Skip to content

GitLab

MAJ terminée. Nous sommes passés en version 14.0.12 . Pour consulter les release notes associée c'est ici :
https://about.gitlab.com/releases/2021/06/22/gitlab-14-0-released/
https://about.gitlab.com/releases/2021/06/24/gitlab-14-0-1-released/
https://about.gitlab.com/releases/2021/07/06/gitlab-14-0-3-released/
https://about.gitlab.com/releases/2021/07/07/critical-security-release-gitlab-14-0-4-released/
https://about.gitlab.com/releases/2021/07/08/gitlab-14-0-5-released/
https://about.gitlab.com/releases/2021/07/20/gitlab-14-0-6-released/
https://about.gitlab.com/releases/2021/08/03/security-release-gitlab-14-1-2-released/
https://about.gitlab.com/releases/2021/08/26/gitlab-14-0-8-released/
https://about.gitlab.com/releases/2021/08/31/security-release-gitlab-14-2-2-released/
https://about.gitlab.com/releases/2021/09/02/gitlab-14-0-10-released/
https://about.gitlab.com/releases/2021/09/27/gitlab-14-0-11-released/
https://about.gitlab.com/releases/2021/11/05/gitlab-14-0-12-released/

Merged
Created by BAIRE Anthony@abaireOwner

Fix allauth email validation

Allauth supports multiple email addresses per user. While this is not intended in allgo, it is still possible to configure multiple addresses using the /accounts/email/ endpoint.

Problem: even with ACCOUNT_EMAIL_VERIFICATION="mandatory", allauth does not ensure that all addresses are verified. It only ensure that any address is verified.

--> even if the user is validted by all auth, we still need to ensure that the relevant address is verified before granting access

Regarding the webapp import feature, a (non-admin) user can import a webapp only if the two conditions are met:

  • the user is allowed to create webapps (verified by IsProviderMixin)
  • the user has a verified email address that matches the owner address of the imported webapp