From 153513f531a5104c2b89bf467111e071a7ce8b14 Mon Sep 17 00:00:00 2001 From: Pirate Praveen Date: Tue, 18 Oct 2022 15:59:10 +0530 Subject: [PATCH] Refresh patches --- .../Gemfile/0010-relax-stable-libs.patch | 132 +++++++++--------- .../0020-remove-development-test.patch | 22 +-- ...0-make-test-dependencies-conditional.patch | 2 +- .../patches/Gemfile/0040-relax-httparty.patch | 2 +- debian/patches/Gemfile/0050-relax-rdoc.patch | 2 +- .../Gemfile/0090-remove-ee-only-gems.patch | 4 +- .../patches/Gemfile/0120-relax-capybara.patch | 2 +- .../0130-remove-capybara-screenshot.patch | 2 +- .../Gemfile/0140-remove-guard-rspec.patch | 2 +- debian/patches/Gemfile/0160-relax-rexml.patch | 6 +- .../patches/Gemfile/0180-add-parser-gem.patch | 2 +- debian/patches/Gemfile/0190-relax-rdoc.patch | 2 +- .../Gemfile/0200-add-gitlab-dangerfiles.patch | 2 +- .../nodejs/0010-set-webpack-root.patch | 2 +- .../nodejs/0020-remove-dev-dependencies.patch | 18 +-- .../nodejs/0040-use-packaged-modules.patch | 69 +++------ ...070-remove-capybara-screenshot-rspec.patch | 2 +- 17 files changed, 126 insertions(+), 147 deletions(-) diff --git a/debian/patches/Gemfile/0010-relax-stable-libs.patch b/debian/patches/Gemfile/0010-relax-stable-libs.patch index 58d01367c0..c16614db2f 100644 --- a/debian/patches/Gemfile/0010-relax-stable-libs.patch +++ b/debian/patches/Gemfile/0010-relax-stable-libs.patch @@ -3,9 +3,9 @@ gitlab Gemfile --- a/Gemfile +++ b/Gemfile -@@ -2,62 +2,62 @@ +@@ -4,63 +4,63 @@ - source 'https://rubygems.org' + gem 'bundler-checksum', '~> 0.1.0', path: 'vendor/gems/bundler-checksum', require: false -gem 'rails', '~> 6.1.6.1' +gem 'rails', '~> 6.1.6', '>= 6.1.6.1' @@ -19,7 +19,8 @@ gitlab Gemfile -gem 'sprockets', '~> 3.7.0' +gem 'sprockets', '~> 3.7' - gem 'view_component', '~> 2.61' +-gem 'view_component', '~> 2.71.0' ++gem 'view_component', '~> 2.71' # Default values for AR models -gem 'default_value_for', '~> 3.4.0' @@ -42,8 +43,8 @@ gitlab Gemfile +gem 'declarative_policy', '~> 1.1' # Authentication libraries --gem 'devise', '~> 4.7.2' -+gem 'devise', '~> 4.7','>= 4.7.2' +-gem 'devise', '~> 4.8.1' ++gem 'devise', '~> 4.8', '>= 4.8.1' gem 'devise-pbkdf2-encryptable', '~> 0.0.0', path: 'vendor/gems/devise-pbkdf2-encryptable' gem 'bcrypt', '~> 3.1', '>= 3.1.14' -gem 'doorkeeper', '~> 5.5.0.rc2' @@ -54,32 +55,33 @@ gitlab Gemfile +gem 'doorkeeper-openid_connect', '~> 1.7','>= 1.7.5' +gem 'rexml', '~> 3.2','>= 3.2.5' +gem 'ruby-saml', '~> 1.13' - gem 'omniauth', '~> 1.8' + gem 'omniauth-rails_csrf_protection' +-gem 'omniauth', '~> 2.1.0' -gem 'omniauth-auth0', '~> 2.0.0' ++gem 'omniauth', '~> 2.1' +gem 'omniauth-auth0', '~> 2.0' gem 'omniauth-azure-activedirectory-v2', '~> 1.0' - gem 'omniauth-azure-oauth2', '~> 0.0.9' # See vendor/gems/omniauth-azure-oauth2/README.md + gem 'omniauth-azure-oauth2', '~> 0.0.9', path: 'vendor/gems/omniauth-azure-oauth2' # See gem README.md gem 'omniauth-cas3', '~> 1.1.4', path: 'vendor/gems/omniauth-cas3' # See vendor/gems/omniauth-cas3/README.md gem 'omniauth-dingtalk-oauth2', '~> 1.0' -gem 'omniauth-alicloud', '~> 1.0.1' -gem 'omniauth-facebook', '~> 4.0.0' +-gem 'omniauth-github', '2.0.0' +gem 'omniauth-alicloud', '~> 1.0', '>= 1.0.1' +gem 'omniauth-facebook', '~> 4.0' - gem 'omniauth-github', '~> 1.4' --gem 'omniauth-gitlab', '~> 4.0.0', path: 'vendor/gems/omniauth-gitlab' # See vendor/gems/omniauth-gitlab/README.md -+gem 'omniauth-gitlab', '~> 4.0', path: 'vendor/gems/omniauth-gitlab' # See vendor/gems/omniauth-gitlab/README.md - gem 'omniauth-google-oauth2', '~> 0.6.0' ++gem 'omniauth-github', '~> 2.0' + gem 'omniauth-gitlab', '~> 4.0.0', path: 'vendor/gems/omniauth-gitlab' # See vendor/gems/omniauth-gitlab/README.md + gem 'omniauth-google-oauth2', '~> 1.0.1', path: 'vendor/gems/omniauth-google-oauth2' # See gem README.md gem 'omniauth-oauth2-generic', '~> 0.2.2' - gem 'omniauth-saml', '~> 1.10' +-gem 'omniauth-saml', '~> 2.0.0' -gem 'omniauth-shibboleth', '~> 1.3.0' ++gem 'omniauth-saml', '~> 2.0' +gem 'omniauth-shibboleth', '~> 1.3' gem 'omniauth-twitter', '~> 1.4' --gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md -+gem 'omniauth_crowd', '~> 2.4', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md + gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md gem 'omniauth-authentiq', '~> 0.3.3' - gem 'gitlab-omniauth-openid-connect', '~> 0.9.0', require: 'omniauth_openid_connect' --gem 'omniauth-salesforce', '~> 1.0.5' -+gem 'omniauth-salesforce', '~> 1.0','>= 1.0.5' + gem 'gitlab-omniauth-openid-connect', '~> 0.10.0', require: 'omniauth_openid_connect' + gem 'omniauth-salesforce', '~> 1.0.5', path: 'vendor/gems/omniauth-salesforce' # See gem README.md gem 'omniauth-atlassian-oauth2', '~> 0.2.0' -gem 'rack-oauth2', '~> 1.21.2' -gem 'jwt', '~> 2.1.0' @@ -88,7 +90,7 @@ gitlab Gemfile # Kerberos authentication. EE-only gem 'gssapi', group: :kerberos -@@ -66,17 +66,17 @@ +@@ -69,17 +69,17 @@ # Spam and anti-bot protection gem 'recaptcha', '~> 4.11', require: 'recaptcha/rails' gem 'akismet', '~> 3.0' @@ -111,7 +113,7 @@ gitlab Gemfile # GitLab Pages letsencrypt support gem 'acme-client', '~> 2.0' -@@ -87,24 +87,24 @@ +@@ -90,24 +90,24 @@ gem 'ohai', '~> 16.10' # GPG @@ -143,7 +145,7 @@ gitlab Gemfile gem 'graphlient', '~> 0.5.0' # Used by BulkImport feature (group::import) gem 'hashie' -@@ -115,23 +115,23 @@ +@@ -118,23 +118,23 @@ gem 'kaminari', '~> 1.0' # HAML @@ -171,7 +173,7 @@ gitlab Gemfile # for Google storage gem 'google-api-client', '~> 0.33' -@@ -140,38 +140,38 @@ +@@ -143,38 +143,38 @@ gem 'unf', '~> 0.1.4' # Seed data @@ -211,23 +213,23 @@ gitlab Gemfile gem 'org-ruby', '~> 0.9.12' gem 'creole', '~> 0.5.0' -gem 'wikicloth', '0.8.1' --gem 'asciidoctor', '~> 2.0.10' +-gem 'asciidoctor', '~> 2.0.17' +gem 'wikicloth', '~> 0.8.1' -+gem 'asciidoctor', '~> 2.0','>= 2.0.10' ++gem 'asciidoctor', '~> 2.0', '>= 2.0.17' gem 'asciidoctor-include-ext', '~> 0.4.0', require: false - gem 'asciidoctor-plantuml', '~> 0.0.12' + gem 'asciidoctor-plantuml', '~> 0.0.16' gem 'asciidoctor-kroki', '~> 0.5.0', require: false -gem 'rouge', '~> 3.30.0' +gem 'rouge', '~> 3.30' gem 'truncato', '~> 0.7.12' -gem 'bootstrap_form', '~> 4.2.0' --gem 'nokogiri', '~> 1.13.0' +-gem 'nokogiri', '~> 1.13.8' +gem 'bootstrap_form', '~> 4.2' -+gem 'nokogiri', '~> 1.13' ++gem 'nokogiri', '~> 1.3', '>= 1.13.8' gem 'escape_utils', '~> 1.1' # Calendar rendering -@@ -182,12 +182,12 @@ +@@ -185,12 +185,12 @@ gem 'diff_match_patch', '~> 0.1.0' # Application server @@ -237,16 +239,20 @@ gitlab Gemfile gem 'rack-timeout', '~> 0.6.0', require: 'rack/timeout/base' group :puma do -- gem 'puma', '~> 5.6.4', require: false -+ gem 'puma', '~> 5.6', '>= 5.6.4', require: false +- gem 'puma', '~> 5.6.5', require: false ++ gem 'puma', '~> 5.6', '>= 5.6.5', require: false gem 'puma_worker_killer', '~> 0.3.1', require: false gem 'sd_notify', '~> 0.1.0', require: false end -@@ -201,11 +201,11 @@ +@@ -202,13 +202,13 @@ + gem 'acts-as-taggable-on', '~> 9.0' + # Background jobs - gem 'sidekiq', '~> 6.4' - gem 'sidekiq-cron', '~> 1.2' +-gem 'sidekiq', '~> 6.4.0' +-gem 'sidekiq-cron', '~> 1.4.0' -gem 'redis-namespace', '~> 1.8.1' ++gem 'sidekiq', '~> 6.4' ++gem 'sidekiq-cron', '~> 1.4' +gem 'redis-namespace', '~> 1.8','>= 1.8.1' gem 'gitlab-sidekiq-fetcher', '0.8.0', require: 'sidekiq-reliable-fetch' @@ -256,7 +262,7 @@ gitlab Gemfile # HTTP requests gem 'httparty', '~> 0.16.4' -@@ -217,14 +217,14 @@ +@@ -220,14 +220,14 @@ gem 'ruby-progressbar', '~> 1.10' # GitLab settings @@ -274,12 +280,12 @@ gitlab Gemfile # Export Ruby Regex to Javascript gem 'js_regex', '~> 3.7' -@@ -233,24 +233,24 @@ +@@ -236,11 +236,11 @@ gem 'device_detector' # Redis --gem 'redis', '~> 4.4.0' -+gem 'redis', '~> 4.4' +-gem 'redis', '~> 4.7.0' ++gem 'redis', '~> 4.7' gem 'connection_pool', '~> 2.0' # Redis session store @@ -288,13 +294,7 @@ gitlab Gemfile # Discord integration gem 'discordrb-webhooks', '~> 3.4', require: false - - # Jira integration --gem 'jira-ruby', '~> 2.1.4' -+gem 'jira-ruby', '~> 2.1', '>= 2.1.4' - gem 'atlassian-jwt', '~> 0.2.0' - - # Flowdock integration +@@ -253,7 +253,7 @@ gem 'flowdock', '~> 0.7' # Slack integration @@ -303,7 +303,7 @@ gitlab Gemfile # Hangouts Chat integration gem 'hangouts-chat', '~> 0.0.5', require: 'hangouts_chat' -@@ -262,17 +262,17 @@ +@@ -265,14 +265,14 @@ gem 'ruby-fogbugz', '~> 0.2.1' # Kubernetes integration @@ -320,12 +320,8 @@ gitlab Gemfile +gem 'loofah', '~> 2.18' # Working with license --gem 'licensee', '~> 9.14.1' -+gem 'licensee', '~> 9.14','>= 9.14.1' - - # Detect and convert string character encoding - gem 'charlock_holmes', '~> 0.7.7' -@@ -289,32 +289,32 @@ + # Detects the open source license the repository includes +@@ -294,32 +294,32 @@ gem 'rack-proxy', '~> 0.7.2' @@ -369,7 +365,7 @@ gitlab Gemfile # LabKit: Tracing and Correlation gem 'gitlab-labkit', '~> 0.24.0' -@@ -325,11 +325,11 @@ +@@ -328,11 +328,11 @@ # I18n gem 'ruby_parser', '~> 3.15', require: false gem 'rails-i18n', '~> 7.0' @@ -383,10 +379,10 @@ gitlab Gemfile # Perf bar gem 'peek', '~> 1.1' -@@ -339,10 +339,10 @@ +@@ -341,10 +341,10 @@ + gem 'snowplow-tracker', '~> 0.6.1' # Metrics - gem 'method_source', '~> 1.0', require: false -gem 'webrick', '~> 1.6.1', require: false +gem 'webrick', '~> 1.6', '>= 1.6.1', require: false gem 'prometheus-client-mmap', '~> 0.16', require: 'prometheus/client' @@ -395,8 +391,8 @@ gitlab Gemfile +gem 'warning', '~> 1.3' group :development do - gem 'lefthook', '~> 1.1.0', require: false -@@ -422,24 +422,24 @@ + gem 'lefthook', '~> 1.1.1', require: false +@@ -426,24 +426,24 @@ end group :test do @@ -432,16 +428,16 @@ gitlab Gemfile gem 'rspec_junit_formatter' gem 'guard-rspec' -@@ -456,7 +456,7 @@ +@@ -460,7 +460,7 @@ gem 'email_reply_trimmer', '~> 0.1' gem 'html2text' -gem 'ruby-prof', '~> 1.3.0' +gem 'ruby-prof', '~> 1.3' - gem 'stackprof', '~> 0.2.15', require: false + gem 'stackprof', '~> 0.2.21', require: false gem 'rbtrace', '~> 0.4', require: false gem 'memory_profiler', '~> 0.9', require: false -@@ -470,8 +470,8 @@ +@@ -473,8 +473,8 @@ gem 'health_check', '~> 3.0' # System information @@ -452,12 +448,16 @@ gitlab Gemfile # NTP client gem 'net-ntp' -@@ -483,12 +483,12 @@ - gem 'spamcheck', '~> 0.1.0' +@@ -483,15 +483,15 @@ + gem 'ssh_data', '~> 1.3' + + # Spamcheck GRPC protocol definitions +-gem 'spamcheck', '~> 1.0.0' ++gem 'spamcheck', '~> 1.0' # Gitaly GRPC protocol definitions --gem 'gitaly', '~> 15.3.0-rc3' -+gem 'gitaly', '~> 15.3' +-gem 'gitaly', '~> 15.4.0-rc2' ++gem 'gitaly', '~> 15.4' # KAS GRPC protocol definitions gem 'kas-grpc', '~> 0.0.2' @@ -467,7 +467,7 @@ gitlab Gemfile gem 'google-protobuf', '~> 3.21' -@@ -498,7 +498,7 @@ +@@ -501,7 +501,7 @@ gem 'flipper', '~> 0.25.0' gem 'flipper-active_record', '~> 0.25.0' gem 'flipper-active_support_cache_store', '~> 0.25.0' @@ -476,7 +476,7 @@ gitlab Gemfile gem 'gitlab-experiment', '~> 0.7.1' # Structured logging -@@ -511,12 +511,12 @@ +@@ -514,12 +514,12 @@ # Countries list gem 'countries', '~> 3.0' @@ -491,7 +491,7 @@ gitlab Gemfile # Locked as long as quoted-printable encoding issues are not resolved # Monkey-patched in `config/initializers/mail_encoding_patch.rb` -@@ -531,12 +531,11 @@ +@@ -536,12 +536,11 @@ gem 'valid_email', '~> 0.1' # JSON @@ -508,7 +508,7 @@ gitlab Gemfile gem 'webauthn', '~> 2.3' # IPAddress utilities -@@ -546,7 +545,7 @@ +@@ -551,7 +550,7 @@ gem 'ipynbdiff', path: 'vendor/gems/ipynbdiff' diff --git a/debian/patches/Gemfile/0020-remove-development-test.patch b/debian/patches/Gemfile/0020-remove-development-test.patch index 92034493ba..73e0cba967 100644 --- a/debian/patches/Gemfile/0020-remove-development-test.patch +++ b/debian/patches/Gemfile/0020-remove-development-test.patch @@ -2,7 +2,7 @@ Bundler will fail when it can't find these locally --- a/Gemfile +++ b/Gemfile -@@ -104,7 +104,6 @@ +@@ -107,7 +107,6 @@ gem 'graphql', '~> 1.13', '>= 1.13.12' gem 'graphiql-rails', '~> 1.8' gem 'apollo_upload_server', '~> 2.1' @@ -10,7 +10,7 @@ Bundler will fail when it can't find these locally gem 'graphlient', '~> 0.5.0' # Used by BulkImport feature (group::import) gem 'hashie' -@@ -327,7 +326,6 @@ +@@ -330,7 +329,6 @@ gem 'rails-i18n', '~> 7.0' gem 'gettext_i18n_rails', '~> 1.8' gem 'gettext_i18n_rails_js', '~> 1.3' @@ -18,20 +18,20 @@ Bundler will fail when it can't find these locally gem 'batch-loader', '~> 2.0', '>= 2.0.1' -@@ -344,83 +342,6 @@ +@@ -346,85 +344,6 @@ gem 'warning', '~> 1.3' -group :development do -- gem 'lefthook', '~> 1.1.0', require: false +- gem 'lefthook', '~> 1.1.1', require: false - gem 'rubocop' -- gem 'solargraph', '~> 0.45.0', require: false +- gem 'solargraph', '~> 0.46.0', require: false - - gem 'letter_opener_web', '~> 2.0.0' -- gem 'lookbook' +- gem 'lookbook', '~> 1.0' - - # Better errors handler -- gem 'better_errors', '~> 2.9.0' +- gem 'better_errors', '~> 2.9.1' - - gem 'sprite-factory', '~> 1.7' -end @@ -58,12 +58,14 @@ Bundler will fail when it can't find these locally - gem 'spring', '~> 2.1.0' - gem 'spring-commands-rspec', '~> 1.0.4' - -- gem 'gitlab-styles', '~> 7.1.0', require: false +- gem 'gitlab-styles', '~> 8.0.0', require: false - -- gem 'haml_lint', '~> 0.36.0', require: false +- gem 'haml_lint', '~> 0.40.0', require: false - gem 'bundler-audit', '~> 0.7.0.1', require: false - +- # Benchmarking & profiling - gem 'benchmark-ips', '~> 2.3.0', require: false +- gem 'benchmark-memory', '~> 0.1', require: false - - gem 'knapsack', '~> 1.21.1' - gem 'crystalball', '~> 0.7.0', require: false @@ -84,7 +86,7 @@ Bundler will fail when it can't find these locally -end - -group :development, :test, :danger do -- gem 'gitlab-dangerfiles', '~> 3.5.0', require: false +- gem 'gitlab-dangerfiles', '~> 3.5.2', require: false -end - -group :development, :test, :coverage do diff --git a/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch b/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch index 1e331a56c5..7d347a4678 100644 --- a/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch +++ b/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch @@ -2,7 +2,7 @@ Make test dependencies conditional so we can enable them when running autopkgtes --- a/Gemfile +++ b/Gemfile -@@ -342,7 +342,7 @@ +@@ -344,7 +344,7 @@ gem 'warning', '~> 1.3' diff --git a/debian/patches/Gemfile/0040-relax-httparty.patch b/debian/patches/Gemfile/0040-relax-httparty.patch index 4ad9d205d6..ac3b105bbe 100644 --- a/debian/patches/Gemfile/0040-relax-httparty.patch +++ b/debian/patches/Gemfile/0040-relax-httparty.patch @@ -2,7 +2,7 @@ Allow newer versions of httparty to satisfy dependency --- a/Gemfile +++ b/Gemfile -@@ -207,7 +207,7 @@ +@@ -210,7 +210,7 @@ gem 'fugit', '~> 1.2','>= 1.2.1' # HTTP requests diff --git a/debian/patches/Gemfile/0050-relax-rdoc.patch b/debian/patches/Gemfile/0050-relax-rdoc.patch index d879c9527b..8d506e47ab 100644 --- a/debian/patches/Gemfile/0050-relax-rdoc.patch +++ b/debian/patches/Gemfile/0050-relax-rdoc.patch @@ -2,7 +2,7 @@ Allow rdoc from ruby 2.5 to match requirement --- a/Gemfile +++ b/Gemfile -@@ -159,7 +159,7 @@ +@@ -162,7 +162,7 @@ gem 'commonmarker', '~> 0.23.4' gem 'kramdown', '~> 2.3','>= 2.3.1' gem 'RedCloth', '~> 4.3','>= 4.3.2' diff --git a/debian/patches/Gemfile/0090-remove-ee-only-gems.patch b/debian/patches/Gemfile/0090-remove-ee-only-gems.patch index 44f1c3e68a..f45db88398 100644 --- a/debian/patches/Gemfile/0090-remove-ee-only-gems.patch +++ b/debian/patches/Gemfile/0090-remove-ee-only-gems.patch @@ -2,7 +2,7 @@ This gem is used only in gitlab Enterprise Edition --- a/Gemfile +++ b/Gemfile -@@ -60,7 +60,6 @@ +@@ -63,7 +63,6 @@ gem 'jwt', '~> 2.1' # Kerberos authentication. EE-only @@ -10,7 +10,7 @@ This gem is used only in gitlab Enterprise Edition gem 'timfel-krb5-auth', '~> 0.8', group: :kerberos # Spam and anti-bot protection -@@ -298,8 +297,6 @@ +@@ -303,8 +302,6 @@ gem 'request_store', '~> 1.5' gem 'base32', '~> 0.3.0' diff --git a/debian/patches/Gemfile/0120-relax-capybara.patch b/debian/patches/Gemfile/0120-relax-capybara.patch index 64d117fb94..1db4722c8e 100644 --- a/debian/patches/Gemfile/0120-relax-capybara.patch +++ b/debian/patches/Gemfile/0120-relax-capybara.patch @@ -1,6 +1,6 @@ --- a/Gemfile +++ b/Gemfile -@@ -346,7 +346,7 @@ +@@ -348,7 +348,7 @@ gem 'rspec-benchmark', '~> 0.6.0' gem 'rspec-parameterized', require: false diff --git a/debian/patches/Gemfile/0130-remove-capybara-screenshot.patch b/debian/patches/Gemfile/0130-remove-capybara-screenshot.patch index 4ff3942fc8..07d858728d 100644 --- a/debian/patches/Gemfile/0130-remove-capybara-screenshot.patch +++ b/debian/patches/Gemfile/0130-remove-capybara-screenshot.patch @@ -1,6 +1,6 @@ --- a/Gemfile +++ b/Gemfile -@@ -347,7 +347,6 @@ +@@ -349,7 +349,6 @@ gem 'rspec-parameterized', require: false gem 'capybara', '~> 3.12' diff --git a/debian/patches/Gemfile/0140-remove-guard-rspec.patch b/debian/patches/Gemfile/0140-remove-guard-rspec.patch index 62aa742a4a..f16afd4c55 100644 --- a/debian/patches/Gemfile/0140-remove-guard-rspec.patch +++ b/debian/patches/Gemfile/0140-remove-guard-rspec.patch @@ -1,6 +1,6 @@ --- a/Gemfile +++ b/Gemfile -@@ -358,7 +358,6 @@ +@@ -360,7 +360,6 @@ gem 'concurrent-ruby', '~> 1.1' gem 'test-prof', '~> 1.0', '>= 1.0.7' gem 'rspec_junit_formatter' diff --git a/debian/patches/Gemfile/0160-relax-rexml.patch b/debian/patches/Gemfile/0160-relax-rexml.patch index 0b166f7ac3..5c4f315bda 100644 --- a/debian/patches/Gemfile/0160-relax-rexml.patch +++ b/debian/patches/Gemfile/0160-relax-rexml.patch @@ -2,12 +2,12 @@ libruby2.7 has rexml 3.2.3.1 which has latest security fixes --- a/Gemfile +++ b/Gemfile -@@ -34,7 +34,7 @@ +@@ -36,7 +36,7 @@ gem 'bcrypt', '~> 3.1', '>= 3.1.14' gem 'doorkeeper', '~> 5.5' gem 'doorkeeper-openid_connect', '~> 1.7','>= 1.7.5' -gem 'rexml', '~> 3.2','>= 3.2.5' +gem 'rexml', '~> 3.2','>= 3.2.3.1' gem 'ruby-saml', '~> 1.13' - gem 'omniauth', '~> 1.8' - gem 'omniauth-auth0', '~> 2.0' + gem 'omniauth-rails_csrf_protection' + gem 'omniauth', '~> 2.1' diff --git a/debian/patches/Gemfile/0180-add-parser-gem.patch b/debian/patches/Gemfile/0180-add-parser-gem.patch index 90db0cc953..bf5d3a11bc 100644 --- a/debian/patches/Gemfile/0180-add-parser-gem.patch +++ b/debian/patches/Gemfile/0180-add-parser-gem.patch @@ -2,7 +2,7 @@ Forwarded: https://gitlab.com/gitlab-org/gitlab/-/issues/354323 --- a/Gemfile +++ b/Gemfile -@@ -19,6 +19,9 @@ +@@ -21,6 +21,9 @@ # Supported DBs gem 'pg', '~> 1.4' diff --git a/debian/patches/Gemfile/0190-relax-rdoc.patch b/debian/patches/Gemfile/0190-relax-rdoc.patch index 0ea21c74e3..615f46d7e0 100644 --- a/debian/patches/Gemfile/0190-relax-rdoc.patch +++ b/debian/patches/Gemfile/0190-relax-rdoc.patch @@ -1,6 +1,6 @@ --- a/Gemfile +++ b/Gemfile -@@ -161,7 +161,7 @@ +@@ -164,7 +164,7 @@ gem 'commonmarker', '~> 0.23.4' gem 'kramdown', '~> 2.3','>= 2.3.1' gem 'RedCloth', '~> 4.3','>= 4.3.2' diff --git a/debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch b/debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch index 0e43597ab4..9835e2bdb9 100644 --- a/debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch +++ b/debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch @@ -2,7 +2,7 @@ Rakefile need this gem --- a/Gemfile +++ b/Gemfile -@@ -470,3 +470,6 @@ +@@ -472,3 +472,6 @@ # Error Tracking OpenAPI client # See https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/rake_tasks.md#update-openapi-client-for-error-tracking-feature gem 'error_tracking_open_api', path: 'vendor/gems/error_tracking_open_api' diff --git a/debian/patches/nodejs/0010-set-webpack-root.patch b/debian/patches/nodejs/0010-set-webpack-root.patch index 52a0db2bc7..ea21a221e8 100644 --- a/debian/patches/nodejs/0010-set-webpack-root.patch +++ b/debian/patches/nodejs/0010-set-webpack-root.patch @@ -2,7 +2,7 @@ Debian specific patch to help webpack find sources --- a/config/webpack.config.js +++ b/config/webpack.config.js -@@ -28,7 +28,7 @@ +@@ -29,7 +29,7 @@ const MonacoWebpackPlugin = require('./plugins/monaco_webpack'); const GraphqlKnownOperationsPlugin = require('./plugins/graphql_known_operations_plugin'); diff --git a/debian/patches/nodejs/0020-remove-dev-dependencies.patch b/debian/patches/nodejs/0020-remove-dev-dependencies.patch index e59935ad27..9c604bd7ed 100644 --- a/debian/patches/nodejs/0020-remove-dev-dependencies.patch +++ b/debian/patches/nodejs/0020-remove-dev-dependencies.patch @@ -2,11 +2,11 @@ These are not required in production --- a/package.json +++ b/package.json -@@ -198,58 +198,7 @@ +@@ -197,59 +197,6 @@ "yaml": "^2.0.0-10" }, "devDependencies": { -- "@gitlab/eslint-plugin": "16.0.0", +- "@gitlab/eslint-plugin": "17.0.0", - "@gitlab/stylelint-config": "4.1.0", - "@graphql-eslint/eslint-plugin": "3.10.7", - "@testing-library/dom": "^7.16.2", @@ -21,10 +21,12 @@ These are not required in production - "cheerio": "^1.0.0-rc.9", - "commander": "^2.20.3", - "custom-jquery-matchers": "^2.1.0", -- "eslint": "8.22.0", +- "eslint": "8.23.1", - "eslint-import-resolver-jest": "3.0.2", - "eslint-import-resolver-webpack": "0.13.2", +- "eslint-plugin-import": "^2.26.0", - "eslint-plugin-no-jquery": "2.7.0", +- "eslint-plugin-no-unsanitized": "^4.0.1", - "gettext-extractor": "^3.5.3", - "gettext-extractor-vue": "^5.0.0", - "glob": "^7.1.6", @@ -40,7 +42,7 @@ These are not required in production - "jest-raw-loader": "^1.0.1", - "jest-transform-graphql": "^2.1.0", - "jest-util": "^27.5.1", -- "markdownlint-cli": "0.31.0", +- "markdownlint-cli": "0.32.2", - "miragejs": "^0.1.40", - "mock-apollo-client": "1.2.0", - "nodemon": "^2.0.19", @@ -53,12 +55,10 @@ These are not required in production - "sass": "^1.49.9", - "stylelint": "^14.9.1", - "timezone-mock": "^1.0.8", -- "webpack-dev-server": "4.10.0", +- "webpack-dev-server": "4.11.0", - "xhr-mock": "^2.5.1", - "yarn-check-webpack-plugin": "^1.2.0", -- "yarn-deduplicate": "^5.0.2" -- }, -+ }, +- "yarn-deduplicate": "^6.0.0" + }, "blockedDependencies": { "bootstrap-vue": "https://docs.gitlab.com/ee/development/fe_guide/dependencies.html#bootstrapvue" - }, diff --git a/debian/patches/nodejs/0040-use-packaged-modules.patch b/debian/patches/nodejs/0040-use-packaged-modules.patch index a2856afb43..57bfdb7eaf 100644 --- a/debian/patches/nodejs/0040-use-packaged-modules.patch +++ b/debian/patches/nodejs/0040-use-packaged-modules.patch @@ -19,7 +19,7 @@ Use debian packaged node modules when available --- a/config/webpack.config.js +++ b/config/webpack.config.js -@@ -16,7 +16,6 @@ +@@ -17,7 +17,6 @@ const VUE_VERSION = require('vue/package.json').version; const webpack = require('webpack'); @@ -27,7 +27,7 @@ Use debian packaged node modules when available const { StatsWriterPlugin } = require('webpack-stats-plugin'); const WEBPACK_VERSION = require('webpack/package.json').version; -@@ -242,6 +241,8 @@ +@@ -257,6 +256,8 @@ entry: generateEntries, @@ -36,7 +36,7 @@ Use debian packaged node modules when available output: { path: WEBPACK_OUTPUT_PATH, publicPath: WEBPACK_PUBLIC_PATH, -@@ -251,10 +252,15 @@ +@@ -268,10 +269,15 @@ }, resolve: { @@ -53,7 +53,7 @@ Use debian packaged node modules when available module: { strictExportPresence: true, rules: [ -@@ -353,7 +359,7 @@ +@@ -370,7 +376,7 @@ }, { test: /\.(eot|ttf|woff|woff2)$/, @@ -62,27 +62,7 @@ Use debian packaged node modules when available loader: 'file-loader', options: { name: '[name].[contenthash:8].[ext]', -@@ -667,19 +673,6 @@ - }, - }, - -- // optionally generate webpack bundle analysis -- WEBPACK_REPORT && -- new BundleAnalyzerPlugin({ -- analyzerMode: 'static', -- generateStatsFile: true, -- openAnalyzer: false, -- reportFilename: path.join(ROOT_PATH, 'webpack-report/index.html'), -- statsFilename: path.join(ROOT_PATH, 'webpack-report/stats.json'), -- statsOptions: { -- source: false, -- }, -- }), -- - new webpack.DefinePlugin({ - // These are used to define window.gon.ee, window.gon.jh and other things properly in tests: - 'process.env.IS_EE': JSON.stringify(IS_EE), -@@ -747,6 +740,7 @@ +@@ -773,6 +779,7 @@ node: { fs: 'empty', // editorconfig requires 'fs' @@ -98,11 +78,11 @@ Use debian packaged node modules when available -import workerSrc from 'pdfjs-dist/build/pdf.worker.min'; +import workerSrc from 'pdfjs-dist/build/pdf.worker'; - import page from './page/index.vue'; + import Page from './page/index.vue'; --- a/package.json +++ b/package.json -@@ -47,15 +47,15 @@ +@@ -47,8 +47,8 @@ "dependencies": { "@_ueberdosis/prosemirror-tables": "^1.1.3", "@apollo/client": "^3.5.10", @@ -113,15 +93,16 @@ Use debian packaged node modules when available "@codesandbox/sandpack-client": "^1.2.2", "@gitlab/at.js": "1.5.7", "@gitlab/favicon-overlay": "2.0.0", - "@gitlab/svgs": "3.1.0", - "@gitlab/ui": "43.6.0", +@@ -56,7 +56,7 @@ + "@gitlab/ui": "43.16.0", "@gitlab/visual-review-tools": "1.7.3", + "@gitlab/web-ide": "0.0.1-dev-20220815034418", - "@rails/actioncable": "6.1.4-7", + "@rails/actioncable": "link:/usr/share/nodejs/@rails/actioncable", "@rails/ujs": "6.1.4-7", "@sentry/browser": "5.30.0", "@sourcegraph/code-host-integration": "0.0.60", -@@ -93,23 +93,23 @@ +@@ -95,23 +95,23 @@ "autosize": "^5.0.1", "axios": "^0.24.0", "babel-loader": "^8.2.5", @@ -135,7 +116,7 @@ Use debian packaged node modules when available "codesandbox-api": "0.0.23", "compression-webpack-plugin": "^5.0.2", "copy-webpack-plugin": "^6.4.1", - "core-js": "^3.24.1", + "core-js": "^3.25.1", - "cron-validator": "^1.1.1", + "cron-validator": "link:/usr/share/nodejs/cron-validator", "cronstrue": "^1.122.0", @@ -151,8 +132,8 @@ Use debian packaged node modules when available + "dateformat": "link:/usr/share/nodejs/dateformat", "deckar01-task_list": "^2.3.1", "diff": "^3.4.0", - "dompurify": "^2.3.10", -@@ -127,30 +127,30 @@ + "dompurify": "^2.4.0", +@@ -129,29 +129,29 @@ "jed": "^1.1.1", "jquery": "^3.6.0", "jquery.caret": "^0.3.1", @@ -161,10 +142,8 @@ Use debian packaged node modules when available + "js-cookie": "link:/usr/share/nodejs/js-cookie", + "js-yaml": "link:/usr/share/nodejs/js-yaml", "jszip": "^3.1.3", -- "jszip-utils": "^0.0.2", - "katex": "^0.13.2", - "lodash": "^4.17.20", -+ "jszip-utils": "link:/usr/share/nodejs/jszip-utils", + "katex": "link:/usr/share/nodejs/katex", + "lodash": "link:/usr/share/nodejs/lodash", "lowlight": "^2.6.1", @@ -189,39 +168,37 @@ Use debian packaged node modules when available "portal-vue": "^2.1.7", - "postcss": "8.4.14", + "postcss": "link:/usr/share/nodejs/postcss", - "prismjs": "^1.21.0", "prosemirror-markdown": "1.9.1", "prosemirror-model": "^1.18.1", -@@ -170,27 +170,26 @@ + "prosemirror-state": "^1.4.1", +@@ -170,26 +170,25 @@ "style-loader": "^2.0.0", "swagger-ui-dist": "4.12.0", - "three": "^0.84.0", -- "three-orbit-controls": "^82.1.0", -+ "three-orbit-controls": "link:/usr/share/nodejs/three-orbit-controls", - "three-stl-loader": "^1.0.4", + "three": "^0.143.0", - "timeago.js": "^4.0.2", + "timeago.js": "link:/usr/share/nodejs/timeago.js", "unified": "^10.1.2", + "unist-builder": "^3.0.0", "unist-util-visit-parents": "^5.1.0", "url-loader": "^4.1.1", - "uuid": "8.1.0", + "uuid": "link:/usr/share/nodejs/uuid", "visibilityjs": "^1.2.4", -- "vue": "^2.6.12", +- "vue": "2.6.14", + "vue": "link:/usr/share/nodejs/vue", "vue-apollo": "^3.0.7", - "vue-loader": "^15.9.6", + "vue-loader": "15.9.6", "vue-observe-visibility": "^1.0.0", "vue-resize": "^1.0.1", "vue-router": "3.4.9", -- "vue-template-compiler": "^2.6.12", +- "vue-template-compiler": "2.6.14", + "vue-template-compiler": "link:/usr/share/nodejs/vue-template-compiler", "vue-virtual-scroll-list": "^1.4.7", "vuedraggable": "^2.23.0", - "vuex": "^3.6.0", + "vuex": "^3.6.2", "web-vitals": "^0.2.4", "webpack": "^4.46.0", -- "webpack-bundle-analyzer": "^4.5.0", +- "webpack-bundle-analyzer": "^4.6.1", "webpack-cli": "^4.10.0", "webpack-stats-plugin": "^0.3.1", "worker-loader": "^2.0.0", diff --git a/debian/patches/tweaks/0070-remove-capybara-screenshot-rspec.patch b/debian/patches/tweaks/0070-remove-capybara-screenshot-rspec.patch index c9dfcdcb69..06d5403d85 100644 --- a/debian/patches/tweaks/0070-remove-capybara-screenshot-rspec.patch +++ b/debian/patches/tweaks/0070-remove-capybara-screenshot-rspec.patch @@ -8,7 +8,7 @@ require 'selenium-webdriver' # Give CI some extra time -@@ -112,18 +111,6 @@ +@@ -118,18 +117,6 @@ Capybara.default_normalize_ws = true Capybara.enable_aria_label = true