- Oct 08, 2018
-
-
Henne Vogelsang authored
Fix xml output for comments
-
Henne Vogelsang authored
-
Eduardo Navarro authored
This prevents the creation of a comment with the null character, that would make the comment invalid for xml output. Co-authored-by: Victor Pereira <vpereira@suse.com>
-
Eduardo Navarro authored
Prevent the xml renderer from throwing a 500 internal server error: ActionView::Template::Error (string contains null byte) Co-authored-by: Victor Pereira <vpereira@suse.com>
-
Adrian Schröter authored
-
- Oct 05, 2018
-
-
Michael Schroeder authored
Broken with commit 30334760
-
- Oct 04, 2018
-
-
Henne Vogelsang authored
Prevent creation of a request with an ID attribute
-
Eduardo Navarro authored
Co-authored-by: David Kang <dkang@suse.com>
-
Eduardo Navarro authored
This makes possible to add validations of the parsed xml in the controller.
-
Henne Vogelsang authored
A bunch of us have talked about what the content of good commit meesages should look like and came up with this template.
-
Henne Vogelsang authored
So you can switch branches without producing untracked files.
-
- Sep 26, 2018
-
-
Adrian Schröter authored
-
Michael Schroeder authored
Commit afed7d40 fixed a problem causing endless rebuilds but introduced a new bug causing endless rebuilds in other corner cases. That's why I hate messing with the gen_meta code, it's impossible to test all corner cases.
-
Michael Schroeder authored
It was different to the implementation in perl-BSSolv, leading to endless rebuilds in some rare cases.
-
Michael Schroeder authored
Deleting it by timestamp is too dangerous, as the assumption that the API fetches the payload right after fetching the notification event is no longer valid. So disable automatic pruning and rely on the API doing manual delete requests.
-
Adrian Schröter authored
-
Adrian Schröter authored
-
Adrian Schröter authored
-
Michael Schroeder authored
It supports a project or url prefix as argument
-
- Sep 05, 2018
-
-
Christian Bruckmayer authored
[Security] Bump ffi from 1.9.18 to 1.9.25 in /src/api
-
- Sep 01, 2018
-
-
dependabot[bot] authored
Bumps [ffi](https://github.com/ffi/ffi) from 1.9.18 to 1.9.25. **This update includes security fixes.** - [Release notes](https://github.com/ffi/ffi/releases) - [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md) - [Commits](https://github.com/ffi/ffi/compare/1.9.18...1.9.25 ) Signed-off-by: dependabot[bot] <support@dependabot.com>
-
- Aug 30, 2018
-
-
Christian Bruckmayer authored
Disable notifications for Travis
-
Dany Marcoux authored
-
- Aug 09, 2018
-
-
Eduardo J authored
Fix repository URL for running TravisCI
-
Eduardo Navarro authored
On 2.9 branch this was pointing to Unstable. This caused not to find packages already deleted in Unstable, and TravisCI to fail.
-
- Jul 24, 2018
-
-
Björn Geuken authored
Fix link 2 9
-
Björn Geuken authored
This is needed to address CVE-2018-3760. https://groups.google.com/forum/#!topic/rubyonrails-security/ft_J--l55fM
-
Björn Geuken authored
-
- Jul 23, 2018
-
-
Marcus Huewe authored
This is needed because the target package could have been deleted after the previous check_action_permission! call.
-
Björn Geuken authored
Forwarded requests are made from projects that just have been updated. It doesn't make sense to update or clean them up once the forwarded request got updated.
-
Björn Geuken authored
Add test case for bsc#1098934. Co-authored-by: David Kang <dkang@suse.com>
-
Björn Geuken authored
When a source project links to another project and the request is using the sourceupdate option, we have to ensure that the requester has permissions to change the linked project. Kudos goes to @marcus-h (Marcus Hüwe) for finding this ugly bug. Co-authored-by: David Kang <dkang@suse.com>
-
- Jul 05, 2018
-
-
Björn Geuken authored
* Allow adding a linked project to project factories * Use a valid project config xml file to store in the backend Co-authored-by: David Kang <dkang@suse.com>
-
Björn Geuken authored
We have a couple of code pathes in OBS that operate on both, projects and packages. So we end up many times having to check whether we have to run a permission check on an a project or package. This commit adds a method that calls can_modify_package? or can_modify_project? depending on the given object class.
-
- Jun 06, 2018
-
-
Björn Geuken authored
Co-authored-by: Adrian Schröter <adrian@suse.de> Co-authored-by: Michael Schroeder <mls@suse.de>
-
- Jun 04, 2018
-
-
Michael Schroeder authored
This could happen when the worker was started from some other directory than the statedir and the statedir had an up-to-date copy of the worker code.
-
Michael Schroeder authored
-
Adrian Schröter authored
should allow also usage of a different port number
-
Michael Schroeder authored
It makes no sense to keep them in the update_dst_full call but then deleting them later on. This will just make the :full tree be out of sync with the package state.
-
Michael Schroeder authored
-