GitLab is a development collaboration tool and git DVCS frontend. It includes repository management features, code reviews, an issue tracker, activity feeds and wikis.GitLab provides fine-grained access control, user management, 5 permission levels and branch constraints, and can utilize LDAP/AD intranet authorization. Powered by Ruby on Rails it comes as open source package, and as commercial supported enterprise version.
minor security: (2020-11-02).### Security (9 changes).Add CSRF protection to runner pause and resume. !1021.Do not expose Terraform state record in API.Path traversal to RCE via LFS upload.Update container_repository_name_regex to prevent catastrophic backtracking.Validate nuget package names.Prevent private repo from being accessed via internal Kubernetes API.Validate each upload param key in multipart.rb.XSS vulnerability for job build dependencies.unauthorized user is able to access schedule pipeline variables and values.