiert.me/gitlab/issues/blob/03958b450def4024ed98f6bc5e88f14a211744b2/README.md
### What is the current *bug* behavior?
Appends an empty second page after the first one.
### What is the expected *correct* behavior?
Print just one page.
### Relevant logs and/or screenshots
Printed https://gitlab.com/wiert.me/gitlab/issues/blob/03958b450def4024ed98f6bc5e88f14a211744b2/README.md
- screenshot: ![Screenshot_2017-11-16_19.23.21](/uploads/e6f6638934159bdaac4cbfa0d956a509/Screenshot_2017-11-16_19.23.21.png)
- PDF: [README.md___03958b450def4024ed98f6bc5e88f14a211744b2___wiert.pdf](/uploads/982618fbb9ea7679451a1b62616ec166/README.md___03958b450def4024ed98f6bc5e88f14a211744b2___wiert.pdf)
### Output of checks
This bug happens on GitLab.com
#### Results of GitLab environment info
N/A
#### Results of GitLab application Check
N/A
### Possible fixes
N/Ahttps://gitlab.com/gitlab-org/gitlab-foss/-/issues/39850Markdown refs to closed milestones are not converted to link2019-08-07T08:30:04ZJoel FeinerMarkdown refs to closed milestones are not converted to link### Summary
Using markdown links to milestones (e.g. "%1") does not generate a link to the milestone if it is closed.
### Steps to reproduce
1. Create milestone.
2. Close milestone.
3. In an issue, wiki page or somewhere else that sup...### Summary
Using markdown links to milestones (e.g. "%1") does not generate a link to the milestone if it is closed.
### Steps to reproduce
1. Create milestone.
2. Close milestone.
3. In an issue, wiki page or somewhere else that supports markdown, using the milestone reference syntax (e.g. "%1") to create a link. It will not be replaced with an actual link.
### What is the current *bug* behavior?
Markdown ref comes through as plain text.
### What is the expected *correct* behavior?
Markdown ref is converted to hyperlink to milestone.
### Relevant logs and/or screenshots
None.
#### Results of GitLab environment info
```
System information
System:
Current User: git
Using RVM: no
Ruby Version: 2.3.5p376
Gem Version: 2.6.13
Bundler Version:1.13.7
Rake Version: 12.1.0
Redis Version: 3.2.5
Git Version: 2.13.5
Sidekiq Version:5.0.4
Go Version: unknown
GitLab information
Version: 10.1.0
Revision: 5a695c4
Directory: /opt/gitlab/embedded/service/gitlab-rails
DB Adapter: postgresql
URL: https://<REDACTED>
HTTP Clone URL: https://<REDACTED>/some-group/some-project.git
SSH Clone URL: git@<REDACTED>:some-group/some-project.git
Using LDAP: no
Using Omniauth: no
GitLab Shell
Version: 5.9.3
Repository storage paths:
- default: /var/opt/gitlab/git-data/repositories
Hooks: /opt/gitlab/embedded/service/gitlab-shell/hooks
Git: /opt/gitlab/embedded/bin/git
```
#### Results of GitLab application Check
```
Checking GitLab Shell ...
GitLab Shell version >= 5.9.3 ? ... OK (5.9.3)
Repo base directory exists?
default... yes
Repo storage directories are symlinks?
default... no
Repo paths owned by git:root, or git:git?
default... yes
Repo paths access is drwxrws---?
default... yes
hooks directories in repos are links: ...
19/99 ... ok
20/101 ... ok
20/102 ... ok
20/103 ... ok
20/104 ... ok
20/105 ... ok
21/106 ... ok
21/108 ... ok
21/109 ... ok
21/110 ... ok
21/112 ... ok
21/114 ... ok
21/115 ... ok
21/117 ... ok
19/118 ... ok
21/119 ... ok
21/120 ... ok
21/121 ... ok
7/122 ... ok
21/123 ... ok
21/124 ... repository is empty
21/127 ... repository is empty
21/128 ... ok
21/129 ... repository is empty
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Check GitLab API access: OK
Redis available via internal API: OK
Access to /var/opt/gitlab/.ssh/authorized_keys: OK
gitlab-shell self-check successful
Checking GitLab Shell ... Finished
Checking Sidekiq ...
Running? ... yes
Number of Sidekiq processes ... 1
Checking Sidekiq ... Finished
Checking Reply by email ...
IMAP server credentials are correct? ... yes
Init.d configured correctly? ... skipped
MailRoom running? ... skipped
Checking Reply by email ... Finished
Checking LDAP ...
LDAP is disabled in config/gitlab.yml
Checking LDAP ... Finished
Checking GitLab ...
Git configured correctly? ... yes
Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... yes
Init script exists? ... skipped (omnibus-gitlab has no init script)
Init script up-to-date? ... skipped (omnibus-gitlab has no init script)
Projects have namespace: ...
19/99 ... yes
20/101 ... yes
20/102 ... yes
20/103 ... yes
20/104 ... yes
20/105 ... yes
21/106 ... yes
21/108 ... yes
21/109 ... yes
21/110 ... yes
21/112 ... yes
21/114 ... yes
21/115 ... yes
21/117 ... yes
19/118 ... yes
21/119 ... yes
21/120 ... yes
21/121 ... yes
7/122 ... yes
21/123 ... yes
21/124 ... yes
21/127 ... yes
21/128 ... yes
21/129 ... yes
Redis version >= 2.8.0? ... yes
Ruby version >= 2.3.3 ? ... yes (2.3.5)
Git version >= 2.7.3 ? ... yes (2.13.5)
Git user has default SSH configuration? ... yes
Active users: ... 8
Checking GitLab ... Finished
```
### Possible fixes
Unknown.blackst0neblackst0ne.ru@gmail.comblackst0neblackst0ne.ru@gmail.comhttps://gitlab.com/gitlab-org/gitlab-foss/-/issues/39277Move to sanitize 4.x2018-12-03T17:01:09ZHector OronMove to sanitize 4.x### Description
I would like to upgrade sanitize ruby gem in Debian to 4.x version, however, gitlab depends on 2.x, it would ease the upgrade process if at least gitlab would be verified to work with 4.x or if there is a patch available...### Description
I would like to upgrade sanitize ruby gem in Debian to 4.x version, however, gitlab depends on 2.x, it would ease the upgrade process if at least gitlab would be verified to work with 4.x or if there is a patch available for the porting.
### Proposal
### Links / references
https://github.com/rgrove/sanitize/
https://packages.debian.org/source/sid/ruby-sanitize
### Feature checklist
Make sure these are completed before closing the issue,
with a link to the relevant commit.
- [ ] [Feature assurance](https://about.gitlab.com/handbook/product/#feature-assurance)
- [ ] Documentation
- [ ] Added to [features.yml](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/features.yml)https://gitlab.com/gitlab-org/gitlab-foss/-/issues/39165Group milestone description area does not render issue link2019-08-07T08:31:01ZVictor Wuvictor@gitlab.comGroup milestone description area does not render issue linkGroup milestone description are does not render issue link properly.
See this: https://gitlab.com/groups/test-group-victor/milestones/1
![](https://i.imgur.com/XouLdcm.png)Group milestone description are does not render issue link properly.
See this: https://gitlab.com/groups/test-group-victor/milestones/1
![](https://i.imgur.com/XouLdcm.png)11.0Jan Provaznikjprovaznik@gitlab.comJan Provaznikjprovaznik@gitlab.comhttps://gitlab.com/gitlab-org/gitlab-foss/-/issues/38893Banzai renders links to some uploads with absolute, rather than relative, URLs2019-12-11T20:23:44ZNick ThomasBanzai renders links to some uploads with absolute, rather than relative, URLs### Summary
This happens on project snippets, but seemingly not personal snippets. I've not audited any further than this.
Personal snippet description:
```
Foo
![41cde9052aaeb7e8](/uploads/-/system/personal_snippet/50/f26d2711c4421d...### Summary
This happens on project snippets, but seemingly not personal snippets. I've not audited any further than this.
Personal snippet description:
```
Foo
![41cde9052aaeb7e8](/uploads/-/system/personal_snippet/50/f26d2711c4421d460f7cf7eb9e3e3cb0/41cde9052aaeb7e8.jpg)
```
Personal snippet description_html:
```
<p dir="auto">Foo</p>
<p dir="auto"><a class="no-attachment-icon" href="/uploads/-/system/personal_snippet/50/f26d2711c4421d460f7cf7eb9e3e3cb0/41cde9052aaeb7e8.jpg" target="_blank" rel="noopener noreferrer"><img src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" alt="41cde9052aaeb7e8" class="lazy" data-src="/uploads/-/system/personal_snippet/50/f26d2711c4421d460f7cf7eb9e3e3cb0/41cde9052aaeb7e8.jpg"></a></p>
```
Project snippet description:
```
test
![41cde9052aaeb7e8](/uploads/92637a4e47fcd6bbd08f0f59898984f8/41cde9052aaeb7e8.jpg)
```
Project snippet description_html:
```
<p dir="auto">test</p>
<p dir="auto"><a class="no-attachment-icon" href="http://localhost:4000/root/test-geo-log-cursor-5/uploads/92637a4e47fcd6bbd08f0f59898984f8/41cde9052aaeb7e8.jpg" target="_blank" rel="noopener noreferrer"><img src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" alt="41cde9052aaeb7e8" class="lazy" data-src="http://localhost:4000/root/test-geo-log-cursor-5/uploads/92637a4e47fcd6bbd08f0f59898984f8/41cde9052aaeb7e8.jpg"></a></p>
```
This is a problem on Geo nodes, as the database cache is shared between them. So people browing the Geo secondary will find some of their requests going to the Geo primary. It's also a problem in non-geo context, though - it complicates changing hostname, etc.
### Steps to reproduce
Create a project snippet with an attachment, view the HTML source
### What is the current *bug* behavior?
Absolute URL is generated
### What is the expected *correct* behavior?
Relative URL should be generated
### Possible fixes
(If you can, link to the line of code that might be responsible for the problem)10.4Nick ThomasNick Thomas