gitlab-exporter 11.19.0 → 12.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/.ruby-version +1 -1
  3. data/Gemfile.lock +1 -1
  4. data/lib/gitlab_exporter/database/row_count.rb +5 -4
  5. data/lib/gitlab_exporter/rack_vulndb_255039_patch.rb +35 -0
  6. data/lib/gitlab_exporter/version.rb +1 -1
  7. data/lib/gitlab_exporter/web_exporter.rb +1 -0
  8. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 386af9238448d41f015fd10a4ae29d4e6b42913078cb0d86cbb862909bc2b7e0
4
- data.tar.gz: 98e064fe309955646d3879528743528646b1bb57122a5237660b7be772cac359
3
+ metadata.gz: 10750ec2de43b0651c18fe3babdff54837e6e69b9efb921fd48bfda67d287bb6
4
+ data.tar.gz: bfcf564c0092a85b12f126772d06e5c04710088c6251252d69e2caf605cd1c9d
5
5
  SHA512:
6
- metadata.gz: 415c5e84efdc17ebd72e7bc870fba4bb0f0052992390737c8d6cc64e397185f92f4deb3ffd6809700ea308719ad00061cafd44bd7c30f224144b4a5eec0926df
7
- data.tar.gz: 740a3e32681f861ad5503b7605f2de60cef9a99d8fa64b2530c0aa5599462dce67fddbb1b4312fbd316881915d207d762e1d88215cbdf7f20d7cc7d20aa56897
6
+ metadata.gz: ab38e15c3fd76461f508921d1c960a0029b84afa673e30f7f95d57bd20d3c110232eff726723c3e7c69e154acd0b7d844fd10d960181d8de161e571423a4c151
7
+ data.tar.gz: 389adc0b2611a4e235b07ef72b92c77f2669db4092b624f0d5d0486fb18d894420090c172890625558cbc8f65b2a82c1906670bdf46a98a685667b757f2690d0
data/.ruby-version CHANGED
@@ -1 +1 @@
1
- 2.7.4
1
+ 2.7.6
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- gitlab-exporter (11.19.0)
4
+ gitlab-exporter (12.0.1)
5
5
  connection_pool (= 2.2.5)
6
6
  faraday (~> 1.8.0)
7
7
  pg (= 1.2.3)
data/lib/gitlab_exporter/database/row_count.rb CHANGED
@@ -125,9 +125,10 @@ module GitLab
125
125
  archived: {}
126
126
  }
127
127
  },
128
- groups: {
128
+ namespaces: {
129
129
  select: :namespaces,
130
130
  fields: {
131
+ type: {},
131
132
  visibility_level: {},
132
133
  root: { definition: "(parent_id IS NULL)" }
133
134
  }
@@ -191,21 +192,21 @@ module GitLab
191
192
  select: :container_repositories,
192
193
  where: <<~SQL
193
194
  migration_state = 'pre_importing'
194
- AND (COALESCE(migration_pre_import_started_at, '01-01-1970') < (now() - INTERVAL '20 minutes'))
195
+ AND (COALESCE(migration_pre_import_started_at, TO_TIMESTAMP(0)) < (now() - INTERVAL '20 minutes'))
195
196
  SQL
196
197
  },
197
198
  container_repositories_stalled_pre_import_done: {
198
199
  select: :container_repositories,
199
200
  where: <<~SQL
200
201
  migration_state = 'pre_import_done'
201
- AND (COALESCE(migration_pre_import_done_at, '01-01-1970') < (now() - INTERVAL '5 minutes'))
202
+ AND (COALESCE(migration_pre_import_done_at, TO_TIMESTAMP(0)) < (now() - INTERVAL '5 minutes'))
202
203
  SQL
203
204
  },
204
205
  container_repositories_stalled_importing: {
205
206
  select: :container_repositories,
206
207
  where: <<~SQL
207
208
  migration_state = 'importing'
208
- AND (COALESCE(migration_import_started_at, '01-01-1970') < (now() - INTERVAL '5 minutes'))
209
+ AND (COALESCE(migration_import_started_at, TO_TIMESTAMP(0)) < (now() - INTERVAL '5 minutes'))
209
210
  SQL
210
211
  },
211
212
  container_repositories_skipped_not_in_plan: {
data/lib/gitlab_exporter/rack_vulndb_255039_patch.rb ADDED
@@ -0,0 +1,35 @@
1
+ # frozen_string_literal: true
2
+
3
+ if Gem.loaded_specs["rack"].version >= Gem::Version.new("3.0.0")
4
+ fail <<~ERR
5
+ This patch is unnecessary in Rack versions 3.0.0 or newer.
6
+ Please remove this file and the associated spec.
7
+
8
+ See https://github.com/rack/rack/blob/main/CHANGELOG.md#security (issue #1733)
9
+ ERR
10
+ end
11
+
12
+ # Patches a cache poisoning attack vector in Rack by not allowing semicolons
13
+ # to delimit query parameters.
14
+ # See https://github.com/rack/rack/issues/1732.
15
+ #
16
+ # Solution is taken from the same issue.
17
+ #
18
+ # The actual patch is due for release in Rack 3.0.0.
19
+ module Rack
20
+ class Request # rubocop:disable Style/Documentation
21
+ Helpers.module_eval do
22
+ # rubocop: disable Naming/MethodName
23
+ def GET
24
+ if get_header(RACK_REQUEST_QUERY_STRING) == query_string
25
+ get_header(RACK_REQUEST_QUERY_HASH)
26
+ else
27
+ query_hash = parse_query(query_string, "&") # only allow ampersand here
28
+ set_header(RACK_REQUEST_QUERY_STRING, query_string)
29
+ set_header(RACK_REQUEST_QUERY_HASH, query_hash)
30
+ end
31
+ end
32
+ # rubocop: enable Naming/MethodName
33
+ end
34
+ end
35
+ end
data/lib/gitlab_exporter/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module GitLab
2
2
  module Exporter
3
- VERSION = "11.19.0".freeze
3
+ VERSION = "12.0.1".freeze
4
4
  end
5
5
  end
data/lib/gitlab_exporter/web_exporter.rb CHANGED
@@ -2,6 +2,7 @@ require "sinatra/base"
2
2
  require "English"
3
3
  require "cgi"
4
4
 
5
+ require_relative "rack_vulndb_255039_patch"
5
6
  require_relative "tls_helper"
6
7
 
7
8
  module GitLab
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gitlab-exporter
3
3
  version: !ruby/object:Gem::Version
4
- version: 11.19.0
4
+ version: 12.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pablo Carranza
@@ -202,6 +202,7 @@ files:
202
202
  - lib/gitlab_exporter/prober.rb
203
203
  - lib/gitlab_exporter/process.rb
204
204
  - lib/gitlab_exporter/prometheus.rb
205
+ - lib/gitlab_exporter/rack_vulndb_255039_patch.rb
205
206
  - lib/gitlab_exporter/ruby.rb
206
207
  - lib/gitlab_exporter/sidekiq.rb
207
208
  - lib/gitlab_exporter/tls_helper.rb