diff --git a/debian/patches/Gemfile/0010-relax-stable-libs.patch b/debian/patches/Gemfile/0010-relax-stable-libs.patch index e90c22ca1a..25a839f136 100644 --- a/debian/patches/Gemfile/0010-relax-stable-libs.patch +++ b/debian/patches/Gemfile/0010-relax-stable-libs.patch @@ -3,7 +3,7 @@ gitlab Gemfile --- a/Gemfile +++ b/Gemfile -@@ -13,9 +13,9 @@ +@@ -13,9 +13,9 @@ gem 'bundler-checksum', '~> 0.1.0', path # NOTE: When incrementing the major or minor version here, also increment activerecord_version # in vendor/gems/attr_encrypted/attr_encrypted.gemspec until we resolve # https://gitlab.com/gitlab-org/gitlab/-/issues/375713 @@ -15,112 +15,16 @@ gitlab Gemfile # Pin openssl to match the version bundled with our supported Rubies. # See https://stdgems.org/openssl/#gem-version. -@@ -29,43 +29,43 @@ - # Responders respond_to and respond_with - gem 'responders', '~> 3.0' - --gem 'sprockets', '~> 3.7.0' -+gem 'sprockets', '~> 3.7' - --gem 'view_component', '~> 2.74.1' -+gem 'view_component', '~> 2.74', '>= 2.74.1' +@@ -30,7 +30,7 @@ gem 'sprockets', '~> 3.7.0' + gem 'view_component', '~> 2.74.1' # Supported DBs --gem 'pg', '~> 1.4.5' -+gem 'pg', '~> 1.4.5', '>= 1.4.5' +-gem 'pg', '~> 1.4.6' ++gem 'pg', '~> 1.4', '>= 1.4.6' gem 'rugged', '~> 1.5' --gem 'grape-path-helpers', '~> 1.7.1' -+gem 'grape-path-helpers', '~> 1.7', '>= 1.7.1' - - gem 'faraday', '~> 1.0' --gem 'marginalia', '~> 1.11.1' -+gem 'marginalia', '~> 1.11', '>= 1.11.1' - - # Authorization --gem 'declarative_policy', '~> 1.1.0' -+gem 'declarative_policy', '~> 1.1' - - # Authentication libraries --gem 'devise', '~> 4.8.1' -+gem 'devise', '~> 4.8', '>= 4.8.1' - gem 'devise-pbkdf2-encryptable', '~> 0.0.0', path: 'vendor/gems/devise-pbkdf2-encryptable' - gem 'bcrypt', '~> 3.1', '>= 3.1.14' - gem 'doorkeeper', '~> 5.5' - gem 'doorkeeper-openid_connect', '~> 1.8' --gem 'rexml', '~> 3.2.5' --gem 'ruby-saml', '~> 1.13.0' --gem 'omniauth', '~> 2.1.0' --gem 'omniauth-auth0', '~> 2.0.0' -+gem 'rexml', '~> 3.2', '>= 3.2.5' -+gem 'ruby-saml', '~> 1.13' -+gem 'omniauth', '~> 2.1' -+gem 'omniauth-auth0', '~> 2.0' - gem 'omniauth-azure-activedirectory-v2', '~> 2.0' - gem 'omniauth-azure-oauth2', '~> 0.0.9', path: 'vendor/gems/omniauth-azure-oauth2' # See gem README.md - gem 'omniauth-cas3', '~> 1.1.4', path: 'vendor/gems/omniauth-cas3' # See vendor/gems/omniauth-cas3/README.md - gem 'omniauth-dingtalk-oauth2', '~> 1.0' --gem 'omniauth-alicloud', '~> 2.0.1' --gem 'omniauth-facebook', '~> 4.0.0' --gem 'omniauth-github', '2.0.1' -+gem 'omniauth-alicloud', '~> 2.0', '>= 2.0.1' -+gem 'omniauth-facebook', '~> 4.0' -+gem 'omniauth-github', '~> 2.0', '>= 2.0.1' - gem 'omniauth-gitlab', '~> 4.0.0', path: 'vendor/gems/omniauth-gitlab' # See vendor/gems/omniauth-gitlab/README.md - gem 'omniauth-google-oauth2', '~> 1.1' - gem 'omniauth-oauth2-generic', '~> 0.2.2' --gem 'omniauth-saml', '~> 2.0.0' -+gem 'omniauth-saml', '~> 2.0' - gem 'omniauth-twitter', '~> 1.4' - gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md - gem 'omniauth_openid_connect', '~> 0.6.1' -@@ -74,8 +74,8 @@ - gem 'openid_connect', '= 1.3.0' - gem 'omniauth-salesforce', '~> 1.0.5', path: 'vendor/gems/omniauth-salesforce' # See gem README.md - gem 'omniauth-atlassian-oauth2', '~> 0.2.0' --gem 'rack-oauth2', '~> 1.21.3' --gem 'jwt', '~> 2.1.0' -+gem 'rack-oauth2', '~> 1.21', '>= 1.21.3' -+gem 'jwt', '~> 2.1' - - # Kerberos authentication. EE-only - gem 'gssapi', '~> 1.3.1', group: :kerberos -@@ -84,28 +84,28 @@ - # Spam and anti-bot protection - gem 'recaptcha', '~> 5.12', require: 'recaptcha/rails' - gem 'akismet', '~> 3.0' --gem 'invisible_captcha', '~> 2.0.0' -+gem 'invisible_captcha', '~> 2.0' - - # Two-factor authentication --gem 'devise-two-factor', '~> 4.0.2' -+gem 'devise-two-factor', '~> 4.0', '>= 4.0.2' - gem 'rqrcode-rails3', '~> 0.1.7' - gem 'attr_encrypted', '~> 3.2.4', path: 'vendor/gems/attr_encrypted' - gem 'u2f', '~> 0.2.1' - - # GitLab Pages --gem 'validates_hostname', '~> 1.0.11' --gem 'rubyzip', '~> 2.3.2', require: 'zip' -+gem 'validates_hostname', '~> 1.0', '>= 1.0.11' -+gem 'rubyzip', '~> 2.0', '>= 2.3.2', require: 'zip' - # GitLab Pages letsencrypt support - gem 'acme-client', '~> 2.0' - - # Browser detection --gem 'browser', '~> 5.3.1' -+gem 'browser', '~> 5.3', '>= 5.3.1' - - # OS detection for usage ping - gem 'ohai', '~> 16.10' - - # GPG --gem 'gpgme', '~> 2.0.22' -+gem 'gpgme', '~> 2.0', '>= 2.0.22' - - # LDAP Auth - # GitLab fork with several improvements to original library. For full list of changes -@@ -114,30 +114,30 @@ + gem 'grape-path-helpers', '~> 1.7.1' +@@ -110,30 +110,30 @@ gem 'gitlab_omniauth-ldap', '~> 2.2.0', gem 'net-ldap', '~> 0.17.1' # API @@ -159,7 +63,7 @@ gitlab Gemfile # for backups gem 'fog-aws', '~> 3.18' -@@ -153,7 +153,7 @@ +@@ -149,7 +149,7 @@ gem 'fog-local', '~> 0.8' # We may want to update this dependency if this is ever addressed upstream, e.g. via # https://github.com/aliyun/aliyun-oss-ruby-sdk/pull/93 gem 'fog-aliyun', '~> 0.4' @@ -168,92 +72,7 @@ gitlab Gemfile # for Google storage gem 'google-cloud-storage', '~> 1.44.0' -@@ -171,36 +171,36 @@ - gem 'unf', '~> 0.1.4' - - # Seed data --gem 'seed-fu', '~> 2.3.7' -+gem 'seed-fu', '~> 2.3', '>= 2.3.7' - - # Search - gem 'elasticsearch-model', '~> 7.2' - gem 'elasticsearch-rails', '~> 7.2', require: 'elasticsearch/rails/instrumentation' --gem 'elasticsearch-api', '7.13.3' --gem 'aws-sdk-core', '~> 3.170.1' -+gem 'elasticsearch-api', '~> 7.13', '>= 7.13.3' -+gem 'aws-sdk-core', '~> 3.170', '>= 3.170.1' - gem 'aws-sdk-cloudformation', '~> 1' --gem 'aws-sdk-s3', '~> 1.119.1' -+gem 'aws-sdk-s3', '~> 1.119', '>= 1.119.1' - gem 'faraday_middleware-aws-sigv4', '~>0.3.0' --gem 'typhoeus', '~> 1.4.0' # Used with Elasticsearch to support http keep-alive connections -+gem 'typhoeus', '~> 1.4' # Used with Elasticsearch to support http keep-alive connections - - # Markdown and HTML processing --gem 'html-pipeline', '~> 2.14.3' --gem 'deckar01-task_list', '2.3.2' --gem 'gitlab-markup', '~> 1.9.0', require: 'github/markup' -+gem 'html-pipeline', '~> 2.14', '>= 2.14.3' -+gem 'deckar01-task_list', '~> 2.3', '>= 2.3.2' -+gem 'gitlab-markup', '~> 1.9', require: 'github/markup' - gem 'commonmarker', '~> 0.23.6' --gem 'kramdown', '~> 2.3.1' --gem 'RedCloth', '~> 4.3.2' --gem 'rdoc', '~> 6.3.2' -+gem 'kramdown', '~> 2.3', '>=2.3.1' -+gem 'RedCloth', '~> 4.3', '>= 4.3.2' -+gem 'rdoc', '~> 6.3', '>= 6.3.2' - gem 'org-ruby', '~> 0.9.12' - gem 'creole', '~> 0.5.0' --gem 'wikicloth', '0.8.1' --gem 'asciidoctor', '~> 2.0.18' -+gem 'wikicloth', '~> 0.8.1' -+gem 'asciidoctor', '~> 2.0', '>= 2.0.17' - gem 'asciidoctor-include-ext', '~> 0.4.0', require: false - gem 'asciidoctor-plantuml', '~> 0.0.16' - gem 'asciidoctor-kroki', '~> 0.8.0', require: false --gem 'rouge', '~> 4.1.0' -+gem 'rouge', '~> 4.1' - gem 'truncato', '~> 0.7.12' --gem 'nokogiri', '~> 1.14.2' -+gem 'nokogiri', '~> 1.14', '>= 1.14.2' - - # Calendar rendering - gem 'icalendar' -@@ -210,12 +210,12 @@ - gem 'diff_match_patch', '~> 0.1.0' - - # Application server --gem 'rack', '~> 2.2.6', '>= 2.2.6.2' -+gem 'rack', '~> 2.2', '>= 2.2.6.2' - # https://github.com/zombocom/rack-timeout/blob/master/README.md#rails-apps-manually - gem 'rack-timeout', '~> 0.6.3', require: 'rack/timeout/base' - - group :puma do -- gem 'puma', '~> 5.6.5', require: false -+ gem 'puma', '~> 5.6', '>= 5.6.5', require: false - gem 'puma_worker_killer', '~> 0.3.1', require: false - gem 'sd_notify', '~> 0.1.0', require: false - end -@@ -227,13 +227,13 @@ - gem 'acts-as-taggable-on', '~> 9.0' - - # Background jobs --gem 'sidekiq', '~> 6.5.7' --gem 'sidekiq-cron', '~> 1.8.0' --gem 'redis-namespace', '~> 1.9.0' -+gem 'sidekiq', '~> 6.5' -+gem 'sidekiq-cron', '~> 1.8' -+gem 'redis-namespace', '~> 1.9' - gem 'gitlab-sidekiq-fetcher', '0.9.0', require: 'sidekiq-reliable-fetch' - - # Cron Parser --gem 'fugit', '~> 1.8.1' -+gem 'fugit', '~> 1.8', '>= 1.8.1' - - # HTTP requests - gem 'httparty', '~> 0.20.0' -@@ -245,10 +245,10 @@ +@@ -242,10 +242,10 @@ gem 'rainbow', '~> 3.0' gem 'ruby-progressbar', '~> 1.10' # GitLab settings @@ -266,7 +85,7 @@ gitlab Gemfile # Misc -@@ -261,21 +261,21 @@ +@@ -259,21 +259,21 @@ gem 'js_regex', '~> 3.8' gem 'device_detector' # Redis @@ -292,66 +111,9 @@ gitlab Gemfile # Hangouts Chat integration gem 'hangouts-chat', '~> 0.0.5', require: 'hangouts_chat' -@@ -291,10 +291,10 @@ - - # Sanitize user input - gem 'sanitize', '~> 6.0' --gem 'babosa', '~> 1.0.4' -+gem 'babosa', '~> 1.0', '>= 1.0.4' - - # Sanitizes SVG input --gem 'loofah', '~> 2.19.1' -+gem 'loofah', '~> 2.19', '>= 2.19.1' - - # Working with license - # Detects the open source license the repository includes -@@ -316,32 +316,32 @@ - - gem 'rack-proxy', '~> 0.7.6' - --gem 'sassc-rails', '~> 2.1.0' --gem 'autoprefixer-rails', '10.2.5.1' --gem 'terser', '1.0.2' -+gem 'sassc-rails', '~> 2.1' -+gem 'autoprefixer-rails', '~> 10.2', '>= 10.2.5.1' -+gem 'terser', '~> 1.0', '>= 1.0.2' - - gem 'addressable', '~> 2.8' - gem 'tanuki_emoji', '~> 0.6' --gem 'gon', '~> 6.4.0' --gem 'request_store', '~> 1.5.1' -+gem 'gon', '~> 6.4' -+gem 'request_store', '~> 1.5', '>= 1.5.1' - gem 'base32', '~> 0.3.0' - --gem 'gitlab-license', '~> 2.2.1' -+gem 'gitlab-license', '~> 2.2', '>= 2.2.1' - - # Protect against bruteforcing --gem 'rack-attack', '~> 6.6.1' -+gem 'rack-attack', '~> 6.6', '>= 6.6.1' - - # Sentry integration - gem 'sentry-raven', '~> 3.1' --gem 'sentry-ruby', '~> 5.1.1' --gem 'sentry-rails', '~> 5.1.1' --gem 'sentry-sidekiq', '~> 5.1.1' -+gem 'sentry-ruby', '~> 5.1', '>= 5.1.1' -+gem 'sentry-rails', '~> 5.1', '>= 5.1.1' -+gem 'sentry-sidekiq', '~> 5.1', '>= 5.1.1' - - # PostgreSQL query parsing - # - gem 'pg_query', '~> 2.2', '>= 2.2.1' - --gem 'premailer-rails', '~> 1.10.3' -+gem 'premailer-rails', '~> 1.10', '>= 1.10.3' - - gem 'gitlab-labkit', '~> 0.31.1' - gem 'thrift', '>= 0.16.0' -@@ -349,11 +349,11 @@ +@@ -350,11 +350,11 @@ gem 'thrift', '>= 0.16.0' # I18n - gem 'ruby_parser', '~> 3.19', require: false + gem 'ruby_parser', '~> 3.20', require: false gem 'rails-i18n', '~> 7.0' -gem 'gettext_i18n_rails', '~> 1.8.0' +gem 'gettext_i18n_rails', '~> 1.8' @@ -363,53 +125,7 @@ gitlab Gemfile # Perf bar gem 'peek', '~> 1.1' -@@ -365,10 +365,10 @@ - gem 'snowplow-tracker', '~> 0.8.0' - - # Metrics --gem 'webrick', '~> 1.6.1', require: false -+gem 'webrick', '~> 1.6', '>= 1.6.1', require: false - gem 'prometheus-client-mmap', '~> 0.19', require: 'prometheus/client' - --gem 'warning', '~> 1.3.0' -+gem 'warning', '~> 1.3' - - group :development do - gem 'lefthook', '~> 1.3.3', require: false -@@ -450,24 +450,24 @@ - end - - group :test do -- gem 'fuubar', '~> 2.2.0' -+ gem 'fuubar', '~> 2.2' - gem 'rspec-retry', '~> 0.6.1' - gem 'rspec_profiling', '~> 0.0.6' - gem 'rspec-benchmark', '~> 0.6.0' - gem 'rspec-parameterized', '~> 1.0', require: false - -- gem 'capybara', '~> 3.35.3' -- gem 'capybara-screenshot', '~> 1.0.22' -+ gem 'capybara', '~> 3.35', '~> 3.35.3' -+ gem 'capybara-screenshot', '~> 1.0', '>= 1.0.22' - gem 'selenium-webdriver', '~> 3.142' - -- gem 'graphlyte', '~> 1.0.0' -+ gem 'graphlyte', '~> 1.0' - -- gem 'shoulda-matchers', '~> 5.1.0', require: false -- gem 'email_spec', '~> 2.2.0' -- gem 'webmock', '~> 3.9.1' -+ gem 'shoulda-matchers', '~> 5.1', require: false -+ gem 'email_spec', '~> 2.2' -+ gem 'webmock', '~> 3.9', '>= 3.9.1' - gem 'rails-controller-testing' - gem 'concurrent-ruby', '~> 1.1' -- gem 'test-prof', '~> 1.0.7' -+ gem 'test-prof', '~> 1.0', '>= 1.0.7' - gem 'rspec_junit_formatter' - gem 'guard-rspec' - gem 'axe-core-rspec' -@@ -497,8 +497,8 @@ +@@ -496,8 +496,8 @@ gem 'oauth2', '~> 2.0' gem 'health_check', '~> 3.0' # System information @@ -420,39 +136,8 @@ gitlab Gemfile # NTP client gem 'net-ntp' -@@ -507,25 +507,25 @@ - gem 'ssh_data', '~> 1.3' - - # Spamcheck GRPC protocol definitions --gem 'spamcheck', '~> 1.0.0' -+gem 'spamcheck', '~> 1.0' - - # Gitaly GRPC protocol definitions --gem 'gitaly', '~> 15.9.0-rc3' -+gem 'gitaly', '~> 15.9' - - # KAS GRPC protocol definitions - gem 'kas-grpc', '~> 0.0.2' - --gem 'grpc', '~> 1.42.0' -+gem 'grpc', '~> 1.42' - - gem 'google-protobuf', '~> 3.22', '>= 3.22.2' - --gem 'toml-rb', '~> 2.2.0' -+gem 'toml-rb', '~> 2.2' - - # Feature toggles - gem 'flipper', '~> 0.25.0' - gem 'flipper-active_record', '~> 0.25.0' - gem 'flipper-active_support_cache_store', '~> 0.25.0' --gem 'unleash', '~> 3.2.2' -+gem 'unleash', '~> 3.2', '>= 3.2.2' - gem 'gitlab-experiment', '~> 0.7.1' - - # Structured logging -@@ -536,9 +536,9 @@ - gem 'gitlab-net-dns', '~> 0.9.1' +@@ -535,9 +535,9 @@ gem 'grape_logging', '~> 1.8' + gem 'gitlab-net-dns', '~> 0.9.2' # Countries list -gem 'countries', '~> 4.0.0' @@ -463,7 +148,7 @@ gitlab Gemfile # LRU cache gem 'lru_redux' -@@ -556,18 +556,18 @@ +@@ -555,18 +555,18 @@ gem 'mail-smtp_pool', '~> 0.1.0', path: gem 'microsoft_graph_mailer', '~> 0.1.0', path: 'vendor/gems/microsoft_graph_mailer' # File encryption @@ -487,7 +172,7 @@ gitlab Gemfile gem 'webauthn', '~> 3.0' -@@ -578,20 +578,20 @@ +@@ -577,20 +577,20 @@ gem 'parslet', '~> 1.8' gem 'ipynbdiff', path: 'vendor/gems/ipynbdiff' diff --git a/debian/patches/Gemfile/0020-remove-development-test.patch b/debian/patches/Gemfile/0020-remove-development-test.patch index 93b24386a5..b8fcf14e56 100644 --- a/debian/patches/Gemfile/0020-remove-development-test.patch +++ b/debian/patches/Gemfile/0020-remove-development-test.patch @@ -2,7 +2,7 @@ Bundler will fail when it can't find these locally --- a/Gemfile +++ b/Gemfile -@@ -117,14 +117,12 @@ +@@ -113,14 +113,12 @@ gem 'net-ldap', '~> 0.17.1' gem 'grape', '~> 1.5','>= 1.5.2' gem 'grape-entity', '~> 0.10.0' gem 'rack-cors', '~> 1.1', '>= 1.1.1', require: 'rack/cors' @@ -18,7 +18,7 @@ Bundler will fail when it can't find these locally gem 'graphlient', '~> 0.5.0' # Used by BulkImport feature (group::import) gem 'hashie', '~> 5.0' -@@ -351,7 +349,6 @@ +@@ -352,7 +350,6 @@ gem 'ruby_parser', '~> 3.20', require: f gem 'rails-i18n', '~> 7.0' gem 'gettext_i18n_rails', '~> 1.8' gem 'gettext_i18n_rails_js', '~> 1.3' @@ -26,89 +26,3 @@ Bundler will fail when it can't find these locally gem 'batch-loader', '~> 2.0', '>= 2.0.1' -@@ -370,85 +367,6 @@ - - gem 'warning', '~> 1.3' - --group :development do -- gem 'lefthook', '~> 1.3.3', require: false -- gem 'rubocop' -- gem 'solargraph', '~> 0.47.2', require: false -- -- gem 'letter_opener_web', '~> 2.0.0' -- gem 'lookbook', '~> 1.5', '>= 1.5.3' -- -- # Better errors handler -- gem 'better_errors', '~> 2.9.1' -- -- gem 'sprite-factory', '~> 1.7' -- -- gem "listen", "~> 3.7" --end -- --group :development, :test do -- gem 'deprecation_toolkit', '~> 1.5.1', require: false -- gem 'bullet', '~> 7.0.2' -- gem 'pry-byebug' -- gem 'pry-rails', '~> 0.3.9' -- gem 'pry-shell', '~> 0.6.1' -- -- gem 'awesome_print', require: false -- -- gem 'database_cleaner', '~> 1.7.0' -- gem 'factory_bot_rails', '~> 6.2.0' -- gem 'rspec-rails', '~> 6.0.1' -- -- # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826) -- gem 'minitest', '~> 5.11.0' -- -- # Generate Fake data -- gem 'ffaker', '~> 2.10' -- -- gem 'spring', '~> 4.1.0' -- gem 'spring-commands-rspec', '~> 1.0.4' -- -- gem 'gitlab-styles', '~> 10.0.0', require: false -- -- gem 'haml_lint', '~> 0.40.0', require: false -- gem 'bundler-audit', '~> 0.7.0.1', require: false -- -- # Benchmarking & profiling -- gem 'benchmark-ips', '~> 2.11.0', require: false -- gem 'benchmark-memory', '~> 0.1', require: false -- -- gem 'knapsack', '~> 1.21.1' -- gem 'crystalball', '~> 0.7.0', require: false -- -- gem 'simple_po_parser', '~> 1.1.6', require: false -- -- gem 'png_quantizator', '~> 0.2.1', require: false -- -- gem 'parallel', '~> 1.19', require: false -- -- gem 'test_file_finder', '~> 0.1.3' -- -- gem 'sigdump', '~> 0.2.4', require: 'sigdump/setup' -- -- gem 'pact', '~> 1.63' --end -- --group :development, :test, :danger do -- gem 'gitlab-dangerfiles', '~> 3.8.0', require: false --end -- --group :development, :test, :coverage do -- gem 'simplecov', '~> 0.21', require: false -- gem 'simplecov-lcov', '~> 0.8.0', require: false -- gem 'simplecov-cobertura', '~> 1.3.1', require: false -- gem 'undercover', '~> 0.4.4', require: false --end -- --# Gems required in omnibus-gitlab pipeline --group :development, :test, :omnibus do -- gem 'license_finder', '~> 7.0', require: false --end -- - group :test do - gem 'fuubar', '~> 2.2' - gem 'rspec-retry', '~> 0.6.1' diff --git a/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch b/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch index 36e2a793e3..561cd9d6c4 100644 --- a/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch +++ b/debian/patches/Gemfile/0030-make-test-dependencies-conditional.patch @@ -2,12 +2,12 @@ Make test dependencies conditional so we can enable them when running autopkgtes --- a/Gemfile +++ b/Gemfile -@@ -367,7 +367,7 @@ - - gem 'warning', '~> 1.3' +@@ -447,7 +447,7 @@ group :development, :test, :omnibus do + gem 'license_finder', '~> 7.0', require: false + end -group :test do +if ENV["INCLUDE_TEST_DEPENDS"] == "true" - gem 'fuubar', '~> 2.2' - gem 'rspec-retry', '~> 0.6.1' + gem 'fuubar', '~> 2.2.0' + gem 'rspec-retry', '~> 0.6.2' gem 'rspec_profiling', '~> 0.0.6' diff --git a/debian/patches/Gemfile/0040-relax-httparty.patch b/debian/patches/Gemfile/0040-relax-httparty.patch index 2bd567a306..aa5242330d 100644 --- a/debian/patches/Gemfile/0040-relax-httparty.patch +++ b/debian/patches/Gemfile/0040-relax-httparty.patch @@ -2,8 +2,8 @@ Allow newer versions of httparty to satisfy dependency --- a/Gemfile +++ b/Gemfile -@@ -234,7 +234,7 @@ - gem 'fugit', '~> 1.8', '>= 1.8.1' +@@ -231,7 +231,7 @@ gem 'gitlab-sidekiq-fetcher', path: 'ven + gem 'fugit', '~> 1.8.1' # HTTP requests -gem 'httparty', '~> 0.20.0' diff --git a/debian/patches/Gemfile/0050-relax-rdoc.patch b/debian/patches/Gemfile/0050-relax-rdoc.patch index 7929d2efbd..4671a7b6e6 100644 --- a/debian/patches/Gemfile/0050-relax-rdoc.patch +++ b/debian/patches/Gemfile/0050-relax-rdoc.patch @@ -2,12 +2,12 @@ Allow rdoc from ruby 2.5 to match requirement --- a/Gemfile +++ b/Gemfile -@@ -188,7 +188,7 @@ +@@ -185,7 +185,7 @@ gem 'gitlab-markup', '~> 1.9.0', require gem 'commonmarker', '~> 0.23.6' - gem 'kramdown', '~> 2.3', '>=2.3.1' - gem 'RedCloth', '~> 4.3', '>= 4.3.2' --gem 'rdoc', '~> 6.3', '>= 6.3.2' + gem 'kramdown', '~> 2.3.1' + gem 'RedCloth', '~> 4.3.2' +-gem 'rdoc', '~> 6.3.2' +gem 'rdoc', '~> 6.0' gem 'org-ruby', '~> 0.9.12' gem 'creole', '~> 0.5.0' - gem 'wikicloth', '~> 0.8.1' + gem 'wikicloth', '0.8.1' diff --git a/debian/patches/Gemfile/0090-remove-ee-only-gems.patch b/debian/patches/Gemfile/0090-remove-ee-only-gems.patch index 07f6cef02a..92c46e8f71 100644 --- a/debian/patches/Gemfile/0090-remove-ee-only-gems.patch +++ b/debian/patches/Gemfile/0090-remove-ee-only-gems.patch @@ -2,8 +2,8 @@ This gem is used only in gitlab Enterprise Edition --- a/Gemfile +++ b/Gemfile -@@ -78,7 +78,7 @@ - gem 'jwt', '~> 2.1' +@@ -74,7 +74,7 @@ gem 'rack-oauth2', '~> 1.21.3' + gem 'jwt', '~> 2.5' # Kerberos authentication. EE-only -gem 'gssapi', '~> 1.3.1', group: :kerberos @@ -11,12 +11,11 @@ This gem is used only in gitlab Enterprise Edition gem 'timfel-krb5-auth', '~> 0.8', group: :kerberos # Spam and anti-bot protection -@@ -324,7 +324,7 @@ - gem 'request_store', '~> 1.5', '>= 1.5.1' +@@ -325,7 +325,6 @@ gem 'gon', '~> 6.4.0' + gem 'request_store', '~> 1.5.1' gem 'base32', '~> 0.3.0' --gem 'gitlab-license', '~> 2.2', '>= 2.2.1' -+ +-gem 'gitlab-license', '~> 2.2.1' # Protect against bruteforcing - gem 'rack-attack', '~> 6.6', '>= 6.6.1' + gem 'rack-attack', '~> 6.6.1' diff --git a/debian/patches/Gemfile/0160-relax-rexml.patch b/debian/patches/Gemfile/0160-relax-rexml.patch index 0b30515f0b..67c1aef0e1 100644 --- a/debian/patches/Gemfile/0160-relax-rexml.patch +++ b/debian/patches/Gemfile/0160-relax-rexml.patch @@ -2,12 +2,12 @@ libruby2.7 has rexml 3.2.3.1 which has latest security fixes --- a/Gemfile +++ b/Gemfile -@@ -51,7 +51,7 @@ +@@ -47,7 +47,7 @@ gem 'devise-pbkdf2-encryptable', '~> 0.0 gem 'bcrypt', '~> 3.1', '>= 3.1.14' - gem 'doorkeeper', '~> 5.5' - gem 'doorkeeper-openid_connect', '~> 1.8' --gem 'rexml', '~> 3.2', '>= 3.2.5' + gem 'doorkeeper', '~> 5.6', '>= 5.6.6' + gem 'doorkeeper-openid_connect', '~> 1.8', '>= 1.8.5' +-gem 'rexml', '~> 3.2.5' +gem 'rexml', '~> 3.2', '>= 3.2.3.1' - gem 'ruby-saml', '~> 1.13' - gem 'omniauth', '~> 2.1' - gem 'omniauth-auth0', '~> 2.0' + gem 'ruby-saml', '~> 1.13.0' + gem 'omniauth', '~> 2.1.0' + gem 'omniauth-auth0', '~> 3.1' diff --git a/debian/patches/Gemfile/0180-add-parser-gem.patch b/debian/patches/Gemfile/0180-add-parser-gem.patch index bd02123c66..7a514e22f7 100644 --- a/debian/patches/Gemfile/0180-add-parser-gem.patch +++ b/debian/patches/Gemfile/0180-add-parser-gem.patch @@ -2,13 +2,13 @@ Forwarded: https://gitlab.com/gitlab-org/gitlab/-/issues/354323 --- a/Gemfile +++ b/Gemfile -@@ -36,6 +36,9 @@ +@@ -32,6 +32,9 @@ gem 'view_component', '~> 2.74.1' # Supported DBs - gem 'pg', '~> 1.4.5', '>= 1.4.5' + gem 'pg', '~> 1.4', '>= 1.4.6' +# Background migrations/fix vulnerabilities +gem 'parser', '~> 3.0' + gem 'rugged', '~> 1.5' - gem 'grape-path-helpers', '~> 1.7', '>= 1.7.1' + gem 'grape-path-helpers', '~> 1.7.1' diff --git a/debian/patches/Gemfile/0190-relax-rdoc.patch b/debian/patches/Gemfile/0190-relax-rdoc.patch index 0bc17a55b0..237a88d4ca 100644 --- a/debian/patches/Gemfile/0190-relax-rdoc.patch +++ b/debian/patches/Gemfile/0190-relax-rdoc.patch @@ -1,11 +1,11 @@ --- a/Gemfile +++ b/Gemfile -@@ -191,7 +191,7 @@ +@@ -188,7 +188,7 @@ gem 'gitlab-markup', '~> 1.9.0', require gem 'commonmarker', '~> 0.23.6' - gem 'kramdown', '~> 2.3', '>=2.3.1' - gem 'RedCloth', '~> 4.3', '>= 4.3.2' + gem 'kramdown', '~> 2.3.1' + gem 'RedCloth', '~> 4.3.2' -gem 'rdoc', '~> 6.0' +gem 'rdoc' gem 'org-ruby', '~> 0.9.12' gem 'creole', '~> 0.5.0' - gem 'wikicloth', '~> 0.8.1' + gem 'wikicloth', '0.8.1' diff --git a/debian/patches/Gemfile/0210-comment-out-openssl.patch b/debian/patches/Gemfile/0210-comment-out-openssl.patch index f6d8e0573f..e38b05d6c3 100644 --- a/debian/patches/Gemfile/0210-comment-out-openssl.patch +++ b/debian/patches/Gemfile/0210-comment-out-openssl.patch @@ -2,12 +2,12 @@ We have to use openssl available in the archive --- a/Gemfile +++ b/Gemfile -@@ -19,7 +19,7 @@ +@@ -19,7 +19,7 @@ gem 'bootsnap', '~> 1.16', require: fals # Pin openssl to match the version bundled with our supported Rubies. # See https://stdgems.org/openssl/#gem-version. -gem 'openssl', '2.2.2' +#gem 'openssl', '2.2.2' - # This gem was originally bundled with Ruby 2.7, but is unbundled as of Ruby 3. - # Since the latest version caused problems with GitLab, we pin this to an older - # version for now. + gem 'ipaddr', '~> 1.2.5' + + # Responders respond_to and respond_with diff --git a/debian/patches/Gemfile/0230-relax-omniauth-auth0.patch b/debian/patches/Gemfile/0230-relax-omniauth-auth0.patch index f48a966cba..80f7f01873 100644 --- a/debian/patches/Gemfile/0230-relax-omniauth-auth0.patch +++ b/debian/patches/Gemfile/0230-relax-omniauth-auth0.patch @@ -11,12 +11,12 @@ Subject: [PATCH] Update omniauth-auth0 rubygem to 3.1 --- a/Gemfile +++ b/Gemfile -@@ -57,7 +57,7 @@ +@@ -53,7 +53,7 @@ gem 'doorkeeper-openid_connect', '~> 1.8 gem 'rexml', '~> 3.2', '>= 3.2.3.1' - gem 'ruby-saml', '~> 1.13' - gem 'omniauth', '~> 2.1' --gem 'omniauth-auth0', '~> 2.0' -+gem 'omniauth-auth0', '~> 3.1' + gem 'ruby-saml', '~> 1.13.0' + gem 'omniauth', '~> 2.1.0' +-gem 'omniauth-auth0', '~> 3.1' ++gem 'omniauth-auth0', '~> 2.0' gem 'omniauth-azure-activedirectory-v2', '~> 2.0' gem 'omniauth-azure-oauth2', '~> 0.0.9', path: 'vendor/gems/omniauth-azure-oauth2' # See gem README.md gem 'omniauth-cas3', '~> 1.1.4', path: 'vendor/gems/omniauth-cas3' # See vendor/gems/omniauth-cas3/README.md diff --git a/debian/patches/series b/debian/patches/series index 7eecb35679..819d7b4451 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -10,7 +10,7 @@ Gemfile/0190-relax-rdoc.patch Gemfile/0200-add-gitlab-dangerfiles.patch Gemfile/0210-comment-out-openssl.patch Gemfile/0220-relax-oj-in-ipynbdiff.patch -Gemfile/0230-relax-omniauth-auth0.patch +#Gemfile/0230-relax-omniauth-auth0.patch nodejs/0010-set-webpack-root.patch nodejs/0030-use-yarnpkg.patch tweaks/0010-source-init-functions.patch