debian-mirror-gitlab/debian/changelog

gitlab (14.9.5+ds1-1) experimental; urgency=medium

  * New upstream version 14.9.5+ds1 (Fixes: CVE-2022-1680, CVE-2022-1940,
    CVE-2022-1948, CVE-2022-1935, CVE-2022-1936, CVE-2022-1944, CVE-2022-1821,
    CVE-2022-1783)

 -- Pirate Praveen <praveen@debian.org>  Thu, 02 Jun 2022 21:08:59 +0530

gitlab (14.9.4+ds1-4) experimental; urgency=medium

  * Switch to packaged version of node-dateformat
  * Bump Standards-Version to 4.6.1 (no changes needed)

 -- Pirate Praveen <praveen@debian.org>  Sat, 14 May 2022 13:32:57 +0530

gitlab (14.9.4+ds1-3) experimental; urgency=medium

  * Switch to packaged version of node-mermaid
  * Use packaged versions of d3, d3-sankey and d3-selection node modules

 -- Pirate Praveen <praveen@debian.org>  Wed, 11 May 2022 18:19:22 +0530

gitlab (14.9.4+ds1-2) experimental; urgency=medium

  * Switch to packaged version of node-postcss

 -- Pirate Praveen <praveen@debian.org>  Tue, 10 May 2022 18:42:20 +0530

gitlab (14.9.4+ds1-1) experimental; urgency=medium

  * New upstream version 14.9.4+ds1
  * Refresh patches
  * Disable more tests that need unpackaged modules
  * Upstream no longer ships file/directory named docker
  * Update dependencies
  * Check if graphiql-rails is installed before installing it via gem command
  * Relax dependency on rdoc (ruby 3.0 don't specify any version)

 -- Pirate Praveen <praveen@debian.org>  Sun, 08 May 2022 22:07:43 +0530

gitlab (14.8.6+ds1-1) experimental; urgency=medium

  * New upstream security release 14.8.6+ds1 (Fixes: CVE-2022-1423,
    CVE-2022-1510, CVE-2022-1406, CVE-2022-1460, CVE-2022-1413, CVE-2022-1352,
    CVE-2022-1428, CVE-2022-1417, CVE-2022-1124, CVE-2022-1416, CVE-2022-1431,
    CVE-2022-1433, CVE-2022-1426)

 -- Pirate Praveen <praveen@debian.org>  Tue, 03 May 2022 16:17:47 +0530

gitlab (14.8.5+ds1-4) experimental; urgency=medium

  * Update minimum version of js-cookie to 3.0

 -- Pirate Praveen <praveen@debian.org>  Mon, 02 May 2022 17:48:11 +0530

gitlab (14.8.5+ds1-3) experimental; urgency=medium

  * Use packaged versions of clipboard, codemirror and cron-validator node
     modules
  * Update minimum version of ruby-rqrcode and ruby-webauthn

 -- Pirate Praveen <praveen@debian.org>  Sun, 10 Apr 2022 02:26:23 +0530

gitlab (14.8.5+ds1-2) experimental; urgency=medium

  * Update minimum version of ruby-gitlab-experiment
  * Export GEM_HOME from gitlab-rake.sh (Closes: #1008932)

 -- Pirate Praveen <praveen@debian.org>  Fri, 08 Apr 2022 23:33:47 +0530

gitlab (14.8.5+ds1-1) experimental; urgency=medium

  * Update minimum version of ruby-sidekiq-cron to 1.2
  * Fix max version of obsolete sherlock.rb initializer
  * New upstream version 14.8.5+ds1
  * Refresh patches
  * Update dependencies

 -- Pirate Praveen <praveen@debian.org>  Tue, 05 Apr 2022 18:12:33 +0530

gitlab (14.7.7+ds1-2) experimental; urgency=medium

  * Update minimum version of ruby-acme-client
  * Update minimum version of gitaly* to 14.7

 -- Pirate Praveen <praveen@debian.org>  Sat, 02 Apr 2022 14:08:54 +0530

gitlab (14.7.7+ds1-1) experimental; urgency=medium

  * Add ruby-webrick as dependency
  * Update minimum version of ruby-google-protobuf
  * Set GEM_HOME and GEM_PATH variables in rake-tasks.sh
  * New upstream version 14.7.7+ds1 (Fixes: CVE-2022-1162, CVE-2022-1175,
    CVE-2022-1190, CVE-2022-1185, CVE-2022-1148, CVE-2022-1121, CVE-2022-1120,
    CVE-2022-1100, CVE-2022-1193, CVE-2022-1105, CVE-2022-1099, CVE-2022-1174,
    CVE-2022-1188, CVE-2022-0740, CVE-2022-1189, CVE-2022-1157, CVE-2022-1111)
  * Refresh patches
  * Update minimum versions of dependencies
  * Switch back to ruby-grpc package from archive

 -- Pirate Praveen <praveen@debian.org>  Fri, 01 Apr 2022 21:51:31 +0530

gitlab (14.7.4+ds1-1) experimental; urgency=medium

  * Update minimum version of ruby-ruby-magic (for ruby-mini-portile2 compat)
  * Update minimum version of gitaly (for ruby-gollum-lib update)
  * New upstream version 14.7.4+ds1
  * Refresh patches (remove patches applied upstream)
  * Add parser gem to Gemfile
  * Remove obsolete initializer
  * Update dependencies
  * Install grpc and graphiql-rails using gem command

 -- Pirate Praveen <praveen@debian.org>  Thu, 03 Mar 2022 20:58:25 +0530

gitlab (14.6.5+ds1-2) experimental; urgency=medium

  * Relax dependency on ruby-sanitize (allow ruby-sanitize 6.0)

 -- Pirate Praveen <praveen@debian.org>  Sun, 27 Feb 2022 20:06:11 +0530

gitlab (14.6.5+ds1-1) experimental; urgency=medium

  * New upstream version 14.6.5+ds1 (Fixes: CVE-2022-0735, CVE-2022-0549,
    CVE-2022-0751, CVE-2022-0741, CVE-2021-4191, CVE-2022-0738, CVE-2022-0489)

 -- Pirate Praveen <praveen@debian.org>  Sun, 27 Feb 2022 12:52:23 +0530

gitlab (14.6.4+ds1-1) experimental; urgency=medium

  * Sort watch page based on recently created tags
  * New upstream version 14.6.4+ds1 (Fixes: CVE-2022-0427, CVE-2022-0425,
    CVE-2022-0123, CVE-2022-0136, CVE-2022-0283, CVE-2022-0390, CVE-2022-0373,
    CVE-2022-0371, CVE-2021-39943, CVE-2022-0477, CVE-2022-0167, CVE-2022-0249,
    CVE-2022-0344, CVE-2022-0488, CVE-2021-39931)
  * Refresh patches
  * Update minimum version of ruby-rouge to 3.27~
  * Move source to main section only gitlab binary package needs to be in
    contrib

 -- Pirate Praveen <praveen@debian.org>  Sat, 05 Feb 2022 19:16:42 +0530

gitlab (14.6.3+ds1-1) experimental; urgency=medium

  * New upstream version 14.6.3+ds1
  * Refresh patches
  * Handle newly added files
  * Update minimum versions of dependencies
  * Remove obsolete config files

 -- Pirate Praveen <praveen@debian.org>  Wed, 26 Jan 2022 23:32:03 +0530

gitlab (14.5.3+ds1-1) experimental; urgency=medium

  * Drop node-chart.js dependency and unused links to js libraries
  * New upstream security release 14.5.3+ds1 (Fixes: CVE-2021-39946,
    CVE-2022-0154, CVE-2022-0152, CVE-2022-0151, CVE-2022-0172, CVE-2022-0090,
    CVE-2022-0125, CVE-2022-0124, CVE-2021-39942, CVE-2022-0093, CVE-2021-39927)

 -- Pirate Praveen <praveen@debian.org>  Wed, 12 Jan 2022 13:07:24 +0530

gitlab (14.5.2+ds1-4) experimental; urgency=medium

  * Update minimum version of gitlab-common to 14.5

 -- Pirate Praveen <praveen@debian.org>  Fri, 17 Dec 2021 13:10:04 +0530

gitlab (14.5.2+ds1-3) experimental; urgency=medium

  * Rename debian/maintscript to debian/gitlab.mainscript
  * Add debhelper templates to preinst (fixes the removing obsolete
    conffile). Thanks to Nilesh Patra for helping troubleshoot.

 -- Pirate Praveen <praveen@debian.org>  Fri, 17 Dec 2021 00:17:59 +0530

gitlab (14.5.2+ds1-2) experimental; urgency=medium

  * Fix path in maintscript
  * Drop compat file, rely on debhelper-compat and bump compat level to 13
  * Adapt for debhelper compat 13

 -- Pirate Praveen <praveen@debian.org>  Thu, 16 Dec 2021 11:07:42 +0530

gitlab (14.5.2+ds1-1) experimental; urgency=medium

  * New upstream version 14.5.2+ds1
  * Refresh patches
  * Install newly added files
  * Update dependencies
  * Relax dependency on ipynbdiff in Gemfile
  * Remove obsolete feature flags

 -- Pirate Praveen <praveen@debian.org>  Sun, 12 Dec 2021 18:43:46 +0530

gitlab (14.4.4+ds1-1) experimental; urgency=medium

  * Build with golang-any >= 2:1.17
  * New upstream security release 14.4.4+ds1
  * Update minimum version of gitaly to 14.4.4
  * Refresh patches
  * Update minimum version of ruby-graphql to 1.11.10

 -- Pirate Praveen <praveen@debian.org>  Tue, 07 Dec 2021 22:29:12 +0530

gitlab (14.4.2+ds1-1) experimental; urgency=medium

  * New upstream version 14.4.2+ds1
  * Install new file added upstream
  * Refresh patches and remove obsolete patches
  * Update minimum versions of dependencies
  * Reorganize patches to nodejs and tweaks
  * Fix gitlab-puma service failing to start by requiring sidekiq/job_logger

 -- Pirate Praveen <praveen@debian.org>  Thu, 18 Nov 2021 23:45:44 +0530

gitlab (14.3.4+ds1-2) experimental; urgency=medium

  * Replace gitaly build dependency with golang-gitlab-gitlab-org-gitaly-dev
  * Update minimum versions of dependencies

 -- Pirate Praveen <praveen@debian.org>  Tue, 16 Nov 2021 22:07:30 +0530

gitlab (14.3.4+ds1-1) experimental; urgency=medium

  * New upstream version 14.3.4+ds1
  * Update dependencies
  * Refresh patches and create Gemfile subdirectory for patches

 -- Pirate Praveen <praveen@debian.org>  Tue, 16 Nov 2021 16:26:26 +0530

gitlab (14.2.6+ds1-3) experimental; urgency=medium

  * Lock @tiptap/extension-code-block to 2.0.0-beta.16

 -- Pirate Praveen <praveen@debian.org>  Fri, 05 Nov 2021 01:15:21 +0530

gitlab (14.2.6+ds1-2) experimental; urgency=medium

  * Switch to bash for quotes support in arguments for gitlab-rake
  * Update prior-version in maintscript for rm_conffile

 -- Pirate Praveen <praveen@debian.org>  Thu, 04 Nov 2021 02:03:07 +0530

gitlab (14.2.6+ds1-1) experimental; urgency=medium

  * New upstream version 14.2.5+ds1
  * Refresh patches
  * Update import path for workhorse
  * Update minimum version of golang gitab-labkit
  * Fix XS-Go-Import-Path (remove extra workhorse from import path)
  * Rename workhorse binary to gitlab-workhorse
  * New upstream version 14.2.6+ds1
  * Update minimum versions of gitaly, ruby-gitaly and gitlab-common
  * Relax dependency on rails in Gemfile
  * Update dependencies
  * Remove obsolete maintscript
  * Force specific version of monaco-editor-webpack-plugin for compatibility
  * Update minimum version of ruby-unleash
  * Use matching version of @tiptap/core in package.json
  * Add a preinst script to check version of postgresql
  * Tighten some tiptap extension versions too in package.json

 -- Pirate Praveen <praveen@debian.org>  Thu, 04 Nov 2021 00:51:54 +0530

gitlab (14.1.7+ds1-2) experimental; urgency=medium

  * Update min versions of gitaly, ruby-gitaly, gitlab-common, ruby-gitlab-labkit

 -- Pirate Praveen <praveen@debian.org>  Mon, 04 Oct 2021 20:55:32 +0530

gitlab (14.1.7+ds1-1) experimental; urgency=medium

  [ Sruthi Chandran ]
  * New upstream version 14.1.7+ds1
  * Remove patches no longer required
  * Refresh patches
  * Run upstream file check before dh_install
  * Set minimum versions for deps
  * Install .browserslistrc
  * Relax autoprefixer-rails version to ~> 10.2

  [ Pirate Praveen ]
  * Remove manual resolution for monaco-editor and fix version incompatibility
    (Closes: #995572)
  * Don't add babel plugins now added by upstream again in babel.config.js

 -- Pirate Praveen <praveen@debian.org>  Sun, 03 Oct 2021 02:22:04 +0530

gitlab (14.0.10-2) experimental; urgency=medium

  * Update minimum versions of dependencies, for upgrading from buster, thanks
    to lepalom for reporting. nodejs (>= 12~) for yarn 3.0, ruby-grape-logging
    (>= 1.8~), postgresql-contrib (>= 12~)

 -- Pirate Praveen <praveen@debian.org>  Mon, 20 Sep 2021 23:18:46 +0530

gitlab (14.0.10-1) experimental; urgency=medium

  [ Pirate Praveen ]
  * Bump Standards-Version to 4.6.0 (no changes needed)

  [ Sruthi Chandran ]
  * New upstream version 14.0.10
  * Add golang-github-hashicorp-yamux-dev to builddeps
  * Set minimum version for golang-google-grpc-dev
  * Disable failing tests
  * Update upstream-file-list, install file and ignored-file-list
  * Update upstream file check sh
  * Update maintscript (remove obsolete initializers)

  [ Pirate Praveen ]
  * Update minimum versions of dependencies and add new dependencies
  * Relax dependency on autoprefixer-rails in Gemfile
  * Remove obsolete initializers
  * Remove config/initializers/mailer_retries.rb in clean (we have sidekiq 6)
  * Fix activerecord 6.1.4 compatibility issue with postgresql cte (Closes: #993901)
  * Add openssh-server to recommends (systemd nspawn do not have this by default)

 -- Pirate Praveen <praveen@debian.org>  Thu, 09 Sep 2021 15:47:59 +0530

gitlab (13.12.9+ds1-3) experimental; urgency=medium

  * Change ruby2.7 dependency to ruby (for scripts that needs ruby)
  * Update minimum version of ruby-rqrcode-rails3 for 2FA fix
  * Switch back to using ruby-grpc package (instead of rubygems.org version)

 -- Pirate Praveen <praveen@debian.org>  Tue, 10 Aug 2021 21:07:58 +0530

gitlab (13.12.9+ds1-2) experimental; urgency=medium

  * Switch back to using packaged ruby-google-protobuf (see #992008)

 -- Pirate Praveen <praveen@debian.org>  Tue, 10 Aug 2021 01:05:43 +0530

gitlab (13.12.9+ds1-1) experimental; urgency=medium

  * New upstream security release 13.12.9+ds1 (Fixes: CVE-2021-22237,
    CVE-2021-22236, CVE-2021-22239)

 -- Pirate Praveen <praveen@debian.org>  Wed, 04 Aug 2021 16:31:30 +0530

gitlab (13.12.8+ds1-1) experimental; urgency=medium

  * New upstream security release 13.12.8+ds1
    Fixes: Arbitrary file read via design feature (Severity: critical)

 -- Pirate Praveen <praveen@debian.org>  Thu, 08 Jul 2021 21:54:12 +0530

gitlab (13.12.6+ds1-1) experimental; urgency=medium

  * New upstream security release 13.12.6+ds1 (Fixes: CVE-2021-22223 and more)
  * Refresh patches
  * Update minimum versions of ruby-rails and ruby-nokogiri

 -- Pirate Praveen <praveen@debian.org>  Fri, 02 Jul 2021 01:38:52 +0530

gitlab (13.12.4+ds1-1) experimental; urgency=medium

  * Update minimum version of golang-any (>= 2:1.15~)
  * Export GEM_HOME in gitlab-rails-console script
  * Install grpc and google-protobuf before GEM_HOME is set
  * New upstream version 13.12.4+ds1

 -- Pirate Praveen <praveen@debian.org>  Mon, 21 Jun 2021 23:58:09 +0530

gitlab (13.12.3+ds1-7) experimental; urgency=medium

  * Set GEM_HOME variable in gitlab-debian.conf (this is required for gems
    installed from rubygems.org)

 -- Pirate Praveen <praveen@debian.org>  Mon, 21 Jun 2021 15:14:42 +0530

gitlab (13.12.3+ds1-6) experimental; urgency=medium

  * Move gem install to start of postinst, before regenerating Gemfile.lock
    (Closes: #990103)

 -- Pirate Praveen <praveen@debian.org>  Mon, 21 Jun 2021 14:09:44 +0530

gitlab (13.12.3+ds1-5) experimental; urgency=medium

  * Add workaround for #989774 (install google-protobuf from rubygems.org)

 -- Pirate Praveen <praveen@debian.org>  Mon, 21 Jun 2021 01:03:03 +0530

gitlab (13.12.3+ds1-4) experimental; urgency=medium

  * Update minimum version of ruby-gitlab-experiment to 0.5.4

 -- Pirate Praveen <praveen@debian.org>  Fri, 18 Jun 2021 23:01:32 +0530

gitlab (13.12.3+ds1-3) experimental; urgency=medium

  * Update minimum version of ohai to 16.13.0-2

 -- Pirate Praveen <praveen@debian.org>  Thu, 17 Jun 2021 22:20:21 +0530

gitlab (13.12.3+ds1-2) experimental; urgency=medium

  * Backport fix for rails 6.0.3.7 support (Thanks to Antoine Le Gonidec)
    (Closes: #989791)

 -- Pirate Praveen <praveen@debian.org>  Thu, 17 Jun 2021 20:09:59 +0530

gitlab (13.12.3+ds1-1) experimental; urgency=medium

  * [d8d5ad1] New upstream version 13.12.3+ds1
  * Refresh patches
  * Handle new files included by upstream
  * Relax dependency on autoprefixer gem in Gemfile
  * Update dependencies
  * Remove dependency on ruby-google-protobuf (See #989774)

 -- Pirate Praveen <praveen@debian.org>  Thu, 10 Jun 2021 00:27:31 +0530

gitlab (13.11.5+ds1-1) experimental; urgency=medium

  * New upstream security release 13.11.5+ds1 (Fixes: CVE-2021-22181)

 -- Pirate Praveen <praveen@debian.org>  Wed, 02 Jun 2021 17:13:59 +0530

gitlab (13.11.3+ds1-1) experimental; urgency=medium

  * Relax dependency of gon in Gemfile and update minimum version in d/control
  * Use node-rails-actioncable from system
  * Drop dependency on ruby-jquery-atwho-rails (no longer used)
  * New upstream patch release 13.11.3+ds1

 -- Pirate Praveen <praveen@debian.org>  Wed, 12 May 2021 15:55:16 +0530

gitlab (13.11.2+ds1-1) experimental; urgency=medium

  * New upstream version 13.11.2+ds1
  * Refresh patches
  * Remove obsolete config files and update upstream config file list
  * Update minimum versions of dependencies
  * Remove obsolete puma initializer (we have puma 5.2.2)

 -- Pirate Praveen <praveen@debian.org>  Fri, 30 Apr 2021 00:12:27 +0530

gitlab (13.10.4+ds1-1) experimental; urgency=medium

  * New upstream security release 13.10.4+ds1 (Fixes: CVE-2021-22209,
    CVE-2021-22206, CVE-2021-22210, CVE-2021-22208, CVE-2021-22211)
  * Update minimum version of node-mermaid to 8.9.2, ruby-carrierwave to 1.3.2
    and redis-server to 5:6.0.12~

 -- Pirate Praveen <praveen@debian.org>  Wed, 28 Apr 2021 17:47:54 +0530

gitlab (13.10.3+ds2-3) experimental; urgency=medium

  * Keep gitlab-workhorse binary in main
  * Update minimum version of ruby-mail-room

 -- Pirate Praveen <praveen@debian.org>  Sun, 25 Apr 2021 18:14:33 +0530

gitlab (13.10.3+ds2-2) experimental; urgency=medium

  * Update minimum version of node-prosemirror-{model,markdown}
  * Use packaged versions of lodash and babel-plugin-lodash
  * Relax dependency on ruby-rexml to allow version embedded in libruby2.7
  * Use packaged versions of @babel/*
  * Update version of gitlab-workhorse to same version as gitlab

 -- Pirate Praveen <praveen@debian.org>  Sat, 24 Apr 2021 00:24:27 +0530

gitlab (13.10.3+ds2-1) experimental; urgency=medium

  * Build gitlab-workhorse binary from workhorse directory
  * New upstream version 13.10.3+ds1
  * Refresh patches
  * Add golang-github-getsentry-raven-go-dev as build dependency
  * Remove files no longer shipped by upstream from file lists
  * New upstream version 13.10.3+ds2 (remove embedded raven-go)
  * Update minimum versions of dependencies

 -- Pirate Praveen <praveen@debian.org>  Sat, 17 Apr 2021 23:31:09 +0530

gitlab (13.9.6+ds1-1) experimental; urgency=medium

  * New upstream security release 13.9.6+ds1
  * Update minimum version of ruby-rexml to 3.2.5
  * Add ruby-saml as a dependency
  * Refresh patches

 -- Pirate Praveen <praveen@debian.org>  Thu, 15 Apr 2021 22:42:45 +0530

gitlab (13.9.5+ds1-1) experimental; urgency=medium

  * Update watch file regex for github.com components
  * New upstream security release 13.9.5+ds1
  * Drop ruby-hipchat dependency and refresh patch for the same change in
    Gemfile
  * Add ruby-ruby-magic-static as new dependency
  * Remove obsolete initializer

 -- Pirate Praveen <praveen@debian.org>  Thu, 01 Apr 2021 16:38:24 +0530

gitlab (13.9.4+ds1-3) experimental; urgency=medium

  * Relax dependency on gitlab-labkit (for matching with gitaly requirement)
  * Update minimum versions of ruby-rugged and ruby-licensee again
   (ruby-rugged/libgit2 1.x now work after ruby-licensee was fixed)

 -- Pirate Praveen <praveen@debian.org>  Sat, 27 Mar 2021 16:09:29 +0530

gitlab (13.9.4+ds1-2) experimental; urgency=medium

  * Revert "Update minimum versions of ruby-rugged and ruby-licensee"
    ruby-rugged/libgit2 1.x breakage is not yet fixed.

 -- Pirate Praveen <praveen@debian.org>  Tue, 23 Mar 2021 23:41:10 +0530

gitlab (13.9.4+ds1-1) experimental; urgency=medium

  * New upstream version 13.9.4+ds1 (Fixes Remote code execution via unsafe
    user-controlled markdown rendering options)

 -- Pirate Praveen <praveen@debian.org>  Fri, 19 Mar 2021 00:10:35 +0530

gitlab (13.9.3+ds1-2) experimental; urgency=medium

  * Update minimum versions of ruby-rugged and ruby-licensee (packaged versions
    of these gems work again)

 -- Pirate Praveen <praveen@debian.org>  Thu, 11 Mar 2021 21:46:20 +0530

gitlab (13.9.3+ds1-1) experimental; urgency=medium

  * New upstream version 13.9.3+ds1
  * Refresh patches
  * Update debian/upstream-file-list
  * Add set -e and fix typos in file names
  * Update maintscript (remove obsolete initializers) and
    upstream-config-file-list
  * Update dependencies

 -- Pirate Praveen <praveen@debian.org>  Thu, 11 Mar 2021 21:11:52 +0530

gitlab (13.8.5+ds1-2) experimental; urgency=medium

  * Update minimum version of gitaly to 13.8~
  * Fix typo in dependency (ruby-azure-storage-common)

 -- Pirate Praveen <praveen@debian.org>  Tue, 09 Mar 2021 16:59:45 +0530

gitlab (13.8.5+ds1-1) experimental; urgency=medium

  * New upstream version 13.8.5+ds1
  * Refresh patches
  * Relax dependency on bcrypt and webrick in Gemfile
  * Update minimum versions of dependencies

 -- Pirate Praveen <praveen@debian.org>  Mon, 08 Mar 2021 23:37:34 +0530

gitlab (13.7.8+ds1-1) experimental; urgency=medium

  [ Dmitry Smirnov ]
  * watch: fixed upstream MUT/tarballs downloading with "uscan" and "origtargz".
  * L:debian-rules-uses-unnecessary-dh-argument
  * CI: minor corrections; exclude "buster-backports" and tags.
  * watch: added "repacksuffix=+ds1".
  * changelog update
  * watch: corrected for "uscan --download-version" case.

  [ Pirate Praveen ]
  * Remove elasticsearch-model component from debian/gbp.conf (now included
    in elasticsearch-rails component)
  * New upstream version 13.7.8+ds1 (Fixes: CVE-2021-22185, CVE-2021-22186)
  * Refresh patches
  * Update minimum version of ruby-thrift to 0.14~

 -- Pirate Praveen <praveen@debian.org>  Fri, 05 Mar 2021 16:21:41 +0530

gitlab (13.7.7-2) experimental; urgency=medium

  * Remove config-file-list generated during build from repo
  * Remove more obsolete config files, thanks to Dragos Jarca and Lars Kruse
    (Closes: #983779)

 -- Pirate Praveen <praveen@debian.org>  Tue, 02 Mar 2021 23:55:53 +0530

gitlab (13.7.7-1) experimental; urgency=medium

  * New upstream version 13.7.7
  * Add --quiet to gitlab-sidekiq.service running bundle install --local
  * Switch back to ruby-rugged 0.28 (use snapshot.debian.org)
  * Refresh patches
  * Ignore embedded gitlab-workhorse (packaged separately)
  * Update minimum versions of ruby-fog-google and ruby-mail-room
  * Add resolutions: typescript 4.1.5 in package.json
  * Update minimum versions to ruby-commonmarker and ruby-progressbar
  * Remove obsolete feature flags and initializers (Closes: #983346)
  * Automatically check if any config files changed during build

 -- Pirate Praveen <praveen@debian.org>  Mon, 01 Mar 2021 19:32:24 +0530

gitlab (13.6.7-3) experimental; urgency=medium

  * Add --quiet to gitlab-sidekiq.service running bundle install --local
  * Switch back to ruby-rugged 0.28 (use snapshot.debian.org)

 -- Pirate Praveen <praveen@debian.org>  Wed, 24 Feb 2021 21:46:34 +0530

gitlab (13.6.7-2) experimental; urgency=medium

  * Change dependency on ruby to ruby2.7
  * Regenerate Gemfile.lock before gitlab-sidekiq service start. Also provide
    gitlab-update-gemfile-lock command to manually regenerate Gemfile.lock
    (Closes: #944698, #914989)
  * Update minimum version of gitaly (for gitaly-git2go command)

 -- Pirate Praveen <praveen@debian.org>  Fri, 19 Feb 2021 14:20:13 +0530

gitlab (13.6.7-1) experimental; urgency=medium

  * Update minimum version of ruby to 2.7.2 and rubygems-integration to 1.18
  * New upstream version 13.6.7

 -- Pirate Praveen <praveen@debian.org>  Thu, 11 Feb 2021 23:39:07 +0530

gitlab (13.6.6-1) experimental; urgency=medium

  * Use gitlab-rails-console command in README.Debian
  * Document how to activate a new user from rails console
  * Update minimum version of ruby-attr-encrypted
  * New upstream version 13.6.6 (Fixes: CVE-2021-22172, CVE-2021-22169)

 -- Pirate Praveen <praveen@debian.org>  Thu, 04 Feb 2021 15:48:11 +0530

gitlab (13.6.5-1) experimental; urgency=medium

  [ Pirate Praveen ]
  * Add node_modules as first path to resolve in webpack.config.js
  * Fix syntax of nginx.ssl.config.example

  [ Dmitry Smirnov ]
  * copyright: corrected syntax to pass "cme check dpkg-copyright".

  [ Pirate Praveen ]
  * New upstream version 13.5.7
  * Update minimum version of ruby-mini-magick
  * Update minimum version of node-popper.js
  * New upstream version 13.6.5
  * Refresh patches
  * Update upstream-file-list
  * Update minimum version of dependencies and add new dependencies
  * Sync patches with buster-fasttrack branch

 -- Pirate Praveen <praveen@debian.org>  Sat, 30 Jan 2021 20:30:57 +0530

gitlab (13.5.6-1) experimental; urgency=medium

  * Use node-css-loader 5.x and node-postcss 8.x
  * Switch to yarn 2.x with node-modules plugin
  * Refactor to make node_modules and package.json write-able
  * Use link: and portal: protocols in package.json for packaged modules
  * Use link protocol only in case of permission errors
  * New upstream version 13.5.5
  * Update nginx configuration using upstream templates
  * Don't install yarn.lock (we use some dependencies from system)
  * Switch back to using lodash from npmjs.com (see #979531)
  * New upstream version 13.5.6 (Fixes: CVE-2021-22166, CVE-2020-26414)

 -- Pirate Praveen <praveen@debian.org>  Fri, 08 Jan 2021 16:49:21 +0530

gitlab (13.4.7-2) unstable; urgency=medium

  [ Sruthi Chandran ]
  * Add canvas as externals in webpack.config.js

  [ Pirate Praveen ]
  * Use packaged versions of uuid, mermaid, katex, minimatch, js-yaml,
    webpack-stats-plugin and font-awesome node modules
  * Tighten dependency on node-autosize for bug fix (error in browser console)

 -- Pirate Praveen <praveen@debian.org>  Thu, 17 Dec 2020 16:14:45 +0530

gitlab (13.4.7-1) unstable; urgency=medium

  * Use packaged version of pdfjs-dist and adapt for worker-loader 3 api
  * Remove schema-utils 3.0 from package.json (incompatibilities resolved)
    All modules depending on schema-utils are now provided by debian packages
    only
  * Install grpc using gem command (ruby-grpc package has an unfixed
    regression - see #966653)
  * Update uuid to ^8.3.1 in package.json
  * New upstream version 13.4.7 (Fixes: CVE-2020-26407, CVE-2020-26408,
    CVE-2020-13357, CVE-2020-26411, CVE-2020-26409)
  * Drop dependency on ruby-grpc (now handled by gem install)

 -- Pirate Praveen <praveen@debian.org>  Tue, 08 Dec 2020 15:32:56 +0530

gitlab (13.4.6-3) unstable; urgency=medium

  [ Pirate Praveen ]
  * Use packaged version of css-loader, raw-loader, file-loader, style-loader
    and copy-webpack-plugin
  * Add schema-utils 3.0, mkdirp 1.0 and loader-utils 2.0 to package.json
    to force yarn to move incompatible versions from gitlab's node_modules
    directory to node_modules directory of other modules (Closes: #976310)

 -- Sruthi Chandran <srud@debian.org>  Sun, 06 Dec 2020 22:54:05 +0530

gitlab (13.4.6-2) unstable; urgency=medium

  * Upload to unstable (Closes: #976294)
  * Set minimum version for grpc and google-protobuf

 -- Sruthi Chandran <srud@debian.org>  Wed, 02 Dec 2020 23:45:40 +0530

gitlab (13.4.6-1) experimental; urgency=medium

  [ Pirate Praveen ]
  * Relax more test dependencies
  * Add more autopkgtest dependencies
  * Update patches to adjust more autopkgtest dependencies in Gemfile
  * Run tests again and grant required database privilleges
  * Run only a single test for now
  * New upstream version 13.4.6
  * Bump Standards-Version to 4.5.1 (no changes needed)

  [ Sruthi Chandran ]
  * Drop unused patch files
  * Refresh patches
  * Update new and removed files from d/gitlab.install
  * Update dependencies
  * Create link for .gitlab_kas_secret

 -- Sruthi Chandran <srud@debian.org>  Fri, 27 Nov 2020 02:25:29 +0530

gitlab (13.3.9-1) unstable; urgency=medium

  * Team Upload

  [ Pirate Praveen ]
  * Relax dependency on bullet rubygem in Gemfile
  * Add new autopkgtest dependencies
  * Comment out png_quantizator dependency in Gemfile

  [ Abraham Raji ]
  * New upstream version 13.3.9 (Fixes: CVE-2020-13355, CVE-2020-26405,
    CVE-2020-13358, CVE-2020-13359, CVE-2020-13340, CVE-2020-13340,
    CVE-2020-13353, CVE-2020-13354, CVE-2020-13352, CVE-2020-13356,
    CVE-2020-13351, CVE-2020-13350, CVE-2020-13349, CVE-2020-13348)

 -- Abraham Raji <avronr@tuta.io>  Thu, 05 Nov 2020 12:23:49 +0530

gitlab (13.3.8-1) unstable; urgency=medium

  * New upstream version 13.3.8
  * Refresh patches
  * Install new directory data
  * Tighten versions of dependencies
  * Create btree_gist extension in postgres database
  * Switch back to using css-loader module from npmjs.com
  * Tighten dependency on gitlab-shell and gitaly

 -- Pirate Praveen <praveen@debian.org>  Wed, 28 Oct 2020 21:02:48 +0530

gitlab (13.2.10-1) unstable; urgency=medium

  [ Abraham Raji ]
  * New upstream version 13.2.10 (Fixes: CVE-2020-13333, CVE-2020-13332,
    CVE-2020-13335, CVE-2020-13334, CVE-2020-13327)

 -- Abraham Raji <avronr@tuta.io>  Sat, 03 Oct 2020 22:31:26 +0000

gitlab (13.2.8-2) unstable; urgency=medium

  [ Cédric Boutillier ]
  * [ci skip] Add .gitattributes to keep unwanted files out of the source package

  [ Pirate Praveen ]
  * Use packaged versions of prosemirror-markdown and timeago.js node modules

 -- Pirate Praveen <praveen@debian.org>  Sun, 06 Sep 2020 14:11:53 +0530

gitlab (13.2.8-1) unstable; urgency=medium

  * Drop faraday-middleware-aws-signers-v4 from components list
  * New upstream version 13.2.8 (Fixes: CVE-2020-13318, CVE-2020-13301,
    CVE-2020-13284, CVE-2020-13298, CVE-2020-13313, CVE-2020-13311,
    CVE-2020-13289, CVE-2020-13302, CVE-2020-13314, CVE-2020-13309,
    CVE-2020-13287, CVE-2020-13306, CVE-2020-13299, CVE-2020-13300,
    CVE-2020-13317, CVE-2020-13303, CVE-2020-13316, CVE-2020-13304,
    CVE-2020-13305, CVE-2020-13307, CVE-2020-13308, CVE-2020-13315,
    CVE-2020-13297, CVE-2020-13310)
  * Refresh patches
  * Update minimum version of node-jquery to 3.5
  * Remove faraday-middleware-aws-signers-v4 from upstream-file-list

 -- Pirate Praveen <praveen@debian.org>  Thu, 03 Sep 2020 11:20:31 +0530

gitlab (13.2.6-3) unstable; urgency=medium

  [ Karthik ]
  * Add puma dependency to debian/control, add puma systemd service, update
    gitlab service with puma

  [ Pirate Praveen ]
  * Add gitlab-puma.service as dependency of gitlab.service
  * Remove unicorn from Gemfile and choose puma
  * Add puma.rb and use it from gitlab-puma.service
  * Update minimum version of gitlab-common to use unix socket in gitlab-shell
  * Remove gitlab-unicorn.service and install gitlab-puma.service

 -- Pirate Praveen <praveen@debian.org>  Thu, 20 Aug 2020 23:23:49 +0530

gitlab (13.2.6-2) unstable; urgency=medium

  * Switch to aws-sdk v3 with upstream patch
  * Drop phantomjs from autopkgtest dependencies
  * Add needs-internet restriction to autopkgtest

 -- Pirate Praveen <praveen@debian.org>  Thu, 20 Aug 2020 17:30:32 +0530

gitlab (13.2.6-1) unstable; urgency=medium

  * New upstream version 13.2.6

 -- Pirate Praveen <praveen@debian.org>  Wed, 19 Aug 2020 03:01:51 +0530

gitlab (13.2.5-1) unstable; urgency=medium

  * Bump minimum version of webpack to 4.43
  * New upstream version 13.2.5 with a security fix (CVE ID not assigned yet)
  * Refresh patches
  * Relax dependency on ruby-browser

 -- Pirate Praveen <praveen@debian.org>  Tue, 18 Aug 2020 20:03:24 +0530

gitlab (13.2.3-2) unstable; urgency=medium

  [ Pirate Praveen ]
  * Tighten dependency on ruby-gitaly and ruby-acme-client

  [ Abraham Raji ]
  * Added copyright notices for templates (Closes: #966085)

  [ Pirate Praveen ]
  * Relax dependency on ruby-gitlab-sidekiq-fetcher
  * Relax dependency on sidekiq gem in Gemfile to allow 6.x version
    (Closes: #968239)
  * Reupload to unstable (the version in unstable is already uninstallable,
    so depending on some packages from experimental is not worse, it helps
    security team as they need to worry about less CVEs)

 -- Pirate Praveen <praveen@debian.org>  Tue, 11 Aug 2020 19:46:51 +0530

gitlab (13.2.3-1) experimental; urgency=medium

  * Move tmp/backups outside /run via symbolic link
  * New upstream version 13.2.1
  * Refresh patches
  * Tighten dependencies
  * Remove files no longer shipped by upstream from install
  * Allow gitlab user to create schema
  * New upstream version 13.2.3

 -- Pirate Praveen <praveen@debian.org>  Sun, 09 Aug 2020 22:54:13 +0530

gitlab (13.1.6-1) experimental; urgency=medium

  * Move tmp/backups outside /run via symbolic link
  * New upstream version 13.1.6 (Fixes: CVE-2020-13280, CVE-2020-13281,
    CVE-2020-13286, CVE-2020-13285, CVE-2020-13283, CVE-2020-13282,
    CVE-2020-13292, CVE-2020-13293, CVE-2020-13294, CVE-2020-13291,
    CVE-2020-13288, CVE-2020-13290, CVE-2020-132935)

 -- Pirate Praveen <praveen@debian.org>  Sun, 09 Aug 2020 01:30:33 +0530

gitlab (13.1.4-2) experimental; urgency=medium

  * Update minimum version of ruby to 2.7
  * Drop ruby 2.5 compat patches, we have ruby 2.7 in fasttrack now
  * Remove obsolete initializer: rack_attack_new.rb (thanks to sunweaver and
    onlyjob)
  * Fix permissions for ${gitlab_data_dir}/shared/artifacts/tmp/* (thanks to
    sunweaver)

 -- Pirate Praveen <praveen@debian.org>  Thu, 16 Jul 2020 17:22:17 +0530

gitlab (13.1.4-1) experimental; urgency=medium

  * Tighten dependencies for ruby 2.7 support in fasttrack
  * New upstream version 13.1.4

 -- Pirate Praveen <praveen@debian.org>  Fri, 10 Jul 2020 23:49:52 +0530

gitlab (13.1.3-1) experimental; urgency=medium

  * Use packaged versions of d3 and d3-sankey node modules
  * Use packaged version of codemirror
  * New upstream version 13.1.3 (Fixes: CVE-2020-15525)

 -- Pirate Praveen <praveen@debian.org>  Thu, 09 Jul 2020 12:54:05 +0530

gitlab (13.1.2-1) experimental; urgency=medium

  * New upstream version 13.1.2 with many security fixes (CVE IDs not
    assigned yet)
  * Refresh patches
  * Update minimum version of ruby-kaminari to 1.2.1

 -- Pirate Praveen <praveen@debian.org>  Thu, 02 Jul 2020 01:55:18 +0530

gitlab (13.1.1-1) experimental; urgency=medium

  * Use packaged version of node-compression-webpack-plugin
  * Update minimum version of ruby-oauth2 to 1.4.4
  * Add patch to fix ruby 2.5 compatibility issue
  * Use packaged versions: node-brace-expansion and node-cache-loader
  * Use packaged version of node-glob
  * New upstream version 13.1.1
  * Update minimum version of ruby-mail-room
  * Refresh patches

 -- Pirate Praveen <praveen@debian.org>  Wed, 01 Jul 2020 17:09:20 +0530

gitlab (13.1.0-1) experimental; urgency=medium

  * Update minimum version of webpack to 4.30~
  * Drop dependency on ruby-liquid and ruby-influxdb
  * New upstream version 13.1.0
  * Refresh patches
  * Update debian/upstream-file-list for new release
  * Relax dependency on faraday gem
  * Add rack-timeout gem to Gemfile
  * Tighten dependencies (remove ruby-omniauth-ultraauth)
  * Update dependencies on ruby-faraday, ruby-sentry-raven and
    ruby-grape-entity
  * Switch to using structure.sql from schema.rb for database initialization

 -- Pirate Praveen <praveen@debian.org>  Mon, 29 Jun 2020 15:51:48 +0530

gitlab (13.0.6-2) experimental; urgency=medium

  * Switch to using structure.sql from schema.rb for database initialization
  * Add rack-timeout gem to Gemfile
  * Relax dependency on ruby-grape-entity

 -- Pirate Praveen <praveen@debian.org>  Sat, 27 Jun 2020 23:07:50 +0530

gitlab (13.0.6-1) experimental; urgency=medium

  * New upstream version 13.0.6 with a security fix (CVE ID not
    assigned yet)

 -- Pirate Praveen <praveen@debian.org>  Thu, 11 Jun 2020 17:01:47 +0530

gitlab (13.0.4-1) experimental; urgency=medium

  * Add link to issue about missing rack-timeout
  * Tighten dependency on ruby-gitaly and yarnpkg
  * Update minimum version for rm_conffile to include 12.10.7
  * New upstream version 13.0.4 with a security fix (CVE ID not
    assigned yet)

 -- Pirate Praveen <praveen@debian.org>  Thu, 04 Jun 2020 15:26:50 +0530

gitlab (13.0.3-1) experimental; urgency=medium

  * New upstream version 13.0.0
  * Refresh patches
  * Handle newly added files in this release
  * Add (ruby-)rack-timeout to Gemfile and Depends
  * Remove obsolete initializer from /etc/gitlab
  * Use packaged version of node-vue-template-compiler
  * Tighten minimum version of gitaly
  * New upstream version 13.0.3

 -- Pirate Praveen <praveen@debian.org>  Sat, 30 May 2020 21:13:54 +0530

gitlab (12.10.7-1) experimental; urgency=medium

  * New upstream version 12.10.7 with many security fixes (CVE IDs not
    assigned yet)

 -- Pirate Praveen <praveen@debian.org>  Thu, 28 May 2020 23:13:13 +0530

gitlab (12.10.3-3) experimental; urgency=medium

  * Update css-loader options in config/webpack.config.js

 -- Pirate Praveen <praveen@debian.org>  Mon, 18 May 2020 16:35:38 +0530

gitlab (12.10.3-2) experimental; urgency=medium

  * Update dependency on node-css-loader to 2.1.1

 -- Pirate Praveen <praveen@debian.org>  Sat, 16 May 2020 15:57:44 +0530

gitlab (12.10.3-1) experimental; urgency=medium

  * New upstream version 12.10.3
  * Use packaged version of vue node module
  * Update minimum version of ruby-faraday

 -- Pirate Praveen <praveen@debian.org>  Sat, 09 May 2020 16:28:56 +0530

gitlab (12.10.2-2) experimental; urgency=medium

  * Use packaged version of node-babel-loader
  * Relax dependency on net-ssh gem to allow new major version

 -- Pirate Praveen <praveen@debian.org>  Mon, 04 May 2020 07:00:12 +0530

gitlab (12.10.2-1) experimental; urgency=medium

  * Fix debian/watch for new gitlab.com tags page change
  * New upstream version 12.10.2 (Fixes: CVE-2020-12448, CVE-2020-10187)
  * Update minimum version of ruby-nokogiri to 1.10.9

 -- Pirate Praveen <praveen@debian.org>  Fri, 01 May 2020 12:38:53 +0530

gitlab (12.10.1-1) experimental; urgency=medium

  * Use packaged version of babel node module
  * New upstream version 12.10.1

 -- Pirate Praveen <praveen@debian.org>  Sat, 25 Apr 2020 11:02:26 +0530

gitlab (12.10.0-1) experimental; urgency=medium

  * Drop embedded copy of derailed_benchmarks and use packaged version
  * Stop excluding non-dfsg files (removed upstream)
  * New upstream version 12.10.0
  * Refresh patches
  * Update gitlab.install (remove files not present)
  * Update upstream file list
  * Tighten dependencies
  * Fix typo in dependency name
  * Update lintian overrides
  * Make db/structure.sql writable by gitlab user
  * Tighten dependency on gitaly
  * Remove initializer not needed (we have the required rails version)
  * Relax dependency on gitaly ruby gem in Gemfile

 -- Pirate Praveen <praveen@debian.org>  Wed, 22 Apr 2020 23:51:56 +0530

gitlab (12.9.3+dfsg-1) experimental; urgency=medium

  * New upstream version 12.9.3+dfsg (Fixes: CVE-2020-11505, CVE-2020-11506,
    CVE-2020-11649)
  * Refresh patches

 -- Pirate Praveen <praveen@debian.org>  Wed, 15 Apr 2020 14:49:03 +0530

gitlab (12.9.2+dfsg-1) experimental; urgency=medium

  * Exclude one_password binaries and embed snowplow-javascript-tracker
    (Closes: #943987)
  * New upstream version 12.9.2+dfsg
  * Add comments to all patches

 -- Pirate Praveen <praveen@debian.org>  Mon, 13 Apr 2020 15:19:33 +0530

gitlab (12.9.2-6) experimental; urgency=medium

  * Move source package also to contrib as gitlab-common is moved to src:gitaly
  * Update lintian overrides
  * Update copyright file with missing attributions

 -- Pirate Praveen <praveen@debian.org>  Sun, 12 Apr 2020 19:46:25 +0530

gitlab (12.9.2-5) experimental; urgency=medium

  [ vv221 ]
  * Build assets generated by webpack in production mode (Closes: #956508,
    #927297)

  [ Pirate Praveen ]
  * Drop gitlab-common binary (moved to src:gitaly)
  * Drop work around for missing assets/select2.png (not required in
    NODE_ENV=production mode for webpack)

 -- Pirate Praveen <praveen@debian.org>  Sun, 12 Apr 2020 17:52:22 +0530

gitlab (12.9.2-4) experimental; urgency=medium

  * Remove --max-old-path option to webpack (correctly passed in NODE_OPTIONS)
  * Exclude packaged modules from transpiling (webpack/babel-loader)
    (Closes: #956449)

 -- Pirate Praveen <praveen@debian.org>  Sat, 11 Apr 2020 19:53:38 +0530

gitlab (12.9.2-3) experimental; urgency=medium

  * Tighten dependency on gitlab-common

 -- Pirate Praveen <praveen@debian.org>  Sat, 11 Apr 2020 16:37:06 +0530

gitlab (12.9.2-2) experimental; urgency=medium

  * Tighten dependency on ruby-graphql (for backports)
  * Pass NODE_OPTIONS="--max-old-space-size=2048" to webpack to work with
    nodejs 10 (Closes: #956211)

 -- Pirate Praveen <praveen@debian.org>  Sat, 11 Apr 2020 01:29:14 +0530

gitlab (12.9.2-1) experimental; urgency=medium

  * Switch to gitlab's fork of derailed_benchmarks gem
  * New upstream version 12.9.2
  * Change dependency: ruby-slack-notifier -> ruby-slack-messenger
  * Tighten dependencies: ruby-rouge, ruby-diffy, ruby-gitlab-labkit
  * Tighten dependencies: ruby-mail-room, ruby-gitaly, gitaly
  * Tighten dependencies: gitlab-shell, gitlab-workhorse
  * Update node-* dependencies
  * Remove dependencies: node-cache-loader, node-raw-loader, node-file-loader
  * Update minimum version of nodejs to 12 (See #956211)
  * Add special handling for webpack to find .json file (Closes: #956218)
  * Override json evil license lintian error (listed as an example license)

 -- Pirate Praveen <praveen@debian.org>  Fri, 10 Apr 2020 09:25:28 +0530

gitlab (12.8.8-6) experimental; urgency=medium

  * Start nginx after letsencrypt configuration
  * Drop dependency on libjs-pdf (not needed anymore)
  * Remove obsolete initializer: active_record_becomes.rb (Closes: #955732)

 -- Pirate Praveen <praveen@debian.org>  Sat, 04 Apr 2020 16:11:16 +0530

gitlab (12.8.8-5) experimental; urgency=medium

  * Add a work around for missing assets/select2.png error on web console
    (See upstream issue #213245)

 -- Pirate Praveen <praveen@debian.org>  Fri, 03 Apr 2020 17:44:31 +0530

gitlab (12.8.8-4) experimental; urgency=medium

  * Refresh protobuf compat patch (remove fuzz)
  * Use jquery.waitforimages from npmjs.com (packaged version is broken)

 -- Pirate Praveen <praveen@debian.org>  Thu, 02 Apr 2020 20:22:43 +0530

gitlab (12.8.8-3) experimental; urgency=medium

  * Tighten dependencies for dependencies in buster-backports
  * Tighten dependency on ruby-grape-path-helpers (fixes issue creation)

 -- Pirate Praveen <praveen@debian.org>  Wed, 01 Apr 2020 20:24:55 +0530

gitlab (12.8.8-2) experimental; urgency=medium

  * Exclude core-js from transpiling (Closes: #954993)

 -- Pirate Praveen <praveen@debian.org>  Sat, 28 Mar 2020 19:55:14 +0530

gitlab (12.8.8-1) experimental; urgency=medium

  * New upstream version 12.8.8 (Fixes: CVE-2020-9795, CVE-2020-10956,
    CVE-2020-10955, CVE-2020-10954, CVE-2020-10952)
  * Bump Standards-Version to 4.5.0 (no changes needed)
  * Add new dependencies for embedded derailed_benchmarks gem

 -- Pirate Praveen <praveen@debian.org>  Sat, 28 Mar 2020 18:12:33 +0530

gitlab (12.8.6-1) experimental; urgency=medium

  [ Sruthi Chandran ]
  * New upstream version 12.8.6
  * Update embedded module versions
  * Remove embedded doorkeeper as it is available in experimental
  * Deleted patches already applied upstream - 0488-relax-rdoc.patch,
    0670-allow-doorkeepr-4_3.patch, 0770-bump-node-d3.patch
  * Refresh patches

  [ Pirate Praveen ]
  * Add ruby-stackprof as dependency
  * Drop unused patch files
  * Drop patch to lower minimum ruby version (already satsfied in buster)
  * Removed now unused d3 modules from dependencies
  * Tighten dependency on ruby-method-source and ruby-grape
  * Cherry pick patch from upstream merge request to support grape 1.3
  * Fix protobuf compatibility issue with patch (Closes: #942633)
  * Tighten dependency on ruby-rack and ruby-rails

 -- Pirate Praveen <praveen@debian.org>  Thu, 26 Mar 2020 17:25:38 +0530

gitlab (12.6.8-2) experimental; urgency=medium

  * Relax dependency on rails in Gemfile
  * Relax deckar01-task_list dependency in Gemfile

 -- Pirate Praveen <praveen@debian.org>  Tue, 17 Mar 2020 17:31:39 +0530

gitlab (12.6.8-1) experimental; urgency=medium

  * Refresh stable gems in test group
  * Update autopkgtest Depends
  * Include development, test group in Gemfile for autopkgtest
  * Use packaged version of node-xterm
  * New upstream version 12.6.8

 -- Pirate Praveen <praveen@debian.org>  Sat, 07 Mar 2020 23:23:03 +0530

gitlab (12.6.7-2) experimental; urgency=medium

  * Use more packaged node modules
  * Don't run full autopkgtest till some gems are packaged

 -- Pirate Praveen <praveen@debian.org>  Sun, 23 Feb 2020 19:48:40 +0530

gitlab (12.6.7-1) experimental; urgency=medium

  [ Abhijith PA ]
  * New upstream version 12.6.6 (Fixes: CVE-2020-7973, CVE-2020-7968)
  * Remove patch 0760-bump-rubyzip.patch
  * Refresh patches.

  [ Pirate Praveen ]
  * Update minimum version of ruby-excon and ruby-rack-cors
  * New upstream version 12.6.7
  * Relax ruby-rack-cors version in Gemfile
  * Add lines removed by mistake in an earlier commit
  * Relax dependency on rdoc (ruby 2.5 comes with rdoc 6.0)
  * Refresh patches again to relax all stable gems

 -- Pirate Praveen <praveen@debian.org>  Sat, 15 Feb 2020 14:12:32 +0100

gitlab (12.6.4-1) experimental; urgency=medium

  * New upstream version 12.6.4
  * Fix and restore 0740-use-packaged-modules.patch contents of which was
    deleted by mistake earlier
  * Remove embedded core-js as required version is now available

 -- Sruthi Chandran <srud@debian.org>  Tue, 14 Jan 2020 01:24:48 +0530

gitlab (12.6.2-2) experimental; urgency=medium

  [ Utkarsh Gupta ]
  * Embed doorkeeper (Closes: #947754)
  * Fix d/control

  [ Sruthi Chandran ]
  * Remove .eslintrc.yml files to fix lintian errors
  * Remove embedded module heapy as packaged version is now available

 -- Utkarsh Gupta <utkarsh@debian.org>  Sat, 04 Jan 2020 02:59:10 +0530

gitlab (12.6.2-1) experimental; urgency=medium

  * New upstream version 12.6.2 (Fixes: CVE-2019-20142, CVE-2019-20143,
    CVE-2019-20144, CVE-2019-20145, CVE-2019-20146, CVE-2019-20147,
    CVE-2019-20148, CVE-2020-5197)

 -- Pirate Praveen <praveen@debian.org>  Fri, 03 Jan 2020 19:14:46 +0530

gitlab (12.6.1-1) experimental; urgency=medium

  [ Sruthi Chandran ]
  * New upstream version 12.6.1
  * Remove embedded gitlab peek as no longer required
  * Refresh patches
  * Override false lintian error

  [ Pirate Praveen ]
  * Tighten dependencies
  * Remove gitlab-peek from upstream-file-list (component removed)
  * Update minimum version of ruby-aws-sdk for bug fix
  * Remove obsolete initializer: rack_attack_git_basic_auth.rb

 -- Pirate Praveen <praveen@debian.org>  Thu, 02 Jan 2020 01:12:27 +0530

gitlab (12.5.4-2) experimental; urgency=medium

  * Update minimum version of ruby-gpgme to 2.0.19
  * Update minimum version of ruby-premailer-rails to 1.10.3

 -- Pirate Praveen <praveen@debian.org>  Tue, 31 Dec 2019 15:48:16 +0530

gitlab (12.5.4-1) experimental; urgency=medium

  * New upstream version 12.5.4
  * Refresh patches
  * Update upstream file list
  * Relax dependency on responders in Gemfile
  * Tighten dependencies
  * Relax dependency on grpc and google-protobuf gems (to fix ssh access)

 -- Pirate Praveen <praveen@debian.org>  Mon, 30 Dec 2019 17:36:49 +0530

gitlab (12.4.6-1) experimental; urgency=medium

  [ Pirate Praveen ]
  * Update minimum version of yarnpkg to 1.19~
  * Check if yarn cache directory is present before updating permissions
  * Update minimum version of git to 2.24~
  * New upstream version 12.3.8
  * Refresh patches
  * Remove EE only gems from Gemfile
  * Update minimum versions of ruby-graphql and ruby-fog-google
  * [Embedded dependencies] Remove snowplow-tracker and add
    elasticsearch-model, elasticsearch-rails,
    faraday-middleware-aws-signers-v4 and gitlab-peek
  * Update minimum versions of ruby-aws-sdk, ruby-gitlab-sidekiq-fetcher,
    ruby-jira, ruby-chronic-duration, ruby-prof, gitlab-shell
  * Relax dependency on kubeclient in Gemfile to allow 4.3
  * Remove gitlab-license gem from Gemfile (EE only)
  * Add new dependencies: ruby-net-ntp, ruby-unleash, ruby-net-dns,
    ruby-countries, ruby-elasticsearch as dependency

  [ Abhijith PA ]
  * New upstream version 12.3.9

  [ Pirate Praveen ]
  * New upstream version 12.4.6
  * Don't install 16790-render-xml-artifacts.yml
  * Update ignored files and upstream files lists
  * Relax asciidoctor-plantuml and rouge in Gemfile
  * Add dependency on ruby-gitlab-net-dns
  * Remove obsolete config file
  * Update asciidoctor-plantuml require statement for new api
  * Update minimum version of gitaly, asciidoctor-plantuml, ruby-rouge

 -- Pirate Praveen <praveen@debian.org>  Thu, 26 Dec 2019 21:03:03 +0530

gitlab (12.2.9-5) experimental; urgency=medium

  * Bump minimum version of ruby-font-awesome-rails to allow rails 5.2.3
  * Add patches for CVEs (Fixes: CVE-2019-19254, CVE-2019-19257)
  * Tighten dependency on gitlab-workhorse and gitaly (Fixes: CVE-2019-19260)
  * Set minimum version of ruby-gitlab-labkit as 0.5~ (for gitaly 1.65.2)

 -- Pirate Praveen <praveen@debian.org>  Fri, 29 Nov 2019 12:10:38 +0530

gitlab (12.2.9-4) experimental; urgency=medium

  * Update node-d3 to version 5.12 (required to update rollup to 1.x)

 -- Pirate Praveen <praveen@debian.org>  Fri, 22 Nov 2019 21:25:38 +0530

gitlab (12.2.9-3) experimental; urgency=medium

  [ Dmitry Smirnov ]
  * Revert "Add sp.js to debian/missing-sources"

  [ Pirate Praveen ]
  * Add gitlab-rails-console command as a convenience script
  * Update minimum version for rm_confifile maintscript option

  [ Utkarsh Gupta ]
  * Add patch to bump rubyzip (Closes: #944906)

  [ Pirate Praveen ]
  * Bump minimum version of ruby-zip to 2.0 to match Gemfile

 -- Pirate Praveen <praveen@debian.org>  Wed, 20 Nov 2019 13:16:32 +0530

gitlab (12.2.9-2) experimental; urgency=medium

  * Change .cache/yarn/v4 -> .cache/yarn/v6
  * Add sp.js to debian/missing-sources

 -- Utkarsh Gupta <guptautkarsh2102@gmail.com>  Sat, 02 Nov 2019 01:40:43 +0530

gitlab (12.2.9-1) experimental; urgency=high

  * New upstream version 12.2.9 (Fixes: CVE-2019-18446 CVE-2019-18447
    CVE-2019-18448 CVE-2019-18449 CVE-2019-18450 CVE-2019-18451
    CVE-2019-18452 CVE-2019-18453 CVE-2019-18454 CVE-2019-18455
    CVE-2019-18457 CVE-2019-18458 CVE-2019-18459 CVE-2019-18460
    CVE-2019-18461 CVE-2019-18462 CVE-2019-18463)

 -- Utkarsh Gupta <guptautkarsh2102@gmail.com>  Thu, 31 Oct 2019 01:43:16 +0530

gitlab (12.2.8-2) experimental; urgency=medium

  [ Dmitry Smirnov ]
  * CI: new lintian job + minor corrections
  * CI: re-factored

  [ Pirate Praveen ]
  * Update minimum versions of bundler and nodejs
  * Update minimum versions of gitaly, gitlab-workhorse and gitlab-shell

 -- Pirate Praveen <praveen@debian.org>  Thu, 24 Oct 2019 23:47:12 +0530

gitlab (12.2.8-1) experimental; urgency=medium

  [ Dmitry Smirnov ]
  * CI: unpack MUT components

  [ Sruthi Chandran ]
  * New upstream version 12.2.8
  * Update deps
  * Embed snowplow-tracker as component
  * Use system ruby-statistics
  * Add contracts, dependency of embedded snowplow in dependencies
  * Refresh patches and delete obselete patches
  * Remove old config files

  [ Pirate Praveen ]
  * Add ruby-invisible-captcha as dependency
  * Tighten dependency on ruby-gitlab-labkit
  * Remove obsolete conf file: initializers/postgresql_opclasses_support.rb

 -- Sruthi Chandran <srud@debian.org>  Sun, 20 Oct 2019 22:59:27 +0530

gitlab (12.1.14-1) experimental; urgency=medium

  [ Pirate Praveen ]
  * Add node-core-js (<< 3~) constraint to use embedded core-js module
    (Closes: #941909)

  [ Utkarsh Gupta ]
  * New upstream version 12.1.14
  * Bump Standards-Version to 4.4.1

 -- Utkarsh Gupta <guptautkarsh2102@gmail.com>  Mon, 07 Oct 2019 21:29:31 +0530

gitlab (12.1.13-2) experimental; urgency=medium

  * Fix last version of initializers/active_record_verbose_query_logs.rb (this
    fixes the failure during installation)

 -- Pirate Praveen <praveen@debian.org>  Sat, 05 Oct 2019 23:08:35 +0530

gitlab (12.1.13-1) experimental; urgency=medium

  [ Sruthi Chandran ]
  * New upstream version 12.1.13
  * Refresh patches and delete patches already applied upstream
  * Remove already packaged embedded modules (arel, gitlab-labkit, jwt,
    omniauth-google-oauth2 and rails)
  * Add patch to relax gitlab-labkit
  * Add derailed_benchmarks, heapy and ruby-statistics gems as components

  [ Pirate Praveen ]
  * Tighten dependencies
  * Fix relative path in config/initializers
  * Set path for gitlab.rb
  * Remove obsolete initializers

  [ Dmitry Smirnov ]
  * Added helper script to unpack MUT components; CI orig tarball handling correction.

 -- Sruthi Chandran <srud@debian.org>  Sat, 05 Oct 2019 12:15:28 +0530

gitlab (12.0.9-4) experimental; urgency=medium

  * Update minimum version of gitaly to 1.47.3

 -- Pirate Praveen <praveen@debian.org>  Fri, 27 Sep 2019 22:46:22 +0530

gitlab (12.0.9-3) experimental; urgency=medium

  * Update watch file (gitlab-ce is now gitlab-foss)
  * Add core-js 3 as component (require transition)

 -- Pirate Praveen <praveen@debian.org>  Wed, 25 Sep 2019 15:52:54 +0530

gitlab (12.0.9-2) experimental; urgency=medium

  * Add patch to bump asciidoctor (Closes: #940814)
  * Update minimum version for asciidoctor and ruby-octokit

 -- Utkarsh Gupta <guptautkarsh2102@gmail.com>  Mon, 16 Sep 2019 22:37:08 +0530

gitlab (12.0.9-1) experimental; urgency=high

  * Team Upload
  * New upstream version 12.0.9 (Closes: #940007)
    (Fixes: CVE-2019-16170)

 -- Nilesh <npatra974@gmail.com>  Wed, 11 Sep 2019 10:12:18 -0400

gitlab (12.0.8-3) experimental; urgency=medium

  * Update minimum version of ruby-gitaly-proto dependency

 -- Pirate Praveen <praveen@debian.org>  Wed, 11 Sep 2019 11:13:07 +0530

gitlab (12.0.8-2) experimental; urgency=medium

  * Add missing dependencies

 -- Pirate Praveen <praveen@debian.org>  Tue, 10 Sep 2019 23:33:54 +0530

gitlab (12.0.8-1) experimental; urgency=high

  * New upstream version 12.0.8 (Fixes: CVE-2019-15728 CVE-2019-15730
    CVE-2019-15722 CVE-2019-15729 CVE-2019-15721 CVE-2019-15727 CVE-2019-15726
    CVE-2019-15724 CVE-2019-15725 CVE-2019-15723 CVE-2019-15732 CVE-2019-15731
    CVE-2019-15738 CVE-2019-15737 CVE-2019-15734 CVE-2019-15739 CVE-2019-15740
    CVE-2019-15733 CVE-2019-15736 CVE-2019-15741)
  * Remove dfsg as the files are removed upstream
  * Refresh patches and delete obsolete patches
  * Remove already packaged embedded modules (ruby-omniauth-ultraauth,
    ruby-omniauth-salesforce, ruby-apollo-upload-server and ruby-sassc-rails)

 -- Sruthi Chandran <srud@debian.org>  Sat, 07 Sep 2019 21:38:23 +0530

gitlab (11.11.8+dfsg-1) experimental; urgency=medium

  * New upstream security release 11.11.8+dfsg (Closes: #934708)
    (Fixes: CVE-2019-14942 CVE-2019-14944)
  * Remove embedded jaeger-client, opentracing and thrift

 -- Sruthi Chandran <srud@debian.org>  Wed, 14 Aug 2019 17:14:06 +0530

gitlab (11.11.7+dfsg-1) experimental; urgency=medium

  [ Pirate Praveen ]
  * New upstream security release 11.11.7+dfsg (Closes: #933785)
    (Fixes: CVE-2019-5470, CVE-2019-5469, CVE-2019-5468, CVE-2019-5466,
    CVE-2019-5465, CVE-2019-5464, CVE-2019-5463, CVE-2019-5462, CVE-2019-5461)
  * Use packaged version of node-d3
  * Refresh patches
  * Bump standards version to 4.4.0
  * Install security.txt
  * Update embedded rails version to 5.1.7
  * Add ruby-omniauth-openid-connect, ruby-sassc and ruby-jaeger-client as
    new dependencies.
  * Embed omniauth-ultraauth, omniauth-salesforce, apollo_upload_server,
    sassc-rails, gitlab-labkit
  * Update dependency on ruby-sidekiq and ruby-nokogiri, gitaly,
    ruby-fog-google, ruby-batch-loader, ruby-gitaly-proto, ruby-grpc

  [ Dmitry Smirnov ]
  * CI: dropped .git directory and added job to build on Buster.

  [ Pirate Praveen ]
  * Update minimum version of gitaly
  * Switch to packaged version of webpack
  * Use packaged versions of node-worker-loader, node-cache-loader,
    node-imports-loader, node-exports-loader, node-url-loader, node-raw-loader
    and node-file-loader
  * Remove upstream-file-list.new in clean

 -- Pirate Praveen <praveen@debian.org>  Sun, 11 Aug 2019 13:00:50 +0530

gitlab (11.10.8+dfsg-1) experimental; urgency=medium

  [ Pirate Praveen ]
  * New upstream security release 11.10.8+dfsg (Fixes: CVE-2019-13001,
    CVE-2019-13002, CVE-2019-13003, CVE-2019-13004, CVE-2019-13005,
    CVE-2019-13006, CVE-2019-13007, CVE-2019-13009,CVE-2019-13010,
    CVE-2019-13011, CVE-2019-13121)
  * Refresh patches
  * Use packaged versions of node-autosize, axios, brace-expansion, chart.js,
    core-js, css-loader, d3-* sub modules, fuzzaldrin-plus, glob, jed, jquery,
    jquery-ujs, jquery.waitforimages, js-cookie, jszip, jszip-utils, mousetrap,
    popper.js, raven-js, bootstrap, three-orbit-control, three-stl-loader,
    timeago.js, dateformat, webpack-stats-plugin and vue-resource
  * Use packaged pikaday and update path in application.scss (Closes: #930529)

 -- Pirate Praveen <praveen@debian.org>  Sun, 07 Jul 2019 13:14:52 +0530

gitlab (11.10.5+dfsg-1) experimental; urgency=medium

  [ Pirate Praveen ]
  * New upstream security release 11.10.5+dfsg (Closes: #930004)
    (Fixes: CVE-2019-12428, CVE-2019-12431, CVE-2019-12432, CVE-2019-12433,
    CVE-2019-12434, CVE-2019-12441, CVE-2019-12442, CVE-2019-12443,
    CVE-2019-12444, CVE-2019-12445, CVE-2019-12446)
  * Arrange changelog in chronological order
  * Refresh patches

  [ Abhijith PA ]
  * Update changelog

 -- Pirate Praveen <praveen@debian.org>  Wed, 05 Jun 2019 12:35:18 +0530

gitlab (11.8.10+dfsg-1) unstable; urgency=medium

  * Team upload
  * New upstream release.
  * Remove unwanted lintian-overrides. [ 26a2fcc3]

 -- Abhijith PA <abhijith@debian.org>  Thu, 30 May 2019 16:15:39 +0530

gitlab (11.10.4+dfsg-2) experimental; urgency=medium

  * Bump devise to 4.6.2
  * Add patch to bump devise to 4.6.2

 -- Utkarsh Gupta <guptautkarsh2102@gmail.com>  Tue, 21 May 2019 21:07:19 +0530

gitlab (11.10.4+dfsg-1) experimental; urgency=medium

  [ Utkarsh Gupta ]
  * New upstream version 11.10.4+dfsg
  * Update d/changelog
  * Update 0050-relax-stable-libs.patch
  * Refresh d/patches
  * Install graphql-tag via yarnpkg
  * Update d/copyright to exclude pdf.*
  * Add lintian-overrides for false-positive errors
  * Update d/control to update gem versions
  * Do not use --frozen-lockfile with yarnpkg
  * Update d/upstream-file-list
  * Make yarn.lock writable
  * Add myself as an uploader

  [ Abhijith PA ]
  * remove embedded pdf.js and use libjs-pdf

  [ Pirate Praveen ]
  * Remove obsolete configuration files

 -- Utkarsh Gupta <guptautkarsh2102@gmail.com>  Sat, 18 May 2019 01:40:29 +0530

gitlab (11.8.9+dfsg-1) unstable; urgency=medium

  * Team upload
  * New upstream version 11.8.9+dfsg (Fixes: CVE-2019-11544, CVE-2019-11546,
    CVE-2019-11547, CVE-2019-11548, CVE-2019-11549) (Closes: #928221)
  * Update d/patches/*

 -- Utkarsh Gupta <guptautkarsh2102@gmail.com>  Sat, 04 May 2019 00:56:51 +0530

gitlab (11.8.6+dfsg-1) unstable; urgency=medium

  * Team upload
  * New upstream version 11.8.6 (Fixes: CVE-2018-5158, CVE-2019-10109,
    CVE-2019-10110, CVE-2019-10111, CVE-2019-10113, CVE-2019-10115,
    CVE-2019-10116, CVE-2019-10640)
  * Use libjs-pdf instead of embedded pdf.js
  * Add gitlab.examples

 -- Abhijith PA <abhijith@debian.org>  Wed, 03 Apr 2019 18:19:49 +0530

gitlab (11.8.3-1) unstable; urgency=high

  [ Pirate Praveen ]
  * Set minimum version of git to 2.18

  [ Sruthi Chandran ]
  * New upstream version 11.8.3 (Closes: #925196) (Fixes: CVE-2019-9866)

 -- Sruthi Chandran <srud@disroot.org>  Fri, 22 Mar 2019 00:19:33 +0530

gitlab (11.8.2-3) unstable; urgency=medium

  * Add link to gitlab page on Debian wiki in README.Debian
  * Set minimum version of ruby to 1:2.5~ and add conflict with libruby2.3
    (to support smooth upgrading from stretch-backports)
  * Tighten dependency on ruby-lograge
  * Remove obsolete config files
  * Drop patch which expected rails 5.2
  * Handle migration from rails 4.2

 -- Pirate Praveen <praveen@debian.org>  Sun, 17 Mar 2019 18:34:25 +0530

gitlab (11.8.2-2) unstable; urgency=medium

  [ Sruthi Chandran ]
  * Refactor tmpfiles.d/ conf files
  * Embed omniauth-google-oauth2 and jwt-2.1.0 (as we are in freeze)
  * Relax nokogiri

  [ Pirate Praveen ]
  * Remove dependency on npm and use yarnpkg directly instead
  * Tighten dependency on gitaly and gitlab-shell
  * Move gitlab-shell dependency to gitlab-common

 -- Pirate Praveen <praveen@debian.org>  Fri, 15 Mar 2019 22:12:52 +0530

gitlab (11.8.2-1) experimental; urgency=medium

  * New upstream version 11.8.2 (Closes: #924447) (Fixes: CVE-2019-9170,
    CVE-2019-9171, CVE-2019-9172, CVE-2019-9174, CVE-2019-9175, CVE-2019-9176,
    CVE-2019-9178, CVE-2019-9179, CVE-2019-9217, CVE-2019-9219, CVE-2019-9220,
    CVE-2019-9221, CVE-2019-9222, CVE-2019-9223, CVE-2019-9224, CVE-2019-9225,
    CVE-2019-9485)
  * Refresh patches and remove 0120-remove-tracing-group.patch
  * Embed opentracing, jaeger-client and thrift

 -- Sruthi Chandran <srud@disroot.org>  Thu, 14 Mar 2019 17:09:17 +0530

gitlab (11.8.0-1) experimental; urgency=medium

  [ Dmitry Smirnov ]
  * Moved list of files from Files-Excluded to "clean" file to avoid error
    in `mk-origtargz`.

  [ Sruthi Chandran ]
  * New upstream version 11.8.0
  * Refresh patches
  * Update script in debian/upstream-file-count-check.sh to identify
    new/removed files

  [ Pirate Praveen ]
  * Refresh patches with fuzz
  * Update dependency on ruby-rack, ruby-pg, ruby-fog*, ruby-truncato,
    ruby-nokogiri, ruby-acts-as-taggable-on, ruby-kubeclient,
    ruby-gitaly-proto, ruby-omniauth-azure-oauth2, ruby-google-api-client,
    ruby-sidekiq-cron, ruby-oauth2, ruby-googleauth
  * Remove tracing group from Gemfile
  * Replace rails 5.2 patch with rails 5.1 patch from upstream
  * Remove monkey patch not needed with rails 5.2
  * Embed rails 5.1 temporarily till gitlab supports rails 5.2
  * Create target file of secrets.yml symbolic link
  * Set GEM_PATH for using embedded gems
  * Tighten dependency on libjs-uglify

 -- Pirate Praveen <praveen@debian.org>  Tue, 12 Mar 2019 21:29:55 +0530

gitlab (11.5.10+dfsg-1) unstable; urgency=medium

  * New upstream version 11.5.10+dfsg (Closes: #921059) (Fixes: CVE-2019-6781,
    CVE-2019-6782, CVE-2019-6783, CVE-2019-6784, CVE-2019-6785, CVE-2019-6786,
    CVE-2019-6787, CVE-2019-6788, CVE-2019-6789, CVE-2019-6790, CVE-2019-6791,
    CVE-2019-6792, CVE-2019-6794, CVE-2019-6795, CVE-2019-6796, CVE-2019-6960,
    CVE-2019-6995, CVE-2019-6997, CVE-2019-7155, CVE-2019-7176)
  * Refresh patches
  * Add ruby-zip as dependency
  * Relax dependency on ruby-carrierwave

 -- Pirate Praveen <praveen@debian.org>  Sat, 02 Feb 2019 18:14:16 +0530

gitlab (11.5.7+dfsg-1) unstable; urgency=medium

  * Team upload
  * New upstream version 11.5.7+dfsg
  * Fix CVE-2019-6240: Arbitrary repo read in Gitlab project import
    (Closes: #919822)

 -- Abhijith PA <abhijith@debian.org>  Sun, 20 Jan 2019 21:37:01 +0530

gitlab (11.5.6+dfsg-1) unstable; urgency=high

  * New upstream version 11.5.6+dfsg (Closes: #918086) (Fixes: CVE-2018-20488,
    CVE-2018-20489, CVE-2018-20490, CVE-2018-20491, CVE-2018-20492,
    CVE-2018-20493, CVE-2018-20494, CVE-2018-20495, CVE-2018-20496,
    CVE-2018-20497, CVE-2018-20498, CVE-2018-20499, CVE-2018-20500,
    CVE-2018-20501, CVE-2018-20507)
  * Bump Standards-Version to 4.3.0

 -- Sruthi Chandran <srud@disroot.org>  Thu, 03 Jan 2019 12:56:20 +0530

gitlab (11.6.0+dfsg-1) experimental; urgency=medium

  * New upstream version 11.6.0+dfsg
  * Refresh patches
  * Remove 0650-fix-8-to-10-migration.patch
  * Don't install .eslintrc.yml
  * Add patch to relax rails in Gemfile
  * Relax gitlab-sidekiq-fetcher
  * Add patch 0680-rails-5_2.patch to make it work with rails5.2
  * Remove config/initializers/active_record_verbose_query_logs.rb
  * Set path for yarn

 -- Sruthi Chandran <srud@disroot.org>  Sun, 23 Dec 2018 12:16:18 +0530

gitlab (11.5.5+dfsg-1) unstable; urgency=high

  [ Pirate Praveen ]
  * Restart gitlab before checks in postinst (fixes failures in some checks)
  * Explicitly call /usr/bin/bundle to avoid gem installed bundler
  * Move gitlab-rake to /usr/sbin (depends on /sbin/runuser)
  * Remove optional bullet dependency from Gemfile
  * Add Gemfile.autopkgtest to specify test only dependencies
  * Install test only dependencies from rubygems.org for autopkgtest
  * Drop autopkgtest dependencies installed from rubygems.org
  * Relax dependency on rspec-rails
  * Add golang-any as autopkgtest dependency (to build gitlab-shell)
  * Add gitaly: client_path to gitlab.yml

  [ Sruthi Chandran ]
  * New upstream version 11.5.5+dfsg (Fixes: CVE-2018-20229)
  * Add myself to uploaders

 -- Sruthi Chandran <srud@disroot.org>  Fri, 21 Dec 2018 20:27:36 +0530

gitlab (11.5.4+dfsg-1) unstable; urgency=medium

  * New upstream version 11.5.4+dfsg (Fixes: CVE-2018-20144)
  * Add a note about reusing existing system users for Gitlab instance
    (Closes: #916243)
  * Add an example fqdn in debconf template (Closes: #916306)
  * Update minimum version of ruby-nokogiri to 1.8.4
  * Look for changes in /usr/share/rubygems-integration as well for triggering
    Gemfile.lock refresh
  * Remove world write permissions of .yarn-metadata.json files
    (Closes: #915860)
  * Restart gitaly before gitlab:check in postinst

 -- Pirate Praveen <praveen@debian.org>  Sat, 15 Dec 2018 14:43:41 +0530

gitlab (11.5.3+dfsg-1) experimental; urgency=medium

  * New upstream version 11.5.3+dfsg
  * Only gitlab binary needs to be in contrib (Closes: #915759)
  * Tighten dependency on ruby-octokit
  * Set minimum version of ruby-sass to 3.5
  * Refresh patches
  * Update dependencies

 -- Pirate Praveen <praveen@debian.org>  Thu, 13 Dec 2018 14:57:24 +0530

gitlab (11.4.9+dfsg-2) unstable; urgency=medium

  * Reupload to unstable

 -- Pirate Praveen <praveen@debian.org>  Sat, 08 Dec 2018 12:49:53 +0530

gitlab (11.4.9+dfsg-1) experimental; urgency=medium

  * New upstream version 11.4.9+dfsg
  * Refresh patches
  * Update dependencies
  * Remove gitlab-markup dependency (replaced by github-markup)

 -- Pirate Praveen <praveen@debian.org>  Thu, 06 Dec 2018 13:21:50 +0530

gitlab (11.3.11+dfsg-1) unstable; urgency=high

  * New upstream security release 11.3.11+dfsg (Fixes: CVE-2018-19493,
    CVE-2018-19494, CVE-2018-19495, CVE-2018-19496, CVE-2018-19569,
    CVE-2018-19570, CVE-2018-19571, CVE-2018-19572, CVE-2018-19573,
    CVE-2018-19574, CVE-2018-19575, CVE-2018-19576, CVE-2018-19577,
    CVE-2018-19580, CVE-2018-19583, CVE-2018-19585)

 -- Pirate Praveen <praveen@debian.org>  Thu, 29 Nov 2018 21:57:18 +0530

gitlab (11.3.10+dfsg-2) unstable; urgency=medium

  * Reupload to unstable

 -- Pirate Praveen <praveen@debian.org>  Thu, 22 Nov 2018 20:44:42 +0530

gitlab (11.3.10+dfsg-1) experimental; urgency=medium

  * New upstream version 11.3.10+dfsg (Closes: #914166) (Fixes: CVE-2018-19359)
  * Relax ruby-js-regex version
  * Tighten dependencies (update minimum versions)

 -- Pirate Praveen <praveen@debian.org>  Wed, 21 Nov 2018 11:49:29 +0530

gitlab (11.2.8+dfsg-2) unstable; urgency=medium

  * Add gitlab-rake as a command (Closes: #814506)
  * Revert to using github-linguist 5

 -- Pirate Praveen <praveen@debian.org>  Tue, 20 Nov 2018 10:46:03 +0530

gitlab (11.2.8+dfsg-1) experimental; urgency=medium

  * New upstream version 11.2.8+dfsg
    (Fixes: CVE-2018-18646, CVE-2018-18645, CVE-2018-18641, CVE-2018-18640)

 -- Pirate Praveen <praveen@debian.org>  Sun, 18 Nov 2018 18:42:27 +0530

gitlab (11.1.8+dfsg-2) unstable; urgency=medium

  * Reupload to unstable
  * Add CVEs fixed in 11.1.6 release (Fixes: CVE-2018-16049, CVE-2018-16050,
    CVE-2018-16051, Missing CSRF in System Hooks, Persistent XSS in Pipeline
    Tooltip)

 -- Pirate Praveen <praveen@debian.org>  Sat, 17 Nov 2018 12:56:07 +0530

gitlab (11.1.8+dfsg-1) experimental; urgency=medium

  * New upstream version 11.1.8+dfsg
    (Fixes: CVE-2018-17450, CVE-2018-17454, CVE-2018-15472, CVE-2018-17449,
    CVE-2018-17452, CVE-2018-17451, CVE-2018-17453, CVE-2018-17455,
    CVE-2018-17537, CVE-2018-17536)

 -- Pirate Praveen <praveen@debian.org>  Fri, 16 Nov 2018 16:45:36 +0530

gitlab (10.8.7+dfsg-1) unstable; urgency=medium

  * New upstream version 10.8.7+dfsg
    (Fixes: CVE-2018-14602, CVE-2018-14603, CVE-2018-14604, CVE-2018-14605,
    CVE-2018-14606)
  * Refresh and rename patches (to make numbering consistent)
  * Add dependency on bzip2 (Closes: #910058)
  * Add ruby-device-detector as new dependency and tighten dependency versions
  * Remove chmod/chown -R usage in postinst

 -- Pirate Praveen <praveen@debian.org>  Mon, 15 Oct 2018 15:55:10 +0530

gitlab (10.7.7+dfsg-3) unstable; urgency=medium

  * Give gitlab_user ownership of gitlab_data_dir after creating user
    (Closes: #910929)
  * Relax default_value_for, dropzonejs-rails, net-ssh in Gemfile
  * Remove .eslintrc from binary package
  * Add ruby-ed25519 and remove ruby-rbnacl
  * Remove chown -R commands from postinst

 -- Pirate Praveen <praveen@debian.org>  Sat, 13 Oct 2018 22:29:59 +0530

gitlab (10.7.7+dfsg-2) unstable; urgency=medium

  [ Lucas Kanashiro ]
  * Relax recaptcha version (Closes: #907488)

  [ Pirate Praveen ]
  * Reupload to unstable (required protobuf and grpc is now in unstable)
  * Bump dependency on gitaly (for user management via gitlab-common)
  * Bump Standards-Version to 4.2.1 (no changes needed)

 -- Pirate Praveen <praveen@debian.org>  Sat, 13 Oct 2018 00:11:14 +0530

gitlab (10.7.7+dfsg-1) experimental; urgency=medium

  * New upstream version 10.7.7+dfsg (Fixes: CVE-2018-14364) (Closes: #904026)
  * Bump Standards-Version to 4.2.0 (no changes needed)

 -- Pirate Praveen <praveen@debian.org>  Mon, 20 Aug 2018 21:38:35 +0530

gitlab (10.7.6+dfsg-2) experimental; urgency=medium

  * Support html-sanitizer >= 2.7.1 (see upstream issue 48415)

 -- Pirate Praveen <praveen@debian.org>  Sat, 30 Jun 2018 16:51:41 +0530

gitlab (10.7.6+dfsg-1) experimental; urgency=medium

  * New upstream version 10.7.6+dfsg
  * Refresh patches
  * Move common dependencies to gitlab-common
  * Don't remove gitlab_data_dir in purge
  * Support upgrading from 8.13 to 10.x (Upstream issue 48040)

 -- Pirate Praveen <praveen@debian.org>  Wed, 27 Jun 2018 16:14:20 +0530

gitlab (10.7.5+dfsg-3) experimental; urgency=medium

  * Relax ruby version check (2.3.3 includes security fixes)
  * Add gitlab-common binary to handle user creation for gitlab and gitaly
    (Closes: #901310)

 -- Pirate Praveen <praveen@debian.org>  Wed, 13 Jun 2018 10:57:34 +0530

gitlab (10.7.5+dfsg-2) experimental; urgency=medium

  * Bump minimum version of gitlab-workhorse to 4.1.0

 -- Pirate Praveen <praveen@debian.org>  Sun, 03 Jun 2018 20:54:56 +0530

gitlab (10.7.5+dfsg-1) experimental; urgency=medium

  * New upstream version 10.7.5+dfsg (Closes: #900522)

 -- Pirate Praveen <praveen@debian.org>  Sun, 03 Jun 2018 19:54:01 +0530

gitlab (10.7.3+dfsg-1) experimental; urgency=medium

  [ Dmitry Smirnov ]
  * CI: experimental CI.
  * CI: origtargz
  * copyright: format URL to HTTPS.
  * watch file to version 4; get tar.bz2 instead of tar.gz;

  [ Pirate Praveen ]
  * Fix filenamemagle as well to use bz2
  * New upstream version 10.7.3+dfsg
  * Refresh patches
  * Upload to experimental (required versions of ruby-rugged and ruby-grpc
    are only available in experimental. libgit2-dev and libgrpc-dev needs
    library transitions and coordination.)

 -- Pirate Praveen <praveen@debian.org>  Sat, 12 May 2018 20:52:12 +0530

gitlab (10.6.5+dfsg-2) unstable; urgency=medium

  * Set minimum version of nodejs to 6 (punycode@2.1.0 needs nodejs >= 6)
  * Use yarn installed webpack
  * Remove symlinks for vendored files (now using it directly)

 -- Pirate Praveen <praveen@debian.org>  Wed, 02 May 2018 18:11:00 +0530

gitlab (10.6.5+dfsg-1) unstable; urgency=medium

  * Use vendored js files (to ease backporting to jessie)
  * Update watch file for new gitlab.com download url pattern
  * New upstream version 10.6.5+dfsg
  * Bump Standards-Version to 4.1.4 (no changes needed)

 -- Pirate Praveen <praveen@debian.org>  Tue, 01 May 2018 15:13:49 +0530

gitlab (10.6.3+dfsg-3) unstable; urgency=medium

  * Relax dependency on asciidoctor-plantuml

 -- Pirate Praveen <praveen@debian.org>  Sun, 29 Apr 2018 16:59:15 +0530

gitlab (10.6.3+dfsg-2) unstable; urgency=medium

  [ Dmitry Smirnov ]
  * Build-Depends tightening: ruby-grape-entity (>= 0.7.1~)
  * gitlab.yml.example: fixed path to "gitaly.socket".
  * Recommends += gitaly; (Closes: #894015)
  * Fixed versioning of dependencies (ruby-arel (>= 6.0.4~) is crucial).
  * New patch to fix Markdown rendering (Closes: #895871).

  [ Pirate Praveen ]
  * Fix ruby-unf-ext version constraint
  * Update description, webpack is in main now
  * Install all frontend dependencies via npm (to ease backporting to stretch)

 -- Pirate Praveen <praveen@debian.org>  Fri, 27 Apr 2018 13:26:18 +0530

gitlab (10.6.3+dfsg-1) unstable; urgency=medium

  * New upstream version 10.6.3 (Closes: #894867, #894868, #894869)

 -- Pirate Praveen <praveen@debian.org>  Thu, 05 Apr 2018 14:05:46 +0530

gitlab (10.6.2+dfsg-1) unstable; urgency=medium

  * New upstream version 10.6.2
  * Refresh patches
  * Tighten dependency on ruby-loofah
  * Relax dependency on grape-entity (Closes: #894668)

 -- Pirate Praveen <praveen@debian.org>  Wed, 04 Apr 2018 22:27:43 +0530

gitlab (10.6.0+dfsg-1) unstable; urgency=medium

  * New upstream version 10.6.0

 -- Pirate Praveen <praveen@debian.org>  Tue, 27 Mar 2018 20:01:24 +0530

gitlab (10.5.6+dfsg-1) unstable; urgency=medium

  [ Dmitry Smirnov ]
  * Tighten/version dependency ruby-net-ldap:

  [ Pirate Praveen ]
  * New upstream version 10.5.6 (Closes: #893905)
    Fixes: CVE-2018-8801 CVE-2018-8971
  * Tighten dependency on ruby-omniauth-auth0

 -- Pirate Praveen <praveen@debian.org>  Mon, 26 Mar 2018 14:41:54 +0530

gitlab (10.5.5+dfsg-3) unstable; urgency=medium

  * Relax kubeclient dependency
  * Remove plantuml_lexer.rb initializer from /etc (Closes: #893867)

 -- Pirate Praveen <praveen@debian.org>  Fri, 23 Mar 2018 21:01:56 +0530

gitlab (10.5.5+dfsg-2) unstable; urgency=medium

  * Tighten ruby-devise to 4.4.3
  * Remove devDependencies from package.json
  * Start using system node libs, don't add yarn to package.json
  * Isolate yarn to its own directory

 -- Pirate Praveen <praveen@debian.org>  Thu, 22 Mar 2018 21:32:02 +0530

gitlab (10.5.5+dfsg-1) unstable; urgency=medium

  [ Dmitry Smirnov ]
  * Depends += "ruby-excon (>= 0.60.0~)"
  * Added new patch to fix Markdown rendering (Closes: #890757).
  * Depends: set minimum version for "rake".

  [ Pirate Praveen ]
  * New upstream version 10.5.5 (Closes: #888508)
    - Fixes multiple security vulnerabilities in 10.3.4 (CVE-2017-0914,
      CVE-2017-0916, CVE-2017-0917, CVE-2017-0918, CVE-2017-0923,
      CVE-2017-0925, CVE-2017-0926, CVE-2017-0927, CVE-2017-3710)
  * Remove files no longer present in vendor from Files-Excluded
  * Refresh patches
  * Add new node-* dependencies already in the archive as depends
  * Tighten dependencies
  * Bump debhelper compat to 10 and standards version to 4.1.3

 -- Pirate Praveen <praveen@debian.org>  Sun, 18 Mar 2018 15:17:08 +0530

gitlab (9.5.4+dfsg-7) unstable; urgency=medium

  * Reupload to unstable
  * Remove locale directory during purge
  * Locales should be compiled before precompiling assets

 -- Pirate Praveen <praveen@debian.org>  Thu, 01 Mar 2018 23:45:44 +0530

gitlab (9.5.4+dfsg-6) experimental; urgency=medium

  * Relax dependencies in Gemfile for rdoc ruby-prof
  * Build locale and make locale directory writable by symlinking to /var/lib
    (Closes: #890877)
  * Remove work around for libjs-jquery-atwho bug (1.5.4+dfsg.1-2 works)

 -- Pirate Praveen <praveen@debian.org>  Fri, 23 Feb 2018 00:01:33 +0530

gitlab (9.5.4+dfsg-5) experimental; urgency=medium

  * Use jquery from system for compatibility with at.js in node_modules
  * Use document-register-element 1.3.0 (1.7.2 is not compatible)

 -- Pirate Praveen <praveen@debian.org>  Wed, 14 Feb 2018 20:10:18 +0530

gitlab (9.5.4+dfsg-4) experimental; urgency=medium

  * Add workaround for broken libjs-jquery-atwho (#890391)
    (Download at.js from npmjs.com dist tarball)

 -- Pirate Praveen <praveen@debian.org>  Wed, 14 Feb 2018 17:19:26 +0530

gitlab (9.5.4+dfsg-3) experimental; urgency=medium

  [ Dmitry Smirnov ]
  * Fixed dependencies.

  [ Pirate Praveen ]
  * Update npm itself using npm (for @ support in module names)

 -- Pirate Praveen <praveen@debian.org>  Wed, 14 Feb 2018 14:45:11 +0530

gitlab (9.5.4+dfsg-2) experimental; urgency=medium

  * Relax dependencies in Gemfile
  * Tighten dependencies in control
  * Bump standards
  * Add missing attributions
  * Fix permissions for .gitlab_shell_secret

 -- Pirate Praveen <praveen@debian.org>  Tue, 26 Dec 2017 17:31:57 +0530

gitlab (9.5.4+dfsg-1) experimental; urgency=medium

  * New upstream release
  * Move to contrib (packaging of node modules for front end is not complete)
  * Use npm install for front end dependencies
  * Refresh patches
  * Tighten/update dependencies
  * Update gitlab.yml.example
  * Fix gitlab-mailroom service
  * Update overrides
  * Replace vendored js with system libs

 -- Pirate Praveen <praveen@debian.org>  Wed, 13 Dec 2017 10:50:15 +0530

gitlab (8.13.11+dfsg1-11) unstable; urgency=medium

  * Tighten dependency on ruby-truncato

 -- Pirate Praveen <praveen@debian.org>  Mon, 14 Aug 2017 12:21:40 +0530

gitlab (8.13.11+dfsg1-10) unstable; urgency=medium

  * Relax dependency on ruby-net-ssh (Closes: #868246)

 -- Pirate Praveen <praveen@debian.org>  Sun, 30 Jul 2017 16:14:02 +0530

gitlab (8.13.11+dfsg1-9) unstable; urgency=medium

  * Relax dependency on ruby-asana  and ruby-webmock

 -- Pirate Praveen <praveen@debian.org>  Tue, 18 Jul 2017 14:07:05 +0530

gitlab (8.13.11+dfsg1-8) unstable; urgency=medium

  * Export all variables declared in gitlab-debian.conf from
    /etc/default/gitlab (Closes: #863950) Thanks to yyoshino

 -- Pirate Praveen <praveen@debian.org>  Mon, 05 Jun 2017 22:00:03 +0530

gitlab (8.13.11+dfsg1-7) unstable; urgency=medium

  * Correctly bind dbconfig-common configuration file to gitlab package
    (and not to $gitlab_user) in debian/config
  * Revert change in debian/postinst from previous upload which incorrectly
    binds dbconfig-common configuration file to $gitlab_user package

 -- Pirate Praveen <praveen@debian.org>  Fri, 12 May 2017 10:12:55 +0530

gitlab (8.13.11+dfsg1-6) unstable; urgency=medium

  * Remove hard coded gitlab user in postinst (Closes: #862329)
  * Remove dbconfig-common config files on purge

 -- Pirate Praveen <praveen@debian.org>  Thu, 11 May 2017 22:29:06 +0530

gitlab (8.13.11+dfsg1-5) unstable; urgency=medium

  * Fix letsencrypt email handling in config
  * Minor update in postrm output

 -- Pirate Praveen <praveen@debian.org>  Thu, 27 Apr 2017 11:23:43 +0530

gitlab (8.13.11+dfsg1-4) unstable; urgency=medium

  * Check if gitlab_data_dir is defined before using it
  * Ask email address for letsencrypt updates

 -- Pirate Praveen <praveen@debian.org>  Wed, 26 Apr 2017 21:12:25 +0530

gitlab (8.13.11+dfsg1-3) unstable; urgency=medium

  * Quote variable in test -n (Thanks to Benjamin Drung)

 -- Pirate Praveen <praveen@debian.org>  Fri, 21 Apr 2017 16:02:25 +0530

gitlab (8.13.11+dfsg1-2) unstable; urgency=medium

  * Integrate dbconfig-common (Closes: #859200)
  * Don't set default gitlab user in postinst
  * Change template name from purge to purge_data
  * Switch to runuser from su (runuser correctly handles PAM sessions)

 -- Pirate Praveen <praveen@debian.org>  Fri, 21 Apr 2017 13:16:43 +0530

gitlab (8.13.11+dfsg1-1) unstable; urgency=medium

  [ Balasankar C ]
  * Repack source to remove fuzzaldrin-plus.js (Closes: #858725)

  [ Pirate Praveen ]
  * debian/postrm: Make checks idempotent (use if in place of &&)
  * debian/postrm: Check variables are defined before using them
  * debian/config: pre-seed variables to debconf db from config files
  * debian/postinst:
     - make sure all required variables are present in the config file
     - handle reconfiguration correctly by reapplying variables from debconf db
       to config files
     - Don't touch systemd override.conf if already exist

 -- Pirate Praveen <praveen@debian.org>  Thu, 20 Apr 2017 11:47:49 +0530

gitlab (8.13.11+dfsg-8) unstable; urgency=medium

  * Don't fail if gitlab-debian.defaults not found (to support upgrading
    from older versions)
  * Be more defensive in rm -rf

 -- Pirate Praveen <praveen@debian.org>  Thu, 23 Mar 2017 17:16:50 +0530

gitlab (8.13.11+dfsg-7) unstable; urgency=medium

  [ Balasankar C ]
  * Add patch cve-2017-0882.patch (Fixes: CVE-2017-0882)

  [ Pirate Praveen ]
  * Move gitlab_log_dir variable to /etc (needed got gitlab-unicorn service)

 -- Pirate Praveen <praveen@debian.org>  Tue, 21 Mar 2017 18:28:43 +0530

gitlab (8.13.11+dfsg-6) unstable; urgency=medium

  * Improve configuration file parsing by using source (Closes: #857967)

 -- Pirate Praveen <praveen@debian.org>  Fri, 17 Mar 2017 22:29:40 +0530

gitlab (8.13.11+dfsg-5) unstable; urgency=medium

  * Move variables used only in maintainer scripts to /usr/lib from /etc
    (Closes: #856606)
  * Use command -v to check existence of dropdb command in postrm

 -- Pirate Praveen <praveen@debian.org>  Tue, 14 Mar 2017 17:21:21 +0530

gitlab (8.13.11+dfsg-4) unstable; urgency=medium

  [ Balasankar C ]
  * Update description to specify that the package is non-omnibus, unlike the
    official one from GitLab.
  * Remove database on purge only if necessary commands are available
    (Closes: #855579)

  [ Pirate Praveen ]
  * Use /usr/lib/gitlab/templates for config file templates used in postinst
    (See 854658#34)
  * Add more checks in postrm to avoid failures which can be ignored

 -- Balasankar C <balasankarc@autistici.org>  Fri, 24 Feb 2017 17:06:52 +0530

gitlab (8.13.11+dfsg-3) unstable; urgency=medium

  * Allow choosing gitlab user (Closes: #854617)
  * Optionally remove all data on purge (Closes: #821087, #839929)

  [ Johannes Schauer ]
  * Amend the README.Debian with instructions of how to upgrade from
    non-Debian installations (Closes: #823743)

 -- Pirate Praveen <praveen@debian.org>  Thu, 16 Feb 2017 17:35:29 +0530

gitlab (8.13.11+dfsg-2) unstable; urgency=medium

  * Use upstream patch for git 2.11 support (Closes: #853251)
  * Set minimum version of gitlab-shell to 3.6.6-3
    (required for git 2.11 support)

 -- Pirate Praveen <praveen@debian.org>  Tue, 07 Feb 2017 11:24:36 +0530

gitlab (8.13.11+dfsg-1) unstable; urgency=medium

  * New upstream release
  * Remove WoSign from suggested free SSL providers (they stopped providing
    free SSL certificates from September 2016)
  * Backport git 2.11 support (Closes: #851714)

 -- Pirate Praveen <praveen@debian.org>  Wed, 18 Jan 2017 13:21:17 +0530

gitlab (8.13.6+dfsg2-2) unstable; urgency=medium

  * Add patch cve-2016-9469.diff (Fixes: CVE-2016-9469) (Closes: #847157)
  * Use ruby-jquery-ui-rails 6 (Closes: #847337)
  * Enable more tests
  * Use -C for specifing sidekiq queues, Thanks to Justin F. Hallett
    (Closes: #847114)
  * Add dpkg trigger to refresh Gemfile.lock if a dependency is changed
    (Closes: #847420)

 -- Pirate Praveen <praveen@debian.org>  Sun, 11 Dec 2016 22:06:59 +0530

gitlab (8.13.6+dfsg2-1) unstable; urgency=medium

  * Run tests with RAILS_ENV=test
  * Relax dependency on ruby-grape-entity
  * Remove tasks related to linting from orig.tar

 -- Pirate Praveen <praveen@debian.org>  Wed, 30 Nov 2016 16:15:29 +0530

gitlab (8.13.6+dfsg1-3) unstable; urgency=medium

  * Fix autopkgtest with upstream patch (Closes: #845656)

 -- Pirate Praveen <praveen@debian.org>  Mon, 28 Nov 2016 23:52:13 +0530

gitlab (8.13.6+dfsg1-2) unstable; urgency=medium

  * Replace embedded copy of fuzzaldrin-plus with libjs-fuzzaldrin-plus
    (Closes: #814871)

 -- Pirate Praveen <praveen@debian.org>  Fri, 25 Nov 2016 22:05:14 +0530

gitlab (8.13.6+dfsg1-1) unstable; urgency=medium

  * New upstream release (Closes: #845180)
  * Replace embedded copy of fuzzaldrin-plus with libjs-fuzzaldrin-plus

 -- Pirate Praveen <praveen@debian.org>  Thu, 24 Nov 2016 15:29:27 +0530

gitlab (8.13.3+dfsg1-2) unstable; urgency=medium

  * Reupload to unstable (Closes: #843519)

 -- Pirate Praveen <praveen@debian.org>  Fri, 11 Nov 2016 10:56:31 +0530

gitlab (8.13.3+dfsg1-1) experimental; urgency=medium

  * New upstream release (Fixes: CVE-2016-9086)
  * Refresh patches
  * Add dependency on lsb-base

 -- Pirate Praveen <praveen@debian.org>  Fri, 04 Nov 2016 16:23:49 +0530

gitlab (8.12.3+dfsg1-1) unstable; urgency=medium

  * New upstream release (Closes: #838256)
  * Use spec.rake and spec.pattern to select tests
  * Use INCLUDE_TEST_DEPENDS variable in Gemfile to select test dependencies
    (--without does not work with --local in bundle install)
  * Move /usr/share/gitlab/.bundle to /var/lib/gitlab
  * Create db/schema.rb only in postinst (Closes: #838668)

  [ Dmitry Smirnov ]
  * Fix failure to start masked gitlab.service after reinstall

 -- Pirate Praveen <praveen@debian.org>  Sat, 01 Oct 2016 15:23:17 +0530

gitlab (8.11.3+dfsg1-3) unstable; urgency=medium

  * Run some of gitlab provided tests as autopkgtests

 -- Pirate Praveen <praveen@debian.org>  Sat, 17 Sep 2016 21:41:51 +0530

gitlab (8.11.3+dfsg1-2) unstable; urgency=medium

  * Use config/initializers/secret_token.rb to create secrets.yml
    (backup your secrets.yml if you are upgrading)

 -- Pirate Praveen <praveen@debian.org>  Sat, 17 Sep 2016 14:53:04 +0530

gitlab (8.11.3+dfsg1-1) unstable; urgency=medium

  * New upstream release
  * Remove ruby-devise-async dependency

 -- Pirate Praveen <praveen@debian.org>  Fri, 16 Sep 2016 12:44:05 +0530

gitlab (8.10.5+dfsg-3) unstable; urgency=high

  * Remove ruby-activerecord-deprecated-finders dependency
    (removed from Gemfile)
  * Setting urgency=high as it helps fix #835749

 -- Pirate Praveen <praveen@debian.org>  Wed, 07 Sep 2016 23:18:08 +0530

gitlab (8.10.5+dfsg-2) unstable; urgency=medium

  * Reupload to unstable

 -- Pirate Praveen <praveen@debian.org>  Thu, 01 Sep 2016 13:17:03 +0530

gitlab (8.10.5+dfsg-1) experimental; urgency=medium

  * New upstream release
     rouge 2.0 is now compatible (Closes: #830111)
  * Refresh patches
  * Update dependencies

 -- Pirate Praveen <praveen@debian.org>  Wed, 31 Aug 2016 19:24:55 +0530

gitlab (8.9.0+dfsg-10) unstable; urgency=medium

  * Relax dependency on rails in Gemfile (Closes: #834907)

 -- Pirate Praveen <praveen@debian.org>  Mon, 22 Aug 2016 11:07:21 +0530

gitlab (8.9.0+dfsg-9) unstable; urgency=medium

  * Create gitlab user as system user (Closes: #834037)

  [ Dmitry Smirnov ]
  * New patch to fix error 500 on runners page (Closes: #819903)
    Thanks, Libor Klepáč.

 -- Pirate Praveen <praveen@debian.org>  Mon, 15 Aug 2016 19:51:05 +0530

gitlab (8.9.0+dfsg-8) unstable; urgency=medium

  * Update ruby-unicorn-worker-killer dependency
  * Don't fail when .ssh exist

 -- Pirate Praveen <praveen@debian.org>  Tue, 26 Jul 2016 15:03:10 +0530

gitlab (8.9.0+dfsg-7) unstable; urgency=medium

  * Tighten dependencies
  * Allow unicorn 5.0

 -- Pirate Praveen <praveen@debian.org>  Thu, 21 Jul 2016 13:51:37 +0530

gitlab (8.9.0+dfsg-6) unstable; urgency=medium

  * Create .ssh/authorized_keys in postinst

 -- Pirate Praveen <praveen@debian.org>  Wed, 20 Jul 2016 23:13:59 +0530

gitlab (8.9.0+dfsg-5) unstable; urgency=medium

  * Tighten dependencies
  * Don't run gitlab:shell:install in postinst (Closes: #831877)
    (installed config.yml works)
  * Add a note about CAcert and browser trust

  [ Dmitry Smirnov ]
  * Do not leave dangling symlinks behind after purge
  * Remove generated assets on purge
  * rules: do not install LICENSE files
  * rules: properly use dh-systemd (Closes: #820991)
  * Rewrite terrible upstream .service files:
     - added meta "gitlab.service" that work alike corresponding init.d script
     - new .service files with support for "reload" and propagation of "reload" from "gitlab.service"
     - non-forking PIDFILE-less implementation
    This change fixes services' start-up and postinst error on first install.
  * templates: Replace StartSSL with CACert

 -- Pirate Praveen <praveen@debian.org>  Wed, 20 Jul 2016 20:28:21 +0530

gitlab (8.9.0+dfsg-4) unstable; urgency=medium

  * Move config files to /usr/share/doc as examples and
    copy them to /var/lib for modification (Closes: #821086)
  * Fix gitlab-shell's config.yml handling (Closes: #827846)

 -- Pirate Praveen <praveen@debian.org>  Thu, 14 Jul 2016 19:53:16 +0530

gitlab (8.9.0+dfsg-3) unstable; urgency=medium

  * Relax grape and rouge in Gemfile

 -- Pirate Praveen <praveen@debian.org>  Sun, 10 Jul 2016 20:23:41 +0530

gitlab (8.9.0+dfsg-2) unstable; urgency=medium

  * Reupload to unstable
  * Relax omniauth-google-oauth2 in Gemfile

 -- Pirate Praveen <praveen@debian.org>  Sat, 09 Jul 2016 20:14:24 +0530

gitlab (8.9.0+dfsg-1) experimental; urgency=medium

  * New upstream release
  * Refresh patches and update dependencies

 -- Pirate Praveen <praveen@debian.org>  Thu, 23 Jun 2016 23:54:28 +0530

gitlab (8.9.0+dfsg~rc4-1) experimental; urgency=medium

  * New upstream release candidate
  * Refresh patches
  * Use jquery in place of jquery2 (debian has only jquery and it has same API)
  * Remove /etc/gitlab/initializers/devise_async.rb (removed upstream)
  * Symlink /usr/share/gitlab/.ssh to var/lib/gitlab/.ssh

 -- Pirate Praveen <praveen@debian.org>  Wed, 22 Jun 2016 13:57:27 +0530

gitlab (8.8.2+dfsg-5) unstable; urgency=medium

  * Relax dependencies for all stable libraries (>= 1.0) (Closes: #827374)

 -- Pirate Praveen <praveen@debian.org>  Thu, 16 Jun 2016 12:31:40 +0530

gitlab (8.8.2+dfsg-4) unstable; urgency=high

  * Allow minor updates for ruby-state-machines-activerecord (Closes: #827013)

 -- Pirate Praveen <praveen@debian.org>  Sun, 12 Jun 2016 12:51:19 +0530

gitlab (8.8.2+dfsg-3) unstable; urgency=medium

  * Update minimum version of rails to 4.2.6
  * Update minimum version of ruby-request-store to 1.3
  * Add postgresql-contrib as dependency for pg_trgm extension
    (Closes: #826302)
  * Add ruby-coffee-script-source (>= 1.10.0~) as dependency

 -- Pirate Praveen <praveen@debian.org>  Sun, 05 Jun 2016 18:20:51 +0530

gitlab (8.8.2+dfsg-2) unstable; urgency=medium

  * Move gitlab-shell's config.yml to /etc
  * Update minimum version of gitlab-shell to 3.0.0

 -- Pirate Praveen <praveen@debian.org>  Sat, 04 Jun 2016 21:47:12 +0530

gitlab (8.8.2+dfsg-1) unstable; urgency=medium

  * New upstream release (Closes: #823290)
  * Refresh patches
  * Bump standards version to 3.9.8 (no changes)
  * Enable the pg_trgm extension for postgresql
  * Check if nginx site configuration directory is present before copying
    (Closes: #821085)
  * Symlink /run/gitlab/cache to /var/lib/gitlab/cache (or /run gets filled up)
  * Remove debconf db on purge

 -- Pirate Praveen <praveen@debian.org>  Thu, 02 Jun 2016 22:27:15 +0530

gitlab (8.5.8+dfsg-5) unstable; urgency=medium

  * Make nginx optional (Closes: #819260)
  * Manage nginx configuration via ucf (Closes: #819262)
  * Manage gitlab-debian.conf and gitlab.yml via ucf
  * Make postinst more verbose

 -- Pirate Praveen <praveen@debian.org>  Fri, 08 Apr 2016 17:29:34 +0530

gitlab (8.5.8+dfsg-4) unstable; urgency=medium

  * Tighten version requirements for dependencies
  * Fix permissions for uploads
  * Run db:migrate when db exist
  * Restrict file permissions for secret files (Closes: #819412)
  * Move db to /var/lib/gitlab (fix migrations)

  [ Libor Klepáč ]
  * Create builds directory in /var/log (Closes: #819907)

 -- Pirate Praveen <praveen@debian.org>  Tue, 05 Apr 2016 22:55:36 +0530

gitlab (8.5.8+dfsg-3) unstable; urgency=medium

  * Reupload to unstable
  * Add mail-transport-agent as dependency
  * Symlink 'shared' to /var/lib/gitlab instead of 'shared/cache'
    - gitlab expects everything inside shared to be in the same file system.
  * Use embedded copy of fuzzaldrin-plus (See #814871 for more details)
  * Bring back db check in postinst (initialize the db only if it is empty)
  * Choose unicode for db encoding
  * Don't run letsencrypt if certificate is already present

 -- Pirate Praveen <praveen@debian.org>  Tue, 05 Apr 2016 00:14:30 +0530

gitlab (8.5.8+dfsg-2) experimental; urgency=medium

  * Change letsencrypt from depends to recommends

 -- Pirate Praveen <praveen@debian.org>  Sun, 03 Apr 2016 11:09:51 +0530

gitlab (8.5.8+dfsg-1) experimental; urgency=medium

  * New upstream release

 -- Pirate Praveen <praveen@debian.org>  Sat, 02 Apr 2016 21:30:27 +0530

gitlab (8.4.3+dfsg-12) unstable; urgency=medium

  [ Libor Klepáč ]
  * Add fix-wiki.patch: Fix wiki display (Closes: #815465)

  [ Pirate Praveen ]
  * Use redis-server.service instead of redis.service (which is an alias to
    redis-server.service and won't be available if redis-server.service is
    disabled) in systemd files.

 -- Pirate Praveen <praveen@debian.org>  Fri, 18 Mar 2016 19:12:10 +0530

gitlab (8.4.3+dfsg-11) unstable; urgency=medium

  * Relax stable library versions requirement
  * Relax dependency on grape-entity

  [ Johannes Schauer ]
  * Add diagnostic info to README.Debian
  * Add steps of migrating a source install to debian package

 -- Pirate Praveen <praveen@debian.org>  Wed, 16 Mar 2016 20:16:47 +0530

gitlab (8.4.3+dfsg-10) unstable; urgency=medium

  [ Balasankar C ]
  * Team upload.
  * Bump Standards Version (No Changes).
  * Fix typo in debian/README.Debian.
  * 0038-relax-net-ssh.patch : Add dep3 header.

  [ Pirate Praveen ]
  * Replace gitlab:setup with db:schema:load and db:seed_fu (Closes: #815798)
  * Relax rails dependency in Gemfile (Closes: #817150)

 -- Pirate Praveen <praveen@debian.org>  Tue, 15 Mar 2016 19:42:59 +0530

gitlab (8.4.3+dfsg-9) unstable; urgency=medium

  * Reorganize directory layout (Closes: #814476)
    - Move gitlab user's home directory to /var/lib
    - Add config as a symlink to /etc/gitlab
    - Add log as a symlink to /var/log/gitlab
    - Add public as a symlink to /var/lib/gitlab/public
    - Add more files that needs write permission to /var

 -- Pirate Praveen <praveen@debian.org>  Thu, 18 Feb 2016 22:51:32 +0530

gitlab (8.4.3+dfsg-8) unstable; urgency=medium

  * Install tmpfiles.d/gitlab.conf and allow www-data user to read /run/gitlab
    (Closes: #814714)
  * Switch to sendmail method by default.

 -- Pirate Praveen <praveen@debian.org>  Tue, 16 Feb 2016 13:58:16 +0530

gitlab (8.4.3+dfsg-7) unstable; urgency=medium

  * bc should be in build-dep (Closes: #814695)
  * fix pid file mismatch between /etc/default/gitlab and systemd service files
    (Closes: #814714)
  * use tmpfiles.d for /run/gitlab (Closes: #814713) Thanks to Christian Seiler

 -- Pirate Praveen <praveen@debian.org>  Tue, 16 Feb 2016 00:08:18 +0530

gitlab (8.4.3+dfsg-6) unstable; urgency=medium

  * Fix pid and sockets path for gitlab-workhorse

 -- Pirate Praveen <praveen@debian.org>  Sun, 14 Feb 2016 12:45:24 +0530

gitlab (8.4.3+dfsg-5) unstable; urgency=medium

  * Switch to su from sudo

 -- Pirate Praveen <praveen@debian.org>  Sat, 13 Feb 2016 23:53:42 +0530

gitlab (8.4.3+dfsg-4) unstable; urgency=medium

  * Don't overwrite existing database (Closes: #814458)
  * Write logs, pids and sockets to /var (Closes: #814476)
  * Add more files to debian/install (Closes: #814503)
  * Add a check in debian/rules for installing all files

 -- Pirate Praveen <praveen@debian.org>  Sat, 13 Feb 2016 21:55:51 +0530

gitlab (8.4.3+dfsg-3) unstable; urgency=medium

  * Check if /run/systemd/system dirctory exist for systemd

 -- Pirate Praveen <praveen@debian.org>  Fri, 12 Feb 2016 01:01:59 +0530

gitlab (8.4.3+dfsg-2) unstable; urgency=medium

  [ Balasankar C ]
  * Add email configuration via sendmail method

  [ Pirate Praveen ]
  * Download certificates via letsencrypt
  * Check /proc/1/cmdline for systemd (Closes: #814413)

 -- Pirate Praveen <praveen@debian.org>  Fri, 12 Feb 2016 00:17:01 +0530

gitlab (8.4.3+dfsg-1) unstable; urgency=medium

  * New upstream release
  * Refresh patches (rails version is in sync)
  * Configure ssl for nginx if selected
  * Use letsencrypt certificate paths if selected
  * Add git as dependency (Closes: #813807)
  * SSH key upload is working (Closes: #812861)
  * Configure gitlab_url as workwround (Closes: #813770 )

 -- Pirate Praveen <praveen@debian.org>  Tue, 09 Feb 2016 23:39:34 +0530

gitlab (8.4.0+dfsg-2) unstable; urgency=medium

  * Add systemd units (Closes: #812841)
  * Remove Gemfile.lock if found before bundle install
    (Closes: #813550) (Closes: #812907)

 -- Pirate Praveen <praveen@debian.org>  Thu, 04 Feb 2016 16:28:26 +0530

gitlab (8.4.0+dfsg-1) unstable; urgency=medium

  * New upstream release
  * Use su instead of sudo everywhere (Closes: #812951)
  * Add rake and ruby-sentry-raven as dependencies
  * Remove patch 0107-relax-omniauth-facebook.patch

 -- Pirate Praveen <praveen@debian.org>  Tue, 02 Feb 2016 19:28:45 +0530

gitlab (8.4.0+dfsg~rc2-4) unstable; urgency=medium

  * Reupload to unstable
  * Relax ruby-net-ssh dependency

 -- Pirate Praveen <praveen@debian.org>  Thu, 28 Jan 2016 02:01:57 +0530

gitlab (8.4.0+dfsg~rc2-3) experimental; urgency=medium

  * Read gitlab-debian.conf from /etc/default/gitlab
    - Use debian specific configuration in init script
  * Add nginx to dependencies (Closes: #812724)
  * Add ruby-influxdb to dependencies (Closes: #812839)
  * Add missing dependecies from Gemfile and tighen versions
  * Use environmental variables by commenting out defaults in gitlab.yml

 -- Pirate Praveen <praveen@debian.org>  Wed, 27 Jan 2016 13:40:31 +0530

gitlab (8.4.0+dfsg~rc2-2) experimental; urgency=medium

  * Add README.Debian to document debian specific changes
  * Make mysql optional (Closes: #812345)
  * Configure hostname via debconf and integrate nginx

 -- Pirate Praveen <praveen@debian.org>  Sun, 24 Jan 2016 15:19:19 +0530

gitlab (8.4.0+dfsg~rc2-1) experimental; urgency=medium

  * Initial release (Closes: #651606)

 -- Pirate Praveen <praveen@debian.org>  Wed, 20 Jan 2016 00:56:59 +0530