-
Minor updates for the path traversal middleware 1 of 1 checklist item completed
- Merged
-
-
- 7
- Approved
updated -
PyPi group endpoint: exclude projects with disabled package registry 1 of 1 checklist item completed
- Merged
-
-
- 12
- Approved
updated -
Fixing imports to only match confirmed public email users 0 of 1 checklist item completed!134589 16.6Category:Importers Technical Writing backend databasereview pending devopsmanage docsfeature documentation feature flag featureenhancement groupimport and integrate pipeline:mr-approved quad-planningcomplete-no-action rspec:slow test detected sectiondev security typefeature workflowready for development
-
Remove COOP header 1 of 1 checklist item completed
- Merged
-
-
- 31
- Approved
updated -
Add security policy bot access level 1 of 1 checklist item completed
-
Exclude global search path from the path traversal check middleware 1 of 1 checklist item completed
- Merged
-
-
- 25
- Approved
updated -
Use UntrustedRegexp with inputs regex 1 of 1 checklist item completed
- Merged
-
-
- 16
- Approved
updated -
Remove the server_side_frecent_namespaces feature flag 1 of 1 checklist item completed
- Merged
-
-
- 28
- Approved
updated -
Path traversal middleware: log the execution time in ms 1 of 1 checklist item completed
- Merged
-
-
- 7
- Approved
updated -
Fix Maven request forward vulnerability to response splitting 0 of 1 checklist item completed
- Merged
-
-
- 8
- Approved
updated -
!133093 16.5Category:Source Code Management Deliverable HackerOne WeaknessCWE-284 backend bugvulnerability devopscreate frontend frontend-weight3 groupsource code pipeline:mr-approved priority4 releasedcandidate sectiondev security security-issue-escalated severity4 twtriaged typebug workflowpost-deploy-db-production
- Merged
-
-
- 52
- 2
- Approved
updated -
Fix permissions on :read_pipeline_schedule ability 1 of 1 checklist item completed
- Merged
-
-
- 7
- Approved
updated -
Clarify how deploy keys and user accounts interact 0 of 1 checklist item completed
- Merged
-
-
- 11
- Approved
updated -
When user has 2FA enabled do not attempt OAuth password auth 0 of 1 checklist item completed
- Merged
-
-
- 11
- Approved
updated -
Consider packages_enabled when return packages visible to user 1 of 1 checklist item completed!132391 16.5
- Merged
-
-
- 47
- Approved
updated -
Draft: Remove `unsafe-eval` from CSP 0 of 1 checklist item completed
-
Prefixes OAuth Application Secrets with gloas 2 of 2 checklist items completed
- Merged
-
-
- 32
- 1
- Approved
updated -
Add BaseActionController to allow setting security headers 0 of 1 checklist item completed
- Merged
-
-
- 27
- Approved
updated -
Clarify public projects IP restriction in doc 1 of 1 checklist item completed
- Merged
-
-
- 6
- Approved
updated -
Clarify username changes and CODEOWNERS 0 of 1 checklist item completed
- Merged
-
-
- 3
- Approved
updated