PROJET AUTOBLOG


GITLAB Blog

Archivé

Site original : GITLAB Blog

⇐ retour index

Moving to GitLab.com

vendredi 7 mars 2014 à 01:00

We are moving the gitlab.org website and this blog to www.gitlab.com and www.gitlab.com/blog. All the content is perserved and all the blog articles still have their comments intact. On www.gitlab.com will be one blog with all our blog posts served over https.

The reason for this move is that keeping both sites up to date was causing a lot of duplicate work. Both sites were being updated the same group of people, Dmitriy and the rest of the GitLab.com team.

Also, the complete website is in a public repo so that you can fork it and send merge requests with improvements.

GitLab CE 6.6 released

vendredi 21 février 2014 à 12:47

GitLab CE 6.6 released!

screenshot

Hello everyone!

As you know, Gitlab is open source software made for collaborative coding. Today we released a new version of GitLab Community Edition (CE), with new features and bug fixes.

The MVP of this release is Drew Blessing for his contribution “Mobile UI improvement”

In this release we updated Rails to 4.0.3, which solves some security issues. For more information see rails blog post. We advise everyone to upgrade.

Changes

For a full list of changes see the CHANGELOG.

Group avatars

screenshot

Issue redesign

screenshot

Notification settings redesign

screenshot

File view: Highlight.js and last commit for file

We moved the file syntax highlighting from the server side to the client side, thanks to this awesome library. http://highlightjs.org/

screenshot

Nice violet theme

screenshot


Install

If you are setting up a new GitLab installation see the installation section of the README.

Update

If you have version 6.4.2 or 6.5 you can use the upgrade script.

If you still want to do it manually – see the Update Guide.

Enterprise

For LDAP group support and more have a look at the feature list of GitLab Enterprise Edition.

Access to GitLab Enterprise Edition is included with a GitLab.com subscription.

No time to upgrade or maintain Gitlab yourself? GitLab.com also offers upgrade and installation services as part of a GitLab.com subscription or alternatively on a consultancy basis.


Markdown newline behaviour

vendredi 21 février 2014 à 12:47

Currently GitLab renders line-breaks in markdown files as line-breaks. We propose to change this behaviour to conform to the markdown specification and only render line-breaks when you end a line with two or more spaces. Paragraphs will continue to be rendered as before; when the text is separated by one or more blank lines.

The above change will ensure that markdown files in projects will look the way you expect them to look. But GitLab has just one markdown engine to render GitLab Flavored Markdown. Since descriptions & comments in both issues & merge requests also use GitLab Flavored Markdown they will also show the new behaviour. We think this is preferable above introducing different behaviour and rendering code for different cases. Please let us know what you think.

GitLab book

samedi 1 février 2014 à 15:49

GitLab Book

screenshot

Few weeks ago I found a book about GitLab authored by Jonathan M. Hethey.

It includes next chapters:

Book is easy to read and gives basic information about GitLab application.

This book is a good option for people who are not familiar with GitLab. For developers – it explains application functionality and describe possible workflow. For administrators – how to setup, update application or where to look for help.

Here is a link to the website where you can buy a copy – packtpub.com

Want to know more about book? Its a good review from Axilleas Pipinellis (contributor to GitLab)

Security vulnerability in gitlab (CVE-2013-7316)

jeudi 30 janvier 2014 à 20:00

Security vulnerability in GitLab (CVE-2013-7316)

We have learned about a XSS vulnerability in GitLab. This issue was fixed in GitLab 6.5.

Cross-site scripting (XSS) vulnerability in GitLab

A cross-site scripting (XSS) vulnerability in GitLab allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file. This vulnerability has been assigned the CVE identifier CVE-2013-7316.

Versions affected: 6.4 and earlier

Fixed versions: Community Edition 6.5.0, Enterprise Edition 6.5.0

Impact

In affected versions, when adding a README with voluntary extension the file would be rendered with markup. This would allow an attacker to add a script that would be executed on the client side.

This vulnerability was fixed in GitLab 6.5. All users running GitLab 6.4 and earlier versions should upgrade immediately.

Releases

Gitlab 6.5 Community Edition is available from https://gitlab.com/gitlab-org/gitlab-ce and https://github.com/gitlabhq/gitlabhq . GitLab 6.5 Enterprise Edition is available for subscribers from GitLab Cloud. Please follow the upgrade guides from your current version to version 6.5.

Credits

Thanks to ChenQin, Network and Information Security Lab @ Tsinghua University for reporting the vulnerability.