diff --git a/debian/patches/Gemfile/0010-relax-stable-libs.patch b/debian/patches/Gemfile/0010-relax-stable-libs.patch index 25a839f136..6179c2ec05 100644 --- a/debian/patches/Gemfile/0010-relax-stable-libs.patch +++ b/debian/patches/Gemfile/0010-relax-stable-libs.patch @@ -3,7 +3,7 @@ gitlab Gemfile --- a/Gemfile +++ b/Gemfile -@@ -13,9 +13,9 @@ gem 'bundler-checksum', '~> 0.1.0', path +@@ -13,64 +13,64 @@ # NOTE: When incrementing the major or minor version here, also increment activerecord_version # in vendor/gems/attr_encrypted/attr_encrypted.gemspec until we resolve # https://gitlab.com/gitlab-org/gitlab/-/issues/375713 @@ -15,16 +15,114 @@ gitlab Gemfile # Pin openssl to match the version bundled with our supported Rubies. # See https://stdgems.org/openssl/#gem-version. -@@ -30,7 +30,7 @@ gem 'sprockets', '~> 3.7.0' - gem 'view_component', '~> 2.74.1' + gem 'openssl', '2.2.2' +-gem 'ipaddr', '~> 1.2.5' ++gem 'ipaddr', '~> 1.2', '>= 1.2.5' + + # Responders respond_to and respond_with + gem 'responders', '~> 3.0' + +-gem 'sprockets', '~> 3.7.0' ++gem 'sprockets', '~> 3.7' + +-gem 'view_component', '~> 2.74.1' ++gem 'view_component', '~> 2.74', '>= 2.74.1' # Supported DBs -gem 'pg', '~> 1.4.6' +gem 'pg', '~> 1.4', '>= 1.4.6' gem 'rugged', '~> 1.5' - gem 'grape-path-helpers', '~> 1.7.1' -@@ -110,30 +110,30 @@ gem 'gitlab_omniauth-ldap', '~> 2.2.0', +-gem 'grape-path-helpers', '~> 1.7.1' ++gem 'grape-path-helpers', '~> 1.7', '>= 1.7.1' + + gem 'faraday', '~> 1.0' +-gem 'marginalia', '~> 1.11.1' ++gem 'marginalia', '~> 1.11', '>= 1.11.1' + + # Authorization +-gem 'declarative_policy', '~> 1.1.0' ++gem 'declarative_policy', '~> 1.1' + + # Authentication libraries +-gem 'devise', '~> 4.8.1' ++gem 'devise', '~> 4.8', '>= 4.8.1' + gem 'devise-pbkdf2-encryptable', '~> 0.0.0', path: 'vendor/gems/devise-pbkdf2-encryptable' + gem 'bcrypt', '~> 3.1', '>= 3.1.14' + gem 'doorkeeper', '~> 5.6', '>= 5.6.6' + gem 'doorkeeper-openid_connect', '~> 1.8', '>= 1.8.5' +-gem 'rexml', '~> 3.2.5' +-gem 'ruby-saml', '~> 1.13.0' +-gem 'omniauth', '~> 2.1.0' ++gem 'rexml', '~> 3.2', '>= 3.2.5' ++gem 'ruby-saml', '~> 1.13' ++gem 'omniauth', '~> 2.1' + gem 'omniauth-auth0', '~> 3.1' + gem 'omniauth-azure-activedirectory-v2', '~> 2.0' + gem 'omniauth-azure-oauth2', '~> 0.0.9', path: 'vendor/gems/omniauth-azure-oauth2' # See gem README.md + gem 'omniauth-cas3', '~> 1.1.4', path: 'vendor/gems/omniauth-cas3' # See vendor/gems/omniauth-cas3/README.md + gem 'omniauth-dingtalk-oauth2', '~> 1.0' +-gem 'omniauth-alicloud', '~> 2.0.1' +-gem 'omniauth-facebook', '~> 4.0.0' +-gem 'omniauth-github', '2.0.1' ++gem 'omniauth-alicloud', '~> 2.0', '>= 2.0.1' ++gem 'omniauth-facebook', '~> 4.0' ++gem 'omniauth-github', '~> 2.0', '>= 2.0.1' + gem 'omniauth-gitlab', '~> 4.0.0', path: 'vendor/gems/omniauth-gitlab' # See vendor/gems/omniauth-gitlab/README.md + gem 'omniauth-google-oauth2', '~> 1.1' + gem 'omniauth-oauth2-generic', '~> 0.2.2' +-gem 'omniauth-saml', '~> 2.0.0' ++gem 'omniauth-saml', '~> 2.0' + gem 'omniauth-twitter', '~> 1.4' + gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md + gem 'omniauth_openid_connect', '~> 0.6.1' + # Locked until Ruby 3.0 upgrade since upgrading will pull in an updated net-smtp gem. + # See https://docs.gitlab.com/ee/development/emails.html#rationale. +-gem 'openid_connect', '= 1.3.0' ++gem 'openid_connect', '~> 1.3' + gem 'omniauth-salesforce', '~> 1.0.5', path: 'vendor/gems/omniauth-salesforce' # See gem README.md + gem 'omniauth-atlassian-oauth2', '~> 0.2.0' +-gem 'rack-oauth2', '~> 1.21.3' ++gem 'rack-oauth2', '~> 1.21', '>= 1.21.3' + gem 'jwt', '~> 2.5' + + # Kerberos authentication. EE-only +@@ -80,28 +80,28 @@ + # Spam and anti-bot protection + gem 'recaptcha', '~> 5.12', require: 'recaptcha/rails' + gem 'akismet', '~> 3.0' +-gem 'invisible_captcha', '~> 2.0.0' ++gem 'invisible_captcha', '~> 2.0' + + # Two-factor authentication +-gem 'devise-two-factor', '~> 4.0.2' ++gem 'devise-two-factor', '~> 4.0', '>= 4.0.2' + gem 'rqrcode-rails3', '~> 0.1.7' + gem 'attr_encrypted', '~> 3.2.4', path: 'vendor/gems/attr_encrypted' + gem 'u2f', '~> 0.2.1' + + # GitLab Pages +-gem 'validates_hostname', '~> 1.0.11' +-gem 'rubyzip', '~> 2.3.2', require: 'zip' ++gem 'validates_hostname', '~> 1.0', '>= 1.0.11' ++gem 'rubyzip', '~> 2.3', '>= 2.3.2', require: 'zip' + # GitLab Pages letsencrypt support + gem 'acme-client', '~> 2.0' + + # Browser detection +-gem 'browser', '~> 5.3.1' ++gem 'browser', '~> 5.3', '>= 5.3.1' + + # OS detection for usage ping + gem 'ohai', '~> 17.9' + + # GPG +-gem 'gpgme', '~> 2.0.22' ++gem 'gpgme', '~> 2.0', '>= 2.0.22' + + # LDAP Auth + # GitLab fork with several improvements to original library. For full list of changes +@@ -110,30 +110,30 @@ gem 'net-ldap', '~> 0.17.1' # API @@ -63,7 +161,7 @@ gitlab Gemfile # for backups gem 'fog-aws', '~> 3.18' -@@ -149,7 +149,7 @@ gem 'fog-local', '~> 0.8' +@@ -149,10 +149,10 @@ # We may want to update this dependency if this is ever addressed upstream, e.g. via # https://github.com/aliyun/aliyun-oss-ruby-sdk/pull/93 gem 'fog-aliyun', '~> 0.4' @@ -71,8 +169,91 @@ gitlab Gemfile +gem 'gitlab-fog-azure-rm', '~> 1.7', require: 'fog/azurerm' # for Google storage - gem 'google-cloud-storage', '~> 1.44.0' -@@ -242,10 +242,10 @@ gem 'rainbow', '~> 3.0' +-gem 'google-cloud-storage', '~> 1.44.0' ++gem 'google-cloud-storage', '~> 1.44' + gem 'google-apis-core', '~> 0.10.0' + gem 'google-apis-compute_v1', '~> 0.57.0' + gem 'google-apis-container_v1', '~> 0.43.0' +@@ -168,36 +168,36 @@ + gem 'unf', '~> 0.1.4' + + # Seed data +-gem 'seed-fu', '~> 2.3.7' ++gem 'seed-fu', '~> 2.3','>= 2.3.7' + + # Search + gem 'elasticsearch-model', '~> 7.2' + gem 'elasticsearch-rails', '~> 7.2', require: 'elasticsearch/rails/instrumentation' +-gem 'elasticsearch-api', '7.13.3' +-gem 'aws-sdk-core', '~> 3.171.0' ++gem 'elasticsearch-api', '~> 7.13', '>= 7.13.3' ++gem 'aws-sdk-core', '~> 3.171' + gem 'aws-sdk-cloudformation', '~> 1' +-gem 'aws-sdk-s3', '~> 1.121.0' ++gem 'aws-sdk-s3', '~> 1.121' + gem 'faraday_middleware-aws-sigv4', '~>0.3.0' +-gem 'typhoeus', '~> 1.4.0' # Used with Elasticsearch to support http keep-alive connections ++gem 'typhoeus', '~> 1.4' # Used with Elasticsearch to support http keep-alive connections + + # Markdown and HTML processing +-gem 'html-pipeline', '~> 2.14.3' +-gem 'deckar01-task_list', '2.3.2' +-gem 'gitlab-markup', '~> 1.9.0', require: 'github/markup' ++gem 'html-pipeline', '~> 2.14','>= 2.14.3' ++gem 'deckar01-task_list', '~> 2.3', '>= 2.3.2' ++gem 'gitlab-markup', '~> 1.9', require: 'github/markup' + gem 'commonmarker', '~> 0.23.6' +-gem 'kramdown', '~> 2.3.1' +-gem 'RedCloth', '~> 4.3.2' +-gem 'rdoc', '~> 6.3.2' ++gem 'kramdown', '~> 2.3', '>= 2.3.1' ++gem 'RedCloth', '~> 4.3', '>= 4.3.2' ++gem 'rdoc', '~> 6.3', '>= 6.3.2' + gem 'org-ruby', '~> 0.9.12' + gem 'creole', '~> 0.5.0' +-gem 'wikicloth', '0.8.1' +-gem 'asciidoctor', '~> 2.0.18' ++gem 'wikicloth', '~> 0.8.1' ++gem 'asciidoctor', '~> 2.0', '>= 2.0.18' + gem 'asciidoctor-include-ext', '~> 0.4.0', require: false + gem 'asciidoctor-plantuml', '~> 0.0.16' + gem 'asciidoctor-kroki', '~> 0.8.0', require: false +-gem 'rouge', '~> 4.1.0' ++gem 'rouge', '~> 4.1' + gem 'truncato', '~> 0.7.12' +-gem 'nokogiri', '~> 1.14.3' ++gem 'nokogiri', '~> 1.14', '>= 1.14.3' + + # Calendar rendering + gem 'icalendar' +@@ -212,7 +212,7 @@ + gem 'rack-timeout', '~> 0.6.3', require: 'rack/timeout/base' + + group :puma do +- gem 'puma', '~> 5.6.5', require: false ++ gem 'puma', '~> 5.6', '>= 5.6.5', require: false + gem 'puma_worker_killer', '~> 0.3.1', require: false + gem 'sd_notify', '~> 0.1.0', require: false + end +@@ -224,13 +224,13 @@ + gem 'acts-as-taggable-on', '~> 9.0' + + # Background jobs +-gem 'sidekiq', '~> 6.5.7' +-gem 'sidekiq-cron', '~> 1.8.0' +-gem 'redis-namespace', '~> 1.9.0' ++gem 'sidekiq', '~> 6.5', '>= 6.5.7' ++gem 'sidekiq-cron', '~> 1.8' ++gem 'redis-namespace', '~> 1.9' + gem 'gitlab-sidekiq-fetcher', path: 'vendor/gems/sidekiq-reliable-fetch', require: 'sidekiq-reliable-fetch' + + # Cron Parser +-gem 'fugit', '~> 1.8.1' ++gem 'fugit', '~> 1.8', '>= 1.8.1' + + # HTTP requests + gem 'httparty', '~> 0.20.0' +@@ -242,14 +242,14 @@ gem 'ruby-progressbar', '~> 1.10' # GitLab settings @@ -85,7 +266,12 @@ gitlab Gemfile # Misc -@@ -259,21 +259,21 @@ gem 'js_regex', '~> 3.8' +-gem 'semver_dialects', '~> 1.2.1' ++gem 'semver_dialects', '~> 1.2', '>= 1.2.1' + gem 'version_sorter', '~> 2.3' + + # Export Ruby Regex to Javascript +@@ -259,21 +259,21 @@ gem 'device_detector' # Redis @@ -111,7 +297,72 @@ gitlab Gemfile # Hangouts Chat integration gem 'hangouts-chat', '~> 0.0.5', require: 'hangouts_chat' -@@ -350,11 +350,11 @@ gem 'thrift', '>= 0.16.0' +@@ -285,17 +285,17 @@ + gem 'ruby-fogbugz', '~> 0.3.0' + + # Kubernetes integration +-gem 'kubeclient', '~> 4.11.0' ++gem 'kubeclient', '~> 4.11' + + # AI + gem 'ruby-openai', '~> 3.7' + + # Sanitize user input + gem 'sanitize', '~> 6.0' +-gem 'babosa', '~> 1.0.4' ++gem 'babosa', '~> 1.0', '>= 1.0.4' + + # Sanitizes SVG input +-gem 'loofah', '~> 2.20.0' ++gem 'loofah', '~> 2.20' + + # Working with license + # Detects the open source license the repository includes +@@ -317,32 +317,32 @@ + + gem 'rack-proxy', '~> 0.7.6' + +-gem 'sassc-rails', '~> 2.1.0' +-gem 'autoprefixer-rails', '10.2.5.1' +-gem 'terser', '1.0.2' ++gem 'sassc-rails', '~> 2.1' ++gem 'autoprefixer-rails', '~> 10.2', '>= 10.2.5.1' ++gem 'terser', '~> 1.0', '>= 1.0.2' + + gem 'addressable', '~> 2.8' + gem 'tanuki_emoji', '~> 0.6' +-gem 'gon', '~> 6.4.0' +-gem 'request_store', '~> 1.5.1' ++gem 'gon', '~> 6.4' ++gem 'request_store', '~> 1.5', '>= 1.5.1' + gem 'base32', '~> 0.3.0' + +-gem 'gitlab-license', '~> 2.2.1' ++gem 'gitlab-license', '~> 2.2', '>= 2.2.1' + + # Protect against bruteforcing +-gem 'rack-attack', '~> 6.6.1' ++gem 'rack-attack', '~> 6.6', '>= 6.6.1' + + # Sentry integration + gem 'sentry-raven', '~> 3.1' +-gem 'sentry-ruby', '~> 5.8.0' +-gem 'sentry-rails', '~> 5.8.0' +-gem 'sentry-sidekiq', '~> 5.8.0' ++gem 'sentry-ruby', '~> 5.8' ++gem 'sentry-rails', '~> 5.8' ++gem 'sentry-sidekiq', '~> 5.8' + + # PostgreSQL query parsing + # + gem 'pg_query', '~> 2.2', '>= 2.2.1' + +-gem 'premailer-rails', '~> 1.10.3' ++gem 'premailer-rails', '~> 1.10', '>= 1.10.3' + + gem 'gitlab-labkit', '~> 0.31.1' + gem 'thrift', '>= 0.16.0' +@@ -350,11 +350,11 @@ # I18n gem 'ruby_parser', '~> 3.20', require: false gem 'rails-i18n', '~> 7.0' @@ -125,7 +376,20 @@ gitlab Gemfile # Perf bar gem 'peek', '~> 1.1' -@@ -496,8 +496,8 @@ gem 'oauth2', '~> 2.0' +@@ -366,10 +366,10 @@ + gem 'snowplow-tracker', '~> 0.8.0' + + # Metrics +-gem 'webrick', '~> 1.8.1', require: false ++gem 'webrick', '~> 1.8', '>= 1.8.1', require: false + gem 'prometheus-client-mmap', '~> 0.19', require: 'prometheus/client' + +-gem 'warning', '~> 1.3.0' ++gem 'warning', '~> 1.3' + + group :development do + gem 'lefthook', '~> 1.3.10', require: false +@@ -496,8 +496,8 @@ gem 'health_check', '~> 3.0' # System information @@ -136,7 +400,38 @@ gitlab Gemfile # NTP client gem 'net-ntp' -@@ -535,9 +535,9 @@ gem 'grape_logging', '~> 1.8' +@@ -506,25 +506,25 @@ + gem 'ssh_data', '~> 1.3' + + # Spamcheck GRPC protocol definitions +-gem 'spamcheck', '~> 1.3.0' ++gem 'spamcheck', '~> 1.3' + + # Gitaly GRPC protocol definitions +-gem 'gitaly', '~> 15.9.0-rc3' ++gem 'gitaly', '~> 15.9' + + # KAS GRPC protocol definitions + gem 'kas-grpc', '~> 0.0.2' + +-gem 'grpc', '~> 1.42.0' ++gem 'grpc', '~> 1.42' + + gem 'google-protobuf', '~> 3.22', '>= 3.22.3' + +-gem 'toml-rb', '~> 2.2.0' ++gem 'toml-rb', '~> 2.2' + + # Feature toggles + gem 'flipper', '~> 0.25.0' + gem 'flipper-active_record', '~> 0.25.0' + gem 'flipper-active_support_cache_store', '~> 0.25.0' +-gem 'unleash', '~> 3.2.2' ++gem 'unleash', '~> 3.2', '>= 3.2.2' + gem 'gitlab-experiment', '~> 0.7.1' + + # Structured logging +@@ -535,9 +535,9 @@ gem 'gitlab-net-dns', '~> 0.9.2' # Countries list @@ -148,7 +443,7 @@ gitlab Gemfile # LRU cache gem 'lru_redux' -@@ -555,18 +555,18 @@ gem 'mail-smtp_pool', '~> 0.1.0', path: +@@ -555,18 +555,18 @@ gem 'microsoft_graph_mailer', '~> 0.1.0', path: 'vendor/gems/microsoft_graph_mailer' # File encryption @@ -172,7 +467,7 @@ gitlab Gemfile gem 'webauthn', '~> 3.0' -@@ -577,20 +577,20 @@ gem 'parslet', '~> 1.8' +@@ -577,20 +577,20 @@ gem 'ipynbdiff', path: 'vendor/gems/ipynbdiff' diff --git a/debian/patches/Gemfile/0020-remove-development-test.patch b/debian/patches/Gemfile/0020-remove-development-test.patch index b8fcf14e56..4f6786d469 100644 --- a/debian/patches/Gemfile/0020-remove-development-test.patch +++ b/debian/patches/Gemfile/0020-remove-development-test.patch @@ -2,7 +2,7 @@ Bundler will fail when it can't find these locally --- a/Gemfile +++ b/Gemfile -@@ -113,14 +113,12 @@ gem 'net-ldap', '~> 0.17.1' +@@ -113,14 +113,12 @@ gem 'grape', '~> 1.5','>= 1.5.2' gem 'grape-entity', '~> 0.10.0' gem 'rack-cors', '~> 1.1', '>= 1.1.1', require: 'rack/cors' @@ -18,7 +18,7 @@ Bundler will fail when it can't find these locally gem 'graphlient', '~> 0.5.0' # Used by BulkImport feature (group::import) gem 'hashie', '~> 5.0' -@@ -352,7 +350,6 @@ gem 'ruby_parser', '~> 3.20', require: f +@@ -352,7 +350,6 @@ gem 'rails-i18n', '~> 7.0' gem 'gettext_i18n_rails', '~> 1.8' gem 'gettext_i18n_rails_js', '~> 1.3' @@ -26,3 +26,89 @@ Bundler will fail when it can't find these locally gem 'batch-loader', '~> 2.0', '>= 2.0.1' +@@ -371,85 +368,6 @@ + + gem 'warning', '~> 1.3' + +-group :development do +- gem 'lefthook', '~> 1.3.10', require: false +- gem 'rubocop' +- gem 'solargraph', '~> 0.47.2', require: false +- +- gem 'letter_opener_web', '~> 2.0.0' +- gem 'lookbook', '~> 1.5', '>= 1.5.3' +- +- # Better errors handler +- gem 'better_errors', '~> 2.9.1' +- +- gem 'sprite-factory', '~> 1.7' +- +- gem "listen", "~> 3.7" +-end +- +-group :development, :test do +- gem 'deprecation_toolkit', '~> 1.5.1', require: false +- gem 'bullet', '~> 7.0.2' +- gem 'pry-byebug' +- gem 'pry-rails', '~> 0.3.9' +- gem 'pry-shell', '~> 0.6.1' +- +- gem 'awesome_print', require: false +- +- gem 'database_cleaner', '~> 1.7.0' +- gem 'factory_bot_rails', '~> 6.2.0' +- gem 'rspec-rails', '~> 6.0.1' +- +- # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826) +- gem 'minitest', '~> 5.11.0' +- +- # Generate Fake data +- gem 'ffaker', '~> 2.10' +- +- gem 'spring', '~> 4.1.0' +- gem 'spring-commands-rspec', '~> 1.0.4' +- +- gem 'gitlab-styles', '~> 10.0.0', require: false +- +- gem 'haml_lint', '~> 0.40.0', require: false +- gem 'bundler-audit', '~> 0.7.0.1', require: false +- +- # Benchmarking & profiling +- gem 'benchmark-ips', '~> 2.11.0', require: false +- gem 'benchmark-memory', '~> 0.1', require: false +- +- gem 'knapsack', '~> 1.21.1' +- gem 'crystalball', '~> 0.7.0', require: false +- +- gem 'simple_po_parser', '~> 1.1.6', require: false +- +- gem 'png_quantizator', '~> 0.2.1', require: false +- +- gem 'parallel', '~> 1.19', require: false +- +- gem 'test_file_finder', '~> 0.1.3' +- +- gem 'sigdump', '~> 0.2.4', require: 'sigdump/setup' +- +- gem 'pact', '~> 1.63' +-end +- +-group :development, :test, :danger do +- gem 'gitlab-dangerfiles', '~> 3.9.0', require: false +-end +- +-group :development, :test, :coverage do +- gem 'simplecov', '~> 0.21', require: false +- gem 'simplecov-lcov', '~> 0.8.0', require: false +- gem 'simplecov-cobertura', '~> 1.3.1', require: false +- gem 'undercover', '~> 0.4.4', require: false +-end +- +-# Gems required in omnibus-gitlab pipeline +-group :development, :test, :omnibus do +- gem 'license_finder', '~> 7.0', require: false +-end +- + group :test do + gem 'fuubar', '~> 2.2.0' + gem 'rspec-retry', '~> 0.6.2' diff --git a/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch b/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch index 561cd9d6c4..8c77550d8f 100644 --- a/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch +++ b/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch @@ -2,9 +2,9 @@ Make test dependencies conditional so we can enable them when running autopkgtes --- a/Gemfile +++ b/Gemfile -@@ -447,7 +447,7 @@ group :development, :test, :omnibus do - gem 'license_finder', '~> 7.0', require: false - end +@@ -368,7 +368,7 @@ + + gem 'warning', '~> 1.3' -group :test do +if ENV["INCLUDE_TEST_DEPENDS"] == "true" diff --git a/debian/patches/Gemfile/0040-relax-httparty.patch b/debian/patches/Gemfile/0040-relax-httparty.patch index aa5242330d..4091603e96 100644 --- a/debian/patches/Gemfile/0040-relax-httparty.patch +++ b/debian/patches/Gemfile/0040-relax-httparty.patch @@ -2,8 +2,8 @@ Allow newer versions of httparty to satisfy dependency --- a/Gemfile +++ b/Gemfile -@@ -231,7 +231,7 @@ gem 'gitlab-sidekiq-fetcher', path: 'ven - gem 'fugit', '~> 1.8.1' +@@ -231,7 +231,7 @@ + gem 'fugit', '~> 1.8', '>= 1.8.1' # HTTP requests -gem 'httparty', '~> 0.20.0' diff --git a/debian/patches/Gemfile/0050-relax-rdoc.patch b/debian/patches/Gemfile/0050-relax-rdoc.patch deleted file mode 100644 index 4671a7b6e6..0000000000 --- a/debian/patches/Gemfile/0050-relax-rdoc.patch +++ /dev/null @@ -1,13 +0,0 @@ -Allow rdoc from ruby 2.5 to match requirement - ---- a/Gemfile -+++ b/Gemfile -@@ -185,7 +185,7 @@ gem 'gitlab-markup', '~> 1.9.0', require - gem 'commonmarker', '~> 0.23.6' - gem 'kramdown', '~> 2.3.1' - gem 'RedCloth', '~> 4.3.2' --gem 'rdoc', '~> 6.3.2' -+gem 'rdoc', '~> 6.0' - gem 'org-ruby', '~> 0.9.12' - gem 'creole', '~> 0.5.0' - gem 'wikicloth', '0.8.1' diff --git a/debian/patches/Gemfile/0090-remove-ee-only-gems.patch b/debian/patches/Gemfile/0090-remove-ee-only-gems.patch index 92c46e8f71..284296334a 100644 --- a/debian/patches/Gemfile/0090-remove-ee-only-gems.patch +++ b/debian/patches/Gemfile/0090-remove-ee-only-gems.patch @@ -2,7 +2,7 @@ This gem is used only in gitlab Enterprise Edition --- a/Gemfile +++ b/Gemfile -@@ -74,7 +74,7 @@ gem 'rack-oauth2', '~> 1.21.3' +@@ -74,7 +74,7 @@ gem 'jwt', '~> 2.5' # Kerberos authentication. EE-only @@ -11,11 +11,12 @@ This gem is used only in gitlab Enterprise Edition gem 'timfel-krb5-auth', '~> 0.8', group: :kerberos # Spam and anti-bot protection -@@ -325,7 +325,6 @@ gem 'gon', '~> 6.4.0' - gem 'request_store', '~> 1.5.1' +@@ -325,8 +325,6 @@ + gem 'request_store', '~> 1.5', '>= 1.5.1' gem 'base32', '~> 0.3.0' --gem 'gitlab-license', '~> 2.2.1' - +-gem 'gitlab-license', '~> 2.2', '>= 2.2.1' +- # Protect against bruteforcing - gem 'rack-attack', '~> 6.6.1' + gem 'rack-attack', '~> 6.6', '>= 6.6.1' + diff --git a/debian/patches/Gemfile/0160-relax-rexml.patch b/debian/patches/Gemfile/0160-relax-rexml.patch deleted file mode 100644 index 67c1aef0e1..0000000000 --- a/debian/patches/Gemfile/0160-relax-rexml.patch +++ /dev/null @@ -1,13 +0,0 @@ -libruby2.7 has rexml 3.2.3.1 which has latest security fixes - ---- a/Gemfile -+++ b/Gemfile -@@ -47,7 +47,7 @@ gem 'devise-pbkdf2-encryptable', '~> 0.0 - gem 'bcrypt', '~> 3.1', '>= 3.1.14' - gem 'doorkeeper', '~> 5.6', '>= 5.6.6' - gem 'doorkeeper-openid_connect', '~> 1.8', '>= 1.8.5' --gem 'rexml', '~> 3.2.5' -+gem 'rexml', '~> 3.2', '>= 3.2.3.1' - gem 'ruby-saml', '~> 1.13.0' - gem 'omniauth', '~> 2.1.0' - gem 'omniauth-auth0', '~> 3.1' diff --git a/debian/patches/Gemfile/0180-add-parser-gem.patch b/debian/patches/Gemfile/0180-add-parser-gem.patch index 7a514e22f7..cf1d811acf 100644 --- a/debian/patches/Gemfile/0180-add-parser-gem.patch +++ b/debian/patches/Gemfile/0180-add-parser-gem.patch @@ -2,7 +2,7 @@ Forwarded: https://gitlab.com/gitlab-org/gitlab/-/issues/354323 --- a/Gemfile +++ b/Gemfile -@@ -32,6 +32,9 @@ gem 'view_component', '~> 2.74.1' +@@ -32,6 +32,9 @@ # Supported DBs gem 'pg', '~> 1.4', '>= 1.4.6' @@ -10,5 +10,5 @@ Forwarded: https://gitlab.com/gitlab-org/gitlab/-/issues/354323 +gem 'parser', '~> 3.0' + gem 'rugged', '~> 1.5' - gem 'grape-path-helpers', '~> 1.7.1' + gem 'grape-path-helpers', '~> 1.7', '>= 1.7.1' diff --git a/debian/patches/Gemfile/0190-relax-rdoc.patch b/debian/patches/Gemfile/0190-relax-rdoc.patch deleted file mode 100644 index 237a88d4ca..0000000000 --- a/debian/patches/Gemfile/0190-relax-rdoc.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/Gemfile -+++ b/Gemfile -@@ -188,7 +188,7 @@ gem 'gitlab-markup', '~> 1.9.0', require - gem 'commonmarker', '~> 0.23.6' - gem 'kramdown', '~> 2.3.1' - gem 'RedCloth', '~> 4.3.2' --gem 'rdoc', '~> 6.0' -+gem 'rdoc' - gem 'org-ruby', '~> 0.9.12' - gem 'creole', '~> 0.5.0' - gem 'wikicloth', '0.8.1' diff --git a/debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch b/debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch deleted file mode 100644 index 9067171f01..0000000000 --- a/debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch +++ /dev/null @@ -1,14 +0,0 @@ -Rakefile need this gem - ---- a/Gemfile -+++ b/Gemfile -@@ -514,6 +514,9 @@ - gem 'CFPropertyList', '~> 3.0' - gem 'app_store_connect' - -+# This is required for Rakefile -+gem 'gitlab-dangerfiles' -+ - # For phone verification - gem 'telesignenterprise', '~> 2.2' - diff --git a/debian/patches/Gemfile/0210-comment-out-openssl.patch b/debian/patches/Gemfile/0210-comment-out-openssl.patch index e38b05d6c3..229a871e74 100644 --- a/debian/patches/Gemfile/0210-comment-out-openssl.patch +++ b/debian/patches/Gemfile/0210-comment-out-openssl.patch @@ -2,12 +2,12 @@ We have to use openssl available in the archive --- a/Gemfile +++ b/Gemfile -@@ -19,7 +19,7 @@ gem 'bootsnap', '~> 1.16', require: fals +@@ -19,7 +19,7 @@ # Pin openssl to match the version bundled with our supported Rubies. # See https://stdgems.org/openssl/#gem-version. -gem 'openssl', '2.2.2' +#gem 'openssl', '2.2.2' - gem 'ipaddr', '~> 1.2.5' + gem 'ipaddr', '~> 1.2', '>= 1.2.5' # Responders respond_to and respond_with diff --git a/debian/patches/nodejs/0010-set-webpack-root.patch b/debian/patches/nodejs/0010-set-webpack-root.patch index 7f905657fd..71c0a9c4e0 100644 --- a/debian/patches/nodejs/0010-set-webpack-root.patch +++ b/debian/patches/nodejs/0010-set-webpack-root.patch @@ -2,7 +2,7 @@ Debian specific patch to help webpack find sources --- a/config/webpack.config.js +++ b/config/webpack.config.js -@@ -47,7 +47,7 @@ +@@ -44,7 +44,7 @@ const GraphqlKnownOperationsPlugin = require('./plugins/graphql_known_operations_plugin'); diff --git a/debian/patches/series b/debian/patches/series index 819d7b4451..eaaf024eb6 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,12 +2,8 @@ Gemfile/0010-relax-stable-libs.patch Gemfile/0020-remove-development-test.patch Gemfile/0030-make-test-dependencies-conditional.patch Gemfile/0040-relax-httparty.patch -Gemfile/0050-relax-rdoc.patch Gemfile/0090-remove-ee-only-gems.patch -Gemfile/0160-relax-rexml.patch Gemfile/0180-add-parser-gem.patch -Gemfile/0190-relax-rdoc.patch -Gemfile/0200-add-gitlab-dangerfiles.patch Gemfile/0210-comment-out-openssl.patch Gemfile/0220-relax-oj-in-ipynbdiff.patch #Gemfile/0230-relax-omniauth-auth0.patch