Refresh patches (redo semver complaint relaxing of stable gems)

2023-06-30 02:20:25 +05:30 · 2023-06-30 02:20:25 +05:30 · 2b1ff2592a
parent 23cff2923a
commit 2b1ff2592a
13 changed files with 414 additions and 87 deletions
--- a/debian/patches/Gemfile/0010-relax-stable-libs.patch
+++ b/debian/patches/Gemfile/0010-relax-stable-libs.patch
@ -3,7 +3,7 @@ gitlab Gemfile

 --- a/Gemfile
 +++ b/Gemfile
-@@ -13,9 +13,9 @@ gem 'bundler-checksum', '~> 0.1.0', path
+@@ -13,64 +13,64 @@
 # NOTE: When incrementing the major or minor version here, also increment activerecord_version
 # in vendor/gems/attr_encrypted/attr_encrypted.gemspec until we resolve
 # https://gitlab.com/gitlab-org/gitlab/-/issues/375713
@ -15,16 +15,114 @@ gitlab Gemfile
 
 # Pin openssl to match the version bundled with our supported Rubies.
 # See https://stdgems.org/openssl/#gem-version.
-@@ -30,7 +30,7 @@ gem 'sprockets', '~> 3.7.0'
- gem 'view_component', '~> 2.74.1'
+ gem 'openssl', '2.2.2'
+-gem 'ipaddr', '~> 1.2.5'
+gem 'ipaddr', '~> 1.2', '>= 1.2.5'
+ 
+ # Responders respond_to and respond_with
+ gem 'responders', '~> 3.0'
+ 
+-gem 'sprockets', '~> 3.7.0'
+gem 'sprockets', '~> 3.7'
+ 
+-gem 'view_component', '~> 2.74.1'
+gem 'view_component', '~> 2.74', '>= 2.74.1'
 
 # Supported DBs
 -gem 'pg', '~> 1.4.6'
 +gem 'pg', '~> 1.4', '>= 1.4.6'
 
 gem 'rugged', '~> 1.5'
- gem 'grape-path-helpers', '~> 1.7.1'
-@@ -110,30 +110,30 @@ gem 'gitlab_omniauth-ldap', '~> 2.2.0',
+-gem 'grape-path-helpers', '~> 1.7.1'
+gem 'grape-path-helpers', '~> 1.7', '>= 1.7.1'
+ 
+ gem 'faraday', '~> 1.0'
+-gem 'marginalia', '~> 1.11.1'
+gem 'marginalia', '~> 1.11', '>= 1.11.1'
+ 
+ # Authorization
+-gem 'declarative_policy', '~> 1.1.0'
+gem 'declarative_policy', '~> 1.1'
+ 
+ # Authentication libraries
+-gem 'devise', '~> 4.8.1'
+gem 'devise', '~> 4.8', '>= 4.8.1'
+ gem 'devise-pbkdf2-encryptable', '~> 0.0.0', path: 'vendor/gems/devise-pbkdf2-encryptable'
+ gem 'bcrypt', '~> 3.1', '>= 3.1.14'
+ gem 'doorkeeper', '~> 5.6', '>= 5.6.6'
+ gem 'doorkeeper-openid_connect', '~> 1.8', '>= 1.8.5'
+-gem 'rexml', '~> 3.2.5'
+-gem 'ruby-saml', '~> 1.13.0'
+-gem 'omniauth', '~> 2.1.0'
+gem 'rexml', '~> 3.2', '>= 3.2.5'
+gem 'ruby-saml', '~> 1.13'
+gem 'omniauth', '~> 2.1'
+ gem 'omniauth-auth0', '~> 3.1'
+ gem 'omniauth-azure-activedirectory-v2', '~> 2.0'
+ gem 'omniauth-azure-oauth2', '~> 0.0.9', path: 'vendor/gems/omniauth-azure-oauth2' # See gem README.md
+ gem 'omniauth-cas3', '~> 1.1.4', path: 'vendor/gems/omniauth-cas3' # See vendor/gems/omniauth-cas3/README.md
+ gem 'omniauth-dingtalk-oauth2', '~> 1.0'
+-gem 'omniauth-alicloud', '~> 2.0.1'
+-gem 'omniauth-facebook', '~> 4.0.0'
+-gem 'omniauth-github', '2.0.1'
+gem 'omniauth-alicloud', '~> 2.0', '>= 2.0.1'
+gem 'omniauth-facebook', '~> 4.0'
+gem 'omniauth-github', '~> 2.0', '>= 2.0.1'
+ gem 'omniauth-gitlab', '~> 4.0.0', path: 'vendor/gems/omniauth-gitlab' # See vendor/gems/omniauth-gitlab/README.md
+ gem 'omniauth-google-oauth2', '~> 1.1'
+ gem 'omniauth-oauth2-generic', '~> 0.2.2'
+-gem 'omniauth-saml', '~> 2.0.0'
+gem 'omniauth-saml', '~> 2.0'
+ gem 'omniauth-twitter', '~> 1.4'
+ gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md
+ gem 'omniauth_openid_connect', '~> 0.6.1'
+ # Locked until Ruby 3.0 upgrade since upgrading will pull in an updated net-smtp gem.
+ # See https://docs.gitlab.com/ee/development/emails.html#rationale.
+-gem 'openid_connect', '= 1.3.0'
+gem 'openid_connect', '~> 1.3'
+ gem 'omniauth-salesforce', '~> 1.0.5', path: 'vendor/gems/omniauth-salesforce' # See gem README.md
+ gem 'omniauth-atlassian-oauth2', '~> 0.2.0'
+-gem 'rack-oauth2', '~> 1.21.3'
+gem 'rack-oauth2', '~> 1.21', '>= 1.21.3'
+ gem 'jwt', '~> 2.5'
+ 
+ # Kerberos authentication. EE-only
+@@ -80,28 +80,28 @@
+ # Spam and anti-bot protection
+ gem 'recaptcha', '~> 5.12', require: 'recaptcha/rails'
+ gem 'akismet', '~> 3.0'
+-gem 'invisible_captcha', '~> 2.0.0'
+gem 'invisible_captcha', '~> 2.0'
+ 
+ # Two-factor authentication
+-gem 'devise-two-factor', '~> 4.0.2'
+gem 'devise-two-factor', '~> 4.0', '>= 4.0.2'
+ gem 'rqrcode-rails3', '~> 0.1.7'
+ gem 'attr_encrypted', '~> 3.2.4', path: 'vendor/gems/attr_encrypted'
+ gem 'u2f', '~> 0.2.1'
+ 
+ # GitLab Pages
+-gem 'validates_hostname', '~> 1.0.11'
+-gem 'rubyzip', '~> 2.3.2', require: 'zip'
+gem 'validates_hostname', '~> 1.0', '>= 1.0.11'
+gem 'rubyzip', '~> 2.3', '>= 2.3.2', require: 'zip'
+ # GitLab Pages letsencrypt support
+ gem 'acme-client', '~> 2.0'
+ 
+ # Browser detection
+-gem 'browser', '~> 5.3.1'
+gem 'browser', '~> 5.3', '>= 5.3.1'
+ 
+ # OS detection for usage ping
+ gem 'ohai', '~> 17.9'
+ 
+ # GPG
+-gem 'gpgme', '~> 2.0.22'
+gem 'gpgme', '~> 2.0', '>= 2.0.22'
+ 
+ # LDAP Auth
+ # GitLab fork with several improvements to original library. For full list of changes
+@@ -110,30 +110,30 @@
 gem 'net-ldap', '~> 0.17.1'
 
 # API
@ -63,7 +161,7 @@ gitlab Gemfile
 
 # for backups
 gem 'fog-aws', '~> 3.18'
-@@ -149,7 +149,7 @@ gem 'fog-local', '~> 0.8'
+@@ -149,10 +149,10 @@
 # We may want to update this dependency if this is ever addressed upstream, e.g. via
 # https://github.com/aliyun/aliyun-oss-ruby-sdk/pull/93
 gem 'fog-aliyun', '~> 0.4'
@ -71,8 +169,91 @@ gitlab Gemfile
 +gem 'gitlab-fog-azure-rm', '~> 1.7', require: 'fog/azurerm'
 
 # for Google storage
- gem 'google-cloud-storage', '~> 1.44.0'
-@@ -242,10 +242,10 @@ gem 'rainbow', '~> 3.0'
+-gem 'google-cloud-storage', '~> 1.44.0'
+gem 'google-cloud-storage', '~> 1.44'
+ gem 'google-apis-core', '~> 0.10.0'
+ gem 'google-apis-compute_v1', '~> 0.57.0'
+ gem 'google-apis-container_v1', '~> 0.43.0'
+@@ -168,36 +168,36 @@
+ gem 'unf', '~> 0.1.4'
+ 
+ # Seed data
+-gem 'seed-fu', '~> 2.3.7'
+gem 'seed-fu', '~> 2.3','>= 2.3.7'
+ 
+ # Search
+ gem 'elasticsearch-model', '~> 7.2'
+ gem 'elasticsearch-rails', '~> 7.2', require: 'elasticsearch/rails/instrumentation'
+-gem 'elasticsearch-api',   '7.13.3'
+-gem 'aws-sdk-core', '~> 3.171.0'
+gem 'elasticsearch-api',   '~> 7.13', '>= 7.13.3'
+gem 'aws-sdk-core', '~> 3.171'
+ gem 'aws-sdk-cloudformation', '~> 1'
+-gem 'aws-sdk-s3', '~> 1.121.0'
+gem 'aws-sdk-s3', '~> 1.121'
+ gem 'faraday_middleware-aws-sigv4', '~>0.3.0'
+-gem 'typhoeus', '~> 1.4.0' # Used with Elasticsearch to support http keep-alive connections
+gem 'typhoeus', '~> 1.4' # Used with Elasticsearch to support http keep-alive connections
+ 
+ # Markdown and HTML processing
+-gem 'html-pipeline', '~> 2.14.3'
+-gem 'deckar01-task_list', '2.3.2'
+-gem 'gitlab-markup', '~> 1.9.0', require: 'github/markup'
+gem 'html-pipeline', '~> 2.14','>= 2.14.3'
+gem 'deckar01-task_list', '~> 2.3', '>= 2.3.2'
+gem 'gitlab-markup', '~> 1.9', require: 'github/markup'
+ gem 'commonmarker', '~> 0.23.6'
+-gem 'kramdown', '~> 2.3.1'
+-gem 'RedCloth', '~> 4.3.2'
+-gem 'rdoc', '~> 6.3.2'
+gem 'kramdown', '~> 2.3', '>= 2.3.1'
+gem 'RedCloth', '~> 4.3', '>= 4.3.2'
+gem 'rdoc', '~> 6.3', '>= 6.3.2'
+ gem 'org-ruby', '~> 0.9.12'
+ gem 'creole', '~> 0.5.0'
+-gem 'wikicloth', '0.8.1'
+-gem 'asciidoctor', '~> 2.0.18'
+gem 'wikicloth', '~> 0.8.1'
+gem 'asciidoctor', '~> 2.0', '>= 2.0.18'
+ gem 'asciidoctor-include-ext', '~> 0.4.0', require: false
+ gem 'asciidoctor-plantuml', '~> 0.0.16'
+ gem 'asciidoctor-kroki', '~> 0.8.0', require: false
+-gem 'rouge', '~> 4.1.0'
+gem 'rouge', '~> 4.1'
+ gem 'truncato', '~> 0.7.12'
+-gem 'nokogiri', '~> 1.14.3'
+gem 'nokogiri', '~> 1.14', '>= 1.14.3'
+ 
+ # Calendar rendering
+ gem 'icalendar'
+@@ -212,7 +212,7 @@
+ gem 'rack-timeout', '~> 0.6.3', require: 'rack/timeout/base'
+ 
+ group :puma do
+-  gem 'puma', '~> 5.6.5', require: false
+  gem 'puma', '~> 5.6', '>= 5.6.5', require: false
+   gem 'puma_worker_killer', '~> 0.3.1', require: false
+   gem 'sd_notify', '~> 0.1.0', require: false
+ end
+@@ -224,13 +224,13 @@
+ gem 'acts-as-taggable-on', '~> 9.0'
+ 
+ # Background jobs
+-gem 'sidekiq', '~> 6.5.7'
+-gem 'sidekiq-cron', '~> 1.8.0'
+-gem 'redis-namespace', '~> 1.9.0'
+gem 'sidekiq', '~> 6.5', '>= 6.5.7'
+gem 'sidekiq-cron', '~> 1.8'
+gem 'redis-namespace', '~> 1.9'
+ gem 'gitlab-sidekiq-fetcher', path: 'vendor/gems/sidekiq-reliable-fetch', require: 'sidekiq-reliable-fetch'
+ 
+ # Cron Parser
+-gem 'fugit', '~> 1.8.1'
+gem 'fugit', '~> 1.8', '>= 1.8.1'
+ 
+ # HTTP requests
+ gem 'httparty', '~> 0.20.0'
+@@ -242,14 +242,14 @@
 gem 'ruby-progressbar', '~> 1.10'
 
 # GitLab settings
@ -85,7 +266,12 @@ gitlab Gemfile
 
 # Misc
 
-@@ -259,21 +259,21 @@ gem 'js_regex', '~> 3.8'
+-gem 'semver_dialects', '~> 1.2.1'
+gem 'semver_dialects', '~> 1.2', '>= 1.2.1'
+ gem 'version_sorter', '~> 2.3'
+ 
+ # Export Ruby Regex to Javascript
+@@ -259,21 +259,21 @@
 gem 'device_detector'
 
 # Redis
@ -111,7 +297,72 @@ gitlab Gemfile
 
 # Hangouts Chat integration
 gem 'hangouts-chat', '~> 0.0.5', require: 'hangouts_chat'
-@@ -350,11 +350,11 @@ gem 'thrift', '>= 0.16.0'
+@@ -285,17 +285,17 @@
+ gem 'ruby-fogbugz', '~> 0.3.0'
+ 
+ # Kubernetes integration
+-gem 'kubeclient', '~> 4.11.0'
+gem 'kubeclient', '~> 4.11'
+ 
+ # AI
+ gem 'ruby-openai', '~> 3.7'
+ 
+ # Sanitize user input
+ gem 'sanitize', '~> 6.0'
+-gem 'babosa', '~> 1.0.4'
+gem 'babosa', '~> 1.0', '>= 1.0.4'
+ 
+ # Sanitizes SVG input
+-gem 'loofah', '~> 2.20.0'
+gem 'loofah', '~> 2.20'
+ 
+ # Working with license
+ # Detects the open source license the repository includes
+@@ -317,32 +317,32 @@
+ 
+ gem 'rack-proxy', '~> 0.7.6'
+ 
+-gem 'sassc-rails', '~> 2.1.0'
+-gem 'autoprefixer-rails', '10.2.5.1'
+-gem 'terser', '1.0.2'
+gem 'sassc-rails', '~> 2.1'
+gem 'autoprefixer-rails', '~> 10.2', '>= 10.2.5.1'
+gem 'terser', '~> 1.0', '>= 1.0.2'
+ 
+ gem 'addressable', '~> 2.8'
+ gem 'tanuki_emoji', '~> 0.6'
+-gem 'gon', '~> 6.4.0'
+-gem 'request_store', '~> 1.5.1'
+gem 'gon', '~> 6.4'
+gem 'request_store', '~> 1.5', '>= 1.5.1'
+ gem 'base32', '~> 0.3.0'
+ 
+-gem 'gitlab-license', '~> 2.2.1'
+gem 'gitlab-license', '~> 2.2', '>= 2.2.1'
+ 
+ # Protect against bruteforcing
+-gem 'rack-attack', '~> 6.6.1'
+gem 'rack-attack', '~> 6.6', '>= 6.6.1'
+ 
+ # Sentry integration
+ gem 'sentry-raven', '~> 3.1'
+-gem 'sentry-ruby', '~> 5.8.0'
+-gem 'sentry-rails', '~> 5.8.0'
+-gem 'sentry-sidekiq', '~> 5.8.0'
+gem 'sentry-ruby', '~> 5.8'
+gem 'sentry-rails', '~> 5.8'
+gem 'sentry-sidekiq', '~> 5.8'
+ 
+ # PostgreSQL query parsing
+ #
+ gem 'pg_query', '~> 2.2', '>= 2.2.1'
+ 
+-gem 'premailer-rails', '~> 1.10.3'
+gem 'premailer-rails', '~> 1.10', '>= 1.10.3'
+ 
+ gem 'gitlab-labkit', '~> 0.31.1'
+ gem 'thrift', '>= 0.16.0'
+@@ -350,11 +350,11 @@
 # I18n
 gem 'ruby_parser', '~> 3.20', require: false
 gem 'rails-i18n', '~> 7.0'
@ -125,7 +376,20 @@ gitlab Gemfile
 
 # Perf bar
 gem 'peek', '~> 1.1'
-@@ -496,8 +496,8 @@ gem 'oauth2', '~> 2.0'
+@@ -366,10 +366,10 @@
+ gem 'snowplow-tracker', '~> 0.8.0'
+ 
+ # Metrics
+-gem 'webrick', '~> 1.8.1', require: false
+gem 'webrick', '~> 1.8', '>= 1.8.1', require: false
+ gem 'prometheus-client-mmap', '~> 0.19', require: 'prometheus/client'
+ 
+-gem 'warning', '~> 1.3.0'
+gem 'warning', '~> 1.3'
+ 
+ group :development do
+   gem 'lefthook', '~> 1.3.10', require: false
+@@ -496,8 +496,8 @@
 gem 'health_check', '~> 3.0'
 
 # System information
@ -136,7 +400,38 @@ gitlab Gemfile
 
 # NTP client
 gem 'net-ntp'
-@@ -535,9 +535,9 @@ gem 'grape_logging', '~> 1.8'
+@@ -506,25 +506,25 @@
+ gem 'ssh_data', '~> 1.3'
+ 
+ # Spamcheck GRPC protocol definitions
+-gem 'spamcheck', '~> 1.3.0'
+gem 'spamcheck', '~> 1.3'
+ 
+ # Gitaly GRPC protocol definitions
+-gem 'gitaly', '~> 15.9.0-rc3'
+gem 'gitaly', '~> 15.9'
+ 
+ # KAS GRPC protocol definitions
+ gem 'kas-grpc', '~> 0.0.2'
+ 
+-gem 'grpc', '~> 1.42.0'
+gem 'grpc', '~> 1.42'
+ 
+ gem 'google-protobuf', '~> 3.22', '>= 3.22.3'
+ 
+-gem 'toml-rb', '~> 2.2.0'
+gem 'toml-rb', '~> 2.2'
+ 
+ # Feature toggles
+ gem 'flipper', '~> 0.25.0'
+ gem 'flipper-active_record', '~> 0.25.0'
+ gem 'flipper-active_support_cache_store', '~> 0.25.0'
+-gem 'unleash', '~> 3.2.2'
+gem 'unleash', '~> 3.2', '>= 3.2.2'
+ gem 'gitlab-experiment', '~> 0.7.1'
+ 
+ # Structured logging
+@@ -535,9 +535,9 @@
 gem 'gitlab-net-dns', '~> 0.9.2'
 
 # Countries list
@ -148,7 +443,7 @@ gitlab Gemfile
 
 # LRU cache
 gem 'lru_redux'
-@@ -555,18 +555,18 @@ gem 'mail-smtp_pool', '~> 0.1.0', path:
+@@ -555,18 +555,18 @@
 gem 'microsoft_graph_mailer', '~> 0.1.0', path: 'vendor/gems/microsoft_graph_mailer'
 
 # File encryption
@ -172,7 +467,7 @@ gitlab Gemfile
 
 gem 'webauthn', '~> 3.0'
 
-@@ -577,20 +577,20 @@ gem 'parslet', '~> 1.8'
+@@ -577,20 +577,20 @@
 
 gem 'ipynbdiff', path: 'vendor/gems/ipynbdiff'
 
--- a/debian/patches/Gemfile/0020-remove-development-test.patch
+++ b/debian/patches/Gemfile/0020-remove-development-test.patch
@ -2,7 +2,7 @@ Bundler will fail when it can't find these locally

 --- a/Gemfile
 +++ b/Gemfile
-@@ -113,14 +113,12 @@ gem 'net-ldap', '~> 0.17.1'
+@@ -113,14 +113,12 @@
 gem 'grape', '~> 1.5','>= 1.5.2'
 gem 'grape-entity', '~> 0.10.0'
 gem 'rack-cors', '~> 1.1', '>= 1.1.1', require: 'rack/cors'
@ -18,7 +18,7 @@ Bundler will fail when it can't find these locally
 gem 'graphlient', '~> 0.5.0' # Used by BulkImport feature (group::import)
 
 gem 'hashie', '~> 5.0'
-@@ -352,7 +350,6 @@ gem 'ruby_parser', '~> 3.20', require: f
+@@ -352,7 +350,6 @@
 gem 'rails-i18n', '~> 7.0'
 gem 'gettext_i18n_rails', '~> 1.8'
 gem 'gettext_i18n_rails_js', '~> 1.3'
@ -26,3 +26,89 @@ Bundler will fail when it can't find these locally
 
 gem 'batch-loader', '~> 2.0', '>= 2.0.1'
 
+@@ -371,85 +368,6 @@
+ 
+ gem 'warning', '~> 1.3'
+ 
+-group :development do
+-  gem 'lefthook', '~> 1.3.10', require: false
+-  gem 'rubocop'
+-  gem 'solargraph', '~> 0.47.2', require: false
+-
+-  gem 'letter_opener_web', '~> 2.0.0'
+-  gem 'lookbook', '~> 1.5', '>= 1.5.3'
+-
+-  # Better errors handler
+-  gem 'better_errors', '~> 2.9.1'
+-
+-  gem 'sprite-factory', '~> 1.7'
+-
+-  gem "listen", "~> 3.7"
+-end
+-
+-group :development, :test do
+-  gem 'deprecation_toolkit', '~> 1.5.1', require: false
+-  gem 'bullet', '~> 7.0.2'
+-  gem 'pry-byebug'
+-  gem 'pry-rails', '~> 0.3.9'
+-  gem 'pry-shell', '~> 0.6.1'
+-
+-  gem 'awesome_print', require: false
+-
+-  gem 'database_cleaner', '~> 1.7.0'
+-  gem 'factory_bot_rails', '~> 6.2.0'
+-  gem 'rspec-rails', '~> 6.0.1'
+-
+-  # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826)
+-  gem 'minitest', '~> 5.11.0'
+-
+-  # Generate Fake data
+-  gem 'ffaker', '~> 2.10'
+-
+-  gem 'spring', '~> 4.1.0'
+-  gem 'spring-commands-rspec', '~> 1.0.4'
+-
+-  gem 'gitlab-styles', '~> 10.0.0', require: false
+-
+-  gem 'haml_lint', '~> 0.40.0', require: false
+-  gem 'bundler-audit', '~> 0.7.0.1', require: false
+-
+-  # Benchmarking & profiling
+-  gem 'benchmark-ips', '~> 2.11.0', require: false
+-  gem 'benchmark-memory', '~> 0.1', require: false
+-
+-  gem 'knapsack', '~> 1.21.1'
+-  gem 'crystalball', '~> 0.7.0', require: false
+-
+-  gem 'simple_po_parser', '~> 1.1.6', require: false
+-
+-  gem 'png_quantizator', '~> 0.2.1', require: false
+-
+-  gem 'parallel', '~> 1.19', require: false
+-
+-  gem 'test_file_finder', '~> 0.1.3'
+-
+-  gem 'sigdump', '~> 0.2.4', require: 'sigdump/setup'
+-
+-  gem 'pact', '~> 1.63'
+-end
+-
+-group :development, :test, :danger do
+-  gem 'gitlab-dangerfiles', '~> 3.9.0', require: false
+-end
+-
+-group :development, :test, :coverage do
+-  gem 'simplecov', '~> 0.21', require: false
+-  gem 'simplecov-lcov', '~> 0.8.0', require: false
+-  gem 'simplecov-cobertura', '~> 1.3.1', require: false
+-  gem 'undercover', '~> 0.4.4', require: false
+-end
+-
+-# Gems required in omnibus-gitlab pipeline
+-group :development, :test, :omnibus do
+-  gem 'license_finder', '~> 7.0', require: false
+-end
+-
+ group :test do
+   gem 'fuubar', '~> 2.2.0'
+   gem 'rspec-retry', '~> 0.6.2'
--- a/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch
+++ b/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch
@ -2,9 +2,9 @@ Make test dependencies conditional so we can enable them when running autopkgtes

 --- a/Gemfile
 +++ b/Gemfile
-@@ -447,7 +447,7 @@ group :development, :test, :omnibus do
-   gem 'license_finder', '~> 7.0', require: false
- end
+@@ -368,7 +368,7 @@
+ 
+ gem 'warning', '~> 1.3'
 
 -group :test do
 +if ENV["INCLUDE_TEST_DEPENDS"] == "true"
--- a/debian/patches/Gemfile/0040-relax-httparty.patch
+++ b/debian/patches/Gemfile/0040-relax-httparty.patch
@ -2,8 +2,8 @@ Allow newer versions of httparty to satisfy dependency

 --- a/Gemfile
 +++ b/Gemfile
-@@ -231,7 +231,7 @@ gem 'gitlab-sidekiq-fetcher', path: 'ven
- gem 'fugit', '~> 1.8.1'
+@@ -231,7 +231,7 @@
+ gem 'fugit', '~> 1.8', '>= 1.8.1'
 
 # HTTP requests
 -gem 'httparty', '~> 0.20.0'
--- a/debian/patches/Gemfile/0050-relax-rdoc.patch
+++ b/debian/patches/Gemfile/0050-relax-rdoc.patch
@ -1,13 +0,0 @@
-Allow rdoc from ruby 2.5 to match requirement
-
--- a/Gemfile
-+++ b/Gemfile
-@@ -185,7 +185,7 @@ gem 'gitlab-markup', '~> 1.9.0', require
- gem 'commonmarker', '~> 0.23.6'
- gem 'kramdown', '~> 2.3.1'
- gem 'RedCloth', '~> 4.3.2'
-gem 'rdoc', '~> 6.3.2'
-+gem 'rdoc', '~> 6.0'
- gem 'org-ruby', '~> 0.9.12'
- gem 'creole', '~> 0.5.0'
- gem 'wikicloth', '0.8.1'
--- a/debian/patches/Gemfile/0090-remove-ee-only-gems.patch
+++ b/debian/patches/Gemfile/0090-remove-ee-only-gems.patch
@ -2,7 +2,7 @@ This gem is used only in gitlab Enterprise Edition

 --- a/Gemfile
 +++ b/Gemfile
-@@ -74,7 +74,7 @@ gem 'rack-oauth2', '~> 1.21.3'
+@@ -74,7 +74,7 @@
 gem 'jwt', '~> 2.5'
 
 # Kerberos authentication. EE-only
@ -11,11 +11,12 @@ This gem is used only in gitlab Enterprise Edition
 gem 'timfel-krb5-auth', '~> 0.8', group: :kerberos
 
 # Spam and anti-bot protection
-@@ -325,7 +325,6 @@ gem 'gon', '~> 6.4.0'
- gem 'request_store', '~> 1.5.1'
+@@ -325,8 +325,6 @@
+ gem 'request_store', '~> 1.5', '>= 1.5.1'
 gem 'base32', '~> 0.3.0'
 
-gem 'gitlab-license', '~> 2.2.1'
- 
+-gem 'gitlab-license', '~> 2.2', '>= 2.2.1'
+-
 # Protect against bruteforcing
- gem 'rack-attack', '~> 6.6.1'
+ gem 'rack-attack', '~> 6.6', '>= 6.6.1'
+ 
--- a/debian/patches/Gemfile/0160-relax-rexml.patch
+++ b/debian/patches/Gemfile/0160-relax-rexml.patch
@ -1,13 +0,0 @@
-libruby2.7 has rexml 3.2.3.1 which has latest security fixes
-
--- a/Gemfile
-+++ b/Gemfile
-@@ -47,7 +47,7 @@ gem 'devise-pbkdf2-encryptable', '~> 0.0
- gem 'bcrypt', '~> 3.1', '>= 3.1.14'
- gem 'doorkeeper', '~> 5.6', '>= 5.6.6'
- gem 'doorkeeper-openid_connect', '~> 1.8', '>= 1.8.5'
-gem 'rexml', '~> 3.2.5'
-+gem 'rexml', '~> 3.2', '>= 3.2.3.1'
- gem 'ruby-saml', '~> 1.13.0'
- gem 'omniauth', '~> 2.1.0'
- gem 'omniauth-auth0', '~> 3.1'
--- a/debian/patches/Gemfile/0180-add-parser-gem.patch
+++ b/debian/patches/Gemfile/0180-add-parser-gem.patch
@ -2,7 +2,7 @@ Forwarded: https://gitlab.com/gitlab-org/gitlab/-/issues/354323

 --- a/Gemfile
 +++ b/Gemfile
-@@ -32,6 +32,9 @@ gem 'view_component', '~> 2.74.1'
+@@ -32,6 +32,9 @@
 # Supported DBs
 gem 'pg', '~> 1.4', '>= 1.4.6'
 
@ -10,5 +10,5 @@ Forwarded: https://gitlab.com/gitlab-org/gitlab/-/issues/354323
 +gem 'parser', '~> 3.0'
 +
 gem 'rugged', '~> 1.5'
- gem 'grape-path-helpers', '~> 1.7.1'
+ gem 'grape-path-helpers', '~> 1.7', '>= 1.7.1'
 
--- a/debian/patches/Gemfile/0190-relax-rdoc.patch
+++ b/debian/patches/Gemfile/0190-relax-rdoc.patch
@ -1,11 +0,0 @@
--- a/Gemfile
-+++ b/Gemfile
-@@ -188,7 +188,7 @@ gem 'gitlab-markup', '~> 1.9.0', require
- gem 'commonmarker', '~> 0.23.6'
- gem 'kramdown', '~> 2.3.1'
- gem 'RedCloth', '~> 4.3.2'
-gem 'rdoc', '~> 6.0'
-+gem 'rdoc'
- gem 'org-ruby', '~> 0.9.12'
- gem 'creole', '~> 0.5.0'
- gem 'wikicloth', '0.8.1'
--- a/debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch
+++ b/debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch
@ -1,14 +0,0 @@
-Rakefile need this gem
-
--- a/Gemfile
-+++ b/Gemfile
-@@ -514,6 +514,9 @@
- gem 'CFPropertyList', '~> 3.0'
- gem 'app_store_connect'
- 
-+# This is required for Rakefile
-+gem 'gitlab-dangerfiles'
-+
- # For phone verification
- gem 'telesignenterprise', '~> 2.2'
- 
--- a/debian/patches/Gemfile/0210-comment-out-openssl.patch
+++ b/debian/patches/Gemfile/0210-comment-out-openssl.patch
@ -2,12 +2,12 @@ We have to use openssl available in the archive

 --- a/Gemfile
 +++ b/Gemfile
-@@ -19,7 +19,7 @@ gem 'bootsnap', '~> 1.16', require: fals
+@@ -19,7 +19,7 @@
 
 # Pin openssl to match the version bundled with our supported Rubies.
 # See https://stdgems.org/openssl/#gem-version.
 -gem 'openssl', '2.2.2'
 +#gem 'openssl', '2.2.2'
- gem 'ipaddr', '~> 1.2.5'
+ gem 'ipaddr', '~> 1.2', '>= 1.2.5'
 
 # Responders respond_to and respond_with
--- a/debian/patches/nodejs/0010-set-webpack-root.patch
+++ b/debian/patches/nodejs/0010-set-webpack-root.patch
@ -2,7 +2,7 @@ Debian specific patch to help webpack find sources

 --- a/config/webpack.config.js
 +++ b/config/webpack.config.js
-@@ -47,7 +47,7 @@
+@@ -44,7 +44,7 @@
 
 const GraphqlKnownOperationsPlugin = require('./plugins/graphql_known_operations_plugin');
 
--- a/debian/patches/series
+++ b/debian/patches/series
@ -2,12 +2,8 @@ Gemfile/0010-relax-stable-libs.patch
 Gemfile/0020-remove-development-test.patch
 Gemfile/0030-make-test-dependencies-conditional.patch
 Gemfile/0040-relax-httparty.patch
-Gemfile/0050-relax-rdoc.patch
 Gemfile/0090-remove-ee-only-gems.patch
-Gemfile/0160-relax-rexml.patch
 Gemfile/0180-add-parser-gem.patch
-Gemfile/0190-relax-rdoc.patch
-Gemfile/0200-add-gitlab-dangerfiles.patch
 Gemfile/0210-comment-out-openssl.patch
 Gemfile/0220-relax-oj-in-ipynbdiff.patch
 #Gemfile/0230-relax-omniauth-auth0.patch