-
Add AppSec custom SAST rules 1 of 1 checklist item completed
- Merged
- 38
- 2
- Approved
updated -
Add gfm_auto_complete to appsec validation 0 of 1 checklist item completed
- Merged
- 8
- 2
- Approved
updated -
Add TOCTOU to secure code guidelines 4 of 14 checklist items completed
- Merged
- 29
- 2
- Approved
updated -
RackAttack: extend basic authentication detection for rate limiting 10 of 13 checklist items completed
- Merged
- 62
- 2
- Approved
updated -
Reinstate branches keyset pagination on overview page 8 of 8 checklist items completed
- Merged
- 14
- 2
- Approved
updated -
Adds a CSP that is enabled by default 10 of 14 checklist items completed
- Merged
- 53
- 2
- Approved
updated -
Remove group member: option to remove membership of subgroups/projects 8 of 8 checklist items completed
- Merged
- 73
- 2
- Approved
updated -
Allow access to registry API of the current project using the job token [RUN ALL RSPEC] [RUN AS-IF-FOSS] 2 of 13 checklist items completed!49750 13.12Category:Continuous Integration Category:Secrets Management Community contribution Technical Writing api authorization backend devopspackage docs-review docsimprovement documentation feature flag grouppackage registry linked-issue releasedcandidate sectionci security twfinished typefeature workflowproduction
- Merged
- 144
- 2
- Approved
updated -
Update regex secure coding guidelines 9 of 20 checklist items completed
- Merged
- 24
- 2
- Approved
updated -
Use the Dependency Proxy with private GitLab groups 8 of 8 checklist items completed!46042 13.7Category:Virtual Registries Deliverable Enterprise Edition GitLab Premium Package:P1 Technical Writing backend customer devopspackage direction docsfeature documentation feature flag frontend grouppackage registry maturityviable package:active quad-planningcomplete-action releasedpublished ruby sec-planningcomplete sectionops security twfinished typefeature workflowproduction
- Merged
- 218
- 2
- Approved
updated -
Update the 2FA user check to use timestamps 1 of 13 checklist items completed
- Merged
- 19
- 2
- Approved
updated -
GraphQL: Replace homecooked Authorize logic with gem auth [RUN AS-IF-FOSS] 9 of 10 checklist items completed!40088 13.11DogfoodingBuild in GitLab GraphQL Technical Writing authorization backend devopsplan docsfeature documentation groupproject management maintenancerefactor missed:13.2 missed:13.4 missed:13.5 missed:13.6 missed:13.7 missed:13.8 releasedcandidate sectiondev security security-awardsawarded twfinished typemaintenance workflowproduction
- Merged
- 306
- 2
- Approved
updated -
Support the JWT params set by Workhorse in upload requests 3 of 3 checklist items completed
- Merged
- 95
- 2
- Approved
updated -
Authenticate runner requests in Rack::Attack 7 of 7 checklist items completed
- Merged
- 23
- 2
- Approved
updated -
- Merged
- 5
- 2
- Approved
updated -
Allow create access Releases API via Job-Token 5 of 9 checklist items completed
- Merged
- 24
- 2
- Approved
updated -
Resolve "Switch to Web Authentication (Webauthn) for 2FA for U2F and FIDO2 tokens" 15 of 15 checklist items completed
-
add sha256 fingerprint to SSH key view and api to query user by ssh fingerprint 9 of 11 checklist items completed
- Merged
- 223
- 2
- Approved
updated -
- Merged
- 6
- 2
- Approved
updated -