GitLab is a development collaboration tool and git DVCS frontend. It includes repository management features, code reviews, an issue tracker, activity feeds and wikis.GitLab provides fine-grained access control, user management, 5 permission levels and branch constraints, and can utilize LDAP/AD intranet authorization. Powered by Ruby on Rails it comes as open source package, and as commercial supported enterprise version.
minor bugfix: (2020-03-26).### Security (16 changes).Add permission check for pipeline status of MR.Ignore empty remote_id params from Workhorse accelerated uploads.External user can not create personal snippet through API.Prevent malicious entry for group name.Restrict mirroring changes to admins only when mirroring is disabled.Reject all container registry requests from blocked users.Deny localhost requests on fogz importer.Redact notes in moved confidential.UploadRewriter Path Traversal vulnerability.Block hotlinking to repository archives.Restrict access to project pipeline metrics reports.vulnerability_feedback records should be restricted to a dev role and above.Exclude Carrierwave remote URL methods from import.Update Nokogiri to CVE-2020-7595.Prevent updating trigger by other maintainers.XSS vulnerability in `admin/email` "Recipient Group" dropdown.### (1 change).updating the authorized_keys file. !27798.