diff --git a/.eslintrc.yml b/.eslintrc.yml index 6b9a1ce62c07e771768dcdae2439f7c498d6e621..cd3cd82d4e7a29d6887d17029d13f9c94c57b571 100644 --- a/.eslintrc.yml +++ b/.eslintrc.yml @@ -88,7 +88,7 @@ rules: - pattern: test_fixtures/** group: internal alphabetize: - order: asc + order: ignore overrides: - files: - '**/spec/**/*' @@ -100,6 +100,8 @@ overrides: - 'scripts/**/*' - '*.config.js' - '*.config.*.js' + - 'jest_resolver.js' + - storybook/config/*.js rules: '@gitlab/require-i18n-strings': off import/no-extraneous-dependencies: off diff --git a/.gitignore b/.gitignore index f753a24756386951a1b8bc4367335273b9025b71..5152ef20575338b533df52cc79d897e75e56418f 100644 --- a/.gitignore +++ b/.gitignore @@ -40,10 +40,7 @@ eslint-report.html /config/initializers/smtp_settings.rb /config/initializers/relative_url.rb /config/resque.yml -/config/redis.cache.yml -/config/redis.queues.yml -/config/redis.shared_state.yml -/config/redis.trace_chunks.yml +/config/redis.*.yml /config/unicorn.rb /config/puma.rb /config/secrets.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 3aa901463d19235152bbdc72d9331dc14b4c9def..d0a0c7b241404ba20e24077bca19bfc12906dfe1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -17,7 +17,7 @@ stages: # in cases where jobs require Docker-in-Docker, the job # definition must be extended with `.use-docker-in-docker` default: - image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.7.patched-golang-1.14-git-2.31-lfs-2.9-chrome-89-node-14.15-yarn-1.22-postgresql-11-graphicsmagick-1.3.36" + image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.7.patched-golang-1.16-git-2.31-lfs-2.9-chrome-89-node-14.15-yarn-1.22-postgresql-11-graphicsmagick-1.3.36" tags: - gitlab-org # All jobs are interruptible by default @@ -89,11 +89,12 @@ variables: REVIEW_APPS_GCP_REGION: "us-central1" BUILD_ASSETS_IMAGE: "true" # Set it to "false" to disable assets image building, used in `build-assets-image` - RSPEC_FAIL_FAST_ENABLED: "true" # Set it to "false" to disable RSpec fail-fast SIMPLECOV: "true" # For the default QA image, we use $CI_COMMIT_SHA as tag since it's always available and we override it for specific workflow.rules (see above) QA_IMAGE: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_SHA}" + # Default latest tag for particular branch + QA_IMAGE_BRANCH: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_REF_SLUG}" # Preparing custom clone path to reduce space used by all random forks # on GitLab.com's Shared Runners. Our main forks - especially the security diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index af1cf88b1767bfc2b8be6ec5eff01d649fbee585..40170d2ed190ecbbe2bdf77aa246cc2db0574ccc 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -11,39 +11,40 @@ /doc/.markdownlint @marcel.amirault @eread @aqualls @cnorris /doc/ @gl-docsteam /doc/.vale/ @marcel.amirault @eread @aqualls @cnorris -/doc/administration/geo/ @axil +/doc/administration/geo/ @marcel.amirault /doc/administration/gitaly/ @eread -/doc/administration/integration/ @aqualls /doc/administration/lfs/ @aqualls /doc/administration/monitoring/ @ngaskill -/doc/administration/operations/ @axil @eread @marcia +/doc/administration/operations/ @marcel.amirault @eread @marcia /doc/administration/packages/ @ngaskill -/doc/administration/pages/ @axil @kpaizee +/doc/administration/pages/ @rdickenson @kpaizee /doc/administration/postgresql/ @marcia -/doc/administration/raketasks/ @axil @eread -/doc/administration/redis/ @axil -/doc/administration/reference_architectures/ @axil +/doc/administration/raketasks/ @marcel.amirault @eread +/doc/administration/redis/ @marcel.amirault +/doc/administration/reference_architectures/ @marcel.amirault /doc/administration/snippets/ @aqualls -/doc/administration/troubleshooting @axil @marcia @eread +/doc/administration/troubleshooting @marcel.amirault @marcia @eread +/doc/api/graphql/ @msedlakjakubowski @kpaizee +/doc/api/graphql/reference/ @kpaizee /doc/api/group_activity_analytics.md @msedlakjakubowski /doc/ci/ @marcel.amirault @sselhorn -/doc/ci/environments/ @axil +/doc/ci/environments/ @rdickenson /doc/ci/services/ @sselhorn /doc/ci/test_cases/ @msedlakjakubowski /doc/development/ @marcia -/doc/development/documentation/ @cnorris +/doc/development/documentation/ @cnorris @dianalogan /doc/development/i18n/ @ngaskill /doc/development/value_stream_analytics.md @msedlakjakubowski /doc/gitlab-basics/ @aqualls -/doc/install/ @axil -/doc/integration/ @aqualls @eread -/doc/operations/ @ngaskill @axil +/doc/install/ @marcel.amirault +/doc/operations/ @ngaskill @rdickenson /doc/push_rules/ @aqualls +/doc/security/ @eread /doc/ssh/ @eread /doc/subscriptions/ @sselhorn /doc/topics/autodevops/ @marcia /doc/topics/git/ @aqualls -/doc/update/ @axil @marcia +/doc/update/ @marcel.amirault @marcia /doc/user/analytics/ @msedlakjakubowski @ngaskill /doc/user/application_security/ @rdickenson /doc/user/application_security/container_scanning/ @ngaskill @@ -62,15 +63,13 @@ /doc/user/packages/infrastructure_registry/ @marcia /doc/user/packages/terraform_module_registry/ @marcia /doc/user/profile/ @msedlakjakubowski @eread -/doc/user/project/ @aqualls @axil @eread @msedlakjakubowski @ngaskill +/doc/user/project/ @aqualls @rdickenson @eread @msedlakjakubowski @ngaskill /doc/user/project/clusters/ @marcia /doc/user/project/import/ @ngaskill @msedlakjakubowski -/doc/user/project/integrations/ @aqualls -/doc/user/project/integrations/prometheus_library/ @ngaskill /doc/user/project/issues/ @msedlakjakubowski /doc/user/project/merge_requests/ @aqualls @eread /doc/user/project/milestones/ @msedlakjakubowski -/doc/user/project/pages/ @axil +/doc/user/project/pages/ @rdickenson /doc/user/project/repository/ @aqualls /doc/user/project/settings/ @aqualls @eread /doc/user/project/static_site_editor/index.md @aqualls @@ -142,6 +141,12 @@ /doc/user/project/settings/import_export.md @aqualls /doc/user/snippets.md @aqualls +[Docs Ecosystem] +/doc/administration/integration/ @kpaizee +/doc/integration/ @kpaizee +/doc/user/project/integrations/ @kpaizee +/doc/user/project/integrations/prometheus_library/ @ngaskill + [Docs Growth] /doc/administration/instance_review.md @kpaizee /doc/api/invitations.md @kpaizee @@ -237,7 +242,7 @@ Dangerfile @gl-quality/eng-prod /ee/lib/gitlab/ci/reports/dependency_list/ @gitlab-org/secure/composition-analysis-be /ee/lib/gitlab/ci/reports/license_scanning/ @gitlab-org/secure/composition-analysis-be /ee/lib/gitlab/ci/reports/security/ @gitlab-org/secure/composition-analysis-be @gitlab-org/secure/dynamic-analysis-be @gitlab-org/secure/static-analysis-be @gitlab-org/secure/fuzzing-be -/ee/app/services/ci/run_dast_scan_service.rb @gitlab-org/secure/dynamic-analysis-be +/ee/app/services/app_sec/dast/ @gitlab-org/secure/dynamic-analysis-be [Container Security] /ee/app/views/projects/threat_monitoring/** @gitlab-org/protect/container-security-frontend diff --git a/.gitlab/changelog_config.yml b/.gitlab/changelog_config.yml index 6069cd17a084063960976731517f3ac460d5968c..f6a041cced971e262a7ac654c1ee81531df862a0 100644 --- a/.gitlab/changelog_config.yml +++ b/.gitlab/changelog_config.yml @@ -11,6 +11,8 @@ categories: security: Security performance: Performance other: Other +include_groups: + - gitlab-org/gitlab-core-team/community-members template: | {% if categories %} {% each categories %} @@ -18,7 +20,7 @@ template: | {% each entries %} - [{{ title }}]({{ commit.reference }})\ - {% if author.contributor %} by {{ author.reference }}{% end %}\ + {% if author.credit %} by {{ author.reference }}{% end %}\ {% if commit.trailers.MR %}\ ([merge request]({{ commit.trailers.MR }}))\ {% else %}\ diff --git a/.gitlab/ci/build-images.gitlab-ci.yml b/.gitlab/ci/build-images.gitlab-ci.yml index 91cf7c9f2d5d63eab649437a08868b0afbdd91f8..6a222d8937f000eb8d3c905c2955709da123ef7f 100644 --- a/.gitlab/ci/build-images.gitlab-ci.yml +++ b/.gitlab/ci/build-images.gitlab-ci.yml @@ -24,46 +24,12 @@ build-qa-image: - .base-image-build - .build-images:rules:build-qa-image stage: build-images - tags: - - high-cpu needs: [] script: - !reference [.base-image-build, script] - echo $QA_IMAGE - - /kaniko/executor --context=${CI_PROJECT_DIR} --dockerfile=${CI_PROJECT_DIR}/qa/Dockerfile --destination=${QA_IMAGE} --cache=true - -# This image is used by: -# - The `review-qa-*` jobs -# - The downstream `omnibus-gitlab-mirror` pipeline triggered by `package-and-qa` so that it doesn't have to rebuild it again. -# The downstream `omnibus-gitlab-mirror` pipeline itself passes the image name to the `gitlab-qa-mirror` pipeline so that -# it can use it instead of inferring an end-to-end image from the GitLab image built by the downstream `omnibus-gitlab-mirror` pipeline. -# See https://docs.gitlab.com/ee/development/testing_guide/end_to_end/index.html#testing-code-in-merge-requests for more details. -build-qa-image-buildkit: - extends: - - .base-image-build - - .use-buildkit - - .build-images:rules:build-qa-image - stage: build-images - tags: - - docker - - high-cpu - needs: [] - variables: - QA_IMAGE_BASE: ${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa - allow_failure: true - script: - - !reference [.base-image-build, script] - # Build image and push current sha tag and latest branch tag - # Fetch cache from latest branch image or latest main branch image - - | - buildctl-daemonless.sh build \ - --frontend=dockerfile.v0 \ - --local context="." \ - --local dockerfile="qa" \ - --export-cache type=inline \ - --import-cache type=registry,ref="${QA_IMAGE_BASE}:${CI_COMMIT_REF_SLUG}-buildkit" \ - --import-cache type=registry,ref="${QA_IMAGE_BASE}:${CI_DEFAULT_BRANCH}" \ - --output type=image,\"name="${QA_IMAGE}-buildkit","${QA_IMAGE_BASE}:${CI_COMMIT_REF_SLUG}-buildkit"\",push=true + - echo $QA_IMAGE_BRANCH + - /kaniko/executor --context=${CI_PROJECT_DIR} --dockerfile=${CI_PROJECT_DIR}/qa/Dockerfile --destination=${QA_IMAGE} --destination=${QA_IMAGE_BRANCH} --cache=true # This image is used by: # - The `CNG` pipelines (via the `review-build-cng` job): https://gitlab.com/gitlab-org/build/CNG/-/blob/cfc67136d711e1c8c409bf8e57427a644393da2f/.gitlab-ci.yml#L335 diff --git a/.gitlab/ci/dast.gitlab-ci.yml b/.gitlab/ci/dast.gitlab-ci.yml index 309714f8739e054475ca6925b5306c213eeec3bc..512c850b7da3f9d9ec8ca66c23aac98b613daee8 100644 --- a/.gitlab/ci/dast.gitlab-ci.yml +++ b/.gitlab/ci/dast.gitlab-ci.yml @@ -10,29 +10,21 @@ variables: DAST_USERNAME_FIELD: "user[login]" DAST_PASSWORD_FIELD: "user[password]" + DAST_SUBMIT_FIELD: "commit" DAST_FULL_SCAN_ENABLED: "true" - DAST_SPIDER_MINS: 0 - # TBD pin to a version - DAST_VERSION: 1.22.1 + DAST_VERSION: 2 + GIT_STRATEGY: none # -Xmx is used to set the JVM memory to 6GB to prevent DAST OutOfMemoryError. DAST_ZAP_CLI_OPTIONS: "-Xmx6144m" - DAST_RULES: "41,42,43,10027,10032,10041,10042,10045,10047,10052,10053,10057,10061,10096,10097,10104,10106,20012,20014,20015,20016,20017,20018,40019,40020,40021,40024,40025,40027,40029,40032,90001,90019,10109,10026,10028,10029,10030,10031,10033,10034,10035,10036,10038,10039,10043,10044,10048,10050,10051,10058,10062,10095,10107,10108,30003,40013,40022,40023,40028,90021,90023,90024,90025,90027,90028,10003,50003,0,2,3,6,7,10010,10011,10015,10017,10019,10020,10021,10023,10024,10025,10037,10040,10054,10055,10056,10098,10105,10202,20019,30001,30002,40003,40008,40009,40012,40014,40016,40017,40018,50000,50001,90011,90020,90022,90033" before_script: - 'export DAST_WEBSITE="${DAST_WEBSITE:-$(cat environment_url.txt)}"' - 'export DAST_AUTH_URL="${DAST_WEBSITE}/users/sign_in"' - 'export DAST_PASSWORD="${REVIEW_APPS_ROOT_PASSWORD}"' - # Below three lines can be removed once https://gitlab.com/gitlab-org/gitlab/-/issues/230687 is fixed - - mkdir -p /zap/xml - - 'sed -i "84 s/true/false/" /zap/xml/config.xml' - - cat /zap/xml/config.xml # Help pages are excluded from scan as they are static pages. # profile/two_factor_auth is excluded from scan to prevent 2FA from being turned on from user profile, which will reduce coverage. - - 'export DAST_AUTH_EXCLUDE_URLS="${DAST_WEBSITE}/help/.*,${DAST_WEBSITE}/profile/two_factor_auth,${DAST_WEBSITE}/users/sign_out"' + - 'DAST_EXCLUDE_URLS="${DAST_WEBSITE}/help/.*,${DAST_WEBSITE}/-/profile/two_factor_auth,${DAST_WEBSITE}/users/sign_out"' # Exclude the automatically generated monitoring project from being tested due to https://gitlab.com/gitlab-org/gitlab/-/issues/260362 - - 'DAST_AUTH_EXCLUDE_URLS="${DAST_AUTH_EXCLUDE_URLS},https://.*\.gitlab-review\.app/gitlab-instance-(administrators-)?[a-zA-Z0-9]{8}/.*"' - - enable_rule () { read all_rules; rule=$1; echo $all_rules | sed -r "s/(,)?$rule(,)?/\1-1\2/" ; } - # Sort ids in DAST_RULES ascendingly, which is required when using DAST_RULES as argument to enable_rule - - 'DAST_RULES=$(echo $DAST_RULES | tr "," "\n" | sort -n | paste -sd ",")' + - 'export DAST_EXCLUDE_URLS="${DAST_EXCLUDE_URLS},${DAST_WEBSITE}/gitlab-instance-.*"' needs: ["review-deploy"] stage: dast # Default job timeout set to 90m and dast rules needs 2h to so that it won't timeout. @@ -45,161 +37,155 @@ reports: dast: gl-dast-report.json expire_in: 1 week # GitLab-specific + allow_failure: true # DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset1: +# ZAP rule details can be found at https://www.zaproxy.org/docs/alerts/ + +# 10019, 10021 Missing security headers +# 10023, 10024, 10025, 10037 Information Disclosure +# 10040 Secure Pages Include Mixed Content +# 10055 CSP +# 10056 X-Debug-Token Information Leak +# Duration: 14 minutes 20 seconds + +dast:secureHeaders-csp-infoLeak: extends: - .dast_conf variables: DAST_USERNAME: "user1" + DAST_ONLY_INCLUDE_RULES: "10019,10021,10023,10024,10025,10037,10040,10055,10056" script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10019 | enable_rule 10020 | enable_rule 10021 | enable_rule 10023 | enable_rule 10024 | enable_rule 10025 | enable_rule 10037 | enable_rule 10040 | enable_rule 10054 | enable_rule 10055 | enable_rule 10056) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d + - /analyze -# DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset2: +# 90023 XML External Entity Attack +# Duration: 41 minutes 20 seconds +# 90019 Server Side Code Injection +# Duration: 34 minutes 31 seconds +dast:XXE-SrvSideInj: extends: - .dast_conf variables: DAST_USERNAME: "user2" + DAST_ONLY_INCLUDE_RULES: "90023,90019" script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 90011 | enable_rule 90020 | enable_rule 90022 | enable_rule 90033) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d + - /analyze -# DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset3: +# 0 Directory Browsing +# 2 Private IP Disclosure +# 3 Session ID in URL Rewrite +# 7 Remote File Inclusion +# Duration: 63 minutes 43 seconds +# 90034 Cloud Metadata Potentially Exposed +# Duration: 13 minutes 48 seconds +# 90022 Application Error Disclosure +# Duration: 12 minutes 7 seconds +dast:infoLeak-fileInc-DirBrowsing: extends: - .dast_conf variables: DAST_USERNAME: "user3" + DAST_ONLY_INCLUDE_RULES: "0,2,3,7,90034,90022" script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40016 | enable_rule 40017 | enable_rule 50000 | enable_rule 50001) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d + - /analyze -# DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset4: +# 10010 Cookie No HttpOnly Flag +# 10011 Cookie Without Secure Flag +# 10017 Cross-Domain JavaScript Source File Inclusion +# 10029 Cookie Poisoning +# 90033 Loosely Scoped Cookie +# 10054 Cookie Without SameSite Attribute +# Duration: 13 minutes 23 seconds +dast:insecureCookie: extends: - .dast_conf variables: DAST_USERNAME: "user4" + DAST_ONLY_INCLUDE_RULES: "10010,10011,10017,10029,90033,10054" script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 0 | enable_rule 2 | enable_rule 3 | enable_rule 7 ) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d + - /analyze -# DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset5: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user5" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10010 | enable_rule 10011 | enable_rule 10017 | enable_rule 10019) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d - -# DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset6: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user6" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 30001 | enable_rule 40009) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d -# Enable when https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39749 is fixed -# DAST scan with a subset of Beta scan rules. -# DAST-fullscan-ruleset7: -# extends: -# - .dast_conf -# variables: -# DAST_USERNAME: "user7" -# script: -# - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10098 | enable_rule 10105 | enable_rule 10202 | enable_rule 30002 | enable_rule 40003 | enable_rule 40008 | enable_rule 40009) -# - echo $DAST_EXCLUDE_RULES -# - /analyze -t $DAST_WEBSITE -d +# 20012 Anti-CSRF Tokens Check +# 10202 Absence of Anti-CSRF Tokens +# https://gitlab.com/gitlab-com/gl-security/appsec/appsec-team/-/issues/192 -# Enable when https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39749 is fixed -# Below jobs runs DAST scans with one time consuming scan rule. These scan rules are disabled in above jobs so that those jobs won't timeout. -# DAST scan with rule - 20019 External Redirect -# DAST-fullscan-rule-20019: +# Commented because of lot of FP's +# dast:csrfTokenCheck: # extends: # - .dast_conf # variables: -# DAST_USERNAME: "user8" +# DAST_USERNAME: "user6" +# DAST_ONLY_INCLUDE_RULES: "20012,10202" # script: -# - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 20019) -# - echo $DAST_EXCLUDE_RULES -# - /analyze -t $DAST_WEBSITE -d +# - /analyze -# Enable when https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39749 is fixed -# DAST scan with rule - 10107 Httpoxy - Proxy Header Misuse - Active/beta -# DAST-fullscan-rule-10107: -# extends: -# - .dast_conf -# variables: -# DAST_USERNAME: "user9" -# script: -# - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10107) -# - echo $DAST_EXCLUDE_RULES -# - /analyze -t $DAST_WEBSITE -d +# 10098 Cross-Domain Misconfiguration +# 10105 Weak Authentication Method +# 40003 CRLF Injection +# 40008 Parameter Tampering +# Duration: 71 minutes 15 seconds +dast:corsMisconfig-weakauth-crlfInj: + extends: + - .dast_conf + variables: + DAST_USERNAME: "user5" + DAST_ONLY_INCLUDE_RULES: "10098,10105,40003,40008" + script: + - /analyze -# DAST scan with rule - 90020 Remote OS Command Injection -DAST-fullscan-rule-90020: +# 20019 External Redirect +# 20014 HTTP Parameter Pollution +# Duration: 46 minutes 12 seconds +dast:extRedirect-paramPollution: extends: - .dast_conf variables: - DAST_USERNAME: "user10" + DAST_USERNAME: "user6" + DAST_ONLY_INCLUDE_RULES: "20019,20014" script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 90020) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d + - /analyze -# DAST scan with rule - 40018 SQL Injection - Active/release -DAST-fullscan-rule-40018: +# 40022 SQL Injection - PostgreSQL +# Duration: 53 minutes 59 seconds +dast:sqlInjection: extends: - .dast_conf variables: - DAST_USERNAME: "user11" + DAST_USERNAME: "user7" + DAST_ONLY_INCLUDE_RULES: "40022" script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40018) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d + - /analyze -# DAST scan with rule - 40014 Cross Site Scripting (Persistent) - Active/release -DAST-fullscan-rule-40014: +# 40014 Cross Site Scripting (Persistent) +# Duration: 21 minutes 50 seconds +dast:xss-persistent: extends: - .dast_conf variables: - DAST_USERNAME: "user12" + DAST_USERNAME: "user8" + DAST_ONLY_INCLUDE_RULES: "40014" script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40014) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d + - /analyze -# DAST scan with rule - 6 Path travesal -DAST-fullscan-rule-6: +# 40012 Cross Site Scripting (Reflected) +# Duration: 73 minutes 15 seconds +dast:xss-reflected: extends: - .dast_conf variables: - DAST_USERNAME: "user13" + DAST_USERNAME: "user9" + DAST_ONLY_INCLUDE_RULES: "40012" script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 6) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d + - /analyze -# DAST scan with rule - 40012 Cross Site Scripting (Reflected) -DAST-fullscan-rule-40012: +# 40013 Session Fixation +# Duration: 44 minutes 25 seconds +dast:sessionFixation: extends: - .dast_conf variables: - DAST_USERNAME: "user14" + DAST_USERNAME: "user10" + DAST_ONLY_INCLUDE_RULES: "40013" script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40012) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d + - /analyze diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml index 3e3d994c70b2035f53b11616a63550725b33e5af..f4d8698f22da4616d6eaae2f89d9e3212b20f3ea 100644 --- a/.gitlab/ci/docs.gitlab-ci.yml +++ b/.gitlab/ci/docs.gitlab-ci.yml @@ -75,16 +75,3 @@ ui-docs-links lint: needs: [] script: - bundle exec haml-lint -i DocumentationLinks - -deprecations-doc check: - variables: - SETUP_DB: "false" - extends: - - .default-retry - - .rails-cache - - .default-before_script - - .docs:rules:deprecations - stage: test - needs: [] - script: - - bundle exec rake gitlab:docs:check_deprecations diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml index 48f85219ff4e7f2a3723a92ad6ed1f9ecbcb028f..6974d63a49c0c13694312ec80632fcb58c6f8ee1 100644 --- a/.gitlab/ci/frontend.gitlab-ci.yml +++ b/.gitlab/ci/frontend.gitlab-ci.yml @@ -71,6 +71,12 @@ compile-test-assets as-if-foss: - .frontend:rules:compile-test-assets-as-if-foss - .as-if-foss +compile-test-assets as-if-jh: + extends: + - compile-test-assets + - .frontend:rules:compile-test-assets-as-if-jh + needs: ["add-jh-folder"] + update-assets-compile-production-cache: extends: - compile-production-assets @@ -112,7 +118,7 @@ update-storybook-yarn-cache: - .rails-cache - .use-pg12 stage: fixtures - needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets"] + needs: ["setup-test-env", "retrieve-tests-metadata"] variables: WEBPACK_VENDOR_DLL: "true" script: @@ -128,23 +134,38 @@ update-storybook-yarn-cache: - tmp/tests/frontend/ - knapsack/ -rspec frontend_fixture: +# Builds FOSS, and EE fixtures in the EE project. +# Builds FOSS fixtures in the FOSS project. +rspec-all frontend_fixture: extends: - .frontend-fixtures-base - .frontend:rules:default-frontend-jobs - parallel: 2 + needs: + - !reference [.frontend-fixtures-base, needs] + - "compile-test-assets" + parallel: 5 -rspec frontend_fixture as-if-foss: +# Builds FOSS fixtures in the EE project, with the `ee/` folder removed (due to `as-if-foss`). +rspec-all frontend_fixture as-if-foss: extends: - .frontend-fixtures-base - .frontend:rules:default-frontend-jobs-as-if-foss - .as-if-foss + needs: + - !reference [.frontend-fixtures-base, needs] + - "compile-test-assets as-if-foss" -rspec-ee frontend_fixture: +# Builds FOSS, EE, and JH fixtures in the EE project, with the `jh/` folder added (due to `as-if-jh`). +rspec-all frontend_fixture as-if-jh: extends: - .frontend-fixtures-base - - .frontend:rules:default-frontend-jobs-ee - parallel: 3 + - .frontend:rules:default-frontend-jobs-as-if-jh + needs: + - !reference [.frontend-fixtures-base, needs] + - "compile-test-assets as-if-jh" + - "add-jh-folder" + script: + - echo "This job is currently doing nothing since there's no specific JH fixtures yet. To enable this job, remove this line." graphql-schema-dump: variables: @@ -172,7 +193,9 @@ graphql-schema-dump: # Disable warnings in browserslist which can break on backports # https://github.com/browserslist/browserslist/blob/a287ec6/node.js#L367-L384 BROWSERSLIST_IGNORE_OLD_DATA: "true" + SETUP_DB: "false" before_script: + - !reference [.default-before_script, before_script] - *yarn-install stage: test @@ -194,11 +217,7 @@ jest: extends: - .jest-base - .frontend:rules:jest - needs: - - job: "detect-tests" - - job: "rspec frontend_fixture" - - job: "rspec-ee frontend_fixture" - optional: true + needs: ["rspec-all frontend_fixture"] artifacts: name: coverage-frontend expire_in: 31d @@ -215,6 +234,9 @@ jest minimal: extends: - jest - .frontend:rules:jest:minimal + needs: + - !reference [jest, needs] + - "detect-tests" script: - run_timed_command "yarn jest:ci:minimal" @@ -225,9 +247,7 @@ jest-integration: script: - run_timed_command "yarn jest:integration --ci" needs: - - job: "rspec frontend_fixture" - - job: "rspec-ee frontend_fixture" - optional: true + - job: "rspec-all frontend_fixture" - job: "graphql-schema-dump" jest-as-if-foss: @@ -235,9 +255,17 @@ jest-as-if-foss: - .jest-base - .frontend:rules:default-frontend-jobs-as-if-foss - .as-if-foss - needs: ["rspec frontend_fixture as-if-foss"] + needs: ["rspec-all frontend_fixture as-if-foss"] parallel: 2 +jest-as-if-jh: + extends: + - .jest-base + - .frontend:rules:default-frontend-jobs-as-if-jh + needs: ["rspec-all frontend_fixture as-if-jh", "add-jh-folder"] + script: + - echo "This job is currently doing nothing since there's no specific JH Jest tests yet. To enable this job, remove this line." + coverage-frontend: extends: - .default-retry @@ -341,9 +369,7 @@ startup-css-check: - .frontend:rules:default-frontend-jobs needs: - job: "compile-test-assets" - - job: "rspec frontend_fixture" - - job: "rspec-ee frontend_fixture" - optional: true + - job: "rspec-all frontend_fixture" startup-css-check as-if-foss: extends: @@ -352,7 +378,7 @@ startup-css-check as-if-foss: - .frontend:rules:default-frontend-jobs-as-if-foss needs: - job: "compile-test-assets as-if-foss" - - job: "rspec frontend_fixture as-if-foss" + - job: "rspec-all frontend_fixture as-if-foss" .compile-storybook-base: extends: @@ -361,11 +387,15 @@ startup-css-check as-if-foss: script: - *storybook-yarn-install - yarn run storybook:build + needs: ["graphql-schema-dump"] compile-storybook: extends: - .compile-storybook-base - .frontend:rules:default-frontend-jobs + needs: + - !reference [.compile-storybook-base, needs] + - job: "rspec-all frontend_fixture" artifacts: name: storybook expire_in: 31d @@ -378,3 +408,6 @@ compile-storybook as-if-foss: - .compile-storybook-base - .as-if-foss - .frontend:rules:default-frontend-jobs-as-if-foss + needs: + - !reference [.compile-storybook-base, needs] + - job: "rspec-all frontend_fixture as-if-foss" diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml index b065d578b9dec13277da25a56ac9405bb2e583bd..d0c26d60066d8efd656cab47e5beb0bb01ddb59e 100644 --- a/.gitlab/ci/global.gitlab-ci.yml +++ b/.gitlab/ci/global.gitlab-ci.yml @@ -10,6 +10,7 @@ .default-before_script: before_script: + - echo $FOSS_ONLY - '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb' - export GOPATH=$CI_PROJECT_DIR/.go - mkdir -p $GOPATH @@ -193,10 +194,12 @@ .storybook-yarn-cache: cache: + - *node-modules-cache - *storybook-node-modules-cache .storybook-yarn-cache-push: cache: + - *node-modules-cache # We don't push this cache as it's already rebuilt by `update-yarn-cache` - *storybook-node-modules-cache-push .use-pg11: @@ -268,24 +271,6 @@ - mkdir -p /kaniko/.docker - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json -.use-buildkit: - image: - name: ${GITLAB_DEPENDENCY_PROXY}moby/buildkit:v0.9.0 - entrypoint: [""] - before_script: - - source scripts/utils.sh - - mkdir -p $HOME/.docker - - | - cat <<- EOF > $HOME/.docker/config.json - { - "auths": { - "$CI_REGISTRY": { - "auth": "$(echo -n $CI_REGISTRY_USER:$CI_REGISTRY_PASSWORD | base64)" - } - } - } - EOF - .as-if-foss: variables: FOSS_ONLY: '1' diff --git a/.gitlab/ci/memory.gitlab-ci.yml b/.gitlab/ci/memory.gitlab-ci.yml index f3ad8f81da5d1652589d43ba6cea07bfa571a730..9234b116ff87b7bbc49b385b0799a83191857a05 100644 --- a/.gitlab/ci/memory.gitlab-ci.yml +++ b/.gitlab/ci/memory.gitlab-ci.yml @@ -4,6 +4,12 @@ - .rails-cache - .default-before_script - .memory:rules + variables: + METRICS_FILE: "metrics.txt" + artifacts: + reports: + metrics: "${METRICS_FILE}" + expire_in: 31d memory-static: extends: .only-code-memory-job-base @@ -11,24 +17,25 @@ memory-static: needs: ["setup-test-env"] variables: SETUP_DB: "false" + MEMORY_BUNDLE_MEM_FILE: "tmp/memory_bundle_mem.txt" + MEMORY_BUNDLE_OBJECTS_FILE: "tmp/memory_bundle_objects.txt" script: # Uses two different reports from the 'derailed_benchmars' gem. # Loads each of gems in the Gemfile and checks how much memory they consume when they are required. # 'derailed_benchmarks' internally uses 'get_process_mem' - - bundle exec derailed bundle:mem > tmp/memory_bundle_mem.txt - - scripts/generate-gems-size-metrics-static tmp/memory_bundle_mem.txt >> 'tmp/memory_metrics.txt' + - bundle exec derailed bundle:mem > "${MEMORY_BUNDLE_MEM_FILE}" + - scripts/generate-gems-size-metrics-static "${MEMORY_BUNDLE_MEM_FILE}" >> "${METRICS_FILE}" # Outputs detailed information about objects created while gems are loaded. # 'derailed_benchmarks' internally uses 'memory_profiler' - - bundle exec derailed bundle:objects > tmp/memory_bundle_objects.txt - - scripts/generate-gems-memory-metrics-static tmp/memory_bundle_objects.txt >> 'tmp/memory_metrics.txt' + - bundle exec derailed bundle:objects > "${MEMORY_BUNDLE_OBJECTS_FILE}" + - scripts/generate-gems-memory-metrics-static "${MEMORY_BUNDLE_OBJECTS_FILE}" >> "${METRICS_FILE}" artifacts: paths: - - tmp/memory_*.txt - reports: - metrics: tmp/memory_metrics.txt - expire_in: 31d + - "${METRICS_FILE}" + - "${MEMORY_BUNDLE_MEM_FILE}" + - "${MEMORY_BUNDLE_OBJECTS_FILE}" # Show memory usage caused by invoking require per gem. # Unlike `memory-static`, it hits the app with one request to ensure that any last minute require-s have been called. @@ -44,12 +51,11 @@ memory-on-boot: NODE_ENV: "production" RAILS_ENV: "production" SETUP_DB: "true" + MEMORY_ON_BOOT_FILE: "tmp/memory_on_boot.txt" script: - - PATH_TO_HIT="/users/sign_in" CUT_OFF=0.3 bundle exec derailed exec perf:mem >> 'tmp/memory_on_boot.txt' - - scripts/generate-memory-metrics-on-boot tmp/memory_on_boot.txt >> 'tmp/memory_on_boot_metrics.txt' + - PATH_TO_HIT="/users/sign_in" CUT_OFF=0.3 bundle exec derailed exec perf:mem >> "${MEMORY_ON_BOOT_FILE}" + - scripts/generate-memory-metrics-on-boot "${MEMORY_ON_BOOT_FILE}" >> "${METRICS_FILE}" artifacts: paths: - - tmp/memory_*.txt - reports: - metrics: tmp/memory_on_boot_metrics.txt - expire_in: 31d + - "${METRICS_FILE}" + - "${MEMORY_ON_BOOT_FILE}" diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml index a5403073e1b0489687d24adfc6182505c73b6bf7..82453ccda4fcfcda26868c331d09de62f753c2fb 100644 --- a/.gitlab/ci/reports.gitlab-ci.yml +++ b/.gitlab/ci/reports.gitlab-ci.yml @@ -1,7 +1,7 @@ include: - template: Jobs/Code-Quality.gitlab-ci.yml - - template: Security/SAST.gitlab-ci.yml - - template: Security/Secret-Detection.gitlab-ci.yml + - template: Jobs/SAST.gitlab-ci.yml + - template: Jobs/Secret-Detection.gitlab-ci.yml - template: Security/Dependency-Scanning.gitlab-ci.yml - template: Security/License-Scanning.gitlab-ci.yml @@ -13,6 +13,7 @@ code_quality: paths: - gl-code-quality-report.json # GitLab-specific rules: !reference [".reports:rules:code_quality", rules] + allow_failure: true .sast-analyzer: # We need to re-`extends` from `sast` as the `extends` here overrides the one from the template. @@ -27,16 +28,15 @@ code_quality: variables: SAST_BRAKEMAN_LEVEL: 2 # GitLab-specific SAST_EXCLUDED_PATHS: "qa, spec, doc, ee/spec, config/gitlab.yml.example, tmp" # GitLab-specific - SAST_EXCLUDED_ANALYZERS: bandit, flawfinder, phpcs-security-audit, pmd-apex, security-code-scan, spotbugs, eslint + SAST_EXCLUDED_ANALYZERS: bandit, flawfinder, phpcs-security-audit, pmd-apex, security-code-scan, spotbugs, eslint, nodejs-scan brakeman-sast: - rules: !reference [".reports:rules:sast", rules] - -nodejs-scan-sast: - rules: !reference [".reports:rules:sast", rules] + rules: !reference [".reports:rules:brakeman-sast", rules] + allow_failure: true semgrep-sast: - rules: !reference [".reports:rules:sast", rules] + rules: !reference [".reports:rules:semgrep-sast", rules] + allow_failure: true gosec-sast: variables: @@ -52,7 +52,8 @@ gosec-sast: cache: paths: - vendor/go - rules: !reference [".reports:rules:sast", rules] + rules: !reference [".reports:rules:gosec-sast", rules] + allow_failure: true .secret-analyzer: extends: .default-retry @@ -64,6 +65,7 @@ gosec-sast: secret_detection: rules: !reference [".reports:rules:secret_detection", rules] + allow_failure: true .ds-analyzer: # We need to re-`extends` from `dependency_scanning` as the `extends` here overrides the one from the template. @@ -88,21 +90,24 @@ gemnasium-dependency_scanning: # Lower execa severity based on https://gitlab.com/gitlab-org/gitlab/-/issues/223859#note_452922390 - jq '(.vulnerabilities[] | select (.cve == "yarn.lock:execa:gemnasium:05cfa2e8-2d0c-42c1-8894-638e2f12ff3d")).severity = "Medium"' gl-dependency-scanning-report.json > temp.json && mv temp.json gl-dependency-scanning-report.json rules: !reference [".reports:rules:gemnasium-dependency_scanning", rules] + allow_failure: true bundler-audit-dependency_scanning: rules: !reference [".reports:rules:bundler-audit-dependency_scanning", rules] + allow_failure: true retire-js-dependency_scanning: rules: !reference [".reports:rules:retire-js-dependency_scanning", rules] + allow_failure: true gemnasium-python-dependency_scanning: rules: !reference [".reports:rules:gemnasium-python-dependency_scanning", rules] + allow_failure: true # Analyze dependencies for malicious behavior # See https://gitlab.com/gitlab-com/gl-security/security-research/package-hunter .package_hunter-base: - extends: - - .default-retry + extends: .default-retry stage: test image: name: registry.gitlab.com/gitlab-com/gl-security/security-research/package-hunter-cli:1.1.0 @@ -116,6 +121,8 @@ gemnasium-python-dependency_scanning: before_script: - rm -r spec locale .git app/assets/images doc/ - cd .. && tar -I "gzip --best" -cf gitlab.tgz gitlab/ + script: + - node /usr/src/app/cli.js analyze --format gitlab --manager ${PACKAGE_MANAGER} gitlab.tgz | tee ${CI_PROJECT_DIR}/gl-dependency-scanning-report.json artifacts: paths: - gl-dependency-scanning-report.json @@ -127,15 +134,15 @@ package_hunter-yarn: extends: - .package_hunter-base - .reports:rules:package_hunter-yarn - script: - - node /usr/src/app/cli.js analyze --format gitlab --manager yarn gitlab.tgz | tee $CI_PROJECT_DIR/gl-dependency-scanning-report.json + variables: + PACKAGE_MANAGER: yarn package_hunter-bundler: extends: - .package_hunter-base - .reports:rules:package_hunter-bundler - script: - - node /usr/src/app/cli.js analyze --format gitlab --manager bundler gitlab.tgz | tee $CI_PROJECT_DIR/gl-dependency-scanning-report.json + variables: + PACKAGE_MANAGER: bundler license_scanning: extends: .default-retry @@ -143,3 +150,4 @@ license_scanning: artifacts: expire_in: 1 week # GitLab-specific rules: !reference [".reports:rules:license_scanning", rules] + allow_failure: true diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml index f20f3276867491d77020d07ff7eb39209ab60f18..2fa8c2519f7986a502a6394a86cb1af07ac13eb3 100644 --- a/.gitlab/ci/review.gitlab-ci.yml +++ b/.gitlab/ci/review.gitlab-ci.yml @@ -172,6 +172,8 @@ review-qa-smoke: - .review-qa-base - .review:rules:review-qa-smoke retry: 1 # This is confusing but this means "2 runs at max". + variables: + QA_RUN_TYPE: review-qa-smoke script: - bin/test Test::Instance::Smoke "${CI_ENVIRONMENT_URL}" @@ -180,6 +182,8 @@ review-qa-all: - .review-qa-base - .review:rules:review-qa-all parallel: 5 + variables: + QA_RUN_TYPE: review-qa-all script: - export KNAPSACK_REPORT_PATH=knapsack/master_report.json - export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index 016be4af5003ded1e435df6fea1d62e9fb9c4eac..5e04db6701c4123fced7fa8ce3b4b0c3afc0b2e1 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -37,19 +37,22 @@ .if-automated-merge-request: &if-automated-merge-request if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == "release-tools/update-gitaly" || $CI_MERGE_REQUEST_TARGET_BRANCH_NAME =~ /stable-ee$/' -.if-merge-request-title-as-if-foss: &if-merge-request-title-as-if-foss +.if-merge-request-labels-as-if-foss: &if-merge-request-labels-as-if-foss if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-as-if-foss/' -.if-merge-request-title-update-caches: &if-merge-request-title-update-caches +.if-merge-request-labels-as-if-jh: &if-merge-request-labels-as-if-jh + if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-as-if-jh/' + +.if-merge-request-labels-update-caches: &if-merge-request-labels-update-caches if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:update-cache/' -.if-merge-request-title-run-all-rspec: &if-merge-request-title-run-all-rspec +.if-merge-request-labels-run-all-rspec: &if-merge-request-labels-run-all-rspec if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-all-rspec/' -.if-merge-request-title-run-all-jest: &if-merge-request-title-run-all-jest +.if-merge-request-labels-run-all-jest: &if-merge-request-labels-run-all-jest if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-all-jest/' -.if-merge-request-run-decomposed: &if-merge-request-run-decomposed +.if-merge-request-labels-run-decomposed: &if-merge-request-labels-run-decomposed if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-decomposed/' .if-security-merge-request: &if-security-merge-request @@ -91,13 +94,6 @@ .if-dot-com-gitlab-org-and-security-tag: &if-dot-com-gitlab-org-and-security-tag if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_COMMIT_TAG' - -.if-rspec-fail-fast-disabled: &if-rspec-fail-fast-disabled - if: '$RSPEC_FAIL_FAST_ENABLED != "true"' - -.if-rspec-fail-fast-skipped: &if-rspec-fail-fast-skipped - if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:skip-rspec-fail-fast/' - # For Security merge requests, the gitlab-release-tools-bot triggers a new # pipeline for the "Pipelines for merged results" feature. If the pipeline # fails, we notify release managers. @@ -150,13 +146,6 @@ - ".markdownlint.yml" - "scripts/lint-doc.sh" -.docs-deprecations-patterns: &docs-deprecations-patterns - - "doc/deprecations/index.md" - - "data/deprecations/*.yml" - - "data/deprecations/templates/_deprecation_template.md.erb" - - "lib/tasks/gitlab/docs/compile_deprecations.rake" - - "tooling/deprecations/docs.rb" - .bundler-patterns: &bundler-patterns - '{Gemfile.lock,*/Gemfile.lock,*/*/Gemfile.lock}' @@ -368,13 +357,16 @@ - "danger/**/*" - "tooling/danger/**/*" +.core-backend-patterns: &core-backend-patterns + - "{,jh/}Gemfile{,.lock}" + - "{,ee/,jh/}config/**/*.rb" + .core-frontend-patterns: &core-frontend-patterns - "{package.json,yarn.lock}" - "babel.config.js" - "jest.config.{base,integration,unit}.js" - "config/helpers/**/*.js" - "vendor/assets/javascripts/**/*" - - "{,ee}/app/assets/**/*.graphql" ################ # Shared rules # @@ -383,11 +375,11 @@ rules: - <<: *if-default-branch-schedule-2-hourly - <<: *if-security-schedule - - <<: *if-merge-request-title-update-caches + - <<: *if-merge-request-labels-update-caches .shared:rules:update-gitaly-binaries-cache: rules: - - <<: *if-merge-request-title-update-caches + - <<: *if-merge-request-labels-update-caches - changes: *gitaly-patterns ###################### @@ -471,12 +463,6 @@ changes: *docs-patterns when: on_success -.docs:rules:deprecations: - rules: - - <<: *if-default-refs - changes: *docs-deprecations-patterns - when: on_success - ################## # GraphQL rules # ################## @@ -502,35 +488,52 @@ .frontend:rules:compile-test-assets: rules: - changes: *code-backstage-qa-patterns - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .frontend:rules:compile-test-assets-as-if-foss: rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-as-if-foss + - <<: *if-merge-request-labels-run-all-rspec + - changes: *code-backstage-qa-patterns + - changes: *startup-css-patterns + +.frontend:rules:compile-test-assets-as-if-jh: + rules: + - <<: *if-not-ee + when: never + - <<: *if-merge-request-labels-as-if-jh + - <<: *if-merge-request-labels-run-all-rspec - changes: *code-backstage-qa-patterns - - <<: *if-merge-request-title-run-all-rspec + - changes: *startup-css-patterns .frontend:rules:default-frontend-jobs: rules: - <<: *if-default-refs changes: *code-backstage-patterns -.frontend:rules:default-frontend-jobs-ee: +.frontend:rules:default-frontend-jobs-as-if-foss: rules: - <<: *if-not-ee when: never - - <<: *if-default-refs + - <<: *if-security-merge-request changes: *code-backstage-patterns + - <<: *if-merge-request-labels-as-if-foss + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *startup-css-patterns + - <<: *if-merge-request + changes: *ci-patterns -.frontend:rules:default-frontend-jobs-as-if-foss: +.frontend:rules:default-frontend-jobs-as-if-jh: rules: - <<: *if-not-ee when: never - <<: *if-security-merge-request changes: *code-backstage-patterns - - <<: *if-merge-request-title-as-if-foss - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-as-if-jh + - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *startup-css-patterns - <<: *if-merge-request @@ -538,7 +541,7 @@ .frontend:rules:jest: rules: - - <<: *if-merge-request-title-run-all-jest + - <<: *if-merge-request-labels-run-all-jest - <<: *if-default-refs changes: *core-frontend-patterns - <<: *if-merge-request @@ -558,7 +561,7 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-jest + - <<: *if-merge-request-labels-run-all-jest when: never - <<: *if-default-refs changes: *core-frontend-patterns @@ -576,7 +579,8 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-as-if-foss + # We already have `static-analysis as-if-foss` which already runs `lint:eslint:all` if the `pipeline:run-as-if-foss` label is set. + - <<: *if-merge-request-labels-as-if-foss when: never - <<: *if-merge-request changes: *frontend-patterns @@ -646,8 +650,8 @@ when: never - <<: *if-security-merge-request changes: *code-qa-patterns - - <<: *if-merge-request-title-as-if-foss - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-as-if-foss + - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *ci-patterns @@ -673,12 +677,13 @@ ############### .rails:rules:decomposed-databases: rules: - - <<: *if-merge-request-run-decomposed - allow_failure: true + - <<: *if-merge-request-labels-run-decomposed .rails:rules:ee-and-foss-migration: rules: - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-merge-request @@ -695,7 +700,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -708,7 +716,7 @@ rules: - <<: *if-merge-request changes: *db-patterns - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .rails:rules:db:gitlabcom-database-testing: rules: @@ -720,7 +728,9 @@ .rails:rules:ee-and-foss-unit: rules: - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -735,7 +745,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -745,7 +758,9 @@ .rails:rules:ee-and-foss-integration: rules: - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -760,7 +775,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -770,7 +788,9 @@ .rails:rules:ee-and-foss-system: rules: - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -785,7 +805,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -795,7 +818,9 @@ .rails:rules:ee-and-foss-fast_spec_helper: rules: - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -810,7 +835,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -821,13 +849,15 @@ .rails:rules:code-backstage-qa: rules: - changes: *code-backstage-qa-patterns - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .rails:rules:ee-only-migration: rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-merge-request @@ -846,7 +876,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -859,7 +892,9 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -876,7 +911,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -888,7 +926,9 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -905,7 +945,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -917,7 +960,9 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -934,7 +979,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -946,12 +994,14 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-security-merge-request changes: *db-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *db-patterns - <<: *if-automated-merge-request changes: *db-patterns @@ -966,13 +1016,16 @@ when: never - <<: *if-automated-merge-request when: never + - <<: *if-merge-request + changes: *core-backend-patterns + when: never - <<: *if-merge-request changes: *ci-patterns when: never - <<: *if-security-merge-request changes: *db-patterns when: never - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *db-patterns when: never @@ -980,7 +1033,9 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -989,7 +1044,7 @@ when: never - <<: *if-security-merge-request changes: *backend-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *backend-patterns .rails:rules:as-if-foss-unit:minimal: @@ -1000,19 +1055,24 @@ when: never - <<: *if-automated-merge-request when: never + - <<: *if-merge-request + changes: *core-backend-patterns + when: never - <<: *if-merge-request changes: *ci-patterns when: never - <<: *if-security-merge-request changes: *backend-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *backend-patterns .rails:rules:as-if-foss-integration: rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -1021,7 +1081,7 @@ when: never - <<: *if-security-merge-request changes: *backend-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *backend-patterns .rails:rules:as-if-foss-integration:minimal: @@ -1032,19 +1092,24 @@ when: never - <<: *if-automated-merge-request when: never + - <<: *if-merge-request + changes: *core-backend-patterns + when: never - <<: *if-merge-request changes: *ci-patterns when: never - <<: *if-security-merge-request changes: *backend-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *backend-patterns .rails:rules:as-if-foss-system: rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -1053,7 +1118,7 @@ when: never - <<: *if-security-merge-request changes: *code-backstage-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *code-backstage-patterns .rails:rules:as-if-foss-system:minimal: @@ -1064,24 +1129,27 @@ when: never - <<: *if-automated-merge-request when: never + - <<: *if-merge-request + changes: *core-backend-patterns + when: never - <<: *if-merge-request changes: *ci-patterns when: never - <<: *if-security-merge-request changes: *code-backstage-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *code-backstage-patterns .rails:rules:ee-and-foss-db-library-code: rules: - changes: *db-library-patterns - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .rails:rules:ee-mr-and-default-branch-only: rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *code-backstage-patterns - <<: *if-default-branch-refs @@ -1090,13 +1158,13 @@ .rails:rules:detect-tests: rules: - changes: *code-backstage-patterns - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .rails:rules:rspec-foss-impact: rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss when: never - <<: *if-security-merge-request changes: *code-backstage-patterns @@ -1105,10 +1173,6 @@ .rails:rules:rspec fail-fast: rules: - - <<: *if-rspec-fail-fast-disabled - when: never - - <<: *if-rspec-fail-fast-skipped - when: never - <<: *if-not-ee when: never - <<: *if-security-merge-request @@ -1118,10 +1182,6 @@ .rails:rules:fail-pipeline-early: rules: - - <<: *if-rspec-fail-fast-disabled - when: never - - <<: *if-rspec-fail-fast-skipped - when: never - <<: *if-not-ee when: never - <<: *if-security-merge-request @@ -1136,7 +1196,7 @@ - <<: *if-not-ee when: never - <<: *if-default-branch-schedule-nightly - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .rails:rules:rspec-coverage: rules: @@ -1146,7 +1206,7 @@ changes: *code-backstage-patterns when: always - <<: *if-default-branch-schedule-2-hourly - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec when: always .rails:rules:default-branch-schedule-nightly--code-backstage: @@ -1181,7 +1241,7 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *code-backstage-qa-patterns - <<: *if-security-merge-request changes: *code-backstage-qa-patterns @@ -1196,7 +1256,7 @@ rules: - <<: *if-merge-request changes: ["vendor/gems/mail-smtp_pool/**/*"] - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec ################## # Releases rules # @@ -1222,75 +1282,76 @@ when: never - <<: *if-default-refs changes: *code-backstage-patterns - allow_failure: true -.reports:rules:sast: +.reports:rules:brakeman-sast: rules: - - if: '$SAST_DISABLED || $GITLAB_FEATURES !~ /\bsast\b/' + - if: $SAST_DISABLED when: never - - <<: *if-default-refs - changes: *code-backstage-qa-patterns - allow_failure: true + - if: $SAST_EXCLUDED_ANALYZERS =~ /brakeman/ + when: never + - changes: + - '**/*.rb' + - '**/Gemfile' + +.reports:rules:gosec-sast: + rules: + - if: $SAST_DISABLED + when: never + - if: $SAST_EXCLUDED_ANALYZERS =~ /gosec/ + when: never + - changes: + - '**/*.go' + +.reports:rules:semgrep-sast: + rules: + - if: $SAST_DISABLED + when: never + - if: $SAST_EXCLUDED_ANALYZERS =~ /semgrep/ + when: never + - changes: + - '**/*.py' + - '**/*.js' + - '**/*.jsx' + - '**/*.ts' + - '**/*.tsx' + - '**/*.c' + - '**/*.go' .reports:rules:secret_detection: rules: - if: '$SECRET_DETECTION_DISABLED' when: never - - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' # The Secret-Detection template already has a `secret_detection_default_branch` job - when: never - changes: *code-backstage-qa-patterns - allow_failure: true .reports:rules:gemnasium-dependency_scanning: rules: - - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium([^-]|$)/' + - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium([^-]|$)/ || $DS_DEFAULT_ANALYZERS !~ /gemnasium([^-]|$)/' when: never - - <<: *if-default-refs - changes: *dependency-patterns - allow_failure: true + - changes: *dependency-patterns .reports:rules:bundler-audit-dependency_scanning: rules: - - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /bundler-audit/' + - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /bundler-audit/ || $DS_DEFAULT_ANALYZERS !~ /bundler-audit/' when: never - - <<: *if-default-refs - changes: *bundler-patterns - allow_failure: true + - changes: *bundler-patterns .reports:rules:retire-js-dependency_scanning: rules: - - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /retire.js/' + - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /retire.js/ || $DS_DEFAULT_ANALYZERS !~ /retire.js/' when: never - - <<: *if-default-refs - changes: *nodejs-patterns - allow_failure: true + - changes: *nodejs-patterns .reports:rules:gemnasium-python-dependency_scanning: rules: - - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium-python/' + - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium-python/ || $DS_DEFAULT_ANALYZERS !~ /gemnasium-python/' when: never - - <<: *if-default-refs - changes: *python-patterns - allow_failure: true - -.reports:rules:dast: - rules: - - if: '$DAST_DISABLED || $GITLAB_FEATURES !~ /\bdast\b/' - when: never - - <<: *if-dot-com-gitlab-org-merge-request - changes: *frontend-patterns - allow_failure: true - - <<: *if-dot-com-gitlab-org-merge-request - changes: *code-qa-patterns - when: manual - allow_failure: true + - changes: *python-patterns .reports:rules:schedule-dast: rules: - if: '$DAST_DISABLED || $GITLAB_FEATURES !~ /\bdast\b/' when: never - - <<: *if-default-branch-schedule-nightly - allow_failure: true + - <<: *if-dot-com-ee-nightly-schedule .reports:rules:package_hunter-yarn: rules: @@ -1310,11 +1371,9 @@ .reports:rules:license_scanning: rules: - - if: '$LICENSE_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\blicense_scanning\b/' + - if: '$LICENSE_MANAGEMENT_DISABLED || $GITLAB_FEATURES !~ /\blicense_scanning\b/' when: never - - <<: *if-default-refs - changes: *code-backstage-qa-patterns - allow_failure: true + - changes: *code-backstage-qa-patterns ################ # Review rules # @@ -1534,6 +1593,15 @@ changes: *code-backstage-patterns when: on_success +.setup:rules:add-jh-folder: + rules: + - <<: *if-not-ee + when: never + - <<: *if-merge-request-labels-as-if-jh + - <<: *if-merge-request-labels-run-all-rspec + - changes: *code-backstage-qa-patterns + - changes: *startup-css-patterns + ####################### # Test metadata rules # ####################### @@ -1541,7 +1609,7 @@ rules: - changes: *code-backstage-patterns when: on_success - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .test-metadata:rules:update-tests-metadata: rules: diff --git a/.gitlab/ci/setup.gitlab-ci.yml b/.gitlab/ci/setup.gitlab-ci.yml index 60a1ad54cffe4fb70d381c8e3189aa8838ff9282..eb7a5afad3d7316261f9c619424b02811aeca1a8 100644 --- a/.gitlab/ci/setup.gitlab-ci.yml +++ b/.gitlab/ci/setup.gitlab-ci.yml @@ -101,3 +101,19 @@ detect-tests as-if-foss: MATCHED_TESTS_FILE: tmp/matching_foss_tests.txt before_script: - '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb' + +add-jh-folder: + extends: .setup:rules:add-jh-folder + image: ${GITLAB_DEPENDENCY_PROXY}alpine:edge + stage: prepare + before_script: + - apk add --no-cache --update curl bash + script: + - curl --location -o "jh-folder.tar.gz" "https://gitlab.com/gitlab-jh/gitlab/-/archive/main-jh/gitlab-main-jh.tar.gz?path=jh" + - tar -xf "jh-folder.tar.gz" + - mv gitlab-main-jh-jh/jh/ ./ + - ls -l jh/ + artifacts: + expire_in: 2d + paths: + - jh/ diff --git a/.gitlab/ci/static-analysis.gitlab-ci.yml b/.gitlab/ci/static-analysis.gitlab-ci.yml index 1394085b6e49f4a59a579db383dc4d9470443c42..85df68e903065e2f3096b789187dc636fc45d27f 100644 --- a/.gitlab/ci/static-analysis.gitlab-ci.yml +++ b/.gitlab/ci/static-analysis.gitlab-ci.yml @@ -35,6 +35,17 @@ static-analysis: paths: - tmp/feature_flags/ +static-analysis-with-database: + extends: + - .static-analysis-base + - .static-analysis:rules:ee-and-foss + - .use-pg12 + stage: test + script: + - bundle exec rake lint:static_verification_with_database + variables: + SETUP_DB: "true" + static-analysis as-if-foss: extends: - static-analysis diff --git a/.gitlab/ci/test-metadata.gitlab-ci.yml b/.gitlab/ci/test-metadata.gitlab-ci.yml index ac719977975b2c43b514c61836e33913a3c7abed..2d96fb6d4b07c61d149c663aefb439a72e3f0fcd 100644 --- a/.gitlab/ci/test-metadata.gitlab-ci.yml +++ b/.gitlab/ci/test-metadata.gitlab-ci.yml @@ -29,8 +29,7 @@ update-tests-metadata: - retrieve-tests-metadata - setup-test-env - rspec migration pg12 - - rspec frontend_fixture - - rspec-ee frontend_fixture + - rspec-all frontend_fixture - rspec unit pg12 - rspec integration pg12 - rspec system pg12 diff --git a/.gitlab/issue_templates/Feature Flag Roll Out.md b/.gitlab/issue_templates/Feature Flag Roll Out.md index 1576f6e8f537b9a5e6495ed188d9cb9d84c47710..00b396bac4e4eea7d894718cfc2da7a89601af60 100644 --- a/.gitlab/issue_templates/Feature Flag Roll Out.md +++ b/.gitlab/issue_templates/Feature Flag Roll Out.md @@ -24,26 +24,6 @@ Are there any other stages or teams involved that need to be kept in the loop? - The Delivery Team --> -## The Rollout Plan - -- Partial Rollout on GitLab.com with testing groups -- Rollout on GitLab.com for a certain period (How long) -- Percentage Rollout on GitLab.com -- Rollout Feature for everyone as soon as it's ready - - - -## Testing Groups/Projects/Users - - - -- `gitlab-org/gitlab` project -- `gitlab-org/gitlab-foss` project -- `gitlab-com/www-gitlab-com` project -- `gitlab-org`/`gitlab-com` groups -- ... - - ## Expectations ### What are we expecting to happen? @@ -62,17 +42,30 @@ Are there any other stages or teams involved that need to be kept in the loop? ### Rollout on non-production environments -- [ ] Ensure that the feature MRs have been deployed to non-production environments. +- Ensure that the feature MRs have been deployed to non-production environments. - [ ] `/chatops run auto_deploy status ` - [ ] Enable the feature globally on non-production environments. - [ ] `/chatops run feature set true --dev` - [ ] `/chatops run feature set true --staging` - [ ] Verify that the feature works as expected. Posting the QA result in this issue is preferable. -### Preparation before production rollout +### Specific rollout on production -- [ ] Ensure that the feature MRs have been deployed to both production and canary. +- Ensure that the feature MRs have been deployed to both production and canary. - [ ] `/chatops run auto_deploy status ` +- If you're using [project-actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), you must enable the feature on these entries: + - [ ] `/chatops run feature set --project=gitlab-org/gitlab true` + - [ ] `/chatops run feature set --project=gitlab-org/gitlab-foss true` + - [ ] `/chatops run feature set --project=gitlab-com/www-gitlab-com true` +- If you're using [group-actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), you must enable the feature on these entries: + - [ ] `/chatops run feature set --group=gitlab-org true` + - [ ] `/chatops run feature set --group=gitlab-com true` +- If you're using [user-actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), you must enable the feature on these entries: + - [ ] `/chatops run feature set --user= true` +- [ ] Verify that the feature works on the specific entries. Posting the QA result in this issue is preferable. + +### Preparation before global rollout + - [ ] Check if the feature flag change needs to be accompanied with a [change management issue](https://about.gitlab.com/handbook/engineering/infrastructure/change-management/#feature-flags-and-the-change-management-process). Cross link the issue here if it does. @@ -86,19 +79,13 @@ Are there any other stages or teams involved that need to be kept in the loop? All `/chatops` commands that target production should be done in the `#production` slack channel for visibility. -- [ ] Confirm the feature flag is enabled on `staging` without incident -- [ ] Roll out the feature to targeted testing projects/groups first - - [ ] `/chatops run feature set --project=gitlab-org/gitlab true` - - [ ] `/chatops run feature set --project=gitlab-org/gitlab-foss true` - - [ ] `/chatops run feature set --project=gitlab-com/www-gitlab-com true` - - [ ] [Incrementally roll out](https://docs.gitlab.com/ee/development/feature_flags/controls.html#process) the feature. - If the feature flag in code has [an actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), perform **actor-based** rollout. - [ ] `/chatops run feature set --actors` - If the feature flag in code does **NOT** have [an actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), perform time-based rollout (**random** rollout). - [ ] `/chatops run feature set ` -- [ ] Verify the change has the desired outcome with the limited rollout before enabling the feature globally on production. -- [ ] Enable the feature globally on production environment. `/chatops run feature set true` + - Enable the feature globally on production environment. + - [ ] `/chatops run feature set true` - [ ] Announce on [the feature issue](ISSUE LINK) that the feature has been globally enabled. - [ ] Wait for [at least one day for the verification term](https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/#including-a-feature-behind-feature-flag-in-the-final-release). diff --git a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md index 73233644d374a98d87bc018d958fd8805faeee57..0d822945798c19f668b2f17c99dbbed5854de328 100644 --- a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md +++ b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md @@ -109,7 +109,7 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org bin/rake geo:db:migrate ``` -- [ ] Be sure to commit the relevant changes in `ee/db/geo/schema.rb` +- [ ] Be sure to commit the relevant changes in `ee/db/geo/structure.sql` ### Add verification state fields on the Geo primary site @@ -826,5 +826,7 @@ Individual Cool Widget replication and verification data should now be available feature_flag: :geo_cool_widget_replication # REMOVE THIS LINE ``` +- [ ] Run `bundle exec rake gitlab:graphql:compile_docs` after the step above to regenerate the GraphQL docs. + - [ ] Add a row for Cool Widgets to the `Data types` table in [Geo data types support](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/administration/geo/replication/datatypes.md#data-types) - [ ] Add a row for Cool Widgets to the `Limitations on replication/verification` table in [Geo data types support](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/administration/geo/replication/datatypes.md#limitations-on-replicationverification). If the row already exists, then update it to show that Replication and Verification is released in the current version. diff --git a/.gitlab/issue_templates/Geo Replicate a new blob type.md b/.gitlab/issue_templates/Geo Replicate a new blob type.md index cc5a606d68b6276d5b527a3b855fea1c8c14df76..00a71fa406ed93569af05f550df8135c5c2b3f3c 100644 --- a/.gitlab/issue_templates/Geo Replicate a new blob type.md +++ b/.gitlab/issue_templates/Geo Replicate a new blob type.md @@ -110,7 +110,7 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org bin/rake geo:db:migrate ``` -- [ ] Be sure to commit the relevant changes in `ee/db/geo/schema.rb` +- [ ] Be sure to commit the relevant changes in `ee/db/geo/structure.sql` ### Add verification state fields on the Geo primary site @@ -794,5 +794,7 @@ Individual Cool Widget replication and verification data should now be available feature_flag: :geo_cool_widget_replication # REMOVE THIS LINE ``` +- [ ] Run `bundle exec rake gitlab:graphql:compile_docs` after the step above to regenerate the GraphQL docs. + - [ ] Add a row for Cool Widgets to the `Data types` table in [Geo data types support](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/administration/geo/replication/datatypes.md#data-types) - [ ] Add a row for Cool Widgets to the `Limitations on replication/verification` table in [Geo data types support](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/administration/geo/replication/datatypes.md#limitations-on-replicationverification). If the row already exists, then update it to show that Replication and Verification is released in the current version. diff --git a/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md b/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md index 57d6d12267c513fec128370d6934c5fd5ed68f58..e9e510da11e5cf6417a4b0790e44449ea511e14c 100644 --- a/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md +++ b/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md @@ -8,8 +8,7 @@ - [ ] If your proposal includes changes to the top-level menu items within the left sidebar, engage the [Foundations Product Design Manager](https://about.gitlab.com/handbook/product/categories/#foundations-group) for approval. The Foundations DRI will work with UX partners in product design, research, and technical writing, as applicable. - [ ] Follow the [product development workflow](https://about.gitlab.com/handbook/product-development-flow/#validation-phase-2-problem-validation) validation process to ensure you are solving a well understood problem and that the proposed change is understandable and non-disruptive to users. Navigation-specific research is strongly encouraged. -- [ ] Engage the [Editor](https://about.gitlab.com/handbook/engineering/development/dev/create-editor/) team to ensure your proposal is in alignment with holistic changes happening to the left side bar. +- [ ] Engage the [Foundations](https://about.gitlab.com/handbook/product/categories/#foundations-group) team to ensure your proposal is in alignment with holistic changes happening to the left side bar. - [ ] Consider whether you need to communicate the change somehow, or if you will have an interim period in the UI where your nav item will live in more than one place. -- [ ] Once implemented, update this [navigation map in Mural](https://app.mural.co/t/gitlab2474/m/gitlab2474/1589571490215/261462d0beb3043979374623710d3f2d6cfec1cb) with your navigation change. /label ~UX ~"UI text" ~"documentation" ~"documentation" ~"Category:Navigation & Settings" ~"Category:Foundations" ~navigation diff --git a/.gitlab/merge_request_templates/Deprecations.md b/.gitlab/merge_request_templates/Deprecations.md new file mode 100644 index 0000000000000000000000000000000000000000..8431e9ca3937b47c718a25cd223d0aeed2962f7e --- /dev/null +++ b/.gitlab/merge_request_templates/Deprecations.md @@ -0,0 +1,82 @@ + + +/label ~"release post" ~"release post item" ~"Technical Writing" ~"devops::" ~"group::" +/milestone % +/assign `@PM` + +**Be sure to link this MR to the relevant deprecation issue(s).** + +**By the 10th**: Assign this MR to these team members as Reviewer and for Approval (optional unless noted as required): + +- Product Marketing: `@PMM` +- Product Designer(s): `@ProductDesigners` +- Group Manager or Director: `@manager` +- Engineering Manager: `@EM` - Required + +**By 8:00 AM PDT 15th**: PM will assign this MR to the TW reviewer: `@PM` + +**By 11:59 PM PDT 15th**: TW Reviewer will perform final review and merge this MR to Master: `@TW` + +--- + +Please review the [guidelines for deprecations](https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations), +as well as the process for [creating a deprecation entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-deprecation-entry). +They are frequently updated, and everyone should make sure they are aware of the current standards (PM, PMM, EM, and TW). + +## Links + +- Deprecation Issue: +- Deprecation MR (optional): + +## PM release post item checklist + +- [ ] Set yourself as the Assignee. +- [ ] Follow the process to [create a deprecation YAML file](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-deprecation-entry). +- [ ] Add reviewers by the 10th +- [ ] When ready to be merged and not later than the 15th, add the ~ready label and @ message the TW for final review and merge. + +## Reviewers + +When the content is ready for review, it must be reviewed by Technical Writer and Engineering Manager, but can also be reviewed by +Product Marketing, Product Design, and the Product Leaders for this area. Please use the +[Reviewers for Merge Requests](https://docs.gitlab.com/ee/user/project/merge_requests/getting_started#reviewer) +feature for all reviews. Reviewers will then `approve` the MR and remove themselves from Reviewers when their review is complete. + +- [ ] (Recommended) PMM +- [ ] (Optional) Product Designer +- [ ] (Optional) Group Manager or Director +- [ ] Required review and approval: [Technical Writer designated to the corresponding DevOps stage/group](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments). + +### Tech writer review + +After being added as a Reviewer to this merge request, the TW performs their review +according to the criteria described below. + +Review deprecation MRs with a similar process as regular docs MRs. Add suggestions +as needed, @ message the PM to inform them the first review is complete, and remove +yourself as a reviewer if it's not ready for merge yet. + +
+Expand for Details + +- [ ] Title: + - Length limit: 7 words (not including articles or prepositions). + - Capitalization: ensure the title is [sentence cased](https://design.gitlab.com/content/punctuation#case). + - No Markdown `` `code` `` formatting in the title, as it doesn't render correctly in the release post. +- [ ] Consistency: + - Ensure that all resources (docs, deprecation, etc.) refer to the feature with the same term / feature name. +- [ ] Content: + - Make sure the deprecation is accurate based on your understanding. Look for typos or grammar mistakes. Work with PM and PMM to ensure a consistent GitLab style and tone for messaging, based on other features and deprecations. + - Review use of whitespace and bullet lists. Will the deprecation item be easily scannable when published? Consider adding line breaks or breaking content into bullets if you have more than a few sentences. + - Make sure there aren't acronyms readers may not understand per . +- [ ] Links: + - All links must be full URLs, as the deprecation YAML files are used in two different projects. Do not use relative links. The generated doc is an exception to the relative link rule and currently uses absolute links only. + - Make sure all links and anchors are correct. Do not link to the H1 (top) anchor on a docs page. +- [ ] Code. Make sure any included code is wrapped in code blocks. +- [ ] Capitalization. Make sure to capitalize feature names. Stay consistent with the Documentation Style Guidance on [Capitalization](https://docs.gitlab.com/ee/development/documentation/styleguide.html#capitalization). +- [ ] Blank spaces. Remove unnecessary spaces (end of line spaces, double spaces, extra blank lines, and lines with only spaces). + +
+ +When the PM indicates it is ready for merge, all issues have been addressed merge this MR. + - You must merge this MR by the 15th so the Release Post TW lead can run the [deprecations in Docs rake task](https://about.gitlab.com/handbook/marketing/blog/release-posts/#update-the-deprecations-doc) on the 16th diff --git a/.gitpod.yml b/.gitpod.yml index e9cc798ed19fba8baf149f7eb470ffbf6aa84a60..d546cc7f64ad0034657eb5fe00962613b9aacb1a 100644 --- a/.gitpod.yml +++ b/.gitpod.yml @@ -16,8 +16,7 @@ tasks: # GitLab [[ -d /workspace/gitlab ]] && ln -fs /workspace/gitlab /workspace/gitlab-development-kit/gitlab mv /workspace/gitlab-development-kit/secrets.yml /workspace/gitlab-development-kit/gitlab/config - # update gdk.yml - gdk config set gitlab.rails.hostname $(gp url 3000 | sed -e 's+^http[s]*://++') + # ensure gdk.yml has correct instance settings gdk config set gitlab.rails.port 443 gdk config set gitlab.rails.https.enabled true # reconfigure GDK @@ -42,6 +41,13 @@ tasks: echo "$(date) – Updating GDK" | tee -a /workspace/startup.log gdk update fi + # ensure gdk.yml has correct instance settings + gdk config set gitlab.rails.hostname $(gp url 3000 | sed -e 's+^http[s]*://++') + gdk config set gitlab.rails.port 443 + gdk config set gitlab.rails.https.enabled true + # reconfigure GDK + echo "$(date) – Reconfiguring GDK" | tee -a /workspace/startup.log + gdk reconfigure # start GDK echo "$(date) – Starting GDK" | tee -a /workspace/startup.log export DEV_SERVER_PUBLIC_ADDR=$(gp url 3808) diff --git a/.rubocop.yml b/.rubocop.yml index cc1b9258e1b64cb460dce0ce23b2efcc343ca788..4bf2392867d4b0b42fd9f1861621cb12d79146c4 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -28,7 +28,6 @@ AllCops: - 'node_modules/**/*' - 'db/fixtures/**/*' - 'db/schema.rb' - - 'ee/db/geo/schema.rb' - 'tmp/**/*' - 'bin/**/*' - 'generator_templates/**/*' @@ -40,7 +39,7 @@ AllCops: - 'db/ci_migrate/*.rb' # since the `db/ci_migrate` is a symlinked to `db/migrate` # Use absolute path to avoid orphan directories with changed workspace root. CacheRootDirectory: <%= Dir.getwd %>/tmp - MaxFilesInCache: 25000 + MaxFilesInCache: 30000 Cop/AvoidKeywordArgumentsInSidekiqWorkers: Enabled: true diff --git a/.rubocop_manual_todo.yml b/.rubocop_manual_todo.yml index fe1c607821bf10fd589c7dda76703f8a20fee89f..a646f6ec95087fc8c001f49d0597209e3e28c74b 100644 --- a/.rubocop_manual_todo.yml +++ b/.rubocop_manual_todo.yml @@ -10,20 +10,6 @@ # - guidelines for use found in # https://docs.gitlab.com/ee/development/contributing/style_guides.html#resolving-rubocop-exceptions. -# WIP See https://gitlab.com/gitlab-org/gitlab/-/issues/337596 -Graphql/Descriptions: - Exclude: - - 'ee/app/graphql/types/iteration_state_enum.rb' - - 'ee/app/graphql/types/requirements_management/requirement_state_enum.rb' - - 'ee/app/graphql/types/requirements_management/test_report_state_enum.rb' - - 'ee/app/graphql/types/security_scanner_type_enum.rb' - - 'ee/app/graphql/types/vulnerability/issue_link_type_enum.rb' - - 'ee/app/graphql/types/vulnerability_grade_enum.rb' - - 'ee/app/graphql/types/vulnerability_report_type_enum.rb' - - 'ee/app/graphql/types/vulnerability_severity_enum.rb' - - 'ee/app/graphql/types/vulnerability_state_enum.rb' - - 'ee/app/graphql/types/vulnerability_confidence_enum.rb' - # WIP: See https://gitlab.com/gitlab-org/gitlab/-/issues/220040 Rails/SaveBang: Exclude: @@ -310,7 +296,6 @@ Rails/TimeZone: - 'spec/lib/gitlab/graphql_logger_spec.rb' - 'spec/lib/gitlab/graphs/commits_spec.rb' - 'spec/lib/gitlab/import_export/project/relation_factory_spec.rb' - - 'spec/lib/gitlab/instrumentation_helper_spec.rb' - 'spec/lib/gitlab/json_logger_spec.rb' - 'spec/lib/gitlab/lfs_token_spec.rb' - 'spec/lib/gitlab/log_timestamp_formatter_spec.rb' @@ -398,10 +383,8 @@ RSpec/TimecopFreeze: - 'spec/lib/gitlab/checks/timed_logger_spec.rb' - 'spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb' - 'spec/lib/gitlab/cycle_analytics/usage_data_spec.rb' - - 'spec/lib/gitlab/instrumentation_helper_spec.rb' - 'spec/lib/gitlab/omniauth_logging/json_formatter_spec.rb' - 'spec/lib/gitlab/puma_logging/json_formatter_spec.rb' - - 'spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb' - 'spec/lib/json_web_token/hmac_token_spec.rb' - 'spec/tooling/rspec_flaky/flaky_example_spec.rb' - 'spec/tooling/rspec_flaky/listener_spec.rb' @@ -758,7 +741,6 @@ RSpec/AnyInstanceOf: - 'spec/policies/ci/pipeline_policy_spec.rb' - 'spec/presenters/gitlab/blame_presenter_spec.rb' - 'spec/presenters/merge_request_presenter_spec.rb' - - 'spec/requests/api/api_spec.rb' - 'spec/requests/api/ci/runner/jobs_artifacts_spec.rb' - 'spec/requests/api/ci/runner/jobs_put_spec.rb' - 'spec/requests/api/ci/runner/jobs_request_post_spec.rb' @@ -1783,7 +1765,6 @@ Gitlab/NamespacedClass: - 'app/workers/pages_domain_ssl_renewal_worker.rb' - 'app/workers/pages_domain_verification_cron_worker.rb' - 'app/workers/pages_domain_verification_worker.rb' - - 'app/workers/pages_remove_worker.rb' - 'app/workers/pages_transfer_worker.rb' - 'app/workers/pages_update_configuration_worker.rb' - 'app/workers/pages_worker.rb' @@ -2578,3 +2559,48 @@ Performance/ActiveRecordSubtransactionMethods: - 'lib/gitlab/composer/cache.rb' - 'lib/gitlab/database/async_indexes/migration_helpers.rb' - 'lib/gitlab/issuables_count_for_state.rb' + +# WIP: https://gitlab.com/gitlab-org/gitlab/-/issues/340567 +Rails/IncludeUrlHelper: + Exclude: + - 'app/models/integrations/asana.rb' + - 'app/models/integrations/bamboo.rb' + - 'app/models/integrations/bugzilla.rb' + - 'app/models/integrations/campfire.rb' + - 'app/models/integrations/confluence.rb' + - 'app/models/integrations/custom_issue_tracker.rb' + - 'app/models/integrations/datadog.rb' + - 'app/models/integrations/discord.rb' + - 'app/models/integrations/ewm.rb' + - 'app/models/integrations/external_wiki.rb' + - 'app/models/integrations/flowdock.rb' + - 'app/models/integrations/hangouts_chat.rb' + - 'app/models/integrations/irker.rb' + - 'app/models/integrations/jenkins.rb' + - 'app/models/integrations/mattermost.rb' + - 'app/models/integrations/pivotaltracker.rb' + - 'app/models/integrations/redmine.rb' + - 'app/models/integrations/webex_teams.rb' + - 'app/models/integrations/youtrack.rb' + - 'app/presenters/alert_management/alert_presenter.rb' + - 'app/presenters/ci/pipeline_presenter.rb' + - 'app/presenters/environment_presenter.rb' + - 'app/presenters/gitlab/blame_presenter.rb' + - 'app/presenters/merge_request_presenter.rb' + - 'app/presenters/project_presenter.rb' + - 'app/presenters/prometheus_alert_presenter.rb' + - 'app/presenters/release_presenter.rb' + - 'app/presenters/releases/evidence_presenter.rb' + - 'ee/app/helpers/license_helper.rb' + - 'ee/app/models/integrations/github.rb' + - 'ee/app/presenters/merge_request_approver_presenter.rb' + - 'ee/spec/helpers/ee/projects/security/configuration_helper_spec.rb' + - 'ee/spec/lib/banzai/filter/cross_project_issuable_information_filter_spec.rb' + - 'ee/spec/lib/banzai/filter/issuable_state_filter_spec.rb' + - 'lib/gitlab/ci/badge/metadata.rb' + - 'spec/helpers/merge_requests_helper_spec.rb' + - 'spec/helpers/nav/top_nav_helper_spec.rb' + - 'spec/helpers/notify_helper_spec.rb' + - 'spec/lib/banzai/filter/issuable_state_filter_spec.rb' + - 'spec/lib/banzai/filter/reference_redactor_filter_spec.rb' + - 'spec/lib/banzai/reference_redactor_spec.rb' diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 09aa4471a4c16f7f0c62b6e35f4de860ed050366..b329c9df0f911b741ab7a0aa6b1e5a343266c542 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -315,7 +315,6 @@ Performance/MethodObjectAsBlock: # Configuration parameters: AutoCorrect. Performance/StringInclude: Exclude: - - 'app/helpers/groups_helper.rb' - 'app/models/snippet_repository.rb' - 'config/initializers/macos.rb' - 'config/spring.rb' diff --git a/.stylelintrc b/.stylelintrc index a4331811eb30e22169e23c45bba11b563a10fc7a..488e34dd7d4c013f2c9d8f15260f2d5975624cd8 100644 --- a/.stylelintrc +++ b/.stylelintrc @@ -13,6 +13,7 @@ "./scripts/frontend/stylelint/stylelint-utility-classes.js", ], "rules":{ + "at-rule-disallowed-list": ["extend"], "max-nesting-depth": [ 3, { diff --git a/.vscode/extensions.json b/.vscode/extensions.json new file mode 100644 index 0000000000000000000000000000000000000000..12cf49b5e4f5f640ff65021b6fa71d4aee985904 --- /dev/null +++ b/.vscode/extensions.json @@ -0,0 +1,5 @@ +{ + "recommendations": [ + "gitlab.gitlab-workflow" + ] +} diff --git a/CHANGELOG.md b/CHANGELOG.md index d271dd615b959141a68ca9b05f961a46d41a16b0..362ebae3c91e323f66a76ea85e60b54da7434dbc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,594 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 14.3.3 (2021-10-12) + +### Fixed (3 changes) + +- [Disable caching of MergeToRefService call in mergeability check](gitlab-org/gitlab@ea9f38fb3ce1f9b345ca699b5f9ae7b36726a56f) ([merge request](gitlab-org/gitlab!72179)) +- [Fix 2FA setup for users with no password](gitlab-org/gitlab@c6d5cdfc3fa1a1dc0a6686a8f189972c03403f7a) ([merge request](gitlab-org/gitlab!72179)) +- [Fix dependency proxy image prefix](gitlab-org/gitlab@deb9719db05e99dec787bd76c5e96408f92eb802) ([merge request](gitlab-org/gitlab!72179)) + +## 14.3.2 (2021-10-01) + +### Fixed (1 change) + +- [Update GitLab Shell to v13.21.1](gitlab-org/gitlab@9e9e41f2ae9bdb89355c0f9cef486950bbaf361c) ([merge request](gitlab-org/gitlab!71513)) + +### Changed (1 change) + +- [Remove `async_filtering` feature flag](gitlab-org/gitlab@c4277c1fed0de3d86694390641612bfcde30cc92) ([merge request](gitlab-org/gitlab!71513)) + +## 14.3.1 (2021-09-30) + +### Security (29 changes) + +- [Fix permissions check on project members import](gitlab-org/security/gitlab@63ba9ad2a1067eb74df493e273707bb64a13a197) ([merge request](gitlab-org/security/gitlab!1858)) +- [Require password param for 2FA changes](gitlab-org/security/gitlab@f246cfbd15344ba74a0182276bf63f0b5f1a4a31) ([merge request](gitlab-org/security/gitlab!1813)) +- [Respect disabled import sources when initiating import via API](gitlab-org/security/gitlab@046e964b0151fc8c58063281a39af063ffb678bd) ([merge request](gitlab-org/security/gitlab!1846)) +- [Return 404 if model id wasn't passed to UploadsController](gitlab-org/security/gitlab@747e6f0e4aec39462f296fd56b37df1c255d29cb) ([merge request](gitlab-org/security/gitlab!1843)) +- [Scrub artifacts signed URL in SendEntry logs](gitlab-org/security/gitlab@f6c57892ddc9518efaace1021346b42b4c805a1c) ([merge request](gitlab-org/security/gitlab!1840)) +- [Prevent double-impersonation and impersonation breakout](gitlab-org/security/gitlab@615d418f9315ca3b3619689c47201f618cf6bde9) ([merge request](gitlab-org/security/gitlab!1834)) +- [Clear session access tokens when starting/stopping impersonation](gitlab-org/security/gitlab@62c2e0d3ed73f2d7ded90d04fe232ff6ae2f6136) ([merge request](gitlab-org/security/gitlab!1831)) +- [Prevent users from bypassing 2FA on certain pages](gitlab-org/security/gitlab@0b41838b36da09a9230de4d8449040a701464de7) ([merge request](gitlab-org/security/gitlab!1827)) +- [Use validated URL when sending request to Gitea Importer](gitlab-org/security/gitlab@26731d762f6503fe1b8b509be11c56e77601a552) ([merge request](gitlab-org/security/gitlab!1822)) +- [Fix XSS in Jira link](gitlab-org/security/gitlab@d41060acb2aa151119042db9162a102d4e2c15ab) ([merge request](gitlab-org/security/gitlab!1819)) **GitLab Enterprise Edition** +- [Fix fogbugz importer DNS Rebind SSRF](gitlab-org/security/gitlab@cc13d57c66cc65e6f920bdeab57b9fdb9d6baac1) ([merge request](gitlab-org/security/gitlab!1814)) +- [Remove related project access tokens when a project is deleted](gitlab-org/security/gitlab@d32c0d57d5b39601034c4c4ae983ea80c05db429) ([merge request](gitlab-org/security/gitlab!1810)) +- [Require group admin access to list pending invites](gitlab-org/security/gitlab@911bb0cb78e00934c491af59729fa84fffae7676) ([merge request](gitlab-org/security/gitlab!1793)) +- [Do not export and import repository_size_limit](gitlab-org/security/gitlab@0f3feca459895fc6665f8b0dfc16d4dcd7112944) ([merge request](gitlab-org/security/gitlab!1770)) +- [Escapes MR approval rule names correctly](gitlab-org/security/gitlab@4fcd97230bbc31780fe14d75694bb6433d57e677) ([merge request](gitlab-org/security/gitlab!1807)) +- [Filter shared groups autocomplete by permitted](gitlab-org/security/gitlab@b5144abb0516af61686402c2ad720967d11cb03c) ([merge request](gitlab-org/security/gitlab!1804)) **GitLab Enterprise Edition** +- [Require access token for git when 2fa is required](gitlab-org/security/gitlab@ea22f67b47bf0d6c801f2bf6c9672c0ea5afd30c) ([merge request](gitlab-org/security/gitlab!1794)) +- [Prohibit anonymous access for specific user API endpoint](gitlab-org/security/gitlab@c52890997ad574812ae4da968f2f6ecfd9f7ff59) ([merge request](gitlab-org/security/gitlab!1792)) +- [Disable exporting pipeline triggers on project export](gitlab-org/security/gitlab@f7f18fbdd8e81a9b3e0650250316c7bb17ac1956) ([merge request](gitlab-org/security/gitlab!1791)) +- [Add pagination to dependencies API](gitlab-org/security/gitlab@203328889059564ba6085663b21355149c01e501) ([merge request](gitlab-org/security/gitlab!1726)) **GitLab Enterprise Edition** +- [Do not allow status checks to exist with external protected branches](gitlab-org/security/gitlab@327d8080e7e7b0bc77b7933f8026ec0cf1abd99a) ([merge request](gitlab-org/security/gitlab!1788)) **GitLab Enterprise Edition** +- [Permission check issuable template API data](gitlab-org/security/gitlab@de7851c2ab58c31df49c8a406ed0c3f3ad779e26) ([merge request](gitlab-org/security/gitlab!1785)) **GitLab Enterprise Edition** +- [Apply account locking to password reset page](gitlab-org/security/gitlab@050dfa71191ffaea77a4a18e0dea1f3336f40db5) ([merge request](gitlab-org/security/gitlab!1782)) +- [Enforce configured scopes for Oauth applications](gitlab-org/security/gitlab@ce83bb14b5a4521f889086a439f1628041843589) ([merge request](gitlab-org/security/gitlab!1779)) +- [Verify state before using errors from OAuth2 OmniAuth providers](gitlab-org/security/gitlab@dcc2cad6c03255ac70f29ed9c0f6c8bc11ac1018) ([merge request](gitlab-org/security/gitlab!1776)) +- [Prevent moving epic issues to different group hierarchy](gitlab-org/security/gitlab@167601717f2ad46fee2320af6ac49674026501be) ([merge request](gitlab-org/security/gitlab!1772)) **GitLab Enterprise Edition** +- [Fix GFM autocomplete xss](gitlab-org/security/gitlab@8816ab6af1d1aa752f22da7850d4d1c983f2d43a) ([merge request](gitlab-org/security/gitlab!1767)) +- [Prevent showing not allowed subgroup epics](gitlab-org/security/gitlab@b841c78c47b6a56b618186720bffc26922807356) ([merge request](gitlab-org/security/gitlab!1764)) **GitLab Enterprise Edition** +- [Fix denial-of-service attack in Markdown parser](gitlab-org/security/gitlab@5e5973b5c28862381729408ba4df650c3d4f7ce0) ([merge request](gitlab-org/security/gitlab!1730)) + +## 14.3.0 (2021-09-21) + +### Added (111 changes) + +- [Add organizations update mutation to GraphQL](gitlab-org/gitlab@9375734734a090d186da58cb5d1ece7d886318f8) by @leetickett ([merge request](gitlab-org/gitlab!69559)) +- [Auto-scope board to iteration cadence](gitlab-org/gitlab@3015a0232caa9641266130bd905942ece2758d16) ([merge request](gitlab-org/gitlab!69030)) +- [Decouple project runners queuing query from projects table](gitlab-org/gitlab@04a2a99342e8db67058ee6534e4166ca0a8a4914) ([merge request](gitlab-org/gitlab!70415)) +- [Add owner validation for project namespaces](gitlab-org/gitlab@a30da0a109d54f5254498d70977e3e2be69f9901) ([merge request](gitlab-org/gitlab!69201)) +- [Add ProjectNamespace model and DB relationships](gitlab-org/gitlab@6914cf3c13c2ca6f325ae273944f4c2172691451) ([merge request](gitlab-org/gitlab!69201)) +- [Upgrade Pages to 1.44.0](gitlab-org/gitlab@2e2263965716a3dd7c3f427f9876d50183a9a3ef) ([merge request](gitlab-org/gitlab!70484)) +- [Add docs on how to use AWS server side encryption for backups](gitlab-org/gitlab@00eeff9dd13ad4a515655630cc9f006ca2ec8c75) ([merge request](gitlab-org/gitlab!70327)) +- [Persist projects configured to use an Agent](gitlab-org/gitlab@3a80bebfcb49b4315c91d3ac3863f06d692fc000) ([merge request](gitlab-org/gitlab!67295)) +- [Enable Pages replication with Geo by default](gitlab-org/gitlab@5f9c6a945c6f46294ede78b5b1ae82b2d8239c92) ([merge request](gitlab-org/gitlab!70434)) **GitLab Enterprise Edition** +- [Address the PK Overflow risk for the ci_build_needs - Step 3](gitlab-org/gitlab@c789075c2907e6689d61e9f3c0ff6943018a4c9c) ([merge request](gitlab-org/gitlab!69473)) +- [Extend `marginalia` to provide `db_config_name`](gitlab-org/gitlab@24e07a2a61cc981f401fd886e39940305cc3699c) ([merge request](gitlab-org/gitlab!67328)) +- [Enable Roadmap daterange presets](gitlab-org/gitlab@3dccdb1fc8a795ea8e6fd23710362f0ef8b6a146) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/55639)) **GitLab Enterprise Edition** +- [Test project namespace is destroyed with project_namespace.rb](gitlab-org/gitlab@93ff65e15fa779f6ecebef03a98443972efd6222) ([merge request](gitlab-org/gitlab!69200)) +- [Add DastSiteValidations status filter (disabled)](gitlab-org/gitlab@dd35063df15f3e542487de378b988043b0c3f249) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70126)) **GitLab Enterprise Edition** +- [Allow using inherited description templates on service desk](gitlab-org/gitlab@1b8efb7913d6dbe562c01bfb0a1189cb7b939aef) ([merge request](gitlab-org/gitlab!67786)) **GitLab Enterprise Edition** +- [Gitaly repository tree keyset pagination](gitlab-org/gitlab@fd8c25e35a4e5126053ec534f0f3ac62167f3c2f) ([merge request](gitlab-org/gitlab!67509)) +- [Sort scoped labels first in issuable sidebar](gitlab-org/gitlab@622853e25838fc0a2e287bbf5ce3b6cfa79aa19a) by @leetickett ([merge request](gitlab-org/gitlab!67794)) +- [Enable surfacing false positives for vulnerabilities](gitlab-org/gitlab@9314dffe0d085d2db733d0ebf7f419683cd5e9b4) ([merge request](gitlab-org/gitlab!69700)) +- [Remove related todos when a design is archived](gitlab-org/gitlab@e3672ba77d7ff44d5782c3d2e359753184512e2d) ([merge request](gitlab-org/gitlab!69730)) +- [Updated vendored cluster management project tpl](gitlab-org/gitlab@e57a501ebef36140d1bfd860221ce6df3ed16635) ([merge request](gitlab-org/gitlab!69405)) +- [Configure the sidekiq job limits through settings](gitlab-org/gitlab@186465daacfe9c4b4205e2e1b1d168ff076d46af) ([merge request](gitlab-org/gitlab!68982)) +- [GraphQL for dependency proxy ttl policies](gitlab-org/gitlab@fc7454cc3dc87f9313b23bdfb62c0b75e138119c) ([merge request](gitlab-org/gitlab!68900)) +- [Track CI minutes usage on a monthly basis](gitlab-org/gitlab@c798d81ab3ca22d84e4e6463532ffdd4168ab99e) ([merge request](gitlab-org/gitlab!70183)) **GitLab Enterprise Edition** +- [Added connectivity status to Kubernetes Agents](gitlab-org/gitlab@236e20be245070d640d7821ccebb22ddb4d5ef39) ([merge request](gitlab-org/gitlab!69345)) **GitLab Enterprise Edition** +- [Display icon for hidden issues on group/project issue boards](gitlab-org/gitlab@e4d2dc410b8a69432a243b01f6c75f24593b3dc3) ([merge request](gitlab-org/gitlab!69558)) +- [Add milestoneWildcardId to board issues graphQL endpoint](gitlab-org/gitlab@75fd1f06a24b2b1b9a25c9adcfc828d4f462c17b) ([merge request](gitlab-org/gitlab!70105)) +- [Support multiple dbs in MigrationHelpers](gitlab-org/gitlab@cd71cf542b5f7f66a2d2bd1c71c0043a5ae7e080) ([merge request](gitlab-org/gitlab!67753)) +- [Add unauthenticated API throttle settings to admin area](gitlab-org/gitlab@2b4723b543c4699ced0c41d9254759ca1f76807a) ([merge request](gitlab-org/gitlab!69486)) +- [Apply throttling settings for unauthenticated API requests](gitlab-org/gitlab@356b77296604b00623048052d2e7122ddbd1f44a) ([merge request](gitlab-org/gitlab!69388)) +- [Add `throttle_unauthenticated_api_*` columns to application settings](gitlab-org/gitlab@004732b07e95d0712423ea67762f3ebb1134e88a) ([merge request](gitlab-org/gitlab!69384)) +- [Track resolving a thread through a new issue action](gitlab-org/gitlab@b02e032ac476de9f77d0449390e037bb43c7a08a) ([merge request](gitlab-org/gitlab!69879)) +- [Reject pending approval users via API](gitlab-org/gitlab@27e2be86ff3aaa89bf49e339f88fe81288785c08) ([merge request](gitlab-org/gitlab!69420)) +- [Add connected agents to cluster agents GraphQL response](gitlab-org/gitlab@05430d7a153990ee7c736c70d74ab99f06af847f) ([merge request](gitlab-org/gitlab!69820)) **GitLab Enterprise Edition** +- [Introduce max saml message size setting](gitlab-org/gitlab@93d46378eccb37ae33875a6f7615a69ff106b98f) ([merge request](gitlab-org/gitlab!69647)) **GitLab Enterprise Edition** +- [Add group contacts query to GraphQL](gitlab-org/gitlab@d7dd36719ac1b99ca6aa97d731f14cf81a9d5288) by @leetickett ([merge request](gitlab-org/gitlab!69510)) +- [Merge branch '322839-dp-graphql-image-prefix' into 'master'](gitlab-org/gitlab@1803322077256145581df58aa38ec513dfd41d7e) ([merge request](gitlab-org/gitlab!69114)) +- [Enable ci_build_tags_limit by default](gitlab-org/gitlab@bfcb5bc84f40a169485360d01e19590a8653ceb5) ([merge request](gitlab-org/gitlab!69506)) +- [Reimplement tree pagination for Rugged](gitlab-org/gitlab@cd3dc3ad6b25ae0d09925ea14f15b5a32f69b2bd) ([merge request](gitlab-org/gitlab!69480)) +- [Address the PK Overflow risk for the ci_build_trace_chunks - Step 3](gitlab-org/gitlab@3752ea6ceff6c1e1e4e3815e95c6fc47db5aaa61) ([merge request](gitlab-org/gitlab!69632)) +- [Address the PK Overflow risk for the ci_builds_runner_session - Step 3](gitlab-org/gitlab@8001124342e180f40bc0d15c2a0b9ba5583d2bc2) ([merge request](gitlab-org/gitlab!68542)) +- [Apply throttling settings to Files API](gitlab-org/gitlab@2773f95d533d14a7903d2c8217abdd26ceaba5f3) ([merge request](gitlab-org/gitlab!68561)) +- [Add more details to Protected Branches Audit Events](gitlab-org/gitlab@42a399f7ef30a0cc4d1e69ced5a29c7dcf3dc17d) by @adrien.gooris ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68869)) **GitLab Enterprise Edition** +- [Allow sorting issues by their title](gitlab-org/gitlab@f667b284592af7054843447833900faddd6c6d34) by @espadav8 ([merge request](gitlab-org/gitlab!67234)) +- [Added filter bar to project VSA](gitlab-org/gitlab@89c078668b1e26e4dd611938ebc64e8927186d53) ([merge request](gitlab-org/gitlab!67340)) +- [Track CI minutes notifications for new monthly tracking](gitlab-org/gitlab@936681b6ebf237e2c447f3cf6ea219e6bac9ed60) ([merge request](gitlab-org/gitlab!69059)) +- [Support refname in external repo CI configuration](gitlab-org/gitlab@8909656ce7d3c2263e7bc72d0462af1bcfa9110d) by @jspricke ([merge request](gitlab-org/gitlab!68603)) +- [Keyset pagination for Groups API](gitlab-org/gitlab@4c9e7cc5721d8e7adc00c847e2f6e08df2284f45) ([merge request](gitlab-org/gitlab!68346)) +- [repository: Always use `ListBlobs()` to enumerate new blobs](gitlab-org/gitlab@fb65481d34cde47ef98a5a1d62ba5a5befa11b93) ([merge request](gitlab-org/gitlab!69449)) +- [Add `latest` column into `security_scans` table](gitlab-org/gitlab@794d1c2f328e137f406d1019815caf40bc77d6da) ([merge request](gitlab-org/gitlab!69494)) +- [Add not filters for MR Analytics](gitlab-org/gitlab@55f86ef9655046de591734a144436fa769fc0602) ([merge request](gitlab-org/gitlab!69359)) **GitLab Enterprise Edition** +- [Validate user website_url](gitlab-org/gitlab@f651f986e457e4c4a0e96138c0d4b9e96ac91801) ([merge request](gitlab-org/gitlab!69624)) +- [Adding terraform fmt to the Terraform template](gitlab-org/gitlab@fb2c1d72491c7f989f6d7a2e3b4d570017821edc) by @willianpaixao ([merge request](gitlab-org/gitlab!69470)) +- [Address the PK Overflow risk for the ci_sources_pipelines - Step 3](gitlab-org/gitlab@07f34bb1a5319fb9ba513b1d562e7edd7b178f46) ([merge request](gitlab-org/gitlab!69281)) +- [Added /unapprove quick-action](gitlab-org/gitlab@f376e95272507f7aeae099aa8fff1df460c0b588) by @lzampier ([merge request](gitlab-org/gitlab!69225)) **GitLab Enterprise Edition** +- [Split diff commit migrations into smaller chunks](gitlab-org/gitlab@bcf1f22361561dac505304fb617d7e444622c8b5) ([merge request](gitlab-org/gitlab!69392)) +- [Add `hidden` field to GraphQL `Issue` type](gitlab-org/gitlab@2c7c87c03477aa01b323ee6162c8b7e182215939) ([merge request](gitlab-org/gitlab!69323)) +- [Add ProjectNamespace model and DB relationships](gitlab-org/gitlab@75efa8f4348770d0978c399b0439f57b5d6ecc4a) ([merge request](gitlab-org/gitlab!68825)) +- [Add dependency proxy image prefix to group type](gitlab-org/gitlab@7005dd077fb148fcbbbb9f18b3694719179bf070) ([merge request](gitlab-org/gitlab!69114)) +- [Backfill projects with CI coverage usage](gitlab-org/gitlab@1b1bf867fe2dbb4d933243f53135a264488e1ac4) ([merge request](gitlab-org/gitlab!69115)) +- [Add Mailgun endpoint for receiving permanent failures](gitlab-org/gitlab@9c8a128ea056ee9170c7a32ad28a65900ec873aa) ([merge request](gitlab-org/gitlab!68307)) +- [Clean up group_level_protected_environments feature flag](gitlab-org/gitlab@38ed6acf94b2609365c52522070c0c5218d67bc4) ([merge request](gitlab-org/gitlab!69272)) +- [Add paginated tree graphQL query](gitlab-org/gitlab@edf6a2599a55d62a14ca5489b7db2c7f8b0051e7) ([merge request](gitlab-org/gitlab!69274)) +- [Auto-DevOps: respect deploy freezes](gitlab-org/gitlab@ebb55727b36a3d21752838d0effd74a4ae435062) ([merge request](gitlab-org/gitlab!69205)) +- [Add new VSA partitioned tables](gitlab-org/gitlab@0a29fd921e219835fb8529f42fad9a735a92f3b5) ([merge request](gitlab-org/gitlab!68950)) +- [Readding state column for members table](gitlab-org/gitlab@3c8ef22d59796a48a4fb447b4d2c2b7bb128bbb9) ([merge request](gitlab-org/gitlab!69220)) +- [Address the PK Overflow risk for the ci_job_artifacts - Step 3](gitlab-org/gitlab@773a7ec9993ba960fe4da208f5d76037dc911459) ([merge request](gitlab-org/gitlab!68770)) +- [Add organizations to GraphQL](gitlab-org/gitlab@b0e0e336ddc722ff093763e307ba6e619aaac4d3) by @leetickett ([merge request](gitlab-org/gitlab!69318)) +- [Mark the PostReceive worker as idempotent](gitlab-org/gitlab@cb87e136cbb7edae9a25e6eae903287ec8f99d5a) ([merge request](gitlab-org/gitlab!69305)) +- [Added connectivity status to Kubernetes Agents](gitlab-org/gitlab@9a15f565fcd54585209eb70348acad48c11cd38d) ([merge request](gitlab-org/gitlab!69345)) **GitLab Enterprise Edition** +- [Use Gitaly API to sort tags](gitlab-org/gitlab@f94c86655c131ebd58e00137ddedc6b592321eda) ([merge request](gitlab-org/gitlab!69101)) +- [Promote continuous onboarding A variant](gitlab-org/gitlab@6726be7f1bce5510e107dd8eff4964ff5484607b) ([merge request](gitlab-org/gitlab!68965)) +- [Allow support for description lists in content editor](gitlab-org/gitlab@32b0de5f5306cb597b8b22ef0c3a527bef792e9c) ([merge request](gitlab-org/gitlab!69149)) +- [Support AWS SSE-KMS in backups](gitlab-org/gitlab@3963b2511f01c84ab60b272ea10d4c47dba2ac02) ([merge request](gitlab-org/gitlab!64765)) +- [Add new methods to support the PK migration - STEP 3](gitlab-org/gitlab@bccdbd7d6fab25bf03168c36f7901138e7624b53) ([merge request](gitlab-org/gitlab!68849)) +- [Add ability to Delete Freeze Periods](gitlab-org/gitlab@a28b5a4a1f4efa190cdec5e5d7cf94eed247cf18) by @jayaddison ([merge request](gitlab-org/gitlab!66331)) +- [Add DevOps Adoption Overview table](gitlab-org/gitlab@f3f97c345e9415ff777df671b689778f23753efb) ([merge request](gitlab-org/gitlab!68447)) **GitLab Enterprise Edition** +- [Render video in content editor](gitlab-org/gitlab@7fedc5e0e49733087a9db7943e4f6fdf5d0e40ec) by @leetickett ([merge request](gitlab-org/gitlab!69169)) +- [Upgrade GitLab Pages to 1.43.0](gitlab-org/gitlab@1d8174ef6967f8b938e5e5d29baef591acb39559) ([merge request](gitlab-org/gitlab!69213)) +- [Requirement migration: Sync title and description changes](gitlab-org/gitlab@0e35aed745501b6927737bf6f91813a972fb4011) ([merge request](gitlab-org/gitlab!64929)) **GitLab Enterprise Edition** +- [Render audio in content editor](gitlab-org/gitlab@933fe8e190a740cac6832f4fce589f9a78edc879) by @leetickett ([merge request](gitlab-org/gitlab!68598)) +- [Adds k8s 1.20 to EKS list](gitlab-org/gitlab@051061a011b4fae351bdbe7924a524e374c34a58) ([merge request](gitlab-org/gitlab!69094)) +- [API: Add endpoint to reset runner registration token](gitlab-org/gitlab@0fff8430cce18307af5af6758fb17079b2ade55c) by @KyleFromKitware ([merge request](gitlab-org/gitlab!68590)) +- [Add personalization questions to group creation](gitlab-org/gitlab@9a0cfbd18ff9d82109495395197ed568300b2fd5) ([merge request](gitlab-org/gitlab!67249)) +- [Fix unban specs](gitlab-org/gitlab@253ee313ecca7ca6ddc454c879d2400ddfe4fc88) ([merge request](gitlab-org/gitlab!68332)) +- [Log backtrace when SAVEPOINT is discovered](gitlab-org/gitlab@19e38656b64d062f3ce51840718ab25da0038ff7) ([merge request](gitlab-org/gitlab!69023)) +- [Improve serialization of content editor extensions](gitlab-org/gitlab@7105591794230453ac15434e9d11115c69d01305) ([merge request](gitlab-org/gitlab!68877)) +- [Removes load_balancing_for_expire_job_cache_worker FF](gitlab-org/gitlab@2d89ab5f53635b31fa151a23dcf234c67897bff6) ([merge request](gitlab-org/gitlab!69004)) +- [Enable the FF ci_include_rules by default](gitlab-org/gitlab@396a922cd0dcdd1ea54d951da3f19cf76e3d03c3) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/67409)) +- [Allow arbitrary html tags in content editor](gitlab-org/gitlab@ce0f7f66c9c7781b849fc707f5b9853f91d5d843) ([merge request](gitlab-org/gitlab!68224)) +- [Expose web_url to Compare API endpoint](gitlab-org/gitlab@aea0869776dd9ca4770721d164fc79ebed2e7e9e) ([merge request](gitlab-org/gitlab!68676)) +- [Add configure integrations button to project view](gitlab-org/gitlab@c14589e70baacf5d406fb2e604c2bd5c0525225d) ([merge request](gitlab-org/gitlab!67536)) +- [Steal pending merge request diff commit user jobs](gitlab-org/gitlab@b98a2d0c6164e81cae5b6f739f0fc7bf9aa930f2) ([merge request](gitlab-org/gitlab!68769)) +- [Database work to support inherited templates on service desk](gitlab-org/gitlab@200fe009bd68086edc0127346f28224159f471cb) ([merge request](gitlab-org/gitlab!67546)) +- [Add param to allow scoped caching of Repo#merge_to_ref](gitlab-org/gitlab@84a4415eb01bbbb175235ffdf4ad9a499c28ce89) ([merge request](gitlab-org/gitlab!68790)) +- [Allow to create epic from ancestor board](gitlab-org/gitlab@a077194fdd8b9b66a90284cfa27a6d9728dc86f4) ([merge request](gitlab-org/gitlab!68039)) **GitLab Enterprise Edition** +- [BG migration for populating stage event hash](gitlab-org/gitlab@c91abc0d5b37e6a414fd69398a0db36482b00922) ([merge request](gitlab-org/gitlab!67939)) +- [Add VulnerabilityCreate GraphQL mutation](gitlab-org/gitlab@51205f5519b3f0ce5319678a61292dbeee946cd4) ([merge request](gitlab-org/gitlab!68158)) **GitLab Enterprise Edition** +- [Add direct group dependency proxy env variable](gitlab-org/gitlab@62e16f4d71849b5b4038e945471d73f324ba483f) ([merge request](gitlab-org/gitlab!68661)) +- [Persist groups configured to use an Agent](gitlab-org/gitlab@09c33dc7073cd8e382b664166a22b2cbf4b1f968) ([merge request](gitlab-org/gitlab!68023)) +- [Test case return 404 instead of 500 error](gitlab-org/gitlab@cfc199ab2bb888e6814424aa1ac334339be32004) ([merge request](gitlab-org/gitlab!68548)) **GitLab Enterprise Edition** +- [Add approvalRules to MergeRequest GraphQL API](gitlab-org/gitlab@8339099bc6d88d745cf24d6eb43dd33e051992c1) ([merge request](gitlab-org/gitlab!68502)) **GitLab Enterprise Edition** +- [Add Files API throttling to application settings](gitlab-org/gitlab@e989361e3f24e19af6e3a61794ac915f3492e8aa) ([merge request](gitlab-org/gitlab!68559)) +- [Add support for fetching merge requests via RSS / Atom](gitlab-org/gitlab@5afc10add8dea007a32b5e2c986b0d37f2e5040b) by @kingjan1999 ([merge request](gitlab-org/gitlab!66336)) +- [Enable new vulnerability report project filter by default](gitlab-org/gitlab@4dd50c39dda68f2ea5de29d721002503ca6b7535) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68456)) +- [Allow title attribute in elements in content editor](gitlab-org/gitlab@29e0ecb1f9df1b420b7ee9a125b14dc990c9abcc) ([merge request](gitlab-org/gitlab!68086)) +- [Allow editing the structure of tables](gitlab-org/gitlab@06cd45afb825847037b9cd3f36db98a9073504e4) ([merge request](gitlab-org/gitlab!68473)) +- [Adds a button to retry a failed migration](gitlab-org/gitlab@0037970cf71f97ec6630ebfe8541399d0931840a) ([merge request](gitlab-org/gitlab!67504)) +- [Add system note for issue type changes](gitlab-org/gitlab@b8881bd71b52a484ba2c42e8e7db27a1305adeee) ([merge request](gitlab-org/gitlab!68239)) +- [Add contacts table and model](gitlab-org/gitlab@13f5241af4c923b39021217700ffd741df049c39) by @leetickett ([merge request](gitlab-org/gitlab!67985)) +- [Add oncall_users to oncall schedule Graphql type](gitlab-org/gitlab@077b9a1d6a2ff9938e47f049badb3a2ef667ecf5) ([merge request](gitlab-org/gitlab!68237)) **GitLab Enterprise Edition** +- [Add gauge metric on ci queue size](gitlab-org/gitlab@d86702b9dcc2a84c5b9c771dfc9f8412d3cf3d64) ([merge request](gitlab-org/gitlab!67420)) + +### Fixed (120 changes) + +- [Fix AddUpvotesToMergeRequests migration](gitlab-org/gitlab@7b1870038d4cb494156908acf58fe4159f69357c) ([merge request](gitlab-org/gitlab!70594)) **GitLab Enterprise Edition** +- [Add yAxis formatter](gitlab-org/gitlab@a3f4b8e6645e43f1f7ae1cbf0920f4274605ae6d) ([merge request](gitlab-org/gitlab!70373)) +- [Fix composer package version regex](gitlab-org/gitlab@5bc407b1fada44f5b30f39930906edc6d784193c) by @leopold.jacquot ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70251)) +- [Use configurable page size for jobs in stages](gitlab-org/gitlab@c3eb03198bc08b2428a5fa92168d5fea8a6d9f2b) ([merge request](gitlab-org/gitlab!69853)) +- [Fix for approval check popover bug](gitlab-org/gitlab@03d3f3b7c651ccacb6b1246c3124209d2da6e66b) ([merge request](gitlab-org/gitlab!65579)) **GitLab Enterprise Edition** +- [Shorten session TTL of anonymous blob access](gitlab-org/gitlab@7196ca925f9b8ce5f569a72736649998cecb0f8c) ([merge request](gitlab-org/gitlab!70444)) +- [Makes kubectl annotate work in Helm 2to3 migration Jobs](gitlab-org/gitlab@645cf7a48bd0b7e717fa4fb30323911d59b62baf) by @erik.forsberg ([merge request](gitlab-org/gitlab!70389)) +- [Use the correct project path in generated `KUBECONFIG` file](gitlab-org/gitlab@57d828bf8f7aa3071900aa0501536ccc7a492a39) ([merge request](gitlab-org/gitlab!70452)) **GitLab Enterprise Edition** +- [Removes cleanup job from Terraform.latest](gitlab-org/gitlab@239253ecce15f7ca968c4eee70c679174094d264) ([merge request](gitlab-org/gitlab!70383)) +- [Geo Nodes - Fix flex alignment](gitlab-org/gitlab@bdaf430386a34352ed9c75d4b0d64bf551ff20b4) ([merge request](gitlab-org/gitlab!70319)) **GitLab Enterprise Edition** +- [Do not cache user email from github if email is nil/private](gitlab-org/gitlab@c89d61bee17af1da2bcd10de9531e72db3287c72) ([merge request](gitlab-org/gitlab!70293)) +- [Change non-breaking space to space in email](gitlab-org/gitlab@5d7259c8438038fa42d4cc131087c48465975611) by @scootergrisen ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70202)) +- [Add metric to service ping if has defintion](gitlab-org/gitlab@c75e2c57c2785eb046e991430ecdb0838e7794e5) ([merge request](gitlab-org/gitlab!70061)) +- [Open reply box on resolved design discussions](gitlab-org/gitlab@c931fa4fcda640d757749bd8dbd3b0275acc04df) ([merge request](gitlab-org/gitlab!70359)) +- [Add GraphQL type for agent metadata](gitlab-org/gitlab@e06c6cf6a9f3c3abc1023cc1b97cce4257810120) ([merge request](gitlab-org/gitlab!70343)) **GitLab Enterprise Edition** +- [Include author in commit message from core team community members](gitlab-org/gitlab@092b24472af34fdbdc36f6a799700b77043bc665) by @leetickett ([merge request](gitlab-org/gitlab!69076)) +- [Refactor the helm presenter](gitlab-org/gitlab@78b3bba1b1f53774f8c6d5bc619aef14308920bc) ([merge request](gitlab-org/gitlab!69223)) +- [Prevent vuln table header from cutting off dropdown](gitlab-org/gitlab@8d7b32f5ed8fdfe9f17327218359edf8b97ffc54) ([merge request](gitlab-org/gitlab!69954)) **GitLab Enterprise Edition** +- [Only render "No artifacts found" when not loading](gitlab-org/gitlab@c6118524ecfa768e3d630333b41d470949dd6982) ([merge request](gitlab-org/gitlab!68843)) +- [Upgrade fog-aws to v3.12.0](gitlab-org/gitlab@9b8ffd2b223c70c3c7f20336ea36b20fec05739b) ([merge request](gitlab-org/gitlab!68969)) +- [Fix Geo Pages replication for selective sync](gitlab-org/gitlab@fd5fabbc4b05c29070446229d9bb7bc229cd957a) ([merge request](gitlab-org/gitlab!70190)) **GitLab Enterprise Edition** +- [Dynamically read pool sizes for LB configurations](gitlab-org/gitlab@4082c09a3ad3bae0cc14fdb16cfd233ca2e445cf) ([merge request](gitlab-org/gitlab!70060)) +- [tags: Always enable fix for verification of long tag messages](gitlab-org/gitlab@cc9556429a2b3b84c847db0230733f7e84edb2be) ([merge request](gitlab-org/gitlab!70051)) +- [Fix editing network policies without policy management project](gitlab-org/gitlab@c7ebc9e085b02866209b875a093898714927109a) ([merge request](gitlab-org/gitlab!70171)) **GitLab Enterprise Edition** +- [Fix not being able to delete unparseable policies](gitlab-org/gitlab@95a0902078fee35139af77d7c9d74a89510260d4) ([merge request](gitlab-org/gitlab!70114)) **GitLab Enterprise Edition** +- [Check if root ancestor has an active trial](gitlab-org/gitlab@53262f665b20643c56837c7be584995606529a07) ([merge request](gitlab-org/gitlab!70109)) +- [Fix text ellipsis on linked issues/MRs](gitlab-org/gitlab@6aa0ef81bde3b50b4e3bf3432034ce1c7a1a8af4) ([merge request](gitlab-org/gitlab!70049)) +- [Fix overlap of error message and sidebar on boards](gitlab-org/gitlab@da57dc643fe2a8bf7961a3887125c6af0b3b083d) ([merge request](gitlab-org/gitlab!70030)) +- [Use global ids when updating board scope](gitlab-org/gitlab@d108201135744f9d5cda69a99b6e47710bca07a6) ([merge request](gitlab-org/gitlab!69715)) **GitLab Enterprise Edition** +- [Fix displaying label text in labels dropdown in dark mode](gitlab-org/gitlab@c6009408c64edc50b889603c24bc408b0f73289d) ([merge request](gitlab-org/gitlab!70037)) +- [Don't release primary connections in the DB LB](gitlab-org/gitlab@95d3ff341cafd8fd5098fefbc7847c93603c9adc) ([merge request](gitlab-org/gitlab!69988)) +- [Add epic board scope to newly created epic](gitlab-org/gitlab@9a6a760c7c042a1d0a091ca8cf9213a954154234) ([merge request](gitlab-org/gitlab!70028)) **GitLab Enterprise Edition** +- [Invalidate ES namespace cache when transferring groups](gitlab-org/gitlab@64b6bc923b511842a6104a30b1556e26e80e82b3) ([merge request](gitlab-org/gitlab!70005)) **GitLab Enterprise Edition** +- [Use SafeRequestStore in the DB LB](gitlab-org/gitlab@2584f6ea38e2c08c5a71af70a9871cf6e480274a) ([merge request](gitlab-org/gitlab!70003)) +- [Fix display of relative/absolute time in PAT and deploy token tables](gitlab-org/gitlab@c504b0bb363e828a4a79884fbdc622e7962e4fe7) ([merge request](gitlab-org/gitlab!66262)) +- [Symbolize load balancer configuration keys](gitlab-org/gitlab@0952ac82795ce9c3ca7825e6dc71313be7e5a494) ([merge request](gitlab-org/gitlab!69995)) +- [Fix GitHub Importer outdated diff notes not showing](gitlab-org/gitlab@bc2f24820aed2370994e94abcd731cc88768025b) ([merge request](gitlab-org/gitlab!69977)) +- [Fix Elastic::MigrationWorker current_migration](gitlab-org/gitlab@f682052a0d2a76814d0b90c7e66e4a483dfc487e) ([merge request](gitlab-org/gitlab!69958)) **GitLab Enterprise Edition** +- [Fix comments cutting off the left side of wide characters](gitlab-org/gitlab@f7f0b0dc927c080fa9c00b5d054ff996482f0a73) ([merge request](gitlab-org/gitlab!69952)) +- [Make group and project fields fullPath argument case-insensitive](gitlab-org/gitlab@37d2f7218518448c9ac4cea384cf1235f41f4e3e) ([merge request](gitlab-org/gitlab!69924)) +- [Prevent opening sidebar when clicking on board card title](gitlab-org/gitlab@3f93050618e09642988331c174b9c672ccd0cb65) ([merge request](gitlab-org/gitlab!69720)) +- [Do not cache .terraform.lock.hcl](gitlab-org/gitlab@5b41e03bb0610b28c32665b8670cca5fb839cade) ([merge request](gitlab-org/gitlab!68269)) +- [Prevent creation of too long file name](gitlab-org/gitlab@7136f5941f261917f51864612ac7b567d7bf94ed) ([merge request](gitlab-org/gitlab!69500)) +- [Ensure Milestones Are Displayed With Few Results](gitlab-org/gitlab@146c481dd419a5dd007f140e5747a6541ef63726) ([merge request](gitlab-org/gitlab!69507)) +- [Replace vsa stage slug with id](gitlab-org/gitlab@97d5c52a76708f05c0f1481384425345d820663f) ([merge request](gitlab-org/gitlab!69640)) **GitLab Enterprise Edition** +- [Load config variables from external project](gitlab-org/gitlab@6b5b4096127a4ee32033aa4b398f2f5f9fc73c81) ([merge request](gitlab-org/gitlab!69646)) +- [Fix creating issue in milestone list](gitlab-org/gitlab@e7b3a1184cfe110ad6c70eb13df989b6ef8385f4) ([merge request](gitlab-org/gitlab!69529)) **GitLab Enterprise Edition** +- [Fix header order in CI/CD pipeline's job tab](gitlab-org/gitlab@f2988ee52d59ffe4ba9bf57e758843360446ddac) by @JonstonChan ([merge request](gitlab-org/gitlab!69704)) +- [Make RepositoryUpdateMirrorWorker idempotent](gitlab-org/gitlab@0c05d8b8159b4944f356a8c544b9a5659e16a7b0) ([merge request](gitlab-org/gitlab!69725)) +- [Fix selected for User#commit_email input](gitlab-org/gitlab@bdca30a81d444a812d0521087d93f83c11573dfe) ([merge request](gitlab-org/gitlab!69234)) +- [Allow additional minute transfer for Users](gitlab-org/gitlab@d480822075a6f5abb5f68d998fb1a0525b47551b) ([merge request](gitlab-org/gitlab!69556)) **GitLab Enterprise Edition** +- [Fix labels applied to a wrong issue](gitlab-org/gitlab@9534cf6211f0e2323c16559fa9f5c303f648bb47) ([merge request](gitlab-org/gitlab!69609)) +- [Max width for sidebar dropdown widgets](gitlab-org/gitlab@eb9fab5271ab43ad6abfd2c73e80ee02efb2952d) ([merge request](gitlab-org/gitlab!68431)) +- [Fix yaml viewer padding not changing color](gitlab-org/gitlab@925866290aebe058d56f6c76372f46a7c1984db9) ([merge request](gitlab-org/gitlab!69563)) **GitLab Enterprise Edition** +- [Remove paste event listener on destroy](gitlab-org/gitlab@966a4c283c5a1c7dc8346900b1dd1d53d99c7a72) ([merge request](gitlab-org/gitlab!69453)) +- [Fix formatting bubble menu in Content Editor](gitlab-org/gitlab@a9c73f1841e174b2074891332004f0bb4f06556e) ([merge request](gitlab-org/gitlab!69324)) +- [Fix group membership CSV export for invited users](gitlab-org/gitlab@732b8b8c9df18be50a63255d6be6755d9e5aaa1a) ([merge request](gitlab-org/gitlab!69065)) +- [Remove table-layout: fixed style from the tree table of files](gitlab-org/gitlab@80a1c6de952caa6a7b86146358f06c3bb0ca106c) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69445)) +- [Remove the existing duplicates of DastSiteTokens](gitlab-org/gitlab@2f345de94bdc7fe3cb3d6365dcfc641bc401a064) ([merge request](!68578)) +- [Update Audit Logging for Feature Flags](gitlab-org/gitlab@cc12468fc905ba407d21a6ffc71214d10700ae92) ([merge request](gitlab-org/gitlab!68408)) +- [Error on newlines in sidekiq-cluster arguments](gitlab-org/gitlab@91e7b17cd14b89170d1668f82bf8b7be64daac4e) ([merge request](gitlab-org/gitlab!69237)) +- [Reduce DA pagerefresh rate](gitlab-org/gitlab@bb4867bd04d847afcd78176cb9623fab8103d1aa) ([merge request](gitlab-org/gitlab!69056)) **GitLab Enterprise Edition** +- [Fix security report schema validation](gitlab-org/gitlab@2b0a3380764ca20ab491507db020462fea23ca72) ([merge request](gitlab-org/gitlab!69292)) **GitLab Enterprise Edition** +- [Fix disappearing badge in commit image thread edit](gitlab-org/gitlab@7dac314f249d49671ea92c8853d43da4e6a31319) ([merge request](gitlab-org/gitlab!69137)) +- [Fix - Some users cannot move issues in epic swimlanes](gitlab-org/gitlab@d5536cfab1482edb2c15c8d5bb6f7a8ed6416a50) ([merge request](gitlab-org/gitlab!68922)) **GitLab Enterprise Edition** +- [Logged out users can view public group epic boards](gitlab-org/gitlab@a067f7517613aa47e0bfcaafb5db06fcb1c83b30) ([merge request](gitlab-org/gitlab!69218)) **GitLab Enterprise Edition** +- [Reschedule 'ExtractProjectTopicsIntoSeparateTable' post migration](gitlab-org/gitlab@7f45515dd4f820f6902088d0ef807f6177db2661) by @wwwjon ([merge request](gitlab-org/gitlab!69199)) +- [Update relative positions on querying board issues](gitlab-org/gitlab@9729e06b523270f3cd1f1ba66e5d737569923e1a) ([merge request](gitlab-org/gitlab!68715)) +- [Patch `grape-entity` to prevent having NameError loop](gitlab-org/gitlab@28fc953b70044d792a06562c7f3b22249287e5eb) ([merge request](gitlab-org/gitlab!69040)) +- [Catch Helm invalid versions](gitlab-org/gitlab@443a3d8b9ed320364ee7790fecfefea6a5973521) by @sathieu ([merge request](gitlab-org/gitlab!68976)) +- [Fix broken image for runner templates](gitlab-org/gitlab@54b92d1d447ab60000fda7d75da4fdc4d68bfdf6) ([merge request](gitlab-org/gitlab!69080)) +- [Disallow editing the environment name](gitlab-org/gitlab@e2468c614ed0f72c2e10d1948ea09fc5a23d1740) ([merge request](gitlab-org/gitlab!68550)) +- [Fix visibility reference check](gitlab-org/gitlab@7fb9af870057569036d81556bc94a4e3e494d9a9) ([merge request](gitlab-org/gitlab!68174)) +- [Add missing graphQL ids](gitlab-org/gitlab@2ca888d789103d9219fb6320f670e0d9454f40fb) ([merge request](gitlab-org/gitlab!68948)) +- [Don't override setup_for_company in subscription flow](gitlab-org/gitlab@578273be68978108e50ebf6f5385d02beb588ca3) ([merge request](gitlab-org/gitlab!68868)) +- [Skip highlighting cache for diffs with unsupported characters](gitlab-org/gitlab@d5a1dd7429dae38a747b9a042b3fa7eea942ef1e) ([merge request](gitlab-org/gitlab!69069)) +- [Use the last Helm chart when downloading](gitlab-org/gitlab@9dfd15f6876710df96539410f4982311ee811deb) by @sathieu ([merge request](gitlab-org/gitlab!68968)) +- [Fix OrphanedInviteTokensCleanup migration](gitlab-org/gitlab@affc79c69873e73ec5b3cf7fcf74857ab4f663ce) ([merge request](gitlab-org/gitlab!68784)) +- [Fix downstream counter badge link](gitlab-org/gitlab@9b029853aa86194727cc980113cc46a260e814b1) ([merge request](gitlab-org/gitlab!68962)) **GitLab Enterprise Edition** +- [Only set User#commit_email with user input](gitlab-org/gitlab@e467a3b438ebd5ec99853a5d48b1aae1b0668aaa) ([merge request](gitlab-org/gitlab!68591)) +- [Fix Connection#exists? when using the DB LB](gitlab-org/gitlab@abbc8b8f10a70a1ecd92aa7c17161247b599bf8c) ([merge request](gitlab-org/gitlab!68855)) +- [Fix contributors detection in changelog generation](gitlab-org/gitlab@35d6b799c0179e4f829f8221dd5598264f0a15b4) ([merge request](gitlab-org/gitlab!68938)) +- [Downgrade grpc from 1.38.0 to 1.30.2](gitlab-org/gitlab@f427fdfaae7fe1495f1e68ec5cf0ac1fe1240c27) ([merge request](gitlab-org/gitlab!68865)) +- [Let non-members set confidential flag on issue](gitlab-org/gitlab@518fe9a1124bc3606d06d6c23198c9426bd93b17) ([merge request](gitlab-org/gitlab!68459)) +- [Fix displaying weight of 0 for issues in epic tree](gitlab-org/gitlab@7a7f95f0876916af15c04a229217b7c6ece91067) ([merge request](gitlab-org/gitlab!68914)) **GitLab Enterprise Edition** +- [Fix epic swimlanes list drag drop reordering](gitlab-org/gitlab@2dd83ce4acfd7c4c44544274f8372a727c18dd82) ([merge request](gitlab-org/gitlab!68908)) **GitLab Enterprise Edition** +- [Show create-jira on pipeline and MR when enabled](gitlab-org/gitlab@e32b110729de421293bd93498e9bc2ec6db66503) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68821)) **GitLab Enterprise Edition** +- [Fix new project page in dark mode](gitlab-org/gitlab@3356ff712058380d00ea2b50138c4f7c5b00abea) ([merge request](gitlab-org/gitlab!68102)) +- [Move service_desk_setting to CE in project import export](gitlab-org/gitlab@11b05504e967a93284dd2c3a3241f0376ddbd077) by @leetickett ([merge request](gitlab-org/gitlab!68896)) +- [Add default option to notification_email input](gitlab-org/gitlab@6b07127a00ab998eed3057fc1bfff9a0659c6d3f) ([merge request](gitlab-org/gitlab!68687)) +- [Fix overflowing text in OmniAuth login buttons](gitlab-org/gitlab@8524712d083cd83f1f7f381942ef019cc40b1e3a) ([merge request](gitlab-org/gitlab!68884)) +- [Use `binary` property on the file object](gitlab-org/gitlab@5691316795bfd3afcf40edaa4185db67e67db625) ([merge request](gitlab-org/gitlab!68705)) +- [Handle errors without causes](gitlab-org/gitlab@36dd486c4c6f9f0ea997be24bee4d3cd3343b301) ([merge request](gitlab-org/gitlab!68858)) +- [Fix bug validating EE project features](gitlab-org/gitlab@ee3790388b748f45a3cbadc987593dac23a54a2d) ([merge request](gitlab-org/gitlab!68523)) +- [Fix Live Markdown Preview in personal and subgroup projects](gitlab-org/gitlab@1a2a9fe95ea2b484ad8c1ce8d8f4b9714696e104) ([merge request](gitlab-org/gitlab!68803)) +- [Send rotation email inline when deleting user](gitlab-org/gitlab@2616e2dab6a224422de4f4f533f2d6eb091b8cd5) ([merge request](gitlab-org/gitlab!68811)) **GitLab Enterprise Edition** +- [Use type to detect password fields in integrations instead of name](gitlab-org/gitlab@95917eb2d0bbfd6566e67ebff85e28619b52e2f0) ([merge request](gitlab-org/gitlab!68786)) +- [Use dynamic mapping in trigger to sync `integrations.type_new`](gitlab-org/gitlab@21db2a36c42dadec7c3bea82ed85daa66eaf6aa0) ([merge request](gitlab-org/gitlab!68558)) +- [Fix Epic bulk updates leaking to other epics](gitlab-org/gitlab@dc53ff7b8fcb4d80e852ecc0e582da30741ebb4c) ([merge request](gitlab-org/gitlab!68730)) **GitLab Enterprise Edition** +- [Drop un-used db/ci_migrate symlink](gitlab-org/gitlab@503e25c35c75eac4cddc634d9bc1ae89ee90851b) ([merge request](gitlab-org/gitlab!68710)) +- [Fix getAction is undefined bug in Web IDE markdown files](gitlab-org/gitlab@66a8019f4fb785dd014c67f9ce0c09522ea52fab) ([merge request](gitlab-org/gitlab!68583)) +- [Remove substransaction from wiki event creation](gitlab-org/gitlab@18e78d233a9e06300631d0ac1349f2f819284ac2) ([merge request](gitlab-org/gitlab!68627)) +- [Fix namespace checks for live quota consumption](gitlab-org/gitlab@4f2e7ab31e8d9c2c93c61b5830d1cda67d759891) ([merge request](gitlab-org/gitlab!68646)) **GitLab Enterprise Edition** +- [Fix project importers pagination issues](gitlab-org/gitlab@0f385b5c55186554a898818c3f953f8fedd2a949) ([merge request](gitlab-org/gitlab!68270)) +- [Use `binary` property on the file object](gitlab-org/gitlab@bf5486b585b304908721389e3ef8ab3fdd60874a) ([merge request](gitlab-org/gitlab!68643)) +- [Fix links to Jira docs](gitlab-org/gitlab@ed8055c80c68589cf7abb1eefae39c99de6dc801) ([merge request](gitlab-org/gitlab!68644)) +- [Enable the FF ci_new_artifact_file_reader by default](gitlab-org/gitlab@2be876558bfdf6c3fc7ce78f647db95c5cfae6ee) ([merge request](gitlab-org/gitlab!68293)) +- [Remove redundant callbacks, rely instead on validations](gitlab-org/gitlab@a1077343d8d5dcb9ab0d14640926d2a8de25aa5c) ([merge request](gitlab-org/gitlab!68048)) +- [Fix tooltip on issue sidebar](gitlab-org/gitlab@6b454c44d2ff5251ff45129abef59cbe09a07e9e) ([merge request](gitlab-org/gitlab!68614)) +- [Reduce the spacing of list items for Content Editor](gitlab-org/gitlab@7730ff6518416013e68aa752c5c6109a8b151555) ([merge request](gitlab-org/gitlab!68612)) +- [Respect namespaces with unlimited minutes](gitlab-org/gitlab@7eb5fc0b160f644fdb918e91d87a8c1eac385ddc) ([merge request](gitlab-org/gitlab!68599)) +- [Fix some edge cases with Content Editor serializing](gitlab-org/gitlab@9034aab3ca536caafdd8a3506c1002e9786d484e) ([merge request](gitlab-org/gitlab!66187)) +- [Geo: Replicate wiki and design repository HEAD ref](gitlab-org/gitlab@7aaa1413c3a772e89423818fce2b2de46b459066) ([merge request](gitlab-org/gitlab!68324)) **GitLab Enterprise Edition** +- [Fix designCollection object after design is uploaded](gitlab-org/gitlab@1c367ecf10fadbc75560428c8b2b0fac07d099a0) ([merge request](gitlab-org/gitlab!68521)) +- [Wrap pipeline artifact dropdown item names](gitlab-org/gitlab@ed2bbe1f86b4b494dc732652a480e0494e12a57c) ([merge request](gitlab-org/gitlab!68545)) +- [Fix SSO SAML redirection not including query string](gitlab-org/gitlab@4ede4460ddd14e93d05d2ed7c9c01921c39d3086) ([merge request](gitlab-org/gitlab!68498)) +- [Add fix for 'old' file type](gitlab-org/gitlab@7b43391dfd9804b747ed4bf1be6baf82c4b51ec1) ([merge request](gitlab-org/gitlab!67735)) +- [Fix invite url on invited emails](gitlab-org/gitlab@0399c50ccc99de7bfe1de18ac29e3a11f93cebb2) ([merge request](gitlab-org/gitlab!68388)) +- [Track build minutes for disabled shared runners](gitlab-org/gitlab@271267ed46008248953cd70a8a40b9c26a6ad9b3) ([merge request](gitlab-org/gitlab!67024)) **GitLab Enterprise Edition** +- [Validate the uniqueness of pipeline variables](gitlab-org/gitlab@a143ad44cd7bd4113f22709818288eadeecb1b2f) ([merge request](gitlab-org/gitlab!66556)) + +### Changed (109 changes) + +- [Reset notification level when CI minutes limit change](gitlab-org/gitlab@771646f49387e44ff91ab4eca88cfc7bdb231441) ([merge request](gitlab-org/gitlab!69063)) **GitLab Enterprise Edition** +- [Associate successful DAST validations with sites](gitlab-org/gitlab@626803901ffda5266104fbb7a786fb0807fdf45e) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70140)) **GitLab Enterprise Edition** +- [Use new code quality version 0.85.24-gitlab.1](gitlab-org/gitlab@9782fd2c5452b720e92131e3ef16f99fd2bc09d2) ([merge request](gitlab-org/gitlab!70325)) +- [Add notice when runner projects are updated](gitlab-org/gitlab@1fd3099ac0ae9e6489d634d2dc6b850f011d1a7f) ([merge request](gitlab-org/gitlab!70151)) +- [Change DAST url download text to button](gitlab-org/gitlab@a5494666f381dfee8c2d95ebd3d7b965a7f0c555) ([merge request](gitlab-org/gitlab!70280)) **GitLab Enterprise Edition** +- [Update expired message for namespace](gitlab-org/gitlab@831c4e21b04353a206e3d4e6c14fbecfdca315c2) ([merge request](gitlab-org/gitlab!69454)) **GitLab Enterprise Edition** +- [Measure image scaler duration for cached images](gitlab-org/gitlab@e6333fb2162eaf7172c469ff320e9f4c25c3df7b) ([merge request](gitlab-org/gitlab!70483)) +- [Use allowlist of allowed attributes for imported models](gitlab-org/gitlab@f43fafe59d777601b725cfdd326ae47a5ee20e8b) ([merge request](gitlab-org/gitlab!70168)) +- [Migrate admin projects tabs styles](gitlab-org/gitlab@b7fcc0bd36872f04b7c2dda2cfe671468bc0aff5) ([merge request](gitlab-org/gitlab!69298)) +- [Rebalance issues relative position without transaction](gitlab-org/gitlab@8834fda84d2a88c10718a5e59bfa62a06d6a2c50) ([merge request](gitlab-org/gitlab!68746)) +- [Show project suffix input as disabled](gitlab-org/gitlab@9cd9ca44998f09d4002ffa7a979daf21d15159a6) ([merge request](gitlab-org/gitlab!69857)) +- [Update board list settings drawer style](gitlab-org/gitlab@1937928383c9fe23d6e77f6735efdcbaea281d91) ([merge request](gitlab-org/gitlab!69946)) +- [Set different session cookie for Geo secondaries](gitlab-org/gitlab@4653ff48801884650f743cc632df01e5a7788784) ([merge request](gitlab-org/gitlab!69759)) **GitLab Enterprise Edition** +- [Geo: Alternate redownload and normal design sync attempts](gitlab-org/gitlab@f9bd2d7a4a4cd9aedac5931c395c9e728e549c01) ([merge request](gitlab-org/gitlab!70329)) **GitLab Enterprise Edition** +- [Geo: Alternate redownload and normal SSF sync attempts](gitlab-org/gitlab@bc6c2a5c8edfc3eb115031097da46a415e2a1737) ([merge request](gitlab-org/gitlab!70329)) **GitLab Enterprise Edition** +- [Geo: Alternate redownload and normal project syncs](gitlab-org/gitlab@37faf15512ff4bfa7c3a28c888f1a8565659c88e) ([merge request](gitlab-org/gitlab!70329)) **GitLab Enterprise Edition** +- [Geo: Reduce frequency of redownload attempts](gitlab-org/gitlab@f63ab921fc36bfa5951f2cf39af0306d071265a4) ([merge request](gitlab-org/gitlab!70329)) **GitLab Enterprise Edition** +- [Update Devise sign_in path for Geo secondaries](gitlab-org/gitlab@ee925603caccc5dabda7e93f88db7b52f05a80b4) ([merge request](gitlab-org/gitlab!69748)) **GitLab Enterprise Edition** +- [Fix policy editor performance](gitlab-org/gitlab@d44df987b63ac1fc1f8909211f3ad1455ed304d0) ([merge request](gitlab-org/gitlab!70024)) **GitLab Enterprise Edition** +- [Fix DORA deployment frequency in VSA](gitlab-org/gitlab@5dbc5751a258552ff4438cf21dc55c1385b77fd4) ([merge request](gitlab-org/gitlab!69654)) +- [Clean up settings_block.vue](gitlab-org/gitlab@31e30d257cee503b9c52a1e7828261dd34ff253d) ([merge request](gitlab-org/gitlab!68921)) +- [Don't allow anonymous users to search with text](gitlab-org/gitlab@5b7fd6638db0f3d655c36cfceed4b2978c0e7985) ([merge request](gitlab-org/gitlab!70223)) +- [Add migrations to swap ci_builds.id column](gitlab-org/gitlab@8931ded2078012a9d07b250d95c536eb1eead031) ([merge request](gitlab-org/gitlab!70245)) +- [Fix policy preview for non-parseable policies](gitlab-org/gitlab@c41ba9bdfc89279c27d421f17f4939f999caa8ac) ([merge request](gitlab-org/gitlab!70104)) **GitLab Enterprise Edition** +- [Add CI/CD variables for Auto Build and Auto Deploy image versions](gitlab-org/gitlab@89d5502fc9da51bf037e5dbe4a9cfc82fa2853cc) ([merge request](gitlab-org/gitlab!70088)) +- [Update parser gem to 3.0.2.0](gitlab-org/gitlab@5cb1d06f3799a58b5d8947f0815fd04d5687ad83) ([merge request](gitlab-org/gitlab!70207)) +- [Disable Sendfile interface for serving Sidekiq Web assets](gitlab-org/gitlab@ba8bd315473b9e784821fc2a9a4198dceabea18c) ([merge request](gitlab-org/gitlab!70113)) +- [Enable updated delete branch modal styles](gitlab-org/gitlab@6c4d4508720dab4a98466d0cfccf075646519d36) ([merge request](gitlab-org/gitlab!70185)) +- [Add worker_class argument to Sidekiq queues APIs](gitlab-org/gitlab@63979ec0d90d0725d0124ae4658e2021730691c6) ([merge request](gitlab-org/gitlab!70179)) +- [Change Ci::Minutes:AdditionalPack text limit](gitlab-org/gitlab@ce5fcda2623aa08271366c81e84e420427b43bec) ([merge request](gitlab-org/gitlab!70064)) **GitLab Enterprise Edition** +- [Remove package_details_apollo feature flag](gitlab-org/gitlab@6e659c7adb427a57cc4e83b90a8b60aa93d534ff) ([merge request](gitlab-org/gitlab!69649)) +- [Add migrations to swap ci_builds.id column](gitlab-org/gitlab@fc124d114ddfca1e833d012172a0ac8fee8bd5b9) ([merge request](gitlab-org/gitlab!65201)) +- [Add abuse actions to account lock email text](gitlab-org/gitlab@a0b43cca4497faecddcdc14ead25964c212d2c28) ([merge request](gitlab-org/gitlab!69590)) +- [Security MR-widget: Clarify dismissed state](gitlab-org/gitlab@acc26917851abfa9376b253b85e8607007085a60) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69943)) **GitLab Enterprise Edition** +- [Default on policies feature flag](gitlab-org/gitlab@8c64bd7e4cba8bcdf9c23d44c1e7d3b9bfa30d0b) ([merge request](gitlab-org/gitlab!69804)) **GitLab Enterprise Edition** +- [Update UI text for artifacts expiration setting](gitlab-org/gitlab@71fc0ed8178c5debb12e33322ca55e52eeb975aa) ([merge request](gitlab-org/gitlab!69957)) +- [Use GlAlert instead of a custom alert class](gitlab-org/gitlab@ccb0bd218c2f12a1602eb678873df122e4ee2946) ([merge request](gitlab-org/gitlab!69854)) **GitLab Enterprise Edition** +- [Generate iids with implicit locking by default](gitlab-org/gitlab@c2900fb1469886997e92d98d035567c0061acc1d) ([merge request](gitlab-org/gitlab!69769)) +- [Update profile conflict message](gitlab-org/gitlab@f7726c3edb59b99c23c46d65066565b9a0152034) ([merge request](gitlab-org/gitlab!69900)) **GitLab Enterprise Edition** +- [Add a link to site profiles management](gitlab-org/gitlab@8dc84610c38181117e94591440556bd59d30c514) ([merge request](gitlab-org/gitlab!69900)) **GitLab Enterprise Edition** +- [Use similarity sort in search project dropdown](gitlab-org/gitlab@2113d9619cfed22aa0fff988bf3c08a1c7f46623) ([merge request](gitlab-org/gitlab!69899)) +- [Diff stats dropdown styling update due to migration to GlDropdown](gitlab-org/gitlab@228b70ae4b246daad75945074d33db5ca58b63a2) ([merge request](gitlab-org/gitlab!68385)) +- [Update CODEOWNERS - Marcia - Configure](gitlab-org/gitlab@ddc646f98cc28289d14d3f999221367a5a32e4d6) ([merge request](gitlab-org/gitlab!69545)) +- [Review group general settings](gitlab-org/gitlab@7a61f6acdbd81f3839e860957f56ad4165599261) ([merge request](gitlab-org/gitlab!69858)) +- [Update UI text and link for variable warning](gitlab-org/gitlab@047c2196625c9df98e15dba31223dc7766545e2b) ([merge request](gitlab-org/gitlab!69830)) +- [Retry archive if left in incomplete state](gitlab-org/gitlab@8deb1c7094c0bb3bae966e7c451265de68debf95) ([merge request](gitlab-org/gitlab!68906)) +- [Remove File-By-File preference cookie](gitlab-org/gitlab@35d850db0fcfaa1e8d00b575f0bd45af79ff3590) ([merge request](gitlab-org/gitlab!69788)) +- [Add migration to swap ci_builds.stage_id column](gitlab-org/gitlab@4f2f2fc2e0f0e9b8d7c933227a7341b9c0b43de5) ([merge request](gitlab-org/gitlab!66688)) +- [Update Graphql dastProfileUpdate mutation to include Schedule](gitlab-org/gitlab@34d76ecb851039bbb674fe3430fab6cbe23889e5) ([merge request](gitlab-org/gitlab!66445)) +- [Support restoring repository backups in parallel](gitlab-org/gitlab@b00d37ee54f7366535cf9b03dee6834e0310d0c1) ([merge request](gitlab-org/gitlab!69330)) +- [Roll back support for caching encoding detection](gitlab-org/gitlab@e20c483a8d62f10abed64167c7a75aa0f10c5cd3) ([merge request](gitlab-org/gitlab!69581)) +- [Allow to open table editing dropdown from headers](gitlab-org/gitlab@3e4a349ad4aa6ec1fe63a8aaebcd375acefe85c8) ([merge request](gitlab-org/gitlab!69499)) +- [Rename `throttle_unauthenticated_*` attributes in application settings](gitlab-org/gitlab@3edf9e107b1c70ed08ecfab0170e77f231930646) ([merge request](gitlab-org/gitlab!69543)) +- [Prepare the DB LB for always being enabled](gitlab-org/gitlab@e5c5dff040458cd24f66d35824c4fef170325641) ([merge request](gitlab-org/gitlab!68857)) +- [Move group's "allow request access" to new section](gitlab-org/gitlab@f205ed4189bc93f7b689e25d0a1c3861a3828b2a) ([merge request](gitlab-org/gitlab!69217)) +- [Fix integer columns on new VSA table](gitlab-org/gitlab@d80caad0c2f27fd2c082c5a1085fc0efd156869f) ([merge request](gitlab-org/gitlab!69531)) +- [Update GitLab User Doc for EKS supported version](gitlab-org/gitlab@98feb6b48331dfe582e4f4cd47fcfd63ef632b24) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69387)) +- [Resize Jupyter images to fit within the parent box](gitlab-org/gitlab@12032ed70e0aa7c15b12f33403b3716b6a86a100) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68654)) +- [Renders images on the repository of .ipynb files](gitlab-org/gitlab@b40466ca2c99d2ad37cdf9b9dbccf4078df94d60) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69075)) +- [Update help text for API Fuzzing Configuration](gitlab-org/gitlab@175b4099da3a7416c51f8f1e93f889f39c91d47b) ([merge request](gitlab-org/gitlab!69429)) **GitLab Enterprise Edition** +- [Eanble sort_by_project_users_by_project_authorizations_user_id FF](gitlab-org/gitlab@d453b9edd7a811daddfe856cead0de694cb79ecd) ([merge request](gitlab-org/gitlab!69431)) +- [Move CI job token details to new page in CI docs](gitlab-org/gitlab@c03bd900e34da4e938783d8c5a437d5095c05316) ([merge request](gitlab-org/gitlab!69422)) +- [Improve UI text for maintenance mode](gitlab-org/gitlab@2909006ef1483a48fd50efb2d8948c48483be3cc) ([merge request](gitlab-org/gitlab!69264)) +- [Update security policy editor rule button styling](gitlab-org/gitlab@3a0f198a595fecd44f7d8611884b28862b1732bc) ([merge request](gitlab-org/gitlab!69412)) **GitLab Enterprise Edition** +- [Show up to 200 jobs per CI stage](gitlab-org/gitlab@866adb8a09414fd5cc8461605352257c947ffd97) ([merge request](gitlab-org/gitlab!69314)) +- [Update `project/clusters/` CODEOWNERS](gitlab-org/gitlab@fb44b0b001b3109bbbf7aaa097ffe8e955a531d7) ([merge request](gitlab-org/gitlab!69351)) +- [Zoom into design image upto 100% of actual size](gitlab-org/gitlab@d79dd4151f0af62da3f2f50c0f2709090c2b29ed) ([merge request](gitlab-org/gitlab!68755)) +- [Adds DB fixtures to create base work item types](gitlab-org/gitlab@e005e57ca06b4ca1a0755ed3ab7cd5cd2be8182c) ([merge request](gitlab-org/gitlab!69021)) +- [Add configurable maximum YAML file size and depth](gitlab-org/gitlab@b12164a3e8f67559d7a3066a3892e7ad5374b01b) by @discinaround ([merge request](gitlab-org/gitlab!68593)) +- [Add customized README file when creating new Security Policy Project](gitlab-org/gitlab@d3fec98d4703a145bda6f8edfc38a2caec890ae1) ([merge request](gitlab-org/gitlab!68901)) **GitLab Enterprise Edition** +- [Remove ci_job_trace_force_encode feature flag](gitlab-org/gitlab@a8aec1f652f67ccd60474e0bd05679d8b8bfa1fc) ([merge request](gitlab-org/gitlab!69229)) +- [Add pipeline_artifacts_size to projectSatisticsType](gitlab-org/gitlab@3c85d5193f53ecad28e1ccbba7e10060d6420ab8) ([merge request](gitlab-org/gitlab!69224)) +- [Enable bulk_import feature flag by default](gitlab-org/gitlab@ed1849e125b6c087b502792484fd5bdaf98f0280) ([merge request](gitlab-org/gitlab!69110)) +- [Update Geo node to Geo site](gitlab-org/gitlab@117a4dea442effc7618baa47cc700b2abc3caf58) ([merge request](gitlab-org/gitlab!68991)) +- [Update to Ruby 2.7.4](gitlab-org/gitlab@c4eb10aeed0bb20360955fb61323a2d6c3285e65) ([merge request](gitlab-org/gitlab!68363)) +- [Group Settings CI/CD h4 expand](gitlab-org/gitlab@150c7bf32ada427dbf4d4ecd54a3262d2df40dfd) by @quatauta ([merge request](gitlab-org/gitlab!68706)) +- [Catch all errors when processing Debian changes](gitlab-org/gitlab@55f4fe6625139b7c178bca16d8e11254637f5e9f) by @sathieu ([merge request](gitlab-org/gitlab!69141)) +- [Externalize messages on EKS settings page](gitlab-org/gitlab@776cb1a38de7dc217386bdf9f55a208005151cfd) by @JonstonChan ([merge request](gitlab-org/gitlab!69125)) +- [Externalize page-title messages](gitlab-org/gitlab@818702617d12e3818b57fee65959c51599097be9) by @JonstonChan ([merge request](gitlab-org/gitlab!69124)) +- [Externalize add_to_breadcrumbs messages](gitlab-org/gitlab@786c3f7f5556ba9e907b8ed4e576e76af935aec1) by @JonstonChan ([merge request](gitlab-org/gitlab!69123)) +- [Add warning to when converting runner to specific](gitlab-org/gitlab@d25f47a0ab69986a3e7dc71e05a365fe7f1716f2) ([merge request](gitlab-org/gitlab!68966)) +- [Update incident management limits UI text](gitlab-org/gitlab@b4dd5f7d8824969a23096b8200cf6093242f409c) ([merge request](gitlab-org/gitlab!68828)) **GitLab Enterprise Edition** +- [Scope i18n strings that are incorrectly unscoped](gitlab-org/gitlab@77c6493f466df4b425dbc063572967f96426f647) by @JonstonChan ([merge request](gitlab-org/gitlab!69005)) +- [Unscope i18n strings that are incorrectly scoped](gitlab-org/gitlab@c13eabbad21513c9e1487156369a5f9ee12e36cd) by @JonstonChan ([merge request](gitlab-org/gitlab!69002)) +- [Externalize breadcrumb_title message](gitlab-org/gitlab@d3ceacb085cb668be7eb4e10e1cc009e29fa7c38) by @JonstonChan ([merge request](gitlab-org/gitlab!68999)) +- [Externalize submit "Save changes" message](gitlab-org/gitlab@a4f4528534ccbe213829e99d4b295c0e10df305e) by @JonstonChan ([merge request](gitlab-org/gitlab!68910)) +- [Use Gitlab::Ci::Lint in /ci/lint API endpoint](gitlab-org/gitlab@919e5bddb505abf403147206b91a37a545f2e377) ([merge request](gitlab-org/gitlab!68860)) +- [Require a LoadBalancer for service discovery](gitlab-org/gitlab@ea7a01bfceec1f81af394338e5c6ab5e1dafff69) ([merge request](gitlab-org/gitlab!68856)) +- [Only show tooltip on truncate](gitlab-org/gitlab@5013d50cb41e1c341974fadf5d4aa476da42e4c8) ([merge request](gitlab-org/gitlab!68889)) +- [Remove scanner_type argument from GraphQL mutation](gitlab-org/gitlab@1ef6230f463f6a8c8354f1623106ca00b4339379) ([merge request](gitlab-org/gitlab!68951)) **GitLab Enterprise Edition** +- [Remove runner "locked" toggle where not used](gitlab-org/gitlab@64291433a841b9a29766f002cfccadb531110cee) ([merge request](gitlab-org/gitlab!68833)) +- [Fetch discussions using GraphQL](gitlab-org/gitlab@02de2063d26a427dfbaaced1541421f310913c9c) ([merge request](gitlab-org/gitlab!68180)) +- [Prepopulate new issue with link to the parent](gitlab-org/gitlab@d95d1e5dd6b5f2ebeea79b97eda1367c75ce17d2) by @smokris ([merge request](gitlab-org/gitlab!68226)) +- [Group Settings Default initial branch h4 expand](gitlab-org/gitlab@4a991eb788ab7dd1c55a2139471f984fe15e6934) by @quatauta ([merge request](gitlab-org/gitlab!68667)) +- [Always use `SetFullPath` RPC](gitlab-org/gitlab@955a97c4a049040b7633b9c18e9cafe79dfcd83c) ([merge request](gitlab-org/gitlab!68745)) +- [Making cross-reference links distinctly visible](gitlab-org/gitlab@465859fa49149aed4f4f2238f8c833687400ca4c) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68063)) +- [Pipeline Security: Rename "scanner" to "tool"](gitlab-org/gitlab@78fbfe4294f70cec6fba639c0d2f8efe26cc6863) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68713)) **GitLab Enterprise Edition** +- [Set blocked Omniauth accounts to blocked_pending_approval](gitlab-org/gitlab@e55a945907c967e27994fe1c4cbf6db6835e5aaa) by @vfazio ([merge request](gitlab-org/gitlab!63650)) +- [Stringify policy yaml response in scanExecutionPolicies graphql query](gitlab-org/gitlab@a5847351af8aeb83b970e9dc6019bc796fba6395) ([merge request](gitlab-org/gitlab!68656)) **GitLab Enterprise Edition** +- [Improve error message for TransferService](gitlab-org/gitlab@21b9cf4975690f9952d0c82e6cac9799f9646e0d) ([merge request](gitlab-org/gitlab!68536)) +- [Geo SSF: fix texting in admin area](gitlab-org/gitlab@7841a215413474fa221ba42cc61e4dae6382f39d) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68588)) **GitLab Enterprise Edition** +- [Split for_project_paths into two queries](gitlab-org/gitlab@595d0b322722a43e7abfe58d0b783e81ae5b7a62) ([merge request](gitlab-org/gitlab!68457)) +- [Migrate epic sidebar participants to widget](gitlab-org/gitlab@34ff5a78d0a22972cedfed0b8d164ad4e34192f6) ([merge request](gitlab-org/gitlab!68438)) **GitLab Enterprise Edition** +- [Remove the usage_data_design_action feature flag](gitlab-org/gitlab@9ea9f55d389d140a9e9e5e36d1f6981d9f5cc583) ([merge request](gitlab-org/gitlab!68534)) +- [Vulnerabilities CSV: Rename "scanner" to "tool"](gitlab-org/gitlab@083307fed998b18ddd5cd719be9ffed1e7bc0bf1) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68238)) **GitLab Enterprise Edition** +- [Remove feature flags for DAST disable_joins](gitlab-org/gitlab@2fd44466282ef61adb34441282246d76026efd88) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68440)) **GitLab Enterprise Edition** +- [Migrate epic sidebar ancestors to widget](gitlab-org/gitlab@47302502f9d154d414bdff88b9fce62efb9110d2) ([merge request](gitlab-org/gitlab!68428)) **GitLab Enterprise Edition** +- [Disable Vulnerability Finding Link creation](gitlab-org/gitlab@144d35ebddd4e8a8fe3e9e69c7d17e7301602877) ([merge request](gitlab-org/gitlab!68381)) **GitLab Enterprise Edition** +- [Remove feature flag milestone_reference_pattern](gitlab-org/gitlab@154ae7d5d8bc1b1558665a527d54355ee45a1067) ([merge request](gitlab-org/gitlab!68358)) + +### Deprecated (1 change) + +- [Consider repository_push_audit_events deprecated](gitlab-org/gitlab@15b9442ad50b8ff11528fa3643fcb0e904ba615f) ([merge request](gitlab-org/gitlab!69024)) + +### Removed (16 changes) + +- [Remove ci_templates_total_unique metrics](gitlab-org/gitlab@5ccf6e7f208fdae7840a74f29002ffd59fe5657f) ([merge request](gitlab-org/gitlab!69615)) +- [Disable method instrumentation initialization](gitlab-org/gitlab@1458985e7d83a3029de9aec7850006daabad3314) ([merge request](gitlab-org/gitlab!69662)) +- [Remove feature flag for env_vars_resource_group](gitlab-org/gitlab@61d86ca772e950bca449d57cbe3f01824ec5c5bb) ([merge request](gitlab-org/gitlab!70014)) +- [Add migration to remove projects.container_registry_enabled](gitlab-org/gitlab@684002d9d2ce44f49174354228d632743685d3ae) ([merge request](gitlab-org/gitlab!69998)) +- [Update docs regarding pages legacy storage in 14.3](gitlab-org/gitlab@da1549a01d5f98ab402f08fea96fbe668af5f54c) ([merge request](gitlab-org/gitlab!69383)) +- [Remove experience level functionality](gitlab-org/gitlab@699ea2b42b48350108a340ca40a88c36fd0a0c4c) ([merge request](gitlab-org/gitlab!69491)) +- [Remove Markdown support for bio field](gitlab-org/gitlab@e5d7fa818beee7a61d075f5dd4e30254417e79d5) ([merge request](gitlab-org/gitlab!68628)) +- [Remove FF load balancing for deployments hooks worker](gitlab-org/gitlab@4f99eb1b5dd698ca0a0e17a7c2ae27ac23379e98) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69557)) +- [Remove GitLab Pages legacy storage lease](gitlab-org/gitlab@2afa44348e983b1468bd9e1f48da80e03795df10) ([merge request](gitlab-org/gitlab!69377)) +- [Stop deploying GitLab Pages to legacy storage](gitlab-org/gitlab@0882ce0e831ffcbea8b9566fadcd3d8928dda8f3) ([merge request](gitlab-org/gitlab!69287)) +- [Remove Clair deprecation warning](gitlab-org/gitlab@fc69cd195ce1595e464cb35bcc37c71e6cfac455) ([merge request](gitlab-org/gitlab!69428)) **GitLab Enterprise Edition** +- [Remove feature flag gitaly_backup](gitlab-org/gitlab@25e7fb5a55e9d72ed7f486e3a714a9ec16001974) ([merge request](gitlab-org/gitlab!68510)) +- [Remove name parameter from pipeline finder](gitlab-org/gitlab@ba78bb2a74ad358ce917c15c6077ebd5098c706f) ([merge request](gitlab-org/gitlab!68997)) +- [Remove seat_link_enabled from ApplicationSettings db table](gitlab-org/gitlab@ea3197d558804706eb8812f313aa645d3fca48a5) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/66534)) +- [Remove cloud_license_enabled database column](gitlab-org/gitlab@748c20e9bea811ec97cd4c5be2318afa45f9dd53) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65541)) +- [merge_request: Drop checks whether a squash is in progress](gitlab-org/gitlab@b5b78c33c9f003f61201fb68462c56219b71e6d3) ([merge request](gitlab-org/gitlab!68647)) + +### Security (14 changes) + +- [OAuth Access Tokens generated by new applications have expiry](gitlab-org/gitlab@74b9b5993c67b35e082ff5005645bdcfec206318) ([merge request](gitlab-org/gitlab!69514)) +- [Sanitize emojis when reading from LocalStorage](gitlab-org/gitlab@2e07ba0574f2258e54b6ca0e21f56bd11ee78f7d) ([merge request](gitlab-org/gitlab!68988)) +- [Always include default config for DOMPurify](gitlab-org/gitlab@de0647b6a03f363ab7fa6f067f11501af8d8af74) ([merge request](gitlab-org/gitlab!69269)) +- [Deny access for repository coverage info for guests](gitlab-org/gitlab@f04ef9b180359e75fbc6e61fea49ca400760c7a1) ([merge request](gitlab-org/gitlab!68947)) **GitLab Enterprise Edition** +- [Prevent non-admins from configuring Jira connect app](gitlab-org/gitlab@36b00195a4a5df27ecf44d5e96c8c9ecc959c8c8) +- [Update apollo_upload_server dependency](gitlab-org/gitlab@a360142bb99b37e48051c2455246f0fd4e6cd542) +- [Ensure shared group members lose project access after group deletion](gitlab-org/gitlab@8f1962ad6865c2dfc0452f1089d12889b5f3f087) +- [Update Import/Export to use public email when mapping users](gitlab-org/gitlab@c9375914fbc78f94bcb97762842b4208bc4659a1) **GitLab Enterprise Edition** +- [Update mermaid to 8.11.5](gitlab-org/gitlab@ba3db73a2c8d34e4664a78983feb2befdc10afff) by @bufferoverflow ([merge request](gitlab-org/gitlab!68282)) +- [Escape issue reference and title for Jira issues](gitlab-org/gitlab@8c4450ee6328e77abf2d090dcb74b5fb675e13f6) **GitLab Enterprise Edition** +- [Fix stored XSS vulnerability in Datadog settings form](gitlab-org/gitlab@e96534e084a74b237323f7a55b8d62c6be8445e9) +- [Inherit user external status while creating project bots](gitlab-org/gitlab@04e5ab35b8678fb3d615dba44dfd97f9c89b022e) +- [Require sign in for .keys endpoint on non-public instances](gitlab-org/gitlab@8951195f9787d8df0d1faaad8ce7a6a975e29853) +- [Only create jira connect NS subscriptions for admins](gitlab-org/gitlab@6b88a3155df206d0c76725236334e590558ccc65) + +### Performance (43 changes) + +- [Add index for selecting resource_group from ci_builds](gitlab-org/gitlab@aa8ee780d6e720fe4027cf17e18c5d69bcf3af30) ([merge request](gitlab-org/gitlab!70279)) +- [Perform FindTag RPC request for a single tag](gitlab-org/gitlab@3180cf1cec79995159efe9d8cb9978d9a497a39a) ([merge request](gitlab-org/gitlab!70181)) +- [Remove redundant permission checks for GraphQL job type](gitlab-org/gitlab@c101a53e438674ac05b1ff39a819580ce42951fa) ([merge request](gitlab-org/gitlab!69982)) +- [Avoid a duplicated SQL condition in the NPM metadata endpoint](gitlab-org/gitlab@daef07bdb72571879bd187857214cfa97ef78c6e) ([merge request](gitlab-org/gitlab!70173)) +- [Remove preload_repo_cache feature flag](gitlab-org/gitlab@c39f6dd8e8bcc8ac01d5024b9e12598b12a45ebd) ([merge request](gitlab-org/gitlab!70132)) +- [Limit updates to Web Hook backoff interval](gitlab-org/gitlab@95ab29229db83c5918d173922944060ef8f88bc5) ([merge request](gitlab-org/gitlab!69955)) +- [Fix N+1 in projects API](gitlab-org/gitlab@f97aff42d29e50c86b659a6ea285a371ac5ba700) ([merge request](gitlab-org/gitlab!69949)) +- [Remove cache_merge_to_ref_calls feature flag](gitlab-org/gitlab@ab017f16e4b2168bc74de8ccd226e5e56e9952f3) ([merge request](gitlab-org/gitlab!69904)) +- [Limit max pagination count for relations to 1000](gitlab-org/gitlab@d0df47b80af56dbfb84f779804dd33b2b4bd719c) ([merge request](gitlab-org/gitlab!69620)) +- [Batch loading of open issues count from Redis](gitlab-org/gitlab@21b3bc3ea6621a3a6623c933878e3d3735913e1e) ([merge request](gitlab-org/gitlab!69479)) +- [Decrease WebHooks::LogExecutionWorker retries](gitlab-org/gitlab@dfeb0e69e202d2ec65ad6b44ba6161f96a9b5703) ([merge request](gitlab-org/gitlab!69834)) +- [Use specialized worker to refresh authorizations on group-share removal](gitlab-org/gitlab@0a82b83854300fb272f2e1da1956883b093f9af6) ([merge request](gitlab-org/gitlab!69739)) +- [Run UserRefreshFromReplicaWorker jobs on the replica db by default](gitlab-org/gitlab@220738943ec90b5a2081d57bd313eded889baab7) ([merge request](gitlab-org/gitlab!69728)) +- [push_rules: Implement bulk-checking of file sizes](gitlab-org/gitlab@8a5681f2feafa52e8f36c93ecf84cbf56ba651d7) ([merge request](gitlab-org/gitlab!69449)) +- [Reduce DB queries when loading root_ancestor](gitlab-org/gitlab@d2680a353f6d250c2d5aa28ae0d4862c2ec2cdbd) ([merge request](gitlab-org/gitlab!69533)) +- [Release cached merge_request show.json](gitlab-org/gitlab@e67a069a78cddfbb90156ebb9422a6c323c15260) ([merge request](gitlab-org/gitlab!69618)) +- [Release diffs_batch cached rendering](gitlab-org/gitlab@c7d293f0a386724a309153923e4a70320b6d1af1) ([merge request](gitlab-org/gitlab!69617)) +- [Fix n+1 for award_emoji field when fetching epics](gitlab-org/gitlab@1d4bf92ae235908e541e88a6396433b3d9803ce6) ([merge request](gitlab-org/gitlab!69528)) **GitLab Enterprise Edition** +- [Remove pipeline variable unique validation](gitlab-org/gitlab@162c9c1b8602ee705d8e2b1c6773f64e4cd1940b) ([merge request](gitlab-org/gitlab!69595)) +- [Splits up auto_cancelable_pipelines query, adds limit](gitlab-org/gitlab@ad64acb2e0f41b48db03e0ac3d99867e27340df0) ([merge request](gitlab-org/gitlab!68585)) +- [Use linear version GroupsWithTemplatesFinder#extended_group_search](gitlab-org/gitlab@b4ea0323f91a9b19cbee7e328797de260ae060d2) ([merge request](gitlab-org/gitlab!68936)) **GitLab Enterprise Edition** +- [Use linear version ApplicationSettings#elasticsearch_limited_namespaces](gitlab-org/gitlab@8078e245cb3bce435abb40e3b07766f70243c2da) ([merge request](gitlab-org/gitlab!68931)) **GitLab Enterprise Edition** +- [Use linear version User#groups_with_developer_maintainer_project_access](gitlab-org/gitlab@d568481f854ad29f133ef300f34b84c7b5a4c976) ([merge request](gitlab-org/gitlab!68851)) +- [Move vulnerability statistics update out of transaction](gitlab-org/gitlab@8de7a2fb5f4b3f518f8325437ed23d0afc08c5d0) ([merge request](gitlab-org/gitlab!69045)) **GitLab Enterprise Edition** +- [Use linear version of User#manageable_groups](gitlab-org/gitlab@f9818cfe32299fc04c3bc8e5837ba66dacbbe5ce) ([merge request](gitlab-org/gitlab!68845)) +- [Decrease epics, child epics and child issues max page size](gitlab-org/gitlab@8978337ee0cab9dcb75c03e87192ecf5b7e97da4) ([merge request](gitlab-org/gitlab!68403)) **GitLab Enterprise Edition** +- [Caching the protected branch check](gitlab-org/gitlab@f5f2644d39604e094cecf52f951eca1248a9c0f8) ([merge request](gitlab-org/gitlab!64738)) +- [Enable caching of MergeToRefService responses](gitlab-org/gitlab@356f15652385cb7630ab4a4d3e7b6b6daf31a897) ([merge request](gitlab-org/gitlab!69019)) +- [Remove the npm_presenter_queries_tuning FF](gitlab-org/gitlab@0c29fc19c2093d0f4ed50959ac84d22d53eb989d) ([merge request](gitlab-org/gitlab!69058)) +- [Use linear version of User#membership_groups](gitlab-org/gitlab@fc9371979d192ef6b761184f049c1bcd75d33fee) ([merge request](gitlab-org/gitlab!68842)) +- [Use linear version of groups_including_descendants_by](gitlab-org/gitlab@5434af3edbbb1e6d784ee96e6b499f932e5eb62b) ([merge request](gitlab-org/gitlab!68835)) +- [Optimize StuckCiJobsWorker running builds query](gitlab-org/gitlab@e5ef10c611aa71299a46ba8ac60db1e0eee6eb3b) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68891)) +- [Use reference cache for iterations](gitlab-org/gitlab@81109da95d4628fad060bc8e414506fe9337d6d7) ([merge request](gitlab-org/gitlab!67431)) **GitLab Enterprise Edition** +- [Cache content_sha256 field for Files API](gitlab-org/gitlab@91bf332a1736f48bc7df3a7cee8cb502dad31061) ([merge request](gitlab-org/gitlab!67280)) +- [Eliminate N+1 queries for pipeline GraphQL endpoint](gitlab-org/gitlab@cec7261f50f09539df3bd0bdccdb17d6e2f6f00f) ([merge request](gitlab-org/gitlab!68729)) +- [Upgrade grape-path-helpers to 1.7.0](gitlab-org/gitlab@0a82a7e91ae649d09ad865146c21fb02279eacc8) ([merge request](gitlab-org/gitlab!68916)) +- [Remove `safe_find_or_create_by!` usage](gitlab-org/gitlab@84e7ea128206b9fd12a9ea409836615bf08d6533) ([merge request](gitlab-org/gitlab!68859)) +- [Remove feature flag used to enable subtransactions counter](gitlab-org/gitlab@296f7f653a30e5b2b5d8f00fb8e8417012cb4355) ([merge request](gitlab-org/gitlab!68764)) +- [Remove safe_find_or_create_by! calls](gitlab-org/gitlab@94e08bc132f410dcafc35b6110689f736617eed1) ([merge request](gitlab-org/gitlab!68649)) +- [checks: Always enable batched computation of commits](gitlab-org/gitlab@295f2e3845b8f9c4c9310c91fb5ed788a1eaab9d) ([merge request](gitlab-org/gitlab!68747)) +- [Never fetch more than 101 commits when processing a git push](gitlab-org/gitlab@81be7217f8670f5faa930bbd867951408040e123) ([merge request](gitlab-org/gitlab!67491)) +- [Reduce Gitaly calls for keeping around refs of published notes](gitlab-org/gitlab@a47de44666327cb713093eb0c3a105d0e19830ad) ([merge request](gitlab-org/gitlab!68337)) +- [Use the ListCommits RPC, not CommitsBetween, when processing git push](gitlab-org/gitlab@2a3182749c565f6b357c0432fc37d9c50a9c6420) ([merge request](gitlab-org/gitlab!68470)) + +### Other (56 changes) + +- [Remove optimized_issuable_label_filter flag](gitlab-org/gitlab@7f1c9cc71a827584227b697a4367d7b63d1e42d7) ([merge request](gitlab-org/gitlab!70289)) +- [Snowplow event dictionary first run for Vue files](gitlab-org/gitlab@b48ec7b325ef782c86850e2bb090d27802108174) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70450)) **GitLab Enterprise Edition** +- [Add Snowplow event dictionary for Vue files](gitlab-org/gitlab@74ee2d053e35ff4d71ac787ad948724282d44e8d) ([merge request](gitlab-org/gitlab!67981)) **GitLab Enterprise Edition** +- [Remove track_all_ci_template_inclusions FF](gitlab-org/gitlab@75b9287a604bb82321b784739d7fb77f29f1a5f3) ([merge request](gitlab-org/gitlab!70380)) +- [Plain replace of track-event to track-action](gitlab-org/gitlab@9078236d088632b2b72df65666d35680fc01b6df) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/56904)) **GitLab Enterprise Edition** +- [Remove FF ci_daily_limit_for_pipeline_schedules](gitlab-org/gitlab@a2f1f86bcdcd1fe9faeac262d2135445686d1c44) ([merge request](gitlab-org/gitlab!70163)) +- [Remove FF ci_modified_paths_of_external_prs](gitlab-org/gitlab@0a43715f40d73ea9a38934fa54dfbca65d7e61a1) ([merge request](gitlab-org/gitlab!70161)) +- [Update the helm documentation](gitlab-org/gitlab@dc8b51f21af9325ea5144b1e68351587edfe3749) ([merge request](gitlab-org/gitlab!70178)) +- [Finalize conversion to bigint for ci_builds_metadata](gitlab-org/gitlab@21415536061b9ac91e7b1e3b698b1b09534d6152) ([merge request](gitlab-org/gitlab!65692)) +- [Add status columns to dependency proxy tables](gitlab-org/gitlab@209658cd6e8f6d83727c94bd42079ffa8f3575f8) ([merge request](gitlab-org/gitlab!69901)) +- [Remove load performance widget usage data flag](gitlab-org/gitlab@487442b036ab31232a559e3e9b178df28baf1962) ([merge request](gitlab-org/gitlab!68847)) **GitLab Enterprise Edition** +- [Finalize conversion to bigint for taggings](gitlab-org/gitlab@b6856991f3aa150e36318922534a56590f704397) ([merge request](gitlab-org/gitlab!66625)) +- [Clean up feature flag for pipeline editor branch switcher](gitlab-org/gitlab@a8f2168ed1fe6fa61650145b29c7e869b3fb376d) ([merge request](gitlab-org/gitlab!66717)) +- [Track all CI template inclusions](gitlab-org/gitlab@258d2f2ea227a0aec2c933768b8cff7fec40a928) ([merge request](gitlab-org/gitlab!69204)) +- [Revert "Merge branch...](gitlab-org/gitlab@2ee987bc775dcaa4432dfacd20a17cc82921ffc0) ([merge request](gitlab-org/gitlab!69812)) +- [Remove the default enabled feature flag](gitlab-org/gitlab@1630d748a49a401d1d0ba78c129fabc0924c3c6e) ([merge request](gitlab-org/gitlab!69755)) +- [Fix: update error budget documentation](gitlab-org/gitlab@2d5f19a14d1e34277e2c57617a2fd84aca0cbc66) ([merge request](gitlab-org/gitlab!69732)) +- [Cleanup bigint conversion for geo_job_artifact_deleted_events](gitlab-org/gitlab@2ca0e62a01f887a3d9c260c11030f80045e10802) ([merge request](gitlab-org/gitlab!69722)) +- [Cleanup bigint conversion for deployments](gitlab-org/gitlab@dc6dac21cb8f76c7d21357487ac1bb1d6ac9edd4) ([merge request](gitlab-org/gitlab!69719)) +- [Cleanup bigint conversion for ci_stages](gitlab-org/gitlab@45b010cbf8891db59aef73f58d5f8e617d9a9b0b) ([merge request](gitlab-org/gitlab!69714)) +- [Remove use_insert_all_in_internal_id feature flag](gitlab-org/gitlab@26a8a7ff654b0a015c70d14e44b14321c99d0b1a) ([merge request](gitlab-org/gitlab!69598)) +- [Remove metrics report usage data feature flag](gitlab-org/gitlab@72a1657d0bf624a4568e10eddb554aa6d3720c22) ([merge request](gitlab-org/gitlab!68657)) **GitLab Enterprise Edition** +- [Remove the FF ci_fix_commit_status_retried](gitlab-org/gitlab@fed8e557c0d1e62134aa9187219fdaa2166d111d) ([merge request](gitlab-org/gitlab!69555)) +- [Remove bigint conversion triggers for events](gitlab-org/gitlab@bfd5ac61e24c2f8533b23a82878906d85cc49f6a) ([merge request](gitlab-org/gitlab!69337)) +- [Move usage_graph component to vue_shared folder](gitlab-org/gitlab@9003a12c1bc4aa82fece65b28149a22d47455144) ([merge request](gitlab-org/gitlab!69374)) +- [Prepare ci_builds swap indexes for async creation](gitlab-org/gitlab@bdab6b9c92a2d19687b7b3ca5dc74eca695b8cf0) ([merge request](gitlab-org/gitlab!69404)) +- [Bump fast_gettext to the latest](gitlab-org/gitlab@329c5a3b810437e6b9d046cd3a94e09769da2814) ([merge request](gitlab-org/gitlab!69236)) +- [Introduce versioned GitLab migration class](gitlab-org/gitlab@137f716c6b118e65651c8df26edcc606bc71c413) ([merge request](gitlab-org/gitlab!68986)) +- [Remove bigint conversion triggers for push_event_payloads](gitlab-org/gitlab@7d5a2605a949f0b3eaa9eec5232e5d15e097b197) ([merge request](gitlab-org/gitlab!69339)) +- [Fix contextual help link and other minor improvements](gitlab-org/gitlab@012d10086d32d4c8e73c6c8c372f0682a41d73f5) ([merge request](gitlab-org/gitlab!68838)) **GitLab Enterprise Edition** +- [Clean up :graphql_board_list feature flag](gitlab-org/gitlab@cfccf9032a8fd0cab2962fe2fdde20f327932867) ([merge request](gitlab-org/gitlab!67815)) +- [Revert "Merge branch 'stuck-ci-jobs-worker-optimize-running' into 'master'"](gitlab-org/gitlab@af23fa473a470d81f5a07b1a00072b38ce7c35d9) ([merge request](gitlab-org/gitlab!69163)) +- [Cleanup used membership invites](gitlab-org/gitlab@8c4879e7e5be46969823aa64ab676e57e809d5a2) ([merge request](gitlab-org/gitlab!69064)) +- [Remove temp index on approval_project_rules](gitlab-org/gitlab@c2efc57d6ed6e3221fb5652a9ddd12283ee731aa) ([merge request](gitlab-org/gitlab!68579)) +- [Add models for dependency proxy ttl policies](gitlab-org/gitlab@d40a4e5a0b14270cc18443fcc8a6c971ec339bbb) ([merge request](gitlab-org/gitlab!68809)) +- [Bump prometheus-client-mmap to 14.0](gitlab-org/gitlab@877b827e1039644167a344dacc5d05cb9c9eee1e) ([merge request](gitlab-org/gitlab!68987)) +- [Update GitLab Shell to v13.21.0](gitlab-org/gitlab@142c6e006e536fbd603ffe41061b45f049bfb292) ([merge request](gitlab-org/gitlab!68985)) +- [Remove enabled runner_graphql_query feature flag](gitlab-org/gitlab@fefdb1c3c74c0d78339eb5a2dc83fb91fafa6c0f) ([merge request](gitlab-org/gitlab!68944)) +- [Remove upsert_issue_metrics feature flag](gitlab-org/gitlab@2e627c8b2705ea1431a58916a18cf39122bb63eb) ([merge request](gitlab-org/gitlab!68829)) +- [Remove optimize_safe_find_or_create_by FF](gitlab-org/gitlab@54715b730f58f88a8426a35384083f64653194d3) ([merge request](gitlab-org/gitlab!68827)) +- [Remove column from project_settings](gitlab-org/gitlab@0c9181486033adf7e32a76b6996a5df3cdd0c386) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68854)) +- [Remove the "local file reviews" feature flag](gitlab-org/gitlab@d58a1049c74210cdb43c2bef401fa0857db4bf7f) ([merge request](gitlab-org/gitlab!68813)) +- [Prepare async indexes for ci table int8 swaps](gitlab-org/gitlab@25c10c86b0a70f55ba67f3a0b52afcb3d1cc4bf9) ([merge request](gitlab-org/gitlab!68888)) +- [Remove store_mentions_without_subtransactions FF](gitlab-org/gitlab@185df145797a9e72e81ec97c2da0587d151b403b) ([merge request](gitlab-org/gitlab!68826)) +- [Remove unused other_storage_counter](gitlab-org/gitlab@1c8be2482ae8a13dbc5e00980ad17f6ada3a9ed9) ([merge request](gitlab-org/gitlab!68736)) +- [Remove enabled runner_detailed_view_vue_ui flag](gitlab-org/gitlab@e7644ad7544aa06d7f47a7e88df6fc3c657fb9d2) ([merge request](gitlab-org/gitlab!68839)) +- [Remove web performance widget usage data flag](gitlab-org/gitlab@0d55ceb00913a4ef2e3f628268c03462c46c74b1) ([merge request](gitlab-org/gitlab!68837)) **GitLab Enterprise Edition** +- [Finalize conversion to bigint for events](gitlab-org/gitlab@a69fa0532997f389601c273b69dcb5b09d8219dd) ([merge request](gitlab-org/gitlab!64779)) +- [Remove column from project_settings](gitlab-org/gitlab@c8c78bad3263b15b0ab61223000fb39c45e9dc64) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68798)) +- [Fix instrumentation meta method definition](gitlab-org/gitlab@62d9bae05f72eb1fca4a5cfe06ceaa3c3de787fa) ([merge request](gitlab-org/gitlab!68568)) +- [Remove board_new_list feature flag](gitlab-org/gitlab@ec1eb8d0e115e8cd7fbdcd683d3cadd0536f4b88) ([merge request](gitlab-org/gitlab!59826)) +- [Prepare indexes on events for bigint column conversions](gitlab-org/gitlab@e05745930510e30c3b69a22f66450bde5fc48e65) ([merge request](gitlab-org/gitlab!68426)) +- [Remove `track_unique_visits` feature flag](gitlab-org/gitlab@9ba606897436e4356568bbf62d78e7b8f596b996) by @edith007 ([merge request](gitlab-org/gitlab!68569)) +- [Remove deprecated deployment workers](gitlab-org/gitlab@237d7a54fdac62847f8078228fc2ed6692f33f7e) by @edith007 ([merge request](gitlab-org/gitlab!67683)) +- [Remove the FF ci_reset_bridge_with_subsequent_jobs](gitlab-org/gitlab@a4a75095b9b0250d0b1bdadea90c8a4cd24449b2) ([merge request](gitlab-org/gitlab!68295)) +- [Removes ci_same_stage_job_needs ff](gitlab-org/gitlab@5e509cf7aa90041a541b19dda563120a359f0bf9) ([merge request](gitlab-org/gitlab!68041)) + +## 14.2.5 (2021-09-30) + +### Security (28 changes) + +- [Require password param for 2FA changes](gitlab-org/security/gitlab@5693760a3edf82774a4e19b9bb561be87316be54) ([merge request](gitlab-org/security/gitlab!1815)) +- [Fix permissions check on project members import](gitlab-org/security/gitlab@f9b4200427833e370638aa63851d6801a40c404c) ([merge request](gitlab-org/security/gitlab!1859)) +- [Respect disabled import sources when initiating import via API](gitlab-org/security/gitlab@3c9af055ece281fcaab0b8dcc277e0ce9133ad31) ([merge request](gitlab-org/security/gitlab!1847)) +- [Return 404 if model id wasn't passed to UploadsController](gitlab-org/security/gitlab@dd4616362040d2b812d69ff2ecf78e70ff4b9ae3) ([merge request](gitlab-org/security/gitlab!1844)) +- [Scrub artifacts signed URL in SendEntry logs](gitlab-org/security/gitlab@41d275bb73943ba6f970d6678b49c9336194af35) ([merge request](gitlab-org/security/gitlab!1841)) +- [Prevent double-impersonation and impersonation breakout](gitlab-org/security/gitlab@c0ab498adda057f4d87969d74c32a3ea95df297c) ([merge request](gitlab-org/security/gitlab!1835)) +- [Clear session access tokens when starting/stopping impersonation](gitlab-org/security/gitlab@fd39d88b348d525818820d2496afe08612420023) ([merge request](gitlab-org/security/gitlab!1832)) +- [Use validated URL when sending request to Gitea Importer](gitlab-org/security/gitlab@328e3c726c693b32666e0fb32eda0b7a6f22d8ad) ([merge request](gitlab-org/security/gitlab!1821)) +- [Fix XSS in Jira link](gitlab-org/security/gitlab@868d8b9c4a1e9e9019a7ff51da11f75051e452c3) ([merge request](gitlab-org/security/gitlab!1817)) **GitLab Enterprise Edition** +- [Fix fogbugz importer DNS Rebind SSRF](gitlab-org/security/gitlab@4f4b5a15a3508084f921442b3a7f42ba0448f1bb) ([merge request](gitlab-org/security/gitlab!1681)) +- [Remove related project access tokens when a project is deleted](gitlab-org/security/gitlab@282e81198f80f1fda912da5bc6f671d778b19ca9) ([merge request](gitlab-org/security/gitlab!1811)) +- [Require group admin access to list pending invites](gitlab-org/security/gitlab@1ce85345787025222c915fe5fa314bad8994b6ba) ([merge request](gitlab-org/security/gitlab!1720)) +- [Do not export and import repository_size_limit](gitlab-org/security/gitlab@359f14e41dfc355a13041cdf1dbcd082c254200c) ([merge request](gitlab-org/security/gitlab!1769)) +- [Escapes MR approval rule names correctly](gitlab-org/security/gitlab@d84739982599197ff337d69d818634544270e142) ([merge request](gitlab-org/security/gitlab!1808)) +- [Filter shared groups autocomplete by permitted](gitlab-org/security/gitlab@3a2b4c7ff1eb2ba3e84840ba2800c13d6491d726) ([merge request](gitlab-org/security/gitlab!1805)) **GitLab Enterprise Edition** +- [Require access token for git when 2fa is required](gitlab-org/security/gitlab@deb4e7e5f941c82450d382c1b85f6325e367394f) ([merge request](gitlab-org/security/gitlab!1795)) +- [Disable exporting pipeline triggers on project export](gitlab-org/security/gitlab@417761bb2f67f03bfe803163bad97da7b9fa088b) ([merge request](gitlab-org/security/gitlab!1789)) +- [Add pagination to dependencies API](gitlab-org/security/gitlab@2f84755ba54580df126054a561d8cc4731f936d3) ([merge request](gitlab-org/security/gitlab!1724)) **GitLab Enterprise Edition** +- [Permission check issuable template API data](gitlab-org/security/gitlab@a90614e2efc813ca5f13a9aa9b51f13f0e8934aa) ([merge request](gitlab-org/security/gitlab!1786)) **GitLab Enterprise Edition** +- [Apply account locking to password reset page](gitlab-org/security/gitlab@6bbd77c0748e59eacff51edb6264d6099ee14a38) ([merge request](gitlab-org/security/gitlab!1783)) +- [Enforce configured scopes for Oauth applications](gitlab-org/security/gitlab@a9f44bb19cbfc460cd05627a80ef17c39cdde86b) ([merge request](gitlab-org/security/gitlab!1780)) +- [Verify state before using errors from OAuth2 OmniAuth providers](gitlab-org/security/gitlab@6f70292d0fa3efbe99c44748a463df189830cc35) ([merge request](gitlab-org/security/gitlab!1777)) +- [Prevent moving epic issues to different group hierarchy](gitlab-org/security/gitlab@979d40003794014d5930709a257e9a5c75df10e6) ([merge request](gitlab-org/security/gitlab!1773)) **GitLab Enterprise Edition** +- [Prevent showing not allowed subgroup epics](gitlab-org/security/gitlab@2f72e4062f6cd7256ffff31172b00c012a5910e1) ([merge request](gitlab-org/security/gitlab!1765)) **GitLab Enterprise Edition** +- [Do not allow status checks to exist with external protected branches](gitlab-org/security/gitlab@dd08837d054c574f94f80e806cc7b49de342cc57) ([merge request](gitlab-org/security/gitlab!1762)) **GitLab Enterprise Edition** +- [Fix GFM autocomplete xss](gitlab-org/security/gitlab@5afba618ef89fdce544f498a30e7366e3f6cb788) ([merge request](gitlab-org/security/gitlab!1747)) +- [Prohibit anonymous access for specific user API endpoint](gitlab-org/security/gitlab@a813bd8a8f07ffa0477efd3a3936b436e5ec6b17) ([merge request](gitlab-org/security/gitlab!1736)) +- [Fix denial-of-service attack in Markdown parser](gitlab-org/security/gitlab@f618ad9c104882ac5f707b162e8119805252019e) ([merge request](gitlab-org/security/gitlab!1729)) + +## 14.2.4 (2021-09-17) + +### Fixed (2 changes) + +- [Fix Elastic::MigrationWorker current_migration (2nd attempt)](gitlab-org/gitlab@65bf8636d35edc6f580c7f09e1ffafc46ca5fbdb) ([merge request](gitlab-org/gitlab!70494)) **GitLab Enterprise Edition** +- [Removes cleanup job from Terraform.latest](gitlab-org/gitlab@6085d73d1a88aa98310f775fe2ff74584948e1a9) ([merge request](gitlab-org/gitlab!70494)) + ## 14.2.3 (2021-09-01) ### Fixed (4 changes) @@ -586,6 +1174,45 @@ entry. - [Add helpful text to URL group validation and limit text](gitlab-org/gitlab@59a5a6266cb0d5434596170ffa36e4e74b8d2c2c) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65369)) **GitLab Enterprise Edition** - [Refactor external storage admin area configuration UI and docs](gitlab-org/gitlab@497ba4fc8f4ec1d234c9f5f1ec5c69712b8c7cb3) ([merge request](gitlab-org/gitlab!66219)) +## 14.1.7 (2021-09-30) + +### Security (28 changes) + +- [Require password param for 2FA changes](gitlab-org/security/gitlab@4e16401a77264ef3127f0bb314fa0abab11216c7) ([merge request](gitlab-org/security/gitlab!1816)) +- [Fix permissions check on project members import](gitlab-org/security/gitlab@be54b3f4890fa89d58cb02be79c65025f606bd6c) ([merge request](gitlab-org/security/gitlab!1860)) +- [Respect disabled import sources when initiating import via API](gitlab-org/security/gitlab@b76b6229c93447954efc5719e6dd61eb601afdc4) ([merge request](gitlab-org/security/gitlab!1848)) +- [Return 404 if model id wasn't passed to UploadsController](gitlab-org/security/gitlab@8ab1cfaafba21a9e90ef41677993af2afdcd920a) ([merge request](gitlab-org/security/gitlab!1845)) +- [Scrub artifacts signed URL in SendEntry logs](gitlab-org/security/gitlab@5bae93b2f085d5dac58e411bffb5ca518fe7df98) ([merge request](gitlab-org/security/gitlab!1842)) +- [Prevent double-impersonation and impersonation breakout](gitlab-org/security/gitlab@7c82d0f2a1dbfb0a23d6a5cdaee448307ffc6972) ([merge request](gitlab-org/security/gitlab!1836)) +- [Clear session access tokens when starting/stopping impersonation](gitlab-org/security/gitlab@a4d529eb7c8eeb3e9c42ae3d81514d79a905cdb7) ([merge request](gitlab-org/security/gitlab!1833)) +- [Use validated URL when sending request to Gitea Importer](gitlab-org/security/gitlab@b30536e6c9aa969c76bcd167f00db5a0e07ace7a) ([merge request](gitlab-org/security/gitlab!1820)) +- [Fix XSS in Jira link](gitlab-org/security/gitlab@9ace10c46744ee220c649d2da0eeb3e99216ee7d) ([merge request](gitlab-org/security/gitlab!1625)) **GitLab Enterprise Edition** +- [Fix fogbugz importer DNS Rebind SSRF](gitlab-org/security/gitlab@9d7107665d6ed931ef4b2feeb0287bc71b89232c) ([merge request](gitlab-org/security/gitlab!1682)) +- [Remove related project access tokens when a project is deleted](gitlab-org/security/gitlab@b86096865949f07f6a2020603959117d9c84877b) ([merge request](gitlab-org/security/gitlab!1812)) +- [Require group admin access to list pending invites](gitlab-org/security/gitlab@404b344edd61b2f13c3498cd545c2b40165ee536) ([merge request](gitlab-org/security/gitlab!1721)) +- [Do not export and import repository_size_limit](gitlab-org/security/gitlab@56f563980f944f1a5e3935ad82070e6719cd5a0c) ([merge request](gitlab-org/security/gitlab!1768)) +- [Escapes MR approval rule names correctly](gitlab-org/security/gitlab@ea64f981ce70a0e1e6ee58e64a6007e82f48e071) ([merge request](gitlab-org/security/gitlab!1809)) +- [Filter shared groups autocomplete by permitted](gitlab-org/security/gitlab@59999ab27cba402589b27d204cf29678100e948b) ([merge request](gitlab-org/security/gitlab!1806)) **GitLab Enterprise Edition** +- [Require access token for git when 2fa is required](gitlab-org/security/gitlab@6a4a75efd7685a69ffa7cc4c027c7058013cca45) ([merge request](gitlab-org/security/gitlab!1796)) +- [Disable exporting pipeline triggers on project export](gitlab-org/security/gitlab@8a8c78ed054def210013a849195939d7888fcf65) ([merge request](gitlab-org/security/gitlab!1790)) +- [Add pagination to dependencies API](gitlab-org/security/gitlab@2a963ad670c60d1f3078fdf446ea755c5862fa26) ([merge request](gitlab-org/security/gitlab!1725)) **GitLab Enterprise Edition** +- [Permission check issuable template API data](gitlab-org/security/gitlab@9d95d13bc714e46b5e3697288c4b398cb5aee88b) ([merge request](gitlab-org/security/gitlab!1787)) **GitLab Enterprise Edition** +- [Apply account locking to password reset page](gitlab-org/security/gitlab@47ee79b1983de886f5ebe04b2975c2e37aa938ce) ([merge request](gitlab-org/security/gitlab!1784)) +- [Enforce configured scopes for Oauth applications](gitlab-org/security/gitlab@acf2d894c91aa7fb72ea32b10e50e94441885399) ([merge request](gitlab-org/security/gitlab!1781)) +- [Verify state before using errors from OAuth2 OmniAuth providers](gitlab-org/security/gitlab@20073576508aa239e52d8ff911c1dfd3df8af670) ([merge request](gitlab-org/security/gitlab!1778)) +- [Prevent moving epic issues to different group hierarchy](gitlab-org/security/gitlab@93c6ec69b7bc6c9124a2a5350cebebb57f63a28f) ([merge request](gitlab-org/security/gitlab!1774)) **GitLab Enterprise Edition** +- [Prevent showing not allowed subgroup epics](gitlab-org/security/gitlab@72a11e72425a033f3464d6ff12b4d06e12ec9faf) ([merge request](gitlab-org/security/gitlab!1766)) **GitLab Enterprise Edition** +- [Do not allow status checks to exist with external protected branches](gitlab-org/security/gitlab@8f96c013ccbbe9c52b3f03fb0d247debb1b157a8) ([merge request](gitlab-org/security/gitlab!1763)) **GitLab Enterprise Edition** +- [Fix GFM autocomplete xss](gitlab-org/security/gitlab@fd92dabddff5ae5d67a98aef5d858438520a2f06) ([merge request](gitlab-org/security/gitlab!1748)) +- [Prohibit anonymous access for specific user API endpoint](gitlab-org/security/gitlab@2e8a386430309a931dbbd47fba7540a53399ad64) ([merge request](gitlab-org/security/gitlab!1737)) +- [Fix denial-of-service attack in Markdown parser](gitlab-org/security/gitlab@5b6ed5212f880e2397dbea9ffc74cf0a35bd4411) ([merge request](gitlab-org/security/gitlab!1728)) + +## 14.1.6 (2021-09-27) + +### Fixed (1 change) + +- [Fix Elastic::MigrationWorker current_migration (2nd attempt)](gitlab-org/gitlab@f07c7a5f173a2fc053247664f21c03d29df543a4) ([merge request](gitlab-org/gitlab!71187)) **GitLab Enterprise Edition** + ## 14.1.5 (2021-09-02) ### Fixed (1 change) @@ -1223,6 +1850,12 @@ entry. - [Remove diffs gradual load feature flag](gitlab-org/gitlab@027d7c4327b5b6205a84281239027273517bf81b) ([merge request](gitlab-org/gitlab!55478)) - [Remove partial index for Hashed Storage migration](gitlab-org/gitlab@3ed017a1023d7b0941a7606b69e6caee8d22f15c) ([merge request](gitlab-org/gitlab!62920)) +## 14.0.11 (2021-09-23) + +### Fixed (1 change) + +- [Fix Elastic::MigrationWorker current_migration](gitlab-org/gitlab@0b72aace30bff0fda7a114862ec1e389ddaa5ead) ([merge request](gitlab-org/gitlab!71101)) **GitLab Enterprise Edition** + ## 14.0.10 (2021-09-02) No changes. @@ -1988,6 +2621,10 @@ No changes. - [Add missing metrics information](gitlab-org/gitlab@89cd7fe3b95323e635b2d73e08549b2e6153dc4d) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61772/edit)) - [Track usage of the resolve UI](gitlab-org/gitlab@35c8e30fce288cecefcf2f7c0077d4608e696519) ([merge request](gitlab-org/gitlab!61654)) +## 13.12.12 (2021-09-21) + +No changes. + ## 13.12.11 (2021-09-02) No changes. diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 14d9b7ca9f316439d7c1ad8138a4d967ffe0ef99..c98aa0f5258f8e500a438d3e107925d4917949b7 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -1418db66513d291e36fb5877b032e109763ec733 +4f0a07ba39f14adacf7d482128a5de2bb84f0eac diff --git a/GITLAB_ELASTICSEARCH_INDEXER_VERSION b/GITLAB_ELASTICSEARCH_INDEXER_VERSION index fb2c0766b7cc222e3f7c0296bcd6cbf144995f36..68e69e405ee6c7285064b68327d2111fe46aeda0 100644 --- a/GITLAB_ELASTICSEARCH_INDEXER_VERSION +++ b/GITLAB_ELASTICSEARCH_INDEXER_VERSION @@ -1 +1 @@ -2.13.0 +2.15.0 diff --git a/GITLAB_KAS_VERSION b/GITLAB_KAS_VERSION index e4eccd4e6cd018ba5b3055d785174c74d2fad704..72f51351fcd88aa30e0894d4e35961c9bba0edc9 100644 --- a/GITLAB_KAS_VERSION +++ b/GITLAB_KAS_VERSION @@ -1 +1 @@ -14.2.2 +14.4.0 diff --git a/GITLAB_PAGES_VERSION b/GITLAB_PAGES_VERSION index b978278f05f53349a5a60e2ee793fa9ca5e44302..50aceaa7b715f2941dfceb6818906fe782321479 100644 --- a/GITLAB_PAGES_VERSION +++ b/GITLAB_PAGES_VERSION @@ -1 +1 @@ -1.43.0 +1.45.0 diff --git a/GITLAB_SHELL_VERSION b/GITLAB_SHELL_VERSION index 9dafbf994eb4bd98a8f61c41d5b8f8a7e0484474..12e42d263a9e800ea7acedc9b4235fe027a0ea4c 100644 --- a/GITLAB_SHELL_VERSION +++ b/GITLAB_SHELL_VERSION @@ -1 +1 @@ -13.21.0 +13.21.1 diff --git a/Gemfile b/Gemfile index f5e479dcf215baa53e4b569969d09cbb2a1d5bb7..1e6648df48bfe8775ddb7692ea17033e0c3359bf 100644 --- a/Gemfile +++ b/Gemfile @@ -2,7 +2,7 @@ source 'https://rubygems.org' -gem 'rails', '~> 6.1.3.2' +gem 'rails', '~> 6.1.4.1' gem 'bootsnap', '~> 1.4.6' @@ -32,7 +32,7 @@ gem 'bcrypt', '~> 3.1', '>= 3.1.14' gem 'doorkeeper', '~> 5.5.0.rc2' gem 'doorkeeper-openid_connect', '~> 1.7.5' gem 'rexml', '~> 3.2.5' -gem 'ruby-saml', '~> 1.12.1' +gem 'ruby-saml', '~> 1.13.0' gem 'omniauth', '~> 1.8' gem 'omniauth-auth0', '~> 2.0.0' gem 'omniauth-azure-activedirectory-v2', '~> 1.0' @@ -92,7 +92,7 @@ gem 'net-ldap', '~> 0.16.3' # API gem 'grape', '~> 1.5.2' -gem 'grape-entity', '~> 0.9.0' +gem 'grape-entity', '~> 0.10.0' gem 'rack-cors', '~> 1.0.6', require: 'rack/cors' # GraphQL API @@ -120,7 +120,7 @@ gem 'carrierwave', '~> 1.3' gem 'mini_magick', '~> 4.10.1' # for backups -gem 'fog-aws', '~> 3.9' +gem 'fog-aws', '~> 3.12' # Locked until fog-google resolves https://github.com/fog/fog-google/issues/421. # Also see config/initializers/fog_core_patch.rb. gem 'fog-core', '= 2.1.0' @@ -129,7 +129,7 @@ gem 'fog-local', '~> 0.6' gem 'fog-openstack', '~> 1.0' gem 'fog-rackspace', '~> 0.1.1' gem 'fog-aliyun', '~> 0.3' -gem 'gitlab-fog-azure-rm', '~> 1.1.1', require: false +gem 'gitlab-fog-azure-rm', '~> 1.2.0', require: false # for Google storage gem 'google-api-client', '~> 0.33' @@ -154,7 +154,7 @@ gem 'html-pipeline', '~> 2.13.2' gem 'deckar01-task_list', '2.3.1' gem 'gitlab-markup', '~> 1.7.1' gem 'github-markup', '~> 1.7.0', require: 'github/markup' -gem 'commonmarker', '~> 0.21' +gem 'commonmarker', '~> 0.23.2' gem 'kramdown', '~> 2.3.1' gem 'RedCloth', '~> 4.3.2' gem 'rdoc', '~> 6.3.2' @@ -165,7 +165,7 @@ gem 'asciidoctor', '~> 2.0.10' gem 'asciidoctor-include-ext', '~> 0.3.1', require: false gem 'asciidoctor-plantuml', '~> 0.0.12' gem 'asciidoctor-kroki', '~> 0.5.0', require: false -gem 'rouge', '~> 3.26.0' +gem 'rouge', '~> 3.26.1' gem 'truncato', '~> 0.7.11' gem 'bootstrap_form', '~> 4.2.0' gem 'nokogiri', '~> 1.11.4' @@ -195,10 +195,10 @@ gem 'state_machines-activerecord', '~> 0.8.0' gem 'acts-as-taggable-on', '~> 7.0' # Background jobs -gem 'sidekiq', '~> 5.2.7' +gem 'sidekiq', '~> 6.2.2' gem 'sidekiq-cron', '~> 1.0' gem 'redis-namespace', '~> 1.8.1' -gem 'gitlab-sidekiq-fetcher', '0.5.6', require: 'sidekiq-reliable-fetch' +gem 'gitlab-sidekiq-fetcher', '0.8.0', require: 'sidekiq-reliable-fetch' # Cron Parser gem 'fugit', '~> 1.2.1' @@ -229,7 +229,7 @@ gem 'js_regex', '~> 3.7' gem 'device_detector' # Redis -gem 'redis', '~> 4.1.4' +gem 'redis', '~> 4.4.0' gem 'connection_pool', '~> 2.0' # Redis session store @@ -341,7 +341,7 @@ group :development do gem 'lefthook', '~> 0.7.0', require: false gem 'solargraph', '~> 0.43', require: false - gem 'letter_opener_web', '~> 1.4.0' + gem 'letter_opener_web', '~> 1.4.1' # Better errors handler gem 'better_errors', '~> 2.9.0' @@ -355,7 +355,7 @@ group :development, :test do gem 'bullet', '~> 6.1.3' gem 'pry-byebug' gem 'pry-rails', '~> 0.3.9' - gem 'pry-shell', '~> 0.4.0' + gem 'pry-shell', '~> 0.5.0' gem 'awesome_print', require: false @@ -372,7 +372,7 @@ group :development, :test do gem 'spring', '~> 2.1.0' gem 'spring-commands-rspec', '~> 1.0.4' - gem 'gitlab-styles', '~> 6.2.0', require: false + gem 'gitlab-styles', '~> 6.3.0', require: false gem 'haml_lint', '~> 0.36.0', require: false gem 'bundler-audit', '~> 0.7.0.1', require: false @@ -424,7 +424,7 @@ group :test do gem 'webmock', '~> 3.9.1' gem 'rails-controller-testing' gem 'concurrent-ruby', '~> 1.1' - gem 'test-prof', '~> 0.12.0' + gem 'test-prof', '~> 1.0.7' gem 'rspec_junit_formatter' gem 'guard-rspec' @@ -474,7 +474,7 @@ end gem 'spamcheck', '~> 0.1.0' # Gitaly GRPC protocol definitions -gem 'gitaly', '~> 14.3.0.pre.rc1' +gem 'gitaly', '~> 14.3.0.pre.rc2' # KAS GRPC protocol definitions gem 'kas-grpc', '~> 0.0.2' @@ -522,7 +522,7 @@ gem 'lockbox', '~> 0.6.2' gem 'valid_email', '~> 0.1' # JSON -gem 'json', '~> 2.3.0' +gem 'json', '~> 2.5.1' gem 'json_schemer', '~> 0.2.18' gem 'oj', '~> 3.10.6' gem 'multi_json', '~> 1.14.1' diff --git a/Gemfile.lock b/Gemfile.lock index 8b8cd1691e0f2fffd58bd47b31d6e398f5759829..1fc0e3b713986db60cb592f9ce480bc13c96caa7 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -11,63 +11,63 @@ GEM RedCloth (4.3.2) acme-client (2.0.6) faraday (>= 0.17, < 2.0.0) - actioncable (6.1.3.2) - actionpack (= 6.1.3.2) - activesupport (= 6.1.3.2) + actioncable (6.1.4.1) + actionpack (= 6.1.4.1) + activesupport (= 6.1.4.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.3.2) - actionpack (= 6.1.3.2) - activejob (= 6.1.3.2) - activerecord (= 6.1.3.2) - activestorage (= 6.1.3.2) - activesupport (= 6.1.3.2) + actionmailbox (6.1.4.1) + actionpack (= 6.1.4.1) + activejob (= 6.1.4.1) + activerecord (= 6.1.4.1) + activestorage (= 6.1.4.1) + activesupport (= 6.1.4.1) mail (>= 2.7.1) - actionmailer (6.1.3.2) - actionpack (= 6.1.3.2) - actionview (= 6.1.3.2) - activejob (= 6.1.3.2) - activesupport (= 6.1.3.2) + actionmailer (6.1.4.1) + actionpack (= 6.1.4.1) + actionview (= 6.1.4.1) + activejob (= 6.1.4.1) + activesupport (= 6.1.4.1) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (6.1.3.2) - actionview (= 6.1.3.2) - activesupport (= 6.1.3.2) + actionpack (6.1.4.1) + actionview (= 6.1.4.1) + activesupport (= 6.1.4.1) rack (~> 2.0, >= 2.0.9) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.3.2) - actionpack (= 6.1.3.2) - activerecord (= 6.1.3.2) - activestorage (= 6.1.3.2) - activesupport (= 6.1.3.2) + actiontext (6.1.4.1) + actionpack (= 6.1.4.1) + activerecord (= 6.1.4.1) + activestorage (= 6.1.4.1) + activesupport (= 6.1.4.1) nokogiri (>= 1.8.5) - actionview (6.1.3.2) - activesupport (= 6.1.3.2) + actionview (6.1.4.1) + activesupport (= 6.1.4.1) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (6.1.3.2) - activesupport (= 6.1.3.2) + activejob (6.1.4.1) + activesupport (= 6.1.4.1) globalid (>= 0.3.6) - activemodel (6.1.3.2) - activesupport (= 6.1.3.2) - activerecord (6.1.3.2) - activemodel (= 6.1.3.2) - activesupport (= 6.1.3.2) + activemodel (6.1.4.1) + activesupport (= 6.1.4.1) + activerecord (6.1.4.1) + activemodel (= 6.1.4.1) + activesupport (= 6.1.4.1) activerecord-explain-analyze (0.1.0) activerecord (>= 4) pg - activestorage (6.1.3.2) - actionpack (= 6.1.3.2) - activejob (= 6.1.3.2) - activerecord (= 6.1.3.2) - activesupport (= 6.1.3.2) + activestorage (6.1.4.1) + actionpack (= 6.1.4.1) + activejob (= 6.1.4.1) + activerecord (= 6.1.4.1) + activesupport (= 6.1.4.1) marcel (~> 1.0.0) - mini_mime (~> 1.0.2) - activesupport (6.1.3.2) + mini_mime (>= 1.1.0) + activesupport (6.1.4.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -200,8 +200,7 @@ GEM open4 (~> 1.3) coderay (1.1.3) colored2 (3.1.2) - commonmarker (0.21.0) - ruby-enum (~> 0.5) + commonmarker (0.23.2) concurrent-ruby (1.1.9) connection_pool (2.2.2) contracts (0.11.0) @@ -395,7 +394,7 @@ GEM fog-json ipaddress (~> 0.8) xml-simple (~> 1.1) - fog-aws (3.9.0) + fog-aws (3.12.0) fog-core (~> 2.1) fog-json (~> 1.1) fog-xml (~> 0.1) @@ -453,7 +452,7 @@ GEM rails (>= 3.2.0) git (1.7.0) rchardet (~> 1.8) - gitaly (14.3.0.pre.rc1) + gitaly (14.3.0.pre.rc2) grpc (~> 1.0) github-markup (1.7.0) gitlab (4.16.1) @@ -468,7 +467,7 @@ GEM activesupport (>= 3.0) request_store (>= 1.0) scientist (~> 1.6, >= 1.6.0) - gitlab-fog-azure-rm (1.1.1) + gitlab-fog-azure-rm (1.2.0) azure-storage-blob (~> 2.0) azure-storage-common (~> 2.0) fog-core (= 2.1.0) @@ -491,9 +490,9 @@ GEM addressable (~> 2.7) omniauth (~> 1.9) openid_connect (~> 1.2) - gitlab-sidekiq-fetcher (0.5.6) - sidekiq (~> 5) - gitlab-styles (6.2.0) + gitlab-sidekiq-fetcher (0.8.0) + sidekiq (~> 6.1) + gitlab-styles (6.3.0) rubocop (~> 0.91, >= 0.91.1) rubocop-gitlab-security (~> 0.1.1) rubocop-performance (~> 1.9.2) @@ -506,8 +505,8 @@ GEM omniauth (~> 1.3) pyu-ruby-sasl (>= 0.0.3.3, < 0.1) rubyntlm (~> 0.5) - globalid (0.4.2) - activesupport (>= 4.2.0) + globalid (0.5.2) + activesupport (>= 5.0) gon (6.4.0) actionpack (>= 3.0.20) i18n (>= 0.7) @@ -543,7 +542,7 @@ GEM mustermann-grape (~> 1.0.0) rack (>= 1.3.0) rack-accept - grape-entity (0.9.0) + grape-entity (0.10.0) activesupport (>= 3.0.0) multi_json (>= 1.3.2) grape-path-helpers (1.7.0) @@ -657,7 +656,7 @@ GEM character_set (~> 1.4) regexp_parser (~> 2.1) regexp_property_values (~> 1.0) - json (2.3.0) + json (2.5.1) json-jwt (1.13.0) activesupport (>= 4.2) aes_key_wrap @@ -700,7 +699,7 @@ GEM lefthook (0.7.5) letter_opener (1.7.0) launchy (~> 2.2) - letter_opener_web (1.4.0) + letter_opener_web (1.4.1) actionmailer (>= 3.2) letter_opener (~> 1.0) railties (>= 3.2) @@ -747,7 +746,7 @@ GEM mime-types-data (3.2020.0512) mini_histogram (0.3.1) mini_magick (4.10.1) - mini_mime (1.0.2) + mini_mime (1.1.1) mini_portile2 (2.5.3) minitest (5.11.3) mixlib-cli (2.1.8) @@ -784,7 +783,7 @@ GEM net-ssh (>= 2.6.5, < 7.0.0) net-ssh (6.0.0) netrc (0.11.0) - nio4r (2.5.4) + nio4r (2.5.8) no_proxy_fix (0.1.2) nokogiri (1.11.7) mini_portile2 (~> 2.5.0) @@ -900,7 +899,7 @@ GEM orm_adapter (0.5.0) os (1.1.1) parallel (1.20.1) - parser (3.0.0.0) + parser (3.0.2.0) ast (~> 2.4.1) parslet (1.8.2) pastel (0.8.0) @@ -934,7 +933,7 @@ GEM pry (~> 0.13.0) pry-rails (0.3.9) pry (>= 0.10.4) - pry-shell (0.4.1) + pry-shell (0.5.0) pry (~> 0.13.0) tty-markdown tty-prompt @@ -960,27 +959,25 @@ GEM httpclient json-jwt (>= 1.11.0) rack (>= 2.1.0) - rack-protection (2.0.5) - rack rack-proxy (0.6.0) rack rack-test (1.1.0) rack (>= 1.0, < 3) rack-timeout (0.5.2) - rails (6.1.3.2) - actioncable (= 6.1.3.2) - actionmailbox (= 6.1.3.2) - actionmailer (= 6.1.3.2) - actionpack (= 6.1.3.2) - actiontext (= 6.1.3.2) - actionview (= 6.1.3.2) - activejob (= 6.1.3.2) - activemodel (= 6.1.3.2) - activerecord (= 6.1.3.2) - activestorage (= 6.1.3.2) - activesupport (= 6.1.3.2) + rails (6.1.4.1) + actioncable (= 6.1.4.1) + actionmailbox (= 6.1.4.1) + actionmailer (= 6.1.4.1) + actionpack (= 6.1.4.1) + actiontext (= 6.1.4.1) + actionview (= 6.1.4.1) + activejob (= 6.1.4.1) + activemodel (= 6.1.4.1) + activerecord (= 6.1.4.1) + activestorage (= 6.1.4.1) + activesupport (= 6.1.4.1) bundler (>= 1.15.0) - railties (= 6.1.3.2) + railties (= 6.1.4.1) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) @@ -994,11 +991,11 @@ GEM rails-i18n (6.0.0) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 7) - railties (6.1.3.2) - actionpack (= 6.1.3.2) - activesupport (= 6.1.3.2) + railties (6.1.4.1) + actionpack (= 6.1.4.1) + activesupport (= 6.1.4.1) method_source - rake (>= 0.8.7) + rake (>= 0.13) thor (~> 1.0) rainbow (3.0.0) rake (13.0.6) @@ -1018,7 +1015,7 @@ GEM recaptcha (4.13.1) json recursive-open-struct (1.1.3) - redis (4.1.4) + redis (4.4.0) redis-actionpack (5.2.0) actionpack (>= 5, < 7) redis-rack (>= 2.1.0, < 3) @@ -1052,7 +1049,7 @@ GEM rexml (3.2.5) rinku (2.0.0) rotp (6.2.0) - rouge (3.26.0) + rouge (3.26.1) rqrcode (0.7.0) chunky_png rqrcode-rails3 (0.1.7) @@ -1116,15 +1113,13 @@ GEM rubocop-rspec (1.44.1) rubocop (~> 0.87) rubocop-ast (>= 0.7.1) - ruby-enum (0.8.0) - i18n ruby-fogbugz (0.2.1) crack (~> 0.4) ruby-magic (0.4.0) mini_portile2 (~> 2.5.0) ruby-prof (1.3.1) ruby-progressbar (1.11.0) - ruby-saml (1.12.1) + ruby-saml (1.13.0) nokogiri (>= 1.10.5) rexml ruby-statistics (2.1.2) @@ -1175,11 +1170,10 @@ GEM shellany (0.0.1) shoulda-matchers (4.0.1) activesupport (>= 4.2.0) - sidekiq (5.2.9) - connection_pool (~> 2.2, >= 2.2.2) + sidekiq (6.2.2) + connection_pool (>= 2.2.2) rack (~> 2.0) - rack-protection (>= 1.5.0) - redis (>= 3.3.5, < 4.2) + redis (>= 4.2.0) sidekiq-cron (1.0.4) fugit (~> 1.1) sidekiq (>= 4.2.1) @@ -1257,7 +1251,7 @@ GEM unicode-display_width (~> 1.1, >= 1.1.1) terser (1.0.2) execjs (>= 0.3.0, < 3) - test-prof (0.12.0) + test-prof (1.0.7) test_file_finder (0.1.4) faraday (~> 1.0) text (1.3.1) @@ -1357,7 +1351,7 @@ GEM crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) webrick (1.6.1) - websocket-driver (0.7.3) + websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) wikicloth (0.8.1) @@ -1414,7 +1408,7 @@ DEPENDENCIES capybara-screenshot (~> 1.0.22) carrierwave (~> 1.3) charlock_holmes (~> 0.7.7) - commonmarker (~> 0.21) + commonmarker (~> 0.23.2) concurrent-ruby (~> 1.1) connection_pool (~> 2.0) countries (~> 3.0) @@ -1452,7 +1446,7 @@ DEPENDENCIES flipper-active_support_cache_store (~> 0.21.0) flowdock (~> 0.7) fog-aliyun (~> 0.3) - fog-aws (~> 3.9) + fog-aws (~> 3.12) fog-core (= 2.1.0) fog-google (~> 1.15) fog-local (~> 0.6) @@ -1464,20 +1458,20 @@ DEPENDENCIES gettext (~> 3.3) gettext_i18n_rails (~> 1.8.0) gettext_i18n_rails_js (~> 1.3) - gitaly (~> 14.3.0.pre.rc1) + gitaly (~> 14.3.0.pre.rc2) github-markup (~> 1.7.0) gitlab-chronic (~> 0.10.5) gitlab-dangerfiles (~> 2.3.0) gitlab-experiment (~> 0.6.4) - gitlab-fog-azure-rm (~> 1.1.1) + gitlab-fog-azure-rm (~> 1.2.0) gitlab-labkit (~> 0.21.1) gitlab-license (~> 2.0) gitlab-mail_room (~> 0.0.9) gitlab-markup (~> 1.7.1) gitlab-net-dns (~> 0.9.1) gitlab-omniauth-openid-connect (~> 0.8.0) - gitlab-sidekiq-fetcher (= 0.5.6) - gitlab-styles (~> 6.2.0) + gitlab-sidekiq-fetcher (= 0.8.0) + gitlab-styles (~> 6.3.0) gitlab_chronic_duration (~> 0.10.6.2) gitlab_omniauth-ldap (~> 2.1.1) gon (~> 6.4.0) @@ -1485,7 +1479,7 @@ DEPENDENCIES google-protobuf (~> 3.17.1) gpgme (~> 2.0.19) grape (~> 1.5.2) - grape-entity (~> 0.9.0) + grape-entity (~> 0.10.0) grape-path-helpers (~> 1.7.0) grape_logging (~> 1.7) graphiql-rails (~> 1.4.10) @@ -1509,7 +1503,7 @@ DEPENDENCIES ipaddress (~> 0.8.3) jira-ruby (~> 2.1.4) js_regex (~> 3.7) - json (~> 2.3.0) + json (~> 2.5.1) json_schemer (~> 0.2.18) jwt (~> 2.1.0) kaminari (~> 1.0) @@ -1518,7 +1512,7 @@ DEPENDENCIES kramdown (~> 2.3.1) kubeclient (~> 4.9.2) lefthook (~> 0.7.0) - letter_opener_web (~> 1.4.0) + letter_opener_web (~> 1.4.1) license_finder (~> 6.0) licensee (~> 9.14.1) lockbox (~> 0.6.2) @@ -1570,7 +1564,7 @@ DEPENDENCIES prometheus-client-mmap (~> 0.15.0) pry-byebug pry-rails (~> 0.3.9) - pry-shell (~> 0.4.0) + pry-shell (~> 0.5.0) puma (~> 5.3.1) puma_worker_killer (~> 0.3.1) rack (~> 2.2.3) @@ -1579,7 +1573,7 @@ DEPENDENCIES rack-oauth2 (~> 1.16.0) rack-proxy (~> 0.6.0) rack-timeout (~> 0.5.1) - rails (~> 6.1.3.2) + rails (~> 6.1.4.1) rails-controller-testing rails-i18n (~> 6.0) rainbow (~> 3.0) @@ -1588,14 +1582,14 @@ DEPENDENCIES rdoc (~> 6.3.2) re2 (~> 1.2.0) recaptcha (~> 4.11) - redis (~> 4.1.4) + redis (~> 4.4.0) redis-actionpack (~> 5.2.0) redis-namespace (~> 1.8.1) request_store (~> 1.5) responders (~> 3.0) retriable (~> 3.1.2) rexml (~> 3.2.5) - rouge (~> 3.26.0) + rouge (~> 3.26.1) rqrcode-rails3 (~> 0.1.7) rspec-parameterized rspec-rails (~> 5.0.1) @@ -1606,7 +1600,7 @@ DEPENDENCIES ruby-magic (~> 0.4) ruby-prof (~> 1.3.0) ruby-progressbar (~> 1.10) - ruby-saml (~> 1.12.1) + ruby-saml (~> 1.13.0) ruby_parser (~> 3.15) rubyzip (~> 2.0.0) rugged (~> 1.1) @@ -1617,7 +1611,7 @@ DEPENDENCIES sentry-raven (~> 3.1) settingslogic (~> 2.0.9) shoulda-matchers (~> 4.0.1) - sidekiq (~> 5.2.7) + sidekiq (~> 6.2.2) sidekiq-cron (~> 1.0) simple_po_parser (~> 1.1.2) simplecov (~> 0.18.5) @@ -1634,7 +1628,7 @@ DEPENDENCIES state_machines-activerecord (~> 0.8.0) sys-filesystem (~> 1.1.6) terser (= 1.0.2) - test-prof (~> 0.12.0) + test-prof (~> 1.0.7) test_file_finder (~> 0.1.3) thin (~> 1.8.0) thrift (>= 0.14.0) diff --git a/README.md b/README.md index ee7eef9aa2d2e3c6999ec59c377ea1904cb7d135..73d0ffc3d34c72b57131dc697097dfcd0c8629fd 100644 --- a/README.md +++ b/README.md @@ -81,7 +81,7 @@ GitLab is a Ruby on Rails application that runs on the following software: - Ubuntu/Debian/CentOS/RHEL/OpenSUSE - Ruby (MRI) 2.7.4 -- Git 2.31+ +- Git 2.33+ - Redis 5.0+ - PostgreSQL 12+ diff --git a/VERSION b/VERSION index 052293672b2f4dbeb7532c9130842a3fc292598f..d94fa58b68ed3c0f70971c225cedd8ac7d21493b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -14.3.0-pre \ No newline at end of file +14.4.0-pre \ No newline at end of file diff --git a/app/assets/images/logos/zentao.svg b/app/assets/images/logos/zentao.svg new file mode 100644 index 0000000000000000000000000000000000000000..d2115b72aee056ed8b7f30ca0d370134979d850a --- /dev/null +++ b/app/assets/images/logos/zentao.svg @@ -0,0 +1,14 @@ + + + + + + + + + diff --git a/app/assets/javascripts/access_tokens/index.js b/app/assets/javascripts/access_tokens/index.js index 7f5f0403de627a993230dcb51123d763856f3e2a..2cd3a8f12eefe9d9169b0ddd3a1be01f672a669a 100644 --- a/app/assets/javascripts/access_tokens/index.js +++ b/app/assets/javascripts/access_tokens/index.js @@ -49,7 +49,7 @@ export const initProjectsField = () => { { default: createDefaultClient }, ]) => { const apolloProvider = new VueApollo({ - defaultClient: createDefaultClient(), + defaultClient: createDefaultClient({}, { assumeImmutableResults: true }), }); Vue.use(VueApollo); diff --git a/app/assets/javascripts/admin/users/components/actions/delete.vue b/app/assets/javascripts/admin/users/components/actions/delete.vue index a0f4a4bf3820d6fd0eaebde14460dbe34ec56e59..e6dde5898e724d08d14d2c9af077f2800862fa32 100644 --- a/app/assets/javascripts/admin/users/components/actions/delete.vue +++ b/app/assets/javascripts/admin/users/components/actions/delete.vue @@ -14,7 +14,7 @@ export default { type: Object, required: true, }, - oncallSchedules: { + userDeletionObstacles: { type: Array, required: false, default: () => [], @@ -29,7 +29,7 @@ export default { :username="username" :paths="paths" :delete-path="paths.delete" - :oncall-schedules="oncallSchedules" + :user-deletion-obstacles="userDeletionObstacles" > diff --git a/app/assets/javascripts/admin/users/components/actions/delete_with_contributions.vue b/app/assets/javascripts/admin/users/components/actions/delete_with_contributions.vue index 02fd3efafa12aa1da36e1ff5c15476455dac453e..bd920a915163c2ae15bd664a577ce85e8b5e2883 100644 --- a/app/assets/javascripts/admin/users/components/actions/delete_with_contributions.vue +++ b/app/assets/javascripts/admin/users/components/actions/delete_with_contributions.vue @@ -14,7 +14,7 @@ export default { type: Object, required: true, }, - oncallSchedules: { + userDeletionObstacles: { type: Array, required: false, default: () => [], @@ -29,7 +29,7 @@ export default { :username="username" :paths="paths" :delete-path="paths.deleteWithContributions" - :oncall-schedules="oncallSchedules" + :user-deletion-obstacles="userDeletionObstacles" > diff --git a/app/assets/javascripts/admin/users/components/actions/shared/shared_delete_action.vue b/app/assets/javascripts/admin/users/components/actions/shared/shared_delete_action.vue index a1589c9d46dc4bea5217b5c9fcc880d8ef6085dd..c9f29b55dbfd5987b8a6c93c242ebf4c577ad750 100644 --- a/app/assets/javascripts/admin/users/components/actions/shared/shared_delete_action.vue +++ b/app/assets/javascripts/admin/users/components/actions/shared/shared_delete_action.vue @@ -22,7 +22,7 @@ export default { type: String, required: true, }, - oncallSchedules: { + userDeletionObstacles: { type: Array, required: true, }, @@ -34,7 +34,7 @@ export default { 'data-delete-user-url': this.deletePath, 'data-gl-modal-action': this.modalType, 'data-username': this.username, - 'data-oncall-schedules': JSON.stringify(this.oncallSchedules), + 'data-user-deletion-obstacles': JSON.stringify(this.userDeletionObstacles), }; }, }, diff --git a/app/assets/javascripts/admin/users/components/modals/delete_user_modal.vue b/app/assets/javascripts/admin/users/components/modals/delete_user_modal.vue index 413163c8536439520aee2406d88bcbb7aa89f045..ed90343777d25774fb66114020bc4e2883f61759 100644 --- a/app/assets/javascripts/admin/users/components/modals/delete_user_modal.vue +++ b/app/assets/javascripts/admin/users/components/modals/delete_user_modal.vue @@ -2,7 +2,7 @@ import { GlModal, GlButton, GlFormInput, GlSprintf } from '@gitlab/ui'; import * as Sentry from '@sentry/browser'; import { s__, sprintf } from '~/locale'; -import OncallSchedulesList from '~/vue_shared/components/oncall_schedules_list.vue'; +import UserDeletionObstaclesList from '~/vue_shared/components/user_deletion_obstacles/user_deletion_obstacles_list.vue'; export default { components: { @@ -10,7 +10,7 @@ export default { GlButton, GlFormInput, GlSprintf, - OncallSchedulesList, + UserDeletionObstaclesList, }, props: { title: { @@ -45,7 +45,7 @@ export default { type: String, required: true, }, - oncallSchedules: { + userDeletionObstacles: { type: String, required: false, default: '[]', @@ -66,9 +66,9 @@ export default { canSubmit() { return this.enteredUsername === this.username; }, - schedules() { + obstacles() { try { - return JSON.parse(this.oncallSchedules); + return JSON.parse(this.userDeletionObstacles); } catch (e) { Sentry.captureException(e); } @@ -112,12 +112,16 @@ export default {

- +

diff --git a/app/assets/javascripts/admin/users/components/user_actions.vue b/app/assets/javascripts/admin/users/components/user_actions.vue index c076e0bedf01bdab80c8729eba4edae4f81de774..4f4e2947341a12775bc41ea25e9d3f2e6c2cdc2d 100644 --- a/app/assets/javascripts/admin/users/components/user_actions.vue +++ b/app/assets/javascripts/admin/users/components/user_actions.vue @@ -9,6 +9,7 @@ import { } from '@gitlab/ui'; import { convertArrayToCamelCase } from '~/lib/utils/common_utils'; import { capitalizeFirstCharacter } from '~/lib/utils/text_utility'; +import { parseUserDeletionObstacles } from '~/vue_shared/components/user_deletion_obstacles/utils'; import { I18N_USER_ACTIONS } from '../constants'; import { generateUserPaths } from '../utils'; import Actions from './actions'; @@ -72,6 +73,9 @@ export default { href: this.userPaths.edit, }; }, + obstaclesForUserDeletion() { + return parseUserDeletionObstacles(this.user); + }, }, methods: { isLdapAction(action) { @@ -141,7 +145,7 @@ export default { :key="action" :paths="userPaths" :username="user.name" - :oncall-schedules="user.oncallSchedules" + :user-deletion-obstacles="obstaclesForUserDeletion" :data-testid="`delete-${action}`" > {{ $options.i18n[action] }} diff --git a/app/assets/javascripts/analytics/shared/components/projects_dropdown_filter.vue b/app/assets/javascripts/analytics/shared/components/projects_dropdown_filter.vue index a490111e13b4f134dc4234952c2904962053f833..0bdb45d35c96740652c21fe21b9f91c346bfa2d0 100644 --- a/app/assets/javascripts/analytics/shared/components/projects_dropdown_filter.vue +++ b/app/assets/javascripts/analytics/shared/components/projects_dropdown_filter.vue @@ -15,6 +15,8 @@ import { DEFAULT_DEBOUNCE_AND_THROTTLE_MS } from '~/lib/utils/constants'; import { n__, s__, __ } from '~/locale'; import getProjects from '../graphql/projects.query.graphql'; +const sortByProjectName = (projects = []) => projects.sort((a, b) => a.name.localeCompare(b.name)); + export default { name: 'ProjectsDropdownFilter', components: { @@ -88,6 +90,9 @@ export default { selectedProjectIds() { return this.selectedProjects.map((p) => p.id); }, + hasSelectedProjects() { + return Boolean(this.selectedProjects.length); + }, availableProjects() { return filterBySearchTerm(this.projects, this.searchTerm); }, @@ -95,6 +100,12 @@ export default { const { loading, availableProjects } = this; return !loading && !availableProjects.length; }, + selectedItems() { + return sortByProjectName(this.selectedProjects); + }, + unselectedItems() { + return this.availableProjects.filter(({ id }) => !this.selectedProjectIds.includes(id)); + }, }, watch: { searchTerm() { @@ -105,44 +116,53 @@ export default { this.search(); }, methods: { + handleUpdatedSelectedProjects() { + this.$emit('selected', this.selectedProjects); + }, search: debounce(function debouncedSearch() { this.fetchData(); }, DEFAULT_DEBOUNCE_AND_THROTTLE_MS), - getSelectedProjects(selectedProject, isMarking) { - return isMarking + getSelectedProjects(selectedProject, isSelected) { + return isSelected ? this.selectedProjects.concat([selectedProject]) : this.selectedProjects.filter((project) => project.id !== selectedProject.id); }, singleSelectedProject(selectedObj, isMarking) { return isMarking ? [selectedObj] : []; }, - setSelectedProjects(selectedObj, isMarking) { + setSelectedProjects(project) { this.selectedProjects = this.multiSelect - ? this.getSelectedProjects(selectedObj, isMarking) - : this.singleSelectedProject(selectedObj, isMarking); + ? this.getSelectedProjects(project, !this.isProjectSelected(project)) + : this.singleSelectedProject(project, !this.isProjectSelected(project)); }, - onClick({ project, isSelected }) { - this.setSelectedProjects(project, !isSelected); - this.$emit('selected', this.selectedProjects); + onClick(project) { + this.setSelectedProjects(project); + this.handleUpdatedSelectedProjects(); }, - onMultiSelectClick({ project, isSelected }) { - this.setSelectedProjects(project, !isSelected); + onMultiSelectClick(project) { + this.setSelectedProjects(project); this.isDirty = true; }, - onSelected(ev) { + onSelected(project) { if (this.multiSelect) { - this.onMultiSelectClick(ev); + this.onMultiSelectClick(project); } else { - this.onClick(ev); + this.onClick(project); } }, onHide() { if (this.multiSelect && this.isDirty) { - this.$emit('selected', this.selectedProjects); + this.handleUpdatedSelectedProjects(); } this.searchTerm = ''; this.isDirty = false; }, + onClearAll() { + if (this.hasSelectedProjects) { + this.isDirty = true; + } + this.selectedProjects = []; + }, fetchData() { this.loading = true; @@ -168,8 +188,8 @@ export default { this.projects = nodes; }); }, - isProjectSelected(id) { - return this.selectedProjects ? this.selectedProjectIds.includes(id) : false; + isProjectSelected(project) { + return this.selectedProjectIds.includes(project.id); }, getEntityId(project) { return getIdFromGraphQLId(project.id); @@ -182,6 +202,10 @@ export default { ref="projectsDropdown" class="dropdown dropdown-projects" toggle-class="gl-shadow-none" + :show-clear-all="hasSelectedProjects" + show-highlighted-items-title + highlighted-items-title-class="gl-p-3" + @clear-all.stop="onClearAll" @hide="onHide" > +
{ @@ -7,3 +8,64 @@ export const filterBySearchTerm = (data = [], searchTerm = '', filterByKey = 'na }; export const toYmd = (date) => dateFormat(date, dateFormats.isoDate); + +/** + * Takes a url and extracts query parameters used for the shared + * filter bar + * + * @param {string} url The URL to extract query parameters from + * @returns {Object} + */ +export const extractFilterQueryParameters = (url = '') => { + const { + source_branch_name = null, + target_branch_name = null, + author_username = null, + milestone_title = null, + assignee_username = [], + label_name = [], + } = urlQueryToFilter(url); + + return { + selectedSourceBranch: source_branch_name, + selectedTargetBranch: target_branch_name, + selectedAuthor: author_username, + selectedMilestone: milestone_title, + selectedAssigneeList: assignee_username, + selectedLabelList: label_name, + }; +}; + +/** + * Takes a url and extracts sorting and pagination query parameters into an object + * + * @param {string} url The URL to extract query parameters from + * @returns {Object} + */ +export const extractPaginationQueryParameters = (url = '') => { + const { sort, direction, page } = urlQueryToFilter(url); + return { + sort: sort?.value || null, + direction: direction?.value || null, + page: page?.value || null, + }; +}; + +export const getDataZoomOption = ({ + totalItems = 0, + maxItemsPerPage = 40, + dataZoom = [{ type: 'slider', bottom: 10, start: 0 }], +}) => { + if (totalItems <= maxItemsPerPage) { + return {}; + } + + const intervalEnd = Math.ceil((maxItemsPerPage / totalItems) * 100); + + return dataZoom.map((item) => { + return { + ...item, + end: intervalEnd, + }; + }); +}; diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js index 01e463c196539165e97b3f5e77c84b0b2787cbb8..adf3e122a6420e2db2273dccd2fb112843725f03 100644 --- a/app/assets/javascripts/api.js +++ b/app/assets/javascripts/api.js @@ -499,10 +499,10 @@ const Api = { return axios.put(url, params); }, - applySuggestionBatch(ids) { + applySuggestionBatch(ids, message) { const url = Api.buildUrl(Api.applySuggestionBatchPath); - return axios.put(url, { ids }); + return axios.put(url, { ids, commit_message: message }); }, commitPipelines(projectId, sha) { diff --git a/app/assets/javascripts/api/bulk_imports_api.js b/app/assets/javascripts/api/bulk_imports_api.js new file mode 100644 index 0000000000000000000000000000000000000000..d636cfdff0bf3cb23121065e0f1de53c671ef31d --- /dev/null +++ b/app/assets/javascripts/api/bulk_imports_api.js @@ -0,0 +1,7 @@ +import { buildApiUrl } from '~/api/api_utils'; +import axios from '~/lib/utils/axios_utils'; + +const BULK_IMPORT_ENTITIES_PATH = '/api/:version/bulk_imports/entities'; + +export const getBulkImportsHistory = (params) => + axios.get(buildApiUrl(BULK_IMPORT_ENTITIES_PATH), { params }); diff --git a/app/assets/javascripts/api/projects_api.js b/app/assets/javascripts/api/projects_api.js index 1cd7fb0b954070e8b53ee129213c0a9cf18bafbe..b018db9a02d0e408d3834e883e18a3f5089abd8c 100644 --- a/app/assets/javascripts/api/projects_api.js +++ b/app/assets/javascripts/api/projects_api.js @@ -3,6 +3,7 @@ import axios from '../lib/utils/axios_utils'; import { buildApiUrl } from './api_utils'; const PROJECTS_PATH = '/api/:version/projects.json'; +const PROJECT_IMPORT_MEMBERS_PATH = '/api/:version/projects/:id/import_project_members/:project_id'; export function getProjects(query, options, callback = () => {}) { const url = buildApiUrl(PROJECTS_PATH); @@ -25,3 +26,10 @@ export function getProjects(query, options, callback = () => {}) { return { data, headers }; }); } + +export function importProjectMembers(sourceId, targetId) { + const url = buildApiUrl(PROJECT_IMPORT_MEMBERS_PATH) + .replace(':id', sourceId) + .replace(':project_id', targetId); + return axios.post(url); +} diff --git a/app/assets/javascripts/artifacts_settings/index.js b/app/assets/javascripts/artifacts_settings/index.js index 531b42bc185874cfa46a48bae06007c094dea548..5c9f1c3129c2869d4eb033bd47c013e9a56f8dfc 100644 --- a/app/assets/javascripts/artifacts_settings/index.js +++ b/app/assets/javascripts/artifacts_settings/index.js @@ -6,7 +6,7 @@ import createDefaultClient from '~/lib/graphql'; Vue.use(VueApollo); const apolloProvider = new VueApollo({ - defaultClient: createDefaultClient(), + defaultClient: createDefaultClient({}, { assumeImmutableResults: true }), }); export default (containerId = 'js-artifacts-settings-app') => { diff --git a/app/assets/javascripts/authentication/two_factor_auth/components/manage_two_factor_form.vue b/app/assets/javascripts/authentication/two_factor_auth/components/manage_two_factor_form.vue new file mode 100644 index 0000000000000000000000000000000000000000..0b748f18cb2951f794af726c6266a00e57350e80 --- /dev/null +++ b/app/assets/javascripts/authentication/two_factor_auth/components/manage_two_factor_form.vue @@ -0,0 +1,103 @@ + + + diff --git a/app/assets/javascripts/authentication/two_factor_auth/components/recovery_codes.vue b/app/assets/javascripts/authentication/two_factor_auth/components/recovery_codes.vue index f89600fbed3582c08a89f6eddebd122d99c49f18..fe801cd460fa5ac826081f18d5f220248c938a76 100644 --- a/app/assets/javascripts/authentication/two_factor_auth/components/recovery_codes.vue +++ b/app/assets/javascripts/authentication/two_factor_auth/components/recovery_codes.vue @@ -165,7 +165,7 @@ export default { :title="$options.i18n.proceedButton" variant="confirm" data-qa-selector="proceed_button" - data-track-event="click_button" + data-track-action="click_button" :data-track-label="`${$options.trackingLabelPrefix}proceed_button`" >{{ $options.i18n.proceedButton }} diff --git a/app/assets/javascripts/authentication/two_factor_auth/index.js b/app/assets/javascripts/authentication/two_factor_auth/index.js index 5e59c44e8cd6c093abc8d73614f2a66b711013de..7d21c19ac4c3adb5fec8db78b6f205e8c4c640c4 100644 --- a/app/assets/javascripts/authentication/two_factor_auth/index.js +++ b/app/assets/javascripts/authentication/two_factor_auth/index.js @@ -1,8 +1,44 @@ import Vue from 'vue'; +import { parseBoolean } from '~/lib/utils/common_utils'; import { updateHistory, removeParams } from '~/lib/utils/url_utility'; +import ManageTwoFactorForm from './components/manage_two_factor_form.vue'; import RecoveryCodes from './components/recovery_codes.vue'; import { SUCCESS_QUERY_PARAM } from './constants'; +export const initManageTwoFactorForm = () => { + const el = document.querySelector('.js-manage-two-factor-form'); + + if (!el) { + return false; + } + + const { + webauthnEnabled = false, + currentPasswordRequired, + profileTwoFactorAuthPath = '', + profileTwoFactorAuthMethod = '', + codesProfileTwoFactorAuthPath = '', + codesProfileTwoFactorAuthMethod = '', + } = el.dataset; + + const isCurrentPasswordRequired = parseBoolean(currentPasswordRequired); + + return new Vue({ + el, + provide: { + webauthnEnabled, + isCurrentPasswordRequired, + profileTwoFactorAuthPath, + profileTwoFactorAuthMethod, + codesProfileTwoFactorAuthPath, + codesProfileTwoFactorAuthMethod, + }, + render(createElement) { + return createElement(ManageTwoFactorForm); + }, + }); +}; + export const initRecoveryCodes = () => { const el = document.querySelector('.js-2fa-recovery-codes'); diff --git a/app/assets/javascripts/autosave.js b/app/assets/javascripts/autosave.js index 0a05e0d44ce28e3bc87f31b08ede78ae9f67a57f..8381dcec9c33f0aea4548cfa143a3bfbfd52a9e8 100644 --- a/app/assets/javascripts/autosave.js +++ b/app/assets/javascripts/autosave.js @@ -6,7 +6,7 @@ export default class Autosave { constructor(field, key, fallbackKey, lockVersion) { this.field = field; - this.isLocalStorageAvailable = AccessorUtilities.isLocalStorageAccessSafe(); + this.isLocalStorageAvailable = AccessorUtilities.canUseLocalStorage(); if (key.join != null) { key = key.join('/'); } diff --git a/app/assets/javascripts/batch_comments/components/review_bar.vue b/app/assets/javascripts/batch_comments/components/review_bar.vue index 158b5f45d1c4dc3d8652ad19aad92317262a5973..bce13751448ea4db49beb6fdc78da4ba4d4a7a1a 100644 --- a/app/assets/javascripts/batch_comments/components/review_bar.vue +++ b/app/assets/javascripts/batch_comments/components/review_bar.vue @@ -1,5 +1,6 @@ @@ -96,7 +135,7 @@ export default {