gitlab-exporter 11.19.0 → 12.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/.ruby-version +1 -1
  3. data/Gemfile.lock +1 -1
  4. data/lib/gitlab_exporter/database/row_count.rb +5 -4
  5. data/lib/gitlab_exporter/rack_vulndb_255039_patch.rb +35 -0
  6. data/lib/gitlab_exporter/version.rb +1 -1
  7. data/lib/gitlab_exporter/web_exporter.rb +1 -0
  8. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 386af9238448d41f015fd10a4ae29d4e6b42913078cb0d86cbb862909bc2b7e0
4
- data.tar.gz: 98e064fe309955646d3879528743528646b1bb57122a5237660b7be772cac359
3
+ metadata.gz: 10750ec2de43b0651c18fe3babdff54837e6e69b9efb921fd48bfda67d287bb6
4
+ data.tar.gz: bfcf564c0092a85b12f126772d06e5c04710088c6251252d69e2caf605cd1c9d
5
5
  SHA512:
6
- metadata.gz: 415c5e84efdc17ebd72e7bc870fba4bb0f0052992390737c8d6cc64e397185f92f4deb3ffd6809700ea308719ad00061cafd44bd7c30f224144b4a5eec0926df
7
- data.tar.gz: 740a3e32681f861ad5503b7605f2de60cef9a99d8fa64b2530c0aa5599462dce67fddbb1b4312fbd316881915d207d762e1d88215cbdf7f20d7cc7d20aa56897
6
+ metadata.gz: ab38e15c3fd76461f508921d1c960a0029b84afa673e30f7f95d57bd20d3c110232eff726723c3e7c69e154acd0b7d844fd10d960181d8de161e571423a4c151
7
+ data.tar.gz: 389adc0b2611a4e235b07ef72b92c77f2669db4092b624f0d5d0486fb18d894420090c172890625558cbc8f65b2a82c1906670bdf46a98a685667b757f2690d0
data/.ruby-version CHANGED
@@ -1 +1 @@
1
- 2.7.4
1
+ 2.7.6
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- gitlab-exporter (11.19.0)
4
+ gitlab-exporter (12.0.1)
5
5
  connection_pool (= 2.2.5)
6
6
  faraday (~> 1.8.0)
7
7
  pg (= 1.2.3)
data/lib/gitlab_exporter/database/row_count.rb CHANGED
@@ -125,9 +125,10 @@ module GitLab
125
125
  archived: {}
126
126
  }
127
127
  },
128
- groups: {
128
+ namespaces: {
129
129
  select: :namespaces,
130
130
  fields: {
131
+ type: {},
131
132
  visibility_level: {},
132
133
  root: { definition: "(parent_id IS NULL)" }
133
134
  }
@@ -191,21 +192,21 @@ module GitLab
191
192
  select: :container_repositories,
192
193
  where: <<~SQL
193
194
  migration_state = 'pre_importing'
194
- AND (COALESCE(migration_pre_import_started_at, '01-01-1970') < (now() - INTERVAL '20 minutes'))
195
+ AND (COALESCE(migration_pre_import_started_at, TO_TIMESTAMP(0)) < (now() - INTERVAL '20 minutes'))
195
196
  SQL
196
197
  },
197
198
  container_repositories_stalled_pre_import_done: {
198
199
  select: :container_repositories,
199
200
  where: <<~SQL
200
201
  migration_state = 'pre_import_done'
201
- AND (COALESCE(migration_pre_import_done_at, '01-01-1970') < (now() - INTERVAL '5 minutes'))
202
+ AND (COALESCE(migration_pre_import_done_at, TO_TIMESTAMP(0)) < (now() - INTERVAL '5 minutes'))
202
203
  SQL
203
204
  },
204
205
  container_repositories_stalled_importing: {
205
206
  select: :container_repositories,
206
207
  where: <<~SQL
207
208
  migration_state = 'importing'
208
- AND (COALESCE(migration_import_started_at, '01-01-1970') < (now() - INTERVAL '5 minutes'))
209
+ AND (COALESCE(migration_import_started_at, TO_TIMESTAMP(0)) < (now() - INTERVAL '5 minutes'))
209
210
  SQL
210
211
  },
211
212
  container_repositories_skipped_not_in_plan: {
data/lib/gitlab_exporter/rack_vulndb_255039_patch.rb ADDED
@@ -0,0 +1,35 @@
1
+ # frozen_string_literal: true
2
+
3
+ if Gem.loaded_specs["rack"].version >= Gem::Version.new("3.0.0")
4
+ fail <<~ERR
5
+ This patch is unnecessary in Rack versions 3.0.0 or newer.
6
+ Please remove this file and the associated spec.
7
+
8
+ See https://github.com/rack/rack/blob/main/CHANGELOG.md#security (issue #1733)
9
+ ERR
10
+ end
11
+
12
+ # Patches a cache poisoning attack vector in Rack by not allowing semicolons
13
+ # to delimit query parameters.
14
+ # See https://github.com/rack/rack/issues/1732.
15
+ #
16
+ # Solution is taken from the same issue.
17
+ #
18
+ # The actual patch is due for release in Rack 3.0.0.
19
+ module Rack
20
+ class Request # rubocop:disable Style/Documentation
21
+ Helpers.module_eval do
22
+ # rubocop: disable Naming/MethodName
23
+ def GET
24
+ if get_header(RACK_REQUEST_QUERY_STRING) == query_string
25
+ get_header(RACK_REQUEST_QUERY_HASH)
26
+ else
27
+ query_hash = parse_query(query_string, "&") # only allow ampersand here
28
+ set_header(RACK_REQUEST_QUERY_STRING, query_string)
29
+ set_header(RACK_REQUEST_QUERY_HASH, query_hash)
30
+ end
31
+ end
32
+ # rubocop: enable Naming/MethodName
33
+ end
34
+ end
35
+ end
data/lib/gitlab_exporter/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module GitLab
2
2
  module Exporter
3
- VERSION = "11.19.0".freeze
3
+ VERSION = "12.0.1".freeze
4
4
  end
5
5
  end
data/lib/gitlab_exporter/web_exporter.rb CHANGED
@@ -2,6 +2,7 @@ require "sinatra/base"
2
2
  require "English"
3
3
  require "cgi"
4
4
 
5
+ require_relative "rack_vulndb_255039_patch"
5
6
  require_relative "tls_helper"
6
7
 
7
8
  module GitLab
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gitlab-exporter
3
3
  version: !ruby/object:Gem::Version
4
- version: 11.19.0
4
+ version: 12.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pablo Carranza
@@ -202,6 +202,7 @@ files:
202
202
  - lib/gitlab_exporter/prober.rb
203
203
  - lib/gitlab_exporter/process.rb
204
204
  - lib/gitlab_exporter/prometheus.rb
205
+ - lib/gitlab_exporter/rack_vulndb_255039_patch.rb
205
206
  - lib/gitlab_exporter/ruby.rb
206
207
  - lib/gitlab_exporter/sidekiq.rb
207
208
  - lib/gitlab_exporter/tls_helper.rb