diff --git a/.babelrc.js b/.babelrc.js index 27caf378b9..bfcc7d9663 100644 --- a/.babelrc.js +++ b/.babelrc.js @@ -35,4 +35,10 @@ if (BABEL_ENV === 'karma' || BABEL_ENV === 'coverage') { plugins.push('babel-plugin-rewire'); } +// Jest is running in node environment +if (BABEL_ENV === 'jest') { + plugins.push('transform-es2015-modules-commonjs'); + plugins.push('dynamic-import-node'); +} + module.exports = { presets, plugins }; diff --git a/.eslintignore b/.eslintignore index 33a8186fad..f78840e67b 100644 --- a/.eslintignore +++ b/.eslintignore @@ -2,6 +2,7 @@ /config/ /builds/ /coverage/ +/coverage-frontend/ /coverage-javascript/ /node_modules/ /public/ diff --git a/.eslintrc.yml b/.eslintrc.yml index fe0d5f5dce..b0794bb743 100644 --- a/.eslintrc.yml +++ b/.eslintrc.yml @@ -29,9 +29,8 @@ rules: import/no-useless-path-segments: off lines-between-class-members: off # Disabled for now, to make the plugin-vue 4.5 -> 5.0 update smoother - vue/html-closing-bracket-newline: off - vue/html-closing-bracket-spacing: off vue/no-confusing-v-for-v-if: error vue/no-unused-components: off vue/no-use-v-if-with-v-for: off vue/no-v-html: off + vue/use-v-on-exact: off diff --git a/.gitignore b/.gitignore index aecaae95b8..65f61e1fad 100644 --- a/.gitignore +++ b/.gitignore @@ -78,5 +78,5 @@ eslint-report.html /plugins/* /.gitlab_pages_secret package-lock.json -/junit_rspec.xml -/junit_karma.xml +/junit_*.xml +/coverage-frontend/ diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e218910f9e..45de5ce61c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,4 +1,4 @@ -image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.4.5-golang-1.9-git-2.18-chrome-69.0-node-8.x-yarn-1.2-postgresql-9.6-graphicsmagick-1.3.29" +image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.5.3-golang-1.9-git-2.18-chrome-69.0-node-10.x-yarn-1.12-postgresql-9.6-graphicsmagick-1.3.29" .dedicated-runner: &dedicated-runner retry: 1 @@ -6,7 +6,7 @@ image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.4.5-golang-1.9-git - gitlab-org .default-cache: &default-cache - key: "ruby-2.4.5-debian-stretch-with-yarn" + key: "debian-stretch-ruby-2.5.3-node-10.x" paths: - vendor/ruby - .yarn-cache/ @@ -32,6 +32,7 @@ variables: GET_SOURCES_ATTEMPTS: "3" KNAPSACK_RSPEC_SUITE_REPORT_PATH: knapsack/${CI_PROJECT_NAME}/rspec_report-master.json FLAKY_RSPEC_SUITE_REPORT_PATH: rspec_flaky/report-suite.json + BUILD_ASSETS_IMAGE: "false" before_script: - bundle --version @@ -47,6 +48,7 @@ after_script: stages: - build - prepare + - merge - test - post-test - pages @@ -75,16 +77,6 @@ stages: - mysql:5.7 - redis:alpine -.rails5: &rails5 - allow_failure: true - only: - variables: - - $CI_COMMIT_REF_NAME =~ /rails5/ - - $RAILS5_ENABLED - variables: - BUNDLE_GEMFILE: "Gemfile.rails5" - RAILS5: "true" - # Skip all jobs except the ones that begin with 'docs/'. # Used for commits including ONLY documentation changes. # https://docs.gitlab.com/ce/development/documentation/#testing @@ -121,7 +113,7 @@ stages: <<: *except-docs-and-qa .single-script-job: &single-script-job - image: ruby:2.4-alpine + image: ruby:2.5-alpine stage: test cache: {} dependencies: [] @@ -148,13 +140,12 @@ stages: stage: test script: - JOB_NAME=( $CI_JOB_NAME ) - - export CI_NODE_INDEX=${JOB_NAME[-2]} - - export CI_NODE_TOTAL=${JOB_NAME[-1]} - - export KNAPSACK_REPORT_PATH=knapsack/${CI_PROJECT_NAME}/${JOB_NAME[0]}_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json + - TEST_TOOL=${JOB_NAME[0]} + - export KNAPSACK_REPORT_PATH=knapsack/${CI_PROJECT_NAME}/${TEST_TOOL}_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json - export KNAPSACK_GENERATE_REPORT=true - export SUITE_FLAKY_RSPEC_REPORT_PATH=${FLAKY_RSPEC_SUITE_REPORT_PATH} - - export FLAKY_RSPEC_REPORT_PATH=rspec_flaky/all_${JOB_NAME[0]}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json - - export NEW_FLAKY_RSPEC_REPORT_PATH=rspec_flaky/new_${JOB_NAME[0]}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json + - export FLAKY_RSPEC_REPORT_PATH=rspec_flaky/all_${TEST_TOOL}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json + - export NEW_FLAKY_RSPEC_REPORT_PATH=rspec_flaky/new_${TEST_TOOL}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json - export FLAKY_RSPEC_GENERATE_REPORT=true - export CACHE_CLASSES=true - cp ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} ${KNAPSACK_REPORT_PATH} @@ -177,18 +168,10 @@ stages: <<: *rspec-metadata <<: *use-pg -.rspec-metadata-pg-rails5: &rspec-metadata-pg-rails5 - <<: *rspec-metadata-pg - <<: *rails5 - .rspec-metadata-mysql: &rspec-metadata-mysql <<: *rspec-metadata <<: *use-mysql -.rspec-metadata-mysql-rails5: &rspec-metadata-mysql-rails5 - <<: *rspec-metadata-mysql - <<: *rails5 - .only-canonical-masters: &only-canonical-masters only: - master@gitlab-org/gitlab-ce @@ -227,6 +210,8 @@ stages: script: - git fetch https://gitlab.com/gitlab-org/gitlab-ce.git v9.3.0 - git checkout -f FETCH_HEAD + - sed -i "s/gem 'oj', '~> 2.17.4'//" Gemfile + - bundle update google-protobuf grpc - bundle install $BUNDLE_INSTALL_FLAGS - date - cp config/gitlab.yml.example config/gitlab.yml @@ -246,10 +231,16 @@ package-and-qa: <<: *single-script-job variables: <<: *single-script-job-variables + API_TOKEN: "${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}" SCRIPT_NAME: trigger-build retry: 0 script: - gem install gitlab --no-document + - apk add --update openssl curl jq + - wget $CI_PROJECT_URL/raw/$CI_COMMIT_SHA/scripts/review_apps/review-apps.sh + - chmod 755 review-apps.sh + - source ./review-apps.sh + - wait_for_job_to_be_done "gitlab:assets:compile" - ./$SCRIPT_NAME omnibus when: manual only: @@ -316,7 +307,7 @@ review-docs-cleanup: # Trigger a docker image build in CNG (Cloud Native GitLab) repository # cloud-native-image: - image: ruby:2.4-alpine + image: ruby:2.5-alpine before_script: [] dependencies: [] stage: post-test @@ -324,6 +315,7 @@ cloud-native-image: variables: GIT_DEPTH: "1" cache: {} + when: always script: - gem install gitlab --no-document - CNG_PROJECT_PATH="gitlab-org/build/CNG" BUILD_TRIGGER_TOKEN=$CI_JOB_TOKEN ./scripts/trigger-build cng @@ -369,7 +361,7 @@ update-tests-metadata: flaky-examples-check: <<: *dedicated-runner - image: ruby:2.4-alpine + image: ruby:2.5-alpine services: [] before_script: [] variables: @@ -427,7 +419,6 @@ setup-test-env: script: - bundle exec ruby -Ispec -e 'require "spec_helper" ; TestEnv.init' - scripts/gitaly-test-build # Do not use 'bundle exec' here - - BUNDLE_GEMFILE=Gemfile.rails5 bundle install $BUNDLE_INSTALL_FLAGS artifacts: expire_in: 7d paths: @@ -435,11 +426,54 @@ setup-test-env: - config/secrets.yml - vendor/gitaly-ruby +# GitLab Review apps +.review-base: &review-base + <<: *dedicated-no-docs-no-db-pull-cache-job + image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base + stage: test + cache: {} + dependencies: [] + environment: &review-environment + name: review/${CI_COMMIT_REF_NAME} + url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN} + only: + refs: + - branches@gitlab-org/gitlab-ce + - branches@gitlab-org/gitlab-ee + kubernetes: active + except: + refs: + - master + - /(^docs[\/-].*|.*-docs$)/ + before_script: [] + +.review-docker: &review-docker + <<: *review-base + image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine + services: + - docker:stable-dind + tags: + - gitlab-org + - docker + variables: &review-docker-variables + GIT_DEPTH: "1" + DOCKER_DRIVER: overlay2 + DOCKER_HOST: tcp://docker:2375 + LATEST_QA_IMAGE: "gitlab/${CI_PROJECT_NAME}-qa:nightly" + QA_IMAGE: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab/${CI_PROJECT_NAME}-qa:${CI_COMMIT_REF_SLUG}" + +build-qa-image: + <<: *review-docker + stage: prepare + script: + - time docker build --cache-from ${LATEST_QA_IMAGE} --tag ${QA_IMAGE} ./qa/ + - echo "${CI_JOB_TOKEN}" | docker login --username gitlab-ci-token --password-stdin ${CI_REGISTRY} + - time docker push ${QA_IMAGE} + danger-review: <<: *pull-cache image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger stage: test - allow_failure: true dependencies: [] before_script: [] only: @@ -457,129 +491,13 @@ danger-review: - yarn install --frozen-lockfile --cache-folder .yarn-cache - danger --fail-on-errors=true -rspec-pg 0 30: *rspec-metadata-pg -rspec-pg 1 30: *rspec-metadata-pg -rspec-pg 2 30: *rspec-metadata-pg -rspec-pg 3 30: *rspec-metadata-pg -rspec-pg 4 30: *rspec-metadata-pg -rspec-pg 5 30: *rspec-metadata-pg -rspec-pg 6 30: *rspec-metadata-pg -rspec-pg 7 30: *rspec-metadata-pg -rspec-pg 8 30: *rspec-metadata-pg -rspec-pg 9 30: *rspec-metadata-pg -rspec-pg 10 30: *rspec-metadata-pg -rspec-pg 11 30: *rspec-metadata-pg -rspec-pg 12 30: *rspec-metadata-pg -rspec-pg 13 30: *rspec-metadata-pg -rspec-pg 14 30: *rspec-metadata-pg -rspec-pg 15 30: *rspec-metadata-pg -rspec-pg 16 30: *rspec-metadata-pg -rspec-pg 17 30: *rspec-metadata-pg -rspec-pg 18 30: *rspec-metadata-pg -rspec-pg 19 30: *rspec-metadata-pg -rspec-pg 20 30: *rspec-metadata-pg -rspec-pg 21 30: *rspec-metadata-pg -rspec-pg 22 30: *rspec-metadata-pg -rspec-pg 23 30: *rspec-metadata-pg -rspec-pg 24 30: *rspec-metadata-pg -rspec-pg 25 30: *rspec-metadata-pg -rspec-pg 26 30: *rspec-metadata-pg -rspec-pg 27 30: *rspec-metadata-pg -rspec-pg 28 30: *rspec-metadata-pg -rspec-pg 29 30: *rspec-metadata-pg +rspec-pg: + <<: *rspec-metadata-pg + parallel: 50 -rspec-mysql 0 30: *rspec-metadata-mysql -rspec-mysql 1 30: *rspec-metadata-mysql -rspec-mysql 2 30: *rspec-metadata-mysql -rspec-mysql 3 30: *rspec-metadata-mysql -rspec-mysql 4 30: *rspec-metadata-mysql -rspec-mysql 5 30: *rspec-metadata-mysql -rspec-mysql 6 30: *rspec-metadata-mysql -rspec-mysql 7 30: *rspec-metadata-mysql -rspec-mysql 8 30: *rspec-metadata-mysql -rspec-mysql 9 30: *rspec-metadata-mysql -rspec-mysql 10 30: *rspec-metadata-mysql -rspec-mysql 11 30: *rspec-metadata-mysql -rspec-mysql 12 30: *rspec-metadata-mysql -rspec-mysql 13 30: *rspec-metadata-mysql -rspec-mysql 14 30: *rspec-metadata-mysql -rspec-mysql 15 30: *rspec-metadata-mysql -rspec-mysql 16 30: *rspec-metadata-mysql -rspec-mysql 17 30: *rspec-metadata-mysql -rspec-mysql 18 30: *rspec-metadata-mysql -rspec-mysql 19 30: *rspec-metadata-mysql -rspec-mysql 20 30: *rspec-metadata-mysql -rspec-mysql 21 30: *rspec-metadata-mysql -rspec-mysql 22 30: *rspec-metadata-mysql -rspec-mysql 23 30: *rspec-metadata-mysql -rspec-mysql 24 30: *rspec-metadata-mysql -rspec-mysql 25 30: *rspec-metadata-mysql -rspec-mysql 26 30: *rspec-metadata-mysql -rspec-mysql 27 30: *rspec-metadata-mysql -rspec-mysql 28 30: *rspec-metadata-mysql -rspec-mysql 29 30: *rspec-metadata-mysql - -rspec-pg-rails5 0 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 1 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 2 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 3 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 4 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 5 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 6 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 7 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 8 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 9 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 10 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 11 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 12 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 13 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 14 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 15 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 16 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 17 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 18 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 19 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 20 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 21 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 22 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 23 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 24 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 25 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 26 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 27 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 28 30: *rspec-metadata-pg-rails5 -rspec-pg-rails5 29 30: *rspec-metadata-pg-rails5 - -rspec-mysql-rails5 0 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 1 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 2 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 3 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 4 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 5 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 6 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 7 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 8 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 9 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 10 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 11 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 12 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 13 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 14 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 15 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 16 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 17 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 18 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 19 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 20 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 21 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 22 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 23 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 24 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 25 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 26 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 27 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 28 30: *rspec-metadata-mysql-rails5 -rspec-mysql-rails5 29 30: *rspec-metadata-mysql-rails5 +rspec-mysql: + <<: *rspec-metadata-mysql + parallel: 50 static-analysis: <<: *dedicated-no-docs-no-db-pull-cache-job @@ -589,7 +507,7 @@ static-analysis: script: - scripts/static-analysis cache: - key: "ruby-2.4.5-debian-stretch-with-yarn-and-rubocop" + key: "debian-stretch-ruby-2.5.3-node-10.x-and-rubocop" paths: - vendor/ruby - .yarn-cache/ @@ -614,8 +532,7 @@ docs lint: # Build HTML from Markdown - bundle exec nanoc # Check the internal links - # Disabled until https://gitlab.com/gitlab-com/gitlab-docs/issues/305 is resolved - # - bundle exec nanoc check internal_links + - bundle exec nanoc check internal_links downtime_check: <<: *rake-exec @@ -626,14 +543,9 @@ downtime_check: - /(^docs[\/-].*|.*-docs$)/ - /(^qa[\/-].*|.*-qa$)/ -rails5_gemfile_lock_check: - <<: *dedicated-no-docs-no-db-pull-cache-job - <<: *except-docs-and-qa - script: - - scripts/rails5-gemfile-lock-check - ee_compat_check: <<: *rake-exec + dependencies: [] except: - master - tags @@ -695,8 +607,8 @@ gitlab:setup-mysql: # Frontend-related jobs gitlab:assets:compile: - <<: *dedicated-no-docs-and-no-qa-pull-cache-job - image: dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.4.4-git-2.18-chrome-69.0-node-8.x-yarn-1.2-graphicsmagick-1.3.29-docker-18.06.1 + <<: *dedicated-no-docs-pull-cache-job + image: dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.5.3-git-2.18-chrome-69.0-node-8.x-yarn-1.12-graphicsmagick-1.3.29-docker-18.06.1 dependencies: [] services: - docker:stable-dind @@ -723,8 +635,14 @@ gitlab:assets:compile: paths: - webpack-report/ - public/assets/ + only: + - //@gitlab-org/gitlab-ce + - //@gitlab-org/gitlab-ee + - //@gitlab/gitlabhq + - //@gitlab/gitlab-ee tags: - - docker + - gitlab-org-delivery + - high-cpu karma: <<: *dedicated-no-docs-pull-cache-job @@ -752,6 +670,32 @@ karma: reports: junit: junit_karma.xml +jest: + <<: *dedicated-no-docs-and-no-qa-pull-cache-job + <<: *use-pg + dependencies: + - compile-assets + - setup-test-env + script: + - scripts/gitaly-test-spawn + - date + - bundle exec rake karma:fixtures + - date + - yarn jest --ci --coverage + artifacts: + name: coverage-frontend + expire_in: 31d + when: always + paths: + - coverage-frontend/ + - junit_jest.xml + reports: + junit: junit_jest.xml + cache: + key: jest + paths: + - tmp/jest/jest/ + code_quality: <<: *dedicated-no-docs-no-db-pull-cache-job image: docker:stable @@ -776,7 +720,8 @@ code_quality: --volume /var/run/docker.sock:/var/run/docker.sock "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code artifacts: - paths: [gl-code-quality-report.json] + reports: + codequality: gl-code-quality-report.json expire_in: 1 week sast: @@ -800,7 +745,8 @@ sast: --volume /var/run/docker.sock:/var/run/docker.sock "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code artifacts: - paths: [gl-sast-report.json] + reports: + sast: gl-sast-report.json dependency_scanning: <<: *dedicated-no-docs-no-db-pull-cache-job @@ -822,7 +768,8 @@ dependency_scanning: --volume /var/run/docker.sock:/var/run/docker.sock "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$SP_VERSION" /code artifacts: - paths: [gl-dependency-scanning-report.json] + reports: + dependency_scanning: gl-dependency-scanning-report.json qa:internal: <<: *dedicated-no-docs-no-db-pull-cache-job @@ -840,6 +787,40 @@ qa:selectors: - bundle install - bundle exec bin/qa Test::Sanity::Selectors +.qa-frontend-node: &qa-frontend-node + stage: test + variables: + NODE_OPTIONS: --max_old_space_size=3584 + cache: + key: "$CI_JOB_NAME" + paths: + - .yarn-cache/ + dependencies: [] + before_script: [] + script: + - date + - yarn install --frozen-lockfile --cache-folder .yarn-cache + - date + - yarn run webpack-prod + <<: *except-docs + +qa-frontend-node:6: + <<: *qa-frontend-node + image: node:6-alpine + +qa-frontend-node:8: + <<: *qa-frontend-node + image: node:8-alpine + +qa-frontend-node:10: + <<: *qa-frontend-node + image: node:10-alpine + +qa-frontend-node:latest: + <<: *qa-frontend-node + image: node:alpine + allow_failure: true + coverage: # Don't include dedicated-no-docs-no-db-pull-cache-job here since we need to # download artifacts from all the rspec jobs instead of from setup-test-env only @@ -862,9 +843,7 @@ coverage: lint:javascript:report: <<: *dedicated-no-docs-and-no-qa-pull-cache-job stage: post-test - dependencies: - - compile-assets - - setup-test-env + dependencies: [] before_script: [] script: - date @@ -891,6 +870,8 @@ pages: - mv coverage-javascript/ public/coverage-javascript/ || true - mv eslint-report.html public/ || true - mv webpack-report/ public/webpack-report/ || true + - cp .public/assets/application-*.css public/application.css || true + - cp .public/assets/application-*.css.gz public/application.css.gz || true artifacts: paths: - public @@ -918,6 +899,7 @@ gitlab_git_test: variables: SETUP_DB: "false" before_script: [] + dependencies: [] cache: {} script: - spec/support/prepare-gitlab-git-test-for-commit --check-for-changes @@ -928,6 +910,7 @@ no_ee_check: variables: SETUP_DB: "false" before_script: [] + dependencies: [] cache: {} script: - scripts/no-ee-check @@ -935,86 +918,102 @@ no_ee_check: - //@gitlab-org/gitlab-ce # GitLab Review apps -review: - image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base - stage: test +review-deploy: + <<: *review-base + retry: 2 allow_failure: true - before_script: - - gem install gitlab --no-document variables: GIT_DEPTH: "1" - HOST_SUFFIX: "$CI_ENVIRONMENT_SLUG" - DOMAIN: "-$CI_ENVIRONMENT_SLUG.$REVIEW_APPS_DOMAIN" + HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}" + DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}" GITLAB_HELM_CHART_REF: "master" + API_TOKEN: "${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}" + environment: + <<: *review-environment + on_stop: review-stop + before_script: + - apk update && apk add jq + - gem install gitlab --no-document script: - export GITLAB_SHELL_VERSION=$( + +### Target audience + + + ### Further details -(Include use cases, benefits, and/or goals) + ### Proposal + + ### What does success look like, and how can we measure that? -(If no way to measure success, link to an issue that will implement a way to measure this) + ### Links / references diff --git a/.gitlab/issue_templates/Research proposal.md b/.gitlab/issue_templates/Research proposal.md deleted file mode 100644 index 5676656793..0000000000 --- a/.gitlab/issue_templates/Research proposal.md +++ /dev/null @@ -1,17 +0,0 @@ -### Background: - -(Include problem, use cases, benefits, and/or goals) - -**What questions are you trying to answer?** - -**Are you looking to verify an existing hypothesis or uncover new issues you should be exploring?** - -**What is the backstory of this project and how does it impact the approach?** - -**What do you already know about the areas you are exploring?** - -**What does success look like at the end of the project?** - -### Links / references: - -/label ~"UX research" diff --git a/.gitlab/issue_templates/Security developer workflow.md b/.gitlab/issue_templates/Security developer workflow.md index 69cf7fe154..08651195d9 100644 --- a/.gitlab/issue_templates/Security developer workflow.md +++ b/.gitlab/issue_templates/Security developer workflow.md @@ -16,6 +16,7 @@ Set the title to: `[Security] Description of the original issue` - [ ] Add a link to the MR to the [links section](#links) - [ ] Add a link to an EE MR if required - [ ] Make sure the MR remains in-progress and gets approved after the review cycle, **but never merged**. +- [ ] Add a link to this issue on the original security issue. #### Backports @@ -37,6 +38,7 @@ Set the title to: `[Security] Description of the original issue` - [ ] Fill in any upgrade notes that users may need to take into account in the [details section](#details) - [ ] Add Yes/No and further details if needed to the migration and settings columns in the [details section](#details) - [ ] Add the nickname of the external user who found the issue (and/or HackerOne profile) to the Thanks row in the [details section](#details) +- [ ] Once your `master` MR is merged, comment on the original security issue with a link to that MR indicating the issue is fixed. ### Summary diff --git a/.gitlab/issue_templates/Test plan.md b/.gitlab/issue_templates/Test plan.md index db8e30c419..a3c3f4a650 100644 --- a/.gitlab/issue_templates/Test plan.md +++ b/.gitlab/issue_templates/Test plan.md @@ -64,7 +64,7 @@ Some features might be simple enough that they only involve one Component, while more complex features could involve multiple or even all. Example (from https://gitlab.com/gitlab-org/gitlab-ce/issues/50353): -* Respository is +* Repository is * Intuitive * It's easy to select the desired file template * It doesn't require unnecessary actions to save the change @@ -93,4 +93,4 @@ When adding new automated tests, please keep [testing levels](https://docs.gitla in mind. --> -/label ~Quality ~"test plan" \ No newline at end of file +/label ~Quality ~"test plan" diff --git a/.nvmrc b/.nvmrc index dba04c1e17..db24ab967f 100644 --- a/.nvmrc +++ b/.nvmrc @@ -1 +1 @@ -8.11.3 +10.13.0 diff --git a/.rubocop.yml b/.rubocop.yml index a95ded8af1..e8e550fdbd 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -8,7 +8,7 @@ require: - rubocop-rspec AllCops: - TargetRailsVersion: 4.2 + TargetRailsVersion: 5.0 Exclude: - 'vendor/**/*' - 'node_modules/**/*' @@ -50,7 +50,6 @@ Style/FrozenStringLiteralComment: - 'danger/**/*' - 'db/**/*' - 'ee/**/*' - - 'lib/gitlab/**/*' - 'lib/tasks/**/*' - 'qa/**/*' - 'rubocop/**/*' @@ -175,3 +174,9 @@ GitlabSecurity/PublicSend: - 'ee/db/**/*' - 'ee/lib/**/*.rake' - 'ee/spec/**/*' + +Cop/InjectEnterpriseEditionModule: + Enabled: true + Exclude: + - 'spec/**/*' + - 'ee/spec/**/*' diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 571df7534c..847a0f74aa 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -107,12 +107,6 @@ Lint/UriEscapeUnescape: Metrics/LineLength: Max: 1310 -# Offense count: 2 -Naming/ConstantName: - Exclude: - - 'lib/gitlab/import_sources.rb' - - 'lib/gitlab/ssh_public_key.rb' - # Offense count: 11 # Configuration parameters: EnforcedStyle. # SupportedStyles: lowercase, uppercase @@ -155,17 +149,6 @@ RSpec/ExpectChange: RSpec/ExpectInHook: Enabled: false -# Offense count: 7 -# Configuration parameters: EnforcedStyle. -# SupportedStyles: implicit, each, example -RSpec/HookArgument: - Exclude: - - 'spec/spec_helper.rb' - - 'spec/support/carrierwave.rb' - - 'spec/support/db_cleaner.rb' - - 'spec/support/gitaly.rb' - - 'spec/support/setup_builds_storage.rb' - # Offense count: 19 # Configuration parameters: EnforcedStyle. # SupportedStyles: it_behaves_like, it_should_behave_like diff --git a/.ruby-version b/.ruby-version index 59aa62c1fa..aedc15bb0c 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -2.4.5 +2.5.3 diff --git a/CHANGELOG.md b/CHANGELOG.md index b5ebe36ab1..8890a82932 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,30 +2,54 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. -## 11.5.10 (2019-01-30) +## 11.7.5 (2019-02-06) + +### Fixed (8 changes) + +- Fix import handling errors in Bitbucket Server importer. !24499 +- Adjusts suggestions unable to be applied. !24603 +- Fix 500 errors with legacy appearance logos. !24615 +- Fix form functionality for edit tag page. !24645 +- Update Workhorse to v8.0.2. !24870 +- Downcase aliased OAuth2 callback providers. !24877 +- Fix Detect Host Keys not working. !24884 +- Changed external wiki query method to prevent attribute caching. !24907 + + +## 11.7.4 (2019-02-04) + +### Security (1 change) + +- Use sanitized user status message for user popover. + + +## 11.7.3 (2019-01-30) - No changes. -## 11.5.9 (2019-01-29) +## 11.7.2 (2019-01-29) -### Security (21 changes) +### Security (24 changes) - Make potentially malicious links more visible in the UI and scrub RTLO chars from links. !2770 - Don't process MR refs for guests in the notes. !2771 -- Add more LFS validations to prevent forgery. -- Verify that LFS upload requests are genuine. +- Sanitize user full name to clean up any URL to prevent mail clients from auto-linking URLs. !2828 - Fixed XSS content in KaTex links. +- Disallows unauthorized users from accessing the pipelines section. +- Verify that LFS upload requests are genuine. +- Extract GitLab Pages using RubyZip. - Prevent awarding emojis to notes whose parent is not visible to user. - Prevent unauthorized replies when discussion is locked or confidential. - Disable git v2 protocol temporarily. - Fix showing ci status for guest users when public pipline are not set. - Fix contributed projects info still visible when user enable private profile. -- Extract GitLab Pages using RubyZip. -- Disallows unauthorized users from accessing the pipelines section. +- Add subresources removal to member destroy service. +- Add more LFS validations to prevent forgery. - Use common error for unauthenticated users when creating issues. - Fix slow regex in project reference pattern. - Fix private user email being visible in push (and tag push) webhooks. - Fix wiki access rights when external wiki is enabled. +- Group guests are no longer able to see merge requests they don't have access to at group level. - Fix path disclosure on project import error. - Restrict project import visibility based on its group. - Expose CI/CD trigger token only to the trigger owner. @@ -37,31 +61,228 @@ entry. - Fix uninitialized constant with GitLab Pages. -## 11.5.8 (2019-01-28) +## 11.7.1 (2019-01-28) - Unreleased due to quality assurance failure. -## 11.5.7 (2019-01-15) +## 11.7.0 (2019-01-22) -### Security (1 change) +### Security (14 changes, 1 of them is from the community) +- Escape label and milestone titles to prevent XSS in GFM autocomplete. !2693 +- Bump Ruby on Rails to 5.0.7.1. !23396 (@blackst0ne) +- Delete confidential todos for user when downgraded to Guest. +- Project guests no longer are able to see refs page. +- Set URL rel attribute for broken URLs. +- Prevent leaking protected variables for ambiguous refs. +- Authorize before reading job information via API. +- Allow changing group CI/CD settings only for owners. +- Fix SSRF with import_url and remote mirror url. +- Don't expose cross project repositories through diffs when creating merge reqeusts. - Validate bundle files before unpacking them. +- Issuable no longer is visible to users when project can't be viewed. +- Escape html entities in LabelReferenceFilter when no label found. +- Prevent private snippets from being embeddable. + +### Removed (3 changes, 1 of them is from the community) + +- Removes all instances of deprecated Gitlab Upgrader calls. !23603 (@jwolen) +- Removed discard draft comment button form notes. !24185 +- Remove migration to backfill project_repositories for legacy storage projects. !24299 + +### Fixed (42 changes, 7 of them are from the community) + +- Prevent awards emoji being updated when updating status. !23470 +- Allow merge after rebase without page refresh on FF repositories. !23572 +- Prevent admins from attempting hashed storage migration on read only DB. !23597 +- Correct the ordering of metrics on the performance dashboard. !23630 +- Display empty files properly on MR diffs. !23671 (Sean Nichols) +- Allow GitHub imports via token even if OAuth2 provider not configured. !23703 +- Update header navigation theme colors. !23734 (George Tsiolis) +- Fix login box bottom margins on signin page. !23739 (@gear54) +- Return an ApplicationSetting in CurrentSettings. !23766 +- Fix bug commenting on LFS images. !23812 +- Only prompt user once when navigating away from file editor. !23820 (Sam Bigelow) +- Display commit ID for discussions made on merge request commits. !23837 +- Stop autofocusing on diff comment after initial mount. !23849 +- Fix object storage not working properly with Google S3 compatibility. !23858 +- Fix project calendar feed when sorted by priority. !23870 +- Fix edit button disappearing in issue title. !23948 (Ruben Moya) +- Aligns build loader animation with the job log. !23959 +- Allow 'rake gitlab:cleanup:remote_upload_files' to read bucket files without having permissions to see all buckets. !23981 +- Correctly externalize pipeline tags. !24028 +- Fix error when creating labels in a new issue in the boards page. !24039 (Ruben Moya) +- Use 'parsePikadayDate' to parse due date string. !24045 +- Fix commit SHA not showing in merge request compare dropdown. !24084 +- Remove top margin in modal header titles. !24108 +- Drop Webhooks from project import/export config. !24121 +- Only validate project visibility when it has changed. !24142 +- Resolve About this feature link should open in new window. !24149 +- Add syntax highlighting to suggestion diff. !24156 +- Fix Bitbucket Server import only including first 25 pull requests. !24178 +- Enable caching for records which primary key is not `id`. !24245 +- Adjust applied suggestion reverting previous changes. !24250 +- Fix unexpected exception by failure of finding an actual head pipeline. !24257 +- Fix broken templated "Too many changes to show" text. !24282 +- Fix requests profiler in admin page not rendering HTML properly. !24291 +- Fix no avatar not showing in user selection box. !24346 +- Upgrade to gitaly 1.12.1. !24361 +- Fix runner eternal loop when update job result. !24481 +- Fix notification email for image diff notes. +- Fixed merge request diffs empty states. +- Fixed diff suggestions removing dashes. +- Don't hide CI dropdown behind diff summary. (gfyoung) +- Fix spacing on discussions. +- Fixes missing margin in releases block. + +### Changed (22 changes, 8 of them are from the community) + +- Show clusters of ancestors in cluster list page. !22996 +- Remove unnecessary line before reply holder. !23092 (George Tsiolis) +- Make the Pages permission setting more clear. !23146 +- Disable merging of labels with same names. !23265 +- Allow basic authentication on go get middleware. !23497 (Morty Choi @mortyccp) +- No longer require email subaddressing for issue creation by email. !23523 +- Adjust padding of .dropdown-title to comply with design specs. !23546 +- Make commit IDs in merge request discussion header monospace. !23562 +- Update environments breadcrumb. !23751 (George Tsiolis) +- Add date range in milestone change email notifications. !23762 +- Require Knative to be installed only on an RBAC kubernetes cluster. !23807 (Chris Baumbauer) +- Fix label and header styles in the job details sidebar. !23816 (Nathan Friend) +- Add % prefix to milestone reference links. !23928 +- Reorder sidebar menu item for group clusters. !24001 (George Tsiolis) +- Support CURD operation for Links as one of the Release assets. !24056 +- Upgrade Omniauth and JWT gems to switch away from Google+ API. !24068 +- Renames Milestone sort into Milestone due date. !24080 (Jacopo Beschi @jacopo-beschi) +- Discussion filter only displayed in discussions tab for merge requests. !24082 +- Make RBAC enabled default for new clusters. !24119 +- Hashed Storage: Only set as `read_only` when starting the per-project migration. !24128 +- Knative version bump 0.1.3 -> 0.2.2. (Chris Baumbauer) +- Show message on non-diff discussions. + +### Performance (7 changes) + +- Fix some N+1 queries related to Admin Dashboard, User Dashboards and Activity Stream. !23034 +- Add indexes to speed up CI query. !23188 +- Improve the loading time on merge request's discussion page by caching diff highlight. !23857 +- Cache avatar URLs and paths within a request. !23950 +- Improve snippet search performance by removing duplicate counts. !23952 +- Skip per-commit validations already evaluated. !23984 +- Fix timeout issues retrieving branches via API. !24034 + +### Added (29 changes, 6 of them are from the community) + +- Handle ci.skip push option. !15643 (Jonathon Reinhart) +- Add NGINX 0.16.0 and above metrics. !22133 +- Add project milestone link. !22552 +- Support tls communication in gitaly. !22602 +- Add option to make ci variables protected by default. !22744 (Alexis Reigel) +- Add project identifier as List-Id email Header to ease filtering. !22817 (Olivier CrĂȘte) +- Add markdown helper buttons to file editor. !23480 +- Allow to include templates in gitlab-ci.yml. !23495 +- Extend override check to also check arity. !23498 (Jacopo Beschi @jacopo-beschi) +- Add importing of issues from CSV file. !23532 +- Add submit feedback link to help dropdown. !23547 +- Send a notification email to project maintainers when a mirror update fails. !23595 +- Restore Object Pools when restoring an object pool. !23682 +- Creates component for release block. !23697 +- Configure Auto DevOps deployed applications with secrets from prefixed CI variables. !23719 +- Add name, author_id, and sha to releases table. !23763 +- Display a list of Sentry Issues in GitLab. !23770 +- Releases API. !23795 +- Creates frontend app for releases. !23796 +- Add new pipeline variable CI_COMMIT_SHORT_SHA. !23822 +- Create system notes on issue / MR creation when labels, milestone, or due date is set. !23859 +- Adds API documentation for releases. !23901 +- Add API Support for Kubernetes integration. !23922 +- Expose CI/CD predefined variable `CI_API_V4_URL`. !23936 +- Add Knative metrics to Prometheus. !23972 (Chris Baumbauer) +- Use reports syntax for Dependency scanning in Auto DevOps. !24081 +- Allow to include files from another projects in gitlab-ci.yml. !24101 +- User Popovers for Commit Infos, Member Lists and Snippets. !24132 +- Add no-color theme for syntax highlighting. (khm) + +### Other (45 changes, 30 of them are from the community) + +- Redesign project lists UI. !22682 +- [Rails5.1] Update functional specs to use new keyword format. !23095 (@blackst0ne) +- Update a condition to visibility a merge request collaboration message. !23104 (Harry Kiselev) +- Remove framework/mobile.scss. !23301 (Takuya Noguchi) +- Passing the separator argument as a positional parameter is deprecated. !23334 (Jasper Maes) +- Clarifies docs about CI `allow_failure`. !23367 (C.J. Jameson) +- Refactor issuable sidebar to use serializer. !23379 +- Refactor the logic of updating head pipelines for merge requests. !23502 +- Allow user to add Kubernetes cluster for clusterable when there are ancestor clusters. !23569 +- Adds explanatory text to input fields on user profile settings page. !23673 +- Externalize strings from `/app/views/shared/notes`. !23696 (Tao Wang) +- Remove rails 4 support in CI, Gemfiles, bin/ and config/. !23717 (Jasper Maes) +- Fix calendar events fetching error on private profile page. !23718 (Harry Kiselev) +- Update GitLab Workhorse to v8.0.0. !23740 +- Hide confidential events in the API. !23746 +- Changed Userpopover Fixtures and shadow color. !23768 +- Fix deprecation: Passing conditions to delete_all is deprecated. !23817 (Jasper Maes) +- Fix deprecation: Passing ActiveRecord::Base objects to sanitize_sql_hash_for_assignment. !23818 (Jasper Maes) +- Remove rails4 specific code. !23847 (Jasper Maes) +- Remove deprecated ActionDispatch::ParamsParser. !23848 (Jasper Maes) +- Fix deprecation: Comparing equality between ActionController::Parameters and a Hash is deprecated. !23855 (Jasper Maes) +- Fix deprecation: Directly inheriting from ActiveRecord::Migration is deprecated. !23884 (Jasper Maes) +- Fix deprecation: alias_method_chain is deprecated. Please, use Module#prepend instead. !23887 (Jasper Maes) +- Update specs to exclude possible false positive pass. !23893 (@blackst0ne) +- Passing an argument to force an association to reload is now deprecated. !23894 (Jasper Maes) +- ActiveRecord::Migration -> ActiveRecord::Migration[5.0]. !23910 (Jasper Maes) +- Split bio into individual line in extended user tooltips. !23940 +- Fix deprecation: redirect_to :back is deprecated. !23943 (Jasper Maes) +- Fix deprecation: insert_sql is deprecated and will be removed. !23944 (Jasper Maes) +- Upgrade @gitlab/ui to 1.16.2. !23946 +- convert specs in javascripts/ and support/ to new syntax. !23947 (Jasper Maes) +- Remove deprecated xhr from specs. !23949 (Jasper Maes) +- Remove app/views/shared/issuable/_filter.html.haml. !24008 (Takuya Noguchi) +- Fix deprecation: Using positional arguments in integration tests. !24009 (Jasper Maes) +- UI improvements for redesigned project lists. !24011 +- Update cert-manager chart from v0.5.0 to v0.5.2. !24025 (Takuya Noguchi) +- Hide spinner on empty activites list on user profile overview. !24063 +- Don't show Auto DevOps enabled banner for projects with CI file or CI disabled. !24067 +- Update GitLab Runner Helm Chart to 0.1.43. !24083 +- Fix navigation style in docs. !24090 (Takuya Noguchi) +- Remove gem install bundler from Docker-based Ruby environments. !24093 (Takuya Noguchi) +- Fix deprecation: Using positional arguments in integration tests. !24110 (Jasper Maes) +- Fix deprecation: returning false in Active Record and Active Model callbacks will not implicitly halt a callback chain. !24134 (Jasper Maes) +- ActiveRecord::Migration -> ActiveRecord::Migration[5.0] for AddIndexesToCiBuildsAndPipelines. !24167 (Jasper Maes) +- Update url placeholder for the sentry configuration page. !24338 -## 11.5.6 (2018-12-28) +## 11.6.3 (2019-01-04) -### Security (17 changes) +### Fixed (1 change) -- Escape label and milestone titles to prevent XSS in GFM autocomplete. !2741 -- Validate LFS hrefs before downloading them. -- Ensure that build token is only used when running. +- Fix clone URL not showing if protocol is HTTPS. !24131 + + +## 11.6.2 (2019-01-02) + +### Fixed (7 changes) + +- Hide cluster features that don't work yet with Group Clusters. !23935 +- Fix a 500 error that could occur until all migrations are done. !23939 +- Fix missing Git clone button when protocol restriction setting enabled. !24015 +- Fix clone dropdown parent inheritance issues in HAML. !24029 +- Fix content-disposition in blobs and files API endpoint. !24078 +- Fixed markdown toolbar buttons. +- Adjust line-height of blame view line numbers. + + +## 11.6.1 (2018-12-28) + +### Security (15 changes) + +- Escape label and milestone titles to prevent XSS in GFM autocomplete. !2740 +- Prevent private snippets from being embeddable. - Add subresources removal to member destroy service. -- Prevent a path traversal attack on global file templates. +- Escape html entities in LabelReferenceFilter when no label found. - Allow changing group CI/CD settings only for owners. - Authorize before reading job information via API. - Prevent leaking protected variables for ambiguous refs. -- Escape html entities in LabelReferenceFilter when no label found. -- Prevent private snippets from being embeddable. +- Ensure that build token is only used when running. - Issuable no longer is visible to users when project can't be viewed. - Don't expose cross project repositories through diffs when creating merge reqeusts. - Fix SSRF with import_url and remote mirror url. @@ -75,6 +296,283 @@ entry. - Fix due date test. !23845 +## 11.6.0 (2018-12-22) + +### Security (24 changes, 1 of them is from the community) + +- Fix possible XSS attack in Markdown urls with spaces. !2599 +- Update rack to 2.0.6 (for QA environments). !23171 (Takuya Noguchi) +- Bump nokogiri, loofah, and rack gems for security updates. !23204 +- Encrypt runners tokens. !23412 +- Encrypt CI/CD builds authentication tokens. !23436 +- Configure mermaid to not render HTML content in diagrams. +- Fix a possible symlink time of check to time of use race condition in GitLab Pages. +- Removed ability to see private group names when the group id is entered in the url. +- Fix stored XSS for Environments. +- Fix persistent symlink in project import. +- Fixed ability of guest users to edit/delete comments on locked or confidential issues. +- Fixed ability to comment on locked/confidential issues. +- Fix CRLF vulnerability in Project hooks. +- Fix SSRF in project integrations. +- Resolve reflected XSS in Ouath authorize window. +- Restrict Personal Access Tokens to API scope on web requests. +- Provide email notification when a user changes their email address. +- Don't expose confidential information in commit message list. +- Validate LFS hrefs before downloading them. +- Do not follow redirects in Prometheus service when making http requests to the configured api url. +- Escape user fullname while rendering autocomplete template to prevent XSS. +- Redact sensitive information on gitlab-workhorse log. +- Fix milestone promotion authorization check. +- Prevent a path traversal attack on global file templates. + +### Removed (1 change) + +- Remove obsolete gitlab_shell rake tasks. !22417 + +### Fixed (86 changes, 13 of them are from the community) + +- Remove limit of 100 when searching repository code. !8671 +- Show error message when attempting to reopen an MR and there is an open MR for the same branch. !16447 (Akos Gyimesi) +- Fix a bug where internal email pattern wasn't respected. !22516 +- Fix project selector consistency in groups issues / MRs / boards pages. !22612 (Heinrich Lee Yu) +- Add empty state for graphs with no values. !22630 +- Fix navigating by unresolved discussions on Merge Request page. !22789 +- Fix "merged with [commit]" info for merge requests being merged automatically by other actions. !22794 +- Fixing regression issues on pages settings and details. !22821 +- Remove duplicate primary button in dashboard snippets on small viewports. !22902 (George Tsiolis) +- Fix API::Namespaces routing to accept namepaces with dots. !22912 +- Switch kubernetes:active with checking in Auto-DevOps.gitlab-ci.yml. !22929 +- Avoid Gitaly RPC errors when fetching diff stats. !22995 +- Removes promote to group label for anonymous user. !23042 (Jacopo Beschi @jacopo-beschi) +- Fix enabling project deploy key for admins. !23043 +- Align issue status label and confidential icon. !23046 (George Tsiolis) +- Fix default sorting for subgroups and projects list. !23058 (Jacopo Beschi @jacopo-beschi) +- Hashed Storage: allow migration to be retried in partially migrated projects. !23087 +- Fix line height of numbers in file blame view. !23090 (Johann Hubert Sonntagbauer) +- Fixes an issue where default values from models would override values set in the interface (e.g. users would be set to external even though their emails matches the internal email address pattern). !23114 +- Remove display of local Sidekiq process in /admin/sidekiq. !23118 +- Fix unrelated deployment status in MR widget. !23175 +- Respect confirmed flag on secondary emails. !23181 +- Restrict member access level to be higher than that of any parent group. !23226 +- Return real deployment status to frontend. !23270 +- Handle force_remove_source_branch when creating merge request. !23281 +- Avoid creating invalid refs using rugged, shelling out for writing refs. !23286 +- Remove needless auto-capitalization on Wiki page titles. !23288 +- Modify the wording for the knative cluster application to match upstream. !23289 (Chris Baumbauer) +- Change container width for project import. !23318 (George Tsiolis) +- Validate chunk size when persist. !23341 +- Resolve Main navbar is broken in certain viewport widths. !23348 +- Gracefully handle references with null bytes. !23365 +- Display commit ID for commit diff discussion on merge request. !23370 +- Pass commit when posting diff discussions. !23371 +- Fix flash notice styling for fluid layout. !23382 +- Add monkey patch to unicorn to fix eof? problem. !23385 +- Commits API: Preserve file content in move operations if unspecified. !23387 +- Disable password autocomplete in mirror form fill. !23402 +- Fix "protected branches only" checkbox not set properly at init. !23409 +- Support RSA and ECDSA algorithms in Omniauth JWT provider. !23411 (Michael Tsyganov) +- Make KUBECONFIG nil if KUBE_TOKEN is nil. !23414 +- Allow search and sort users at same time on admin users page. !23439 +- Fix: Unstar icon button is misaligned. !23444 +- Fix error when searching for group issues with priority or popularity sort. !23445 +- Fix Order By dropdown menu styling in tablet and mobile screens. !23446 +- Fix collapsing discussion replies. !23462 +- Gracefully handle unknown/invalid GPG keys. !23492 +- Fix multiple commits shade overlapping vertical discussion line. !23515 +- Use read_repository scope on read-only files API. !23534 +- Avoid 500's when serializing legacy diff notes. !23544 +- Fix web hook functionality when the database encryption key is too short. !23573 +- Hide Knative from group cluster applications until supported. !23577 +- Add top padding for nested environment items loading icon. !23580 (George Tsiolis) +- Improve help and validation sections of maximum build timeout inputs. !23586 +- Fix milestone select in issue sidebar of issue boards. !23625 +- Fix gitlab:web_hook tasks. !23635 +- Avoid caching BroadcastMessage as an ActiveRecord object. !23662 +- Only allow strings in URL::Sanitizer.valid?. !23675 +- Fix a frozen string error in app/mailers/notify.rb. !23683 +- Fix a frozen string error in lib/gitlab/utils.rb. !23690 +- Fix MR resolved discussion counts being too low. !23710 +- Fix a potential frozen string error in app/mailers/notify.rb. !23728 +- Remove unnecessary div from MarkdownField to apply list styles correctly. !23733 +- Display reply field if resolved discussion has no replies. !23801 +- Restore kubernetes:active in Auto-DevOps.gitlab-ci.yml (reverts 22929). !23826 +- Fix mergeUrlParams with fragment URL. !54218 (Thomas Holder) +- Fixed multiple diff line discussions not expanding. +- Fixed diff files expanding not loading commit content. +- Fixed styling of image comment badges on commits. +- Resolve possible cherry pick API race condition. +- When user clicks linenumber in MR changes, highlight that line. +- Remove old webhook logs after 90 days, as documented, instead of after 2. +- Add an external IP address to the knative cluster application page. (Chris Baumbauer) +- Fixed duplicate discussions getting added to diff lines. +- Fix deadlock on ChunkedIO. +- Show tree collapse button for merge request commit diffs. +- Use approximate count for big tables for usage statistics. +- Lock writes to trace stream. +- Ensure that SVG sprite icons are properly rendered in IE11. +- Make new branch form fields' fonts consistent. +- Open first 10 merge request files in IDE. +- Prevent user from navigating away from file edit without commit. +- Prevent empty button being rendered in empty state. +- Adds margins between tags when a job is stuck. +- Fix Image Lazy Loader for some older browsers. +- Correctly styles tags in sidebar for job page. + +### Changed (34 changes, 9 of them are from the community) + +- Include new link in breadcrumb for issues, merge requests, milestones, and labels. !18515 (George Tsiolis) +- Allow sorting issues and MRs in reverse order. !21438 +- Design improvements to project overview page. !22196 +- Remove auto deactivation when failed to create a pipeline via pipeline schedules. !22243 +- Use group clusters when deploying (DeploymentPlatform). !22308 +- Improve initial discussion rendering performance. !22607 +- removes partially matching of No Label filter and makes it case-insensitive. !22622 (Jacopo Beschi @jacopo-beschi) +- Use search bar for filtering in dashboard issues / MRs. !22641 (Heinrich Lee Yu) +- Show different empty state for filtered issues and MRs. !22775 (Heinrich Lee Yu) +- Relocate JSONWebToken::HMACToken from EE. !22906 +- Resolve Add border around the repository file tree. !23018 +- Change breadcrumb title for contribution charts. !23071 (George Tsiolis) +- Update environments metrics empty state. !23074 (George Tsiolis) +- Refine cursor positioning in Markdown Editor for wrap tags. !23085 (Johann Hubert Sonntagbauer) +- Use reports syntax for SAST in Auto DevOps. !23163 +- SystemCheck: Use a more reliable way to detect current Ruby version. !23291 +- Changed frontmatter filtering to support YAML, JSON, TOML, and arbitrary languages. !23331 (Travis Miller) +- Don't remove failed install pods after installing GitLab managed applications. !23350 +- Expose merge request pipeline variables. !23398 +- Scope default MR search in WebIDE dropdown to current project. !23400 +- Show user contributions in correct timezone within user profile. !23419 +- Redesign of MR header sections (CE). !23465 +- Auto DevOps: Add echo for each branch of the deploy() function where we run helm upgrade. !23499 +- Updates service to update Kubernetes project namespaces and restricted service account if present. !23525 +- Adjust divider margin to comply with design specs. !23548 +- Adjust dropdown item and header padding to comply with design specs. !23552 +- Truncate merge request titles with periods instead of ellipsis. !23558 +- Remove close icon from projects dropdown in issue boards. !23567 +- Change dropdown divider color to gray-200 (#dfdfdf). !23592 +- Define the default value for only/except policies. !23765 +- Don't show Memory Usage for unmerged MRs. +- reorder notification settings by noisy-ness. (C.J. Jameson) +- Changed merge request filtering to be by path instead of name. +- Make diff file headers sticky. + +### Performance (22 changes, 6 of them are from the community) + +- Upgrade to Ruby 2.5.3. !2806 +- Removes all the irrelevant code and columns that were migrated from the Project table over to the ProjectImportState table. !21497 +- Approximate counting strategy with TABLESAMPLE. !22650 +- Replace tooltip directive with gl-tooltip diretive in badges, cycle analytics, and diffs. !22770 (George Tsiolis) +- Validate foreign keys being created and indexed for column with _id. !22808 +- Remove monospace extend. !23089 (George Tsiolis) +- Use Nokogiri as the ActiveSupport XML backend. !23136 +- Improve memory performance by reducing dirty pages after fork(). !23169 +- Add partial index for ci_builds on project_id and status. !23268 +- Reduce Gitaly calls in projects dashboard. !23307 +- Batch load only data from same repository when lazy object is accessed. !23309 +- Add index for events on project_id and created_at. !23354 +- Remove index for notes on updated_at. !23356 +- Improves performance of Project#readme_url by caching the README path. !23357 +- Populate MR metrics with events table information (migration). !23564 +- Remove unused data from discussions endpoint. !23570 +- Speed up issue board lists in groups with many projects. +- Use cached size when passing artifacts to Runner. +- Enable even more frozen string for lib/gitlab. (gfyoung) +- Enable even more frozen string in lib/gitlab/**/*.rb. (gfyoung) +- Enable even more frozen string in lib/gitlab/**/*.rb. (gfyoung) +- Enable even more frozen string for lib/gitlab. (gfyoung) + +### Added (32 changes, 13 of them are from the community) + +- Add ability to create group level clusters and install gitlab managed applications. !22450 +- Creates /create_merge_request quickaction. !22485 (Jacopo Beschi @jacopo-beschi) +- Filter by None/Any for labels in issues/mrs API. !22622 (Jacopo Beschi @jacopo-beschi) +- Chat message push notifications now include links back to GitLab branches. !22651 (Tony Castrogiovanni) +- Added feature flag to signal content headers detection by Workhorse. !22667 +- Add Discord integration. !22684 (@blackst0ne) +- Upgrade helm to 2.11.0 and upgrade on every install. !22693 +- Add knative client to kubeclient library. !22968 (cab105) +- Allow SSH public-key authentication for push mirroring. !22982 +- Allow deleting a Pipeline via the API. !22988 +- #40635: Adds support for cert-manager. !23036 (Amit Rathi) +- WebIDE: Pressing Ctrl-Enter while typing on the commit message now performs the commit action. !23049 (Thomas Pathier) +- Adds Any option to label filters. !23111 (Jacopo Beschi @jacopo-beschi) +- Added glob for CI changes detection. !23128 (Kirill Zaitsev) +- Add model and relation to store repo full path in database. !23143 +- Add ability to render suggestions. !23147 +- Introduce Knative and Serverless Components. !23174 (Chris Baumbauer) +- Use BFG object maps to clean projects. !23189 +- Merge request pipelines. !23217 +- Extended user centric tooltips on issue and MR page. !23231 +- Add a rebase API endpoint for merge requests. !23296 +- Add config to prohibit impersonation. !23338 +- Merge request pipeline tag, and adds tags to pipeline view. !23364 +- #52753: HTTPS for JupyterHub installation. !23479 (Amit Rathi) +- Fill project_repositories for hashed storage projects. !23482 +- Ability to override email for cert-manager. !23503 (Amit Rathi) +- Allow public forks to be deduplicated. !23508 +- Pipeline trigger variable values are hidden in the UI by default. Maintainers have the option to reveal them. !23518 (jhampton) +- Add new endpoint to download single artifact file for a ref. !23538 +- Log and pass correlation-id between Unicorn, Sidekiq and Gitaly. +- Allow user to scroll to top of tab on MR page. +- Adds states to the deployment widget. + +### Other (54 changes, 30 of them are from the community) + +- Switch to Rails 5. !21492 +- Migration to write fullpath in all repository configs. !22322 +- Rails5: env is deprecated and will be removed from Rails 5.1. !22626 (Jasper Maes) +- Update haml_lint to 0.28.0. !22660 (Takuya Noguchi) +- Update ffaker to 2.10.0. !22661 (Takuya Noguchi) +- Drop gcp_clusters table. !22713 +- Upgrade minimum required Git version to 2.18.0. !22803 +- Adds new icon size to Vue icon component. !22899 +- Make sure there's only one slash as path separator. !22954 +- Show HTTP response code for Kubernetes errors. !22964 +- Update config map for gitlab managed application if already present on install. !22969 +- Drop default value on status column in deployments table. !22971 +- UI improvements to user's profile. !22977 +- Update asana to 0.8.1. !23039 (Takuya Noguchi) +- Update asciidoctor to 1.5.8. !23047 (Takuya Noguchi) +- Make auto-generated icons for subgroups in the breadcrumb dropdown display as a circle. !23062 (Thomas Pathier) +- Make reply shortcut only quote selected discussion text. !23096 (Thomas Pathier) +- Fix typo in notebook props. !23103 (George Tsiolis) +- Fix typos in lib. !23106 (George Tsiolis) +- Rename diffs store variable. !23123 (George Tsiolis) +- Fix overlapping navbar separator and overflowing navbar dropdown on small displays. !23126 (Thomas Pathier) +- Show what RPC is called in the performance bar. !23140 +- Updated Gitaly to v0.133.0. !23148 +- Rails5: Passing a class as a value in an Active Record query is deprecated. !23164 (Jasper Maes) +- Fix project identicon aligning Harry Kiselev. !23166 (Harry Kiselev) +- Fix horizontal scrollbar overlapping on horizontal scrolling-tabs. !23167 (Harry Kiselev) +- Fix bottom paddings of profile header and some markup updates of profile. !23168 (Harry Kiselev) +- Fixes to AWS documentation spelling and grammar. !23198 (Brendan O'Leary) +- Adds a PHILOSOPHY.md which references GitLab Product Handbook. !23200 +- Externalize strings from `/app/views/invites`. !23205 (Tao Wang) +- Externalize strings from `/app/views/project/runners`. !23208 (Tao Wang) +- Fix typo for scheduled pipeline. !23218 (Davy Defaud) +- Force content disposition attachment to several endpoints. !23223 +- Upgrade kubeclient to 4.0.0. !23261 (Praveen Arimbrathodiyil @pravi) +- Update used version of Runner Helm Chart to 0.1.38. !23304 +- render :nothing option is deprecated, Use head method to respond with empty response body. !23311 (Jasper Maes) +- Passing an argument to force an association to reload is now deprecated. !23334 (Jasper Maes) +- Externalize strings from `/app/views/snippets`. !23351 (Tao Wang) +- Fix deprecation: You are passing an instance of ActiveRecord::Base to. !23369 (Jasper Maes) +- Resolve status emoji being replaced by avatar on mobile. !23408 +- Fix deprecation: render :text is deprecated because it does not actually render a text/plain response. !23425 (Jasper Maes) +- Fix lack of documentation on how to fetch a snippet's content using API. !23448 (Colin Leroy) +- Upgrade GitLab Workhorse to v7.3.0. !23489 +- Fallback to admin KUBE_TOKEN for project clusters only. !23527 +- Update used version of Runner Helm Chart to 0.1.39. !23633 +- Show primary button when all labels are prioritized. !23648 (George Tsiolis) +- Upgrade workhorse to 7.6.0. !23694 +- Upgrade Gitaly to v1.7.1 for correlation-id logging. !23732 +- Fix due date test. !23845 +- Remove unused project method. !54103 (George Tsiolis) +- Uses new gitlab-ui components in Jobs and Pipelines components. +- Replaces tooltip directive with the new gl-tooltip directive for consistency in some ci/cd code. +- Bump gpgme gem version from 2.0.13 to 2.0.18. (asaparov) +- Enable Rubocop on lib/gitlab. (gfyoung) + + ## 11.5.5 (2018-12-20) ### Security (1 change) @@ -82,13 +580,6 @@ entry. - Fix persistent symlink in project import. -## 11.5.4 (2018-12-13) - -### Security (1 change) - -- Validate LFS hrefs before downloading them. - - ## 11.5.3 (2018-12-06) ### Security (1 change) @@ -397,6 +888,55 @@ entry. - Disables stop environment button while the deploy is in progress. +## 11.4.9 (2018-12-03) + +### Fixed (2 changes) + +- Display impersonation token value only after creation. !22916 +- Correctly handle data-loss scenarios when encrypting columns. !23306 + + +## 11.4.8 (2018-11-27) + +### Security (24 changes) + +- Escape entity title while autocomplete template rendering to prevent XSS. !2571 +- Resolve reflected XSS in Ouath authorize window. +- Fix XSS in merge request source branch name. +- Escape user fullname while rendering autocomplete template to prevent XSS. +- Fix CRLF vulnerability in Project hooks. +- Fix possible XSS attack in Markdown urls with spaces. +- Redact sensitive information on gitlab-workhorse log. +- Do not follow redirects in Prometheus service when making http requests to the configured api url. +- Persist only SHA digest of PersonalAccessToken#token. +- Don't expose confidential information in commit message list. +- Provide email notification when a user changes their email address. +- Restrict Personal Access Tokens to API scope on web requests. +- Redact personal tokens in unsubscribe links. +- Fix SSRF in project integrations. +- Fixed ability to comment on locked/confidential issues. +- Fixed ability of guest users to edit/delete comments on locked or confidential issues. +- Fix milestone promotion authorization check. +- Monkey kubeclient to not follow any redirects. +- Configure mermaid to not render HTML content in diagrams. +- Fix a possible symlink time of check to time of use race condition in GitLab Pages. +- Removed ability to see private group names when the group id is entered in the url. +- Fix stored XSS for Environments. +- Prevent SSRF attacks in HipChat integration. +- Validate Wiki attachments are valid temporary files. + + +## 11.4.7 (2018-11-20) + +- No changes. + +## 11.4.6 (2018-11-18) + +### Security (1 change) + +- Escape user fullname while rendering autocomplete template to prevent XSS. + + ## 11.4.5 (2018-11-04) ### Fixed (4 changes, 1 of them is from the community) @@ -666,6 +1206,73 @@ entry. - Check frozen string in style builds. (gfyoung) +## 11.3.14 (2018-12-20) + +### Security (1 change) + +- Fix persistent symlink in project import. + + +## 11.3.13 (2018-12-13) + +### Security (1 change) + +- Validate LFS hrefs before downloading them. + + +## 11.3.12 (2018-12-06) + +### Security (1 change) + +- Prevent a path traversal attack on global file templates. + + +## 11.3.11 (2018-11-26) + +### Security (33 changes) + +- Filter user sensitive data from discussions JSON. !2537 +- Escape entity title while autocomplete template rendering to prevent XSS. !2557 +- Restrict Personal Access Tokens to API scope on web requests. +- Fix XSS in merge request source branch name. +- Escape user fullname while rendering autocomplete template to prevent XSS. +- Fix CRLF vulnerability in Project hooks. +- Fix possible XSS attack in Markdown urls with spaces. +- Redact sensitive information on gitlab-workhorse log. +- Set timeout for syntax highlighting. +- Do not follow redirects in Prometheus service when making http requests to the configured api url. +- Persist only SHA digest of PersonalAccessToken#token. +- Sanitize JSON data properly to fix XSS on Issue details page. +- Don't expose confidential information in commit message list. +- Markdown API no longer displays confidential title references unless authorized. +- Provide email notification when a user changes their email address. +- Properly filter private references from system notes. +- Redact personal tokens in unsubscribe links. +- Resolve reflected XSS in Ouath authorize window. +- Fix SSRF in project integrations. +- Fix stored XSS in merge requests from imported repository. +- Fixed ability to comment on locked/confidential issues. +- Fixed ability of guest users to edit/delete comments on locked or confidential issues. +- Fix milestone promotion authorization check. +- Monkey kubeclient to not follow any redirects. +- Configure mermaid to not render HTML content in diagrams. +- Redact confidential events in the API. +- Fix xss vulnerability sourced from package.json. +- Fix a possible symlink time of check to time of use race condition in GitLab Pages. +- Removed ability to see private group names when the group id is entered in the url. +- Fix stored XSS for Environments. +- Block loopback addresses in UrlBlocker. +- Prevent SSRF attacks in HipChat integration. +- Validate Wiki attachments are valid temporary files. + + +## 11.3.10 (2018-11-18) + +### Security (1 change) + +- Escape user fullname while rendering autocomplete template to prevent XSS. + + ## 11.3.9 (2018-10-31) ### Security (1 change) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 2dc8ac40dd..97dbe2f512 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -15,48 +15,6 @@ repository is licensed under Creative Commons: _This notice should stay as the first item in the CONTRIBUTING.md file._ ---- - - - -**Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* - -- [Contributing Documentation has been moved](#contributing-documentation-has-been-moved) -- [Contribute to GitLab](#contribute-to-gitlab) -- [Security vulnerability disclosure](#security-vulnerability-disclosure) -- [Code of conduct](#code-of-conduct) -- [Closing policy for issues and merge requests](#closing-policy-for-issues-and-merge-requests) -- [Helping others](#helping-others) -- [I want to contribute!](#i-want-to-contribute) -- [Contribution Flow](#contribution-flow) -- [Workflow labels](#workflow-labels) - - [Type labels](#type-labels) - - [Subject labels](#subject-labels) - - [Team labels](#team-labels) - - [Release Scoping labels](#release-scoping-labels) - - [Priority labels](#priority-labels) - - [Severity labels](#severity-labels) - - [Severity impact guidance](#severity-impact-guidance) - - [Label for community contributors](#label-for-community-contributors) -- [Implement design & UI elements](#implement-design--ui-elements) -- [Issue tracker](#issue-tracker) - - [Issue triaging](#issue-triaging) - - [Feature proposals](#feature-proposals) - - [Issue tracker guidelines](#issue-tracker-guidelines) - - [Issue weight](#issue-weight) - - [Regression issues](#regression-issues) - - [Technical and UX debt](#technical-and-ux-debt) - - [Stewardship](#stewardship) -- [Merge requests](#merge-requests) - - [Merge request guidelines](#merge-request-guidelines) - - [Contribution acceptance criteria](#contribution-acceptance-criteria) -- [Definition of done](#definition-of-done) -- [Style guides](#style-guides) - - - ---- - ## Contributing Documentation has been moved As of July 2018, all the documentation for contributing to the GitLab project has been moved to a new location. @@ -92,7 +50,7 @@ This [documentation](doc/development/contributing/index.md) has been moved. ## Workflow labels -This [documentation](doc/development/contributing/issue_workflow.md) has been moved. +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. ### Type labels @@ -170,7 +128,6 @@ This [documentation](doc/development/contributing/merge_request_workflow.md) has This [documentation](doc/development/contributing/merge_request_workflow.md) has been moved. - ### Contribution acceptance criteria This [documentation](doc/development/contributing/merge_request_workflow.md) has been moved. @@ -181,4 +138,4 @@ This [documentation](doc/development/contributing/merge_request_workflow.md) has ## Style guides -This [documentation](doc/development/contributing/design.md) has been moved. +This [documentation](doc/development/contributing/style_guides.md) has been moved. diff --git a/Dangerfile b/Dangerfile index 469e77b251..6a2c5cf277 100644 --- a/Dangerfile +++ b/Dangerfile @@ -8,5 +8,6 @@ danger.import_dangerfile(path: 'danger/database') danger.import_dangerfile(path: 'danger/documentation') danger.import_dangerfile(path: 'danger/frozen_string') danger.import_dangerfile(path: 'danger/commit_messages') +danger.import_dangerfile(path: 'danger/duplicate_yarn_dependencies') danger.import_dangerfile(path: 'danger/prettier') danger.import_dangerfile(path: 'danger/eslint') diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index b96194be1c..6b89d58f86 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -0.129.1 +1.12.2 diff --git a/GITLAB_SHELL_VERSION b/GITLAB_SHELL_VERSION index 6da4de57dc..917d38ec9f 100644 --- a/GITLAB_SHELL_VERSION +++ b/GITLAB_SHELL_VERSION @@ -1 +1 @@ -8.4.1 +8.4.4 diff --git a/GITLAB_WORKHORSE_VERSION b/GITLAB_WORKHORSE_VERSION index b7f8ee41e6..8b22a322d0 100644 --- a/GITLAB_WORKHORSE_VERSION +++ b/GITLAB_WORKHORSE_VERSION @@ -1 +1 @@ -7.1.4 +8.0.2 diff --git a/Gemfile b/Gemfile index 0b225583c4..f59e61208a 100644 --- a/Gemfile +++ b/Gemfile @@ -1,27 +1,18 @@ -# --- Special code for migrating to Rails 5.0 --- -def rails5? - %w[1 true].include?(ENV["RAILS5"]) -end - -gem_versions = {} -gem_versions['activerecord_sane_schema_dumper'] = rails5? ? '1.0' : '0.2' -gem_versions['default_value_for'] = rails5? ? '~> 3.0.5' : '~> 3.0.0' -gem_versions['rails'] = rails5? ? '5.0.7' : '4.2.10' -gem_versions['rails-i18n'] = rails5? ? '~> 5.1' : '~> 4.0.9' -# --- The end of special code for migrating to Rails 5.0 --- - source 'https://rubygems.org' -gem 'rails', gem_versions['rails'] +gem 'rails', '5.0.7.1' gem 'rails-deprecated_sanitizer', '~> 1.0.3' +# Improves copy-on-write performance for MRI +gem 'nakayoshi_fork', '~> 0.0.4' + # Responders respond_to and respond_with gem 'responders', '~> 2.0' gem 'sprockets', '~> 3.7.0' # Default values for AR models -gem 'default_value_for', gem_versions['default_value_for'] +gem 'gitlab-default_value_for', '~> 3.1.1', require: 'default_value_for' # Supported DBs gem 'mysql2', '~> 0.4.10', group: :mysql @@ -43,7 +34,7 @@ gem 'omniauth-cas3', '~> 1.1.4' gem 'omniauth-facebook', '~> 4.0.0' gem 'omniauth-github', '~> 1.3' gem 'omniauth-gitlab', '~> 1.0.2' -gem 'omniauth-google-oauth2', '~> 0.5.3' +gem 'omniauth-google-oauth2', '~> 0.6.0' gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos gem 'omniauth-oauth2-generic', '~> 0.2.2' gem 'omniauth-saml', '~> 1.10' @@ -52,7 +43,7 @@ gem 'omniauth-twitter', '~> 1.4' gem 'omniauth_crowd', '~> 2.2.0' gem 'omniauth-authentiq', '~> 0.3.3' gem 'rack-oauth2', '~> 1.2.1' -gem 'jwt', '~> 1.5.6' +gem 'jwt', '~> 2.1.0' # Spam and anti-bot protection gem 'recaptcha', '~> 3.0', require: 'recaptcha/rails' @@ -72,7 +63,7 @@ gem 'rubyzip', '~> 1.2.2', require: 'zip' gem 'browser', '~> 2.5' # GPG -gem 'gpgme' +gem 'gpgme', '~> 2.0.18' # LDAP Auth # GitLab fork with several improvements to original library. For full list of changes @@ -81,7 +72,7 @@ gem 'gitlab_omniauth-ldap', '~> 2.0.4', require: 'omniauth-ldap' gem 'net-ldap' # API -gem 'grape', '~> 1.1' +gem 'grape', '~> 1.1.0' gem 'grape-entity', '~> 0.7.1' gem 'rack-cors', '~> 1.0.0', require: 'rack/cors' @@ -99,9 +90,7 @@ gem 'kaminari', '~> 1.0' gem 'hamlit', '~> 2.8.8' # Files attachments -# Locked until https://github.com/carrierwaveuploader/carrierwave/pull/2332/files is merged. -# config/initializers/carrierwave_patch.rb can be removed once that change is released. -gem 'carrierwave', '= 1.2.3' +gem 'carrierwave', '~> 1.3' gem 'mini_magick' # for backups @@ -125,7 +114,7 @@ gem 'seed-fu', '~> 2.3.7' # Markdown and HTML processing gem 'html-pipeline', '~> 2.8' gem 'deckar01-task_list', '2.0.0' -gem 'gitlab-markup', '~> 1.6.4' +gem 'gitlab-markup', '~> 1.6.5' gem 'github-markup', '~> 1.7.0', require: 'github/markup' gem 'redcarpet', '~> 3.4' gem 'commonmarker', '~> 0.17' @@ -134,12 +123,12 @@ gem 'rdoc', '~> 6.0' gem 'org-ruby', '~> 0.9.12' gem 'creole', '~> 0.5.0' gem 'wikicloth', '0.8.1' -gem 'asciidoctor', '~> 1.5.6' +gem 'asciidoctor', '~> 1.5.8' gem 'asciidoctor-plantuml', '0.0.8' gem 'rouge', '~> 3.1' gem 'truncato', '~> 0.7.9' gem 'bootstrap_form', '~> 2.7.0' -gem 'nokogiri', '~> 1.8.2' +gem 'nokogiri', '~> 1.8.5' gem 'escape_utils', '~> 1.1' # Calendar rendering @@ -149,6 +138,11 @@ gem 'icalendar' gem 'diffy', '~> 3.1.0' # Application server +# The 2.0.6 version of rack requires monkeypatch to be present in +# `config.ru`. This can be removed once a new update for Rack +# is available that contains https://github.com/rack/rack/pull/1201. +gem 'rack', '2.0.6' + group :unicorn do gem 'unicorn', '~> 5.1.0' gem 'unicorn-worker-killer', '~> 0.4.4' @@ -169,6 +163,7 @@ gem 'acts-as-taggable-on', '~> 5.0' gem 'sidekiq', '~> 5.2.1' gem 'sidekiq-cron', '~> 0.6.0' gem 'redis-namespace', '~> 1.6.0' +gem 'gitlab-sidekiq-fetcher', '~> 0.4.0', require: 'sidekiq-reliable-fetch' # Cron Parser gem 'rufus-scheduler', '~> 3.4' @@ -205,6 +200,9 @@ gem 'redis-rails', '~> 5.0.2' gem 'redis', '~> 3.2' gem 'connection_pool', '~> 2.0' +# Discord integration +gem 'discordrb-webhooks-blackst0ne', '~> 3.3', require: false + # HipChat integration gem 'hipchat', '~> 1.5.0' @@ -221,13 +219,13 @@ gem 'slack-notifier', '~> 1.5.1' gem 'hangouts-chat', '~> 0.0.5' # Asana integration -gem 'asana', '~> 0.6.0' +gem 'asana', '~> 0.8.1' # FogBugz integration gem 'ruby-fogbugz', '~> 0.2.1' # Kubernetes integration -gem 'kubeclient', '~> 3.1.0' +gem 'kubeclient', '~> 4.0.0' # Sanitize user input gem 'sanitize', '~> 4.6' @@ -248,6 +246,9 @@ gem 'ace-rails-ap', '~> 4.1.0' # Detect and convert string character encoding gem 'charlock_holmes', '~> 0.7.5' +# Detect mime content type from content +gem 'mimemagic', '~> 0.3.2' + # Faster blank gem 'fast_blank' @@ -259,6 +260,7 @@ gem 'webpack-rails', '~> 0.9.10' gem 'rack-proxy', '~> 0.6.0' gem 'sass-rails', '~> 5.0.6' +gem 'sass', '~> 3.5' gem 'uglifier', '~> 2.7.2' gem 'addressable', '~> 2.5.2' @@ -278,21 +280,20 @@ gem 'premailer-rails', '~> 1.9.7' # I18n gem 'ruby_parser', '~> 3.8', require: false -gem 'rails-i18n', gem_versions['rails-i18n'] +gem 'rails-i18n', '~> 5.1' gem 'gettext_i18n_rails', '~> 1.8.0' gem 'gettext_i18n_rails_js', '~> 1.3' gem 'gettext', '~> 3.2.2', require: false, group: :development -gem 'batch-loader', '~> 1.2.1' +gem 'batch-loader', '~> 1.2.2' # Perf bar gem 'peek', '~> 1.0.1' gem 'peek-gc', '~> 0.0.2' -gem 'peek-mysql2', '~> 1.1.0', group: :mysql +gem 'peek-mysql2', '~> 1.2.0', group: :mysql gem 'peek-pg', '~> 1.3.0', group: :postgres gem 'peek-rblineprof', '~> 0.2.0' gem 'peek-redis', '~> 1.2.0' -gem 'gitlab-sidekiq-fetcher', require: 'sidekiq-reliable-fetch' # Metrics group :metrics do @@ -312,8 +313,8 @@ group :development do gem 'rblineprof', '~> 0.3.6', platform: :mri, require: false # Better errors handler - gem 'better_errors', '~> 2.1.0' - gem 'binding_of_caller', '~> 0.7.2' + gem 'better_errors', '~> 2.5.0' + gem 'binding_of_caller', '~> 0.8.0' # thin instead webrick gem 'thin', '~> 1.7.0' @@ -322,13 +323,13 @@ end group :development, :test do gem 'bootsnap', '~> 1.3' gem 'bullet', '~> 5.5.0', require: !!ENV['ENABLE_BULLET'] - gem 'pry-byebug', '~> 3.4.1', platform: :mri + gem 'pry-byebug', '~> 3.5.1', platform: :mri gem 'pry-rails', '~> 0.3.4' gem 'awesome_print', require: false gem 'fuubar', '~> 2.2.0' - gem 'database_cleaner', '~> 1.5.0' + gem 'database_cleaner', '~> 1.7.0' gem 'factory_bot_rails', '~> 4.8.2' gem 'rspec-rails', '~> 3.7.0' gem 'rspec-retry', '~> 0.4.5' @@ -337,13 +338,13 @@ group :development, :test do gem 'rspec-parameterized', require: false # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826) - gem 'minitest', '~> 5.7.0' + gem 'minitest', '~> 5.11.0' # Generate Fake data - gem 'ffaker', '~> 2.4' + gem 'ffaker', '~> 2.10' - gem 'capybara', '~> 2.15' - gem 'capybara-screenshot', '~> 1.0.0' + gem 'capybara', '~> 2.16.1' + gem 'capybara-screenshot', '~> 1.0.18' gem 'selenium-webdriver', '~> 3.12' gem 'spring', '~> 2.0.0' @@ -355,16 +356,16 @@ group :development, :test do gem 'rubocop-rspec', '~> 1.22.1' gem 'scss_lint', '~> 0.56.0', require: false - gem 'haml_lint', '~> 0.26.0', require: false + gem 'haml_lint', '~> 0.28.0', require: false gem 'simplecov', '~> 0.14.0', require: false gem 'bundler-audit', '~> 0.5.0', require: false gem 'benchmark-ips', '~> 2.3.0', require: false gem 'license_finder', '~> 5.4', require: false - gem 'knapsack', '~> 1.16' + gem 'knapsack', '~> 1.17' - gem 'activerecord_sane_schema_dumper', gem_versions['activerecord_sane_schema_dumper'] + gem 'activerecord_sane_schema_dumper', '1.0' gem 'stackprof', '~> 0.2.10', require: false @@ -378,10 +379,9 @@ group :test do gem 'email_spec', '~> 2.2.0' gem 'json-schema', '~> 2.8.0' gem 'webmock', '~> 2.3.2' - gem 'rails-controller-testing' if rails5? # Rails5 only gem. - gem 'test_after_commit', '~> 1.1' unless rails5? # Remove this gem when migrated to rails 5.0. It's been integrated to rails 5.0. + gem 'rails-controller-testing' gem 'sham_rack', '~> 1.3.6' - gem 'concurrent-ruby', '~> 1.0.5' + gem 'concurrent-ruby', '~> 1.1' gem 'test-prof', '~> 0.2.5' gem 'rspec_junit_formatter' end @@ -417,7 +417,7 @@ group :ed25519 do end # Gitaly GRPC client -gem 'gitaly-proto', '~> 0.123.0', require: 'gitaly' +gem 'gitaly-proto', '~> 1.5.0', require: 'gitaly' gem 'grpc', '~> 1.15.0' gem 'google-protobuf', '~> 3.6' diff --git a/Gemfile.lock b/Gemfile.lock index ab75acb329..77b4360cf4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -4,41 +4,44 @@ GEM RedCloth (4.3.2) abstract_type (0.0.7) ace-rails-ap (4.1.2) - actionmailer (4.2.10) - actionpack (= 4.2.10) - actionview (= 4.2.10) - activejob (= 4.2.10) + actioncable (5.0.7.1) + actionpack (= 5.0.7.1) + nio4r (>= 1.2, < 3.0) + websocket-driver (~> 0.6.1) + actionmailer (5.0.7.1) + actionpack (= 5.0.7.1) + actionview (= 5.0.7.1) + activejob (= 5.0.7.1) mail (~> 2.5, >= 2.5.4) - rails-dom-testing (~> 1.0, >= 1.0.5) - actionpack (4.2.10) - actionview (= 4.2.10) - activesupport (= 4.2.10) - rack (~> 1.6) - rack-test (~> 0.6.2) - rails-dom-testing (~> 1.0, >= 1.0.5) + rails-dom-testing (~> 2.0) + actionpack (5.0.7.1) + actionview (= 5.0.7.1) + activesupport (= 5.0.7.1) + rack (~> 2.0) + rack-test (~> 0.6.3) + rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (4.2.10) - activesupport (= 4.2.10) + actionview (5.0.7.1) + activesupport (= 5.0.7.1) builder (~> 3.1) erubis (~> 2.7.0) - rails-dom-testing (~> 1.0, >= 1.0.5) + rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (4.2.10) - activesupport (= 4.2.10) - globalid (>= 0.3.0) - activemodel (4.2.10) - activesupport (= 4.2.10) - builder (~> 3.1) - activerecord (4.2.10) - activemodel (= 4.2.10) - activesupport (= 4.2.10) - arel (~> 6.0) - activerecord_sane_schema_dumper (0.2) - rails (>= 4, < 5) - activesupport (4.2.10) - i18n (~> 0.7) + activejob (5.0.7.1) + activesupport (= 5.0.7.1) + globalid (>= 0.3.6) + activemodel (5.0.7.1) + activesupport (= 5.0.7.1) + activerecord (5.0.7.1) + activemodel (= 5.0.7.1) + activesupport (= 5.0.7.1) + arel (~> 7.0) + activerecord_sane_schema_dumper (1.0) + rails (>= 5, < 6) + activesupport (5.0.7.1) + concurrent-ruby (~> 1.0, >= 1.0.2) + i18n (>= 0.7, < 2) minitest (~> 5.1) - thread_safe (~> 0.3, >= 0.3.4) tzinfo (~> 1.1) acts-as-taggable-on (5.0.0) activerecord (>= 4.2.8) @@ -49,13 +52,13 @@ GEM public_suffix (>= 2.0.2, < 4.0) aes_key_wrap (1.0.1) akismet (2.0.0) - arel (6.0.4) - asana (0.6.0) + arel (7.1.4) + asana (0.8.1) faraday (~> 0.9) faraday_middleware (~> 0.9) faraday_middleware-multi_json (~> 0.0) oauth2 (~> 1.0) - asciidoctor (1.5.6.2) + asciidoctor (1.5.8) asciidoctor-plantuml (0.0.8) asciidoctor (~> 1.5) ast (2.4.0) @@ -70,16 +73,17 @@ GEM thread_safe (~> 0.3, >= 0.3.1) babosa (1.0.2) base32 (0.3.2) - batch-loader (1.2.1) + batch-loader (1.2.2) bcrypt (3.1.12) bcrypt_pbkdf (1.0.0) benchmark-ips (2.3.0) - better_errors (2.1.1) + better_errors (2.5.0) coderay (>= 1.0.0) - erubis (>= 2.6.6) + erubi (>= 1.0.0) rack (>= 0.9.0) bindata (2.4.3) - binding_of_caller (0.7.2) + binding_ninja (0.2.2) + binding_of_caller (0.8.0) debug_inspector (>= 0.0.1) bootsnap (1.3.2) msgpack (~> 1.0) @@ -93,18 +97,18 @@ GEM bundler-audit (0.5.0) bundler (~> 1.2) thor (~> 0.18) - byebug (9.0.6) - capybara (2.15.1) + byebug (9.1.0) + capybara (2.16.1) addressable mini_mime (>= 0.1.3) nokogiri (>= 1.3.3) rack (>= 1.0.0) rack-test (>= 0.5.4) xpath (~> 2.0) - capybara-screenshot (1.0.14) - capybara (>= 1.0, < 3) + capybara-screenshot (1.0.22) + capybara (>= 1.0, < 4) launchy - carrierwave (1.2.3) + carrierwave (1.3.1) activemodel (>= 4.0.0) activesupport (>= 4.0.0) mime-types (>= 1.16) @@ -125,9 +129,9 @@ GEM concord (0.1.5) adamantium (~> 0.2.0) equalizer (~> 0.0.9) - concurrent-ruby (1.0.5) - concurrent-ruby-ext (1.0.5) - concurrent-ruby (= 1.0.5) + concurrent-ruby (1.1.3) + concurrent-ruby-ext (1.1.3) + concurrent-ruby (= 1.1.3) connection_pool (2.2.2) crack (0.4.3) safe_yaml (~> 1.0.0) @@ -136,15 +140,13 @@ GEM css_parser (1.5.0) addressable daemons (1.2.6) - database_cleaner (1.5.3) - debug_inspector (0.0.2) + database_cleaner (1.7.0) + debug_inspector (0.0.3) debugger-ruby_core_source (1.3.8) deckar01-task_list (2.0.0) html-pipeline declarative (0.0.10) declarative-option (0.1.0) - default_value_for (3.0.2) - activerecord (>= 3.2.0, < 5.1) descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) device_detector (1.0.0) @@ -162,6 +164,8 @@ GEM rotp (~> 2.0) diff-lcs (1.3) diffy (3.1.0) + discordrb-webhooks-blackst0ne (3.3.0) + rest-client (~> 2.0) docile (1.1.5) domain_name (0.5.20180417) unf (>= 0.0.5, < 1.0.0) @@ -178,8 +182,9 @@ GEM mail (~> 2.7) encryptor (3.0.0) equalizer (0.0.11) + erubi (1.7.1) erubis (2.7.0) - escape_utils (1.1.1) + escape_utils (1.2.1) et-orbi (1.0.3) tzinfo eventmachine (1.2.7) @@ -200,7 +205,7 @@ GEM multi_json fast_blank (1.0.0) fast_gettext (1.6.0) - ffaker (2.4.0) + ffaker (2.10.0) ffi (1.9.25) flipper (0.13.0) flipper-active_record (0.13.0) @@ -269,11 +274,13 @@ GEM gettext_i18n_rails (>= 0.7.1) po_to_json (>= 1.0.0) rails (>= 3.2.0) - gitaly-proto (0.123.0) + gitaly-proto (1.5.0) grpc (~> 1.0) github-markup (1.7.0) - gitlab-markup (1.6.4) - gitlab-sidekiq-fetcher (0.3.0) + gitlab-default_value_for (3.1.1) + activerecord (>= 3.2.0, < 6.0) + gitlab-markup (1.6.5) + gitlab-sidekiq-fetcher (0.4.0) sidekiq (~> 5) gitlab-styles (2.4.1) rubocop (~> 0.54.0) @@ -307,8 +314,8 @@ GEM multi_json (~> 1.11) os (>= 0.9, < 2.0) signet (~> 0.7) - gpgme (2.0.13) - mini_portile2 (~> 2.1) + gpgme (2.0.18) + mini_portile2 (~> 2.3) grape (1.1.0) activesupport builder @@ -335,11 +342,11 @@ GEM haml (5.0.4) temple (>= 0.8.0) tilt - haml_lint (0.26.0) + haml_lint (0.28.0) haml (>= 4.0, < 5.1) rainbow rake (>= 10, < 13) - rubocop (>= 0.49.0) + rubocop (>= 0.50.0) sysexits (~> 1.1) hamlit (2.8.8) temple (>= 0.8.0) @@ -361,20 +368,20 @@ GEM html2text (0.2.0) nokogiri (~> 1.6) htmlentities (4.3.4) - http (2.2.2) + http (3.3.0) addressable (~> 2.3) http-cookie (~> 1.0) - http-form_data (~> 1.0.1) + http-form_data (~> 2.0) http_parser.rb (~> 0.6.0) http-cookie (1.0.3) domain_name (~> 0.5) - http-form_data (1.0.3) + http-form_data (2.1.1) http_parser.rb (0.6.0) httparty (0.13.7) json (~> 1.8) multi_xml (>= 0.5.2) httpclient (2.8.3) - i18n (0.9.5) + i18n (1.2.0) concurrent-ruby (~> 1.0) icalendar (2.4.1) ice_nine (0.11.2) @@ -396,7 +403,7 @@ GEM bindata json-schema (2.8.0) addressable (>= 2.4) - jwt (1.5.6) + jwt (2.1.0) kaminari (1.0.1) activesupport (>= 4.1.0) kaminari-actionview (= 1.0.1) @@ -410,10 +417,10 @@ GEM kaminari-core (= 1.0.1) kaminari-core (1.0.1) kgio (2.10.0) - knapsack (1.16.0) + knapsack (1.17.0) rake - kubeclient (3.1.0) - http (~> 2.2.2) + kubeclient (4.0.0) + http (~> 3.0) recursive-open-struct (~> 1.0, >= 1.0.4) rest-client (~> 2.0) launchy (2.4.3) @@ -439,24 +446,24 @@ GEM activesupport (>= 4) railties (>= 4) request_store (~> 1.0) - loofah (2.2.2) + loofah (2.2.3) crass (~> 1.0.2) nokogiri (>= 1.5.9) - mail (2.7.0) + mail (2.7.1) mini_mime (>= 0.1.1) mail_room (0.9.1) memoist (0.16.0) memoizable (0.4.2) thread_safe (~> 0.3, >= 0.3.1) - method_source (0.9.0) - mime-types (3.1) + method_source (0.9.2) + mime-types (3.2.2) mime-types-data (~> 3.2015) - mime-types-data (3.2016.0521) - mimemagic (0.3.0) + mime-types-data (3.2018.0812) + mimemagic (0.3.2) mini_magick (4.8.0) mini_mime (1.0.1) mini_portile2 (2.3.0) - minitest (5.7.0) + minitest (5.11.3) msgpack (1.2.4) multi_json (1.13.1) multi_xml (0.6.0) @@ -465,33 +472,35 @@ GEM mustermann-grape (1.0.0) mustermann (~> 1.0.0) mysql2 (0.4.10) + nakayoshi_fork (0.0.4) net-ldap (0.16.0) net-ssh (5.0.1) netrc (0.11.0) - nokogiri (1.8.4) + nio4r (2.3.1) + nokogiri (1.8.5) mini_portile2 (~> 2.3.0) nokogumbo (1.5.0) nokogiri numerizer (0.1.1) oauth (0.5.4) - oauth2 (1.4.0) - faraday (>= 0.8, < 0.13) - jwt (~> 1.0) + oauth2 (1.4.1) + faraday (>= 0.8, < 0.16.0) + jwt (>= 1.0, < 3.0) multi_json (~> 1.3) multi_xml (~> 0.5) rack (>= 1.2, < 3) octokit (4.9.0) sawyer (~> 0.8.0, >= 0.5.3) - omniauth (1.8.1) - hashie (>= 3.4.6, < 3.6.0) + omniauth (1.9.0) + hashie (>= 3.4.6, < 3.7.0) rack (>= 1.6.2, < 3) omniauth-auth0 (2.0.0) omniauth-oauth2 (~> 1.4) omniauth-authentiq (0.3.3) jwt (>= 1.5) omniauth-oauth2 (>= 1.5) - omniauth-azure-oauth2 (0.0.9) - jwt (~> 1.0) + omniauth-azure-oauth2 (0.0.10) + jwt (>= 1.0, < 3.0) omniauth (~> 1.0) omniauth-oauth2 (~> 1.4) omniauth-cas3 (1.1.4) @@ -506,8 +515,8 @@ GEM omniauth-gitlab (1.0.3) omniauth (~> 1.0) omniauth-oauth2 (~> 1.0) - omniauth-google-oauth2 (0.5.3) - jwt (>= 1.5) + omniauth-google-oauth2 (0.6.0) + jwt (>= 2.0) omniauth (>= 1.1.1) omniauth-oauth2 (>= 1.5) omniauth-kerberos (0.3.0) @@ -518,9 +527,9 @@ GEM omniauth-oauth (1.1.0) oauth omniauth (~> 1.0) - omniauth-oauth2 (1.5.0) + omniauth-oauth2 (1.6.0) oauth2 (~> 1.1) - omniauth (~> 1.2) + omniauth (~> 1.9) omniauth-oauth2-generic (0.2.2) omniauth-oauth2 (~> 1.0) omniauth-saml (1.10.0) @@ -549,8 +558,9 @@ GEM railties (>= 4.0.0) peek-gc (0.0.2) peek - peek-mysql2 (1.1.0) - atomic (>= 1.0.0) + peek-mysql2 (1.2.0) + concurrent-ruby + concurrent-ruby-ext mysql2 peek peek-pg (1.3.0) @@ -585,8 +595,8 @@ GEM pry (0.11.3) coderay (~> 1.1.0) method_source (~> 0.9.0) - pry-byebug (3.4.3) - byebug (>= 9.0, < 9.1) + pry-byebug (3.5.1) + byebug (~> 9.1) pry (~> 0.10) pry-rails (0.3.6) pry (>= 0.10.4) @@ -596,7 +606,7 @@ GEM get_process_mem (~> 0.2) puma (>= 2.7, < 4) pyu-ruby-sasl (0.0.3.3) - rack (1.6.10) + rack (2.0.6) rack-accept (0.4.5) rack (>= 0.4) rack-attack (4.4.1) @@ -608,42 +618,47 @@ GEM httpclient (>= 2.4) multi_json (>= 1.3.6) rack (>= 1.1) - rack-protection (2.0.3) + rack-protection (2.0.4) rack rack-proxy (0.6.0) rack rack-test (0.6.3) rack (>= 1.0) - rails (4.2.10) - actionmailer (= 4.2.10) - actionpack (= 4.2.10) - actionview (= 4.2.10) - activejob (= 4.2.10) - activemodel (= 4.2.10) - activerecord (= 4.2.10) - activesupport (= 4.2.10) - bundler (>= 1.3.0, < 2.0) - railties (= 4.2.10) - sprockets-rails + rails (5.0.7.1) + actioncable (= 5.0.7.1) + actionmailer (= 5.0.7.1) + actionpack (= 5.0.7.1) + actionview (= 5.0.7.1) + activejob (= 5.0.7.1) + activemodel (= 5.0.7.1) + activerecord (= 5.0.7.1) + activesupport (= 5.0.7.1) + bundler (>= 1.3.0) + railties (= 5.0.7.1) + sprockets-rails (>= 2.0.0) + rails-controller-testing (1.0.2) + actionpack (~> 5.x, >= 5.0.1) + actionview (~> 5.x, >= 5.0.1) + activesupport (~> 5.x) rails-deprecated_sanitizer (1.0.3) activesupport (>= 4.2.0.alpha) - rails-dom-testing (1.0.9) - activesupport (>= 4.2.0, < 5.0) - nokogiri (~> 1.6) - rails-deprecated_sanitizer (>= 1.0.1) + rails-dom-testing (2.0.3) + activesupport (>= 4.2.0) + nokogiri (>= 1.6) rails-html-sanitizer (1.0.4) loofah (~> 2.2, >= 2.2.2) - rails-i18n (4.0.9) - i18n (~> 0.7) - railties (~> 4.0) - railties (4.2.10) - actionpack (= 4.2.10) - activesupport (= 4.2.10) + rails-i18n (5.1.1) + i18n (>= 0.7, < 2) + railties (>= 5.0, < 6) + railties (5.0.7.1) + actionpack (= 5.0.7.1) + activesupport (= 5.0.7.1) + method_source rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) rainbow (3.0.0) raindrops (0.18.0) - rake (12.3.1) + rake (12.3.2) rb-fsevent (0.10.2) rb-inotify (0.9.10) ffi (>= 0.5.0, < 2) @@ -676,7 +691,7 @@ GEM redis-actionpack (>= 5.0, < 6) redis-activesupport (>= 5.0, < 6) redis-store (>= 1.2, < 2) - redis-store (1.4.1) + redis-store (1.6.0) redis (>= 2.2, < 5) regexp_parser (0.5.0) representable (3.0.4) @@ -711,8 +726,8 @@ GEM rspec-mocks (3.7.0) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.7.0) - rspec-parameterized (0.4.0) - binding_of_caller + rspec-parameterized (0.4.1) + binding_ninja (>= 0.2.1) parser proc_to_ast rspec (>= 2.13, < 4) @@ -729,8 +744,7 @@ GEM rspec-core rspec-set (0.1.3) rspec-support (3.7.1) - rspec_junit_formatter (0.2.3) - builder (< 4) + rspec_junit_formatter (0.4.1) rspec-core (>= 2, < 4, != 2.12.0) rspec_profiling (0.0.5) activerecord @@ -756,8 +770,8 @@ GEM ruby-progressbar (1.9.0) ruby-saml (1.7.2) nokogiri (>= 1.5.10) - ruby_parser (3.9.0) - sexp_processor (~> 4.1) + ruby_parser (3.11.0) + sexp_processor (~> 4.9) rubyntlm (0.6.2) rubypants (0.2.0) rubyzip (1.2.2) @@ -794,15 +808,15 @@ GEM selenium-webdriver (3.12.0) childprocess (~> 0.5) rubyzip (~> 1.2) - sentry-raven (2.7.2) + sentry-raven (2.7.4) faraday (>= 0.7.6, < 1.0) settingslogic (2.0.9) - sexp_processor (4.9.0) + sexp_processor (4.11.0) sham_rack (1.3.6) rack shoulda-matchers (3.1.2) activesupport (>= 4.0.0) - sidekiq (5.2.1) + sidekiq (5.2.3) connection_pool (~> 2.2, >= 2.2.2) rack-protection (>= 1.5.0) redis (>= 3.3.5, < 5) @@ -847,8 +861,6 @@ GEM sysexits (1.2.0) temple (0.8.0) test-prof (0.2.5) - test_after_commit (1.1.0) - activerecord (>= 3.2) text (1.3.1) thin (1.7.2) daemons (~> 1.0, >= 1.0.9) @@ -885,7 +897,7 @@ GEM get_process_mem (~> 0) unicorn (>= 4, < 6) uniform_notifier (1.10.0) - unparser (0.2.7) + unparser (0.4.2) abstract_type (~> 0.0.7) adamantium (~> 0.2.0) concord (~> 0.1.5) @@ -911,6 +923,9 @@ GEM hashdiff webpack-rails (0.9.11) railties (>= 3.2.0) + websocket-driver (0.6.5) + websocket-extensions (>= 0.1.0) + websocket-extensions (0.1.3) wikicloth (0.8.1) builder expression_parser @@ -926,45 +941,45 @@ PLATFORMS DEPENDENCIES RedCloth (~> 4.3.2) ace-rails-ap (~> 4.1.0) - activerecord_sane_schema_dumper (= 0.2) + activerecord_sane_schema_dumper (= 1.0) acts-as-taggable-on (~> 5.0) addressable (~> 2.5.2) akismet (~> 2.0) - asana (~> 0.6.0) - asciidoctor (~> 1.5.6) + asana (~> 0.8.1) + asciidoctor (~> 1.5.8) asciidoctor-plantuml (= 0.0.8) attr_encrypted (~> 3.1.0) awesome_print babosa (~> 1.0.2) base32 (~> 0.3.0) - batch-loader (~> 1.2.1) + batch-loader (~> 1.2.2) bcrypt_pbkdf (~> 1.0) benchmark-ips (~> 2.3.0) - better_errors (~> 2.1.0) - binding_of_caller (~> 0.7.2) + better_errors (~> 2.5.0) + binding_of_caller (~> 0.8.0) bootsnap (~> 1.3) bootstrap_form (~> 2.7.0) brakeman (~> 4.2) browser (~> 2.5) bullet (~> 5.5.0) bundler-audit (~> 0.5.0) - capybara (~> 2.15) - capybara-screenshot (~> 1.0.0) - carrierwave (= 1.2.3) + capybara (~> 2.16.1) + capybara-screenshot (~> 1.0.18) + carrierwave (~> 1.3) charlock_holmes (~> 0.7.5) chronic (~> 0.10.2) chronic_duration (~> 0.10.6) commonmarker (~> 0.17) - concurrent-ruby (~> 1.0.5) + concurrent-ruby (~> 1.1) connection_pool (~> 2.0) creole (~> 0.5.0) - database_cleaner (~> 1.5.0) + database_cleaner (~> 1.7.0) deckar01-task_list (= 2.0.0) - default_value_for (~> 3.0.0) device_detector devise (~> 4.4) devise-two-factor (~> 3.0.0) diffy (~> 3.1.0) + discordrb-webhooks-blackst0ne (~> 3.3) doorkeeper (~> 4.3) doorkeeper-openid_connect (~> 1.5) ed25519 (~> 1.2) @@ -974,7 +989,7 @@ DEPENDENCIES factory_bot_rails (~> 4.8.2) faraday (~> 0.12) fast_blank - ffaker (~> 2.4) + ffaker (~> 2.10) flipper (~> 0.13.0) flipper-active_record (~> 0.13.0) flipper-active_support_cache_store (~> 0.13.0) @@ -993,24 +1008,25 @@ DEPENDENCIES gettext (~> 3.2.2) gettext_i18n_rails (~> 1.8.0) gettext_i18n_rails_js (~> 1.3) - gitaly-proto (~> 0.123.0) + gitaly-proto (~> 1.5.0) github-markup (~> 1.7.0) - gitlab-markup (~> 1.6.4) - gitlab-sidekiq-fetcher + gitlab-default_value_for (~> 3.1.1) + gitlab-markup (~> 1.6.5) + gitlab-sidekiq-fetcher (~> 0.4.0) gitlab-styles (~> 2.4) gitlab_omniauth-ldap (~> 2.0.4) gon (~> 6.2) google-api-client (~> 0.23) google-protobuf (~> 3.6) - gpgme - grape (~> 1.1) + gpgme (~> 2.0.18) + grape (~> 1.1.0) grape-entity (~> 0.7.1) grape-path-helpers (~> 1.0) grape_logging (~> 1.7) graphiql-rails (~> 1.4.10) graphql (~> 1.8.0) grpc (~> 1.15.0) - haml_lint (~> 0.26.0) + haml_lint (~> 0.28.0) hamlit (~> 2.8.8) hangouts-chat (~> 0.0.5) hashie-forbidden_attributes @@ -1025,10 +1041,10 @@ DEPENDENCIES jquery-atwho-rails (~> 1.3.2) js_regex (~> 2.2.1) json-schema (~> 2.8.0) - jwt (~> 1.5.6) + jwt (~> 2.1.0) kaminari (~> 1.0) - knapsack (~> 1.16) - kubeclient (~> 3.1.0) + knapsack (~> 1.17) + kubeclient (~> 4.0.0) letter_opener_web (~> 1.3.0) license_finder (~> 5.4) licensee (~> 8.9) @@ -1036,12 +1052,14 @@ DEPENDENCIES loofah (~> 2.2) mail_room (~> 0.9.1) method_source (~> 0.8) + mimemagic (~> 0.3.2) mini_magick - minitest (~> 5.7.0) + minitest (~> 5.11.0) mysql2 (~> 0.4.10) + nakayoshi_fork (~> 0.0.4) net-ldap net-ssh (~> 5.0) - nokogiri (~> 1.8.2) + nokogiri (~> 1.8.5) oauth2 (~> 1.4) octokit (~> 4.9) omniauth (~> 1.8) @@ -1052,7 +1070,7 @@ DEPENDENCIES omniauth-facebook (~> 4.0.0) omniauth-github (~> 1.3) omniauth-gitlab (~> 1.0.2) - omniauth-google-oauth2 (~> 0.5.3) + omniauth-google-oauth2 (~> 0.6.0) omniauth-kerberos (~> 0.3.0) omniauth-oauth2-generic (~> 0.2.2) omniauth-saml (~> 1.10) @@ -1062,24 +1080,26 @@ DEPENDENCIES org-ruby (~> 0.9.12) peek (~> 1.0.1) peek-gc (~> 0.0.2) - peek-mysql2 (~> 1.1.0) + peek-mysql2 (~> 1.2.0) peek-pg (~> 1.3.0) peek-rblineprof (~> 0.2.0) peek-redis (~> 1.2.0) pg (~> 0.18.2) premailer-rails (~> 1.9.7) prometheus-client-mmap (~> 0.9.4) - pry-byebug (~> 3.4.1) + pry-byebug (~> 3.5.1) pry-rails (~> 0.3.4) puma (~> 3.12) puma_worker_killer + rack (= 2.0.6) rack-attack (~> 4.4.1) rack-cors (~> 1.0.0) rack-oauth2 (~> 1.2.1) rack-proxy (~> 0.6.0) - rails (= 4.2.10) + rails (= 5.0.7.1) + rails-controller-testing rails-deprecated_sanitizer (~> 1.0.3) - rails-i18n (~> 4.0.9) + rails-i18n (~> 5.1) rainbow (~> 3.0) raindrops (~> 0.18) rblineprof (~> 0.3.6) @@ -1111,6 +1131,7 @@ DEPENDENCIES rufus-scheduler (~> 3.4) rugged (~> 0.27) sanitize (~> 4.6) + sass (~> 3.5) sass-rails (~> 5.0.6) scss_lint (~> 0.56.0) seed-fu (~> 2.3.7) @@ -1133,7 +1154,6 @@ DEPENDENCIES state_machines-activerecord (~> 0.5.1) sys-filesystem (~> 1.1.6) test-prof (~> 0.2.5) - test_after_commit (~> 1.1) thin (~> 1.7.0) timecop (~> 0.8.0) toml-rb (~> 1.0.0) @@ -1152,4 +1172,4 @@ DEPENDENCIES wikicloth (= 0.8.1) BUNDLED WITH - 1.17.1 + 1.17.3 diff --git a/Gemfile.rails5 b/Gemfile.rails5 deleted file mode 100644 index 2b526b19ba..0000000000 --- a/Gemfile.rails5 +++ /dev/null @@ -1,7 +0,0 @@ -# BUNDLE_GEMFILE=Gemfile.rails5 bundle install - -ENV["RAILS5"] = "true" - -gemfile = File.expand_path("../Gemfile", __FILE__) - -eval(File.read(gemfile), nil, gemfile) diff --git a/Gemfile.rails5.lock b/Gemfile.rails5.lock deleted file mode 100644 index 81662752c4..0000000000 --- a/Gemfile.rails5.lock +++ /dev/null @@ -1,1164 +0,0 @@ -GEM - remote: https://rubygems.org/ - specs: - RedCloth (4.3.2) - abstract_type (0.0.7) - ace-rails-ap (4.1.2) - actioncable (5.0.7) - actionpack (= 5.0.7) - nio4r (>= 1.2, < 3.0) - websocket-driver (~> 0.6.1) - actionmailer (5.0.7) - actionpack (= 5.0.7) - actionview (= 5.0.7) - activejob (= 5.0.7) - mail (~> 2.5, >= 2.5.4) - rails-dom-testing (~> 2.0) - actionpack (5.0.7) - actionview (= 5.0.7) - activesupport (= 5.0.7) - rack (~> 2.0) - rack-test (~> 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.0.7) - activesupport (= 5.0.7) - builder (~> 3.1) - erubis (~> 2.7.0) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (5.0.7) - activesupport (= 5.0.7) - globalid (>= 0.3.6) - activemodel (5.0.7) - activesupport (= 5.0.7) - activerecord (5.0.7) - activemodel (= 5.0.7) - activesupport (= 5.0.7) - arel (~> 7.0) - activerecord_sane_schema_dumper (1.0) - rails (>= 5, < 6) - activesupport (5.0.7) - concurrent-ruby (~> 1.0, >= 1.0.2) - i18n (>= 0.7, < 2) - minitest (~> 5.1) - tzinfo (~> 1.1) - acts-as-taggable-on (5.0.0) - activerecord (>= 4.2.8) - adamantium (0.2.0) - ice_nine (~> 0.11.0) - memoizable (~> 0.4.0) - addressable (2.5.2) - public_suffix (>= 2.0.2, < 4.0) - aes_key_wrap (1.0.1) - akismet (2.0.0) - arel (7.1.4) - asana (0.6.0) - faraday (~> 0.9) - faraday_middleware (~> 0.9) - faraday_middleware-multi_json (~> 0.0) - oauth2 (~> 1.0) - asciidoctor (1.5.6.2) - asciidoctor-plantuml (0.0.8) - asciidoctor (~> 1.5) - ast (2.4.0) - atomic (1.1.99) - attr_encrypted (3.1.0) - encryptor (~> 3.0.0) - attr_required (1.0.0) - awesome_print (1.8.0) - axiom-types (0.1.1) - descendants_tracker (~> 0.0.4) - ice_nine (~> 0.11.0) - thread_safe (~> 0.3, >= 0.3.1) - babosa (1.0.2) - base32 (0.3.2) - batch-loader (1.2.1) - bcrypt (3.1.12) - bcrypt_pbkdf (1.0.0) - benchmark-ips (2.3.0) - better_errors (2.1.1) - coderay (>= 1.0.0) - erubis (>= 2.6.6) - rack (>= 0.9.0) - bindata (2.4.3) - binding_of_caller (0.7.2) - debug_inspector (>= 0.0.1) - bootsnap (1.3.2) - msgpack (~> 1.0) - bootstrap_form (2.7.0) - brakeman (4.2.1) - browser (2.5.3) - builder (3.2.3) - bullet (5.5.1) - activesupport (>= 3.0.0) - uniform_notifier (~> 1.10.0) - bundler-audit (0.5.0) - bundler (~> 1.2) - thor (~> 0.18) - byebug (9.0.6) - capybara (2.15.1) - addressable - mini_mime (>= 0.1.3) - nokogiri (>= 1.3.3) - rack (>= 1.0.0) - rack-test (>= 0.5.4) - xpath (~> 2.0) - capybara-screenshot (1.0.14) - capybara (>= 1.0, < 3) - launchy - carrierwave (1.2.3) - activemodel (>= 4.0.0) - activesupport (>= 4.0.0) - mime-types (>= 1.16) - cause (0.1) - charlock_holmes (0.7.6) - childprocess (0.9.0) - ffi (~> 1.0, >= 1.0.11) - chronic (0.10.2) - chronic_duration (0.10.6) - numerizer (~> 0.1.1) - chunky_png (1.3.5) - citrus (3.0.2) - coderay (1.1.2) - coercible (1.0.0) - descendants_tracker (~> 0.0.1) - commonmarker (0.17.13) - ruby-enum (~> 0.5) - concord (0.1.5) - adamantium (~> 0.2.0) - equalizer (~> 0.0.9) - concurrent-ruby (1.0.5) - concurrent-ruby-ext (1.0.5) - concurrent-ruby (= 1.0.5) - connection_pool (2.2.2) - crack (0.4.3) - safe_yaml (~> 1.0.0) - crass (1.0.4) - creole (0.5.0) - css_parser (1.5.0) - addressable - daemons (1.2.6) - database_cleaner (1.5.3) - debug_inspector (0.0.2) - debugger-ruby_core_source (1.3.8) - deckar01-task_list (2.0.0) - html-pipeline - declarative (0.0.10) - declarative-option (0.1.0) - default_value_for (3.0.5) - activerecord (>= 3.2.0, < 5.2) - descendants_tracker (0.0.4) - thread_safe (~> 0.3, >= 0.3.1) - device_detector (1.0.0) - devise (4.4.3) - bcrypt (~> 3.0) - orm_adapter (~> 0.1) - railties (>= 4.1.0, < 6.0) - responders - warden (~> 1.2.3) - devise-two-factor (3.0.0) - activesupport - attr_encrypted (>= 1.3, < 4, != 2) - devise (~> 4.0) - railties - rotp (~> 2.0) - diff-lcs (1.3) - diffy (3.1.0) - docile (1.1.5) - domain_name (0.5.20180417) - unf (>= 0.0.5, < 1.0.0) - doorkeeper (4.3.2) - railties (>= 4.2) - doorkeeper-openid_connect (1.5.0) - doorkeeper (~> 4.3) - json-jwt (~> 1.6) - ed25519 (1.2.4) - email_reply_trimmer (0.1.6) - email_spec (2.2.0) - htmlentities (~> 4.3.3) - launchy (~> 2.1) - mail (~> 2.7) - encryptor (3.0.0) - equalizer (0.0.11) - erubis (2.7.0) - escape_utils (1.1.1) - et-orbi (1.0.3) - tzinfo - eventmachine (1.2.7) - excon (0.62.0) - execjs (2.6.0) - expression_parser (0.9.0) - factory_bot (4.8.2) - activesupport (>= 3.0.0) - factory_bot_rails (4.8.2) - factory_bot (~> 4.8.2) - railties (>= 3.0.0) - faraday (0.12.2) - multipart-post (>= 1.2, < 3) - faraday_middleware (0.12.2) - faraday (>= 0.7.4, < 1.0) - faraday_middleware-multi_json (0.0.6) - faraday_middleware - multi_json - fast_blank (1.0.0) - fast_gettext (1.6.0) - ffaker (2.4.0) - ffi (1.9.25) - flipper (0.13.0) - flipper-active_record (0.13.0) - activerecord (>= 3.2, < 6) - flipper (~> 0.13.0) - flipper-active_support_cache_store (0.13.0) - activesupport (>= 3.2, < 6) - flipper (~> 0.13.0) - flowdock (0.7.1) - httparty (~> 0.7) - multi_json - fog-aliyun (0.2.0) - fog-core (~> 1.27) - fog-json (~> 1.0) - ipaddress (~> 0.8) - xml-simple (~> 1.1) - fog-aws (2.0.1) - fog-core (~> 1.38) - fog-json (~> 1.0) - fog-xml (~> 0.1) - ipaddress (~> 0.8) - fog-core (1.45.0) - builder - excon (~> 0.58) - formatador (~> 0.2) - fog-google (1.7.1) - fog-core - fog-json - fog-xml - google-api-client (~> 0.23.0) - fog-json (1.0.2) - fog-core (~> 1.0) - multi_json (~> 1.10) - fog-local (0.3.1) - fog-core (~> 1.27) - fog-openstack (0.1.21) - fog-core (>= 1.40) - fog-json (>= 1.0) - ipaddress (>= 0.8) - fog-rackspace (0.1.1) - fog-core (>= 1.35) - fog-json (>= 1.0) - fog-xml (>= 0.1) - ipaddress (>= 0.8) - fog-xml (0.1.3) - fog-core - nokogiri (>= 1.5.11, < 2.0.0) - font-awesome-rails (4.7.0.1) - railties (>= 3.2, < 5.1) - foreman (0.84.0) - thor (~> 0.19.1) - formatador (0.2.5) - fuubar (2.2.0) - rspec-core (~> 3.0) - ruby-progressbar (~> 1.4) - gemojione (3.3.0) - json - get_process_mem (0.2.0) - gettext (3.2.9) - locale (>= 2.0.5) - text (>= 1.3.0) - gettext_i18n_rails (1.8.0) - fast_gettext (>= 0.9.0) - gettext_i18n_rails_js (1.3.0) - gettext (>= 3.0.2) - gettext_i18n_rails (>= 0.7.1) - po_to_json (>= 1.0.0) - rails (>= 3.2.0) - gitaly-proto (0.123.0) - grpc (~> 1.0) - github-markup (1.7.0) - gitlab-markup (1.6.4) - gitlab-sidekiq-fetcher (0.3.0) - sidekiq (~> 5) - gitlab-styles (2.4.1) - rubocop (~> 0.54.0) - rubocop-gitlab-security (~> 0.1.0) - rubocop-rspec (~> 1.19) - gitlab_omniauth-ldap (2.0.4) - net-ldap (~> 0.16) - omniauth (~> 1.3) - pyu-ruby-sasl (>= 0.0.3.3, < 0.1) - rubyntlm (~> 0.5) - globalid (0.4.1) - activesupport (>= 4.2.0) - gon (6.2.0) - actionpack (>= 3.0) - multi_json - request_store (>= 1.0) - google-api-client (0.23.4) - addressable (~> 2.5, >= 2.5.1) - googleauth (>= 0.5, < 0.7.0) - httpclient (>= 2.8.1, < 3.0) - mime-types (~> 3.0) - representable (~> 3.0) - retriable (>= 2.0, < 4.0) - google-protobuf (3.6.1) - googleapis-common-protos-types (1.0.2) - google-protobuf (~> 3.0) - googleauth (0.6.6) - faraday (~> 0.12) - jwt (>= 1.4, < 3.0) - memoist (~> 0.12) - multi_json (~> 1.11) - os (>= 0.9, < 2.0) - signet (~> 0.7) - gpgme (2.0.13) - mini_portile2 (~> 2.1) - grape (1.1.0) - activesupport - builder - mustermann-grape (~> 1.0.0) - rack (>= 1.3.0) - rack-accept - virtus (>= 1.0.0) - grape-entity (0.7.1) - activesupport (>= 4.0) - multi_json (>= 1.3.2) - grape-path-helpers (1.0.6) - activesupport (>= 4, < 5.1) - grape (~> 1.0) - rake (~> 12) - grape_logging (1.7.0) - grape - graphiql-rails (1.4.10) - railties - sprockets-rails - graphql (1.8.1) - grpc (1.15.0) - google-protobuf (~> 3.1) - googleapis-common-protos-types (~> 1.0.0) - haml (5.0.4) - temple (>= 0.8.0) - tilt - haml_lint (0.26.0) - haml (>= 4.0, < 5.1) - rainbow - rake (>= 10, < 13) - rubocop (>= 0.49.0) - sysexits (~> 1.1) - hamlit (2.8.8) - temple (>= 0.8.0) - thor - tilt - hangouts-chat (0.0.5) - hashdiff (0.3.4) - hashie (3.5.7) - hashie-forbidden_attributes (0.1.1) - hashie (>= 3.0) - health_check (2.6.0) - rails (>= 4.0) - hipchat (1.5.2) - httparty - mimemagic - html-pipeline (2.8.4) - activesupport (>= 2) - nokogiri (>= 1.4) - html2text (0.2.0) - nokogiri (~> 1.6) - htmlentities (4.3.4) - http (2.2.2) - addressable (~> 2.3) - http-cookie (~> 1.0) - http-form_data (~> 1.0.1) - http_parser.rb (~> 0.6.0) - http-cookie (1.0.3) - domain_name (~> 0.5) - http-form_data (1.0.3) - http_parser.rb (0.6.0) - httparty (0.13.7) - json (~> 1.8) - multi_xml (>= 0.5.2) - httpclient (2.8.3) - i18n (1.1.0) - concurrent-ruby (~> 1.0) - icalendar (2.4.1) - ice_nine (0.11.2) - influxdb (0.2.3) - cause - json - ipaddress (0.8.3) - jira-ruby (1.4.1) - activesupport - multipart-post - oauth (~> 0.5, >= 0.5.0) - jquery-atwho-rails (1.3.2) - js_regex (2.2.1) - regexp_parser (>= 0.4.11, <= 0.5.0) - json (1.8.6) - json-jwt (1.9.4) - activesupport - aes_key_wrap - bindata - json-schema (2.8.0) - addressable (>= 2.4) - jwt (1.5.6) - kaminari (1.0.1) - activesupport (>= 4.1.0) - kaminari-actionview (= 1.0.1) - kaminari-activerecord (= 1.0.1) - kaminari-core (= 1.0.1) - kaminari-actionview (1.0.1) - actionview - kaminari-core (= 1.0.1) - kaminari-activerecord (1.0.1) - activerecord - kaminari-core (= 1.0.1) - kaminari-core (1.0.1) - kgio (2.10.0) - knapsack (1.16.0) - rake - kubeclient (3.1.0) - http (~> 2.2.2) - recursive-open-struct (~> 1.0, >= 1.0.4) - rest-client (~> 2.0) - launchy (2.4.3) - addressable (~> 2.3) - letter_opener (1.4.1) - launchy (~> 2.2) - letter_opener_web (1.3.0) - actionmailer (>= 3.2) - letter_opener (~> 1.0) - railties (>= 3.2) - license_finder (5.4.0) - bundler - rubyzip - thor - toml (= 0.2.0) - with_env (= 1.1.0) - xml-simple - licensee (8.9.2) - rugged (~> 0.24) - locale (2.1.2) - lograge (0.10.0) - actionpack (>= 4) - activesupport (>= 4) - railties (>= 4) - request_store (~> 1.0) - loofah (2.2.2) - crass (~> 1.0.2) - nokogiri (>= 1.5.9) - mail (2.7.0) - mini_mime (>= 0.1.1) - mail_room (0.9.1) - memoist (0.16.0) - memoizable (0.4.2) - thread_safe (~> 0.3, >= 0.3.1) - method_source (0.9.0) - mime-types (3.1) - mime-types-data (~> 3.2015) - mime-types-data (3.2016.0521) - mimemagic (0.3.0) - mini_magick (4.8.0) - mini_mime (1.0.1) - mini_portile2 (2.3.0) - minitest (5.7.0) - msgpack (1.2.4) - multi_json (1.13.1) - multi_xml (0.6.0) - multipart-post (2.0.0) - mustermann (1.0.3) - mustermann-grape (1.0.0) - mustermann (~> 1.0.0) - mysql2 (0.4.10) - net-ldap (0.16.0) - net-ssh (5.0.1) - netrc (0.11.0) - nio4r (2.3.1) - nokogiri (1.8.4) - mini_portile2 (~> 2.3.0) - nokogumbo (1.5.0) - nokogiri - numerizer (0.1.1) - oauth (0.5.4) - oauth2 (1.4.0) - faraday (>= 0.8, < 0.13) - jwt (~> 1.0) - multi_json (~> 1.3) - multi_xml (~> 0.5) - rack (>= 1.2, < 3) - octokit (4.9.0) - sawyer (~> 0.8.0, >= 0.5.3) - omniauth (1.8.1) - hashie (>= 3.4.6, < 3.6.0) - rack (>= 1.6.2, < 3) - omniauth-auth0 (2.0.0) - omniauth-oauth2 (~> 1.4) - omniauth-authentiq (0.3.3) - jwt (>= 1.5) - omniauth-oauth2 (>= 1.5) - omniauth-azure-oauth2 (0.0.9) - jwt (~> 1.0) - omniauth (~> 1.0) - omniauth-oauth2 (~> 1.4) - omniauth-cas3 (1.1.4) - addressable (~> 2.3) - nokogiri (~> 1.7, >= 1.7.1) - omniauth (~> 1.2) - omniauth-facebook (4.0.0) - omniauth-oauth2 (~> 1.2) - omniauth-github (1.3.0) - omniauth (~> 1.5) - omniauth-oauth2 (>= 1.4.0, < 2.0) - omniauth-gitlab (1.0.3) - omniauth (~> 1.0) - omniauth-oauth2 (~> 1.0) - omniauth-google-oauth2 (0.5.3) - jwt (>= 1.5) - omniauth (>= 1.1.1) - omniauth-oauth2 (>= 1.5) - omniauth-kerberos (0.3.0) - omniauth-multipassword - timfel-krb5-auth (~> 0.8) - omniauth-multipassword (0.4.2) - omniauth (~> 1.0) - omniauth-oauth (1.1.0) - oauth - omniauth (~> 1.0) - omniauth-oauth2 (1.5.0) - oauth2 (~> 1.1) - omniauth (~> 1.2) - omniauth-oauth2-generic (0.2.2) - omniauth-oauth2 (~> 1.0) - omniauth-saml (1.10.0) - omniauth (~> 1.3, >= 1.3.2) - ruby-saml (~> 1.7) - omniauth-shibboleth (1.3.0) - omniauth (>= 1.0.0) - omniauth-twitter (1.4.0) - omniauth-oauth (~> 1.1) - rack - omniauth_crowd (2.2.3) - activesupport - nokogiri (>= 1.4.4) - omniauth (~> 1.0) - org-ruby (0.9.12) - rubypants (~> 0.2) - orm_adapter (0.5.0) - os (1.0.0) - parallel (1.12.1) - parser (2.5.1.2) - ast (~> 2.4.0) - parslet (1.8.2) - peek (1.0.1) - concurrent-ruby (>= 0.9.0) - concurrent-ruby-ext (>= 0.9.0) - railties (>= 4.0.0) - peek-gc (0.0.2) - peek - peek-mysql2 (1.1.0) - atomic (>= 1.0.0) - mysql2 - peek - peek-pg (1.3.0) - concurrent-ruby - concurrent-ruby-ext - peek - pg - peek-rblineprof (0.2.0) - peek - rblineprof - peek-redis (1.2.0) - atomic (>= 1.0.0) - peek - redis - pg (0.18.4) - po_to_json (1.0.1) - json (>= 1.6.0) - powerpack (0.1.1) - premailer (1.10.4) - addressable - css_parser (>= 1.4.10) - htmlentities (>= 4.0.0) - premailer-rails (1.9.7) - actionmailer (>= 3, < 6) - premailer (~> 1.7, >= 1.7.9) - proc_to_ast (0.1.0) - coderay - parser - unparser - procto (0.0.3) - prometheus-client-mmap (0.9.4) - pry (0.11.3) - coderay (~> 1.1.0) - method_source (~> 0.9.0) - pry-byebug (3.4.3) - byebug (>= 9.0, < 9.1) - pry (~> 0.10) - pry-rails (0.3.6) - pry (>= 0.10.4) - public_suffix (3.0.3) - puma (3.12.0) - puma_worker_killer (0.1.0) - get_process_mem (~> 0.2) - puma (>= 2.7, < 4) - pyu-ruby-sasl (0.0.3.3) - rack (2.0.5) - rack-accept (0.4.5) - rack (>= 0.4) - rack-attack (4.4.1) - rack - rack-cors (1.0.2) - rack-oauth2 (1.2.3) - activesupport (>= 2.3) - attr_required (>= 0.0.5) - httpclient (>= 2.4) - multi_json (>= 1.3.6) - rack (>= 1.1) - rack-protection (2.0.3) - rack - rack-proxy (0.6.0) - rack - rack-test (0.6.3) - rack (>= 1.0) - rails (5.0.7) - actioncable (= 5.0.7) - actionmailer (= 5.0.7) - actionpack (= 5.0.7) - actionview (= 5.0.7) - activejob (= 5.0.7) - activemodel (= 5.0.7) - activerecord (= 5.0.7) - activesupport (= 5.0.7) - bundler (>= 1.3.0) - railties (= 5.0.7) - sprockets-rails (>= 2.0.0) - rails-controller-testing (1.0.2) - actionpack (~> 5.x, >= 5.0.1) - actionview (~> 5.x, >= 5.0.1) - activesupport (~> 5.x) - rails-deprecated_sanitizer (1.0.3) - activesupport (>= 4.2.0.alpha) - rails-dom-testing (2.0.3) - activesupport (>= 4.2.0) - nokogiri (>= 1.6) - rails-html-sanitizer (1.0.4) - loofah (~> 2.2, >= 2.2.2) - rails-i18n (5.1.1) - i18n (>= 0.7, < 2) - railties (>= 5.0, < 6) - railties (5.0.7) - actionpack (= 5.0.7) - activesupport (= 5.0.7) - method_source - rake (>= 0.8.7) - thor (>= 0.18.1, < 2.0) - rainbow (3.0.0) - raindrops (0.18.0) - rake (12.3.1) - rb-fsevent (0.10.2) - rb-inotify (0.9.10) - ffi (>= 0.5.0, < 2) - rblineprof (0.3.6) - debugger-ruby_core_source (~> 1.3) - rbtrace (0.4.10) - ffi (>= 1.0.6) - msgpack (>= 0.4.3) - trollop (>= 1.16.2) - rdoc (6.0.4) - re2 (1.1.1) - recaptcha (3.0.0) - json - recursive-open-struct (1.1.0) - redcarpet (3.4.0) - redis (3.3.5) - redis-actionpack (5.0.2) - actionpack (>= 4.0, < 6) - redis-rack (>= 1, < 3) - redis-store (>= 1.1.0, < 2) - redis-activesupport (5.0.4) - activesupport (>= 3, < 6) - redis-store (>= 1.3, < 2) - redis-namespace (1.6.0) - redis (>= 3.0.4) - redis-rack (2.0.4) - rack (>= 1.5, < 3) - redis-store (>= 1.2, < 2) - redis-rails (5.0.2) - redis-actionpack (>= 5.0, < 6) - redis-activesupport (>= 5.0, < 6) - redis-store (>= 1.2, < 2) - redis-store (1.4.1) - redis (>= 2.2, < 5) - regexp_parser (0.5.0) - representable (3.0.4) - declarative (< 0.1.0) - declarative-option (< 0.2.0) - uber (< 0.2.0) - request_store (1.3.1) - responders (2.4.0) - actionpack (>= 4.2.0, < 5.3) - railties (>= 4.2.0, < 5.3) - rest-client (2.0.2) - http-cookie (>= 1.0.2, < 2.0) - mime-types (>= 1.16, < 4.0) - netrc (~> 0.8) - retriable (3.1.2) - rinku (2.0.0) - rotp (2.1.2) - rouge (3.3.0) - rqrcode (0.7.0) - chunky_png - rqrcode-rails3 (0.1.7) - rqrcode (>= 0.4.2) - rspec (3.7.0) - rspec-core (~> 3.7.0) - rspec-expectations (~> 3.7.0) - rspec-mocks (~> 3.7.0) - rspec-core (3.7.1) - rspec-support (~> 3.7.0) - rspec-expectations (3.7.0) - diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.7.0) - rspec-mocks (3.7.0) - diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.7.0) - rspec-parameterized (0.4.0) - binding_of_caller - parser - proc_to_ast - rspec (>= 2.13, < 4) - unparser - rspec-rails (3.7.2) - actionpack (>= 3.0) - activesupport (>= 3.0) - railties (>= 3.0) - rspec-core (~> 3.7.0) - rspec-expectations (~> 3.7.0) - rspec-mocks (~> 3.7.0) - rspec-support (~> 3.7.0) - rspec-retry (0.4.5) - rspec-core - rspec-set (0.1.3) - rspec-support (3.7.1) - rspec_junit_formatter (0.4.1) - rspec-core (>= 2, < 4, != 2.12.0) - rspec_profiling (0.0.5) - activerecord - pg - rails - sqlite3 - rubocop (0.54.0) - parallel (~> 1.10) - parser (>= 2.5) - powerpack (~> 0.1) - rainbow (>= 2.2.2, < 4.0) - ruby-progressbar (~> 1.7) - unicode-display_width (~> 1.0, >= 1.0.1) - rubocop-gitlab-security (0.1.1) - rubocop (>= 0.51) - rubocop-rspec (1.22.2) - rubocop (>= 0.52.1) - ruby-enum (0.7.2) - i18n - ruby-fogbugz (0.2.1) - crack (~> 0.4) - ruby-prof (0.17.0) - ruby-progressbar (1.9.0) - ruby-saml (1.7.2) - nokogiri (>= 1.5.10) - ruby_parser (3.9.0) - sexp_processor (~> 4.1) - rubyntlm (0.6.2) - rubypants (0.2.0) - rubyzip (1.2.2) - rufus-scheduler (3.4.0) - et-orbi (~> 1.0) - rugged (0.27.5) - safe_yaml (1.0.4) - sanitize (4.6.6) - crass (~> 1.0.2) - nokogiri (>= 1.4.4) - nokogumbo (~> 1.4) - sass (3.5.5) - sass-listen (~> 4.0.0) - sass-listen (4.0.0) - rb-fsevent (~> 0.9, >= 0.9.4) - rb-inotify (~> 0.9, >= 0.9.7) - sass-rails (5.0.6) - railties (>= 4.0.0, < 6) - sass (~> 3.1) - sprockets (>= 2.8, < 4.0) - sprockets-rails (>= 2.0, < 4.0) - tilt (>= 1.1, < 3) - sawyer (0.8.1) - addressable (>= 2.3.5, < 2.6) - faraday (~> 0.8, < 1.0) - scss_lint (0.56.0) - rake (>= 0.9, < 13) - sass (~> 3.5.3) - seed-fu (2.3.7) - activerecord (>= 3.1) - activesupport (>= 3.1) - select2-rails (3.5.9.3) - thor (~> 0.14) - selenium-webdriver (3.12.0) - childprocess (~> 0.5) - rubyzip (~> 1.2) - sentry-raven (2.7.2) - faraday (>= 0.7.6, < 1.0) - settingslogic (2.0.9) - sexp_processor (4.9.0) - sham_rack (1.3.6) - rack - shoulda-matchers (3.1.2) - activesupport (>= 4.0.0) - sidekiq (5.2.1) - connection_pool (~> 2.2, >= 2.2.2) - rack-protection (>= 1.5.0) - redis (>= 3.3.5, < 5) - sidekiq-cron (0.6.0) - rufus-scheduler (>= 3.3.0) - sidekiq (>= 4.2.1) - signet (0.11.0) - addressable (~> 2.3) - faraday (~> 0.9) - jwt (>= 1.5, < 3.0) - multi_json (~> 1.10) - simple_po_parser (1.1.2) - simplecov (0.14.1) - docile (~> 1.1.0) - json (>= 1.8, < 3) - simplecov-html (~> 0.10.0) - simplecov-html (0.10.0) - slack-notifier (1.5.1) - spring (2.0.2) - activesupport (>= 4.2) - spring-commands-rspec (1.0.4) - spring (>= 0.9.1) - sprockets (3.7.2) - concurrent-ruby (~> 1.0) - rack (> 1, < 3) - sprockets-rails (3.2.1) - actionpack (>= 4.0) - activesupport (>= 4.0) - sprockets (>= 3.0.0) - sqlite3 (1.3.13) - sshkey (1.9.0) - stackprof (0.2.10) - state_machines (0.5.0) - state_machines-activemodel (0.5.1) - activemodel (>= 4.1, < 6.0) - state_machines (>= 0.5.0) - state_machines-activerecord (0.5.1) - activerecord (>= 4.1, < 6.0) - state_machines-activemodel (>= 0.5.0) - sys-filesystem (1.1.6) - ffi - sysexits (1.2.0) - temple (0.8.0) - test-prof (0.2.5) - text (1.3.1) - thin (1.7.2) - daemons (~> 1.0, >= 1.0.9) - eventmachine (~> 1.0, >= 1.0.4) - rack (>= 1, < 3) - thor (0.19.4) - thread_safe (0.3.6) - tilt (2.0.8) - timecop (0.8.1) - timfel-krb5-auth (0.8.3) - toml (0.2.0) - parslet (~> 1.8.0) - toml-rb (1.0.0) - citrus (~> 3.0, > 3.0) - trollop (2.1.3) - truncato (0.7.10) - htmlentities (~> 4.3.1) - nokogiri (~> 1.8.0, >= 1.7.0) - tzinfo (1.2.5) - thread_safe (~> 0.1) - u2f (0.2.1) - uber (0.1.0) - uglifier (2.7.2) - execjs (>= 0.3.0) - json (>= 1.8.0) - unf (0.1.4) - unf_ext - unf_ext (0.0.7.5) - unicode-display_width (1.3.2) - unicorn (5.1.0) - kgio (~> 2.6) - raindrops (~> 0.7) - unicorn-worker-killer (0.4.4) - get_process_mem (~> 0) - unicorn (>= 4, < 6) - uniform_notifier (1.10.0) - unparser (0.2.7) - abstract_type (~> 0.0.7) - adamantium (~> 0.2.0) - concord (~> 0.1.5) - diff-lcs (~> 1.3) - equalizer (~> 0.0.9) - parser (>= 2.3.1.2, < 2.6) - procto (~> 0.0.2) - validates_hostname (1.0.6) - activerecord (>= 3.0) - activesupport (>= 3.0) - version_sorter (2.1.0) - virtus (1.0.5) - axiom-types (~> 0.1) - coercible (~> 1.0) - descendants_tracker (~> 0.0, >= 0.0.3) - equalizer (~> 0.0, >= 0.0.9) - vmstat (2.3.0) - warden (1.2.7) - rack (>= 1.0) - webmock (2.3.2) - addressable (>= 2.3.6) - crack (>= 0.3.2) - hashdiff - webpack-rails (0.9.11) - railties (>= 3.2.0) - websocket-driver (0.6.5) - websocket-extensions (>= 0.1.0) - websocket-extensions (0.1.3) - wikicloth (0.8.1) - builder - expression_parser - rinku - with_env (1.1.0) - xml-simple (1.1.5) - xpath (2.1.0) - nokogiri (~> 1.3) - -PLATFORMS - ruby - -DEPENDENCIES - RedCloth (~> 4.3.2) - ace-rails-ap (~> 4.1.0) - activerecord_sane_schema_dumper (= 1.0) - acts-as-taggable-on (~> 5.0) - addressable (~> 2.5.2) - akismet (~> 2.0) - asana (~> 0.6.0) - asciidoctor (~> 1.5.6) - asciidoctor-plantuml (= 0.0.8) - attr_encrypted (~> 3.1.0) - awesome_print - babosa (~> 1.0.2) - base32 (~> 0.3.0) - batch-loader (~> 1.2.1) - bcrypt_pbkdf (~> 1.0) - benchmark-ips (~> 2.3.0) - better_errors (~> 2.1.0) - binding_of_caller (~> 0.7.2) - bootsnap (~> 1.3) - bootstrap_form (~> 2.7.0) - brakeman (~> 4.2) - browser (~> 2.5) - bullet (~> 5.5.0) - bundler-audit (~> 0.5.0) - capybara (~> 2.15) - capybara-screenshot (~> 1.0.0) - carrierwave (= 1.2.3) - charlock_holmes (~> 0.7.5) - chronic (~> 0.10.2) - chronic_duration (~> 0.10.6) - commonmarker (~> 0.17) - concurrent-ruby (~> 1.0.5) - connection_pool (~> 2.0) - creole (~> 0.5.0) - database_cleaner (~> 1.5.0) - deckar01-task_list (= 2.0.0) - default_value_for (~> 3.0.5) - device_detector - devise (~> 4.4) - devise-two-factor (~> 3.0.0) - diffy (~> 3.1.0) - doorkeeper (~> 4.3) - doorkeeper-openid_connect (~> 1.5) - ed25519 (~> 1.2) - email_reply_trimmer (~> 0.1) - email_spec (~> 2.2.0) - escape_utils (~> 1.1) - factory_bot_rails (~> 4.8.2) - faraday (~> 0.12) - fast_blank - ffaker (~> 2.4) - flipper (~> 0.13.0) - flipper-active_record (~> 0.13.0) - flipper-active_support_cache_store (~> 0.13.0) - flowdock (~> 0.7) - fog-aliyun (~> 0.2.0) - fog-aws (~> 2.0.1) - fog-core (~> 1.44) - fog-google (~> 1.7.1) - fog-local (~> 0.3) - fog-openstack (~> 0.1) - fog-rackspace (~> 0.1.1) - font-awesome-rails (~> 4.7) - foreman (~> 0.84.0) - fuubar (~> 2.2.0) - gemojione (~> 3.3) - gettext (~> 3.2.2) - gettext_i18n_rails (~> 1.8.0) - gettext_i18n_rails_js (~> 1.3) - gitaly-proto (~> 0.123.0) - github-markup (~> 1.7.0) - gitlab-markup (~> 1.6.4) - gitlab-sidekiq-fetcher - gitlab-styles (~> 2.4) - gitlab_omniauth-ldap (~> 2.0.4) - gon (~> 6.2) - google-api-client (~> 0.23) - google-protobuf (~> 3.6) - gpgme - grape (~> 1.1) - grape-entity (~> 0.7.1) - grape-path-helpers (~> 1.0) - grape_logging (~> 1.7) - graphiql-rails (~> 1.4.10) - graphql (~> 1.8.0) - grpc (~> 1.15.0) - haml_lint (~> 0.26.0) - hamlit (~> 2.8.8) - hangouts-chat (~> 0.0.5) - hashie-forbidden_attributes - health_check (~> 2.6.0) - hipchat (~> 1.5.0) - html-pipeline (~> 2.8) - html2text - httparty (~> 0.13.3) - icalendar - influxdb (~> 0.2) - jira-ruby (~> 1.4) - jquery-atwho-rails (~> 1.3.2) - js_regex (~> 2.2.1) - json-schema (~> 2.8.0) - jwt (~> 1.5.6) - kaminari (~> 1.0) - knapsack (~> 1.16) - kubeclient (~> 3.1.0) - letter_opener_web (~> 1.3.0) - license_finder (~> 5.4) - licensee (~> 8.9) - lograge (~> 0.5) - loofah (~> 2.2) - mail_room (~> 0.9.1) - method_source (~> 0.8) - mini_magick - minitest (~> 5.7.0) - mysql2 (~> 0.4.10) - net-ldap - net-ssh (~> 5.0) - nokogiri (~> 1.8.2) - oauth2 (~> 1.4) - octokit (~> 4.9) - omniauth (~> 1.8) - omniauth-auth0 (~> 2.0.0) - omniauth-authentiq (~> 0.3.3) - omniauth-azure-oauth2 (~> 0.0.9) - omniauth-cas3 (~> 1.1.4) - omniauth-facebook (~> 4.0.0) - omniauth-github (~> 1.3) - omniauth-gitlab (~> 1.0.2) - omniauth-google-oauth2 (~> 0.5.3) - omniauth-kerberos (~> 0.3.0) - omniauth-oauth2-generic (~> 0.2.2) - omniauth-saml (~> 1.10) - omniauth-shibboleth (~> 1.3.0) - omniauth-twitter (~> 1.4) - omniauth_crowd (~> 2.2.0) - org-ruby (~> 0.9.12) - peek (~> 1.0.1) - peek-gc (~> 0.0.2) - peek-mysql2 (~> 1.1.0) - peek-pg (~> 1.3.0) - peek-rblineprof (~> 0.2.0) - peek-redis (~> 1.2.0) - pg (~> 0.18.2) - premailer-rails (~> 1.9.7) - prometheus-client-mmap (~> 0.9.4) - pry-byebug (~> 3.4.1) - pry-rails (~> 0.3.4) - puma (~> 3.12) - puma_worker_killer - rack-attack (~> 4.4.1) - rack-cors (~> 1.0.0) - rack-oauth2 (~> 1.2.1) - rack-proxy (~> 0.6.0) - rails (= 5.0.7) - rails-controller-testing - rails-deprecated_sanitizer (~> 1.0.3) - rails-i18n (~> 5.1) - rainbow (~> 3.0) - raindrops (~> 0.18) - rblineprof (~> 0.3.6) - rbtrace (~> 0.4) - rdoc (~> 6.0) - re2 (~> 1.1.1) - recaptcha (~> 3.0) - redcarpet (~> 3.4) - redis (~> 3.2) - redis-namespace (~> 1.6.0) - redis-rails (~> 5.0.2) - request_store (~> 1.3) - responders (~> 2.0) - rouge (~> 3.1) - rqrcode-rails3 (~> 0.1.7) - rspec-parameterized - rspec-rails (~> 3.7.0) - rspec-retry (~> 0.4.5) - rspec-set (~> 0.1.3) - rspec_junit_formatter - rspec_profiling (~> 0.0.5) - rubocop (~> 0.54.0) - rubocop-rspec (~> 1.22.1) - ruby-fogbugz (~> 0.2.1) - ruby-prof (~> 0.17.0) - ruby-progressbar - ruby_parser (~> 3.8) - rubyzip (~> 1.2.2) - rufus-scheduler (~> 3.4) - rugged (~> 0.27) - sanitize (~> 4.6) - sass-rails (~> 5.0.6) - scss_lint (~> 0.56.0) - seed-fu (~> 2.3.7) - select2-rails (~> 3.5.9) - selenium-webdriver (~> 3.12) - sentry-raven (~> 2.7) - settingslogic (~> 2.0.9) - sham_rack (~> 1.3.6) - shoulda-matchers (~> 3.1.2) - sidekiq (~> 5.2.1) - sidekiq-cron (~> 0.6.0) - simple_po_parser (~> 1.1.2) - simplecov (~> 0.14.0) - slack-notifier (~> 1.5.1) - spring (~> 2.0.0) - spring-commands-rspec (~> 1.0.4) - sprockets (~> 3.7.0) - sshkey (~> 1.9.0) - stackprof (~> 0.2.10) - state_machines-activerecord (~> 0.5.1) - sys-filesystem (~> 1.1.6) - test-prof (~> 0.2.5) - thin (~> 1.7.0) - timecop (~> 0.8.0) - toml-rb (~> 1.0.0) - truncato (~> 0.7.9) - u2f (~> 0.2.1) - uglifier (~> 2.7.2) - unf (~> 0.1.4) - unicorn (~> 5.1.0) - unicorn-worker-killer (~> 0.4.4) - validates_hostname (~> 1.0.6) - version_sorter (~> 2.1.0) - virtus (~> 1.0.1) - vmstat (~> 2.3.0) - webmock (~> 2.3.2) - webpack-rails (~> 0.9.10) - wikicloth (= 0.8.1) - -BUNDLED WITH - 1.17.1 diff --git a/PHILOSOPHY.md b/PHILOSOPHY.md new file mode 100644 index 0000000000..e966d88ef7 --- /dev/null +++ b/PHILOSOPHY.md @@ -0,0 +1 @@ +This document is intended to communicate the product philosophy GitLab uses in creating GitLab Community Edition. The principles can be found in the [Product Section of the GitLab Handbook](https://about.gitlab.com/handbook/product/#product-at-gitlab). \ No newline at end of file diff --git a/PROCESS.md b/PROCESS.md index 5fc2c4cf1d..f2eed5544f 100644 --- a/PROCESS.md +++ b/PROCESS.md @@ -12,15 +12,18 @@ - [Assigning issues](#assigning-issues) - [Be kind](#be-kind) - [Feature freeze on the 7th for the release on the 22nd](#feature-freeze-on-the-7th-for-the-release-on-the-22nd) + - [Feature flags](#feature-flags) - [Between the 1st and the 7th](#between-the-1st-and-the-7th) + - [What happens if these deadlines are missed?](#what-happens-if-these-deadlines-are-missed) - [On the 7th](#on-the-7th) + - [Feature merge requests](#feature-merge-requests) + - [Documentation merge requests](#documentation-merge-requests) - [After the 7th](#after-the-7th) + - [Asking for an exception](#asking-for-an-exception) - [Bugs](#bugs) - [Regressions](#regressions) - [Managing bugs](#managing-bugs) - [Release retrospective and kickoff](#release-retrospective-and-kickoff) - - [Retrospective](#retrospective) - - [Kickoff](#kickoff) - [Copy & paste responses](#copy--paste-responses) - [Improperly formatted issue](#improperly-formatted-issue) - [Issue report for old version](#issue-report-for-old-version) @@ -28,11 +31,8 @@ - [Code format](#code-format) - [Issue fixed in newer version](#issue-fixed-in-newer-version) - [Improperly formatted merge request](#improperly-formatted-merge-request) - - [Inactivity close of an issue](#inactivity-close-of-an-issue) - - [Inactivity close of a merge request](#inactivity-close-of-a-merge-request) - [Accepting merge requests](#accepting-merge-requests) - [Only accepting merge requests with green tests](#only-accepting-merge-requests-with-green-tests) - - [Closing down the issue tracker on GitHub](#closing-down-the-issue-tracker-on-github) @@ -58,6 +58,18 @@ their contributions accepted by meeting our [Definition of done][done]. What you can expect from them is described at https://about.gitlab.com/roles/merge-request-coach/. +### Milestones on community contribution issues + +The milestone of an issue that is currently being worked on by a community contributor +should not be set to a named GitLab milestone (e.g. 11.7, 11.8), until the associated +merge request is very close to being merged, and we will likely know in which named +GitLab milestone the issue will land. There are many factors that influence when +a community contributor finishes an issue, or even at all. So we should set this +milestone only when we have more certainty. + +Note this only applies to issues currently assigned to community contributors. For +issues assigned to GitLabbers, we are [ambitious in assigning milestones to issues](https://about.gitlab.com/direction/#how-we-plan-releases). + ## Assigning issues If an issue is complex and needs the attention of a specific person, assignment is a good option but assigning issues might discourage other people from contributing to that issue. We need all the contributions we can get so this should never be discouraged. Also, an assigned person might not have time for a few weeks, so others should feel free to takeover. @@ -74,10 +86,13 @@ star, smile, etc.). Some good tips about code reviews can be found in our ## Feature freeze on the 7th for the release on the 22nd -After 7th at 23:59 (Pacific Time Zone) of each month, RC1 of the upcoming -release (to be shipped on the 22nd) is created and deployed to GitLab.com and -the stable branch for this release is frozen, which means master is no longer -merged into it. Merge requests may still be merged into master during this +After 7th at 23:59 (Pacific Time Zone) of each month, stable branch and RC1 +of the upcoming release (to be shipped on the 22nd) is created and deployed to GitLab.com. +The stable branch is frozen at the most recent "qualifying commit" on master. +A "qualifying commit" is one that is pushed before the feature freeze cutoff time +and that passes all CI jobs (green pipeline). + +Merge requests may still be merged into master during this period, but they will go into the _next_ release, unless they are manually cherry-picked into the stable branch. @@ -95,6 +110,12 @@ picked into the stable branches) up to the 19th of the month. Such merge requests should have the ~"feature flag" label assigned, and don't require a corresponding exception request to be created. +In order to build the final package and present the feature for self-hosted +customers, the feature flag should be removed. This should happen before the +22nd, ideally _at least_ 2 days before. That means MRs with feature +flags being picked at the 19th would have a quite tight schedule, so picking +these _earlier_ is preferable. + While rare, release managers may decide to reject picking a change into a stable branch, even when feature flags are used. This might be necessary if the changes are deemed problematic, too invasive, or there simply isn't enough time to @@ -243,7 +264,7 @@ A ~bug is a defect, error, failure which causes the system to behave incorrectly The level of impact of a ~bug can vary from blocking a whole functionality or a feature usability bug. A bug should always be linked to a severity level. -Refer to our [severity levels](../CONTRIBUTING.md#severity-labels) +Refer to our [severity levels](https://docs.gitlab.com/ee/development/contributing/issue_workflow.html#severity-labels) Whether the bug is also a regression or not, the triage process should start as soon as possible. Ensure that the Engineering Manager and/or the Product Manager for the relative area is involved to prioritize the work as needed. @@ -275,10 +296,10 @@ The two scenarios below can [bypass the exception request in the release process When a bug is found: 1. Create an issue describing the problem in the most detailed way possible. 1. If possible, provide links to real examples and how to reproduce the problem. -1. Label the issue properly, using the [team label](../CONTRIBUTING.md#team-labels), - the [subject label](../CONTRIBUTING.md#subject-labels) +1. Label the issue properly, using the [team label](https://docs.gitlab.com/ee/development/contributing/issue_workflow.html#team-labels), + the [subject label](https://docs.gitlab.com/ee/development/contributing/issue_workflow.html#subject-labels) and any other label that may apply in the specific case -1. Notify the respective Engineering Manager to evaluate and apply the [Severity label](../CONTRIBUTING.md#bug-severity-labels) and [Priority label](../CONTRIBUTING.md#bug-priority-labels). +1. Notify the respective Engineering Manager to evaluate and apply the [Severity label](https://docs.gitlab.com/ee/development/contributing/issue_workflow.html#severity-labels) and [Priority label](https://docs.gitlab.com/ee/development/contributing/issue_workflow.html#priority-labels). The counterpart Product Manager is included to weigh-in on prioritization as needed. 1. If the ~bug is **NOT** a regression: 1. The Engineering Manager decides which milestone the bug will be fixed. The appropriate milestone is applied. @@ -300,67 +321,77 @@ The counterpart Product Manager is included to weigh-in on prioritization as nee ### Improperly formatted issue -Thanks for the issue report. Please reformat your issue to conform to the [contributing guidelines](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#issue-tracker-guidelines). +``` +Thanks for the issue report. Please reformat your issue to conform to the +[contributing guidelines](https://docs.gitlab.com/ee/development/contributing/issue_workflow.html#issue-tracker-guidelines). +``` ### Issue report for old version -Thanks for the issue report but we only support issues for the latest stable version of GitLab. I'm closing this issue but if you still experience this problem in the latest stable version, please open a new issue (but also reference the old issue(s)). Make sure to also include the necessary debugging information conforming to the issue tracker guidelines found in our [contributing guidelines](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#issue-tracker-guidelines). +``` +Thanks for the issue report but we only support issues for the latest stable version of GitLab. +I'm closing this issue but if you still experience this problem in the latest stable version, +please open a new issue (but also reference the old issue(s)). +Make sure to also include the necessary debugging information conforming to the issue tracker +guidelines found in our [contributing guidelines](https://docs.gitlab.com/ee/development/contributing/issue_workflow.html#issue-tracker-guidelines). +``` ### Support requests and configuration questions +``` Thanks for your interest in GitLab. We don't use the issue tracker for support requests and configuration questions. Please check our [getting help](https://about.gitlab.com/getting-help/) page to see all of the available -support options. Also, have a look at the [contribution guidelines](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md) +support options. Also, have a look at the [contribution guidelines](https://docs.gitlab.com/ee/development/contributing/index.html) for more information. +``` ### Code format +``` Please use \`\`\` to format console output, logs, and code as it's very hard to read otherwise. +``` ### Issue fixed in newer version -Thanks for the issue report. This issue has already been fixed in newer versions of GitLab. Due to the size of this project and our limited resources we are only able to support the latest stable release as outlined in our [contributing guidelines](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#issue-tracker). In order to get this bug fix and enjoy many new features please [upgrade](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/doc/update). If you still experience issues at that time please open a new issue following our issue tracker guidelines found in the [contributing guidelines](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#issue-tracker-guidelines). +``` +Thanks for the issue report. This issue has already been fixed in newer versions of GitLab. +Due to the size of this project and our limited resources we are only able to support the +latest stable release as outlined in our [contributing guidelines](https://docs.gitlab.com/ee/development/contributing/issue_workflow.html). +In order to get this bug fix and enjoy many new features please +[upgrade](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/doc/update). +If you still experience issues at that time please open a new issue following our issue +tracker guidelines found in the [contributing guidelines](https://docs.gitlab.com/ee/development/contributing/issue_workflow.html#issue-tracker-guidelines). +``` ### Improperly formatted merge request -Thanks for your interest in improving the GitLab codebase! Please update your merge request according to the [contributing guidelines](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#pull-request-guidelines). - -### Inactivity close of an issue - -It's been at least 2 weeks (and a new release) since we heard from you. I'm closing this issue but if you still experience this problem, please open a new issue (but also reference the old issue(s)). Make sure to also include the necessary debugging information conforming to the issue tracker guidelines found in our [contributing guidelines](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#issue-tracker-guidelines). - -### Inactivity close of a merge request - -This merge request has been closed because a request for more information has not been reacted to for more than 2 weeks. If you respond and conform to the merge request guidelines in our [contributing guidelines](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#pull-requests) we will reopen this merge request. +``` +Thanks for your interest in improving the GitLab codebase! +Please update your merge request according to the [contributing guidelines](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/contributing/merge_request_workflow.md#merge-request-guidelines). +``` ### Accepting merge requests +``` Is there an issue on the [issue tracker](https://gitlab.com/gitlab-org/gitlab-ce/issues) that is similar to this? Could you please link it here? Please be aware that new functionality that is not marked -[accepting merge requests](https://gitlab.com/gitlab-org/gitlab-ce/issues?milestone_id=&scope=all&sort=created_desc&state=opened&utf8=%E2%9C%93&assignee_id=&author_id=&milestone_title=&label_name=Accepting+Merge+Requests) +[`Accepting merge requests`](https://docs.gitlab.com/ee/development/contributing/issue_workflow.html#label-for-community-contributors) might not make it into GitLab. +``` ### Only accepting merge requests with green tests +``` We can only accept a merge request if all the tests are green. I've just restarted the build. When the tests are still not passing after this restart and you're sure that is does not have anything to do with your code changes, please rebase with master to see if that solves the issue. - -### Closing down the issue tracker on GitHub - -We are currently in the process of closing down the issue tracker on GitHub, to -prevent duplication with the GitLab.com issue tracker. -Since this is an older issue I'll be closing this for now. If you think this is -still an issue I encourage you to open it on the [GitLab.com issue tracker](https://gitlab.com/gitlab-org/gitlab-ce/issues). +``` [team]: https://about.gitlab.com/team/ -[contribution acceptance criteria]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#contribution-acceptance-criteria -["Implement design & UI elements" guidelines]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#implement-design-ui-elements -[Thoughtbot code review guide]: https://github.com/thoughtbot/guides/tree/master/code-review -[done]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#definition-of-done +[done]: https://docs.gitlab.com/ee/development/contributing/merge_request_workflow.html#definition-of-done [automatic_ce_ee_merge]: https://docs.gitlab.com/ce/development/automatic_ce_ee_merge.html [ee_features]: https://docs.gitlab.com/ce/development/ee_features.html diff --git a/VERSION b/VERSION index d471eb7c60..64e4bdff1c 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -11.5.10 +11.7.5 diff --git a/app/assets/images/cluster_app_logos/cert_manager.png b/app/assets/images/cluster_app_logos/cert_manager.png new file mode 100644 index 0000000000..bbc867858d Binary files /dev/null and b/app/assets/images/cluster_app_logos/cert_manager.png differ diff --git a/app/assets/images/none-scheme-preview.png b/app/assets/images/none-scheme-preview.png new file mode 100644 index 0000000000..2eb6bf9667 Binary files /dev/null and b/app/assets/images/none-scheme-preview.png differ diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js index 3f7a1ef1bf..d1396b6c4b 100644 --- a/app/assets/javascripts/api.js +++ b/app/assets/javascripts/api.js @@ -5,25 +5,31 @@ import axios from './lib/utils/axios_utils'; const Api = { groupsPath: '/api/:version/groups.json', groupPath: '/api/:version/groups/:id', + subgroupsPath: '/api/:version/groups/:id/subgroups', namespacesPath: '/api/:version/namespaces.json', groupProjectsPath: '/api/:version/groups/:id/projects.json', projectsPath: '/api/:version/projects.json', projectPath: '/api/:version/projects/:id', projectLabelsPath: '/:namespace_path/:project_path/labels', - mergeRequestPath: '/api/:version/projects/:id/merge_requests/:mrid', + projectMergeRequestPath: '/api/:version/projects/:id/merge_requests/:mrid', + projectMergeRequestChangesPath: '/api/:version/projects/:id/merge_requests/:mrid/changes', + projectMergeRequestVersionsPath: '/api/:version/projects/:id/merge_requests/:mrid/versions', + projectRunnersPath: '/api/:version/projects/:id/runners', mergeRequestsPath: '/api/:version/merge_requests', - mergeRequestChangesPath: '/api/:version/projects/:id/merge_requests/:mrid/changes', - mergeRequestVersionsPath: '/api/:version/projects/:id/merge_requests/:mrid/versions', groupLabelsPath: '/groups/:namespace_path/-/labels', issuableTemplatePath: '/:namespace_path/:project_path/templates/:type/:key', projectTemplatePath: '/api/:version/projects/:id/templates/:type/:key', projectTemplatesPath: '/api/:version/projects/:id/templates/:type', usersPath: '/api/:version/users.json', - userStatusPath: '/api/:version/user/status', + userPath: '/api/:version/users/:id', + userStatusPath: '/api/:version/users/:id/status', + userPostStatusPath: '/api/:version/user/status', commitPath: '/api/:version/projects/:id/repository/commits', + applySuggestionPath: '/api/:version/suggestions/:id/apply', commitPipelinesPath: '/:project_id/commit/:sha/pipelines', branchSinglePath: '/api/:version/projects/:id/repository/branches/:branch', createBranchPath: '/api/:version/projects/:id/repository/branches', + releasesPath: '/api/:version/projects/:id/releases', group(groupId, callback) { const url = Api.buildUrl(Api.groupPath).replace(':id', groupId); @@ -99,36 +105,45 @@ const Api = { }, // Return Merge Request for project - mergeRequest(projectPath, mergeRequestId, params = {}) { - const url = Api.buildUrl(Api.mergeRequestPath) + projectMergeRequest(projectPath, mergeRequestId, params = {}) { + const url = Api.buildUrl(Api.projectMergeRequestPath) .replace(':id', encodeURIComponent(projectPath)) .replace(':mrid', mergeRequestId); return axios.get(url, { params }); }, + projectMergeRequestChanges(projectPath, mergeRequestId) { + const url = Api.buildUrl(Api.projectMergeRequestChangesPath) + .replace(':id', encodeURIComponent(projectPath)) + .replace(':mrid', mergeRequestId); + + return axios.get(url); + }, + + projectMergeRequestVersions(projectPath, mergeRequestId) { + const url = Api.buildUrl(Api.projectMergeRequestVersionsPath) + .replace(':id', encodeURIComponent(projectPath)) + .replace(':mrid', mergeRequestId); + + return axios.get(url); + }, + + projectRunners(projectPath, config = {}) { + const url = Api.buildUrl(Api.projectRunnersPath).replace( + ':id', + encodeURIComponent(projectPath), + ); + + return axios.get(url, config); + }, + mergeRequests(params = {}) { const url = Api.buildUrl(Api.mergeRequestsPath); return axios.get(url, { params }); }, - mergeRequestChanges(projectPath, mergeRequestId) { - const url = Api.buildUrl(Api.mergeRequestChangesPath) - .replace(':id', encodeURIComponent(projectPath)) - .replace(':mrid', mergeRequestId); - - return axios.get(url); - }, - - mergeRequestVersions(projectPath, mergeRequestId) { - const url = Api.buildUrl(Api.mergeRequestVersionsPath) - .replace(':id', encodeURIComponent(projectPath)) - .replace(':mrid', mergeRequestId); - - return axios.get(url); - }, - newLabel(namespacePath, projectPath, data, callback) { let url; @@ -172,6 +187,12 @@ const Api = { }); }, + applySuggestion(id) { + const url = Api.buildUrl(Api.applySuggestionPath).replace(':id', encodeURIComponent(id)); + + return axios.put(url); + }, + commitPipelines(projectId, sha) { const encodedProjectId = projectId .split('/') @@ -243,6 +264,20 @@ const Api = { }); }, + user(id, options) { + const url = Api.buildUrl(this.userPath).replace(':id', encodeURIComponent(id)); + return axios.get(url, { + params: options, + }); + }, + + userStatus(id, options) { + const url = Api.buildUrl(this.userStatusPath).replace(':id', encodeURIComponent(id)); + return axios.get(url, { + params: options, + }); + }, + branches(id, query = '', options = {}) { const url = Api.buildUrl(this.createBranchPath).replace(':id', encodeURIComponent(id)); @@ -265,7 +300,7 @@ const Api = { }, postUserStatus({ emoji, message }) { - const url = Api.buildUrl(this.userStatusPath); + const url = Api.buildUrl(this.userPostStatusPath); return axios.put(url, { emoji, @@ -273,6 +308,12 @@ const Api = { }); }, + releases(id) { + const url = Api.buildUrl(this.releasesPath).replace(':id', encodeURIComponent(id)); + + return axios.get(url); + }, + buildUrl(url) { let urlRoot = ''; if (gon.relative_url_root != null) { diff --git a/app/assets/javascripts/badges/components/badge.vue b/app/assets/javascripts/badges/components/badge.vue index 8512bf9dd7..ae2916e3a3 100644 --- a/app/assets/javascripts/badges/components/badge.vue +++ b/app/assets/javascripts/badges/components/badge.vue @@ -1,17 +1,15 @@