Allow managing warn_about_potentially_unwanted_characters via API (!142040) · Merge requests · GitLab.org / GitLab

Nejc Habjan requested to merge gitlab-community/gitlab:warn-about-unwanted-api into master Jan 17, 2024

What does this MR do and why?

This MR allows retrieving and toggling the warn_about_potentially_unwanted_characters project setting via the API.

We think this setting can be security-relevant and so is worth managing with tools like the terraform GitLab provider, or retrieving it to audit projects via the API.

🛠 with ❤ at Siemens

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

How to set up and validate locally

Using GDK:

# in ./gitlab/:

git remote add community https://gitlab.com/gitlab-community/gitlab.git
git fetch --all
git checkout community/warn-about-unwanted-api

gdk start

# obtain personal access token
 export GITLAB_TOKEN=glpat-your-token
curl -H "PRIVATE-TOKEN: $GITLAB_TOKEN" http://localhost:3000/api/v4/projects/gitlab-org%2Fgitlab-test | jq .warn_about_potentially_unwanted_characters
# true
curl -X PUT -H "PRIVATE-TOKEN: $GITLAB_TOKEN" http://localhost:3000/api/v4/projects/gitlab-org%2Fgitlab-test?warn_about_potentially_unwanted_characters=false | jq .warn_about_potentially_unwanted_characters
# false

Edited Jan 18, 2024 by Nejc Habjan

Allow managing warn_about_potentially_unwanted_characters via API

What does this MR do and why?

MR acceptance checklist

Screenshots or screen recordings

How to set up and validate locally

Merge request reports