diff --git a/.babelrc b/.babelrc index 2bae7ca9fb..b93bef72de 100644 --- a/.babelrc +++ b/.babelrc @@ -8,7 +8,8 @@ "plugins": [ ["istanbul", { "exclude": [ - "spec/javascripts/**/*" + "spec/javascripts/**/*", + "app/assets/javascripts/locale/**/app.js" ] }], ["transform-define", { diff --git a/.codeclimate.yml b/.codeclimate.yml index 42afed5437..ecac24b68d 100644 --- a/.codeclimate.yml +++ b/.codeclimate.yml @@ -1,7 +1,5 @@ --- engines: - brakeman: - enabled: true bundler-audit: enabled: true duplication: @@ -13,9 +11,11 @@ engines: exclude_paths: - "lib/api/v3/*" eslint: - enabled: true + # eslint-plugin-vue is locked to version 2 in codeclimate, we need version 4 + enabled: false rubocop: enabled: true + channel: "gitlab-rubocop-0-52" ratings: paths: - Gemfile.lock diff --git a/.eslintignore b/.eslintignore index 1605e483e9..1623b99621 100644 --- a/.eslintignore +++ b/.eslintignore @@ -7,4 +7,5 @@ /vendor/ karma.config.js webpack.config.js -/app/assets/javascripts/locale/**/*.js +svg.config.js +/app/assets/javascripts/locale/**/app.js diff --git a/.eslintrc b/.eslintrc index 3e07edbccf..ad5eaebcca 100644 --- a/.eslintrc +++ b/.eslintrc @@ -4,14 +4,19 @@ "browser": true, "es6": true }, - "extends": "airbnb-base", + "extends": [ + "airbnb-base", + "plugin:vue/recommended" + ], "globals": { - "_": false, + "__webpack_public_path__": true, "gl": false, "gon": false, "localStorage": false }, - "parser": "babel-eslint", + "parserOptions": { + "parser": "babel-eslint" + }, "plugins": [ "filenames", "import", @@ -19,7 +24,7 @@ "promise" ], "settings": { - "html/html-extensions": [".html", ".html.raw", ".vue"], + "html/html-extensions": [".html", ".html.raw"], "import/resolver": { "webpack": { "config": "./config/webpack.config.js" @@ -31,6 +36,15 @@ "import/no-commonjs": "error", "no-multiple-empty-lines": ["error", { "max": 1 }], "promise/catch-or-return": "error", - "no-underscore-dangle": ["error", { "allow": ["__"]}] + "no-underscore-dangle": ["error", { "allow": ["__"]}], + "vue/html-self-closing": ["error", { + "html": { + "void": "always", + "normal": "never", + "component": "always" + }, + "svg": "always", + "math": "always" + }] } } diff --git a/.flayignore b/.flayignore index b63ce4c4df..87cb3507b0 100644 --- a/.flayignore +++ b/.flayignore @@ -5,3 +5,6 @@ app/policies/project_policy.rb app/models/concerns/relative_positioning.rb app/workers/stuck_merge_jobs_worker.rb lib/gitlab/redis/*.rb +lib/gitlab/gitaly_client/operation_service.rb +lib/gitlab/background_migration/* +app/models/project_services/kubernetes_service.rb diff --git a/.gitignore b/.gitignore index 3baf640a9c..2004c2a09b 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,7 @@ *.swp *.mo *.edit.po +*.rej .DS_Store .bundle .chef @@ -63,4 +64,5 @@ eslint-report.html /.gitlab_workhorse_secret /webpack-report/ /locale/**/LC_MESSAGES +/locale/**/*.time_stamp /.rspec diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 95e833ff25..9c3556f5cc 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,7 +1,12 @@ -image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.3-golang-1.8-git-2.7-phantomjs-2.1-node-7.1-postgresql-9.6" +image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.6-golang-1.9-git-2.14-chrome-63.0-node-8.x-yarn-1.2-postgresql-9.6" + +.dedicated-runner: &dedicated-runner + retry: 1 + tags: + - gitlab-org .default-cache: &default-cache - key: "ruby-233-with-yarn" + key: "ruby-2.3.6-with-yarn" paths: - vendor/ruby - .yarn-cache/ @@ -23,10 +28,10 @@ variables: SIMPLECOV: "true" GIT_DEPTH: "20" GIT_SUBMODULE_STRATEGY: "none" - PHANTOMJS_VERSION: "2.1.1" GET_SOURCES_ATTEMPTS: "3" KNAPSACK_RSPEC_SUITE_REPORT_PATH: knapsack/${CI_PROJECT_NAME}/rspec_report-master.json KNAPSACK_SPINACH_SUITE_REPORT_PATH: knapsack/${CI_PROJECT_NAME}/spinach_report-master.json + FLAKY_RSPEC_SUITE_REPORT_PATH: rspec_flaky/report-suite.json before_script: - bundle --version @@ -39,25 +44,26 @@ stages: - test - post-test - pages + - post-cleanup # Predefined scopes -.dedicated-runner: &dedicated-runner - tags: - - gitlab-org - -.knapsack-state: &knapsack-state - services: [] +.tests-metadata-state: &tests-metadata-state + <<: *dedicated-runner variables: - SETUP_DB: "false" - USE_BUNDLE_INSTALL: "false" - KNAPSACK_S3_BUCKET: "gitlab-ce-cache" + TESTS_METADATA_S3_BUCKET: "gitlab-ce-cache" + before_script: + - source scripts/utils.sh artifacts: expire_in: 31d paths: - knapsack/ + - rspec_flaky/ .use-pg: &use-pg services: + # As of Jan 2018, we don't have a strong reason to upgrade to 9.6 for CI yet, + # so using the least common denominator ensures backwards compatibility + # (as many users are still using 9.2). - postgres:9.2 - redis:alpine @@ -66,19 +72,6 @@ stages: - mysql:latest - redis:alpine -.only-if-want-mysql: &only-if-want-mysql - only: - - /mysql/ - - /-stable/ - - master@gitlab-org/gitlab-ce - - master@gitlab-org/gitlab-ee - - master@gitlab/gitlabhq - - master@gitlab/gitlab-ee - - tags@gitlab-org/gitlab-ce - - tags@gitlab-org/gitlab-ee - - tags@gitlab/gitlabhq - - tags@gitlab/gitlab-ee - # Skip all jobs except the ones that begin with 'docs/'. # Used for commits including ONLY documentation changes. # https://docs.gitlab.com/ce/development/writing_documentation.html#testing @@ -86,8 +79,18 @@ stages: except: - /(^docs[\/-].*|.*-docs$)/ -.rspec-knapsack: &rspec-knapsack +.except-qa: &except-qa + except: + - /(^qa[\/-].*|.*-qa$)/ + +.except-docs-and-qa: &except-docs-and-qa + except: + - /(^docs[\/-].*|.*-docs$)/ + - /(^qa[\/-].*|.*-qa$)/ + +.rspec-metadata: &rspec-metadata <<: *dedicated-runner + <<: *except-docs-and-qa <<: *pull-cache stage: test script: @@ -96,8 +99,14 @@ stages: - export CI_NODE_TOTAL=${JOB_NAME[-1]} - export KNAPSACK_REPORT_PATH=knapsack/${CI_PROJECT_NAME}/${JOB_NAME[0]}_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json - export KNAPSACK_GENERATE_REPORT=true + - export SUITE_FLAKY_RSPEC_REPORT_PATH=${FLAKY_RSPEC_SUITE_REPORT_PATH} + - export FLAKY_RSPEC_REPORT_PATH=rspec_flaky/all_${JOB_NAME[0]}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json + - export NEW_FLAKY_RSPEC_REPORT_PATH=rspec_flaky/new_${JOB_NAME[0]}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json + - export FLAKY_RSPEC_GENERATE_REPORT=true - export CACHE_CLASSES=true - cp ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} ${KNAPSACK_REPORT_PATH} + - '[[ -f $FLAKY_RSPEC_REPORT_PATH ]] || echo "{}" > ${FLAKY_RSPEC_REPORT_PATH}' + - '[[ -f $NEW_FLAKY_RSPEC_REPORT_PATH ]] || echo "{}" > ${NEW_FLAKY_RSPEC_REPORT_PATH}' - scripts/gitaly-test-spawn - knapsack rspec "--color --format documentation" artifacts: @@ -106,21 +115,20 @@ stages: paths: - coverage/ - knapsack/ + - rspec_flaky/ - tmp/capybara/ -.rspec-knapsack-pg: &rspec-knapsack-pg - <<: *rspec-knapsack +.rspec-metadata-pg: &rspec-metadata-pg + <<: *rspec-metadata <<: *use-pg - <<: *except-docs -.rspec-knapsack-mysql: &rspec-knapsack-mysql - <<: *rspec-knapsack +.rspec-metadata-mysql: &rspec-metadata-mysql + <<: *rspec-metadata <<: *use-mysql - <<: *only-if-want-mysql - <<: *except-docs -.spinach-knapsack: &spinach-knapsack +.spinach-metadata: &spinach-metadata <<: *dedicated-runner + <<: *except-docs-and-qa <<: *pull-cache stage: test script: @@ -131,7 +139,8 @@ stages: - export KNAPSACK_GENERATE_REPORT=true - export CACHE_CLASSES=true - cp ${KNAPSACK_SPINACH_SUITE_REPORT_PATH} ${KNAPSACK_REPORT_PATH} - - knapsack spinach "-r rerun" || retry '[[ -e tmp/spinach-rerun.txt ]] && bundle exec spinach -r rerun $(cat tmp/spinach-rerun.txt)' + - scripts/gitaly-test-spawn + - knapsack spinach "-r rerun" -b || retry '[[ -e tmp/spinach-rerun.txt ]] && bundle exec spinach -b -r rerun $(cat tmp/spinach-rerun.txt)' artifacts: expire_in: 31d when: always @@ -140,16 +149,13 @@ stages: - knapsack/ - tmp/capybara/ -.spinach-knapsack-pg: &spinach-knapsack-pg - <<: *spinach-knapsack +.spinach-metadata-pg: &spinach-metadata-pg + <<: *spinach-metadata <<: *use-pg - <<: *except-docs -.spinach-knapsack-mysql: &spinach-knapsack-mysql - <<: *spinach-knapsack +.spinach-metadata-mysql: &spinach-metadata-mysql + <<: *spinach-metadata <<: *use-mysql - <<: *only-if-want-mysql - <<: *except-docs .only-canonical-masters: &only-canonical-masters only: @@ -158,173 +164,264 @@ stages: - master@gitlab/gitlabhq - master@gitlab/gitlab-ee -# Trigger a package build on omnibus-gitlab repository - -build-package: - image: ruby:2.3-alpine +## +# Trigger a package build in omnibus-gitlab repository +# +package-qa: + <<: *dedicated-runner + image: ruby:2.4-alpine before_script: [] - services: [] - variables: - SETUP_DB: "false" - USE_BUNDLE_INSTALL: "false" stage: build cache: {} when: manual script: - - scripts/trigger-build + - scripts/trigger-build-omnibus only: - //@gitlab-org/gitlab-ce - //@gitlab-org/gitlab-ee -# Prepare and merge knapsack tests -knapsack: - <<: *knapsack-state +# Review docs base +.review-docs: &review-docs <<: *dedicated-runner - <<: *except-docs + <<: *except-qa + image: ruby:2.4-alpine + before_script: + - gem install gitlab --no-doc + # We need to download the script rather than clone the repo since the + # review-docs-cleanup job will not be able to run when the branch gets + # deleted (when merging the MR). + - apk add --update openssl + - wget https://gitlab.com/gitlab-org/gitlab-ce/raw/master/scripts/trigger-build-docs + - chmod 755 trigger-build-docs + cache: {} + dependencies: [] + variables: + GIT_STRATEGY: none + when: manual + only: + - branches + +# Trigger a docs build in gitlab-docs +# Useful to preview the docs changes live +review-docs-deploy: + <<: *review-docs + stage: build + environment: + name: review-docs/$CI_COMMIT_REF_NAME + # DOCS_REVIEW_APPS_DOMAIN and DOCS_GITLAB_REPO_SUFFIX are secret variables + # Discussion: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14236/diffs#note_40140693 + url: http://$DOCS_GITLAB_REPO_SUFFIX-$CI_COMMIT_REF_SLUG.$DOCS_REVIEW_APPS_DOMAIN/$DOCS_GITLAB_REPO_SUFFIX + on_stop: review-docs-cleanup + script: + - ./trigger-build-docs deploy + +# Cleanup remote environment of gitlab-docs +review-docs-cleanup: + <<: *review-docs + stage: post-cleanup + environment: + name: review-docs/$CI_COMMIT_REF_NAME + action: stop + script: + - ./trigger-build-docs cleanup + +# Retrieve knapsack and rspec_flaky reports +retrieve-tests-metadata: + <<: *tests-metadata-state + <<: *except-docs-and-qa stage: prepare cache: - key: knapsack - paths: - - knapsack/ + key: tests_metadata policy: pull script: - mkdir -p knapsack/${CI_PROJECT_NAME}/ - - wget -O $KNAPSACK_RSPEC_SUITE_REPORT_PATH http://${KNAPSACK_S3_BUCKET}.s3.amazonaws.com/$KNAPSACK_RSPEC_SUITE_REPORT_PATH || rm $KNAPSACK_RSPEC_SUITE_REPORT_PATH - - wget -O $KNAPSACK_SPINACH_SUITE_REPORT_PATH http://${KNAPSACK_S3_BUCKET}.s3.amazonaws.com/$KNAPSACK_SPINACH_SUITE_REPORT_PATH || rm $KNAPSACK_SPINACH_SUITE_REPORT_PATH + - wget -O $KNAPSACK_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$KNAPSACK_RSPEC_SUITE_REPORT_PATH || rm $KNAPSACK_RSPEC_SUITE_REPORT_PATH + - wget -O $KNAPSACK_SPINACH_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$KNAPSACK_SPINACH_SUITE_REPORT_PATH || rm $KNAPSACK_SPINACH_SUITE_REPORT_PATH - '[[ -f $KNAPSACK_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${KNAPSACK_RSPEC_SUITE_REPORT_PATH}' - '[[ -f $KNAPSACK_SPINACH_SUITE_REPORT_PATH ]] || echo "{}" > ${KNAPSACK_SPINACH_SUITE_REPORT_PATH}' + - mkdir -p rspec_flaky/ + - wget -O $FLAKY_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$FLAKY_RSPEC_SUITE_REPORT_PATH || rm $FLAKY_RSPEC_SUITE_REPORT_PATH + - '[[ -f $FLAKY_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${FLAKY_RSPEC_SUITE_REPORT_PATH}' -update-knapsack: - <<: *knapsack-state - <<: *dedicated-runner +update-tests-metadata: + <<: *tests-metadata-state <<: *only-canonical-masters stage: post-test cache: - key: knapsack + key: tests_metadata paths: - knapsack/ + - rspec_flaky/ policy: push script: - retry gem install fog-aws mime-types - scripts/merge-reports ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/rspec-pg_node_*.json - scripts/merge-reports ${KNAPSACK_SPINACH_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/spinach-pg_node_*.json - - '[[ -z ${KNAPSACK_S3_BUCKET} ]] || scripts/sync-reports put $KNAPSACK_S3_BUCKET $KNAPSACK_RSPEC_SUITE_REPORT_PATH $KNAPSACK_SPINACH_SUITE_REPORT_PATH' + - scripts/merge-reports ${FLAKY_RSPEC_SUITE_REPORT_PATH} rspec_flaky/all_*_*.json + - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $KNAPSACK_RSPEC_SUITE_REPORT_PATH $KNAPSACK_SPINACH_SUITE_REPORT_PATH' + - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $FLAKY_RSPEC_SUITE_REPORT_PATH' - rm -f knapsack/${CI_PROJECT_NAME}/*_node_*.json + - rm -f rspec_flaky/all_*.json rspec_flaky/new_*.json -setup-test-env: - <<: *use-pg +flaky-examples-check: + <<: *dedicated-runner + image: ruby:2.3-alpine + services: [] + before_script: [] + variables: + SETUP_DB: "false" + USE_BUNDLE_INSTALL: "false" + NEW_FLAKY_SPECS_REPORT: rspec_flaky/report-new.json + stage: post-test + allow_failure: true + retry: 0 + only: + - branches + except: + - master + - /(^docs[\/-].*|.*-docs$)/ + - /(^qa[\/-].*|.*-qa$)/ + artifacts: + expire_in: 30d + paths: + - rspec_flaky/ + script: + - '[[ -f $NEW_FLAKY_SPECS_REPORT ]] || echo "{}" > ${NEW_FLAKY_SPECS_REPORT}' + - scripts/merge-reports ${NEW_FLAKY_SPECS_REPORT} rspec_flaky/new_*_*.json + - scripts/detect-new-flaky-examples $NEW_FLAKY_SPECS_REPORT + +compile-assets: <<: *dedicated-runner <<: *except-docs + <<: *use-pg stage: prepare cache: <<: *default-cache script: - node --version - - yarn install --pure-lockfile --cache-folder .yarn-cache - - bundle exec rake gettext:po_to_json + - yarn install --frozen-lockfile --cache-folder .yarn-cache - bundle exec rake gitlab:assets:compile - - bundle exec ruby -Ispec -e 'require "spec_helper" ; TestEnv.init' - - scripts/gitaly-test-build # Do not use 'bundle exec' here artifacts: expire_in: 7d paths: - node_modules - public/assets + +setup-test-env: + <<: *dedicated-runner + <<: *except-docs + <<: *use-pg + stage: prepare + cache: + <<: *default-cache + script: + - bundle exec ruby -Ispec -e 'require "spec_helper" ; TestEnv.init' + - scripts/gitaly-test-build # Do not use 'bundle exec' here + artifacts: + expire_in: 7d + paths: - tmp/tests + - config/secrets.yml -rspec-pg 0 25: *rspec-knapsack-pg -rspec-pg 1 25: *rspec-knapsack-pg -rspec-pg 2 25: *rspec-knapsack-pg -rspec-pg 3 25: *rspec-knapsack-pg -rspec-pg 4 25: *rspec-knapsack-pg -rspec-pg 5 25: *rspec-knapsack-pg -rspec-pg 6 25: *rspec-knapsack-pg -rspec-pg 7 25: *rspec-knapsack-pg -rspec-pg 8 25: *rspec-knapsack-pg -rspec-pg 9 25: *rspec-knapsack-pg -rspec-pg 10 25: *rspec-knapsack-pg -rspec-pg 11 25: *rspec-knapsack-pg -rspec-pg 12 25: *rspec-knapsack-pg -rspec-pg 13 25: *rspec-knapsack-pg -rspec-pg 14 25: *rspec-knapsack-pg -rspec-pg 15 25: *rspec-knapsack-pg -rspec-pg 16 25: *rspec-knapsack-pg -rspec-pg 17 25: *rspec-knapsack-pg -rspec-pg 18 25: *rspec-knapsack-pg -rspec-pg 19 25: *rspec-knapsack-pg -rspec-pg 20 25: *rspec-knapsack-pg -rspec-pg 21 25: *rspec-knapsack-pg -rspec-pg 22 25: *rspec-knapsack-pg -rspec-pg 23 25: *rspec-knapsack-pg -rspec-pg 24 25: *rspec-knapsack-pg +rspec-pg 0 27: *rspec-metadata-pg +rspec-pg 1 27: *rspec-metadata-pg +rspec-pg 2 27: *rspec-metadata-pg +rspec-pg 3 27: *rspec-metadata-pg +rspec-pg 4 27: *rspec-metadata-pg +rspec-pg 5 27: *rspec-metadata-pg +rspec-pg 6 27: *rspec-metadata-pg +rspec-pg 7 27: *rspec-metadata-pg +rspec-pg 8 27: *rspec-metadata-pg +rspec-pg 9 27: *rspec-metadata-pg +rspec-pg 10 27: *rspec-metadata-pg +rspec-pg 11 27: *rspec-metadata-pg +rspec-pg 12 27: *rspec-metadata-pg +rspec-pg 13 27: *rspec-metadata-pg +rspec-pg 14 27: *rspec-metadata-pg +rspec-pg 15 27: *rspec-metadata-pg +rspec-pg 16 27: *rspec-metadata-pg +rspec-pg 17 27: *rspec-metadata-pg +rspec-pg 18 27: *rspec-metadata-pg +rspec-pg 19 27: *rspec-metadata-pg +rspec-pg 20 27: *rspec-metadata-pg +rspec-pg 21 27: *rspec-metadata-pg +rspec-pg 22 27: *rspec-metadata-pg +rspec-pg 23 27: *rspec-metadata-pg +rspec-pg 24 27: *rspec-metadata-pg +rspec-pg 25 27: *rspec-metadata-pg +rspec-pg 26 27: *rspec-metadata-pg -rspec-mysql 0 25: *rspec-knapsack-mysql -rspec-mysql 1 25: *rspec-knapsack-mysql -rspec-mysql 2 25: *rspec-knapsack-mysql -rspec-mysql 3 25: *rspec-knapsack-mysql -rspec-mysql 4 25: *rspec-knapsack-mysql -rspec-mysql 5 25: *rspec-knapsack-mysql -rspec-mysql 6 25: *rspec-knapsack-mysql -rspec-mysql 7 25: *rspec-knapsack-mysql -rspec-mysql 8 25: *rspec-knapsack-mysql -rspec-mysql 9 25: *rspec-knapsack-mysql -rspec-mysql 10 25: *rspec-knapsack-mysql -rspec-mysql 11 25: *rspec-knapsack-mysql -rspec-mysql 12 25: *rspec-knapsack-mysql -rspec-mysql 13 25: *rspec-knapsack-mysql -rspec-mysql 14 25: *rspec-knapsack-mysql -rspec-mysql 15 25: *rspec-knapsack-mysql -rspec-mysql 16 25: *rspec-knapsack-mysql -rspec-mysql 17 25: *rspec-knapsack-mysql -rspec-mysql 18 25: *rspec-knapsack-mysql -rspec-mysql 19 25: *rspec-knapsack-mysql -rspec-mysql 20 25: *rspec-knapsack-mysql -rspec-mysql 21 25: *rspec-knapsack-mysql -rspec-mysql 22 25: *rspec-knapsack-mysql -rspec-mysql 23 25: *rspec-knapsack-mysql -rspec-mysql 24 25: *rspec-knapsack-mysql +rspec-mysql 0 27: *rspec-metadata-mysql +rspec-mysql 1 27: *rspec-metadata-mysql +rspec-mysql 2 27: *rspec-metadata-mysql +rspec-mysql 3 27: *rspec-metadata-mysql +rspec-mysql 4 27: *rspec-metadata-mysql +rspec-mysql 5 27: *rspec-metadata-mysql +rspec-mysql 6 27: *rspec-metadata-mysql +rspec-mysql 7 27: *rspec-metadata-mysql +rspec-mysql 8 27: *rspec-metadata-mysql +rspec-mysql 9 27: *rspec-metadata-mysql +rspec-mysql 10 27: *rspec-metadata-mysql +rspec-mysql 11 27: *rspec-metadata-mysql +rspec-mysql 12 27: *rspec-metadata-mysql +rspec-mysql 13 27: *rspec-metadata-mysql +rspec-mysql 14 27: *rspec-metadata-mysql +rspec-mysql 15 27: *rspec-metadata-mysql +rspec-mysql 16 27: *rspec-metadata-mysql +rspec-mysql 17 27: *rspec-metadata-mysql +rspec-mysql 18 27: *rspec-metadata-mysql +rspec-mysql 19 27: *rspec-metadata-mysql +rspec-mysql 20 27: *rspec-metadata-mysql +rspec-mysql 21 27: *rspec-metadata-mysql +rspec-mysql 22 27: *rspec-metadata-mysql +rspec-mysql 23 27: *rspec-metadata-mysql +rspec-mysql 24 27: *rspec-metadata-mysql +rspec-mysql 25 27: *rspec-metadata-mysql +rspec-mysql 26 27: *rspec-metadata-mysql -spinach-pg 0 5: *spinach-knapsack-pg -spinach-pg 1 5: *spinach-knapsack-pg -spinach-pg 2 5: *spinach-knapsack-pg -spinach-pg 3 5: *spinach-knapsack-pg -spinach-pg 4 5: *spinach-knapsack-pg +spinach-pg 0 3: *spinach-metadata-pg +spinach-pg 1 3: *spinach-metadata-pg +spinach-pg 2 3: *spinach-metadata-pg -spinach-mysql 0 5: *spinach-knapsack-mysql -spinach-mysql 1 5: *spinach-knapsack-mysql -spinach-mysql 2 5: *spinach-knapsack-mysql -spinach-mysql 3 5: *spinach-knapsack-mysql -spinach-mysql 4 5: *spinach-knapsack-mysql +spinach-mysql 0 3: *spinach-metadata-mysql +spinach-mysql 1 3: *spinach-metadata-mysql +spinach-mysql 2 3: *spinach-metadata-mysql # Static analysis jobs .ruby-static-analysis: &ruby-static-analysis - <<: *pull-cache variables: SIMPLECOV: "false" SETUP_DB: "false" .rake-exec: &rake-exec - <<: *ruby-static-analysis <<: *dedicated-runner - <<: *except-docs + <<: *except-docs-and-qa <<: *pull-cache + <<: *ruby-static-analysis stage: test script: - bundle exec rake $CI_JOB_NAME static-analysis: - <<: *ruby-static-analysis <<: *dedicated-runner <<: *except-docs + <<: *ruby-static-analysis stage: test script: - scripts/static-analysis + cache: + key: "ruby-2.3.6-with-yarn-and-rubocop" + paths: + - vendor/ruby + - .yarn-cache/ + - tmp/rubocop_cache # Documentation checks: # - Check validity of relative links # - Make sure cURL examples in API docs use the full switches docs lint: <<: *dedicated-runner + <<: *except-qa image: "registry.gitlab.com/gitlab-org/gitlab-build-images:nanoc-bootstrap-ruby-2.4-alpine" stage: test cache: {} @@ -332,6 +429,7 @@ docs lint: before_script: [] script: - scripts/lint-doc.sh + - scripts/lint-changelog-yaml - mv doc/ /nanoc/content/ - cd /nanoc # Build HTML from Markdown @@ -346,23 +444,21 @@ downtime_check: - tags - /^[\d-]+-stable(-ee)?$/ - /(^docs[\/-].*|.*-docs$)/ + - /(^qa[\/-].*|.*-qa$)/ ee_compat_check: <<: *rake-exec - only: - - branches@gitlab-org/gitlab-ce except: - master - tags - /^[\d-]+-stable(-ee)?/ - allow_failure: yes - cache: - key: "ee_compat_check_repo" - paths: - - ee_compat_check/ee-repo/ + - /^security-/ + - branches@gitlab-org/gitlab-ee + - branches@gitlab/gitlab-ee + retry: 0 artifacts: name: "${CI_JOB_NAME}_${CI_COMIT_REF_NAME}_${CI_COMMIT_SHA}" - when: on_failure + when: always expire_in: 10d paths: - ee_compat_check/patches/*.patch @@ -370,7 +466,7 @@ ee_compat_check: # DB migration, rollback, and seed jobs .db-migrate-reset: &db-migrate-reset <<: *dedicated-runner - <<: *except-docs + <<: *except-docs-and-qa <<: *pull-cache stage: test script: @@ -384,15 +480,22 @@ db:migrate:reset-mysql: <<: *db-migrate-reset <<: *use-mysql +db:check-schema-pg: + <<: *db-migrate-reset + <<: *use-pg + script: + - source scripts/schema_changed.sh + .migration-paths: &migration-paths <<: *dedicated-runner - <<: *only-canonical-masters + <<: *except-docs-and-qa <<: *pull-cache stage: test variables: SETUP_DB: "false" + CREATE_DB_USER: "true" script: - - git fetch origin v8.14.10 + - git fetch https://gitlab.com/gitlab-org/gitlab-ce.git v9.3.0 - git checkout -f FETCH_HEAD - bundle install $BUNDLE_INSTALL_FLAGS - cp config/gitlab.yml.example config/gitlab.yml @@ -412,11 +515,11 @@ migration:path-mysql: .db-rollback: &db-rollback <<: *dedicated-runner - <<: *except-docs + <<: *except-docs-and-qa <<: *pull-cache stage: test script: - - bundle exec rake db:rollback STEP=120 + - bundle exec rake db:rollback STEP=119 - bundle exec rake db:migrate db:rollback-pg: @@ -427,34 +530,39 @@ db:rollback-mysql: <<: *db-rollback <<: *use-mysql -.db-seed_fu: &db-seed_fu +.gitlab-setup: &gitlab-setup <<: *dedicated-runner - <<: *except-docs + <<: *except-docs-and-qa <<: *pull-cache stage: test variables: SIZE: "1" + SETUP_DB: "false" + CREATE_DB_USER: "true" + FIXTURE_PATH: db/fixtures/development script: - - cp -R db/fixtures/development db/fixtures/test - - bundle exec rake db:seed_fu + - git clone https://gitlab.com/gitlab-org/gitlab-test.git + /home/git/repositories/gitlab-org/gitlab-test.git + - scripts/gitaly-test-spawn + - force=yes bundle exec rake gitlab:setup artifacts: when: on_failure expire_in: 1d paths: - log/development.log -db:seed_fu-pg: - <<: *db-seed_fu +gitlab:setup-pg: + <<: *gitlab-setup <<: *use-pg -db:seed_fu-mysql: - <<: *db-seed_fu +gitlab:setup-mysql: + <<: *gitlab-setup <<: *use-mysql # Frontend-related jobs gitlab:assets:compile: <<: *dedicated-runner - <<: *except-docs + <<: *except-docs-and-qa <<: *pull-cache stage: test dependencies: [] @@ -462,13 +570,11 @@ gitlab:assets:compile: NODE_ENV: "production" RAILS_ENV: "production" SETUP_DB: "false" - USE_DB: "false" SKIP_STORAGE_VALIDATION: "true" WEBPACK_REPORT: "true" NO_COMPRESSION: "true" script: - - yarn install --pure-lockfile --production --cache-folder .yarn-cache - - bundle exec rake gettext:po_to_json + - yarn install --frozen-lockfile --production --cache-folder .yarn-cache - bundle exec rake gitlab:assets:compile artifacts: name: webpack-report @@ -477,11 +583,10 @@ gitlab:assets:compile: - webpack-report/ karma: - <<: *use-pg <<: *dedicated-runner - <<: *except-docs + <<: *except-docs-and-qa <<: *pull-cache - image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.3-golang-1.8-git-2.7-chrome-59.0-node-7.1-postgresql-9.6" + <<: *use-pg stage: test variables: BABEL_ENV: "coverage" @@ -499,7 +604,7 @@ karma: - chrome_debug.log - coverage-javascript/ -codeclimate: +codequality: <<: *except-docs <<: *pull-cache before_script: [] @@ -511,14 +616,52 @@ codeclimate: services: - docker:dind script: - - docker run --env CODECLIMATE_CODE="$PWD" --volume "$PWD":/code --volume /var/run/docker.sock:/var/run/docker.sock --volume /tmp/cc:/tmp/cc codeclimate/codeclimate analyze -f json > raw_codeclimate.json + - cp .rubocop.yml .rubocop.yml.bak + - grep -v "rubocop-gitlab-security" .rubocop.yml.bak > .rubocop.yml + - docker run --env CODECLIMATE_CODE="$PWD" --volume "$PWD":/code --volume /var/run/docker.sock:/var/run/docker.sock --volume /tmp/cc:/tmp/cc dev.gitlab.org:5005/gitlab/gitlab-build-images:gitlab-codeclimate-v2 analyze -f json > raw_codeclimate.json - cat raw_codeclimate.json | docker run -i stedolan/jq -c 'map({check_name,fingerprint,location})' > codeclimate.json + - mv .rubocop.yml.bak .rubocop.yml artifacts: paths: [codeclimate.json] -coverage: +sast: + <<: *except-docs + image: registry.gitlab.com/gitlab-org/gl-sast:latest + variables: + CONFIDENCE_LEVEL: 2 + before_script: [] + script: + - /app/bin/run . + artifacts: + paths: [gl-sast-report.json] + +qa:internal: <<: *dedicated-runner <<: *except-docs + stage: test + variables: + SETUP_DB: "false" + services: [] + script: + - cd qa/ + - bundle install + - bundle exec rspec + +qa:selectors: + <<: *dedicated-runner + <<: *except-docs + stage: test + variables: + SETUP_DB: "false" + services: [] + script: + - cd qa/ + - bundle install + - bundle exec bin/qa Test::Sanity::Selectors + +coverage: + <<: *dedicated-runner + <<: *except-docs-and-qa <<: *pull-cache stage: post-test services: [] @@ -537,10 +680,11 @@ coverage: lint:javascript:report: <<: *dedicated-runner - <<: *except-docs + <<: *except-docs-and-qa <<: *pull-cache stage: post-test dependencies: + - compile-assets - setup-test-env before_script: [] script: @@ -581,8 +725,6 @@ pages: cache gems: <<: *dedicated-runner <<: *pull-cache - only: - - tags variables: SETUP_DB: "false" script: @@ -593,11 +735,14 @@ cache gems: only: - master@gitlab-org/gitlab-ce - master@gitlab-org/gitlab-ee + - tags gitlab_git_test: - <<: *pull-cache - <<: *except-docs + <<: *dedicated-runner + <<: *except-docs-and-qa variables: SETUP_DB: "false" + before_script: [] + cache: {} script: - spec/support/prepare-gitlab-git-test-for-commit --check-for-changes diff --git a/.gitlab/issue_templates/Feature Proposal.md b/.gitlab/issue_templates/Feature Proposal.md index 1278061a41..5b55eb1374 100644 --- a/.gitlab/issue_templates/Feature Proposal.md +++ b/.gitlab/issue_templates/Feature Proposal.md @@ -1,22 +1,3 @@ -Please read this! - -Before opening a new issue, make sure to search for keywords in the issues -filtered by the "feature proposal" label: - -For the Community Edition issue tracker: - -- https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name%5B%5D=feature+proposal - -For the Enterprise Edition issue tracker: - -- https://gitlab.com/gitlab-org/gitlab-ee/issues?label_name%5B%5D=feature+proposal - -and verify the issue you're about to submit isn't a duplicate. - -Please remove this notice if you're confident your issue isn't a duplicate. - ------- - ### Description (Include problem, use cases, benefits, and/or goals) @@ -25,26 +6,4 @@ Please remove this notice if you're confident your issue isn't a duplicate. ### Links / references -### Documentation blurb - -#### Overview - -What is it? -Why should someone use this feature? -What is the underlying (business) problem? -How do you use this feature? - -#### Use cases - -Who is this for? Provide one or more use cases. - -### Feature checklist - -Make sure these are completed before closing the issue, -with a link to the relevant commit. - -- [ ] [Feature assurance](https://about.gitlab.com/handbook/product/#feature-assurance) -- [ ] Documentation -- [ ] Added to [features.yml](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/features.yml) - -/label ~"feature proposal" \ No newline at end of file +/label ~"feature proposal" diff --git a/.gitlab/merge_request_templates/Database Changes.md b/.gitlab/merge_request_templates/Database Changes.md new file mode 100644 index 0000000000..8302b3b30c --- /dev/null +++ b/.gitlab/merge_request_templates/Database Changes.md @@ -0,0 +1,45 @@ +Add a description of your merge request here. Merge requests without an adequate +description will not be reviewed until one is added. + +## Database Checklist + +When adding migrations: + +- [ ] Updated `db/schema.rb` +- [ ] Added a `down` method so the migration can be reverted +- [ ] Added the output of the migration(s) to the MR body +- [ ] Added tests for the migration in `spec/migrations` if necessary (e.g. when migrating data) + +When adding or modifying queries to improve performance: + +- [ ] Included data that shows the performance improvement, preferably in the form of a benchmark +- [ ] Included the output of `EXPLAIN (ANALYZE, BUFFERS)` of the relevant queries + +When adding foreign keys to existing tables: + +- [ ] Included a migration to remove orphaned rows in the source table before adding the foreign key +- [ ] Removed any instances of `dependent: ...` that may no longer be necessary + +When adding tables: + +- [ ] Ordered columns based on the [Ordering Table Columns](https://docs.gitlab.com/ee/development/ordering_table_columns.html#ordering-table-columns) guidelines +- [ ] Added foreign keys to any columns pointing to data in other tables +- [ ] Added indexes for fields that are used in statements such as WHERE, ORDER BY, GROUP BY, and JOINs + +When removing columns, tables, indexes or other structures: + +- [ ] Removed these in a post-deployment migration +- [ ] Made sure the application no longer uses (or ignores) these structures + +## General Checklist + +- [ ] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added, if necessary +- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) +- [ ] API support added +- [ ] Tests added for this feature/bug +- Review + - [ ] Has been reviewed by Backend + - [ ] Has been reviewed by Database +- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) +- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) +- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) diff --git a/.gitlab/merge_request_templates/Documentation.md b/.gitlab/merge_request_templates/Documentation.md index 9b541aadad..102eb7e795 100644 --- a/.gitlab/merge_request_templates/Documentation.md +++ b/.gitlab/merge_request_templates/Documentation.md @@ -11,4 +11,6 @@ See the guidelines: http://docs.gitlab.com/ce/development/doc_styleguide.html#ch - [ ] Make sure the old link is not removed and has its contents replaced with a link to the new location. - [ ] Make sure internal links pointing to the document in question are not broken. - [ ] Search and replace any links referring to old docs in GitLab Rails app, specifically under the `app/views/` directory. +- [ ] Make sure to add [`redirect_from`](https://docs.gitlab.com/ee/development/doc_styleguide.html#redirections-for-pages-with-disqus-comments) to the new document if there are any Disqus comments on the old document thread. - [ ] If working on CE, submit an MR to EE with the changes as well. +- [ ] Ping one of the technical writers for review. diff --git a/.gitlab/route-map.yml b/.gitlab/route-map.yml new file mode 100644 index 0000000000..0b37dc68f8 --- /dev/null +++ b/.gitlab/route-map.yml @@ -0,0 +1,3 @@ +# Documentation +- source: /doc/(.+?)\.md/ # doc/administration/build_artifacts.md + public: '\1.html' # doc/administration/build_artifacts.html diff --git a/.nvmrc b/.nvmrc index 72906051c5..f7ee06693c 100644 --- a/.nvmrc +++ b/.nvmrc @@ -1 +1 @@ -7.5 \ No newline at end of file +9.0.0 diff --git a/.rubocop.yml b/.rubocop.yml index a5ccec0437..563a00db6c 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,1158 +1,35 @@ -require: - - rubocop-rspec - - ./rubocop/rubocop +inherit_gem: + gitlab-styles: + - rubocop-default.yml inherit_from: .rubocop_todo.yml +require: ./rubocop/rubocop AllCops: - TargetRubyVersion: 2.3 TargetRailsVersion: 4.2 - # Cop names are not d§splayed in offense messages by default. Change behavior - # by overriding DisplayCopNames, or by giving the -D/--display-cop-names - # option. - DisplayCopNames: true - # Style guide URLs are not displayed in offense messages by default. Change - # behavior by overriding DisplayStyleGuide, or by giving the - # -S/--display-style-guide option. - DisplayStyleGuide: false - # Exclude some GitLab files Exclude: - 'vendor/**/*' - 'node_modules/**/*' - 'db/*' - 'db/fixtures/**/*' + - 'db/geo/*' - 'tmp/**/*' - 'bin/**/*' - 'generator_templates/**/*' - 'builds/**/*' + CacheRootDirectory: tmp -# Gems in consecutive lines should be alphabetically sorted -Bundler/OrderedGems: - Enabled: false +# Gitlab ################################################################### -# Layout ###################################################################### - -# Check indentation of private/protected visibility modifiers. -Layout/AccessModifierIndentation: - Enabled: true - -# Align the elements of an array literal if they span more than one line. -Layout/AlignArray: - Enabled: true - -# Align the elements of a hash literal if they span more than one line. -Layout/AlignHash: - Enabled: true - -# Here we check if the parameters on a multi-line method call or -# definition are aligned. -Layout/AlignParameters: - Enabled: false - -# Put end statement of multiline block on its own line. -Layout/BlockEndNewline: - Enabled: true - -# Indentation of when in a case/when/[else/]end. -Layout/CaseIndentation: - Enabled: true - -# Indentation of comments. -Layout/CommentIndentation: - Enabled: true - -# Multi-line method chaining should be done with leading dots. -Layout/DotPosition: - Enabled: true - EnforcedStyle: leading - -# Align elses and elsifs correctly. -Layout/ElseAlignment: - Enabled: true - -# Add an empty line after magic comments to separate them from code. -Layout/EmptyLineAfterMagicComment: - Enabled: false - -# Use empty lines between defs. -Layout/EmptyLineBetweenDefs: - Enabled: true - -# Don't use several empty lines in a row. -Layout/EmptyLines: - Enabled: true - -# Keep blank lines around access modifiers. -Layout/EmptyLinesAroundAccessModifier: - Enabled: true - -# Keeps track of empty lines around block bodies. -Layout/EmptyLinesAroundBlockBody: - Enabled: true - -# Keeps track of empty lines around class bodies. -Layout/EmptyLinesAroundClassBody: - Enabled: true - -# Keeps track of empty lines around exception handling keywords. -Layout/EmptyLinesAroundExceptionHandlingKeywords: - Enabled: false - -# Keeps track of empty lines around method bodies. -Layout/EmptyLinesAroundMethodBody: - Enabled: true - -# Keeps track of empty lines around module bodies. -Layout/EmptyLinesAroundModuleBody: - Enabled: true - -# Use Unix-style line endings. -Layout/EndOfLine: - Enabled: true - -# Checks for a line break before the first parameter in a multi-line method -# parameter definition. -Layout/FirstMethodParameterLineBreak: - Enabled: true - -# Keep indentation straight. -Layout/IndentationConsistency: - Enabled: true - -# Use 2 spaces for indentation. -Layout/IndentationWidth: - Enabled: true - -# Checks the indentation of the first line of the right-hand-side of a -# multi-line assignment. -Layout/IndentAssignment: - Enabled: true - -# This cops checks the indentation of the here document bodies. -Layout/IndentHeredoc: - Enabled: false - -# Comments should start with a space. -Layout/LeadingCommentSpace: - Enabled: true - -# Checks that the closing brace in an array literal is either on the same line -# as the last array element, or a new line. -Layout/MultilineArrayBraceLayout: - Enabled: true - EnforcedStyle: symmetrical - -# Ensures newlines after multiline block do statements. -Layout/MultilineBlockLayout: - Enabled: true - -# Checks that the closing brace in a hash literal is either on the same line as -# the last hash element, or a new line. -Layout/MultilineHashBraceLayout: - Enabled: true - EnforcedStyle: symmetrical - -# Checks that the closing brace in a method call is either on the same line as -# the last method argument, or a new line. -Layout/MultilineMethodCallBraceLayout: - Enabled: false - EnforcedStyle: symmetrical - -# Checks indentation of method calls with the dot operator that span more than -# one line. -Layout/MultilineMethodCallIndentation: - Enabled: false - -# Checks that the closing brace in a method definition is symmetrical with -# respect to the opening brace and the method parameters. -Layout/MultilineMethodDefinitionBraceLayout: - Enabled: false - -# Checks indentation of binary operations that span more than one line. -Layout/MultilineOperationIndentation: - Enabled: true - EnforcedStyle: indented - -# Use spaces after colons. -Layout/SpaceAfterColon: - Enabled: true - -# Use spaces after commas. -Layout/SpaceAfterComma: - Enabled: true - -# Do not put a space between a method name and the opening parenthesis in a -# method definition. -Layout/SpaceAfterMethodName: - Enabled: true - -# Tracks redundant space after the ! operator. -Layout/SpaceAfterNot: - Enabled: true - -# Use spaces after semicolons. -Layout/SpaceAfterSemicolon: - Enabled: true - -# Use space around equals in parameter default -Layout/SpaceAroundEqualsInParameterDefault: - Enabled: true - -# Use a space around keywords if appropriate. -Layout/SpaceAroundKeyword: - Enabled: true - -# Use a single space around operators. -Layout/SpaceAroundOperators: - Enabled: true - -# No spaces before commas. -Layout/SpaceBeforeComma: - Enabled: true - -# Checks for missing space between code and a comment on the same line. -Layout/SpaceBeforeComment: - Enabled: true - -# No spaces before semicolons. -Layout/SpaceBeforeSemicolon: - Enabled: true - -# Checks for spaces inside square brackets. -Layout/SpaceInsideBrackets: - Enabled: true - -# Use spaces inside hash literal braces - or don't. -Layout/SpaceInsideHashLiteralBraces: - Enabled: true - -# No spaces inside range literals. -Layout/SpaceInsideRangeLiteral: - Enabled: true - -# Checks for padding/surrounding spaces inside string interpolation. -Layout/SpaceInsideStringInterpolation: - EnforcedStyle: no_space - Enabled: true - -# No hard tabs. -Layout/Tab: - Enabled: true - -# Checks trailing blank lines and final newline. -Layout/TrailingBlankLines: - Enabled: true - -# Style ####################################################################### - -# Check the naming of accessor methods for get_/set_. -Style/AccessorMethodName: - Enabled: false - -# Use alias_method instead of alias. -Style/Alias: - EnforcedStyle: prefer_alias_method - Enabled: true - -# Whether `and` and `or` are banned only in conditionals (conditionals) -# or completely (always). -Style/AndOr: - Enabled: true - -# Use `Array#join` instead of `Array#*`. -Style/ArrayJoin: - Enabled: true - -# Use only ascii symbols in comments. -Style/AsciiComments: - Enabled: true - -# Use only ascii symbols in identifiers. -Style/AsciiIdentifiers: - Enabled: true - -# Checks for uses of Module#attr. -Style/Attr: - Enabled: true - -# Avoid the use of BEGIN blocks. -Style/BeginBlock: - Enabled: true - -# Do not use block comments. -Style/BlockComments: - Enabled: true - -# Avoid using {...} for multi-line blocks (multiline chaining is # always -# ugly). Prefer {...} over do...end for single-line blocks. -Style/BlockDelimiters: - Enabled: true - - # This cop checks for braces around the last parameter in a method call -# if the last parameter is a hash. -Style/BracesAroundHashParameters: - Enabled: false - -# This cop checks for uses of the case equality operator(===). -Style/CaseEquality: - Enabled: false - -# Checks for uses of character literals. -Style/CharacterLiteral: - Enabled: true - -# Use CamelCase for classes and modules.' -Style/ClassAndModuleCamelCase: - Enabled: true - -# Checks style of children classes and modules. -Style/ClassAndModuleChildren: - Enabled: false - -# Enforces consistent use of `Object#is_a?` or `Object#kind_of?`. -Style/ClassCheck: - Enabled: true - -# Use self when defining module/class methods. -Style/ClassMethods: - Enabled: true - -# Avoid the use of class variables. -Style/ClassVars: - Enabled: true - -# This cop checks for methods invoked via the :: operator instead -# of the . operator (like FileUtils::rmdir instead of FileUtils.rmdir). -Style/ColonMethodCall: - Enabled: true - -# This cop checks that comment annotation keywords are written according -# to guidelines. -Style/CommentAnnotation: - Enabled: false - -# Check for `if` and `case` statements where each branch is used for -# assignment to the same variable when using the return of the -# condition can be used instead. -Style/ConditionalAssignment: - Enabled: true - -# Constants should use SCREAMING_SNAKE_CASE. -Style/ConstantName: - Enabled: true - -# Use def with parentheses when there are arguments. -Style/DefWithParentheses: - Enabled: true - -# Document classes and non-namespace modules. -Style/Documentation: - Enabled: false - -# This cop checks for uses of double negation (!!) to convert something -# to a boolean value. As this is both cryptic and usually redundant, it -# should be avoided. -Style/DoubleNegation: - Enabled: false - -# Avoid the use of END blocks. -Style/EndBlock: - Enabled: true - -# Favor the use of Fixnum#even? && Fixnum#odd? -Style/EvenOdd: - Enabled: true - -# Use snake_case for source file names. -Style/FileName: - Enabled: true - -# Checks for flip flops. -Style/FlipFlop: - Enabled: true - -# Checks use of for or each in multiline loops. -Style/For: - Enabled: true - -# Use a consistent style for format string tokens. -Style/FormatStringToken: - Enabled: false - -# Checks if there is a magic comment to enforce string literals -Style/FrozenStringLiteralComment: - Enabled: false - -# Do not introduce global variables. -Style/GlobalVars: - Enabled: true +Gitlab/ModuleWithInstanceVariables: + Enable: true Exclude: - - 'lib/backup/**/*' - - 'lib/tasks/**/*' - -# Prefer Ruby 1.9 hash syntax `{ a: 1, b: 2 }` -# over 1.8 syntax `{ :a => 1, :b => 2 }`. -Style/HashSyntax: - Enabled: true - -# Checks that conditional statements do not have an identical line at the -# end of each branch, which can validly be moved out of the conditional. -Style/IdenticalConditionalBranches: - Enabled: true - -# Do not use if x; .... Use the ternary operator instead. -Style/IfWithSemicolon: - Enabled: true - -# Use Kernel#loop for infinite loops. -Style/InfiniteLoop: - Enabled: true - -# Use the inverse method instead of `!.method` -# if an inverse method is defined. -Style/InverseMethods: - Enabled: false - -# Use lambda.call(...) instead of lambda.(...). -Style/LambdaCall: - Enabled: true - -# Checks if the method definitions have or don't have parentheses. -Style/MethodDefParentheses: - Enabled: true - -# Use the configured style when naming methods. -Style/MethodName: - Enabled: true - -# Checks for usage of `extend self` in modules. -Style/ModuleFunction: - Enabled: false - -# Avoid multi-line chains of blocks. -Style/MultilineBlockChain: - Enabled: true - -# Do not use then for multi-line if/unless. -Style/MultilineIfThen: - Enabled: true - -# Avoid multi-line `? :` (the ternary operator), use if/unless instead. -Style/MultilineTernaryOperator: - Enabled: true - -# Avoid comparing a variable with multiple items in a conditional, -# use Array#include? instead. -Style/MultipleComparison: - Enabled: false - -# This cop checks whether some constant value isn't a -# mutable literal (e.g. array or hash). -Style/MutableConstant: - Enabled: true - Exclude: - - 'db/migrate/**/*' - - 'db/post_migrate/**/*' - -# Favor unless over if for negative conditions (or control flow or). -Style/NegatedIf: - Enabled: true - -# Avoid using nested modifiers. -Style/NestedModifier: - Enabled: true - -# Use one expression per branch in a ternary operator. -Style/NestedTernaryOperator: - Enabled: true - -# Prefer x.nil? to x == nil. -Style/NilComparison: - Enabled: true - -# Checks for redundant nil checks. -Style/NonNilCheck: - Enabled: true - -# Use ! instead of not. -Style/Not: - Enabled: true - -# Add underscores to large numeric literals to improve their readability. -Style/NumericLiterals: - Enabled: false - -# Favor the ternary operator(?:) over if/then/else/end constructs. -Style/OneLineConditional: - Enabled: true - -# When defining binary operators, name the argument other. -Style/OpMethod: - Enabled: true - -# Don't use parentheses around the condition of an if/unless/while. -Style/ParenthesesAroundCondition: - Enabled: true - -# This cop (by default) checks for uses of methods Hash#has_key? and -# Hash#has_value? where it enforces Hash#key? and Hash#value? -# It is configurable to enforce the inverse, using `verbose` method -# names also. -# Configuration parameters: EnforcedStyle, SupportedStyles. -# SupportedStyles: short, verbose -Style/PreferredHashMethods: - Enabled: false - -# Checks for an obsolete RuntimeException argument in raise/fail. -Style/RedundantException: - Enabled: true - -# Checks for parentheses that seem not to serve any purpose. -Style/RedundantParentheses: - Enabled: true - -# Don't use semicolons to terminate expressions. -Style/Semicolon: - Enabled: true - -# Checks for proper usage of fail and raise. -Style/SignalException: - EnforcedStyle: only_raise - Enabled: true - -# Check for the usage of parentheses around stabby lambda arguments. -Style/StabbyLambdaParentheses: - EnforcedStyle: require_parentheses - Enabled: true - -# Checks if uses of quotes match the configured preference. -Style/StringLiterals: - Enabled: false - -# Checks if configured preferred methods are used over non-preferred. -Style/StringMethods: - PreferredMethods: - intern: to_sym - Enabled: true - -# Use %i or %I for arrays of symbols. -Style/SymbolArray: - Enabled: false - -# This cop checks for trailing comma in array and hash literals. -Style/TrailingCommaInLiteral: - Enabled: true - EnforcedStyleForMultiline: no_comma - -# This cop checks for trailing comma in argument lists. -Style/TrailingCommaInArguments: - Enabled: true - EnforcedStyleForMultiline: no_comma - -# Checks for %W when interpolation is not needed. -Style/UnneededCapitalW: - Enabled: true - -# Checks for %q/%Q when single quotes or double quotes would do. -Style/UnneededPercentQ: - Enabled: false - -# Don't interpolate global, instance and class variables directly in strings. -Style/VariableInterpolation: - Enabled: true - -# Use the configured style when naming variables. -Style/VariableName: - EnforcedStyle: snake_case - Enabled: true - -# Use the configured style when numbering variables. -Style/VariableNumber: - Enabled: false - -# Use when x then ... for one-line cases. -Style/WhenThen: - Enabled: true - -# Checks for redundant do after while or until. -Style/WhileUntilDo: - Enabled: true - -# Favor modifier while/until usage when you have a single-line body. -Style/WhileUntilModifier: - Enabled: true - -# Use %w or %W for arrays of words. -Style/WordArray: - Enabled: true - -# Do not use literals as the first operand of a comparison. -Style/YodaCondition: - Enabled: false - -# Use `proc` instead of `Proc.new`. -Style/Proc: - Enabled: true - -# Metrics ##################################################################### - -# A calculated magnitude based on number of assignments, -# branches, and conditions. -Metrics/AbcSize: - Enabled: true - Max: 56.96 - -# This cop checks if the length of a block exceeds some maximum value. -Metrics/BlockLength: - Enabled: false - -# Avoid excessive block nesting. -Metrics/BlockNesting: - Enabled: true - Max: 4 - -# Avoid classes longer than 100 lines of code. -Metrics/ClassLength: - Enabled: false - -# A complexity metric that is strongly correlated to the number -# of test cases needed to validate a method. -Metrics/CyclomaticComplexity: - Enabled: true - Max: 16 - -# Limit lines to 80 characters. -Metrics/LineLength: - Enabled: false - -# Avoid methods longer than 10 lines of code. -Metrics/MethodLength: - Enabled: false - -# Avoid modules longer than 100 lines of code. -Metrics/ModuleLength: - Enabled: false - -# Avoid parameter lists longer than three or four parameters. -Metrics/ParameterLists: - Enabled: true - Max: 8 - -# A complexity metric geared towards measuring complexity for a human reader. -Metrics/PerceivedComplexity: - Enabled: true - Max: 18 - -# Lint ######################################################################## - -# Checks for ambiguous block association with method when param passed without -# parentheses. -Lint/AmbiguousBlockAssociation: - Enabled: false - -# Checks for ambiguous operators in the first argument of a method invocation -# without parentheses. -Lint/AmbiguousOperator: - Enabled: true - -# This cop checks for ambiguous regexp literals in the first argument of -# a method invocation without parentheses. -Lint/AmbiguousRegexpLiteral: - Enabled: false - -# This cop checks for assignments in the conditions of -# if/while/until. -Lint/AssignmentInCondition: - Enabled: false - -# Align block ends correctly. -Lint/BlockAlignment: - Enabled: true - -# Default values in optional keyword arguments and optional ordinal arguments -# should not refer back to the name of the argument. -Lint/CircularArgumentReference: - Enabled: true - -# Checks for condition placed in a confusing position relative to the keyword. -Lint/ConditionPosition: - Enabled: true - -# Check for debugger calls. -Lint/Debugger: - Enabled: true - -# Align ends corresponding to defs correctly. -Lint/DefEndAlignment: - Enabled: true - -# Check for deprecated class method calls. -Lint/DeprecatedClassMethods: - Enabled: true - -# Check for immutable argument given to each_with_object. -Lint/EachWithObjectArgument: - Enabled: true - -# Check for odd code arrangement in an else block. -Lint/ElseLayout: - Enabled: true - -# Checks for empty ensure block. -Lint/EmptyEnsure: - Enabled: true - -# Checks for the presence of `when` branches without a body. -Lint/EmptyWhen: - Enabled: true - -# Align ends correctly. -Lint/EndAlignment: - Enabled: true - -# END blocks should not be placed inside method definitions. -Lint/EndInMethod: - Enabled: true - -# Do not use return in an ensure block. -Lint/EnsureReturn: - Enabled: true - -# Catches floating-point literals too large or small for Ruby to represent. -Lint/FloatOutOfRange: - Enabled: true - -# The number of parameters to format/sprint must match the fields. -Lint/FormatParameterMismatch: - Enabled: true - -# This cop checks for *rescue* blocks with no body. -Lint/HandleExceptions: - Enabled: false - -# Checks for adjacent string literals on the same line, which could better be -# represented as a single string literal. -Lint/ImplicitStringConcatenation: - Enabled: true - -# Checks for attempts to use `private` or `protected` to set the visibility -# of a class method, which does not work. -Lint/IneffectiveAccessModifier: - Enabled: false - -# Checks for invalid character literals with a non-escaped whitespace -# character. -Lint/InvalidCharacterLiteral: - Enabled: true - -# Checks of literals used in conditions. -Lint/LiteralInCondition: - Enabled: true - -# Checks for literals used in interpolation. -Lint/LiteralInInterpolation: - Enabled: true - -# This cop checks for uses of *begin...end while/until something*. -Lint/Loop: - Enabled: false - -# Do not use nested method definitions. -Lint/NestedMethodDefinition: - Enabled: true - -# Do not omit the accumulator when calling `next` in a `reduce`/`inject` block. -Lint/NextWithoutAccumulator: - Enabled: true - -# Checks for method calls with a space before the opening parenthesis. -Lint/ParenthesesAsGroupedExpression: - Enabled: true - -# Checks for `rand(1)` calls. Such calls always return `0` and most likely -# a mistake. -Lint/RandOne: - Enabled: true - -# Use parentheses in the method call to avoid confusion about precedence. -Lint/RequireParentheses: - Enabled: true - -# Avoid rescuing the Exception class. -Lint/RescueException: - Enabled: true - -# Checks for the order which exceptions are rescued to avoid rescueing a less specific exception before a more specific exception. -Lint/ShadowedException: - Enabled: false - -# This cop looks for use of the same name as outer local variables -# for block arguments or block local variables. -Lint/ShadowingOuterLocalVariable: - Enabled: false - -# Checks for Object#to_s usage in string interpolation. -Lint/StringConversionInInterpolation: - Enabled: true - -# Do not use prefix `_` for a variable that is used. -Lint/UnderscorePrefixedVariableName: - Enabled: true - -# This cop checks for using Fixnum or Bignum constant -Lint/UnifiedInteger: - Enabled: true - -# Checks for rubocop:disable comments that can be removed. -# Note: this cop is not disabled when disabling all cops. -# It must be explicitly disabled. -Lint/UnneededDisable: - Enabled: false - -# This cop checks for unneeded usages of splat expansion -Lint/UnneededSplatExpansion: - Enabled: false - -# Unreachable code. -Lint/UnreachableCode: - Enabled: true - -# This cop checks for unused block arguments. -Lint/UnusedBlockArgument: - Enabled: false - -# This cop checks for unused method arguments. -Lint/UnusedMethodArgument: - Enabled: false - -# Checks for useless access modifiers. -Lint/UselessAccessModifier: - Enabled: true - -# Checks for useless assignment to a local variable. -Lint/UselessAssignment: - Enabled: true - -# Checks for comparison of something with itself. -Lint/UselessComparison: - Enabled: true - -# Checks for useless `else` in `begin..end` without `rescue`. -Lint/UselessElseWithoutRescue: - Enabled: true - -# Checks for useless setter call to a local variable. -Lint/UselessSetterCall: - Enabled: true - -# Possible use of operator/literal/variable in void context. -Lint/Void: - Enabled: true - -# Performance ################################################################# - -# Use `caller(n..n)` instead of `caller`. -Performance/Caller: - Enabled: false - -# Use `casecmp` rather than `downcase ==`. -Performance/Casecmp: - Enabled: true - -# Use `str.{start,end}_with?(x, ..., y, ...)` instead of -# `str.{start,end}_with?(x, ...) || str.{start,end}_with?(y, ...)`. -Performance/DoubleStartEndWith: - Enabled: true - -# Use `strip` instead of `lstrip.rstrip`. -Performance/LstripRstrip: - Enabled: true - -# Use `Range#cover?` instead of `Range#include?`. -Performance/RangeInclude: - Enabled: true - -# This cop identifies the use of a `&block` parameter and `block.call` -# where `yield` would do just as well. -Performance/RedundantBlockCall: - Enabled: true - -# This cop identifies use of `Regexp#match` or `String#match in a context -# where the integral return value of `=~` would do just as well. -Performance/RedundantMatch: - Enabled: true - -# This cop identifies places where `Hash#merge!` can be replaced by -# `Hash#[]=`. -Performance/RedundantMerge: - Enabled: true - MaxKeyValuePairs: 1 - -# Use `sort` instead of `sort_by { |x| x }`. -Performance/RedundantSortBy: - Enabled: true - -# Use `start_with?` instead of a regex match anchored to the beginning of a -# string. -Performance/StartWith: - Enabled: true - -# Use `tr` instead of `gsub` when you are replacing the same number of -# characters. Use `delete` instead of `gsub` when you are deleting -# characters. -Performance/StringReplacement: - Enabled: true - -# Checks for `.times.map` calls. -Performance/TimesMap: - Enabled: true - -# Security #################################################################### - -# This cop checks for the use of JSON class methods which have potential -# security issues. -Security/JSONLoad: - Enabled: true - -# This cop checks for the use of *Kernel#eval*. -Security/Eval: - Enabled: true - -# Rails ####################################################################### - -# Enables Rails cops. -Rails: - Enabled: true - -# Enforces consistent use of action filter methods. -Rails/ActionFilter: - Enabled: true - EnforcedStyle: action - -# Check that models subclass ApplicationRecord. -Rails/ApplicationRecord: - Enabled: false - -# Enforce using `blank?` and `present?`. -Rails/Blank: - Enabled: false - -# Checks the correct usage of date aware methods, such as `Date.today`, -# `Date.current`, etc. -Rails/Date: - Enabled: false - -# Prefer delegate method for delegations. -# Disabled per https://gitlab.com/gitlab-org/gitlab-ce/issues/35869 -Rails/Delegate: - Enabled: false - -# This cop checks dynamic `find_by_*` methods. -Rails/DynamicFindBy: - Enabled: false - -# This cop enforces that 'exit' calls are not used within a rails app. -Rails/Exit: - Enabled: true - Exclude: - - lib/gitlab/upgrader.rb - - 'lib/backup/**/*' - -# Prefer `find_by` over `where.first`. -Rails/FindBy: - Enabled: true - -# Prefer `all.find_each` over `all.find`. -Rails/FindEach: - Enabled: true - -# Prefer has_many :through to has_and_belongs_to_many. -Rails/HasAndBelongsToMany: - Enabled: true - -# This cop is used to identify usages of http methods like `get`, `post`, -# `put`, `patch` without the usage of keyword arguments in your tests and -# change them to use keyword args. -Rails/HttpPositionalArguments: - Enabled: false - -# Checks for calls to puts, print, etc. -Rails/Output: - Enabled: true - Exclude: - - lib/gitlab/seeder.rb - - lib/gitlab/upgrader.rb - - 'lib/backup/**/*' - - 'lib/tasks/**/*' - -# This cop checks for the use of output safety calls like html_safe and -# raw. -Rails/OutputSafety: - Enabled: false - -# Checks for incorrect grammar when using methods like `3.day.ago`. -Rails/PluralizationGrammar: - Enabled: true - -# Enforce using `blank?` and `present?`. -Rails/Present: - Enabled: false - -# Checks for `read_attribute(:attr)` and `write_attribute(:attr, val)`. -Rails/ReadWriteAttribute: - Enabled: false - -# Do not assign relative date to constants. -Rails/RelativeDateConstant: - Enabled: false - -# Checks the arguments of ActiveRecord scopes. -Rails/ScopeArgs: - Enabled: true - -# This cop checks for the use of Time methods without zone. -Rails/TimeZone: - Enabled: false - -# This cop checks for the use of old-style attribute validation macros. -Rails/Validation: - Enabled: true - -# RSpec ####################################################################### - -# Check that instances are not being stubbed globally. -RSpec/AnyInstance: - Enabled: false - -# Check for expectations where `be(...)` can replace `eql(...)`. -RSpec/BeEql: - Enabled: true - -# We don't enforce this as we use this technique in a few places. -RSpec/BeforeAfterAll: - Enabled: false - -# Check that the first argument to the top level describe is the tested class or -# module. -RSpec/DescribeClass: - Enabled: false - -# Use `described_class` for tested class / module. -RSpec/DescribeMethod: - Enabled: false - -# Avoid describing symbols. -RSpec/DescribeSymbol: - Enabled: true - -# Checks that the second argument to top level describe is the tested method -# name. -RSpec/DescribedClass: - Enabled: true - -# Checks if an example group does not include any tests. -RSpec/EmptyExampleGroup: - Enabled: true - CustomIncludeMethods: - - run_permission_checks - -# Checks for long example. -RSpec/ExampleLength: - Enabled: false - Max: 5 - -# Do not use should when describing your tests. -RSpec/ExampleWording: - Enabled: false - CustomTransform: - be: is - have: has - not: does not - IgnoredWords: [] - -# Checks for `expect(...)` calls containing literal values. -RSpec/ExpectActual: - Enabled: true - -# Checks for opportunities to use `expect { … }.to output`. -RSpec/ExpectOutput: - Enabled: true - -# Checks the file and folder naming of the spec file. -RSpec/FilePath: - Enabled: true - IgnoreMethods: true - Exclude: - - 'qa/**/*' - - 'spec/javascripts/fixtures/*' - - 'spec/requests/api/v3/*' - -# Checks if there are focused specs. -RSpec/Focus: - Enabled: true - -# Configuration parameters: EnforcedStyle, SupportedStyles. -# SupportedStyles: is_expected, should -RSpec/ImplicitExpect: - Enabled: true - EnforcedStyle: is_expected - -# Checks for the usage of instance variables. -RSpec/InstanceVariable: - Enabled: false - -# Checks for `subject` definitions that come after `let` definitions. -RSpec/LeadingSubject: - Enabled: false - -# Checks unreferenced `let!` calls being used for test setup. -RSpec/LetSetup: - Enabled: false - -# Check that chains of messages are not being stubbed. -RSpec/MessageChain: - Enabled: false - -# Checks that message expectations are set using spies. -RSpec/MessageSpies: - Enabled: false - -# Checks for multiple top-level describes. -RSpec/MultipleDescribes: - Enabled: false - -# Checks if examples contain too many `expect` calls. -RSpec/MultipleExpectations: - Enabled: false - -# Checks for explicitly referenced test subjects. -RSpec/NamedSubject: - Enabled: false - -# Checks for nested example groups. -RSpec/NestedGroups: - Enabled: false - -# Enforces the usage of the same method on all negative message expectations. -RSpec/NotToNot: - EnforcedStyle: not_to - Enabled: true - -# Check for repeated description strings in example groups. -RSpec/RepeatedDescription: - Enabled: false - -# Ensure RSpec hook blocks are always multi-line. -RSpec/SingleLineHook: - Enabled: true - Exclude: - - 'spec/factories/*' - - 'spec/requests/api/v3/*' - -# Checks for stubbed test subjects. -RSpec/SubjectStub: - Enabled: false - -# Prefer using verifying doubles over normal doubles. -RSpec/VerifiedDoubles: - Enabled: false + # We ignore Rails helpers right now because it's hard to workaround it + - app/helpers/**/*_helper.rb + - ee/app/helpers/**/*_helper.rb + # We ignore Rails mailers right now because it's hard to workaround it + - app/mailers/emails/**/*.rb + - ee/**/emails/**/*.rb + # We ignore spec helpers because it usually doesn't matter + - spec/support/**/*.rb + - features/steps/**/*.rb diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 9caef3bde0..7a12c8473f 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1,60 +1,101 @@ # This configuration was generated by -# `rubocop --auto-gen-config --exclude-limit 0` -# on 2017-07-10 01:48:30 +0900 using RuboCop version 0.49.1. +# `rubocop --auto-gen-config` +# on 2018-01-18 18:23:26 +0100 using RuboCop version 0.52.1. # The point is for the user to remove these configuration records # one by one as the offenses are removed from the code base. # Note that changes in the inspected code, or installation of new # versions of RuboCop, may require this file to be generated again. # Offense count: 181 +Capybara/CurrentPathExpectation: + Enabled: false + +# Offense count: 956 +Capybara/FeatureMethods: + Enabled: false + +# Offense count: 23 +FactoryBot/DynamicAttributeDefinedStatically: + Exclude: + - 'spec/factories/broadcast_messages.rb' + - 'spec/factories/ci/builds.rb' + - 'spec/factories/ci/runners.rb' + - 'spec/factories/clusters/applications/helm.rb' + - 'spec/factories/clusters/platforms/kubernetes.rb' + - 'spec/factories/emails.rb' + - 'spec/factories/gpg_keys.rb' + - 'spec/factories/group_members.rb' + - 'spec/factories/merge_requests.rb' + - 'spec/factories/notes.rb' + - 'spec/factories/oauth_access_grants.rb' + - 'spec/factories/project_members.rb' + - 'spec/factories/todos.rb' + - 'spec/factories/uploads.rb' + +# Offense count: 167 +# Cop supports --auto-correct. +Layout/EmptyLinesAroundArguments: + Enabled: false + +# Offense count: 253 # Cop supports --auto-correct. # Configuration parameters: AllowForAlignment, ForceEqualSignAlignment. Layout/ExtraSpacing: Enabled: false -# Offense count: 119 +# Offense count: 83 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles, IndentationWidth. +# Configuration parameters: EnforcedStyle, IndentationWidth. # SupportedStyles: special_inside_parentheses, consistent, align_brackets Layout/IndentArray: Enabled: false -# Offense count: 208 +# Offense count: 237 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles, IndentationWidth. +# Configuration parameters: EnforcedStyle, IndentationWidth. # SupportedStyles: special_inside_parentheses, consistent, align_braces Layout/IndentHash: Enabled: false -# Offense count: 174 -# Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles. -# SupportedStyles: space, no_space -Layout/SpaceBeforeBlockBraces: - Enabled: false - -# Offense count: 8 +# Offense count: 11 # Cop supports --auto-correct. # Configuration parameters: AllowForAlignment. Layout/SpaceBeforeFirstArg: - Enabled: false + Exclude: + - 'config/routes/project.rb' + - 'db/migrate/20170506185517_add_foreign_key_pipeline_schedules_and_pipelines.rb' + - 'features/steps/project/source/browse_files.rb' + - 'features/steps/project/source/markdown_render.rb' + - 'lib/api/runners.rb' + - 'spec/features/search/user_uses_search_filters_spec.rb' + - 'spec/routing/project_routing_spec.rb' + - 'spec/services/system_note_service_spec.rb' -# Offense count: 64 +# Offense count: 93 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles. +# Configuration parameters: EnforcedStyle. # SupportedStyles: require_no_space, require_space Layout/SpaceInLambdaLiteral: Enabled: false -# Offense count: 256 +# Offense count: 1 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles, EnforcedStyleForEmptyBraces, SupportedStylesForEmptyBraces, SpaceBeforeBlockParameters. +# Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBrackets. +# SupportedStyles: space, no_space, compact +# SupportedStylesForEmptyBrackets: space, no_space +Layout/SpaceInsideArrayLiteralBrackets: + Exclude: + - 'spec/lib/gitlab/import_export/relation_factory_spec.rb' + +# Offense count: 327 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBraces, SpaceBeforeBlockParameters. # SupportedStyles: space, no_space # SupportedStylesForEmptyBraces: space, no_space Layout/SpaceInsideBlockBraces: Enabled: false -# Offense count: 135 +# Offense count: 156 # Cop supports --auto-correct. Layout/SpaceInsideParens: Enabled: false @@ -62,189 +103,530 @@ Layout/SpaceInsideParens: # Offense count: 14 # Cop supports --auto-correct. Layout/SpaceInsidePercentLiteralDelimiters: - Enabled: false + Exclude: + - 'lib/gitlab/git_access.rb' + - 'lib/gitlab/health_checks/fs_shards_check.rb' + - 'spec/lib/gitlab/health_checks/fs_shards_check_spec.rb' -# Offense count: 89 -# Cop supports --auto-correct. -Layout/TrailingWhitespace: - Enabled: false - -# Offense count: 272 -RSpec/EmptyLineAfterFinalLet: - Enabled: false - -# Offense count: 181 -RSpec/EmptyLineAfterSubject: - Enabled: false - -# Offense count: 78 -# Configuration parameters: EnforcedStyle, SupportedStyles. -# SupportedStyles: implicit, each, example -RSpec/HookArgument: - Enabled: false - -# Offense count: 9 -# Configuration parameters: EnforcedStyle, SupportedStyles. -# SupportedStyles: it_behaves_like, it_should_behave_like -RSpec/ItBehavesLike: - Enabled: false +# Offense count: 26 +Lint/DuplicateMethods: + Exclude: + - 'app/models/application_setting.rb' + - 'app/models/commit.rb' + - 'app/models/note.rb' + - 'app/services/merge_requests/merge_service.rb' + - 'lib/bitbucket/representation/repo.rb' + - 'lib/declarative_policy/base.rb' + - 'lib/gitlab/ci/build/artifacts/metadata/entry.rb' + - 'lib/gitlab/cycle_analytics/base_event_fetcher.rb' + - 'lib/gitlab/diff/formatters/base_formatter.rb' + - 'lib/gitlab/git/blob.rb' + - 'lib/gitlab/git/repository.rb' + - 'lib/gitlab/git/tree.rb' + - 'lib/gitlab/git/wiki_page.rb' + - 'lib/gitlab/ldap/person.rb' + - 'lib/gitlab/o_auth/user.rb' # Offense count: 4 -RSpec/IteratedExpectation: +Lint/InterpolationCheck: + Exclude: + - 'spec/features/issues/filtered_search/filter_issues_spec.rb' + - 'spec/features/users_spec.rb' + - 'spec/services/quick_actions/interpret_service_spec.rb' + +# Offense count: 206 +# Configuration parameters: MaximumRangeSize. +Lint/MissingCopEnableDirective: Enabled: false # Offense count: 2 -RSpec/OverwritingSetup: +Lint/NestedPercentLiteral: + Exclude: + - 'lib/gitlab/git/repository.rb' + - 'spec/support/email_format_shared_examples.rb' + +# Offense count: 1 +Lint/ReturnInVoidContext: + Exclude: + - 'app/models/project.rb' + +# Offense count: 1 +# Configuration parameters: IgnoreImplicitReferences. +Lint/ShadowedArgument: + Exclude: + - 'lib/gitlab/database/sha_attribute.rb' + +# Offense count: 3 +# Cop supports --auto-correct. +Lint/UnneededRequireStatement: + Exclude: + - 'db/post_migrate/20161221153951_rename_reserved_project_names.rb' + - 'db/post_migrate/20170313133418_rename_more_reserved_project_names.rb' + - 'lib/declarative_policy.rb' + +# Offense count: 9 +Lint/UriEscapeUnescape: + Exclude: + - 'app/controllers/application_controller.rb' + - 'app/models/project_services/drone_ci_service.rb' + - 'spec/lib/google_api/auth_spec.rb' + - 'spec/requests/api/files_spec.rb' + - 'spec/requests/api/internal_spec.rb' + - 'spec/requests/api/issues_spec.rb' + - 'spec/requests/api/v3/issues_spec.rb' + +# Offense count: 1 +# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns. +# URISchemes: http, https +Metrics/LineLength: + Max: 1310 + +# Offense count: 2 +Naming/ConstantName: + Exclude: + - 'lib/gitlab/import_sources.rb' + - 'lib/gitlab/ssh_public_key.rb' + +# Offense count: 11 +# Configuration parameters: EnforcedStyle. +# SupportedStyles: lowercase, uppercase +Naming/HeredocDelimiterCase: + Exclude: + - 'spec/lib/gitlab/diff/parser_spec.rb' + - 'spec/lib/json_web_token/rsa_token_spec.rb' + - 'spec/models/commit_spec.rb' + - 'spec/support/repo_helpers.rb' + - 'spec/support/seed_repo.rb' + +# Offense count: 112 +# Configuration parameters: Blacklist. +# Blacklist: END, (?-mix:EO[A-Z]{1}) +Naming/HeredocDelimiterNaming: Enabled: false -# Offense count: 36 -RSpec/RepeatedExample: - Enabled: false - -# Offense count: 86 -RSpec/ScatteredLet: - Enabled: false - -# Offense count: 20 -RSpec/ScatteredSetup: +# Offense count: 27 +# Cop supports --auto-correct. +# Configuration parameters: AutoCorrect. +Performance/HashEachMethods: Enabled: false # Offense count: 1 -RSpec/SharedContext: +Performance/UnfreezeString: + Exclude: + - 'features/steps/project/commits/commits.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +Performance/UriDefaultParser: + Exclude: + - 'lib/gitlab/url_sanitizer.rb' + +# Offense count: 3821 +# Configuration parameters: Prefixes. +# Prefixes: when, with, without +RSpec/ContextWording: Enabled: false -# Offense count: 115 +# Offense count: 293 +RSpec/EmptyLineAfterFinalLet: + Enabled: false + +# Offense count: 188 +RSpec/EmptyLineAfterSubject: + Enabled: false + +# Offense count: 258 +# Configuration parameters: EnforcedStyle. +# SupportedStyles: method_call, block +RSpec/ExpectChange: + Enabled: false + +# Offense count: 221 +RSpec/ExpectInHook: + Enabled: false + +# Offense count: 7 +# Configuration parameters: EnforcedStyle. +# SupportedStyles: implicit, each, example +RSpec/HookArgument: + Exclude: + - 'spec/spec_helper.rb' + - 'spec/support/carrierwave.rb' + - 'spec/support/db_cleaner.rb' + - 'spec/support/gitaly.rb' + - 'spec/support/setup_builds_storage.rb' + +# Offense count: 19 +# Configuration parameters: EnforcedStyle. +# SupportedStyles: it_behaves_like, it_should_behave_like +RSpec/ItBehavesLike: + Exclude: + - 'spec/lib/gitlab/git/commit_spec.rb' + - 'spec/lib/gitlab/git/repository_spec.rb' + - 'spec/lib/gitlab/shell_spec.rb' + - 'spec/services/notification_service_spec.rb' + - 'spec/workers/git_garbage_collect_worker_spec.rb' + +# Offense count: 5 +RSpec/IteratedExpectation: + Exclude: + - 'spec/features/admin/admin_settings_spec.rb' + - 'spec/features/merge_requests/diff_notes_resolve_spec.rb' + - 'spec/features/projects/awards/user_interacts_with_awards_in_issue_spec.rb' + - 'spec/lib/gitlab/gitlab_import/client_spec.rb' + - 'spec/lib/gitlab/legacy_github_import/client_spec.rb' + +# Offense count: 75 +RSpec/LetBeforeExamples: + Exclude: + - 'spec/controllers/projects/commit_controller_spec.rb' + - 'spec/lib/banzai/filter/issue_reference_filter_spec.rb' + - 'spec/lib/banzai/filter/user_reference_filter_spec.rb' + - 'spec/lib/gitlab/email/handler/create_issue_handler_spec.rb' + - 'spec/lib/gitlab/email/handler/create_merge_request_handler_spec.rb' + - 'spec/lib/gitlab/email/handler/create_note_handler_spec.rb' + - 'spec/models/commit_range_spec.rb' + - 'spec/models/milestone_spec.rb' + - 'spec/models/project_services/packagist_service_spec.rb' + - 'spec/models/repository_spec.rb' + - 'spec/rubocop/cop/migration/update_column_in_batches_spec.rb' + - 'spec/serializers/pipeline_details_entity_spec.rb' + - 'spec/views/ci/lints/show.html.haml_spec.rb' + +# Offense count: 1 +RSpec/MultipleSubjects: + Exclude: + - 'spec/services/merge_requests/create_from_issue_service_spec.rb' + +# Offense count: 4 +RSpec/OverwritingSetup: + Exclude: + - 'spec/lib/gitlab/background_migration/migrate_events_to_push_event_payloads_spec.rb' + - 'spec/models/email_spec.rb' + - 'spec/services/merge_requests/add_todo_when_build_fails_service_spec.rb' + - 'spec/services/notes/quick_actions_service_spec.rb' + +# Offense count: 965 +# Configuration parameters: Strict, EnforcedStyle. +# SupportedStyles: inflected, explicit +RSpec/PredicateMatcher: + Enabled: false + +# Offense count: 35 +RSpec/RepeatedExample: + Enabled: false + +# Offense count: 140 +# Configuration parameters: EnforcedStyle. +# SupportedStyles: and_return, block +RSpec/ReturnFromStub: + Enabled: false + +# Offense count: 112 +RSpec/ScatteredLet: + Enabled: false + +# Offense count: 22 +RSpec/ScatteredSetup: + Exclude: + - 'spec/controllers/projects/templates_controller_spec.rb' + - 'spec/lib/gitlab/bitbucket_import/importer_spec.rb' + - 'spec/lib/gitlab/git/env_spec.rb' + - 'spec/requests/api/jobs_spec.rb' + - 'spec/requests/api/v3/builds_spec.rb' + - 'spec/requests/api/v3/projects_spec.rb' + - 'spec/services/projects/create_service_spec.rb' + +# Offense count: 1 +RSpec/SharedContext: + Exclude: + - 'spec/features/admin/admin_groups_spec.rb' + +# Offense count: 5 +RSpec/VoidExpect: + Exclude: + - 'spec/features/projects/artifacts/download_spec.rb' + - 'spec/features/projects/services/user_activates_mattermost_slash_command_spec.rb' + - 'spec/models/ci/group_spec.rb' + - 'spec/models/ci/runner_spec.rb' + - 'spec/services/users/destroy_service_spec.rb' + +# Offense count: 41 +# Configuration parameters: Include. +# Include: db/migrate/*.rb +Rails/CreateTableWithTimestamps: + Enabled: false + +# Offense count: 155 Rails/FilePath: Enabled: false +# Offense count: 121 +# Configuration parameters: Include. +# Include: app/models/**/*.rb +Rails/HasManyOrHasOneDependent: + Enabled: false + +# Offense count: 157 +# Configuration parameters: Include. +# Include: app/models/**/*.rb +Rails/InverseOf: + Enabled: false + +# Offense count: 48 +# Configuration parameters: Include. +# Include: app/controllers/**/*.rb +Rails/LexicallyScopedActionFilter: + Enabled: false + +# Offense count: 14 +# Cop supports --auto-correct. +Rails/Presence: + Exclude: + - 'app/controllers/projects/blob_controller.rb' + - 'app/models/ci/pipeline.rb' + - 'app/models/clusters/platforms/kubernetes.rb' + - 'app/models/concerns/mentionable.rb' + - 'app/models/concerns/token_authenticatable.rb' + - 'app/models/project_services/hipchat_service.rb' + - 'app/models/project_services/irker_service.rb' + - 'app/models/project_services/jira_service.rb' + - 'app/models/project_services/kubernetes_service.rb' + - 'app/models/project_services/packagist_service.rb' + - 'app/models/wiki_page.rb' + - 'lib/gitlab/git/hook.rb' + - 'lib/gitlab/github_import/importer/releases_importer.rb' + # Offense count: 2 # Configuration parameters: Include. # Include: db/migrate/*.rb Rails/ReversibleMigration: - Enabled: false + Exclude: + - 'db/migrate/20160824103857_drop_unused_ci_tables.rb' -# Offense count: 336 +# Offense count: 446 # Configuration parameters: Blacklist. # Blacklist: decrement!, decrement_counter, increment!, increment_counter, toggle!, touch, update_all, update_attribute, update_column, update_columns, update_counters Rails/SkipsModelValidations: Enabled: false -# Offense count: 11 +# Offense count: 1 +# Configuration parameters: Environments. +# Environments: development, test, production +Rails/UnknownEnv: + Exclude: + - 'db/migrate/20171124125748_populate_missing_merge_request_statuses.rb' + +# Offense count: 13 # Cop supports --auto-correct. Security/YAMLLoad: - Enabled: false + Exclude: + - 'config/initializers/carrierwave.rb' + - 'lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb' + - 'lib/gitlab/redis/wrapper.rb' + - 'lib/system_check/incoming_email/imap_authentication_check.rb' + - 'spec/config/mail_room_spec.rb' + - 'spec/initializers/secret_token_spec.rb' + - 'spec/lib/gitlab/prometheus/additional_metrics_parser_spec.rb' + - 'spec/models/clusters/platforms/kubernetes_spec.rb' + - 'spec/models/project_services/kubernetes_service_spec.rb' -# Offense count: 58 +# Offense count: 64 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles. +# Configuration parameters: EnforcedStyle. # SupportedStyles: percent_q, bare_percent Style/BarePercentLiterals: Enabled: false -# Offense count: 6 -# Cop supports --auto-correct. -Style/EachWithObject: +# Offense count: 5 +Style/CommentedKeyword: + Exclude: + - 'lib/tasks/gitlab/backup.rake' + - 'spec/tasks/gitlab/backup_rake_spec.rb' + +# Offense count: 30 +Style/DateTime: Enabled: false -# Offense count: 31 +# Offense count: 1 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles. +Style/Dir: + Exclude: + - 'qa/qa.rb' + +# Offense count: 9 +# Cop supports --auto-correct. +Style/EachWithObject: + Exclude: + - 'config/initializers/gollum.rb' + - 'lib/expand_variables.rb' + - 'lib/gitlab/ci/ansi2html.rb' + - 'lib/gitlab/ee_compat_check.rb' + - 'lib/gitlab/hook_data/issuable_builder.rb' + - 'lib/gitlab/i18n/po_linter.rb' + - 'lib/gitlab/import_export/members_mapper.rb' + - 'lib/gitlab/import_export/relation_factory.rb' + - 'scripts/static-analysis' + +# Offense count: 24 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. # SupportedStyles: empty, nil, both Style/EmptyElse: Enabled: false -# Offense count: 9 +# Offense count: 14 +# Cop supports --auto-correct. +Style/EmptyLambdaParameter: + Exclude: + - 'app/models/ci/build.rb' + - 'app/models/ci/runner.rb' + +# Offense count: 12 # Cop supports --auto-correct. Style/EmptyLiteral: - Enabled: false + Exclude: + - 'features/steps/project/commits/commits.rb' + - 'lib/gitlab/fogbugz_import/importer.rb' + - 'lib/gitlab/git/diff_collection.rb' + - 'lib/gitlab/gitaly_client.rb' + - 'scripts/trigger-build-omnibus' + - 'spec/features/merge_requests/versions_spec.rb' + - 'spec/helpers/merge_requests_helper_spec.rb' + - 'spec/lib/gitlab/request_context_spec.rb' + - 'spec/lib/gitlab/workhorse_spec.rb' + - 'spec/requests/api/jobs_spec.rb' + - 'spec/support/chat_slash_commands_shared_examples.rb' -# Offense count: 78 +# Offense count: 102 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles. +# Configuration parameters: EnforcedStyle. # SupportedStyles: compact, expanded Style/EmptyMethod: Enabled: false # Offense count: 23 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles. +Style/Encoding: + Enabled: false + +# Offense count: 2 +Style/EvalWithLocation: + Exclude: + - 'app/models/service.rb' + +# Offense count: 35 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. # SupportedStyles: format, sprintf, percent Style/FormatString: Enabled: false -# Offense count: 301 +# Offense count: 384 # Configuration parameters: MinBodyLength. Style/GuardClause: Enabled: false -# Offense count: 18 +# Offense count: 22 Style/IfInsideElse: Enabled: false -# Offense count: 182 +# Offense count: 809 # Cop supports --auto-correct. -# Configuration parameters: MaxLineLength. Style/IfUnlessModifier: Enabled: false -# Offense count: 52 +# Offense count: 75 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles. +# Configuration parameters: EnforcedStyle. # SupportedStyles: line_count_dependent, lambda, literal Style/Lambda: Enabled: false -# Offense count: 6 +# Offense count: 11 # Cop supports --auto-correct. Style/LineEndConcatenation: - Enabled: false + Exclude: + - 'app/helpers/tree_helper.rb' + - 'spec/features/issuables/markdown_references_spec.rb' + - 'spec/lib/gitlab/checks/project_moved_spec.rb' + - 'spec/lib/gitlab/gfm/reference_rewriter_spec.rb' + - 'spec/lib/gitlab/incoming_email_spec.rb' -# Offense count: 40 +# Offense count: 39 # Cop supports --auto-correct. Style/MethodCallWithoutArgsParentheses: Enabled: false -# Offense count: 13 +# Offense count: 18 Style/MethodMissing: Enabled: false +# Offense count: 7 +Style/MixinUsage: + Exclude: + - 'features/support/env.rb' + - 'spec/factories/ci/builds.rb' + - 'spec/factories/ci/job_artifacts.rb' + - 'spec/factories/lfs_objects.rb' + - 'spec/factories/notes.rb' + - 'spec/lib/gitlab/import_export/project_tree_restorer_spec.rb' + - 'spec/lib/gitlab/import_export/version_checker_spec.rb' + # Offense count: 6 # Cop supports --auto-correct. Style/MultilineIfModifier: - Enabled: false + Exclude: + - 'app/helpers/snippets_helper.rb' + - 'app/models/project_wiki.rb' + - 'app/services/ci/process_pipeline_service.rb' + - 'app/services/create_deployment_service.rb' + - 'lib/api/commit_statuses.rb' + - 'lib/gitlab/ci/trace.rb' -# Offense count: 26 +# Offense count: 25 # Cop supports --auto-correct. +# Configuration parameters: Whitelist. +# Whitelist: be, be_a, be_an, be_between, be_falsey, be_kind_of, be_instance_of, be_truthy, be_within, eq, eql, end_with, include, match, raise_error, respond_to, start_with Style/NestedParenthesizedCalls: Enabled: false -# Offense count: 20 +# Offense count: 19 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, MinBodyLength, SupportedStyles. +# Configuration parameters: EnforcedStyle, MinBodyLength. # SupportedStyles: skip_modifier_ifs, always Style/Next: Enabled: false -# Offense count: 45 +# Offense count: 61 # Cop supports --auto-correct. -# Configuration parameters: EnforcedOctalStyle, SupportedOctalStyles. +# Configuration parameters: EnforcedOctalStyle. # SupportedOctalStyles: zero_with_o, zero_only Style/NumericLiteralPrefix: Enabled: false -# Offense count: 98 +# Offense count: 114 # Cop supports --auto-correct. -# Configuration parameters: AutoCorrect, EnforcedStyle, SupportedStyles. +# Configuration parameters: AutoCorrect, EnforcedStyle. # SupportedStyles: predicate, comparison Style/NumericPredicate: Enabled: false -# Offense count: 42 +# Offense count: 4 +# Cop supports --auto-correct. +Style/OrAssignment: + Exclude: + - 'app/models/concerns/token_authenticatable.rb' + - 'lib/api/commit_statuses.rb' + - 'lib/api/v3/members.rb' + - 'lib/gitlab/project_transfer.rb' + +# Offense count: 50 # Cop supports --auto-correct. Style/ParallelAssignment: Enabled: false -# Offense count: 800 +# Offense count: 917 # Cop supports --auto-correct. # Configuration parameters: PreferredDelimiters. Style/PercentLiteralDelimiters: @@ -253,114 +635,196 @@ Style/PercentLiteralDelimiters: # Offense count: 15 # Cop supports --auto-correct. Style/PerlBackrefs: - Enabled: false + Exclude: + - 'app/controllers/projects/application_controller.rb' + - 'app/helpers/submodule_helper.rb' + - 'lib/backup/manager.rb' + - 'lib/banzai/filter/abstract_reference_filter.rb' + - 'lib/banzai/filter/autolink_filter.rb' + - 'lib/banzai/filter/emoji_filter.rb' + - 'lib/banzai/filter/gollum_tags_filter.rb' + - 'lib/expand_variables.rb' + - 'lib/gitlab/diff/highlight.rb' + - 'lib/gitlab/search_results.rb' + - 'lib/gitlab/sherlock/query.rb' -# Offense count: 105 -# Configuration parameters: NamePrefix, NamePrefixBlacklist, NameWhitelist. -# NamePrefix: is_, has_, have_ -# NamePrefixBlacklist: is_, has_, have_ -# NameWhitelist: is_a? -Style/PredicateName: - Enabled: false - -# Offense count: 58 +# Offense count: 87 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles. +# Configuration parameters: EnforcedStyle. # SupportedStyles: compact, exploded Style/RaiseArgs: Enabled: false -# Offense count: 6 +# Offense count: 9 # Cop supports --auto-correct. Style/RedundantBegin: - Enabled: false + Exclude: + - 'app/controllers/projects/clusters/gcp_controller.rb' + - 'app/models/merge_request.rb' + - 'app/services/projects/import_service.rb' + - 'lib/api/branches.rb' + - 'lib/gitlab/current_settings.rb' + - 'lib/gitlab/git/commit.rb' + - 'lib/gitlab/health_checks/base_abstract_check.rb' + - 'lib/tasks/gitlab/task_helpers.rb' -# Offense count: 37 +# Offense count: 1 +# Cop supports --auto-correct. +Style/RedundantConditional: + Exclude: + - 'lib/system_check/helpers.rb' + +# Offense count: 57 # Cop supports --auto-correct. Style/RedundantFreeze: Enabled: false -# Offense count: 14 +# Offense count: 15 # Cop supports --auto-correct. # Configuration parameters: AllowMultipleReturnValues. Style/RedundantReturn: - Enabled: false + Exclude: + - 'app/controllers/application_controller.rb' + - 'app/controllers/concerns/issuable_actions.rb' + - 'app/controllers/groups/application_controller.rb' + - 'app/controllers/omniauth_callbacks_controller.rb' + - 'app/controllers/profiles/keys_controller.rb' + - 'app/controllers/projects/application_controller.rb' + - 'app/services/access_token_validation_service.rb' + - 'lib/gitlab/utils.rb' + - 'lib/google_api/auth.rb' -# Offense count: 406 +# Offense count: 460 # Cop supports --auto-correct. Style/RedundantSelf: Enabled: false -# Offense count: 115 +# Offense count: 142 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles, AllowInnerSlashes. +# Configuration parameters: EnforcedStyle, AllowInnerSlashes. # SupportedStyles: slashes, percent_r, mixed Style/RegexpLiteral: - Enabled: false + Enabled: true + EnforcedStyle: mixed + AllowInnerSlashes: false -# Offense count: 29 +# Offense count: 36 # Cop supports --auto-correct. Style/RescueModifier: Enabled: false +# Offense count: 107 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. +# SupportedStyles: implicit, explicit +Style/RescueStandardError: + Enabled: false + +# Offense count: 92 +# Cop supports --auto-correct. +# Configuration parameters: ConvertCodeThatCanStartToReturnNil. +Style/SafeNavigation: + Enabled: false + # Offense count: 8 # Cop supports --auto-correct. Style/SelfAssignment: - Enabled: false + Exclude: + - 'app/models/concerns/bulk_member_access_load.rb' + - 'app/serializers/base_serializer.rb' + - 'app/services/notification_service.rb' + - 'lib/api/runners.rb' + - 'spec/features/merge_requests/diff_notes_resolve_spec.rb' + - 'spec/features/projects/clusters/interchangeability_spec.rb' + - 'spec/support/import_export/configuration_helper.rb' # Offense count: 50 # Cop supports --auto-correct. # Configuration parameters: AllowIfMethodIsEmpty. Style/SingleLineMethods: - Enabled: false + Exclude: + - 'lib/gitlab/ci/ansi2html.rb' -# Offense count: 64 +# Offense count: 66 # Cop supports --auto-correct. -# Configuration parameters: SupportedStyles. +# Configuration parameters: . # SupportedStyles: use_perl_names, use_english_names Style/SpecialGlobalVars: EnforcedStyle: use_perl_names -# Offense count: 44 +# Offense count: 1 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles. +Style/StderrPuts: + Exclude: + - 'config/initializers/rspec_profiling.rb' + +# Offense count: 45 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. # SupportedStyles: single_quotes, double_quotes Style/StringLiteralsInInterpolation: Enabled: false -# Offense count: 84 +# Offense count: 106 # Cop supports --auto-correct. # Configuration parameters: IgnoredMethods. # IgnoredMethods: respond_to, define_method Style/SymbolProc: Enabled: false -# Offense count: 8 +# Offense count: 9 # Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, SupportedStyles, AllowSafeAssignment. +# Configuration parameters: EnforcedStyle, AllowSafeAssignment. # SupportedStyles: require_parentheses, require_no_parentheses, require_parentheses_when_complex Style/TernaryParentheses: - Enabled: false + Exclude: + - 'app/finders/projects_finder.rb' + - 'app/helpers/namespaces_helper.rb' + - 'features/support/capybara.rb' + - 'lib/api/v3/projects.rb' + - 'lib/gitlab/ci/build/artifacts/metadata/entry.rb' + - 'spec/requests/api/pipeline_schedules_spec.rb' + - 'spec/support/capybara.rb' # Offense count: 17 # Cop supports --auto-correct. # Configuration parameters: AllowNamedUnderscoreVariables. Style/TrailingUnderscoreVariable: - Enabled: false + Exclude: + - 'app/controllers/admin/background_jobs_controller.rb' + - 'app/controllers/invites_controller.rb' + - 'app/helpers/tab_helper.rb' + - 'lib/backup/manager.rb' + - 'lib/gitlab/logger.rb' + - 'lib/gitlab/upgrader.rb' + - 'lib/system_check/app/migrations_are_up_check.rb' + - 'lib/system_check/incoming_email/mail_room_running_check.rb' + - 'lib/tasks/gitlab/check.rake' + - 'lib/tasks/gitlab/task_helpers.rb' + - 'spec/lib/gitlab/etag_caching/middleware_spec.rb' + - 'spec/services/quick_actions/interpret_service_spec.rb' -# Offense count: 4 +# Offense count: 5 # Cop supports --auto-correct. # Configuration parameters: ExactNameMatch, AllowPredicates, AllowDSLWriters, IgnoreClassMethods, Whitelist. # Whitelist: to_ary, to_a, to_c, to_enum, to_h, to_hash, to_i, to_int, to_io, to_open, to_path, to_proc, to_r, to_regexp, to_str, to_s, to_sym Style/TrivialAccessors: - Enabled: false + Exclude: + - 'app/models/external_issue.rb' + - 'app/serializers/base_serializer.rb' + - 'lib/gitlab/ldap/person.rb' + - 'lib/system_check/base_check.rb' -# Offense count: 5 +# Offense count: 4 # Cop supports --auto-correct. Style/UnlessElse: - Enabled: false + Exclude: + - 'lib/backup/manager.rb' + - 'lib/gitlab/project_search_results.rb' + - 'lib/tasks/gitlab/check.rake' + - 'spec/features/issues/award_emoji_spec.rb' -# Offense count: 28 +# Offense count: 31 # Cop supports --auto-correct. Style/UnneededInterpolation: Enabled: false @@ -368,4 +832,19 @@ Style/UnneededInterpolation: # Offense count: 11 # Cop supports --auto-correct. Style/ZeroLengthPredicate: - Enabled: false + Exclude: + - 'app/models/deploy_key.rb' + - 'app/models/network/commit.rb' + - 'app/models/network/graph.rb' + - 'app/models/project_services/asana_service.rb' + - 'app/services/boards/create_service.rb' + - 'app/services/merge_requests/conflicts/list_service.rb' + - 'lib/declarative_policy/dsl.rb' + - 'lib/extracts_path.rb' + - 'lib/gitlab/git/repository.rb' + +# Offense count: 22840 +# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns. +# URISchemes: http, https +Metrics/LineLength: + Max: 1310 diff --git a/.ruby-version b/.ruby-version index 0bee604df7..e75da3e63d 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -2.3.3 +2.3.6 diff --git a/.scss-lint.yml b/.scss-lint.yml index 73f8d27f78..dcd4cac780 100644 --- a/.scss-lint.yml +++ b/.scss-lint.yml @@ -14,7 +14,7 @@ linters: # Whether or not to prefer `border: 0` over `border: none`. BorderZero: - enabled: false + enabled: true # Reports when you define a rule set using a selector with chained classes # (a.k.a. adjoining classes). @@ -112,7 +112,7 @@ linters: # Reports when you define the same selector twice in a single sheet. MergeableSelector: - enabled: false + enabled: true # Functions, mixins, variables, and placeholders should be declared # with all lowercase letters and hyphens instead of underscores. @@ -121,7 +121,8 @@ linters: # Avoid nesting selectors too deeply. NestingDepth: - enabled: false + enabled: true + max_depth: 6 # Always use placeholder selectors in @extend. PlaceholderInExtend: @@ -240,7 +241,7 @@ linters: # Numeric values should not contain unnecessary fractional portions. UnnecessaryMantissa: - enabled: false + enabled: true # Do not use parent selector references (&) when they would otherwise # be unnecessary. diff --git a/CHANGELOG.md b/CHANGELOG.md index 5fc14f42c5..c977245499 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,1562 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 10.5.5 (2018-03-15) + +### Fixed (3 changes) + +- Fix missing uploads after group transfer. !17658 +- Fix code and wiki search results when filename is non-ASCII. +- Remove double caching of Repository#empty?. + +### Performance (2 changes) + +- Adding missing indexes on taggings table. +- Add index on section_name_id on ci_build_trace_sections table. + + +## 10.5.4 (2018-03-08) + +### Fixed (11 changes) + +- Encode branch name as binary before creating a RPC request to copy attributes. !17291 +- Restart Unicorn and Sidekiq when GRPC throws 14:Endpoint read failed. !17293 +- Ensure group issues and merge requests pages show results from subgroups when there are no results from the current group. !17312 +- Prevent trace artifact migration to incur data loss. !17313 +- Return a 404 instead of 403 if the repository does not exist on disk. !17341 +- Allow Prometheus application to be installed from Cluster applications. !17372 +- Fixes Prometheus admin configuration page. !17377 +- Fix code and wiki search results pages when non-ASCII text is displayed. !17413 +- Fix pages flaky failure by reloading stale object. !17522 +- Fixed issue edit shortcut not opening edit form. +- Revert Project.public_or_visible_to_user changes and only apply to snippets. + +### Performance (1 change) + +- Don't use ProjectsFinder in TodosFinder. + + +## 10.5.3 (2018-03-01) + +### Security (1 change) + +- Ensure that OTP backup codes are always invalidated. + + +## 10.5.2 (2018-02-25) + +### Fixed (7 changes) + +- Fix single digit value clipping for stacked progress bar. !17217 +- Fix issue with cache key being empty when variable used as the key. !17260 +- Enable Legacy Authorization by default on Cluster creations. !17302 +- Allow branch names to be named the same as the sha it points to. +- Fix 500 error when loading an invalid upload URL. +- Don't attempt to update user tracked fields if database is in read-only. +- Prevent MR Widget error when no CI configured. + +### Performance (5 changes) + +- Improve query performance for snippets dashboard. !17088 +- Only check LFS integrity for first ref in a push to avoid timeout. !17098 +- Improve query performance of MembersFinder. !17190 +- Increase feature flag cache TTL to one hour. +- Improve performance of searching for and autocompleting of users. + + +## 10.5.1 (2018-02-22) + +- No changes. + +## 10.5.0 (2018-02-22) + +### Security (3 changes, 1 of them is from the community) + +- Update marked from 0.3.6 to 0.3.12. !16480 (Takuya Noguchi) +- Update nokogiri to 1.8.2. !16807 +- Add verification for GitLab Pages custom domains. + +### Fixed (77 changes, 25 of them are from the community) + +- Fix the Projects API with_issues_enabled filter behaving incorrectly any user. !12724 (Jan Christophersen) +- Hide pipeline schedule take ownership for current owner. !12986 +- Handle special characters on API request of issuable templates. !15323 (Takuya Noguchi) +- Shows signin tab after new user email confirmation. !16174 (Jacopo Beschi @jacopo-beschi) +- Make project README containers wider on fixed layout. !16181 (Takuya Noguchi) +- Fix dashboard projects nav links height. !16204 (George Tsiolis) +- Fix error on empty query for Members API. !16235 +- Issue board: fix for dragging an issue to the very bottom in long lists. !16250 (David Kuri) +- Make rich blob viewer wider for PC. !16262 (Takuya Noguchi) +- Substitute deprecated ui_charcoal with new default ui_indigo. !16271 (Takuya Noguchi) +- Generate HTTP URLs for custom Pages domains when appropriate. !16279 +- Make modal dialog common for Groups tree app. !16311 +- Allow moving wiki pages from the UI. !16313 +- Filter groups and projects dropdowns of search page on backend. !16336 +- Adjust layout width for fixed layout. !16337 (George Tsiolis) +- Fix custom header logo design nitpick: Remove unneeded margin on empty logo text. !16383 (Markus Doits) +- File Upload UI can create LFS pointers based on .gitattributes. !16412 +- Fix Ctrl+Enter keyboard shortcut saving comment/note edit. !16415 +- Fix file search results when they match file contents with a number between two colons. !16462 +- Fix tooltip displayed for running manual actions. !16489 +- Allow trailing + on labels in board filters. !16490 +- Prevent JIRA issue identifier from being humanized. !16491 (Andrew McCallum) +- Add horizontal scroll to wiki tables. !16527 (George Tsiolis) +- Fix a bug calculating artifact size for project statistics. !16539 +- Stop loading spinner on error of issuable templates. !16600 (Takuya Noguchi) +- Allows html text in commits atom feed. !16603 (Jacopo Beschi @jacopo-beschi) +- Disable MR check out button when source branch is deleted. !16631 (Jacopo Beschi @jacopo-beschi) +- Fix export removal for hashed-storage projects within a renamed or deleted namespace. !16658 +- Default to HTTPS for all Gravatar URLs. !16666 +- Login via OAuth now only marks new users as external. !16672 +- Fix default avatar icon missing when Gravatar is disabled. !16681 (Felix Geyer) +- Change button group width on mobile. !16726 (George Tsiolis) +- Fix version information not showing on help page if commercial content display was disabled. !16743 +- Adds spacing between edit and delete tag btn in tag list. !16757 (Jacopo Beschi @jacopo-beschi) +- Fix 500 error when loading a merge request with an invalid comment. !16795 +- Deleting an upload will correctly clean up the filesystem. !16799 +- Cleanup new branch/merge request form in issues. !16854 +- Fix GitLab import leaving group_id on ProjectLabel. !16877 +- Fix forking projects when no restricted visibility levels are defined applicationwide. !16881 +- Trigger change event on filename input when file template is applied. !16911 (Sebastian Klingler) +- Fixes different margins between buttons in tag list. !16927 (Jacopo Beschi @jacopo-beschi) +- Close low level rugged repository in project cache worker. !16930 (Bastian Blank) +- Override group sidebar links. !16942 (George Tsiolis) +- Avoid running `PopulateForkNetworksRange`-migration multiple times. !16988 +- Resolve PrepareUntrackedUploads PostgreSQL syntax error. !17019 +- Fix monaco editor features which were incompatable with GitLab CDN settings. !17021 +- Fixed error 500 when removing an identity with synced attributes and visiting the profile page. !17054 +- Fix cnacel edit note button reverting changes. !42462 +- For issues display time of last edit of title or description instead of time of any attribute change. +- Handle all Psych YAML parser exceptions (fixes #41209). +- Fix validation of environment scope of variables. +- Display user friendly error message if rebase fails. +- Hide new branch and tag links for projects with an empty repo. +- Fix protected branches API to accept name parameter with dot. +- Closes #38540 - Remove .ssh/environment file that now breaks the gitlab:check rake task. +- Keep subscribers when promoting labels to group labels. +- Replace verified badge icons and uniform colors. +- Fix error on changes tab when merge request cannot be created. +- Ignore leading slashes when searching for files within context of repository. (Andrew McCallum) +- Close and do not reload MR diffs when source branch is deleted. +- Bypass commits title markdown on notes. +- Reload MRs memoization after diffs creation. +- Return more consistent values for merge_status on MR APIs. +- Contribution calendar label was cut off. (Branka Martinovic) +- LDAP Person no longer throws exception on invalid entry. +- Fix bug where award emojis would be lost when moving issues between projects. +- Fix not all events being shown in group dashboard. +- Fix JIRA not working when a trailing slash is included. +- Fix squash not working when diff contained non-ASCII data. +- Remove erroneous text in shared runners page that suggested more runners available. +- Execute system hooks after-commit when executing project hooks. +- Makes forking protect default branch on completion. +- Validate user, group and project paths consistently, and only once. +- Validate user namespace before saving so that errors persist on model. +- Permits 'password_authentication_enabled_for_git' parameter for ApplicationSettingsController. +- Fix duplicate item in protected branch/tag dropdown. +- Open visibility level help in a new tab. (Jussi Räsänen) + +### Deprecated (1 change) + +- Add note within ux documentation that further changes should be made within the design.gitlab project. + +### Changed (20 changes, 7 of them are from the community) + +- Show coverage to two decimal points in coverage badge. !10083 (Jeff Stubler) +- Update 'removed assignee' note to include old assignee reference. !16301 (Maurizio De Santis) +- Move row containing Projects, Users and Groups count to the top in admin dashboard. !16421 +- Add Auto DevOps Domain application setting. !16604 +- Changes Revert this merge request text. !16611 (Jacopo Beschi @jacopo-beschi) +- Link Auto DevOps settings to Clusters page. !16641 +- Internationalize charts page. !16687 (selrahman) +- Internationalize graph page selrahman. !16688 (Shah El-Rahman) +- Save traces as artifacts. !16702 +- Hide variable values on pipeline schedule edit page. !16729 +- Update runner info on all authenticated requests. !16756 +- Improve issue note dropdown and mr button. !16758 (George Tsiolis) +- Replace "cluster" with "Kubernetes cluster". !16778 +- Enable Prometheus metrics for deployed Ingresses. !16866 (joshlambert) +- Rename button to enable CI/CD configuration to "Set up CI/CD". !16870 +- Double padding for file-content wiki class on larger screens. +- Improve wording about additional costs for Ingress on custom clusters. +- Last push widget will show banner for new pushes to previously merged branch. +- Save user ID and username in Grape API log (api_json.log). +- Include subgroup issues and merge requests on the group page. + +### Performance (14 changes, 1 of them is from the community) + +- Fix double query execution on groups page. !16314 +- Speed up loading merged merge requests when they contained a lot of commits before merging. !16320 +- Properly memoize some predicate methods. !16329 +- Reduce the number of Prometheus metrics. !16443 +- Only highlight search results under the highlighting size limit. !16462 +- Add fast-blank. !16468 +- Move BoardList vue component to vue file. !16888 (George Tsiolis) +- Fix N+1 query problem for snippets dashboard. !16944 +- Optimize search queries on the search page by setting a limit for matching records. +- Store number of commits in merge_request_diffs table. +- Improve performance of target branch dropdown. +- Remove duplicate calls of MergeRequest#can_be_reverted?. +- Stop checking if discussions are in a mergeable state if the MR isn't. +- Remove N+1 queries with /projects/:project_id/{access_requests,members} API endpoints. + +### Added (28 changes, 10 of them are from the community) + +- Add link on commit page to merge request that introduced that commit. !13713 (Hiroyuki Sato) +- System hooks for Merge Requests. !14387 (Alexis Reigel) +- Add `pipelines` endpoint to merge requests API. !15454 (Tony Rom ) +- Adds Rubocop rule for line break around conditionals. !15739 (Jacopo Beschi @jacopo-beschi) +- Add Colors to GitLab Flavored Markdown. !16095 (Tony Rom ) +- Initial work to add notification reason to emails. !16160 (Mario de la Ossa) +- Implement multi server support and use kube proxy to connect to Prometheus servers inside K8S cluster. !16182 +- Add ability to transfer a group into another group. !16302 +- Add blue dot feature highlight to make GKE Clusters more visible to users. !16379 +- Add section headers to plus button dropdown. !16394 (George Tsiolis) +- Support PostgreSQL 10. !16471 +- Enables Project Milestone Deletion via the API. !16478 (Jacopo Beschi @jacopo-beschi) +- Add realtime ci status for the repository -> files view. !16523 +- User can now git push to create a new project. !16547 +- Improve empty project overview. !16617 (George Tsiolis) +- Added uploader metadata to the uploads. !16779 +- Added ldap config setting to lower case the username. !16791 +- Add search support into the API. !16878 +- Backport of LFS File Locking API. !16935 +- Add a link to documentation on how to get external ip in the Kubernetes cluster details page. !16937 +- Add sorting options for /users API (admin only). !16945 +- Adds sorting to deployments API. (Jacopo Beschi @jacopo-beschi) +- Add rake task to check integrity of uploaded files. +- Add backend for persistently dismissably callouts. +- Track and act upon the number of executed queries. +- Add a gRPC health check to ensure Gitaly is up. +- Log and send a system hook if a blocked user attempts to login. +- Add Gitaly Servers admin dashboard. + +### Other (25 changes, 7 of them are from the community) + +- Updated the katex library. !15864 +- Add modal for deleting a milestone. !16229 +- Remove unused CSS selectors for Cycle Analytics. !16270 (Takuya Noguchi) +- Add reason to keep postgresql 9.2 for CI. !16277 (Takuya Noguchi) +- Adjust modal style to new design. !16310 +- Default to Gitaly for 'git push' HTTP/SSH, and make Gitaly mandatory for SSH pull. !16586 +- Set timezone for karma to UTC. !16602 (Takuya Noguchi) +- Make Gitaly RepositoryExists opt-out. !16680 +- Update minimum git version to 2.9.5. !16683 +- Disable throwOnError in KaTeX to reveal user where is the problem. !16684 (Jakub Jirutka) +- fix documentation about node version. !16720 (Tobias Gurtzick) +- Enable RuboCop Style/RegexpLiteral. !16752 (Takuya Noguchi) +- Add confirmation-input component. !16816 +- Add unique constraint to trending_projects#project_id. !16846 +- Add foreign key and NOT NULL constraints to todos table. !16849 +- Include branch in mobile view for pipelines. !16910 (George Tsiolis) +- Downgrade google-protobuf gem. !16941 +- Refactors mr widget components into vue files and adds i18n. +- increase-readability-of-colored-text-in-job-output-log. +- Finish any remaining jobs for issues.closed_at. +- Translate issuable sidebar. +- Set standard disabled state for all buttons. +- Upgrade GitLab Workhorse to v3.6.0. +- Improve readability of underlined links for dyslexic users. +- Adds empty state illustration for pending job. + + +## 10.4.3 (2018-02-05) + +### Security (4 changes) + +- Fix namespace access issue for GitHub, BitBucket, and GitLab.com project importers. +- Fix stored XSS in code blocks that ignore highlighting. +- Fix wilcard protected tags protecting all branches. +- Restrict Todo API mark_as_done endpoint to the user's todos only. + + +## 10.4.2 (2018-01-30) + +### Fixed (6 changes) + +- Fix copy/paste on iOS devices due to a bug in webkit. !15804 +- Fix missing "allow users to request access" option in public project permissions. !16485 +- Fix encoding issue when counting commit count. !16637 +- Fixes destination already exists, and some particular service errors on Import/Export error. !16714 +- Fix cache clear bug withg using : on Windows. !16740 +- Use has_table_privilege for TRIGGER on PostgreSQL. + +### Changed (1 change) + +- Vendor Auto DevOps template with DAST security checks enabled. !16691 + + +## 10.4.1 (2018-01-24) + +### Fixed (4 changes) + +- Ensure that users can reclaim a namespace or project path that is blocked by an orphaned route. !16242 +- Correctly escape UTF-8 path elements for uploads. !16560 +- Fix issues when rendering groups and their children. !16584 +- Fix bug in which projects with forks could not change visibility settings from Private to Public. !16595 + +### Performance (2 changes) + +- rework indexes on redirect_routes. +- Remove unecessary query from labels filter. + + +## 10.4.0 (2018-01-22) + +### Security (8 changes, 1 of them is from the community) + +- Upgrade Ruby to 2.3.6 to include security patches. !16016 +- Prevent a SQL injection in the MilestonesFinder. +- Check user authorization for source and target projects when creating a merge request. +- Fix path traversal in gitlab-ci.yml cache:key. +- Fix writable shared deploy keys. +- Filter out sensitive fields from the project services API. (Robert Schilling) +- Fix RCE via project import mechanism. +- Prevent OAuth login POST requests when a provider has been disabled. + +### Fixed (68 changes, 24 of them are from the community) + +- Update comment on image cursor and icons. !15760 +- Fixes the wording of headers in system info page. !15802 (Gilbert Roulot) +- Reset todo counters when the target is deleted. !15807 +- Execute quick actions (if present) when creating MR from issue. !15810 +- fix build count in pipeline success mail. !15827 (Christiaan Van den Poel) +- Fix error that was preventing users to change the access level of access requests for Groups or Projects. !15832 +- Last push event widget width for fixed layout. !15862 (George Tsiolis) +- Hide link to issues/MRs from labels list if issues/MRs are disabled. !15863 (Sophie Herold) +- Use relative URL for projects to avoid storing domains. !15876 +- Fix gitlab-rake gitlab:import:repos import schedule. !15931 +- Removed incorrect guidance stating blocked users will be removed from groups and project as members. !15947 (CesarApodaca) +- Fix some POST/DELETE requests in IE by switching some bundles to Axios for Ajax requests. !15951 +- Fixing error 500 when member exist but not the user. !15970 +- show None when issue is in closed list and no labels assigned. !15976 (Christiaan Van den Poel) +- Fix tags in the Activity tab not being clickable. !15996 (Mario de la Ossa) +- Disable Vue pagination when only one page of content is available. !15999 (Mario de la Ossa) +- disables shortcut to issue boards when issues are not enabled. !16020 (Christiaan Van den Poel) +- Ignore lost+found folder during backup on a volume. !16036 (Julien Millau) +- Fix abuse reports link url in admin area navbar. !16068 (megos) +- Keep typographic hierarchy in User Settings. !16090 (George Tsiolis) +- Adjust content width for User Settings, GPG Keys. !16093 (George Tsiolis) +- Fix gitlab-rake gitlab:import:repos import schedule. !16115 +- Fix import project url not updating project name. !16120 +- Fix activity inline event line height on mobile. !16121 (George Tsiolis) +- Fix slash commands dropdown description mis-alignment on Firefox. !16125 (Maurizio De Santis) +- Remove unnecessary sidebar element realignment. !16159 (George Tsiolis) +- User#projects_limit remove DB default and added NOT NULL constraint. !16165 (Mario de la Ossa) +- Fix API endpoints to edit wiki pages where project belongs to a group. !16170 +- Fix breadcrumbs in User Settings. !16172 (rfwatson) +- Move 2FA disable button. !16177 (George Tsiolis) +- Fixing bug when wiki last version. !16197 +- Protected branch is now created for default branch on import. !16198 +- Prevent excessive DB load due to faulty DeleteConflictingRedirectRoutes background migration. !16205 +- Force Auto DevOps kubectl version to 1.8.6. !16218 +- Fix missing references to pipeline objects when restoring project with import/export feature. !16221 +- Fix inconsistent downcase of filenames in prefilled `Add` commit messages. !16232 (James Ramsay) +- Default merge request title is set correctly again when external issue tracker is activated. !16356 (Ben305) +- Ensure that emails contain absolute, rather than relative, links to user uploads. !16364 +- Prevent invalid Route path if path is unchanged. !16397 +- Fixing rack request mime type when using rack attack. !16427 +- Prevent RevList failing on non utf8 paths. !16440 +- Fix giant fork icons on forks page. !16474 +- Fix links to uploaded files on wiki pages. !16499 +- Modify `LDAP::Person` to return username value based on attributes. +- Fixed merge request status badge not updating after merging. +- Remove related links in MR widget when empty state. +- Gracefully handle garbled URIs in Markdown. +- Fix hooks not being set up properly for bare import Rake task. +- Fix Mermaid drawings not loading on some browsers. +- Humanize the units of "Showing last X KiB of log" in job trace. +- Avoid leaving a push event empty if payload cannot be created. +- Show authored date rather than committed date on the commit list. +- Fix when branch creation fails don't post system note. (Mateusz Bajorski) +- Fix viewing merge request diffs where the underlying blobs are unavailable. +- Fix 500 error when visiting a commit where the blobs do not exist. +- Set target_branch to the ref branch when creating MR from issue. +- Fix closed text for issues on Todos page. +- [API] Fix creating issue when assignee_id is empty. +- Fix false positive issue references in merge requests caused by header anchor links. +- Fixed chanages dropdown ellipsis positioning. +- Fix shortcut links on help page. +- Clears visual token on second backspace. (Martin Wortschack) +- Fix onion-skin re-entering state. +- fix button alignment on MWPS component. +- Add optional search param for Merge Requests API. +- Normalizing Identity extern_uid when saving the record. +- Fixed typo for issue description field declaration. (Marcus Amargi) +- Fix ANSI 256 bold colors in pipelines job output. + +### Changed (18 changes, 3 of them are from the community) + +- Make mail notifications of discussion notes In-Reply-To of each other. !14289 +- Migrate existing data from KubernetesService to Clusters::Platforms::Kubernetes. !15589 +- Implement checking GCP project billing status in cluster creation form. !15665 +- Present multiple clusters in a single list instead of a tabbed view. !15669 +- Remove soft removals related code. !15789 +- Only mark import and fork jobs as failed once all Sidekiq retries get exhausted. !15844 +- Translate date ranges on contributors page. !15846 +- Update issuable status icons. !15898 +- Update feature toggle design to use icons and make it i18n friendly. !15904 +- Update groups tree to use GitLab SVG icons, add last updated at information for projects. !15980 +- Allow forking a public project to a private group. !16050 +- Expose project_id on /api/v4/pages/domains. !16200 (Luc Didry) +- Display graph values on hover within monitoring page. !16261 +- removed tabindexes from tag form. (Marcus Amargi) +- Move edit button to second row on issue page (and change it to a pencil icon). +- Run background migrations with a minimum interval. +- Provide additional cookies to JIRA service requests to allow Oracle WebGates Basic Auth. (Stanislaw Wozniak) +- Hide markdown toolbar in preview mode. + +### Performance (11 changes) + +- Improve the performance for counting diverging commits. Show 999+ if it is more than 1000 commits. !15963 +- Treat empty markdown and html strings as valid cached text, not missing cache that needs to be updated. +- Cache merged and closed events data in merge_request_metrics table. +- Speed up generation of commit stats by using Rugged native methods. +- Improve search query for issues. +- Improve search query for merge requests. +- Eager load event target authors whenever possible. +- Use simple Next/Prev paging for jobs to avoid large count queries on arbitrarily large sets of historical jobs. +- Improve performance of MR discussions on large diffs. +- Add index on namespaces lower(name) for UsersController#exists. +- Fix timeout when filtering issues by label. + +### Added (26 changes, 8 of them are from the community) + +- Support new chat notifications parameters in Services API. !11435 +- Add online and status attribute to runner api entity. !11750 +- Adds ordering to projects contributors in API. !15469 (Jacopo Beschi @jacopo-beschi) +- Add assets_sync gem to Gemfile. !15734 +- Add a gitlab:tcp_check rake task. !15759 +- add support for sorting in tags api. !15772 (haseebeqx) +- Add Prometheus to available Cluster applications. !15895 +- Validate file status when commiting multiple files. !15922 +- List of avatars should never show +1. !15972 (Jacopo Beschi @jacopo-beschi) +- Do not generate NPM links for private NPM modules in blob view. !16002 (Mario de la Ossa) +- Backport fast database lookup of SSH authorized_keys from EE. !16014 +- Add i18n helpers to branch comparison view. !16031 (James Ramsay) +- Add pause/resume button to project runners. !16032 (Mario de la Ossa) +- Added option to user preferences to enable the multi file editor. !16056 +- Implement project jobs cache reset. !16067 +- Rendering of emoji's in Group-Overview. !16098 (Jacopo Beschi @jacopo-beschi) +- Allow automatic creation of Kubernetes Integration from template. !16104 +- API: get participants from merge_requests & issues. !16187 (Brent Greeff) +- Added option to disable commits stats in the commit endpoint. !16309 +- Disable creation of new Kubernetes Integrations unless they're active or created from template. !41054 +- Added badge to tree & blob views to indicate LFS tracked files. +- Enable ordering of groups and their children by name. +- Add button to run scheduled pipeline immediately. +- Allow user to rebase merge requests. +- Handle GitLab hashed storage repositories using the repo import task. +- Hide runner token in CI/CD settings page. + +### Other (12 changes, 3 of them are from the community) + +- Adds the multi file editor as a new beta feature. !15430 +- Use relative URLs when linking to uploaded files. !15751 +- Add docs for why you might be signed out when using the Remember me token. !15756 +- Replace '.team << [user, role]' with 'add_role(user)' in specs. !16069 (@blackst0ne) +- Add id to modal.vue to support data-toggle="modal". !16189 +- Update scss-lint to 0.56.0. !16278 (Takuya Noguchi) +- Fix web ide user preferences copy and buttons. !41789 +- Update redis-rack to 2.0.4. +- Import some code and functionality from gitlab-shell to improve subprocess handling. +- Update Browse file to Choose file in all occurences. +- Bump mysql2 gem version from 0.4.5 to 0.4.10. (asaparov) +- Use a background migration for issues.closed_at. + + +## 10.3.7 (2018-02-05) + +### Security (4 changes) + +- Fix namespace access issue for GitHub, BitBucket, and GitLab.com project importers. +- Fix stored XSS in code blocks that ignore highlighting. +- Fix wilcard protected tags protecting all branches. +- Restrict Todo API mark_as_done endpoint to the user's todos only. + + +## 10.3.6 (2018-01-22) + +### Fixed (17 changes, 2 of them are from the community) + +- Fix abuse reports link url in admin area navbar. !16068 (megos) +- Fix gitlab-rake gitlab:import:repos import schedule. !16115 +- Fixing bug when wiki last version. !16197 +- Prevent excessive DB load due to faulty DeleteConflictingRedirectRoutes background migration. !16205 +- Default merge request title is set correctly again when external issue tracker is activated. !16356 (Ben305) +- Prevent invalid Route path if path is unchanged. !16397 +- Fixing rack request mime type when using rack attack. !16427 +- Prevent RevList failing on non utf8 paths. !16440 +- Fix 500 error when visiting a commit where the blobs do not exist. +- Fix viewing merge request diffs where the underlying blobs are unavailable. +- Gracefully handle garbled URIs in Markdown. +- Fix hooks not being set up properly for bare import Rake task. +- Fix Mermaid drawings not loading on some browsers. +- Fixed chanages dropdown ellipsis positioning. +- Avoid leaving a push event empty if payload cannot be created. +- Set target_branch to the ref branch when creating MR from issue. +- Fix shortcut links on help page. + + +## 10.3.5 (2018-01-18) + +- Fix error that prevented the 'deploy_keys' migration from working in MySQL databases. + +## 10.3.4 (2018-01-10) + +### Security (7 changes, 1 of them is from the community) + +- Prevent a SQL injection in the MilestonesFinder. +- Fix RCE via project import mechanism. +- Prevent OAuth login POST requests when a provider has been disabled. +- Filter out sensitive fields from the project services API. (Robert Schilling) +- Check user authorization for source and target projects when creating a merge request. +- Fix path traversal in gitlab-ci.yml cache:key. +- Fix writable shared deploy keys. + + +## 10.3.3 (2018-01-02) + +### Fixed (3 changes) + +- Fix links to old commits in merge request comments. +- Fix 404 errors after a user edits an issue description and solves the reCAPTCHA. +- Gracefully handle orphaned write deploy keys in /internal/post_receive. + + +## 10.3.2 (2017-12-28) + +### Fixed (1 change) + +- Fix migration for removing orphaned issues.moved_to_id values in MySQL and PostgreSQL. + + +## 10.3.1 (2017-12-27) + +### Fixed (3 changes) + +- Don't link LFS objects to a project when unlinking forks when they were already linked. !16006 +- Execute project hooks and services after commit when moving an issue. +- Fix Error 500s with anonymous clones for a project that has moved. + +### Changed (1 change) + +- Reduce the number of buckets in gitlab_cache_operation_duration_seconds metric. !15881 + + +## 10.3.0 (2017-12-22) + +### Security (1 change, 1 of them is from the community) + +- Upgrade jQuery to 2.2.4. !15570 (Takuya Noguchi) + +### Fixed (55 changes, 8 of them are from the community) + +- Fail jobs if its dependency is missing. !14009 +- Fix errors when selecting numeric-only labels in the labels autocomplete selector. !14607 (haseebeqx) +- Fix pipeline status transition for single manual job. This would also fix pipeline duration becuse it is depending on status transition. !15251 +- Fix acceptance of username for Mattermost service update. !15275 +- Set the default gitlab-shell timeout to 3 hours. !15292 +- Make sure a user can add projects to subgroups they have access to. !15294 +- OAuth identity lookups case-insensitive. !15312 +- Fix filter by my reaction is not working. !15345 (Hiroyuki Sato) +- Avoid deactivation when pipeline schedules execute a branch includes `[ci skip]` comment. !15405 +- Add recaptcha modal to issue updates detected as spam. !15408 +- Fix item name and namespace text overflow in Projects dropdown. !15451 +- Removed unused rake task, 'rake gitlab:sidekiq:drop_post_receive'. !15493 +- Fix commits page throwing 500 when the multi-file editor was enabled. !15502 +- Fix Issue comment submit button being disabled when pasting content from another GFM note. !15530 +- Reenable Prometheus metrics, add more control over Prometheus method instrumentation. !15558 +- Fix broadcast message not showing up on login page. !15578 +- Initializes the branches dropdown when the 'Start new pipeline' failed due to validation errors. !15588 (Christiaan Van den Poel) +- Fix merge requests where the source or target branch name matches a tag name. !15591 +- Create a fork network for forks with a deleted source. !15595 +- Fix search results when a filename would contain a special character. !15606 (haseebeqx) +- Strip leading & trailing whitespaces in CI/CD secret variable keys. !15615 +- Correctly link to a forked project from the new fork page. !15653 +- Fix the fork project functionality for projects with hashed storage. !15671 +- Added default order to UsersFinder. !15679 +- Fix graph notes number duplication. !15696 (Vladislav Kaverin) +- Fix updateEndpoint undefined error for issue_show app root. !15698 +- Change boards page boards_data absolute urls to paths. !15703 +- Using appropiate services in the API for managing forks. !15709 +- Confirming email with invalid token should no longer generate an error. !15726 +- fix #39233 - 500 in merge request. !15774 (Martin Nowak) +- Use Markdown styling for new project guidelines. !15785 (Markus Koller) +- Fix error during schema dump. !15866 +- Fix broken illustration images for monitoring page empty states. !15889 +- Make sure user email is read only when synced with LDAP. !15915 +- Fixed outdated browser flash positioning. +- Fix gitlab:import:repos Rake task moving repositories into the wrong location. +- Gracefully handle case when repository's root ref does not exist. +- Fix GitHub importer using removed interface. +- Align retry button with job title with new grid size. +- Fixed admin welcome screen new group path. +- Fix related branches/Merge requests failing to load when the hostname setting is changed. +- Init zen mode in snippets pages. +- Remove extra margin from wordmark in header. +- Fixed long commit links not wrapping correctly. +- Fixed deploy keys remove button loading state not resetting. +- Use app host instead of asset host when rendering image blob or diff. +- Hide log size for mobile screens. +- Fix sending notification emails to users with the mention level set who were mentioned in an issue or merge request description. +- Changed validation error message on wrong milestone dates. (Xurxo Méndez Pérez) +- Fix access to the final page of todos. +- Fixed new group milestone breadcrumbs. +- Fix image diff notification email from showing wrong content. +- Fixed merge request lock icon size. +- Make sure head pippeline always corresponds with the head sha of an MR. +- Prevent 500 error when inspecting job after trigger was removed. + +### Changed (14 changes, 2 of them are from the community) + +- Only owner or master can erase jobs. !15216 +- Allow password authentication to be disabled entirely. !15223 (Markus Koller) +- Add the option to automatically run a pipeline after updating AutoDevOps settings. !15380 +- Add total_time_spent to the `changes` hash in issuable Webhook payloads. !15381 +- Monitor NFS shards for circuitbreaker in a separate process. !15426 +- Add inline editing to issues on mobile. !15438 +- Add custom brand text on new project pages. !15541 (Markus Koller) +- Show only group name by default and put full namespace in tooltip in Groups tree. !15650 +- Use custom user agent header in all GCP API requests. !15705 +- Changed the deploy markers on the prometheus dashboard to be more verbose. !38032 +- Animate contextual sidebar on collapse/expand. +- Update emojis. Add :gay_pride_flag: and :speech_left:. Remove extraneous comma in :cartwheel_tone4:. +- When a custom header logo is present, don't show GitLab type logo. +- Improved diff changed files dropdown design. + +### Performance (19 changes) + +- Add timeouts for Gitaly calls. !15047 +- Performance issues when loading large number of wiki pages. !15276 +- Add performance logging to UpdateMergeRequestsWorker. !15360 +- Keep track of all circuitbreaker keys in a set. !15613 +- Improve the performance for counting commits. !15628 +- Reduce requests for project forks on show page of projects that have forks. !15663 +- Perform SQL matching of Build&Runner tags to greatly speed-up job picking. +- Only load branch names for protected branch checks. +- Optimize API /groups/:id/projects by preloading associations. +- Remove allocation tracking code from InfluxDB sampler for performance. +- Throttle the number of UPDATEs triggered by touch. +- Make finding most recent merge request diffs more efficient. +- Fetch blobs in bulk when generating diffs. +- Cache commits for MergeRequest diffs. +- Use fuzzy search with minimum length of 3 characters where appropriate. +- Add axios to common file. +- Remove template selector from global namespace. +- check the import_status field before doing SQL operations to check the import url. +- Stop sending milestone and labels data over the wire for MR widget requests. + +### Added (22 changes, 15 of them are from the community) + +- Limit autocomplete menu to applied labels. !11110 (Vitaliy @blackst0ne Klachkov) +- Make diff notes created on a commit in a merge request to persist a rebase. !12148 +- Allow creation of merge request from email. !13817 (janp) +- Add an ability to use a custom branch name on creation from issues. !13884 (Vitaliy @blackst0ne Klachkov) +- Add anonymous rate limit per IP, and authenticated (web or API) rate limits per user. !14708 +- Create a new form to add Existing Kubernetes Cluster. !14805 +- Add support of Mermaid (generation of diagrams and flowcharts from text). !15107 (Vitaliy @blackst0ne Klachkov) +- Add total time spent to milestones. !15116 (George Andrinopoulos) +- Add /groups/:id/subgroups endpoint to API. !15142 (marbemac) +- Add administrative endpoint to list all pages domains. !15160 (Travis Miller) +- Adds Rubocop rule for line break after guard clause. !15188 (Jacopo Beschi @jacopo-beschi) +- Add edit button to mobile file view. !15199 (Travis Miller) +- Add dropdown sort to group milestones. !15230 (George Andrinopoulos) +- added support for ordering and sorting in notes api. !15342 (haseebeqx) +- Hashed Storage migration script now supports migrating project attachments. !15352 +- New API endpoint - list jobs for a specified runner. !15432 +- Add new API endpoint - get a namespace by ID. !15442 +- Disables autocomplete in filtered searc. !15477 (Jacopo Beschi @jacopo-beschi) +- Update empty state page of merge request 'changes' tab. !15611 (Vitaliy @blackst0ne Klachkov) +- Allow git pull/push on group/user/project redirects. !15670 +- show status of gitlab reference links in wiki. !15694 (haseebeqx) +- Add email confirmation parameters for user creation and update via API. (Daniel Juarez) + +### Other (17 changes, 7 of them are from the community) + +- Enable UnnecessaryMantissa in scss-lint. !15255 (Takuya Noguchi) +- Add untracked files to uploads table. !15270 +- Move update_project_counter_caches? out of issue and merge request. !15300 (George Andrinopoulos) +- Removed tooltip from clone dropdown. !15334 +- Clean up empty fork networks. !15373 +- Create issuable destroy service. !15604 (George Andrinopoulos) +- Upgrade seed-fu to 2.3.7. !15607 (Takuya Noguchi) +- Rename GKE as Kubernetes Engine. !15608 (Takuya Noguchi) +- Prefer ci_config_path validation for leading slashes instead of sanitizing the input. !15672 (Christiaan Van den Poel) +- Fix typo in docs about Elasticsearch. !15699 (Takuya Noguchi) +- Add internationalization support for the prometheus integration. !33338 +- Export text utils functions as es6 module and add tests. +- Stop reloading the page when using pagination and tabs - use API calls - in Pipelines table. +- Clean up schema of the "issues" table. +- Clarify wording of protected branch settings for the default branch. +- Update svg external depencency. +- Clean up schema of the "merge_requests" table. + + +## 10.2.8 (2018-02-07) + +### Security (4 changes) + +- Fix namespace access issue for GitHub, BitBucket, and GitLab.com project importers. +- Fix stored XSS in code blocks that ignore highlighting. +- Fix wilcard protected tags protecting all branches. +- Restrict Todo API mark_as_done endpoint to the user's todos only. + + +## 10.2.7 (2018-01-18) + +- No changes. + +## 10.2.6 (2018-01-11) + +### Security (9 changes, 1 of them is from the community) + +- Fix writable shared deploy keys. +- Filter out sensitive fields from the project services API. (Robert Schilling) +- Fix RCE via project import mechanism. +- Fixed IPython notebook output not being sanitized. +- Prevent OAuth login POST requests when a provider has been disabled. +- Prevent a SQL injection in the MilestonesFinder. +- Check user authorization for source and target projects when creating a merge request. +- Fix path traversal in gitlab-ci.yml cache:key. +- Fix XSS vulnerability in pipeline job trace. + + +## 10.2.5 (2017-12-15) + +### Fixed (8 changes) + +- Create a fork network for forks with a deleted source. !15595 +- Correctly link to a forked project from the new fork page. !15653 +- Fix the fork project functionality for projects with hashed storage. !15671 +- Fix updateEndpoint undefined error for issue_show app root. !15698 +- Fix broken illustration images for monitoring page empty states. !15889 +- Fix related branches/Merge requests failing to load when the hostname setting is changed. +- Fix gitlab:import:repos Rake task moving repositories into the wrong location. +- Gracefully handle case when repository's root ref does not exist. + +### Performance (3 changes) + +- Keep track of all circuitbreaker keys in a set. !15613 +- Only load branch names for protected branch checks. +- Optimize API /groups/:id/projects by preloading associations. + + +## 10.2.4 (2017-12-07) + +### Security (5 changes) + +- Fix e-mail address disclosure through member search fields +- Prevent creating issues through API when user does not have permissions +- Prevent an information disclosure in the Groups API +- Fix user without access to private Wiki being able to see it on the project page +- Fix Cross-Site Scripting (XSS) vulnerability while editing a comment + + +## 10.2.3 (2017-11-30) + +### Fixed (7 changes) + +- Fix hashed storage for Import/Export uploads. !15482 +- Ensure that rake gitlab:cleanup:repos task does not mess with hashed repositories. !15520 +- Ensure that rake gitlab:cleanup:dirs task does not mess with hashed repositories. !15600 +- Fix WIP system note not being created. +- Fix link text from group context. +- Fix defaults for MR states and merge statuses. +- Fix pulling and pushing using a personal access token with the sudo scope. + +### Performance (3 changes) + +- Drastically improve project search performance by no longer searching namespace name. +- Reuse authors when rendering event Atom feeds. +- Optimise StuckCiJobsWorker using cheap SQL query outside, and expensive inside. + + +## 10.2.2 (2017-11-23) + +### Fixed (5 changes) + +- Label addition/removal are not going to be redacted wrongfully in the API. !15080 +- Fix bitbucket wiki import with hashed storage enabled. !15490 +- Impersonation no longer gets stuck on password change. !15497 +- Fix blank states using old css. +- Fix promoting milestone updating all issuables without milestone. + +### Performance (3 changes) + +- Update Issue Boards to fetch the notification subscription status asynchronously. +- Update composite pipelines index to include "id". +- Use arrays in Pipeline#latest_builds_with_artifacts. + +### Other (2 changes) + +- Don't move repositories and attachments for projects using hashed storage. !15479 +- Add logs for monitoring the merge process. + + +## 10.2.1 (2017-11-22) + +### Fixed (1 change) + +- Force disable Prometheus metrics. + + +## 10.2.0 (2017-11-22) + +### Security (4 changes) + +- Upgrade Ruby to 2.3.5 to include security patches. !15099 +- Prevent OAuth phishing attack by presenting detailed wording about app to user during authorization. +- Convert private tokens to Personal Access Tokens with sudo scope. +- Remove private tokens from web interface and API. + +### Removed (5 changes) + +- Remove help text from group issues page and group merge requests page. !14963 +- Remove overzealous tooltips in projects page tabs. !15017 +- Stop merge requests from fetching their refs when the data is already available. !15129 +- Remove update merge request worker tagging. +- Remove Session API now that private tokens are removed from user API endpoints. + +### Fixed (75 changes, 18 of them are from the community) + +- Fix 404 errors in API caused when the branch name had a dot. !14462 (gvieira37) +- Remove unnecessary alt-texts from pipeline emails. !14602 (gernberg) +- Renders 404 in commits controller if no commits are found for a given path. !14610 (Guilherme Vieira) +- Cleanup data-page attribute after each Karma test. !14742 +- Removed extra border radius from .file-editor and .file-holder when editing a file. !14803 (Rachel Pipkin) +- Add support for markdown preview to group milestones. !14806 (Vitaliy @blackst0ne Klachkov) +- Fixed 'Removed source branch' checkbox in merge widget being ignored. !14832 +- Fix unnecessary ajax requests in admin broadcast message form. !14853 +- Make NamespaceSelect change URL when filtering. !14888 +- Get true failure from evalulate_script by checking for element beforehand. !14898 +- Fix SAML error 500 when no groups are defined for user. !14913 +- Fix 500 errors caused by empty diffs in some discussions. !14945 (Alexander Popov) +- Fix the atom feed for group events. !14974 +- Hides pipeline duration in commit box when it is zero (nil). !14979 (gvieira37) +- Add new diff discussions on MR diffs tab in "realtime". !14981 +- Returns a ssh url for go-get=1. !14990 (gvieira37) +- Case insensitive search for branches. !14995 (George Andrinopoulos) +- Fixes 404 error to 'Issues assigned to me' and 'Issues I've created' when issues are disabled. !15021 (Jacopo Beschi @jacopo-beschi) +- Update the groups API documentation. !15024 (Robert Schilling) +- Validate username/pw for Jiraservice, require them in the API. !15025 (Robert Schilling) +- Update Merge Request polling so there is only one request at a time. !15032 +- Use project select dropdown not only as a combobutton. !15043 +- Remove create MR button from issues when MRs are disabled. !15071 (George Andrinopoulos) +- Tighten up whitelisting of certain Geo routes. !15082 +- Allow to disable the Performance Bar. !15084 +- Refresh open Issue and Merge Request project counter caches when re-opening. !15085 (Rob Ede @robjtede) +- Fix markdown form tabs toggling preview mode from double clicking write mode button. !15119 +- Fix cancel button not working while uploading on the new issue page. !15137 +- Fix webhooks recent deliveries. !15146 (Alexander Randa (@randaalex)) +- Fix issues with forked projects of which the source was deleted. !15150 +- Fix GPG signature popup info in Safari and Firefox. !15228 +- Fix GFM reference links for closed milestones. !15234 (Vitaliy @blackst0ne Klachkov) +- When deleting merged branches, ignore protected tags. !15252 +- Revert a regression on runners sorting (!15134). !15341 (Takuya Noguchi) +- Don't use JS to delete memberships from projects and groups. !15344 +- Don't try to create fork network memberships for forks with a missing source. !15366 +- Fix gitlab:backup rake for hashed storage based repositories. !15400 +- Fix issue where clicking a GPG verification badge would scroll to the top of the page. !15407 +- Update container repository path reference and allow using double underscore. !15417 +- Fix crash when navigating to second page of the group dashbaord when there are projects and groups on the first page. !15456 +- Fix flash errors showing up on a non configured prometheus integration. !35652 +- Fix timezone bug in Pikaday and upgrade Pikaday version. +- Fix arguments Import/Export error importing project merge requests. +- Moves mini graph of pipeline to the end of sentence in MR widget. Cleans HTML and tests. +- Fix user autocomplete in subgroups. +- Fixed user profile activity tab being off-screen on mobile. +- Fix diff parser so it tolerates to diff special markers in the content. +- Fix a migration that adds merge_requests_ff_only_enabled column to MR table. +- Don't create build failed todos when the job is automatically retried. +- Render 404 when polling commit notes without having permissions. +- Show error message when fast-forward merge is not possible. +- Prevents position update for image diff notes. +- Mobile-friendly table on Admin Runners. (Takuya Noguchi) +- Decreases z-index of select2 to a lower number of our navigation bar. +- Fix broken Members link when relative URL root paths are used. +- Avoid regenerating the ref path for the environment. +- Memoize GitLab logger to reduce open file descriptors. +- Fix hashed storage with project transfers to another namespace. +- Fix bad type checking to prevent 0 count badge to be shown. +- Fix problem with issuable header wrapping when content is too long. +- Move retry button in job page to sidebar. +- Formats bytes to human reabale number in registry table. +- Fix commit pipeline showing wrong status. +- Include link to issue in reopen message for Slack and Mattermost notifications. +- Fix double border UI bug on pipelines/environments table and pagination. +- Remove native title tooltip in pipeline jobs dropdown in Safari. +- Fix namespacing for MergeWhenPipelineSucceedsService in MR API. +- Prevent error when authorizing an admin-created OAauth application without a set owner. +- Always return full avatar URL for private/internal groups/projects when asset host is set. +- Make sure group and project creation is blocked for new users that are external by default. +- Make sure NotesActions#noteable returns a Noteable in the update action. +- Reallow project paths ending in periods. +- Only set Auto-Submitted header once for emails on push. +- Fix overlap of right-sidebar and main content when creating a Wiki page. +- Enables scroll to bottom once user has scrolled back to bottom in job log. + +### Changed (21 changes, 7 of them are from the community) + +- Added possibility to enter past date in /spend command to log time in the past. !3044 (g3dinua, LockiStrike) +- Add Prometheus equivalent of all InfluxDB metrics. !13891 +- Show collapsible project lists. !14055 +- Make Prometheus metrics endpoint return empty response when metrics are disabled. !14490 +- Support custom attributes on groups and projects. !14593 (Markus Koller) +- Avoid fetching all branches for branch existence checks. !14778 +- Update participants and subscriptions button in issuable sidebar to be async. !14836 +- Replace WikiPage::CreateService calls with wiki_page factory in specs. !14850 (Jacopo Beschi @jacopo-beschi) +- Add lazy option to UserAvatarImage. !14895 +- Add readme only option as project view. !14900 +- Todos spelled correctly on Todos list page. !15015 +- Support uml:: and captions in reStructuredText. !15120 (Markus Koller) +- Add system hooks user_rename and group_rename. !15123 +- Change tags order in refs dropdown. !15235 (Vitaliy @blackst0ne Klachkov) +- Change default cluster size to n1-default-2. !39649 (Fabio Busatto) +- Change 'Sign Out' route from a DELETE to a GET. !39708 (Joe Marty) +- Change background color of nav sidebar to match other gl sidebars. +- Update i18n section in FE docs for marking and interpolation. +- Add a count of changes to the merge requests API. +- Improve GitLab Import rake task to work with Hashed Storage and Subgroups. +- 14830 Move GitLab export option to top of import list when creating a new project. + +### Performance (14 changes) + +- Improve branch listing page performance. !14729 +- Improve DashboardController#activity.json performance. !14985 +- Add a latest_merge_request_diff_id column to merge_requests. !15035 +- Improve performance of the /projects/:id/repository/branches API endpoint. !15215 +- Ensure merge requests with lots of version don't time out when searching for pipelines. +- Speed up issues list APIs. +- Remove Filesystem check metrics that use too much CPU to handle requests. +- Disable Unicorn sampling in Sidekiq since there are no Unicorn sockets to monitor. +- Truncate tree to max 1,000 items and display notice to users. +- Add Performance improvement as category on the changelog. +- Cache commits fetched from the repository. +- Cache the number of user SSH keys. +- Optimise getting the pipeline status of commits. +- Improve performance of commits list by fully using DB index when getting commit note counts. + +### Added (26 changes, 10 of them are from the community) + +- Expose duration in Job entity. !13644 (Mehdi Lahmam (@mehlah)) +- Prevent git push when LFS objects are missing. !13837 +- Automatic configuration settings page. !13850 (Francisco Lopez) +- Add API endpoints for Pages Domains. !13917 (Travis Miller) +- Include the changes in issuable webhook payloads. !14308 +- Add Packagist project service. !14493 (Matt Coleman) +- Add sort runners on admin runners. !14661 (Takuya Noguchi) +- Repo Editor: Add option to start a new MR directly from comit section. !14665 +- Issue JWT token with registry:catalog:* scope when requested by GitLab admin. !14751 (Vratislav Kalenda) +- Support show-all-refs for git over HTTP. !14834 +- Add loading button for new UX paradigm. !14883 +- Get Project Branch API shows an helpful error message on invalid refname. !14884 (Jacopo Beschi @jacopo-beschi) +- Refactor have_http_status into have_gitlab_http_status. !14958 (Jacopo Beschi @jacopo-beschi) +- Suggest to rename the remote for existing repository instructions. !14970 (helmo42) +- Adds project_id to pipeline hook data. !15044 (Jacopo Beschi @jacopo-beschi) +- Hashed Storage support for Attachments. !15068 +- Add metric tagging for sidekiq workers. !15111 +- Expose project visibility as CI variable - CI_PROJECT_VISIBILITY. !15193 +- Allow multiple queries in a single Prometheus graph to support additional environments (Canary, Staging, et al.). !15201 +- Allow promoting project milestones to group milestones. +- Added submodule support in multi-file editor. +- Add applications section to GKE clusters page to easily install Helm Tiller, Ingress. +- Allow files to uploaded in the multi-file editor. +- Add Ingress to available Cluster applications. +- Adds typescript support. +- Add sudo scope for OAuth and Personal Access Tokens to be used by admins to impersonate other users on the API. + +### Other (18 changes, 8 of them are from the community) + +- Decrease Perceived Complexity threshold to 14. !14231 (Maxim Rydkin) +- Replace the 'features/explore/projects.feature' spinach test with an rspec analog. !14755 (Vitaliy @blackst0ne Klachkov) +- While displaying a commit, do not show list of related branches if there are thousands of branches. !14812 +- Removed d3.js from the graph and users bundles and used the common_d3 bundle instead. !14826 +- Make contributors page translatable. !14915 +- Decrease ABC threshold to 54.28. !14920 (Maxim Rydkin) +- Clarify system_hook triggers in documentation. !14957 (Joe Marty) +- Free up some reserved group names. !15052 +- Bump carrierwave to 1.2.1. !15072 (Takuya Noguchi) +- Enable NestingDepth (level 6) on scss-lint. !15073 (Takuya Noguchi) +- Enable BorderZero rule in scss-lint. !15168 (Takuya Noguchi) +- Internationalized tags page. !38589 +- Moves placeholders components into shared folder with documentation. Makes them easier to reuse in MR and Snippets comments. +- Reorganize welcome page for new users. +- Refactor GroupLinksController. (15121) +- Remove filter icon from search bar. +- Use title as placeholder instead of issue title for reusability. +- Add Gitaly metrics to the performance bar. + + +## 10.1.7 (2018-01-18) + +- No changes. + +## 10.1.6 (2018-01-11) + +### Security (8 changes, 1 of them is from the community) + +- Fix writable shared deploy keys. +- Filter out sensitive fields from the project services API. (Robert Schilling) +- Fix RCE via project import mechanism. +- Prevent OAuth login POST requests when a provider has been disabled. +- Prevent a SQL injection in the MilestonesFinder. +- Check user authorization for source and target projects when creating a merge request. +- Fix path traversal in gitlab-ci.yml cache:key. +- Fix XSS vulnerability in pipeline job trace. + + +## 10.1.5 (2017-12-07) + +### Security (5 changes) + +- Fix e-mail address disclosure through member search fields +- Prevent creating issues through API when user does not have permissions +- Prevent an information disclosure in the Groups API +- Fix user without access to private Wiki being able to see it on the project page +- Fix Cross-Site Scripting (XSS) vulnerability while editing a comment + + +## 10.1.4 (2017-11-14) + +### Fixed (4 changes) + +- Don't try to create fork network memberships for forks with a missing source. !15366 +- Formats bytes to human reabale number in registry table. +- Prevent error when authorizing an admin-created OAauth application without a set owner. +- Prevents position update for image diff notes. + + +## 10.1.3 (2017-11-10) + +- [SECURITY] Prevent OAuth phishing attack by presenting detailed wording about app to user during authorization. +- [FIXED] Fix cancel button not working while uploading on the new issue page. !15137 +- [FIXED] Fix webhooks recent deliveries. !15146 (Alexander Randa (@randaalex)) +- [FIXED] Fix issues with forked projects of which the source was deleted. !15150 +- [FIXED] Fix GPG signature popup info in Safari and Firefox. !15228 +- [FIXED] Make sure group and project creation is blocked for new users that are external by default. +- [FIXED] Fix arguments Import/Export error importing project merge requests. +- [FIXED] Fix diff parser so it tolerates to diff special markers in the content. +- [FIXED] Fix a migration that adds merge_requests_ff_only_enabled column to MR table. +- [FIXED] Render 404 when polling commit notes without having permissions. +- [FIXED] Show error message when fast-forward merge is not possible. +- [FIXED] Avoid regenerating the ref path for the environment. +- [PERFORMANCE] Remove Filesystem check metrics that use too much CPU to handle requests. + +## 10.1.2 (2017-11-08) + +- [SECURITY] Add X-Content-Type-Options header in API responses to make it more difficult to find other vulnerabilities. +- [SECURITY] Properly translate IP addresses written in decimal, octal, or other formats in SSRF protections in project imports. +- [FIXED] Fix TRIGGER checks for MySQL. + +## 10.1.1 (2017-10-31) + +- [FIXED] Auto Devops kubernetes default namespace is now correctly built out of gitlab project group-name. !14642 (Mircea Danila Dumitrescu) +- [FIXED] Forbid the usage of `Redis#keys`. !14889 +- [FIXED] Make the circuitbreaker more robust by adding higher thresholds, and multiple access attempts. !14933 +- [FIXED] Only cache last push event for existing projects when pushing to a fork. !14989 +- [FIXED] Fix bug preventing secondary emails from being confirmed. !15010 +- [FIXED] Fix broken wiki pages that link to a wiki file. !15019 +- [FIXED] Don't rename paths that were freed up when upgrading. !15029 +- [FIXED] Fix bitbucket login. !15051 +- [FIXED] Update gitaly in Gitlab 10.1 to 0.43.1 for temp file cleanup. !15055 +- [FIXED] Use the correct visibility attribute for projects in system hooks. !15065 +- [FIXED] Normalize LDAP DN when looking up identity. +- [FIXED] Adds callback functions for initial request in clusters page. +- [FIXED] Fix missing Import/Export issue assignees. +- [FIXED] Allow boards as top level route. +- [FIXED] Fix widget of locked merge requests not being presented. +- [FIXED] Fix editing issue description in mobile view. +- [FIXED] Fix deletion of container registry or images returning an error. +- [FIXED] Fix the writing of invalid environment refs. +- [CHANGED] Store circuitbreaker settings in the database instead of config. !14842 +- [CHANGED] Update default disabled merge request widget message to reflect a general failure. !14960 +- [PERFORMANCE] Stop merge requests with thousands of commits from timing out. !15063 + +## 10.1.0 (2017-10-22) + +- [SECURITY] Use a timeout on certain git operations. !14872 +- [SECURITY] Move project repositories between namespaces when renaming users. +- [SECURITY] Prevent an open redirect on project pages. +- [SECURITY] Prevent a persistent XSS in user-provided markup. +- [REMOVED] Remove the ability to visit the issue edit form directly. !14523 +- [REMOVED] Remove animate.js and label animation. +- [FIXED] Perform prometheus data endpoint requests in parallel. !14003 +- [FIXED] Escape quotes in git username. !14020 (Brandon Everett) +- [FIXED] Fixed non-UTF-8 valid branch names from causing an error. !14090 +- [FIXED] Read import sources from setting at first initialization. !14141 (Visay Keo) +- [FIXED] Display full pre-receive and post-receive hook output in GitLab UI. !14222 (Robin Bobbitt) +- [FIXED] Fix incorrect X-axis labels in Prometheus graphs. !14258 +- [FIXED] Fix the default branches sorting to actually be 'Last updated'. !14295 +- [FIXED] Fixes project denial of service via gitmodules using Extended ASCII. !14301 +- [FIXED] Fix the filesystem shard health check to check all configured shards. !14341 +- [FIXED] Compare email addresses case insensitively when verifying GPG signatures. !14376 (Tim Bishop) +- [FIXED] Allow the git circuit breaker to correctly handle missing repository storages. !14417 +- [FIXED] Fix `rake gitlab:incoming_email:check` and make it report the actual error. !14423 +- [FIXED] Does not check if an invariant hashed storage path exists on disk when renaming projects. !14428 +- [FIXED] Also reserve refs/replace after importing a project. !14436 +- [FIXED] Fix profile image orientation based on EXIF data gvieira37. !14461 (gvieira37) +- [FIXED] Move the deployment flag content to the left when deployment marker is near the end. !14514 +- [FIXED] Fix notes type created from import. This should fix some missing notes issues from imported projects. !14524 +- [FIXED] Fix bottom spacing for dropdowns that open upwards. !14535 +- [FIXED] Adjusts tag link to avoid underlining spaces. !14544 (Guilherme Vieira) +- [FIXED] Add missing space in Sidekiq memory killer log message. !14553 (Benjamin Drung) +- [FIXED] Ensure no exception is raised when Raven tries to get the current user in API context. !14580 +- [FIXED] Fix edit project service cancel button position. !14596 (Matt Coleman) +- [FIXED] Fix case sensitive email confirmation on signup. !14606 (robdel12) +- [FIXED] Whitelist authorized_keys.lock in the gitlab:check rake task. !14624 +- [FIXED] Allow merge in MR widget with no pipeline but using "Only allow merge requests to be merged if the pipeline succeeds". !14633 +- [FIXED] Fix navigation dropdown close animation on mobile screens. !14649 +- [FIXED] Fix the project import with issues and milestones. !14657 +- [FIXED] Use explicit boolean true attribute for show-disabled-button in Vue files. !14672 +- [FIXED] Make tabs on top scrollable on admin dashboard. !14685 (Takuya Noguchi) +- [FIXED] Fix broken Y-axis scaling in some Prometheus graphs. !14693 +- [FIXED] Search or compare LDAP DNs case-insensitively and ignore excess whitespace. !14697 +- [FIXED] Allow prometheus graphs to correctly handle NaN values. !14741 +- [FIXED] Don't show an "Unsubscribe" link in snippet comment notifications. !14764 +- [FIXED] Fixed duplicate notifications when added multiple labels on an issue. !14798 +- [FIXED] Fix alignment for indeterminate marker in dropdowns. !14809 +- [FIXED] Fix error when updating a forked project with deleted `ForkedProjectLink`. !14916 +- [FIXED] Correctly render asset path for locales with a region. !14924 +- [FIXED] Fix the external URLs generated for online view of HTML artifacts. !14977 +- [FIXED] Reschedule merge request diff background migrations to catch failures from 9.5 run. +- [FIXED] fix merge request widget status icon for failed CI. +- [FIXED] Fix the number representing the amount of commits related to a push event. +- [FIXED] Sync up hover and legend data across all graphs for the prometheus dashboard. +- [FIXED] Fixes mini pipeline graph in commit view. +- [FIXED] Fix comment deletion confirmation dialog typo. +- [FIXED] Fix project snippets breadcrumb link. +- [FIXED] Make usage ping scheduling more robust. +- [FIXED] Make "merge ongoing" check more consistent. +- [FIXED] Add 1000+ counters to job page. +- [FIXED] Fixed issue/merge request breadcrumb titles not having links. +- [FIXED] Fixed commit avatars being centered vertically. +- [FIXED] Tooltips in the commit info box now all face the same direction. (Jedidiah Broadbent) +- [FIXED] Fixed navbar title colors leaking out of the navbar. +- [FIXED] Fix bug that caused merge requests with diff notes imported from Bitbucket to raise errors. +- [FIXED] Correctly detect multiple issue URLs after 'Closes...' in MR descriptions. +- [FIXED] Set default scope on PATs that don't have one set to allow them to be revoked. +- [FIXED] Fix application setting to cache nil object. +- [FIXED] Fix image diff swipe handle offset to correctly align with the frame. +- [FIXED] Force non diff resolved discussion to display when collapse toggled. +- [FIXED] Fix resolved discussions not expanding on side by side view. +- [FIXED] Fixed the sidebar scrollbar overlapping links. +- [FIXED] Issue board tooltips are now the correct width when the column is collapsed. (Jedidiah Broadbent) +- [FIXED] Improve autodevops banner UX and render it only in project page. +- [FIXED] Fix typo in cycle analytics breaking time component. +- [FIXED] Force two up view to load by default for image diffs. +- [FIXED] Fixed milestone breadcrumb links. +- [FIXED] Fixed group sort dropdown defaulting to empty. +- [FIXED] Fixed notes not being scrolled to in merge requests. +- [FIXED] Adds Event polyfill for IE11. +- [FIXED] Update native unicode emojis to always render as normal text (previously could render italicized). (Branka Martinovic) +- [FIXED] Sort JobsController by id, not created_at. +- [FIXED] Fix revision and total size missing for Container Registry. +- [FIXED] Fixed milestone issuable assignee link URL. +- [FIXED] Fixed breadcrumbs container expanding in side-by-side diff view. +- [FIXED] Fixed merge request widget merged & closed date tooltip text. +- [FIXED] Prevent creating multiple ApplicationSetting instances. +- [FIXED] Fix username and ID not logging in production_json.log for Git activity. +- [FIXED] Make Redcarpet Markdown renderer thread-safe. +- [FIXED] Two factor auth messages in settings no longer overlap the button. (Jedidiah Broadbent) +- [FIXED] Made the "remember me" check boxes have consistent styles and alignment. (Jedidiah Broadbent) +- [FIXED] Prevent branches or tags from starting with invalid characters (e.g. -, .). +- [DEPRECATED] Removed two legacy config options. (Daniel Voogsgerd) +- [CHANGED] Show notes number more user-friendly in the graph. !13949 (Vladislav Kaverin) +- [CHANGED] Link SAML users to LDAP by email. !14216 +- [CHANGED] Display whether branch has been merged when deleting protected branch. !14220 +- [CHANGED] Make the labels in the Compare form less confusing. !14225 +- [CHANGED] Confirmation email shows link as text instead of human readable text. !14243 (bitsapien) +- [CHANGED] Return only group's members in user dropdowns on issuables list pages. !14249 +- [CHANGED] Added defaults for protected branches dropdowns on the repository settings. !14278 +- [CHANGED] Show confirmation modal before deleting account. !14360 +- [CHANGED] Allow creating merge requests across a fork network. !14422 +- [CHANGED] Re-arrange script HTML tags before template HTML tags in .vue files. !14671 +- [CHANGED] Create idea of read-only database. !14688 +- [CHANGED] Add active states to nav bar counters. +- [CHANGED] Add view replaced file link for image diffs. +- [CHANGED] Adjust tooltips to adhere to 8px grid and make them more readable. +- [CHANGED] breadcrumbs receives padding when double lined. +- [CHANGED] Allow developer role to admin milestones. +- [CHANGED] Stop using Sidekiq for updating Key#last_used_at. +- [CHANGED] Include GitLab full name in Slack messages. +- [ADDED] Expose last pipeline details in API response when getting a single commit. !13521 (Mehdi Lahmam (@mehlah)) +- [ADDED] Allow to use same periods for different housekeeping tasks (effectively skipping the lesser task). !13711 (cernvcs) +- [ADDED] Add GitLab-Pages version to Admin Dashboard. !14040 (travismiller) +- [ADDED] Commenting on image diffs. !14061 +- [ADDED] Script to migrate project's repositories to new Hashed Storage. !14067 +- [ADDED] Hide close MR button after merge without reloading page. !14122 (Jacopo Beschi @jacopo-beschi) +- [ADDED] Add Gitaly version to Admin Dashboard. !14313 (Jacopo Beschi @jacopo-beschi) +- [ADDED] Add 'closed_at' attribute to Issues API. !14316 (Vitaliy @blackst0ne Klachkov) +- [ADDED] Add tooltip for milestone due date to issue and merge request lists. !14318 (Vitaliy @blackst0ne Klachkov) +- [ADDED] Improve list of sorting options. !14320 (Vitaliy @blackst0ne Klachkov) +- [ADDED] Add client and call site metadata to Gitaly calls for better traceability. !14332 +- [ADDED] Strip gitlab-runner section markers in build trace HTML view. !14393 +- [ADDED] Add online view of HTML artifacts for public projects. !14399 +- [ADDED] Create Kubernetes cluster on GKE from k8s service. !14470 +- [ADDED] Add support for GPG subkeys in signature verification. !14517 +- [ADDED] Parse and store gitlab-runner timestamped section markers. !14551 +- [ADDED] Add "implements" to the default issue closing message regex. !14612 (Guilherme Vieira) +- [ADDED] Replace `tag: true` into `:tag` in the specs. !14653 (Jacopo Beschi @jacopo-beschi) +- [ADDED] Discussion lock for issues and merge requests. +- [ADDED] Add an API endpoint to determine the forks of a project. +- [ADDED] Add help text to runner edit: tags should be separated by commas. (Brendan O'Leary) +- [ADDED] Only copy old/new code when selecting left/right side of parallel diff. +- [ADDED] Expose avatar_url when requesting list of projects from API with simple=true. +- [ADDED] A confirmation email is now sent when adding a secondary email address. (digitalmoksha) +- [ADDED] Move Custom merge methods from EE. +- [ADDED] Makes @mentions links have a different styling for better separation. +- [ADDED] Added tabs to dashboard/projects to easily switch to personal projects. +- [OTHER] Extract AutocompleteController#users into finder. !13778 (Maxim Rydkin, Mayra Cabrera) +- [OTHER] Replace 'project/wiki.feature' spinach test with an rspec analog. !13856 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Expand docs for changing username or group path. !13914 +- [OTHER] Move `lib/ci` to `lib/gitlab/ci`. !14078 (Maxim Rydkin) +- [OTHER] Decrease Cyclomatic Complexity threshold to 13. !14152 (Maxim Rydkin) +- [OTHER] Decrease Perceived Complexity threshold to 15. !14160 (Maxim Rydkin) +- [OTHER] Replace project/group_links.feature spinach test with an rspec analog. !14169 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace the project/milestone.feature spinach test with an rspec analog. !14171 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace the profile/emails.feature spinach test with an rspec analog. !14172 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace the project/team_management.feature spinach test with an rspec analog. !14173 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace the 'project/merge_requests/accept.feature' spinach test with an rspec analog. !14176 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace the 'project/builds/summary.feature' spinach test with an rspec analog. !14177 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Optimize the boards' issues fetching. !14198 +- [OTHER] Replace the 'project/merge_requests/revert.feature' spinach test with an rspec analog. !14201 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace the 'project/issues/award_emoji.feature' spinach test with an rspec analog. !14202 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace the 'profile/active_tab.feature' spinach test with an rspec analog. !14239 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace the 'search.feature' spinach test with an rspec analog. !14248 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Load sidebar participants avatars only when visible. !14270 +- [OTHER] Adds gitlab features and components to usage ping data. !14305 +- [OTHER] Replace the 'project/archived.feature' spinach test with an rspec analog. !14322 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace the 'project/commits/revert.feature' spinach test with an rspec analog. !14325 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace the 'project/snippets.feature' spinach test with an rspec analog. !14326 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Add link to OpenID Connect documentation. !14368 (Markus Koller) +- [OTHER] Upgrade doorkeeper-openid_connect. !14372 (Markus Koller) +- [OTHER] Upgrade gitlab-markup gem. !14395 (Markus Koller) +- [OTHER] Index projects on repository storage. !14414 +- [OTHER] Replace the 'project/shortcuts.feature' spinach test with an rspec analog. !14431 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace the 'project/service.feature' spinach test with an rspec analog. !14432 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Improve GitHub import performance. !14445 +- [OTHER] Add basic sprintf implementation to JavaScript. !14506 +- [OTHER] Replace the 'project/merge_requests.feature' spinach test with an rspec analog. !14621 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Update GitLab Pages to v0.6.0. !14630 +- [OTHER] Add documentation to summarise project archiving. !14650 +- [OTHER] Remove 'Repo' prefix from API entites. !14694 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Removes cycle analytics service and store from global namespace. +- [OTHER] Improves i18n for Auto Devops callout. +- [OTHER] Exports common_utils utility functions as modules. +- [OTHER] Use `simple=true` for projects API in Projects dropdown for better search performance. +- [OTHER] Change index on ci_builds to optimize Jobs Controller. +- [OTHER] Add index for merge_requests.merge_commit_sha. +- [OTHER] Add (partial) index on Labels.template. +- [OTHER] Cache issue and MR template names in Redis. +- [OTHER] changed dashed border button color to be darker. +- [OTHER] Speed up permission checks. +- [OTHER] Fix docs for lightweight tag creation via API. +- [OTHER] Clarify artifact download via the API only accepts branch or tag name for ref. +- [OTHER] Change recommended MySQL version to 5.6. +- [OTHER] Bump google-api-client Gem from 0.8.6 to 0.13.6. +- [OTHER] Detect when changelog entries are invalid. +- [OTHER] Use a UNION ALL for getting merge request notes. +- [OTHER] Remove an index on ci_builds meant to be only temporary. +- [OTHER] Remove a SQL query from the todos index page. +- Support custom attributes on users. !13038 (Markus Koller) +- made read-only APIs for public merge requests available without authentication. !13291 (haseebeqx) +- Hide read_registry scope when registry is disabled on instance. !13314 (Robin Bobbitt) +- creation of keys moved to services. !13331 (haseebeqx) +- Add username as GL_USERNAME in hooks. + +## 10.0.7 (2017-12-07) + +### Security (5 changes) + +- Fix e-mail address disclosure through member search fields +- Prevent creating issues through API when user does not have permissions +- Prevent an information disclosure in the Groups API +- Fix user without access to private Wiki being able to see it on the project page +- Fix Cross-Site Scripting (XSS) vulnerability while editing a comment + + +## 10.0.5 (2017-11-03) + +- [FIXED] Fix incorrect X-axis labels in Prometheus graphs. !14258 +- [FIXED] Fix `rake gitlab:incoming_email:check` and make it report the actual error. !14423 +- [FIXED] Does not check if an invariant hashed storage path exists on disk when renaming projects. !14428 +- [FIXED] Fix bottom spacing for dropdowns that open upwards. !14535 +- [FIXED] Fix the project import with issues and milestones. !14657 +- [FIXED] Fix broken Y-axis scaling in some Prometheus graphs. !14693 +- [FIXED] Fixed duplicate notifications when added multiple labels on an issue. !14798 +- [FIXED] Don't rename paths that were freed up when upgrading. !15029 +- [FIXED] Fixed issue/merge request breadcrumb titles not having links. +- [FIXED] Fix application setting to cache nil object. +- [FIXED] Fix missing Import/Export issue assignees. +- [FIXED] Allow boards as top level route. +- [FIXED] Fixed milestone breadcrumb links. +- [FIXED] Fixed merge request widget merged & closed date tooltip text. +- [FIXED] fix merge request widget status icon for failed CI. + +## 10.0.4 (2017-10-16) + +- [SECURITY] Move project repositories between namespaces when renaming users. +- [SECURITY] Prevent an open redirect on project pages. +- [SECURITY] Prevent a persistent XSS in user-provided markup. + +## 10.0.3 (2017-10-05) + +- [FIXED] find_user Users helper method no longer overrides find_user API helper method. !14418 +- [FIXED] Fix CSRF validation issue when closing/opening merge requests from the UI. !14555 +- [FIXED] Kubernetes integration: ensure v1.8.0 compatibility. !14635 +- [FIXED] Fixes data parameter not being sent in ajax request for jobs log. +- [FIXED] Improves UX of autodevops popover to match gpg one. +- [FIXED] Fixed commenting on side-by-side commit diff. +- [FIXED] Make sure API responds with 401 when invalid authentication info is provided. +- [FIXED] Fix merge request counter updates after merge. +- [FIXED] Fix gitlab-rake gitlab:import:repos task failing. +- [FIXED] Fix pushes to an empty repository not invalidating has_visible_content? cache. +- [FIXED] Ensure all refs are restored on a restore from backup. +- [FIXED] Gitaly RepositoryExists remains opt-in for all method calls. +- [FIXED] Fix 500 error on merged merge requests when GitLab is restored from a backup. +- [FIXED] Adjust MRs being stuck on "process of being merged" for more than 2 hours. + +## 10.0.2 (2017-09-27) + +- [FIXED] Notes will not show an empty bubble when the author isn't a member. !14450 +- [FIXED] Some checks in `rake gitlab:check` were failling with 'undefined method `run_command`'. !14469 +- [FIXED] Make locked setting of Runner to not affect jobs scheduling. !14483 +- [FIXED] Re-allow `name` attribute on user-provided anchor HTML. + +## 10.0.1 (2017-09-23) + +- [FIXED] Fix duplicate key errors in PostDeployMigrateUserExternalMailData migration. + +## 10.0.0 (2017-09-22) + +- [SECURITY] Upgrade brace-expansion NPM package due to security issue. !13665 (Markus Koller) +- [REMOVED] Remove CI API v1. +- [FIXED] Ensure correct visibility level options shown on all Project, Group, and Snippets forms. !13442 +- [FIXED] Fix the /projects/:id/repository/files/:file_path/raw endpoint to handle dots in the file_path. !13512 (mahcsig) +- [FIXED] Merge request reference in merge commit changed to full reference. !13518 (haseebeqx) +- [FIXED] Removes Sortable default scope. !13558 +- [FIXED] Wiki table of contents are now properly nested to reflect header level. !13650 (Akihiro Nakashima) +- [FIXED] Improve bare project import: Allow subgroups, take default visibility level into account. !13670 +- [FIXED] Fix group and project search for anonymous users. !13745 +- [FIXED] Fix searching for files by path. !13798 +- [FIXED] Fix division by zero error in blame age mapping. !13803 (Jeff Stubler) +- [FIXED] Fix incorrect date/time formatting on prometheus graphs. !13865 +- [FIXED] Changes the password change workflow for admins. !13901 +- [FIXED] API: Respect default group visibility when creating a group. !13903 (Robert Schilling) +- [FIXED] Unescape HTML characters in Wiki title. !13942 (Jacopo Beschi @jacopo-beschi) +- [FIXED] Make blob viewer for rich contents wider for mobile. !14011 (Takuya Noguchi) +- [FIXED] Fix typo in the API Deploy Keys documentation page. !14014 (Vitaliy @blackst0ne Klachkov) +- [FIXED] Hide admin link from default search results for non-admins. !14015 +- [FIXED] Fix problems sanitizing URLs with empty passwords. !14083 +- [FIXED] Fix stray OR in New Project page. !14096 (Robin Bobbitt) +- [FIXED] Fix a wrong `X-Gitlab-Event` header when testing webhooks. !14108 +- [FIXED] Fix the diff file header from being html escaped for renamed files. !14121 +- [FIXED] Image attachments are properly displayed in notification emails again. !14161 +- [FIXED] Fixes the 500 errors caused by a race condition in GPG's tmp directory handling. !14194 (Alexis Reigel) +- [FIXED] Fix MR ready to merge buttons/controls at mobile breakpoint. !14242 +- [FIXED] Fix Pipeline Triggers to show triggered label and predefined variables (e.g. CI_PIPELINE_TRIGGERED). !14244 +- [FIXED] Allow using newlines in pipeline email service recipients. !14250 +- [FIXED] Fix errors when moving issue with reference to a group milestone. !14294 +- [FIXED] Fix the "resolve discussion in a new issue" button. !14357 +- [FIXED] File uploaders do not perform hard check, only soft check. +- [FIXED] Add to_project_id parameter to Move Issue via API example. +- [FIXED] Update x/x discussions resolved checkmark icon to be green when all discussions resolved. +- [FIXED] Fixed add diff note button not showing after deleting a comment. +- [FIXED] Fix broken svg in jobs dropdown for success status. +- [FIXED] Fix buttons with different height in merge request widget. +- [FIXED] Removes disabled state from dashboard project button. +- [FIXED] Better align fallback image emojis. +- [FIXED] Remove focus styles from dropdown empty links. +- [FIXED] Fix inconsistent spacing for edit buttons on issues and merge request page. +- [FIXED] Fix edit merge request and issues button inconsistent letter casing. +- [FIXED] Improve Import/Export memory usage. +- [FIXED] Fix Import/Export issue to do with fork merge requests. +- [FIXED] Fix invite by email address duplication. +- [FIXED] Adds tooltip to the branch name and improves performance. +- [FIXED] Disable GitLab Project Import Button if source disabled. +- [FIXED] Migrate issues authored by deleted user to the Ghost user. +- [FIXED] Fix new navigation wrapping and causing height to grow. +- [FIXED] Normalize styles for empty state combo button. +- [FIXED] Fix external link to Composer website. +- [FIXED] Prevents jobs dropdown from closing in pipeline graph. +- [FIXED] Include the `is_admin` field in the `GET /users/:id` API when current user is an admin. +- [FIXED] Fix breadcrumbs container in issue boards. +- [FIXED] Fix project feature being deleted when updating project with invalid visibility level. +- [FIXED] Truncate milestone title if sidebar is collapsed. +- [FIXED] Prevents rendering empty badges when request fails. +- [FIXED] Fixes margins on the top buttons of the pipeline table. +- [FIXED] Bump jira-ruby gem to 1.4.1 to fix issues with HTTP proxies. +- [FIXED] Eliminate N+1 queries in loading discussions.json endpoint. +- [FIXED] Eliminate N+1 queries referencing issues. +- [FIXED] Remove unnecessary loading of discussions in `IssuesController#show`. +- [FIXED] Fix errors thrown in merge request widget with external CI service/integration. +- [FIXED] Do not show the Auto DevOps banner when the project has a .gitlab-ci.yml on master. +- [FIXED] Reword job to pipeline to reflect what the graphs are really about. +- [FIXED] Sort templates in the dropdown. +- [FIXED] Fix Auto DevOps banner to be shown on empty projects. +- [FIXED] Resolve Image onion skin + swipe does not work anymore. +- [FIXED] Fix mini graph pipeline breakin in merge request view. +- [FIXED] Fixed merge request changes bar jumping. +- [FIXED] Improve migrations using triggers. +- [FIXED] Fix ConvDev Index nav item and Monitoring submenu regression. +- [FIXED] disabling notifications globally now properly turns off group/project added + emails !13325 +- [DEPRECATED] Deprecate custom SSH client configuration for the git user. !13930 +- [CHANGED] allow all users to delete their account. !13636 (Jacopo Beschi @jacopo-beschi) +- [CHANGED] Use full path of project's avatar in webhooks. !13649 (Vitaliy @blackst0ne Klachkov) +- [CHANGED] Add filtered search to group merge requests dashboard. !13688 (Hiroyuki Sato) +- [CHANGED] Fire hooks asynchronously when creating a new job to improve performance. !13734 +- [CHANGED] Improve performance for AutocompleteController#users.json. !13754 (Hiroyuki Sato) +- [CHANGED] Update the GPG verification semantics: A GPG signature must additionally match the committer in order to be verified. !13771 (Alexis Reigel) +- [CHANGED] Support a multi-word fuzzy seach issues/merge requests on search bar. !13780 (Hiroyuki Sato) +- [CHANGED] Default LDAP config "verify_certificates" to true for security. !13915 +- [CHANGED] "Share with group lock" now applies to subgroups, but owner can override setting on subgroups. !13944 +- [CHANGED] Make Gitaly PostUploadPack mandatory. !13953 +- [CHANGED] Remove project select dropdown from breadcrumb. !14010 +- [CHANGED] Redesign project feature permissions settings. !14062 +- [CHANGED] Document version Group Milestones API introduced. +- [CHANGED] Finish migration to the new events setup. +- [CHANGED] restyling of OAuth authorization confirmation. (Jacopo Beschi @jacopo-beschi) +- [CHANGED] Added support for specific labels and colors. +- [CHANGED] Move "Move issue" controls to right-sidebar. +- [CHANGED] Remove pages settings when not available. +- [CHANGED] Allow all AutoDevOps banners to be turned off. +- [CHANGED] Update Rails project template to use Postgresql by default. +- [CHANGED] Added support the multiple time series for prometheus monitoring. +- [ADDED] API: Respect the "If-Unmodified-Since" header when delting a resource. !9621 (Robert Schilling) +- [ADDED] Protected runners. !13194 +- [ADDED] Add support for copying permalink to notes via more actions dropdown. !13299 +- [ADDED] Add API support for wiki pages. !13372 (Vitaliy @blackst0ne Klachkov) +- [ADDED] Add a `Last 7 days` option for Cycle Analytics view. !13443 (Mehdi Lahmam (@mehlah)) +- [ADDED] inherits milestone and labels when a merge request is created from issue. !13461 (haseebeqx) +- [ADDED] Add 'from commit' information to cherry-picked commits. !13475 (Saverio Miroddi) +- [ADDED] Add an option to list only archived projects. !13492 (Mehdi Lahmam (@mehlah)) +- [ADDED] Extend API: Pipeline Schedule Variable. !13653 +- [ADDED] Add settings for minimum SSH key strength and allowed key type. !13712 (Cory Hinshaw) +- [ADDED] Add div id to the readme in the project overview. !13735 (Riccardo Padovani @rpadovani) +- [ADDED] Add CI/CD job predefined variables with user name and login. !13824 +- [ADDED] API: Add GPG key management. !13828 (Robert Schilling) +- [ADDED] Add CI/CD active kubernetes job policy. !13849 +- [ADDED] Add dropdown to Projects nav item. !13866 +- [ADDED] Allow users and administrator to configure Auto-DevOps. !13923 +- [ADDED] Implement `failure_reason` on `ci_builds`. !13937 +- [ADDED] Add branch existence check to the APIv4 branches via HEAD request. !13979 (Vitaliy @blackst0ne Klachkov) +- [ADDED] Add quick submission on user settings page. !14007 (Vitaliy @blackst0ne Klachkov) +- [ADDED] Add my_reaction_emoji param to /issues and /merge_requests API. !14016 (Hiroyuki Sato) +- [ADDED] Make it possible to download a single job artifact file using the API. !14027 +- [ADDED] Add repository toggle for automatically resolving outdated diff discussions. !14053 (AshleyDumaine) +- [ADDED] Scripts to detect orphaned repositories. !14204 +- [ADDED] Created callout for auto devops. +- [ADDED] Add option in preferences to change navigation theme color. +- [ADDED] Add JSON logger in `log/api_json.log` for Grape API endpoints. +- [ADDED] Add CI_PIPELINE_SOURCE variable on CI Jobs. +- [ADDED] Changed message and title on the 404 page. (Branka Martinovic) +- [ADDED] Handle if Auto DevOps domain is not set in project settings. +- [ADDED] Add collapsable sections for Pipeline Settings. +- [OTHER] Add badge for dependency status. !13588 (Markus Koller) +- [OTHER] Migration to remove pending delete projects with non-existing namespace. !13598 +- [OTHER] Bump rouge to v2.2.0. !13633 +- [OTHER] Fix repository equality check and avoid fetching ref if the commit is already available. This affects merge request creation performance. !13685 +- [OTHER] Replace 'source/search_code.feature' spinach test with an rspec analog. !13697 (blackst0ne) +- [OTHER] Remove unwanted refs after importing a project. !13766 +- [OTHER] Never wait for sidekiq jobs when creating projects. !13775 +- [OTHER] Gitaly feature toggles are on by default in development. !13802 +- [OTHER] Remove `is_` prefix from predicate method names. !13810 (Maxim Rydkin) +- [OTHER] Update 'Using Docker images' documentation. !13848 +- [OTHER] Update gpg documentation with gpg2. !13851 (M M Arif) +- [OTHER] Replace 'project/star.feature' spinach test with an rspec analog. !13855 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Replace 'project/user_lookup.feature' spinach test with an rspec analog. !13863 (Vitaliy @blackst0ne Klachkov) +- [OTHER] Bump rouge to v2.2.1. !13887 +- [OTHER] Add documentation for PlantUML in reStructuredText. !13900 (Markus Koller) +- [OTHER] Decrease ABC threshold to 55.25. !13904 (Maxim Rydkin) +- [OTHER] Decrease Cyclomatic Complexity threshold to 14. !13972 (Maxim Rydkin) +- [OTHER] Update documentation for confidential issue. !14117 +- [OTHER] Remove redundant WHERE from event queries. +- [OTHER] Memoize the latest builds of a pipeline on a project's homepage. +- [OTHER] Re-use issue/MR counts for the pagination system. +- [OTHER] Memoize pipelines for project download buttons. +- [OTHER] Reorganize indexes for the "deployments" table. +- [OTHER] Improves markdown rendering performance for commit lists. +- [OTHER] Only update the sidebar count caches when needed. +- [OTHER] Improves performance of vue code by using vue files and moving svg out of data function in pipeline schedule callout. +- [OTHER] Rework how recent push events are retrieved. +- [OTHER] Restyle dropdown menus to make them look consistent. +- [OTHER] Upgrade grape to 1.0. +- [OTHER] Add usage data for Auto DevOps. +- [OTHER] Cache the number of open issues and merge requests. +- [OTHER] Constrain environment deployments to project IDs. +- [OTHER] Eager load namespace owners for project dashboards. +- [OTHER] Add description template examples to documentation. +- [OTHER] Disallow NULL values for environments.project_id. +- Add my reaction filter to search bar. !12962 (Hiroyuki Sato) +- Generalize profile updates from providers. !12968 (Alexandros Keramidas) +- Validate PO-files in static analysis. !13000 +- First-time contributor badge. !13143 (Micaël Bergeron ) +- Add option to disable project export on instance. !13211 (Robin Bobbitt) +- Hashed Storage support for Repositories (EXPERIMENTAL). !13246 +- Added tests for commits API unauthenticated user and public/private project. !13287 (Jacopo Beschi @jacopo-beschi) +- Fix CI_PROJECT_PATH_SLUG slugify. !13350 (Ivan Chernov) +- Add checks for branch existence before changing HEAD. !13359 (Vitaliy @blackst0ne Klachkov) +- Fix the alignment of line numbers to lines of code in code viewer. !13403 (Trevor Flynn) +- Allow users to move issues to other projects using a / command. !13436 (Manolis Mavrofidis) +- Bumps omniauth-ldap gem version to 2.0.4. !13465 +- Implement the Gitaly RefService::RefExists endpoint. !13528 (Andrew Newdigate) +- Changed all font-weight values to 400 and 600 and introduced 2 variables to manage them. +- Simplify checking if objects exist code in new issaubles workers. +- Present enqueued merge jobs as Merging as well. +- Don't escape html entities in InlineDiffMarkdownMarker. +- Move ConvDev Index location to after Cohorts. +- Added type to CHANGELOG entries. (Jacopo Beschi @jacopo-beschi) +- [BUGIFX] Improves subgroup creation permissions. !13418 + +## 9.5.10 (2017-11-08) + +- [SECURITY] Add SSRF protections for hostnames that will never resolve but will still connect to localhost +- [SECURITY] Include X-Content-Type-Options (XCTO) header into API responses + +## 9.5.9 (2017-10-16) + +- [SECURITY] Move project repositories between namespaces when renaming users. +- [SECURITY] Prevent an open redirect on project pages. +- [SECURITY] Prevent a persistent XSS in user-provided markup. +- [FIXED] Allow using newlines in pipeline email service recipients. !14250 +- Escape user name in filtered search bar. + +## 9.5.8 (2017-10-04) + +- [FIXED] Fixed fork button being disabled for users who can fork to a group. + +## 9.5.7 (2017-10-03) + +- Fix gitlab rake:import:repos task. + +## 9.5.6 (2017-09-29) + +- [FIXED] Fix MR ready to merge buttons/controls at mobile breakpoint. !14242 +- [FIXED] Fix errors thrown in merge request widget with external CI service/integration. +- [FIXED] Update x/x discussions resolved checkmark icon to be green when all discussions resolved. +- [FIXED] Fix 500 error on merged merge requests when GitLab is restored from a backup. + +## 9.5.5 (2017-09-18) + +- [SECURITY] Upgrade mail and nokogiri gems due to security issues. !13662 (Markus Koller) +- [FIXED] Fix division by zero error in blame age mapping. !13803 (Jeff Stubler) +- [FIXED] Fix problems sanitizing URLs with empty passwords. !14083 +- [FIXED] Fix a wrong `X-Gitlab-Event` header when testing webhooks. !14108 +- [FIXED] Fixes the 500 errors caused by a race condition in GPG's tmp directory handling. !14194 (Alexis Reigel) +- [FIXED] Fix Pipeline Triggers to show triggered label and predefined variables (e.g. CI_PIPELINE_TRIGGERED). !14244 +- [FIXED] Fix project feature being deleted when updating project with invalid visibility level. +- [FIXED] Fix new navigation wrapping and causing height to grow. +- [FIXED] Fix buttons with different height in merge request widget. +- [FIXED] Normalize styles for empty state combo button. +- [FIXED] Fix broken svg in jobs dropdown for success status. +- [FIXED] Improve migrations using triggers. +- [FIXED] Disable GitLab Project Import Button if source disabled. +- [CHANGED] Update the GPG verification semantics: A GPG signature must additionally match the committer in order to be verified. !13771 (Alexis Reigel) +- [OTHER] Fix repository equality check and avoid fetching ref if the commit is already available. This affects merge request creation performance. !13685 +- [OTHER] Update documentation for confidential issue. !14117 + ## 9.5.4 (2017-09-06) - [SECURITY] Upgrade mail and nokogiri gems due to security issues. !13662 (Markus Koller) @@ -213,6 +1769,53 @@ entry. - Use a specialized class for querying events to improve performance. - Update build badges to be pipeline badges and display passing instead of success. +## 9.4.7 (2017-10-16) + +- [SECURITY] Upgrade mail and nokogiri gems due to security issues. !13662 (Markus Koller) +- [SECURITY] Move project repositories between namespaces when renaming users. +- [SECURITY] Prevent an open redirect on project pages. +- [SECURITY] Prevent a persistent XSS in user-provided markup. +- [FIXED] Allow using newlines in pipeline email service recipients. !14250 +- Escape user name in filtered search bar. + +## 9.4.6 (2017-09-06) + +- [SECURITY] Upgrade mail and nokogiri gems due to security issues. !13662 (Markus Koller) +- [SECURITY] Prevent a persistent XSS in the commit author block. +- Fix XSS issue in go-get handling. +- Remove hidden symlinks from project import files. +- Fixes race condition in project uploads. +- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character. +- Disallow arbitrary properties in `th` and `td` `style` attributes. +- Resolve CSRF token leakage via pathname manipulation on environments page. +- Disallow the `name` attribute on all user-provided markup. + +## 9.4.5 (2017-08-14) + +- Fix deletion of deploy keys linked to other projects. !13162 +- Allow any logged in users to read_users_list even if it's restricted. !13201 +- Make Delete Merged Branches handle wildcard protected branches correctly. !13251 +- Fix an order of operations for CI connection error message in merge request widget. !13252 +- Fix pipeline_schedules pages when active schedule has an abnormal state. !13286 +- Add missing validation error for username change with container registry tags. !13356 +- Fix destroy of case-insensitive conflicting redirects. !13357 +- Project pending delete no longer return 500 error in admins projects view. !13389 +- Fix search box losing focus when typing. +- Use jQuery to control scroll behavior in job log for cross browser consistency. +- Use project_ref_path to create the link to a branch to fix links that 404. +- improve file upload/replace experience. +- fix jump to next discussion button. +- Fixes new issue button for failed job returning 404. +- Fix links to group milestones from issue and merge request sidebar. +- Fixed sign-in restrictions buttons not toggling active state. +- Fix Mattermost integration. +- Change project FK migration to skip existing FKs. + +## 9.4.4 (2017-08-09) + +- Remove hidden symlinks from project import files. +- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character. + ## 9.4.3 (2017-07-31) - Fix Prometheus client PID reuse bug. !13130 @@ -437,6 +2040,29 @@ entry. - Log rescued exceptions to Sentry. - Remove remaining N+1 queries in merge requests API with emojis and labels. +## 9.3.11 (2017-09-06) + +- [SECURITY] Upgrade mail and nokogiri gems due to security issues. !13662 (Markus Koller) +- [SECURITY] Prevent a persistent XSS in the commit author block. +- Improve support for external issue references. !12485 +- Use uploads/system directory for personal snippets. +- Remove uploads/appearance symlink. A leftover from a previous migration. +- Fix XSS issue in go-get handling. +- Remove hidden symlinks from project import files. +- Fix an infinite loop when handling user-supplied regular expressions. +- Fixes race condition in project uploads. +- Fixes race condition in project uploads. +- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character. +- Disallow arbitrary properties in `th` and `td` `style` attributes. +- Resolve CSRF token leakage via pathname manipulation on environments page. +- Disallow the `name` attribute on all user-provided markup. +- Renders 404 if given project is not readable by the user on Todos dashboard. + +## 9.3.10 (2017-08-09) + +- Remove hidden symlinks from project import files. +- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character. + ## 9.3.9 (2017-07-20) - Fix an infinite loop when handling user-supplied regular expressions. @@ -709,6 +2335,11 @@ entry. - Remove foreigh key on ci_trigger_schedules only if it exists. - Allow translation of Pipeline Schedules. +## 9.2.10 (2017-08-09) + +- Remove hidden symlinks from project import files. +- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character. + ## 9.2.9 (2017-07-20) - Fix an infinite loop when handling user-supplied regular expressions. @@ -964,6 +2595,11 @@ entry. - Fix preemptive scroll bar on user activity calendar. - Pipeline chat notifications convert seconds to minutes and hours. +## 9.1.10 (2017-08-09) + +- Remove hidden symlinks from project import files. +- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character. + ## 9.1.9 (2017-07-20) - Fix an infinite loop when handling user-supplied regular expressions. @@ -1287,6 +2923,11 @@ entry. - Only send chat notifications for the default branch. - Don't fill in the default kubernetes namespace. +## 9.0.13 (2017-08-09) + +- Remove hidden symlinks from project import files. +- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character. + ## 9.0.12 (2017-07-20) - Fix an infinite loop when handling user-supplied regular expressions. @@ -1667,6 +3308,11 @@ entry. - Change development tanuki favicon colors to match logo color order. - API issues - support filtering by iids. +## 8.17.8 (2017-08-09) + +- Remove hidden symlinks from project import files. +- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character. + ## 8.17.7 (2017-07-19) - Renders 404 if given project is not readable by the user on Todos dashboard. @@ -2116,3254 +3762,6 @@ entry. - Add margin to markdown math blocks. - Add hover state to MR comment reply button. -## 8.15.8 (2017-03-19) - -- Only show public emails in atom feeds. -- To protect against Server-side Request Forgery project import URLs are now prohibited against localhost or the server IP except for the assigned instance URL and port. Imports are also prohibited from ports below 1024 with the exception of ports 22, 80, and 443. - -## 8.15.7 (2017-02-15) - -- No changes. - -## 8.15.6 (2017-02-14) - -- Patch Asciidocs rendering to block XSS. -- Fix XSS vulnerability in SVG attachments. -- Prevent the GitHub importer from assigning labels and comments to merge requests or issues belonging to other projects. -- Patch XSS vulnerability in RDOC support. - -## 8.15.5 (2017-01-20) - -- Ensure export files are removed after a namespace is deleted. -- Don't allow project guests to subscribe to merge requests through the API. (Robert Schilling) -- Prevent users from creating notes on resources they can't access. -- Prevent users from deleting system deploy keys via the project deploy key API. -- Upgrade omniauth gem to 1.3.2. - -## 8.15.4 (2017-01-09) - -- Make successful pipeline emails off for watchers. !8176 -- Speed up group milestone index by passing group_id to IssuesFinder. !8363 -- Don't instrument 405 Grape calls. !8445 -- Update the gitlab-markup gem to the version 1.5.1. !8509 -- Updated Turbolinks to mitigate potential XSS attacks. -- Re-order update steps in the 8.14 -> 8.15 upgrade guide. -- Re-add Google Cloud Storage as a backup strategy. - -## 8.15.3 (2017-01-06) - -- Rename wiki_events to wiki_page_events in project hooks API to avoid errors. !8425 -- Rename projects wth reserved names. !8234 -- Cache project authorizations even when user has access to zero projects. !8327 -- Fix a minor grammar error in merge request widget. !8337 -- Fix unclear closing issue behaviour on Merge Request show page. !8345 (Gabriel Gizotti) -- fix border in login session tabs. !8346 -- Copy, don't move uploaded avatar files. !8396 -- Increases width of mini-pipeline-graph dropdown to prevent wrong position on chrome on ubuntu. !8399 -- Removes invalid html and unneed CSS to prevent shaking in the pipelines tab. !8411 -- Gitlab::LDAP::Person uses LDAP attributes configuration. !8418 -- Fix 500 errors when creating a user with identity via API. !8442 -- Whitelist next project names: assets, profile, public. !8470 -- Fixed regression of note-headline-light where it was always placed on 2 lines, even on wide viewports. -- Fix 500 error when visit group from admin area if group name contains dot. -- Fix cross-project references copy to include the project reference. -- Fix 500 error renaming group. -- Fixed GFM dropdown not showing on new lines. - -## 8.15.2 (2016-12-27) - -- Fix finding the latest pipeline. !8301 -- Fix mr list timestamp alignment. !8271 -- Fix discussion overlap text in regular screens. !8273 -- Fixes mini-pipeline-graph dropdown animation and stage position in chrome, firefox and safari. !8282 -- Fix line breaking in nodes of the pipeline graph in firefox. !8292 -- Fixes confendential warning text alignment. !8293 -- Hide Scroll Top button for failed build page. !8295 -- Fix finding the latest pipeline. !8301 -- Disable PostgreSQL statement timeouts when removing unneeded services. !8322 -- Fix timeout when MR contains large files marked as binary by .gitattributes. -- Rename "autodeploy" to "auto deploy". -- Fixed GFM autocomplete error when no data exists. -- Fixed resolve discussion note button color. - -## 8.15.1 (2016-12-23) - -- Push payloads schedule at most 100 commits, instead of all commits. -- Fix Mattermost command creation by specifying username. -- Do not override incoming webhook for mattermost and slack. -- Adds background color for disabled state to merge when succeeds dropdown. !8222 -- Standardises font-size for titles in Issues, Merge Requests and Merge Request widget. !8235 -- Fix Pipeline builds list blank on MR. !8255 -- Do not show retried builds in pipeline stage dropdown. !8260 - -## 8.15.0 (2016-12-22) - -- Whitelist next project names: notes, services. -- Use Grape's new Route methods. -- Fixed issue boards scrolling with a lot of lists & issues. -- Remove unnecessary sentences for status codes in the API documentation. (Luis Alonso Chavez Armendariz) -- Allow unauthenticated access to Repositories Files API GET endpoints. -- Add note to the invite page when the logged in user email is not the same as the invitation. -- Don't accidentally mark unsafe diff lines as HTML safe. -- Add git diff context to notifications of new notes on merge requests. (Heidi Hoopes) -- Shows group members in project members list. -- Gem update: Update grape to 0.18.0. (Robert Schilling) -- API: Expose merge status for branch API. (Robert Schilling) -- Displays milestone remaining days only when it's present. -- API: Expose committer details for commits. (Robert Schilling) -- API: Ability to set 'should_remove_source_branch' on merge requests. (Robert Schilling) -- Fix project import label priorities error. -- Fix Import/Export merge requests error while importing. -- Refactor Bitbucket importer to use BitBucket API Version 2. -- Fix Import/Export duplicated builds error. -- Ci::Builds have same ref as Ci::Pipeline in dev fixtures. (twonegatives) -- For single line git commit messages, the close quote should be on the same line as the open quote. -- Use authorized projects in ProjectTeam. -- Destroy a user's session when they delete their own account. -- Edit help text to clarify annotated tag creation. (Liz Lam) -- Fixed file template dropdown for the "New File" editor for smaller/zoomed screens. -- Fix Route#rename_children behavior. -- Add nested groups support on data level. -- Allow projects with 'dashboard' as path. -- Disabled emoji buttons when user is not logged in. -- Remove unused and void services from the database. -- Add issue search slash command. -- Accept issue new as command to create an issue. -- Non members cannot create labels through the API. -- API: expose pipeline coverage. -- Validate state param when filtering issuables. -- Username exists check respects relative root path. -- Bump Git version requirement to 2.8.4. -- Updates the font weight of button styles because of the change to system fonts. -- Update API spec files to describe the correct class. (Livier) -- Fixed timeago re-rendering every timeago. -- Enable ColorVariable in scss-lint. (Sam Rose) -- Various small emoji positioning adjustments. -- Add shortcuts for adding users to a project team with a specific role. (Nikolay Ponomarev and Dino M) -- Additional rounded label fixes. -- Remove unnecessary database indices. -- 24726 Remove Across GitLab from side navigation. -- Changed cursor icon to pointer when mousing over stages on the Cycle Analytics pages. (Ryan Harris) -- Add focus state to dropdown items. -- Fixes Environments displaying incorrect date since 8.14 upgrade. -- Improve bulk assignment for issuables. -- Stop supporting Google and Azure as backup strategies. -- Fix broken README.md UX guide link. -- Allow public access to some Tag API endpoints. -- Encode input when migrating ProcessCommitWorker jobs to prevent migration errors. -- Adjust the width of project avatars to fix alignment within their container. (Ryan Harris) -- Sentence cased the nav tab headers on the project dashboard page. (Ryan Harris) -- Adds hoverstates for collapsed Issue/Merge Request sidebar. -- Make CI badge hitboxes match parent. -- Add a starting date to milestones. -- Adjusted margins for Build Status and Coverage Report rows to match those of the CI/CD Pipeline row. (Ryan Harris) -- Updated members dropdowns. -- Move all action buttons to project header. -- Replace issue access checks with use of IssuableFinder. -- Fix missing Note access checks by moving Note#search to updated NoteFinder. -- Centered Accept Merge Request button within MR widget and added padding for viewports smaller than 768px. (Ryan Harris) -- Fix missing access checks on issue lookup using IssuableFinder. -- Added top margin to Build status page header for mobile views. (Ryan Harris) -- Fixes "ActionView::Template::Error: undefined method `text?` for nil:NilClass" on MR pages. -- Issue#visible_to_user moved to IssuesFinder to prevent accidental use. -- Replace MR access checks with use of MergeRequestsFinder. -- Fix information disclosure in `Projects::BlobController#update`. -- Allow branch names with dots on API endpoint. -- Changed Housekeeping button on project settings page to default styling. (Ryan Harris) -- Ensure issuable state changes only fire webhooks once. -- Fix bad selection on dropdown menu for tags filter. (Luis Alonso Chavez Armendariz) -- Fix title case to sentence case. (Luis Alonso Chavez Armendariz) -- Fix appearance in error pages. (Luis Alonso Chavez Armendariz) -- Create mattermost service. -- 25617 Fix placeholder color of todo filters. -- Made the padding on the plus button in the breadcrumb menu even. (Ryan Harris) -- Allow to delete tag release note. -- Ensure nil User-Agent doesn't break the CI API. -- Replace Rack::Multipart with GitLab-Workhorse based solution. !5867 -- Add scopes for personal access tokens and OAuth tokens. !5951 -- API: Endpoint to expose personal snippets as /snippets. !6373 (Bernard Guyzmo Pratz) -- New `gitlab:workhorse:install` rake task. !6574 -- Filter protocol-relative URLs in ExternalLinkFilter. Fixes issue #22742. !6635 (Makoto Scott-Hinkle) -- Add support for setting the GitLab Runners Registration Token during initial database seeding. !6642 -- Guests can read builds when public. !6842 -- Made comment autocomplete more performant and removed some loading bugs. !6856 -- Add GitLab host to 2FA QR code and manual info. !6941 -- Add sorting functionality for group/project members. !7032 -- Rename Merge When Build Succeeds to Merge When Pipeline Succeeds. !7135 -- Resolve all discussions in a merge request by creating an issue collecting them. !7180 (Bob Van Landuyt) -- Add Human Readable format for rake backup. !7188 (David Gerő) -- post_receive: accept any user email from last commit. !7225 (Elan Ruusamäe) -- Add support for Dockerfile templates. !7247 -- Add shorthand support to gitlab markdown references. !7255 (Oswaldo Ferreira) -- Display error code for U2F errors. !7305 (winniehell) -- Fix wrong tab selected when loggin fails and multiple login tabs exists. !7314 (Jacopo Beschi @jacopo-beschi) -- Clean up common_utils.js. !7318 (winniehell) -- Show commit status from latest pipeline. !7333 -- Remove the help text under the sidebar subscribe button and style it inline. !7389 -- Update wiki page design. !7429 -- Add nested groups support to the routing. !7459 -- Changed eslint airbnb config to the base airbnb config and corrected eslintrc plugins and envs. !7470 (Luke "Jared" Bennett) -- Fix cancelling created or external pipelines. !7508 -- Allow admins to stop impersonating users without e-mail addresses. !7550 (Oren Kanner) -- Remove unnecessary self from user model. !7551 (Semyon Pupkov) -- Homogenize filter and sort dropdown look'n'feel. !7583 (David Wagner) -- Create dynamic fixture for build_spec. !7589 (winniehell) -- Moved Leave Project and Leave Group buttons to access_request_buttons from the settings dropdown. !7600 -- Remove unnecessary require_relative calls from service classes. !7601 (Semyon Pupkov) -- Simplify copy on "Create a new list" dropdown in Issue Boards. !7605 (Victor Rodrigues) -- Refactor create service spec. !7609 (Semyon Pupkov) -- Shows unconfirmed email status in profile. !7611 -- The admin user projects view now has a clickable group link. !7620 (James Gregory) -- Prevent DOM ID collisions resulting from user-generated content anchors. !7631 -- Replace static fixture for abuse_reports_spec. !7644 (winniehell) -- Define common helper for describe pagination params in api. !7646 (Semyon Pupkov) -- Move abuse report spinach test to rspec. !7659 (Semyon Pupkov) -- Replace static fixture for awards_handler_spec. !7661 (winniehell) -- API: Add ability to unshare a project from a group. !7662 (Robert Schilling) -- Replace references to MergeRequestDiff#commits with st_commits when we care only about the number of commits. !7668 -- Add issue events filter and make all really show all events. !7673 (Oxan van Leeuwen) -- Replace static fixture for notes_spec. !7683 (winniehell) -- Replace static fixture for shortcuts_issuable_spec. !7685 (winniehell) -- Replace static fixture for zen_mode_spec. !7686 (winniehell) -- Replace static fixture for right_sidebar_spec. !7687 (winniehell) -- Add online terminal support for Kubernetes. !7690 -- Move admin abuse report spinach test to rspec. !7691 (Semyon Pupkov) -- Move admin spam spinach test to Rspec. !7708 (Semyon Pupkov) -- Make API::Helpers find a project with only one query. !7714 -- Create builds in transaction to avoid empty pipelines. !7742 -- Render SVG images in diffs and notes. !7747 (andrebsguedes) -- Add setting to enable/disable HTML emails. !7749 -- Use SmartInterval for MR widget and improve visibilitychange functionality. !7762 -- Resolve "Remove Builds tab from Merge Requests and Commits". !7763 -- Moved new projects button below new group button on the welcome screen. !7770 -- fix display hook error message. !7775 (basyura) -- Refactor issuable_filters_present to reduce duplications. !7776 (Semyon Pupkov) -- Redirect to sign-in page when unauthenticated user tries to create a snippet. !7786 -- Fix Archived project merge requests add to group's Merge Requests. !7790 (Jacopo Beschi @jacopo-beschi) -- Update generic/external build status to match normal build status template. !7811 -- Enable AsciiDoctor admonition icons. !7812 (Horacio Sanson) -- Do not raise error in AutocompleteController#users when not authorized. !7817 (Semyon Pupkov) -- fix: 24982- Remove'Signed in successfully' message After this change the sign-in-success flash message will not be shown. !7837 (jnoortheen) -- Fix Latest deployment link is broken. !7839 -- Don't display prompt to add SSH keys if SSH protocol is disabled. !7840 (Andrew Smith (EspadaV8)) -- Allow unauthenticated access to some Project API GET endpoints. !7843 -- Refactor presenters ChatCommands. !7846 -- Improve help message for issue create slash command. !7850 -- change text around timestamps to make it clear which timestamp is displayed. !7860 (BM5k) -- Improve Build Log scrolling experience. !7895 -- Change ref property to commitRef in vue commit component. !7901 -- Prevent user creating issue or MR without signing in for a group. !7902 -- Provides a sensible default message when adding a README to a project. !7903 -- Bump ruby version to 2.3.3. !7904 -- Fix comments activity tab visibility condition. !7913 (Rydkin Maxim) -- Remove unnecessary target branch link from MR page in case of deleted target branch. !7916 (Rydkin Maxim) -- Add image controls to MR diffs. !7919 -- Remove wrong '.builds-feature' class from the MR settings fieldset. !7930 -- Resolve "Manual actions on pipeline graph". !7931 -- Avoid escaping relative links in Markdown twice. !7940 (winniehell) -- Move admin hooks spinach to rspec. !7942 (Semyon Pupkov) -- Move admin logs spinach test to rspec. !7945 (Semyon Pupkov) -- fix: removed signed_out notification. !7958 (jnoortheen) -- Accept environment variables from the `pre-receive` script. !7967 -- Do not reload diff for merge request made from fork when target branch in fork is updated. !7973 -- Fixes left align issue for long system notes. !7982 -- Add a slug to environments. !7983 -- Fix lookup of project by unknown ref when caching is enabled. !7988 -- Resolve "Provide SVG as a prop instead of hiding and copy them in environments table". !7992 -- Introduce deployment services, starting with a KubernetesService. !7994 -- Adds tests for custom event polyfill. !7996 -- Allow all alphanumeric characters in file names. !8002 (winniehell) -- Added support for math rendering, using KaTeX, in Markdown and asciidoc. !8003 (Munken) -- Remove unnecessary commits order message. !8004 -- API: Memoize the current_user so that sudo can work properly. !8017 -- group authors in contribution graph with case insensitive email handle comparison. !8021 -- Move admin active tab spinach tests to rspec. !8037 (Semyon Pupkov) -- Add Authentiq as Oauth provider. !8038 (Alexandros Keramidas) -- API: Ability to cherry pick a commit. !8047 (Robert Schilling) -- Fix Slack pipeline message from pipelines made by API. !8059 -- API: Simple representation of group's projects. !8060 (Robert Schilling) -- Prevent overflow with vertical scroll when we have space to show content. !8061 -- Allow to auto-configure Mattermost. !8070 -- Introduce $CI_BUILD_REF_SLUG. !8072 -- Added go back anchor on error pages. !8087 -- Convert CI YAML variables keys into strings. !8088 -- Adds Direct link from pipeline list to builds. !8097 -- Cache last commit id for path. !8098 (Hiroyuki Sato) -- Pass variables from deployment project services to CI runner. !8107 -- New Gitea importer. !8116 -- Introduce "Set up autodeploy" button to help configure GitLab CI for deployment. !8135 -- Prevent enviroment table to overflow when name has underscores. !8142 -- Fix missing service error importing from EE to CE. !8144 -- Milestoneish SQL performance partially improved and memoized. !8146 -- Allow unauthenticated access to Repositories API GET endpoints. !8148 -- fix colors and margins for adjacent alert banners. !8151 -- Hides new issue button for non loggedin user. !8175 -- Fix N+1 queries on milestone show pages. !8185 -- Rename groups with .git in the end of the path. !8199 -- Whitelist next project names: help, ci, admin, search. !8227 -- Adds back CSS for progress-bars. !8237 - -## 8.14.10 (2017-02-15) - -- No changes. - -## 8.14.9 (2017-02-14) - -- Patch Asciidocs rendering to block XSS. -- Fix XSS vulnerability in SVG attachments. -- Prevent the GitHub importer from assigning labels and comments to merge requests or issues belonging to other projects. -- Patch XSS vulnerability in RDOC support. - -## 8.14.8 (2017-01-25) - -- Accept environment variables from the `pre-receive` script. !7967 -- Milestoneish SQL performance partially improved and memoized. !8146 -- Fix N+1 queries on milestone show pages. !8185 -- Speed up group milestone index by passing group_id to IssuesFinder. !8363 -- Ensure issuable state changes only fire webhooks once. - -## 8.14.7 (2017-01-21) - -- Ensure export files are removed after a namespace is deleted. -- Don't allow project guests to subscribe to merge requests through the API. (Robert Schilling) -- Prevent users from creating notes on resources they can't access. -- Prevent users from deleting system deploy keys via the project deploy key API. -- Upgrade omniauth gem to 1.3.2. - -## 8.14.6 (2017-01-10) - -- Update the gitlab-markup gem to the version 1.5.1. !8509 -- Updated Turbolinks to mitigate potential XSS attacks. - -## 8.14.5 (2016-12-14) - -- Moved Leave Project and Leave Group buttons to access_request_buttons from the settings dropdown. !7600 -- fix display hook error message. !7775 (basyura) -- Remove wrong '.builds-feature' class from the MR settings fieldset. !7930 -- Avoid escaping relative links in Markdown twice. !7940 (winniehell) -- API: Memoize the current_user so that sudo can work properly. !8017 -- Displays milestone remaining days only when it's present. -- Allow branch names with dots on API endpoint. -- Issue#visible_to_user moved to IssuesFinder to prevent accidental use. -- Shows group members in project members list. -- Encode input when migrating ProcessCommitWorker jobs to prevent migration errors. -- Fixed timeago re-rendering every timeago. -- Fix missing Note access checks by moving Note#search to updated NoteFinder. - -## 8.14.4 (2016-12-08) - -- Fix diff view permalink highlighting. !7090 -- Fix pipeline author for Slack and use pipeline id for pipeline link. !7506 -- Fix compatibility with Internet Explorer 11 for merge requests. !7525 (Steffen Rauh) -- Reenables /user API request to return private-token if user is admin and request is made with sudo. !7615 -- Fix Cicking on tabs on pipeline page should set URL. !7709 -- Authorize users into imported GitLab project. -- Destroy a user's session when they delete their own account. -- Don't accidentally mark unsafe diff lines as HTML safe. -- Replace MR access checks with use of MergeRequestsFinder. -- Remove visible content caching. - -## 8.14.3 (2016-12-02) - -- Pass commit data to ProcessCommitWorker to reduce Git overhead. !7744 -- Speed up issuable dashboards. -- Don't change relative URLs to absolute URLs in the Help page. -- Fixes "ActionView::Template::Error: undefined method `text?` for nil:NilClass" on MR pages. -- Fix branch validation for GitHub PR where repo/fork was renamed/deleted. -- Validate state param when filtering issuables. - -## 8.14.2 (2016-12-01) - -- Remove caching of events data. !6578 -- Rephrase some system notes to be compatible with new system note style. !7692 -- Pass tag SHA to post-receive hook when tag is created via UI. !7700 -- Prevent error when submitting a merge request and pipeline is not defined. !7707 -- Fixes system note style in commit discussion. !7721 -- Use a Redis lease for updating authorized projects. !7733 -- Refactor JiraService by moving code out of JiraService#execute method. !7756 -- Update GitLab Workhorse to v1.0.1. !7759 -- Fix pipelines info being hidden in merge request widget. !7808 -- Fixed commit timeago not rendering after initial page. -- Fix for error thrown in cycle analytics events if build has not started. -- Fixed issue boards issue sorting when dragging issue into list. -- Allow access to the wiki with git when repository feature disabled. -- Fixed timeago not rendering when resolving a discussion. -- Update Sidekiq-cron to fix compatibility issues with Sidekiq 4.2.1. -- Timeout creating and viewing merge request for binary file. -- Gracefully recover from Redis connection failures in Sidekiq initializer. - -## 8.14.1 (2016-11-28) - -- Fix deselecting calendar days on contribution graph. !6453 (ClemMakesApps) -- Update grape entity to 0.6.0. !7491 -- If Build running change accept merge request when build succeeds button from orange to blue. !7577 -- Changed import sources buttons to checkboxes. !7598 (Luke "Jared" Bennett) -- Last minute CI Style tweaks for 8.14. !7643 -- Fix exceptions when loading build trace. !7658 -- Fix wrong template rendered when CI/CD settings aren't update successfully. !7665 -- fixes last_deployment call environment is nil. !7671 -- Sort builds by name within pipeline graph. !7681 -- Correctly determine mergeability of MR with no discussions. -- Sidekiq stats in the admin area will now show correctly on different platforms. (blackst0ne) -- Fixed issue boards dragging card removing random issues. -- Fix information disclosure in `Projects::BlobController#update`. -- Fix missing access checks on issue lookup using IssuableFinder. -- Replace issue access checks with use of IssuableFinder. -- Non members cannot create labels through the API. -- Fix cycle analytics plan stage when commits are missing. - -## 8.14.0 (2016-11-22) - -- Use separate email-token for incoming email and revert back the inactive feature. !5914 -- API: allow recursive tree request. !6088 (Rebeca Mendez) -- Replace jQuery.timeago with timeago.js. !6274 (ClemMakesApps) -- Add CI notifications. Who triggered a pipeline would receive an email after the pipeline is succeeded or failed. Users could also update notification settings accordingly. !6342 -- Add button to delete all merged branches. !6449 (Toon Claes) -- Finer-grained Git gargage collection. !6588 -- Introduce better credential and error checking to `rake gitlab:ldap:check`. !6601 -- Centralize LDAP config/filter logic. !6606 -- Make system notes less intrusive. !6755 -- Process commits using a dedicated Sidekiq worker. !6802 -- Show random messages when the To Do list is empty. !6818 (Josep Llaneras) -- Precalculate user's authorized projects in database. !6839 -- Fix record not found error on NewNoteWorker processing. !6863 (Oswaldo Ferreira) -- Show avatars in mention dropdown. !6865 -- Fix expanding a collapsed diff when converting a symlink to a regular file. !6953 -- Defer saving project services to the database if there are no user changes. !6958 -- Omniauth auto link LDAP user falls back to find by DN when user cannot be found by UID. !7002 -- Display "folders" for environments. !7015 -- Make it possible to trigger builds from webhooks. !7022 (Dmitry Poray) -- Fix showing pipeline status for a given commit from correct branch. !7034 -- Add link to build pipeline within individual build pages. !7082 -- Add api endpoint `/groups/owned`. !7103 (Borja Aparicio) -- Add query param to filter users by external & blocked type. !7109 (Yatish Mehta) -- Issues atom feed url reflect filters on dashboard. !7114 (Lucas Deschamps) -- Add setting to only allow merge requests to be merged when all discussions are resolved. !7125 (Rodolfo Arruda) -- Remove an extra leading space from diff paste data. !7133 (Hiroyuki Sato) -- Fix trace patching feature - update the updated_at value. !7146 -- Fix 404 on network page when entering non-existent git revision. !7172 (Hiroyuki Sato) -- Rewrite git blame spinach feature tests to rspec feature tests. !7197 (Lisanne Fellinger) -- Add api endpoint for creating a pipeline. !7209 (Ido Leibovich) -- Allow users to subscribe to group labels. !7215 -- Reduce API calls needed when importing issues and pull requests from GitHub. !7241 (Andrew Smith (EspadaV8)) -- Only skip group when it's actually a group in the "Share with group" select. !7262 -- Introduce round-robin project creation to spread load over multiple shards. !7266 -- Ensure merge request's "remove branch" accessors return booleans. !7267 -- Fix no "Register" tab if ldap auth is enabled (#24038). !7274 (Luc Didry) -- Expose label IDs in API. !7275 (Rares Sfirlogea) -- Fix invalid filename validation on eslint. !7281 -- API: Ability to retrieve version information. !7286 (Robert Schilling) -- Added ability to throttle Sidekiq Jobs. !7292 -- Set default Sidekiq retries to 3. !7294 -- Fix double event and ajax request call on MR page. !7298 (YarNayar) -- Unify anchor link format for MR diff files. !7298 (YarNayar) -- Require projects before creating milestone. !7301 (gfyoung) -- Fix error when using invalid branch name when creating a new pipeline. !7324 -- Return 400 when creating a system hook fails. !7350 (Robert Schilling) -- Auto-close environment when branch is deleted. !7355 -- Rework cache invalidation so only changed data is refreshed. !7360 -- Navigation bar issuables counters reflects dashboard issuables counters. !7368 (Lucas Deschamps) -- Fix cache for commit status in commits list to respect branches. !7372 -- fixes 500 error on project show when user is not logged in and project is still empty. !7376 -- Removed gray button styling from todo buttons in sidebars. !7387 -- Fix project records with invalid visibility_level values. !7391 -- Use 'Forking in progress' title when appropriate. !7394 (Philip Karpiak) -- Fix error links in help index page. !7396 (Fu Xu) -- Add support for reply-by-email when the email only contains HTML. !7397 -- [Fix] Extra divider issue in dropdown. !7398 -- Project download buttons always show. !7405 (Philip Karpiak) -- Give search-input correct padding-right value. !7407 (Philip Karpiak) -- Remove additional padding on right-aligned items in MR widget. !7411 (Didem Acet) -- Fix issue causing Labels not to appear in sidebar on MR page. !7416 (Alex Sanford) -- Allow mail_room idle_timeout option to be configurable. !7423 -- Fix misaligned buttons on admin builds page. !7424 (Didem Acet) -- Disable "Request Access" functionality by default for new projects and groups. !7425 -- fix shibboleth misconfigurations resulting in authentication bypass. !7428 -- Added Mattermost slash command. !7438 -- Allow to connect Chat account with GitLab. !7450 -- Make New Group form respect default visibility application setting. !7454 (Jacopo Beschi @jacopo-beschi) -- Fix Error 500 when creating a merge request that contains an image that was deleted and added. !7457 -- Fix labels API by adding missing current_user parameter. !7458 (Francesco Coda Zabetta) -- Changed restricted visibility admin buttons to checkboxes. !7463 -- Send credentials (currently for registry only) with build data to GitLab Runner. !7474 -- Fix POST /internal/allowed to cope with gitlab-shell v4.0.0 project paths. !7480 -- Adds es6-promise Polyfill. !7482 -- Added colored labels to related MR list. !7486 (Didem Acet) -- Use setter for key instead AR callback. !7488 (Semyon Pupkov) -- Limit labels returned for a specific project as an administrator. !7496 -- Change slack notification comment link. !7498 (Herbert Kagumba) -- Allow registering users whose username contains dots. !7500 (Timothy Andrew) -- Fix race condition during group deletion and remove stale records present due to this bug. !7528 (Timothy Andrew) -- Check all namespaces on validation of new username. !7537 -- Pass correct tag target to post-receive hook when creating tag via UI. !7556 -- Add help message for configuring Mattermost slash commands. !7558 -- Fix typo in Build page JavaScript. !7563 (winniehell) -- Make job script a required configuration entry. !7566 -- Fix errors happening when source branch of merge request is removed and then restored. !7568 -- Fix a wrong "The build for this merge request failed" message. !7579 -- Fix Margins look weird in Project page with pinned sidebar in project stats bar. !7580 -- Fix regression causing bad error message to appear on Merge Request form. !7599 (Alex Sanford) -- Fix activity page endless scroll on large viewports. !7608 -- Fix 404 on some group pages when name contains dot. !7614 -- Do not create a new TODO when failed build is allowed to fail. !7618 -- Add deployment command to ChatOps. !7619 -- Fix 500 error when group name ends with git. !7630 -- Fix undefined error in CI linter. !7650 -- Show events per stage on Cycle Analytics page. !23449 -- Add JIRA remotelinks and prevent duplicated closing messages. -- Fixed issue boards counter border when unauthorized. -- Add placeholder for the example text for custom hex color on label creation popup. (Luis Alonso Chavez Armendariz) -- Add an index for project_id in project_import_data to improve performance. -- Fix broken commits search. -- Assignee dropdown now searches author of issue or merge request. -- Clicking "force remove source branch" label now toggles the checkbox again. -- More aggressively preload on merge request and issue index pages. -- Fix broken link to observatory cli on Frontend Dev Guide. (Sam Rose) -- Fixing the issue of the project fork url giving 500 when not signed instead of being redirected to sign in page. (Cagdas Gerede) -- Fix: Guest sees some repository details and gets 404. -- Add logging for rack attack events to production.log. -- Add environment info to builds page. -- Allow commit note to be visible if repo is visible. -- Bump omniauth-gitlab to 1.0.2 to fix incompatibility with omniauth-oauth2. -- Redesign pipelines page. -- Faster search inside Project. -- Search for a filename in a project. -- Allow sorting groups in the API. -- Fix: Todos Filter Shows All Users. -- Use the Gitlab Workhorse HTTP header in the admin dashboard. (Chris Wright) -- Fixed multiple requests sent when opening dropdowns. -- Added permissions per stage to cycle analytics endpoint. -- Fix project Visibility Level selector not using default values. -- Add events per stage to cycle analytics. -- Allow to test JIRA service settings without having a repository. -- Fix JIRA references for project snippets. -- Allow enabling and disabling commit and MR events for JIRA. -- simplify url generation. (Jarka Kadlecova) -- Show correct environment log in admin/logs (@duk3luk3 !7191) -- Fix Milestone dropdown not stay selected for `Upcoming` and `No Milestone` option !7117 -- Diff collapse won't shift when collapsing. -- Backups do not fail anymore when using tar on annex and custom_hooks only. !5814 -- Adds user project membership expired event to clarify why user was removed (Callum Dryden) -- Trim leading and trailing whitespace on project_path (Linus Thiel) -- Prevent award emoji via notes for issues/MRs authored by user (barthc) -- Adds support for the `token` attribute in project hooks API (Gauvain Pocentek) -- Change auto selection behaviour of emoji and slash commands to be more UX/Type friendly (Yann Gravrand) -- Adds an optional path parameter to the Commits API to filter commits by path (Luis HGO) -- Fix Markdown styling inside reference links (Jan Zdráhal) -- Create new issue board list after creating a new label -- Fix extra space on Build sidebar on Firefox !7060 -- Fail gracefully when creating merge request with non-existing branch (alexsanford) -- Fix mobile layout issues in admin user overview page !7087 -- Fix HipChat notifications rendering (airatshigapov, eisnerd) -- Removed unneeded "Builds" and "Environments" link from project titles -- Remove 'Edit' button from wiki edit view !7143 (Hiroyuki Sato) -- Cleaned up global namespace JS !19661 (Jose Ivan Vargas) -- Refactor Jira service to use jira-ruby gem -- Improved todos empty state -- Add hover to trash icon in notes !7008 (blackst0ne) -- Hides project activity tabs when features are disabled -- Only show one error message for an invalid email !5905 (lycoperdon) -- Added guide describing how to upgrade PostgreSQL using Slony -- Fix sidekiq stats in admin area (blackst0ne) -- Added label description as tooltip to issue board list title -- Created cycle analytics bundle JavaScript file -- Make the milestone page more responsive (yury-n) -- Hides container registry when repository is disabled -- API: Fix booleans not recognized as such when using the `to_boolean` helper -- Removed delete branch tooltip !6954 -- Stop unauthorized users dragging on milestone page (blackst0ne) -- Restore issue boards welcome message when a project is created !6899 -- Check that JavaScript file names match convention !7238 (winniehell) -- Do not show tooltip for active element !7105 (winniehell) -- Escape ref and path for relative links !6050 (winniehell) -- Fixed link typo on /help/ui to Alerts section. !6915 (Sam Rose) -- Fix broken issue/merge request links in JIRA comments. !6143 (Brian Kintz) -- Fix filtering of milestones with quotes in title (airatshigapov) -- Fix issue boards dragging bug in Safari -- Refactor less readable existance checking code from CoffeeScript !6289 (jlogandavison) -- Update mail_room and enable sentinel support to Reply By Email (!7101) -- Add task completion status in Issues and Merge Requests tabs: "X of Y tasks completed" (!6527, @gmesalazar) -- Simpler arguments passed to named_route on toggle_award_url helper method -- Fix typo in framework css class. !7086 (Daniel Voogsgerd) -- New issue board list dropdown stays open after adding a new list -- Fix: Backup restore doesn't clear cache -- Optimize Event queries by removing default order -- Add new icon for skipped builds -- Show created icon in pipeline mini-graph -- Remove duplicate links from sidebar -- API: Fix project deploy keys 400 and 500 errors when adding an existing key. !6784 (Joshua Welsh) -- Add Rake task to create/repair GitLab Shell hooks symlinks !5634 -- Add job for removal of unreferenced LFS objects from both the database and the filesystem (Frank Groeneveld) -- Replace jquery.cookie plugin with js.cookie !7085 -- Use MergeRequestsClosingIssues cache data on Issue#closed_by_merge_requests method -- Fix Sign in page 'Forgot your password?' link overlaps on medium-large screens -- Show full status link on MR & commit pipelines -- Fix documents and comments on Build API `scope` -- Initialize Sidekiq with the list of queues used by GitLab -- Refactor email, use setter method instead AR callbacks for email attribute (Semyon Pupkov) -- Shortened merge request modal to let clipboard button not overlap -- Adds JavaScript validation for group path editing field -- In all filterable drop downs, put input field in focus only after load is complete (Ido @leibo) -- Improve search query parameter naming in /admin/users !7115 (YarNayar) -- Fix table pagination to be responsive -- Fix applying GitHub-imported labels when importing job is interrupted -- Allow to search for user by secondary email address in the admin interface(/admin/users) !7115 (YarNayar) -- Updated commit SHA styling on the branches page. -- Fix "Without projects" filter. !6611 (Ben Bodenmiller) -- Fix 404 when visit /projects page - -## 8.13.12 (2017-01-21) - -- Ensure export files are removed after a namespace is deleted. -- Don't allow project guests to subscribe to merge requests through the API. (Robert Schilling) -- Prevent users from creating notes on resources they can't access. -- Prevent users from deleting system deploy keys via the project deploy key API. -- Upgrade omniauth gem to 1.3.2. - -## 8.13.11 (2017-01-10) - -- Update the gitlab-markup gem to the version 1.5.1. !8509 -- Updated Turbolinks to mitigate potential XSS attacks. - -## 8.13.10 (2016-12-14) - -- API: Memoize the current_user so that sudo can work properly. !8017 -- Filter `authentication_token`, `incoming_email_token` and `runners_token` parameters. -- Issue#visible_to_user moved to IssuesFinder to prevent accidental use. -- Fix missing Note access checks by moving Note#search to updated NoteFinder. - -## 8.13.9 (2016-12-08) - -- Reenables /user API request to return private-token if user is admin and request is made with sudo. !7615 -- Replace MR access checks with use of MergeRequestsFinder. - -## 8.13.8 (2016-12-02) - -- Pass tag SHA to post-receive hook when tag is created via UI. !7700 -- Validate state param when filtering issuables. - -## 8.13.7 (2016-11-28) - -- fixes 500 error on project show when user is not logged in and project is still empty. !7376 -- Update grape entity to 0.6.0. !7491 -- Fix information disclosure in `Projects::BlobController#update`. -- Fix missing access checks on issue lookup using IssuableFinder. -- Replace issue access checks with use of IssuableFinder. -- Non members cannot create labels through the API. - -## 8.13.6 (2016-11-17) - -- Omniauth auto link LDAP user falls back to find by DN when user cannot be found by UID. !7002 -- Fix Milestone dropdown not stay selected for `Upcoming` and `No Milestone` option. !7117 -- Fix relative links in Markdown wiki when displayed in "Project" tab. !7218 -- Fix no "Register" tab if ldap auth is enabled (#24038). !7274 (Luc Didry) -- Fix cache for commit status in commits list to respect branches. !7372 -- Fix issue causing Labels not to appear in sidebar on MR page. !7416 (Alex Sanford) -- Limit labels returned for a specific project as an administrator. !7496 -- Clicking "force remove source branch" label now toggles the checkbox again. -- Allow commit note to be visible if repo is visible. -- Fix project Visibility Level selector not using default values. - -## 8.13.5 (2016-11-08) - -- Restore unauthenticated access to public container registries -- Fix showing pipeline status for a given commit from correct branch. !7034 -- Only skip group when it's actually a group in the "Share with group" select. !7262 -- Introduce round-robin project creation to spread load over multiple shards. !7266 -- Ensure merge request's "remove branch" accessors return booleans. !7267 -- Ensure external users are not able to clone disabled repositories. -- Fix XSS issue in Markdown autolinker. -- Respect event visibility in Gitlab::ContributionsCalendar. -- Honour issue and merge request visibility in their respective finders. -- Disable reference Markdown for unavailable features. -- Fix lightweight tags not processed correctly by GitTagPushService. !6532 -- Allow owners to fetch source code in CI builds. !6943 -- Return conflict error in label API when title is taken by group label. !7014 -- Reduce the overhead to calculate number of open/closed issues and merge requests within the group or project. !7123 -- Fix builds tab visibility. !7178 -- Fix project features default values. !7181 - -## 8.13.4 - -- Pulled due to packaging error. - -## 8.13.3 (2016-11-02) - -- Removes any symlinks before importing a project export file. CVE-2016-9086 -- Fixed Import/Export foreign key issue to do with project members. -- Changed build dropdown list length to be 6,5 builds long in the pipeline graph - -## 8.13.2 (2016-10-31) - -- Fix encoding issues on pipeline commits. !6832 -- Use Hash rocket syntax to fix cycle analytics under Ruby 2.1. !6977 -- Modify GitHub importer to be retryable. !7003 -- Fix refs dropdown selection with special characters. !7061 -- Fix horizontal padding for highlight blocks. !7062 -- Pass user instance to `Labels::FindOrCreateService` or `skip_authorization: true`. !7093 -- Fix builds dropdown overlapping bug. !7124 -- Fix applying labels for GitHub-imported MRs. !7139 -- Fix importing MR comments from GitHub. !7139 -- Fix project member access for group links. !7144 -- API: Fix booleans not recognized as such when using the `to_boolean` helper. !7149 -- Fix and improve `Sortable.highest_label_priority`. !7165 -- Fixed sticky merge request tabs when sidebar is pinned. !7167 -- Only remove right connector of first build of last stage. !7179 - -## 8.13.1 (2016-10-25) - -- Fix branch protection API. !6215 -- Fix hidden pipeline graph on commit and MR page. !6895 -- Fix Cycle analytics not showing correct data when filtering by date. !6906 -- Ensure custom provider tab labels don't break layout. !6993 -- Fix issue boards user link when in subdirectory. !7018 -- Refactor and add new environment functionality to CI yaml reference. !7026 -- Fix typo in project settings that prevents users from enabling container registry. !7037 -- Fix events order in `users/:id/events` endpoint. !7039 -- Remove extra line for empty issue description. !7045 -- Don't append issue/MR templates to any existing text. !7050 -- Fix error in generating labels. !7055 -- Stop clearing the database cache on `rake cache:clear`. !7056 -- Only show register tab if signup enabled. !7058 -- Fix lightweight tags not processed correctly by GitTagPushService -- Expire and build repository cache after project import. !7064 -- Fix bug where labels would be assigned to issues that were moved. !7065 -- Fix reply-by-email not working due to queue name mismatch. !7068 -- Fix 404 for group pages when GitLab setup uses relative url. !7071 -- Fix `User#to_reference`. !7088 -- Reduce overhead of `LabelFinder` by avoiding `#presence` call. !7094 -- Fix unauthorized users dragging on issue boards. !7096 -- Only schedule `ProjectCacheWorker` jobs when needed. !7099 - -## 8.13.0 (2016-10-22) - -- Fix save button on project pipeline settings page. (!6955) -- All Sidekiq workers now use their own queue -- Avoid race condition when asynchronously removing expired artifacts. (!6881) -- Improve Merge When Build Succeeds triggers and execute on pipeline success. (!6675) -- Respond with 404 Not Found for non-existent tags (Linus Thiel) -- Truncate long labels with ellipsis in labels page -- Improve tabbing usability for sign in page (ClemMakesApps) -- Enforce TrailingSemicolon and EmptyLineBetweenBlocks in scss-lint -- Adding members no longer silently fails when there is extra whitespace -- Update runner version only when updating contacted_at -- Add link from system note to compare with previous version -- Use gitlab-shell v3.6.6 -- Ignore references to internal issues when using external issues tracker -- Ability to resolve merge request conflicts with editor !6374 -- Add `/projects/visible` API endpoint (Ben Boeckel) -- Fix centering of custom header logos (Ashley Dumaine) -- Keep around commits only pipeline creation as pipeline data doesn't change over time -- Update duration at the end of pipeline -- ExpireBuildArtifactsWorker query builds table without ordering enqueuing one job per build to cleanup -- Add group level labels. (!6425) -- Add an example for testing a phoenix application with Gitlab CI in the docs (Manthan Mallikarjun) -- Cancelled pipelines could be retried. !6927 -- Updating verbiage on git basics to be more intuitive -- Fix project_feature record not generated on project creation -- Clarify documentation for Runners API (Gennady Trafimenkov) -- Use optimistic locking for pipelines and builds -- The instrumentation for Banzai::Renderer has been restored -- Change user & group landing page routing from /u/:username to /:username -- Added documentation for .gitattributes files -- Move Pipeline Metrics to separate worker -- AbstractReferenceFilter caches project_refs on RequestStore when active -- Replaced the check sign to arrow in the show build view. !6501 -- Add a /wip slash command to toggle the Work In Progress status of a merge request. !6259 (tbalthazar) -- ProjectCacheWorker updates caches at most once per 15 minutes per project -- Fix Error 500 when viewing old merge requests with bad diff data -- Create a new /templates namespace for the /licenses, /gitignores and /gitlab_ci_ymls API endpoints. !5717 (tbalthazar) -- Fix viewing merged MRs when the source project has been removed !6991 -- Speed-up group milestones show page -- Fix inconsistent options dropdown caret on mobile viewports (ClemMakesApps) -- Extract project#update_merge_requests and SystemHooks to its own worker from GitPushService -- Fix discussion thread from emails for merge requests. !7010 -- Don't include archived projects when creating group milestones. !4940 (Jeroen Jacobs) -- Add tag shortcut from the Commit page. !6543 -- Keep refs for each deployment -- Close open tooltips on page navigation (Linus Thiel) -- Allow browsing branches that end with '.atom' -- Log LDAP lookup errors and don't swallow unrelated exceptions. !6103 (Markus Koller) -- Replace unique keyframes mixin with keyframe mixin with specific names (ClemMakesApps) -- Add more tests for calendar contribution (ClemMakesApps) -- Update Gitlab Shell to fix some problems with moving projects between storages -- Cache rendered markdown in the database, rather than Redis -- Add todo toggle event (ClemMakesApps) -- Avoid database queries on Banzai::ReferenceParser::BaseParser for nodes without references -- Simplify Mentionable concern instance methods -- API: Ability to retrieve version information (Robert Schilling) -- Fix permission for setting an issue's due date -- API: Multi-file commit !6096 (mahcsig) -- Unicode emoji are now converted to images -- Revert "Label list shows all issues (opened or closed) with that label" -- Expose expires_at field when sharing project on API -- Fix VueJS template tags being rendered in code comments -- Added copy file path button to merge request diff files -- Fix issue with page scrolling to top when closing or pinning sidebar (lukehowell) -- Add Issue Board API support (andrebsguedes) -- Allow the Koding integration to be configured through the API -- Add new issue button to each list on Issues Board -- Execute specific named route method from toggle_award_url helper method -- Added soft wrap button to repository file/blob editor -- Update namespace validation to forbid reserved names (.git and .atom) (Will Starms) -- Show the time ago a merge request was deployed to an environment -- Add RTL support to markdown renderer (Ebrahim Byagowi) -- Add word-wrap to issue title on issue and milestone boards (ClemMakesApps) -- Fix todos page mobile viewport layout (ClemMakesApps) -- Make issues search less finicky -- Fix inconsistent highlighting of already selected activity nav-links (ClemMakesApps) -- Remove redundant mixins (ClemMakesApps) -- Added 'Download' button to the Snippets page (Justin DiPierro) -- Add visibility level to project repository -- Fix robots.txt disallowing access to groups starting with "s" (Matt Harrison) -- Close open merge request without source project (Katarzyna Kobierska Ula Budziszewska) -- Fix showing commits from source project for merge request !6658 -- Fix that manual jobs would no longer block jobs in the next stage. !6604 -- Add configurable email subject suffix (Fu Xu) -- Use defined colour for a language when available !6748 (nilsding) -- Added tooltip to fork count on project show page. (Justin DiPierro) -- Use a ConnectionPool for Rails.cache on Sidekiq servers -- Replace `alias_method_chain` with `Module#prepend` -- Enable GitLab Import/Export for non-admin users. -- Preserve label filters when sorting !6136 (Joseph Frazier) -- MergeRequest#new form load diff asynchronously -- Only update issuable labels if they have been changed -- Take filters in account in issuable counters. !6496 -- Use custom Ruby images to test builds (registry.dev.gitlab.org/gitlab/gitlab-build-images:*) -- Replace static issue fixtures by script !6059 (winniehell) -- Append issue template to existing description !6149 (Joseph Frazier) -- Trending projects now only show public projects and the list of projects is cached for a day -- Memoize Gitlab Shell's secret token (!6599, Justin DiPierro) -- Revoke button in Applications Settings underlines on hover. -- Use higher size on Gitlab::Redis connection pool on Sidekiq servers -- Add missing values to linter !6276 (Katarzyna Kobierska Ula Budziszewska) -- Revert avoid touching file system on Build#artifacts? -- Stop using a Redis lease when updating the project activity timestamp whenever a new event is created -- Add disabled delete button to protected branches (ClemMakesApps) -- Add broadcast messages and alerts below sub-nav -- Better empty state for Groups view -- API: New /users/:id/events endpoint -- Update ruby-prof to 0.16.2. !6026 (Elan Ruusamäe) -- Replace bootstrap caret with fontawesome caret (ClemMakesApps) -- Fix unnecessary escaping of reserved HTML characters in milestone title. !6533 -- Add organization field to user profile -- Change user pages routing from /u/:username/PATH to /users/:username/PATH. Old routes will redirect to the new ones for the time being. -- Fix enter key when navigating search site search dropdown. !6643 (Brennan Roberts) -- Fix deploy status responsiveness error !6633 -- Make searching for commits case insensitive -- Fix resolved discussion display in side-by-side diff view !6575 -- Optimize GitHub importing for speed and memory -- API: expose pipeline data in builds API (!6502, Guilherme Salazar) -- Notify the Merger about merge after successful build (Dimitris Karakasilis) -- Reduce queries needed to find users using their SSH keys when pushing commits -- Prevent rendering the link to all when the author has no access (Katarzyna Kobierska Ula Budziszewska) -- Fix broken repository 500 errors in project list -- Fix the diff in the merge request view when converting a symlink to a regular file -- Fix Pipeline list commit column width should be adjusted -- Close todos when accepting merge requests via the API !6486 (tonygambone) -- Ability to batch assign issues relating to a merge request to the author. !5725 (jamedjo) -- Changed Slack service user referencing from full name to username (Sebastian Poxhofer) -- Retouch environments list and deployments list -- Add multiple command support for all label related slash commands !6780 (barthc) -- Add Container Registry on/off status to Admin Area !6638 (the-undefined) -- Add Nofollow for uppercased scheme in external urls !6820 (the-undefined) -- Allow empty merge requests !6384 (Artem Sidorenko) -- Grouped pipeline dropdown is a scrollable container -- Cleanup Ci::ApplicationController. !6757 (Takuya Noguchi) -- Fixes padding in all clipboard icons that have .btn class -- Fix a typo in doc/api/labels.md -- Fix double-escaping in activities tab (Alexandre Maia) -- API: all unknown routing will be handled with 404 Not Found -- Add docs for request profiling -- Delete dynamic environments -- Fix buggy iOS tooltip layering behavior. -- Make guests unable to view MRs on private projects -- Fix broken Project API docs (Takuya Noguchi) -- Migrate invalid project members (owner -> master) - -## 8.12.12 (2016-12-08) - -- Replace MR access checks with use of MergeRequestsFinder -- Reenables /user API request to return private-token if user is admin and request is made with sudo - -## 8.12.11 (2016-12-02) - -- No changes - -## 8.12.10 (2016-11-28) - -- Fix information disclosure in `Projects::BlobController#update` -- Fix missing access checks on issue lookup using IssuableFinder -- Replace issue access checks with use of IssuableFinder - -## 8.12.9 (2016-11-07) - -- Fix XSS issue in Markdown autolinker - -## 8.12.8 (2016-11-02) - -- Removes any symlinks before importing a project export file. CVE-2016-9086 -- Fixed Import/Export foreign key issue to do with project members. - -## 8.12.7 - - - Prevent running `GfmAutocomplete` setup for each diff note. !6569 - - Fix long commit messages overflow viewport in file tree. !6573 - - Use `gitlab-markup` gem instead of `github-markup` to fix `.rst` file rendering. !6659 - - Prevent flash alert text from being obscured when container is fluid. !6694 - - Fix due date being displayed as `NaN` in Safari. !6797 - - Fix JS bug with select2 because of missing `data-field` attribute in select box. !6812 - - Do not alter `force_remove_source_branch` options on MergeRequest unless specified. !6817 - - Fix GFM autocomplete setup being called several times. !6840 - - Handle case where deployment ref no longer exists. !6855 - -## 8.12.6 - - - Update mailroom to 0.8.1 in Gemfile.lock !6814 - -## 8.12.5 - - - Switch from request to env in ::API::Helpers. !6615 - - Update the mail_room gem to 0.8.1 to fix a race condition with the mailbox watching thread. !6714 - - Improve issue load time performance by avoiding ORDER BY in find_by call. !6724 - - Add a new gitlab:users:clear_all_authentication_tokens task. !6745 - - Don't send Private-Token (API authentication) headers to Sentry - - Share projects via the API only with groups the authenticated user can access - -## 8.12.4 - - - Fix "Copy to clipboard" tooltip to say "Copied!" when clipboard button is clicked. !6294 (lukehowell) - - Fix padding in build sidebar. !6506 - - Changed compare dropdowns to dropdowns with isolated search input. !6550 - - Fix race condition on LFS Token. !6592 - - Fix type mismatch bug when closing Jira issue. !6619 - - Fix lint-doc error. !6623 - - Skip wiki creation when GitHub project has wiki enabled. !6665 - - Fix issues importing services via Import/Export. !6667 - - Restrict failed login attempts for users with 2FA enabled. !6668 - - Fix failed project deletion when feature visibility set to private. !6688 - - Prevent claiming associated model IDs via import. - - Set GitLab project exported file permissions to owner only - - Improve the way merge request versions are compared with each other - -## 8.12.3 - - - Update Gitlab Shell to support low IO priority for storage moves - -## 8.12.2 - - - Fix Import/Export not recognising correctly the imported services. - - Fix snippets pagination - - Fix "Create project" button layout when visibility options are restricted - - Fix List-Unsubscribe header in emails - - Fix IssuesController#show degradation including project on loaded notes - - Fix an issue with the "Commits" section of the cycle analytics summary. !6513 - - Fix errors importing project feature and milestone models using GitLab project import - - Make JWT messages Docker-compatible - - Fix duplicate branch entry in the merge request version compare dropdown - - Respect the fork_project permission when forking projects - - Only update issuable labels if they have been changed - - Fix bug where 'Search results' repeated many times when a search in the emoji search form is cleared (Xavier Bick) (@zeiv) - - Fix resolve discussion buttons endpoint path - - Refactor remnants of CoffeeScript destructured opts and super !6261 - -## 8.12.1 - - - Fix a memory leak in HTML::Pipeline::SanitizationFilter::WHITELIST - - Fix issue with search filter labels not displaying - -## 8.12.0 (2016-09-22) - - - Removes inconsistency regarding tagging immediatelly as merged once you create a new branch. !6408 - - Update the rouge gem to 2.0.6, which adds highlighting support for JSX, Prometheus, and others. !6251 - - Only check :can_resolve permission if the note is resolvable - - Bump fog-aws to v0.11.0 to support ap-south-1 region - - Add ability to fork to a specific namespace using API. (ritave) - - Allow to set request_access_enabled for groups and projects - - Cleanup misalignments in Issue list view !6206 - - Only create a protected branch upon a push to a new branch if a rule for that branch doesn't exist - - Add Pipelines for Commit - - Prune events older than 12 months. (ritave) - - Prepend blank line to `Closes` message on merge request linked to issue (lukehowell) - - Fix issues/merge-request templates dropdown for forked projects - - Filter tags by name !6121 - - Update gitlab shell secret file also when it is empty. !3774 (glensc) - - Give project selection dropdowns responsive width, make non-wrapping. - - Fix note form hint showing slash commands supported for commits. - - Make push events have equal vertical spacing. - - API: Ensure invitees are not returned in Members API. - - Preserve applied filters on issues search. - - Add two-factor recovery endpoint to internal API !5510 - - Pass the "Remember me" value to the U2F authentication form - - Display stages in valid order in stages dropdown on build page - - Only update projects.last_activity_at once per hour when creating a new event - - Cycle analytics (first iteration) !5986 - - Remove vendor prefixes for linear-gradient CSS (ClemMakesApps) - - Move pushes_since_gc from the database to Redis - - Limit number of shown environments on Merge Request: show only environments for target_branch, source_branch and tags - - Add font color contrast to external label in admin area (ClemMakesApps) - - Fix find file navigation links (ClemMakesApps) - - Change logo animation to CSS (ClemMakesApps) - - Instructions for enabling Git packfile bitmaps !6104 - - Use Search::GlobalService.new in the `GET /projects/search/:query` endpoint - - Fix long comments in diffs messing with table width - - Add spec covering 'Gitlab::Git::committer_hash' !6433 (dandunckelman) - - Fix pagination on user snippets page - - Honor "fixed layout" preference in more places !6422 - - Run CI builds with the permissions of users !5735 - - Fix sorting of issues in API - - Fix download artifacts button links !6407 - - Sort project variables by key. !6275 (Diego Souza) - - Ensure specs on sorting of issues in API are deterministic on MySQL - - Added ability to use predefined CI variables for environment name - - Added ability to specify URL in environment configuration in gitlab-ci.yml - - Escape search term before passing it to Regexp.new !6241 (winniehell) - - Fix pinned sidebar behavior in smaller viewports !6169 - - Fix file permissions change when updating a file on the Gitlab UI !5979 - - Added horizontal padding on build page sidebar on code coverage block. !6196 (Vitaly Baev) - - Change merge_error column from string to text type - - Fix issue with search filter labels not displaying - - Reduce contributions calendar data payload (ClemMakesApps) - - Show all pipelines for merge requests even from discarded commits !6414 - - Replace contributions calendar timezone payload with dates (ClemMakesApps) - - Changed MR widget build status to pipeline status !6335 - - Add `web_url` field to issue, merge request, and snippet API objects (Ben Boeckel) - - Enable pipeline events by default !6278 - - Add pipeline email service !6019 - - Move parsing of sidekiq ps into helper !6245 (pascalbetz) - - Added go to issue boards keyboard shortcut - - Expose `sha` and `merge_commit_sha` in merge request API (Ben Boeckel) - - Emoji can be awarded on Snippets !4456 - - Set path for all JavaScript cookies to honor GitLab's subdirectory setting !5627 (Mike Greiling) - - Fix blame table layout width - - Spec testing if issue authors can read issues on private projects - - Fix bug where pagination is still displayed despite all todos marked as done (ClemMakesApps) - - Request only the LDAP attributes we need !6187 - - Center build stage columns in pipeline overview (ClemMakesApps) - - Fix bug with tooltip not hiding on discussion toggle button - - Rename behaviour to behavior in bug issue template for consistency (ClemMakesApps) - - Fix bug stopping issue description being scrollable after selecting issue template - - Remove suggested colors hover underline (ClemMakesApps) - - Fix jump to discussion button being displayed on commit notes - - Shorten task status phrase (ClemMakesApps) - - Fix project visibility level fields on settings - - Add hover color to emoji icon (ClemMakesApps) - - Increase ci_builds artifacts_size column to 8-byte integer to allow larger files - - Add textarea autoresize after comment (ClemMakesApps) - - Do not write SSH public key 'comments' to authorized_keys !6381 - - Add due date to issue todos - - Refresh todos count cache when an Issue/MR is deleted - - Fix branches page dropdown sort alignment (ClemMakesApps) - - Hides merge request button on branches page is user doesn't have permissions - - Add white background for no readme container (ClemMakesApps) - - API: Expose issue confidentiality flag. (Robert Schilling) - - Fix markdown anchor icon interaction (ClemMakesApps) - - Test migration paths from 8.5 until current release !4874 - - Replace animateEmoji timeout with eventListener (ClemMakesApps) - - Show badges in Milestone tabs. !5946 (Dan Rowden) - - Optimistic locking for Issues and Merge Requests (title and description overriding prevention) - - Require confirmation when not logged in for unsubscribe links !6223 (Maximiliano Perez Coto) - - Add `wiki_page_events` to project hook APIs (Ben Boeckel) - - Remove Gitorious import - - Loads GFM autocomplete source only when required - - Fix issue with slash commands not loading on new issue page - - Fix inconsistent background color for filter input field (ClemMakesApps) - - Remove prefixes from transition CSS property (ClemMakesApps) - - Add Sentry logging to API calls - - Add BroadcastMessage API - - Merge request tabs are fixed when scrolling page - - Use 'git update-ref' for safer web commits !6130 - - Sort pipelines requested through the API - - Automatically expand hidden discussions when accessed by a permalink !5585 (Mike Greiling) - - Fix issue boards loading on large screens - - Change pipeline duration to be jobs running time instead of simple wall time from start to end !6084 - - Show queued time when showing a pipeline !6084 - - Remove unused mixins (ClemMakesApps) - - Fix issue board label filtering appending already filtered labels - - Add search to all issue board lists - - Scroll active tab into view on mobile - - Fix groups sort dropdown alignment (ClemMakesApps) - - Add horizontal scrolling to all sub-navs on mobile viewports (ClemMakesApps) - - Use JavaScript tooltips for mentions !5301 (winniehell) - - Add hover state to todos !5361 (winniehell) - - Fix icon alignment of star and fork buttons !5451 (winniehell) - - Fix alignment of icon buttons !5887 (winniehell) - - Added Ubuntu 16.04 support for packager.io (JonTheNiceGuy) - - Fix markdown help references (ClemMakesApps) - - Add last commit time to repo view (ClemMakesApps) - - Fix accessibility and visibility of project list dropdown button !6140 - - Fix missing flash messages on service edit page (airatshigapov) - - Added project-specific enable/disable setting for LFS !5997 - - Added group-specific enable/disable setting for LFS !6164 - - Add optional 'author' param when making commits. !5822 (dandunckelman) - - Don't expose a user's token in the `/api/v3/user` API (!6047) - - Remove redundant js-timeago-pending from user activity log (ClemMakesApps) - - Ability to manage project issues, snippets, wiki, merge requests and builds access level - - Remove inconsistent font weight for sidebar's labels (ClemMakesApps) - - Align add button on repository view (ClemMakesApps) - - Fix contributions calendar month label truncation (ClemMakesApps) - - Import release note descriptions from GitHub (EspadaV8) - - Added tests for diff notes - - Add pipeline events to Slack integration !5525 - - Add a button to download latest successful artifacts for branches and tags !5142 - - Remove redundant pipeline tooltips (ClemMakesApps) - - Expire commit info views after one day, instead of two weeks, to allow for user email updates - - Add delimiter to project stars and forks count (ClemMakesApps) - - Fix badge count alignment (ClemMakesApps) - - Remove green outline from `New branch unavailable` button on issue page !5858 (winniehell) - - Fix repo title alignment (ClemMakesApps) - - Change update interval of contacted_at - - Add LFS support to SSH !6043 - - Fix branch title trailing space on hover (ClemMakesApps) - - Don't include 'Created By' tag line when importing from GitHub if there is a linked GitLab account (EspadaV8) - - Award emoji tooltips containing more than 10 usernames are now truncated !4780 (jlogandavison) - - Fix duplicate "me" in award emoji tooltip !5218 (jlogandavison) - - Order award emoji tooltips in order they were added (EspadaV8) - - Fix spacing and vertical alignment on build status icon on commits page (ClemMakesApps) - - Update merge_requests.md with a simpler way to check out a merge request. !5944 - - Fix button missing type (ClemMakesApps) - - Gitlab::Checks is now instrumented - - Move to project dropdown with infinite scroll for better performance - - Fix leaking of submit buttons outside the width of a main container !18731 (originally by @pavelloz) - - Load branches asynchronously in Cherry Pick and Revert dialogs. - - Convert datetime coffeescript spec to ES6 (ClemMakesApps) - - Add merge request versions !5467 - - Change using size to use count and caching it for number of group members. !5935 - - Replace play icon font with svg (ClemMakesApps) - - Added 'only_allow_merge_if_build_succeeds' project setting in the API. !5930 (Duck) - - Reduce number of database queries on builds tab - - Wrap text in commit message containers - - Capitalize mentioned issue timeline notes (ClemMakesApps) - - Fix inconsistent checkbox alignment (ClemMakesApps) - - Use the default branch for displaying the project icon instead of master !5792 (Hannes Rosenögger) - - Adds response mime type to transaction metric action when it's not HTML - - Fix hover leading space bug in pipeline graph !5980 - - Avoid conflict with admin labels when importing GitHub labels - - User can edit closed MR with deleted fork (Katarzyna Kobierska Ula Budziszewska) !5496 - - Fix repository page ui issues - - Avoid protected branches checks when verifying access without branch name - - Add information about user and manual build start to runner as variables !6201 (Sergey Gnuskov) - - Fixed invisible scroll controls on build page on iPhone - - Fix error on raw build trace download for old builds stored in database !4822 - - Refactor the triggers page and documentation !6217 - - Show values of CI trigger variables only when clicked (Katarzyna Kobierska Ula Budziszewska) - - Use default clone protocol on "check out, review, and merge locally" help page URL - - Let the user choose a namespace and name on GitHub imports - - API for Ci Lint !5953 (Katarzyna Kobierska Urszula Budziszewska) - - Allow bulk update merge requests from merge requests index page - - Ensure validation messages are shown within the milestone form - - Add notification_settings API calls !5632 (mahcsig) - - Remove duplication between project builds and admin builds view !5680 (Katarzyna Kobierska Ula Budziszewska) - - Fix URLs with anchors in wiki !6300 (houqp) - - Deleting source project with existing fork link will close all related merge requests !6177 (Katarzyna Kobierska Ula Budziszeska) - - Return 204 instead of 404 for /ci/api/v1/builds/register.json if no builds are scheduled for a runner !6225 - - Fix Gitlab::Popen.popen thread-safety issue - - Add specs to removing project (Katarzyna Kobierska Ula Budziszewska) - - Clean environment variables when running git hooks - - Fix Import/Export issues importing protected branches and some specific models - - Fix non-master branch readme display in tree view - - Add UX improvements for merge request version diffs - -## 8.11.11 (2016-11-07) - -- Fix XSS issue in Markdown autolinker - -## 8.11.10 (2016-11-02) - -- Removes any symlinks before importing a project export file. CVE-2016-9086 - -## 8.11.9 - - - Don't send Private-Token (API authentication) headers to Sentry - - Share projects via the API only with groups the authenticated user can access - -## 8.11.8 - - - Respect the fork_project permission when forking projects - - Set a restrictive CORS policy on the API for credentialed requests - - API: disable rails session auth for non-GET/HEAD requests - - Escape HTML nodes in builds commands in CI linter - -## 8.11.7 - - - Avoid conflict with admin labels when importing GitHub labels. !6158 - - Restores `fieldName` to allow only string values in `gl_dropdown.js`. !6234 - - Allow the Rails cookie to be used for API authentication. - - Login/Register UX upgrade !6328 - -## 8.11.6 - - - Fix unnecessary horizontal scroll area in pipeline visualizations. !6005 - - Make merge conflict file size limit 200 KB, to match the docs. !6052 - - Fix an error where we were unable to create a CommitStatus for running state. !6107 - - Optimize discussion notes resolving and unresolving. !6141 - - Fix GitLab import button. !6167 - - Restore SSH Key title auto-population behavior. !6186 - - Fix DB schema to match latest migration. !6256 - - Exclude some pending or inactivated rows in Member scopes. - -## 8.11.5 - - - Optimize branch lookups and force a repository reload for Repository#find_branch. !6087 - - Fix member expiration date picker after update. !6184 - - Fix suggested colors options for new labels in the admin area. !6138 - - Optimize discussion notes resolving and unresolving - - Fix GitLab import button - - Fix confidential issues being exposed as public using gitlab.com export - - Remove gitorious from import_sources. !6180 - - Scope webhooks/services that will run for confidential issues - - Remove gitorious from import_sources - - Fix confidential issues being exposed as public using gitlab.com export - - Use oj gem for faster JSON processing - -## 8.11.4 - - - Fix resolving conflicts on forks. !6082 - - Fix diff commenting on merge requests created prior to 8.10. !6029 - - Fix pipelines tab layout regression. !5952 - - Fix "Wiki" link not appearing in navigation for projects with external wiki. !6057 - - Do not enforce using hash with hidden key in CI configuration. !6079 - - Fix hover leading space bug in pipeline graph !5980 - - Fix sorting issues by "last updated" doesn't work after import from GitHub - - GitHub importer use default project visibility for non-private projects - - Creating an issue through our API now emails label subscribers !5720 - - Block concurrent updates for Pipeline - - Don't create groups for unallowed users when importing projects - - Fix issue boards leak private label names and descriptions - - Fix broken gitlab:backup:restore because of bad permissions on repo storage !6098 (Dirk Hörner) - - Remove gitorious. !5866 - - Allow compare merge request versions - -## 8.11.3 - - - Allow system info page to handle case where info is unavailable - - Label list shows all issues (opened or closed) with that label - - Don't show resolve conflicts link before MR status is updated - - Fix IE11 fork button bug !5982 - - Don't prevent viewing the MR when git refs for conflicts can't be found on disk - - Fix external issue tracker "Issues" link leading to 404s - - Don't try to show merge conflict resolution info if a merge conflict contains non-UTF-8 characters - - Automatically expand hidden discussions when accessed by a permalink !5585 (Mike Greiling) - - Issues filters reset button - -## 8.11.2 - - - Show "Create Merge Request" widget for push events to fork projects on the source project. !5978 - - Use gitlab-workhorse 0.7.11 !5983 - - Does not halt the GitHub import process when an error occurs. !5763 - - Fix file links on project page when default view is Files !5933 - - Fixed enter key in search input not working !5888 - -## 8.11.1 - - - Pulled due to packaging error. - -## 8.11.0 (2016-08-22) - - - Use test coverage value from the latest successful pipeline in badge. !5862 - - Add test coverage report badge. !5708 - - Remove the http_parser.rb dependency by removing the tinder gem. !5758 (tbalthazar) - - Add Koding (online IDE) integration - - Ability to specify branches for Pivotal Tracker integration (Egor Lynko) - - Fix don't pass a local variable called `i` to a partial. !20510 (herminiotorres) - - Fix rename `add_users_into_project` and `projects_ids`. !20512 (herminiotorres) - - Fix adding line comments on the initial commit to a repo !5900 - - Fix the title of the toggle dropdown button. !5515 (herminiotorres) - - Rename `markdown_preview` routes to `preview_markdown`. (Christopher Bartz) - - Update to Ruby 2.3.1. !4948 - - Add Issues Board !5548 - - Allow resolving merge conflicts in the UI !5479 - - Improve diff performance by eliminating redundant checks for text blobs - - Ensure that branch names containing escapable characters (e.g. %20) aren't unescaped indiscriminately. !5770 (ewiltshi) - - Convert switch icon into icon font (ClemMakesApps) - - API: Endpoints for enabling and disabling deploy keys - - API: List access requests, request access, approve, and deny access requests to a project or a group. !4833 - - Use long options for curl examples in documentation !5703 (winniehell) - - Added tooltip listing label names to the labels value in the collapsed issuable sidebar - - Remove magic comments (`# encoding: UTF-8`) from Ruby files. !5456 (winniehell) - - GitLab Performance Monitoring can now track custom events such as the number of tags pushed to a repository - - Add support for relative links starting with ./ or / to RelativeLinkFilter (winniehell) - - Allow naming U2F devices !5833 - - Ignore URLs starting with // in Markdown links !5677 (winniehell) - - Fix CI status icon link underline (ClemMakesApps) - - The Repository class is now instrumented - - Fix commit mention font inconsistency (ClemMakesApps) - - Do not escape URI when extracting path !5878 (winniehell) - - Fix filter label tooltip HTML rendering (ClemMakesApps) - - Cache the commit author in RequestStore to avoid extra lookups in PostReceive - - Expand commit message width in repo view (ClemMakesApps) - - Cache highlighted diff lines for merge requests - - Pre-create all builds for a Pipeline when the new Pipeline is created !5295 - - Allow merge request diff notes and discussions to be explicitly marked as resolved - - API: Add deployment endpoints - - API: Add Play endpoint on Builds - - Fix of 'Commits being passed to custom hooks are already reachable when using the UI' - - Show wall clock time when showing a pipeline. !5734 - - Show member roles to all users on members page - - Project.visible_to_user is instrumented again - - Fix awardable button mutuality loading spinners (ClemMakesApps) - - Sort todos by date and priority - - Add support for using RequestStore within Sidekiq tasks via SIDEKIQ_REQUEST_STORE env variable - - Optimize maximum user access level lookup in loading of notes - - Send notification emails to users newly mentioned in issue and MR edits !5800 - - Add "No one can push" as an option for protected branches. !5081 - - Improve performance of AutolinkFilter#text_parse by using XPath - - Add experimental Redis Sentinel support !1877 - - Rendering of SVGs as blobs is now limited to SVGs with a size smaller or equal to 2MB - - Fix branches page dropdown sort initial state (ClemMakesApps) - - Environments have an url to link to - - Various redundant database indexes have been removed - - Update `timeago` plugin to use multiple string/locale settings - - Remove unused images (ClemMakesApps) - - Get issue and merge request description templates from repositories - - Enforce 2FA restrictions on API authentication endpoints !5820 - - Limit git rev-list output count to one in forced push check - - Show deployment status on merge requests with external URLs - - Clean up unused routes (Josef Strzibny) - - Fix issue on empty project to allow developers to only push to protected branches if given permission - - API: Add enpoints for pipelines - - Add green outline to New Branch button. !5447 (winniehell) - - Optimize generating of cache keys for issues and notes - - Fix repository push email formatting in Outlook - - Improve performance of syntax highlighting Markdown code blocks - - Update to gitlab_git 10.4.1 and take advantage of preserved Ref objects - - Remove delay when hitting "Reply..." button on page with a lot of discussions - - Retrieve rendered HTML from cache in one request - - Fix renaming repository when name contains invalid chararacters under project settings - - Upgrade Grape from 0.13.0 to 0.15.0. !4601 - - Trigram indexes for the "ci_runners" table have been removed to speed up UPDATE queries - - Fix devise deprecation warnings. - - Check for 2FA when using Git over HTTP and only allow PersonalAccessTokens as password in that case !5764 - - Update version_sorter and use new interface for faster tag sorting - - Optimize checking if a user has read access to a list of issues !5370 - - Store all DB secrets in secrets.yml, under descriptive names !5274 - - Fix syntax highlighting in file editor - - Support slash commands in issue and merge request descriptions as well as comments. !5021 - - Nokogiri's various parsing methods are now instrumented - - Add archived badge to project list !5798 - - Add simple identifier to public SSH keys (muteor) - - Admin page now references docs instead of a specific file !5600 (AnAverageHuman) - - Fix filter input alignment (ClemMakesApps) - - Include old revision in merge request update hooks (Ben Boeckel) - - Add build event color in HipChat messages (David Eisner) - - Make fork counter always clickable. !5463 (winniehell) - - Document that webhook secret token is sent in X-Gitlab-Token HTTP header !5664 (lycoperdon) - - Gitlab::Highlight is now instrumented - - All created issues, API or WebUI, can be submitted to Akismet for spam check !5333 - - Allow users to import cross-repository pull requests from GitHub - - The overhead of instrumented method calls has been reduced - - Remove `search_id` of labels dropdown filter to fix 'Missleading URI for labels in Merge Requests and Issues view'. !5368 (Scott Le) - - Load project invited groups and members eagerly in `ProjectTeam#fetch_members` - - Add pipeline events hook - - Bump gitlab_git to speedup DiffCollection iterations - - Rewrite description of a blocked user in admin settings. (Elias Werberich) - - Make branches sortable without push permission !5462 (winniehell) - - Check for Ci::Build artifacts at database level on pipeline partial - - Convert image diff background image to CSS (ClemMakesApps) - - Remove unnecessary index_projects_on_builds_enabled index from the projects table - - Make "New issue" button in Issue page less obtrusive !5457 (winniehell) - - Gitlab::Metrics.current_transaction needs to be public for RailsQueueDuration - - Fix search for notes which belongs to deleted objects - - Allow Akismet to be trained by submitting issues as spam or ham !5538 - - Add GitLab Workhorse version to admin dashboard (Katarzyna Kobierska Ula Budziszewska) - - Allow branch names ending with .json for graph and network page !5579 (winniehell) - - Add the `sprockets-es6` gem - - Improve OAuth2 client documentation (muteor) - - Fix diff comments inverted toggle bug (ClemMakesApps) - - Multiple trigger variables show in separate lines (Katarzyna Kobierska Ula Budziszewska) - - Profile requests when a header is passed - - Avoid calculation of line_code and position for _line partial when showing diff notes on discussion tab. - - Speedup DiffNote#active? on discussions, preloading noteables and avoid touching git repository to return diff_refs when possible - - Add commit stats in commit api. !5517 (dixpac) - - Add CI configuration button on project page - - Fix merge request new view not changing code view rendering style - - edit_blob_link will use blob passed onto the options parameter - - Make error pages responsive (Takuya Noguchi) - - The performance of the project dropdown used for moving issues has been improved - - Fix skip_repo parameter being ignored when destroying a namespace - - Add all builds into stage/job dropdowns on builds page - - Change requests_profiles resource constraint to catch virtually any file - - Bump gitlab_git to lazy load compare commits - - Reduce number of queries made for merge_requests/:id/diffs - - Add the option to set the expiration date for the project membership when giving a user access to a project. !5599 (Adam Niedzielski) - - Sensible state specific default sort order for issues and merge requests !5453 (tomb0y) - - Fix bug where destroying a namespace would not always destroy projects - - Fix RequestProfiler::Middleware error when code is reloaded in development - - Allow horizontal scrolling of code blocks in issue body - - Catch what warden might throw when profiling requests to re-throw it - - Avoid commit lookup on diff_helper passing existing local variable to the helper method - - Add description to new_issue email and new_merge_request_email in text/plain content type. !5663 (dixpac) - - Speed up and reduce memory usage of Commit#repo_changes, Repository#expire_avatar_cache and IrkerWorker - - Add unfold links for Side-by-Side view. !5415 (Tim Masliuchenko) - - Adds support for pending invitation project members importing projects - - Add pipeline visualization/graph on pipeline page - - Update devise initializer to turn on changed password notification emails. !5648 (tombell) - - Avoid to show the original password field when password is automatically set. !5712 (duduribeiro) - - Fix importing GitLab projects with an invalid MR source project - - Sort folders with submodules in Files view !5521 - - Each `File::exists?` replaced to `File::exist?` because of deprecate since ruby version 2.2.0 - - Add auto-completition in pipeline (Katarzyna Kobierska Ula Budziszewska) - - Add pipelines tab to merge requests - - Fix notification_service argument error of declined invitation emails - - Fix a memory leak caused by Banzai::Filter::SanitizationFilter - - Speed up todos queries by limiting the projects set we join with - - Ensure file editing in UI does not overwrite commited changes without warning user - - Eliminate unneeded calls to Repository#blob_at when listing commits with no path - - Update gitlab_git gem to 10.4.7 - - Simplify SQL queries of marking a todo as done - -## 8.10.13 (2016-11-02) - -- Removes any symlinks before importing a project export file. CVE-2016-9086 - -## 8.10.12 - - - Don't send Private-Token (API authentication) headers to Sentry - - Share projects via the API only with groups the authenticated user can access - -## 8.10.11 - - - Respect the fork_project permission when forking projects - - Set a restrictive CORS policy on the API for credentialed requests - - API: disable rails session auth for non-GET/HEAD requests - - Escape HTML nodes in builds commands in CI linter - -## 8.10.10 - - - Allow the Rails cookie to be used for API authentication. - -## 8.10.9 - - - Exclude some pending or inactivated rows in Member scopes - -## 8.10.8 - - - Fix information disclosure in issue boards. - - Fix privilege escalation in project import. - -## 8.10.7 - - - Upgrade Hamlit to 2.6.1. !5873 - - Upgrade Doorkeeper to 4.2.0. !5881 - -## 8.10.6 - - - Upgrade Rails to 4.2.7.1 for security fixes. !5781 - - Restore "Largest repository" sort option on Admin > Projects page. !5797 - - Fix privilege escalation via project export. - - Require administrator privileges to perform a project import. - -## 8.10.5 - - - Add a data migration to fix some missing timestamps in the members table. !5670 - - Revert the "Defend against 'Host' header injection" change in the source NGINX templates. !5706 - - Cache project count for 5 minutes to reduce DB load. !5746 & !5754 - -## 8.10.4 - - - Don't close referenced upstream issues from a forked project. - - Fixes issue with dropdowns `enter` key not working correctly. !5544 - - Fix Import/Export project import not working in HA mode. !5618 - - Fix Import/Export error checking versions. !5638 - -## 8.10.3 - - - Fix Import/Export issue importing milestones and labels not associated properly. !5426 - - Fix timing problems running imports on production. !5523 - - Add a log message when a project is scheduled for destruction for debugging. !5540 - - Fix hooks missing on imported GitLab projects. !5549 - - Properly abort a merge when merge conflicts occur. !5569 - - Fix importer for GitHub Pull Requests when a branch was removed. !5573 - - Ignore invalid IPs in X-Forwarded-For when trusted proxies are configured. !5584 - - Trim extra displayed carriage returns in diffs and files with CRLFs. !5588 - - Fix label already exist error message in the right sidebar. - -## 8.10.2 - - - User can now search branches by name. !5144 - - Page is now properly rendered after committing the first file and creating the first branch. !5399 - - Add branch or tag icon to ref in builds page. !5434 - - Fix backup restore. !5459 - - Use project ID in repository cache to prevent stale data from persisting across projects. !5460 - - Fix issue with autocomplete search not working with enter key. !5466 - - Add iid to MR API response. !5468 - - Disable MySQL foreign key checks before dropping all tables. !5472 - - Ensure relative paths for video are rewritten as we do for images. !5474 - - Ensure current user can retry a build before showing the 'Retry' button. !5476 - - Add ENV variable to skip repository storages validations. !5478 - - Added `*.js.es6 gitlab-language=javascript` to `.gitattributes`. !5486 - - Don't show comment button in gutter of diffs on MR discussion tab. !5493 - - Rescue Rugged::OSError (lock exists) when creating references. !5497 - - Fix expand all diffs button in compare view. !5500 - - Show release notes in tags list. !5503 - - Fix a bug where forking a project from a repository storage to another would fail. !5509 - - Fix missing schema update for `20160722221922`. !5512 - - Update `gitlab-shell` version to 3.2.1 in the 8.9->8.10 update guide. !5516 - -## 8.10.1 - - - Refactor repository storages documentation. !5428 - - Gracefully handle case when keep-around references are corrupted or exist already. !5430 - - Add detailed info on storage path mountpoints. !5437 - - Fix Error 500 when creating Wiki pages with hyphens or spaces. !5444 - - Fix bug where replies to commit notes displayed in the MR discussion tab wouldn't show up on the commit page. !5446 - - Ignore invalid trusted proxies in X-Forwarded-For header. !5454 - - Add links to the real markdown.md file for all GFM examples. !5458 - -## 8.10.0 (2016-07-22) - - - Fix profile activity heatmap to show correct day name (eanplatter) - - Speed up ExternalWikiHelper#get_project_wiki_path - - Expose {should,force}_remove_source_branch (Ben Boeckel) - - Add the functionality to be able to rename a file. !5049 - - Disable PostgreSQL statement timeout during migrations - - Fix projects dropdown loading performance with a simplified api cal. !5113 - - Fix commit builds API, return all builds for all pipelines for given commit. !4849 - - Replace Haml with Hamlit to make view rendering faster. !3666 - - Refresh the branch cache after `git gc` runs - - Allow to disable request access button on projects/groups - - Refactor repository paths handling to allow multiple git mount points - - Optimize system note visibility checking by memoizing the visible reference count. !5070 - - Add Application Setting to configure default Repository Path for new projects - - Delete award emoji when deleting a user - - Remove pinTo from Flash and make inline flash messages look nicer. !4854 (winniehell) - - Add an API for downloading latest successful build from a particular branch or tag. !5347 - - Avoid data-integrity issue when cleaning up repository archive cache. - - Add link to profile to commit avatar. !5163 (winniehell) - - Wrap code blocks on Activies and Todos page. !4783 (winniehell) - - Align flash messages with left side of page content. !4959 (winniehell) - - Display tooltip for "Copy to Clipboard" button. !5164 (winniehell) - - Use default cursor for table header of project files. !5165 (winniehell) - - Store when and yaml variables in builds table - - Display last commit of deleted branch in push events. !4699 (winniehell) - - Escape file extension when parsing search results. !5141 (winniehell) - - Add "passing with warnings" to the merge request pipeline possible statuses, this happens when builds that allow failures have failed. !5004 - - Add image border in Markdown preview. !5162 (winniehell) - - Apply the trusted_proxies config to the rack request object for use with rack_attack - - Added the ability to block sign ups using a domain blacklist. !5259 - - Upgrade to Rails 4.2.7. !5236 - - Extend exposed environment variables for CI builds - - Deprecate APIs "projects/:id/keys/...". Use "projects/:id/deploy_keys/..." instead - - Add API "deploy_keys" for admins to get all deploy keys - - Allow to pull code with deploy key from public projects - - Use limit parameter rather than hardcoded value in `ldap:check` rake task (Mike Ricketts) - - Add Sidekiq queue duration to transaction metrics. - - Add a new column `artifacts_size` to table `ci_builds`. !4964 - - Let Workhorse serve format-patch diffs - - Display tooltip for mentioned users and groups. !5261 (winniehell) - - Allow build email service to be tested - - Added day name to contribution calendar tooltips - - Refactor user authorization check for a single project to avoid querying all user projects - - Make images fit to the size of the viewport. !4810 - - Fix check for New Branch button on Issue page. !4630 (winniehell) - - Fix GFM autocomplete not working on wiki pages - - Fixed enter key not triggering click on first row when searching in a dropdown - - Updated dropdowns in issuable form to use new GitLab dropdown style - - Make images fit to the size of the viewport !4810 - - Fix check for New Branch button on Issue page !4630 (winniehell) - - Fix MR-auto-close text added to description. !4836 - - Support U2F devices in Firefox. !5177 - - Fix issue, preventing users w/o push access to sort tags. !5105 (redetection) - - Add Spring EmojiOne updates. - - Added Rake task for tracking deployments. !5320 - - Fix fetching LFS objects for private CI projects - - Add the new 2016 Emoji! Adds 72 new emoji including bacon, facepalm, and selfie. !5237 - - Add syntax for multiline blockquote using `>>>` fence. !3954 - - Fix viewing notification settings when a project is pending deletion - - Updated compare dropdown menus to use GL dropdown - - Redirects back to issue after clicking login link - - Eager load award emoji on notes - - Allow to define manual actions/builds on Pipelines and Environments - - Fix pagination when sorting by columns with lots of ties (like priority) - - The Markdown reference parsers now re-use query results to prevent running the same queries multiple times. !5020 - - Updated project header design - - Issuable collapsed assignee tooltip is now the users name - - Fix compare view not changing code view rendering style - - Exclude email check from the standard health check - - Updated layout for Projects, Groups, Users on Admin area. !4424 - - Fix changing issue state columns in milestone view - - Update health_check gem to version 2.1.0 - - Add notification settings dropdown for groups - - Render inline diffs for multiple changed lines following eachother - - Wildcards for protected branches. !4665 - - Allow importing from Github using Personal Access Tokens. (Eric K Idema) - - API: Expose `due_date` for issues (Robert Schilling) - - API: Todos. !3188 (Robert Schilling) - - API: Expose shared groups for projects and shared projects for groups. !5050 (Robert Schilling) - - API: Expose `developers_can_push` and `developers_can_merge` for branches. !5208 (Robert Schilling) - - Add "Enabled Git access protocols" to Application Settings - - Diffs will create button/diff form on demand no on server side - - Reduce size of HTML used by diff comment forms - - Protected branches have a "Developers can Merge" setting. !4892 (original implementation by Mathias Vestergaard) - - Fix user creation with stronger minimum password requirements. !4054 (nathan-pmt) - - Only show New Snippet button to users that can create snippets. - - PipelinesFinder uses git cache data - - Track a user who created a pipeline - - Actually render old and new sections of parallel diff next to each other - - Throttle the update of `project.pushes_since_gc` to 1 minute. - - Allow expanding and collapsing files in diff view. !4990 - - Collapse large diffs by default (!4990) - - Fix mentioned users list on diff notes - - Add support for inline videos in GitLab Flavored Markdown. !5215 (original implementation by Eric Hayes) - - Fix creation of deployment on build that is retried, redeployed or rollback - - Don't parse Rinku returned value to DocFragment when it didn't change the original html string. - - Check for conflicts with existing Project's wiki path when creating a new project. - - Show last push widget in upstream after push to fork - - Fix stage status shown for pipelines - - Cache todos pending/done dashboard query counts. - - Don't instantiate a git tree on Projects show default view - - Bump Rinku to 2.0.0 - - Remove unused front-end variable -> default_issues_tracker - - ObjectRenderer retrieve renderer content using Rails.cache.read_multi - - Better caching of git calls on ProjectsController#show. - - Avoid to retrieve MR closes_issues as much as possible. - - Hide project name in project activities. !5068 (winniehell) - - Add API endpoint for a group issues. !4520 (mahcsig) - - Add Bugzilla integration. !4930 (iamtjg) - - Fix new snippet style bug (elliotec) - - Instrument Rinku usage - - Be explicit to define merge request discussion variables - - Use cache for todos counter calling TodoService - - Metrics for Rouge::Plugins::Redcarpet and Rouge::Formatters::HTMLGitlab - - RailsCache metris now includes fetch_hit/fetch_miss and read_hit/read_miss info. - - Allow [ci skip] to be in any case and allow [skip ci]. !4785 (simon_w) - - Made project list visibility icon fixed width - - Set import_url validation to be more strict - - Memoize MR merged/closed events retrieval - - Don't render discussion notes when requesting diff tab through AJAX - - Add basic system information like memory and disk usage to the admin panel - - Don't garbage collect commits that have related DB records like comments - - Allow to setup event by channel on slack service - - More descriptive message for git hooks and file locks - - Aliases of award emoji should be stored as original name. !5060 (dixpac) - - Handle custom Git hook result in GitLab UI - - Allow to access Container Registry for Public and Internal projects - - Allow '?', or '&' for label names - - Support redirected blobs for Container Registry integration - - Fix importer for GitHub Pull Requests when a branch was reused across Pull Requests - - Add date when user joined the team on the member page - - Fix 404 redirect after validation fails importing a GitLab project - - Added setting to set new users by default as external. !4545 (Dravere) - - Add min value for project limit field on user's form. !3622 (jastkand) - - Reset project pushes_since_gc when we enqueue the git gc call - - Add reminder to not paste private SSH keys. !4399 (Ingo Blechschmidt) - - Collapsed diffs lines/size don't acumulate to overflow diffs. - - Remove duplicate `description` field in `MergeRequest` entities (Ben Boeckel) - - Style of import project buttons were fixed in the new project page. !5183 (rdemirbay) - - Fix GitHub client requests when rate limit is disabled - - Optimistic locking for Issues and Merge Requests (Title and description overriding prevention) - - Redesign Builds and Pipelines pages - - Change status color and icon for running builds - - Fix commenting issue in side by side diff view for unchanged lines - - Fix markdown rendering for: consecutive labels references, label references that begin with a digit or contains `.` - - Project export filename now includes the project and namespace path - - Fix last update timestamp on issues not preserved on gitlab.com and project imports - - Fix issues importing projects from EE to CE - - Fix creating group with space in group path - - Improve cron_jobs loading error messages. !5318 / !5360 - - Prevent toggling sidebar when clipboard icon clicked - - Create Todos for Issue author when assign or mention himself (Katarzyna Kobierska) - - Limit the number of retries on error to 3 for exporting projects - - Allow empty repositories on project import/export - - Render only commit message title in builds (Katarzyna Kobierska Ula Budziszewska) - - Allow bulk (un)subscription from issues in issue index - - Fix MR diff encoding issues exporting GitLab projects - - Move builds settings out of project settings and rename Pipelines - - Add builds badge to Pipelines settings page - - Export and import avatar as part of project import/export - - Fix migration corrupting import data for old version upgrades - - Show tooltip on GitLab export link in new project page - - Fix import_data wrongly saved as a result of an invalid import_url !5206 - -## 8.9.11 - - - Respect the fork_project permission when forking projects - - Set a restrictive CORS policy on the API for credentialed requests - - API: disable rails session auth for non-GET/HEAD requests - - Escape HTML nodes in builds commands in CI linter - -## 8.9.10 - - - Allow the Rails cookie to be used for API authentication. - -## 8.9.9 - - - Exclude some pending or inactivated rows in Member scopes - -## 8.9.8 - - - Upgrade Doorkeeper to 4.2.0. !5881 - -## 8.9.7 - - - Upgrade Rails to 4.2.7.1 for security fixes. !5781 - - Require administrator privileges to perform a project import. - -## 8.9.6 - - - Fix importing of events under notes for GitLab projects. !5154 - - Fix log statements in import/export. !5129 - - Fix commit avatar alignment in compare view. !5128 - - Fix broken migration in MySQL. !5005 - - Overwrite Host and X-Forwarded-Host headers in NGINX !5213 - - Keeps issue number when importing from Gitlab.com - - Add Pending tab for Builds (Katarzyna Kobierska, Urszula Budziszewska) - -## 8.9.5 - - - Add more debug info to import/export and memory killer. !5108 - - Fixed avatar alignment in new MR view. !5095 - - Fix diff comments not showing up in activity feed. !5069 - - Add index on both Award Emoji user and name. !5061 - - Downgrade to Redis 3.2.2 due to massive memory leak with Sidekiq. !5056 - - Re-enable import button when import process fails due to namespace already being taken. !5053 - - Fix snippets comments not displayed. !5045 - - Fix emoji paths in relative root configurations. !5027 - - Fix issues importing events in Import/Export. !4987 - - Fixed 'use shortcuts' button on docs. !4979 - - Admin should be able to turn shared runners into specific ones. !4961 - - Update RedCloth to 4.3.2 for CVE-2012-6684. !4929 (Takuya Noguchi) - - Improve the request / withdraw access button. !4860 - -## 8.9.4 - - - Fix privilege escalation issue with OAuth external users. - - Ensure references to private repos aren't shown to logged-out users. - - Fixed search field blur not removing focus. !4704 - - Resolve "Sub nav isn't showing on file view". !4890 - - Fixes middle click and double request when navigating through the file browser. !4891 - - Fixed URL on label button when filtering. !4897 - - Fixed commit avatar alignment. !4933 - - Do not show build retry link when build is active. !4967 - - Fix restore Rake task warning message output. !4980 - - Handle external issues in IssueReferenceFilter. !4988 - - Expiry date on pinned nav cookie. !5009 - - Updated breakpoint for sidebar pinning. !5019 - -## 8.9.3 - - - Fix encrypted data backwards compatibility after upgrading attr_encrypted gem. !4963 - - Fix rendering of commit notes. !4953 - - Resolve "Pin should show up at 1280px min". !4947 - - Switched mobile button icons to ellipsis and angle. !4944 - - Correctly returns todo ID after creating todo. !4941 - - Better debugging for memory killer middleware. !4936 - - Remove duplicate new page btn from edit wiki. !4904 - - Use clock_gettime for all performance timestamps. !4899 - - Use memorized tags array when searching tags by name. !4859 - - Fixed avatar alignment in new MR view. !4901 - - Removed fade when filtering results. !4932 - - Fix missing avatar on system notes. !4954 - - Reduce overhead and optimize ProjectTeam#max_member_access performance. !4973 - - Use update_columns to bypass all the dirty code on active_record. !4985 - - Fix restore Rake task warning message output !4980 - -## 8.9.2 - - - Fix visibility of snippets when searching. - - Fix an information disclosure when requesting access to a group containing private projects. - - Update omniauth-saml to 1.6.0 !4951 - -## 8.9.1 - - - Refactor labels documentation. !3347 - - Eager load award emoji on notes. !4628 - - Fix some CI wording in documentation. !4660 - - Document `GIT_STRATEGY` and `GIT_DEPTH`. !4720 - - Add documentation for the export & import features. !4732 - - Add some docs for Docker Registry configuration. !4738 - - Ensure we don't send the "access request declined" email to access requesters on project deletion. !4744 - - Display group/project access requesters separately in the admin area. !4798 - - Add documentation and examples for configuring cloud storage for registry images. !4812 - - Clarifies documentation about artifact expiry. !4831 - - Fix the Network graph links. !4832 - - Fix MR-auto-close text added to description. !4836 - - Add documentation for award emoji now that comments can be awarded with emojis. !4839 - - Fix typo in export failure email. !4847 - - Fix header vertical centering. !4170 - - Fix subsequent SAML sign ins. !4718 - - Set button label when picking an option from status dropdown. !4771 - - Prevent invalid URLs from raising exceptions in WikiLink Filter. !4775 - - Handle external issues in IssueReferenceFilter. !4789 - - Support for rendering/redacting multiple documents. !4828 - - Update Todos documentation and screenshots to include new functionality. !4840 - - Hide nav arrows by default. !4843 - - Added bottom padding to label color suggestion link. !4845 - - Use jQuery objects in ref dropdown. !4850 - - Fix GitLab project import issues related to notes and builds. !4855 - - Restrict header logo to 36px so it doesn't overflow. !4861 - - Fix unwanted label unassignment. !4863 - - Fix mobile Safari bug where horizontal nav arrows would flicker on scroll. !4869 - - Restore old behavior around diff notes to outdated discussions. !4870 - - Fix merge requests project settings help link anchor. !4873 - - Fix 404 when accessing pipelines as guest user on public projects. !4881 - - Remove width restriction for logo on sign-in page. !4888 - - Bump gitlab_git to 10.2.3 to fix false truncated warnings with ISO-8559 files. !4884 - - Apply selected value as label. !4886 - - Change Retry to Re-deploy on Deployments page - - Fix temp file being deleted after the request while importing a GitLab project. !4894 - - Fix pagination when sorting by columns with lots of ties (like priority) - - Implement Subresource Integrity for CSS and JavaScript assets. This prevents malicious assets from loading in the case of a CDN compromise. - - Fix user creation with stronger minimum password requirements !4054 (nathan-pmt) - - Fix a wrong MR status when merge_when_build_succeeds & project.only_allow_merge_if_build_succeeds are true. !4912 - - Add SMTP as default delivery method to match gitlab-org/omnibus-gitlab!826. !4915 - - Remove duplicate 'New Page' button on edit wiki page - -## 8.9.0 (2016-06-22) - - - Fix group visibility form layout in application settings - - Fix builds API response not including commit data - - Fix error when CI job variables key specified but not defined - - Fix pipeline status when there are no builds in pipeline - - Fix Error 500 when using closes_issues API with an external issue tracker - - Add more information into RSS feed for issues (Alexander Matyushentsev) - - Bulk assign/unassign labels to issues. - - Ability to prioritize labels !4009 / !3205 (Thijs Wouters) - - Show Star and Fork buttons on mobile. - - Performance improvements on RelativeLinkFilter - - Fix endless redirections when accessing user OAuth applications when they are disabled - - Allow enabling wiki page events from Webhook management UI - - Bump rouge to 1.11.0 - - Fix issue with arrow keys not working in search autocomplete dropdown - - Fix an issue where note polling stopped working if a window was in the - background during a refresh. - - Pre-processing Markdown now only happens when needed - - Make EmailsOnPushWorker use Sidekiq mailers queue - - Redesign all Devise emails. !4297 - - Don't show 'Leave Project' to group members - - Fix wiki page events' webhook to point to the wiki repository - - Add a border around images to differentiate them from the background. - - Don't show tags for revert and cherry-pick operations - - Show image ID on registry page - - Fix issue todo not remove when leave project !4150 (Long Nguyen) - - Allow customisable text on the 'nearly there' page after a user signs up - - Bump recaptcha gem to 3.0.0 to remove deprecated stoken support - - Fix SVG sanitizer to allow more elements - - Allow forking projects with restricted visibility level - - Added descriptions to notification settings dropdown - - Improve note validation to prevent errors when creating invalid note via API - - Reduce number of fog gem dependencies - - Add number of merge requests for a given milestone to the milestones view. - - Implement a fair usage of shared runners - - Remove project notification settings associated with deleted projects - - Fix 404 page when viewing TODOs that contain milestones or labels in different projects - - Add a metric for the number of new Redis connections created by a transaction - - Fix Error 500 when viewing a blob with binary characters after the 1024-byte mark - - Redesign navigation for project pages - - Fix images in sign-up confirmation email - - Added shortcut 'y' for copying a files content hash URL #14470 - - Fix groups API to list only user's accessible projects - - Fix horizontal scrollbar for long commit message. - - GitLab Performance Monitoring now tracks the total method execution time and call count per method - - Add Environments and Deployments - - Redesign account and email confirmation emails - - Don't fail builds for projects that are deleted - - Support Docker Registry manifest v1 - - `git clone https://host/namespace/project` now works, in addition to using the `.git` suffix - - Bump nokogiri to 1.6.8 - - Use gitlab-shell v3.0.0 - - Fixed alignment of download dropdown in merge requests - - Upgrade to jQuery 2 - - Adds selected branch name to the dropdown toggle - - Add API endpoint for Sidekiq Metrics !4653 - - Refactoring Award Emoji with API support for Issues and MergeRequests - - Use Knapsack to evenly distribute tests across multiple nodes - - Add `sha` parameter to MR merge API, to ensure only reviewed changes are merged - - Don't allow MRs to be merged when commits were added since the last review / page load - - Add DB index on users.state - - Limit email on push diff size to 30 files / 150 KB - - Add rake task 'gitlab:db:configure' for conditionally seeding or migrating the database - - Changed the Slack build message to use the singular duration if necessary (Aran Koning) - - Fix race condition on merge when build succeeds - - Added shortcut to focus filter search fields and added documentation #18120 - - Links from a wiki page to other wiki pages should be rewritten as expected - - Add option to project to only allow merge requests to be merged if the build succeeds (Rui Santos) - - Added navigation shortcuts to the project pipelines, milestones, builds and forks page. !4393 - - Fix issues filter when ordering by milestone - - Disable SAML account unlink feature - - Added artifacts:when to .gitlab-ci.yml - this requires GitLab Runner 1.3 - - Bamboo Service: Fix missing credentials & URL handling when base URL contains a path (Benjamin Schmid) - - TeamCity Service: Fix URL handling when base URL contains a path - - Todos will display target state if issuable target is 'Closed' or 'Merged' - - Validate only and except regexp - - Fix bug when sorting issues by milestone due date and filtering by two or more labels - - POST to API /projects/:id/runners/:runner_id would give 409 if the runner was already enabled for this project - - Add support for using Yubikeys (U2F) for two-factor authentication - - Link to blank group icon doesn't throw a 404 anymore - - Remove 'main language' feature - - Toggle whitespace button now available for compare branches diffs #17881 - - Pipelines can be canceled only when there are running builds - - Allow authentication using personal access tokens - - Use downcased path to container repository as this is expected path by Docker - - Allow to use CI token to fetch LFS objects - - Custom notification settings - - Projects pending deletion will render a 404 page - - Measure queue duration between gitlab-workhorse and Rails - - Added Gfm autocomplete for labels - - Added edit note 'up' shortcut documentation to the help panel and docs screenshot #18114 - - Make Omniauth providers specs to not modify global configuration - - Remove unused JiraIssue class and replace references with ExternalIssue. !4659 (Ilan Shamir) - - Make authentication service for Container Registry to be compatible with < Docker 1.11 - - Make it possible to lock a runner from being enabled for other projects - - Add Application Setting to configure Container Registry token expire delay (default 5min) - - Cache assigned issue and merge request counts in sidebar nav - - Use Knapsack only in CI environment - - Updated project creation page to match new UI #2542 - - Cache project build count in sidebar nav - - Add milestone expire date to the right sidebar - - Manually mark a issue or merge request as a todo - - Fix markdown_spec to use before instead of before(:all) to properly cleanup database after testing - - Reduce number of queries needed to render issue labels in the sidebar - - Improve error handling importing projects - - Remove duplicated notification settings - - Put project Files and Commits tabs under Code tab - - Decouple global notification level from user model - - Replace Colorize with Rainbow for coloring console output in Rake tasks. - - Add workhorse controller and API helpers - - An indicator is now displayed at the top of the comment field for confidential issues. - - Show categorised search queries in the search autocomplete - - RepositoryCheck::SingleRepositoryWorker public and private methods are now instrumented - - Dropdown for `.gitlab-ci.yml` templates - - Improve issuables APIs performance when accessing notes !4471 - - Add sorting dropdown to tags page !4423 - - External links now open in a new tab - - Prevent default actions of disabled buttons and links - - Markdown editor now correctly resets the input value on edit cancellation !4175 - - Toggling a task list item in a issue/mr description does not creates a Todo for mentions - - Improved UX of date pickers on issue & milestone forms - - Cache on the database if a project has an active external issue tracker. - - Put project Labels and Milestones pages links under Issues and Merge Requests tabs as subnav - - GitLab project import and export functionality - - All classes in the Banzai::ReferenceParser namespace are now instrumented - - Remove deprecated issues_tracker and issues_tracker_id from project model - - Allow users to create confidential issues in private projects - - Measure CPU time for instrumented methods - - Instrument private methods and private instance methods by default instead just public methods - - Only show notes through JSON on confidential issues that the user has access to - - Updated the allocations Gem to version 1.0.5 - - The background sampler now ignores classes without names - - Update design for `Close` buttons - - New custom icons for navigation - - Horizontally scrolling navigation on project, group, and profile settings pages - - Hide global side navigation by default - - Fix project Star/Unstar project button tooltip - - Remove tanuki logo from side navigation; center on top nav - - Include user relationships when retrieving award_emoji - - Various associations are now eager loaded when parsing issue references to reduce the number of queries executed - - Set inverse_of for Project/Service association to reduce the number of queries - - Update tanuki logo highlight/loading colors - - Remove explicit Gitlab::Metrics.action assignments, are already automatic. - - Use Git cached counters for branches and tags on project page - - Cache participable participants in an instance variable. - - Filter parameters for request_uri value on instrumented transactions. - - Remove duplicated keys add UNIQUE index to keys fingerprint column - - ExtractsPath get ref_names from repository cache, if not there access git. - - Show a flash warning about the error detail of XHR requests which failed with status code 404 and 500 - - Cache user todo counts from TodoService - - Ensure Todos counters doesn't count Todos for projects pending delete - - Add left/right arrows horizontal navigation - - Add tooltip to pin/unpin navbar - - Add new sub nav style to Wiki and Graphs sub navigation - -## 8.8.9 - - - Upgrade Doorkeeper to 4.2.0. !5881 - -## 8.8.8 - - - Upgrade Rails to 4.2.7.1 for security fixes. !5781 - -## 8.8.7 - - - Fix privilege escalation issue with OAuth external users. - - Ensure references to private repos aren't shown to logged-out users. - -## 8.8.6 - - - Fix visibility of snippets when searching. - - Update omniauth-saml to 1.6.0 !4951 - -## 8.8.5 - - - Import GitHub repositories respecting the API rate limit !4166 - - Fix todos page throwing errors when you have a project pending deletion !4300 - - Disable Webhooks before proceeding with the GitHub import !4470 - - Fix importer for GitHub comments on diff !4488 - - Adjust the SAML control flow to allow LDAP identities to be added to an existing SAML user !4498 - - Fix incremental trace upload API when using multi-byte UTF-8 chars in trace !4541 - - Prevent unauthorized access for projects build traces - - Forbid scripting for wiki files - - Only show notes through JSON on confidential issues that the user has access to - - Banzai::Filter::UploadLinkFilter use XPath instead CSS expressions - - Banzai::Filter::ExternalLinkFilter use XPath instead CSS expressions - -## 8.8.4 - - - Fix LDAP-based login for users with 2FA enabled. !4493 - - Added descriptions to notification settings dropdown - - Due date can be removed from milestones - -## 8.8.3 - - - Fix 404 page when viewing TODOs that contain milestones or labels in different projects. !4312 - - Fixed JS error when trying to remove discussion form. !4303 - - Fixed issue with button color when no CI enabled. !4287 - - Fixed potential issue with 2 CI status polling events happening. !3869 - - Improve design of Pipeline view. !4230 - - Fix gitlab importer failing to import new projects due to missing credentials. !4301 - - Fix import URL migration not rescuing with the correct Error. !4321 - - Fix health check access token changing due to old application settings being used. !4332 - - Make authentication service for Container Registry to be compatible with Docker versions before 1.11. !4363 - - Add Application Setting to configure Container Registry token expire delay (default 5 min). !4364 - - Pass the "Remember me" value to the 2FA token form. !4369 - - Fix incorrect links on pipeline page when merge request created from fork. !4376 - - Use downcased path to container repository as this is expected path by Docker. !4420 - - Fix wiki project clone address error (chujinjin). !4429 - - Fix serious performance bug with rendering Markdown with InlineDiffFilter. !4392 - - Fix missing number on generated ordered list element. !4437 - - Prevent disclosure of notes on confidential issues in search results. - -## 8.8.2 - - - Added remove due date button. !4209 - - Fix Error 500 when accessing application settings due to nil disabled OAuth sign-in sources. !4242 - - Fix Error 500 in CI charts by gracefully handling commits with no durations. !4245 - - Fix table UI on CI builds page. !4249 - - Fix backups if registry is disabled. !4263 - - Fixed issue with merge button color. !4211 - - Fixed issue with enter key selecting wrong option in dropdown. !4210 - - When creating a .gitignore file a dropdown with templates will be provided. !4075 - - Fix concurrent request when updating build log in browser. !4183 - -## 8.8.1 - - - Add documentation for the "Health Check" feature - - Allow anonymous users to access a public project's pipelines !4233 - - Fix MySQL compatibility in zero downtime migrations helpers - - Fix the CI login to Container Registry (the gitlab-ci-token user) - -## 8.8.0 (2016-05-22) - - - Implement GFM references for milestones (Alejandro Rodríguez) - - Snippets tab under user profile. !4001 (Long Nguyen) - - Fix error when using link to uploads in global snippets - - Fix Error 500 when attempting to retrieve project license when HEAD points to non-existent ref - - Assign labels and milestone to target project when moving issue. !3934 (Long Nguyen) - - Use a case-insensitive comparison in sanitizing URI schemes - - Toggle sign-up confirmation emails in application settings - - Make it possible to prevent tagged runner from picking untagged jobs - - Added `InlineDiffFilter` to the markdown parser. (Adam Butler) - - Added inline diff styling for `change_title` system notes. (Adam Butler) - - Project#open_branches has been cleaned up and no longer loads entire records into memory. - - Escape HTML in commit titles in system note messages - - Improve design of Pipeline View - - Fix scope used when accessing container registry - - Fix creation of Ci::Commit object which can lead to pending, failed in some scenarios - - Improve multiple branch push performance by memoizing permission checking - - Log to application.log when an admin starts and stops impersonating a user - - Changing the confidentiality of an issue now creates a new system note (Alex Moore-Niemi) - - Updated gitlab_git to 10.1.0 - - GitAccess#protected_tag? no longer loads all tags just to check if a single one exists - - Reduce delay in destroying a project from 1-minute to immediately - - Make build status canceled if any of the jobs was canceled and none failed - - Upgrade Sidekiq to 4.1.2 - - Added /health_check endpoint for checking service status - - Make 'upcoming' filter for milestones work better across projects - - Sanitize repo paths in new project error message - - Bump mail_room to 0.7.0 to fix stuck IDLE connections - - Remove future dates from contribution calendar graph. - - Support e-mail notifications for comments on project snippets - - Fix API leak of notes of unauthorized issues, snippets and merge requests - - Use ActionDispatch Remote IP for Akismet checking - - Fix error when visiting commit builds page before build was updated - - Add 'l' shortcut to open Label dropdown on issuables and 'i' to create new issue on a project - - Update SVG sanitizer to conform to SVG 1.1 - - Speed up push emails with multiple recipients by only generating the email once - - Updated search UI - - Added authentication service for Container Registry - - Display informative message when new milestone is created - - Sanitize milestones and labels titles - - Support multi-line tag messages. !3833 (Calin Seciu) - - Force users to reset their password after an admin changes it - - Allow "NEWS" and "CHANGES" as alternative names for CHANGELOG. !3768 (Connor Shea) - - Added button to toggle whitespaces changes on diff view - - Backport GitHub Enterprise import support from EE - - Create tags using Rugged for performance reasons. !3745 - - Allow guests to set notification level in projects - - API: Expose Issue#user_notes_count. !3126 (Anton Popov) - - Don't show forks button when user can't view forks - - Fix atom feed links and rendering - - Files over 5MB can only be viewed in their raw form, files over 1MB without highlighting !3718 - - Add support for supressing text diffs using .gitattributes on the default branch (Matt Oakes) - - Add eager load paths to help prevent dependency load issues in Sidekiq workers. !3724 - - Added multiple colors for labels in dropdowns when dups happen. - - Show commits in the same order as `git log` - - Improve description for the Two-factor Authentication sign-in screen. (Connor Shea) - - API support for the 'since' and 'until' operators on commit requests (Paco Guzman) - - Fix Gravatar hint in user profile when Gravatar is disabled. !3988 (Artem Sidorenko) - - Expire repository exists? and has_visible_content? caches after a push if necessary - - Fix unintentional filtering bug in Issue/MR sorted by milestone due (Takuya Noguchi) - - Fix adding a todo for private group members (Ahmad Sherif) - - Bump ace-rails-ap gem version from 2.0.1 to 4.0.2 which upgrades Ace Editor from 1.1.2 to 1.2.3 - - Total method execution timings are no longer tracked - - Allow Admins to remove the Login with buttons for OAuth services and still be able to import !4034. (Andrei Gliga) - - Add API endpoints for un/subscribing from/to a label. !4051 (Ahmad Sherif) - - Hide left sidebar on phone screens to give more space for content - - Redesign navigation for profile and group pages - - Add counter metrics for rails cache - - Import pull requests from GitHub where the source or target branches were removed - - All Grape API helpers are now instrumented - - Improve Issue formatting for the Slack Service (Jeroen van Baarsen) - - Fixed advice on invalid permissions on upload path !2948 (Ludovic Perrine) - - Allows MR authors to have the source branch removed when merging the MR. !2801 (Jeroen Jacobs) - - When creating a .gitignore file a dropdown with templates will be provided - - Shows the issue/MR list search/filter form and corrects the mobile styling for guest users. #17562 - -## 8.7.9 - - - Fix privilege escalation issue with OAuth external users. - - Ensure references to private repos aren't shown to logged-out users. - -## 8.7.8 - - - Fix visibility of snippets when searching. - - Update omniauth-saml to 1.6.0 !4951 - -## 8.7.7 - - - Fix import by `Any Git URL` broken if the URL contains a space - - Prevent unauthorized access to other projects build traces - - Forbid scripting for wiki files - - Only show notes through JSON on confidential issues that the user has access to - -## 8.7.6 - - - Fix links on wiki pages for relative url setups. !4131 (Artem Sidorenko) - - Fix import from GitLab.com to a private instance failure. !4181 - - Fix external imports not finding the import data. !4106 - - Fix notification delay when changing status of an issue - - Bump Workhorse to 0.7.5 so it can serve raw diffs - -## 8.7.5 - - - Fix relative links in wiki pages. !4050 - - Fix always showing build notification message when switching between merge requests !4086 - - Fix an issue when filtering merge requests with more than one label. !3886 - - Fix short note for the default scope on build page (Takuya Noguchi) - -## 8.7.4 - - - Links for Redmine issue references are generated correctly again !4048 (Benedikt Huss) - - Fix setting trusted proxies !3970 - - Fix BitBucket importer bug when throwing exceptions !3941 - - Use sign out path only if not empty !3989 - - Running rake gitlab:db:drop_tables now drops tables with cascade !4020 - - Running rake gitlab:db:drop_tables uses "IF EXISTS" as a precaution !4100 - - Use a case-insensitive comparison in sanitizing URI schemes - -## 8.7.3 - - - Emails, Gitlab::Email::Message, Gitlab::Diff, and Premailer::Adapter::Nokogiri are now instrumented - - Merge request widget displays TeamCity build state and code coverage correctly again. - - Fix the line code when importing PR review comments from GitHub. !4010 - - Wikis are now initialized on legacy projects when checking repositories - - Remove animate.css in favor of a smaller subset of animations. !3937 (Connor Shea) - -## 8.7.2 - - - The "New Branch" button is now loaded asynchronously - - Fix error 500 when trying to create a wiki page - - Updated spacing between notification label and button - - Label titles in filters are now escaped properly - -## 8.7.1 - - - Throttle the update of `project.last_activity_at` to 1 minute. !3848 - - Fix .gitlab-ci.yml parsing issue when hidde job is a template without script definition. !3849 - - Fix license detection to detect all license files, not only known licenses. !3878 - - Use the `can?` helper instead of `current_user.can?`. !3882 - - Prevent users from deleting Webhooks via API they do not own - - Fix Error 500 due to stale cache when projects are renamed or transferred - - Update width of search box to fix Safari bug. !3900 (Jedidiah) - - Use the `can?` helper instead of `current_user.can?` - -## 8.7.0 (2016-04-22) - - - Gitlab::GitAccess and Gitlab::GitAccessWiki are now instrumented - - Fix vulnerability that made it possible to gain access to private labels and milestones - - The number of InfluxDB points stored per UDP packet can now be configured - - Fix error when cross-project label reference used with non-existent project - - Transactions for /internal/allowed now have an "action" tag set - - Method instrumentation now uses Module#prepend instead of aliasing methods - - Repository.clean_old_archives is now instrumented - - Add support for environment variables on a job level in CI configuration file - - SQL query counts are now tracked per transaction - - The Projects::HousekeepingService class has extra instrumentation - - All service classes (those residing in app/services) are now instrumented - - Developers can now add custom tags to transactions - - Loading of an issue's referenced merge requests and related branches is now done asynchronously - - Enable gzip for assets, makes the page size significantly smaller. !3544 / !3632 (Connor Shea) - - Add support to cherry-pick any commit into any branch in the web interface (Minqi Pan) - - Project switcher uses new dropdown styling - - Load award emoji images separately unless opening the full picker. Saves several hundred KBs of data for most pages. (Connor Shea) - - Do not include award_emojis in issue and merge_request comment_count !3610 (Lucas Charles) - - Restrict user profiles when public visibility level is restricted. - - Add ability set due date to issues, sort and filter issues by due date (Mehmet Beydogan) - - All images in discussions and wikis now link to their source files !3464 (Connor Shea). - - Return status code 303 after a branch DELETE operation to avoid project deletion (Stan Hu) - - Add setting for customizing the list of trusted proxies !3524 - - Allow projects to be transfered to a lower visibility level group - - Fix `signed_in_ip` being set to 127.0.0.1 when using a reverse proxy !3524 - - Improved Markdown rendering performance !3389 - - Make shared runners text in box configurable - - Don't attempt to look up an avatar in repo if repo directory does not exist (Stan Hu) - - API: Ability to subscribe and unsubscribe from issues and merge requests (Robert Schilling) - - Expose project badges in project settings - - Make /profile/keys/new redirect to /profile/keys for back-compat. !3717 - - Preserve time notes/comments have been updated at when moving issue - - Make HTTP(s) label consistent on clone bar (Stan Hu) - - Add support for `after_script`, requires Runner 1.2 (Kamil Trzciński) - - Expose label description in API (Mariusz Jachimowicz) - - API: Ability to update a group (Robert Schilling) - - API: Ability to move issues (Robert Schilling) - - Fix Error 500 after renaming a project path (Stan Hu) - - Fix a bug whith trailing slash in teamcity_url (Charles May) - - Allow back dating on issues when created or updated through the API - - Allow back dating on issue notes when created through the API - - Propose license template when creating a new LICENSE file - - API: Expose /licenses and /licenses/:key - - Fix avatar stretching by providing a cropping feature - - API: Expose `subscribed` for issues and merge requests (Robert Schilling) - - Allow SAML to handle external users based on user's information !3530 - - Allow Omniauth providers to be marked as `external` !3657 - - Add endpoints to archive or unarchive a project !3372 - - Fix a bug whith trailing slash in bamboo_url - - Add links to CI setup documentation from project settings and builds pages - - Display project members page to all members - - Handle nil descriptions in Slack issue messages (Stan Hu) - - Add automated repository integrity checks (OFF by default) - - API: Expose open_issues_count, closed_issues_count, open_merge_requests_count for labels (Robert Schilling) - - API: Ability to star and unstar a project (Robert Schilling) - - Add default scope to projects to exclude projects pending deletion - - Allow to close merge requests which source projects(forks) are deleted. - - Ensure empty recipients are rejected in BuildsEmailService - - Use rugged to change HEAD in Project#change_head (P.S.V.R) - - API: Ability to filter milestones by state `active` and `closed` (Robert Schilling) - - API: Fix milestone filtering by `iid` (Robert Schilling) - - Make before_script and after_script overridable on per-job (Kamil Trzciński) - - API: Delete notes of issues, snippets, and merge requests (Robert Schilling) - - Implement 'Groups View' as an option for dashboard preferences !3379 (Elias W.) - - Better errors handling when creating milestones inside groups - - Fix high CPU usage when PostReceive receives refs/merge-requests/ - - Hide `Create a group` help block when creating a new project in a group - - Implement 'TODOs View' as an option for dashboard preferences !3379 (Elias W.) - - Allow issues and merge requests to be assigned to the author !2765 - - Make Ci::Commit to group only similar builds and make it stateful (ref, tag) - - Gracefully handle notes on deleted commits in merge requests (Stan Hu) - - Decouple membership and notifications - - Fix creation of merge requests for orphaned branches (Stan Hu) - - API: Ability to retrieve a single tag (Robert Schilling) - - While signing up, don't persist the user password across form redisplays - - Fall back to `In-Reply-To` and `References` headers when sub-addressing is not available (David Padilla) - - Remove "Congratulations!" tweet button on newly-created project. (Connor Shea) - - Fix admin/projects when using visibility levels on search (PotHix) - - Build status notifications - - Update email confirmation interface - - API: Expose user location (Robert Schilling) - - API: Do not leak group existence via return code (Robert Schilling) - - ClosingIssueExtractor regex now also works with colons. e.g. "Fixes: #1234" !3591 - - Update number of Todos in the sidebar when it's marked as "Done". !3600 - - Sanitize branch names created for confidential issues - - API: Expose 'updated_at' for issue, snippet, and merge request notes (Robert Schilling) - - API: User can leave a project through the API when not master or owner. !3613 - - Fix repository cache invalidation issue when project is recreated with an empty repo (Stan Hu) - - Fix: Allow empty recipients list for builds emails service when pushed is added (Frank Groeneveld) - - Improved markdown forms - - Diff design updates (colors, button styles, etc) - - Copying and pasting a diff no longer pastes the line numbers or +/- - - Add null check to formData when updating profile content to fix Firefox bug - - Disable spellcheck and autocorrect for username field in admin page - - Delete tags using Rugged for performance reasons (Robert Schilling) - - Add Slack notifications when Wiki is edited (Sebastian Klier) - - Diffs load at the correct point when linking from from number - - Selected diff rows highlight - - Fix emoji categories in the emoji picker - - API: Properly display annotated tags for GET /projects/:id/repository/tags (Robert Schilling) - - Add encrypted credentials for imported projects and migrate old ones - - Properly format all merge request references with ! rather than # !3740 (Ben Bodenmiller) - - Author and participants are displayed first on users autocompletion - - Show number sign on external issue reference text (Florent Baldino) - - Updated print style for issues - - Use GitHub Issue/PR number as iid to keep references - - Import GitHub labels - - Add option to filter by "Owned projects" on dashboard page - - Import GitHub milestones - - Execute system web hooks on push to the project - - Allow enable/disable push events for system hooks - - Fix GitHub project's link in the import page when provider has a custom URL - - Add RAW build trace output and button on build page - - Add incremental build trace update into CI API - -## 8.6.9 - - - Prevent unauthorized access to other projects build traces - - Forbid scripting for wiki files - - Only show notes through JSON on confidential issues that the user has access to - -## 8.6.8 - - - Prevent privilege escalation via "impersonate" feature - - Prevent privilege escalation via notes API - - Prevent privilege escalation via project webhook API - - Prevent XSS via Git branch and tag names - - Prevent XSS via custom issue tracker URL - - Prevent XSS via `window.opener` - - Prevent XSS via label drop-down - - Prevent information disclosure via milestone API - - Prevent information disclosure via snippet API - - Prevent information disclosure via project labels - - Prevent information disclosure via new merge request page - -## 8.6.7 - - - Fix persistent XSS vulnerability in `commit_person_link` helper - - Fix persistent XSS vulnerability in Label and Milestone dropdowns - - Fix vulnerability that made it possible to enumerate private projects belonging to group - -## 8.6.6 - - - Expire the exists cache before deletion to ensure project dir actually exists (Stan Hu). !3413 - - Fix error on language detection when repository has no HEAD (e.g., master branch) (Jeroen Bobbeldijk). !3654 - - Fix revoking of authorized OAuth applications (Connor Shea). !3690 - - Fix error on language detection when repository has no HEAD (e.g., master branch). !3654 (Jeroen Bobbeldijk) - - Issuable header is consistent between issues and merge requests - - Improved spacing in issuable header on mobile - -## 8.6.5 - - - Fix importing from GitHub Enterprise. !3529 - - Perform the language detection after updating merge requests in `GitPushService`, leading to faster visual feedback for the end-user. !3533 - - Check permissions when user attempts to import members from another project. !3535 - - Only update repository language if it is not set to improve performance. !3556 - - Return status code 303 after a branch DELETE operation to avoid project deletion (Stan Hu). !3583 - - Unblock user when active_directory is disabled and it can be found !3550 - - Fix a 2FA authentication spoofing vulnerability. - -## 8.6.4 - - - Don't attempt to fetch any tags from a forked repo (Stan Hu) - - Redesign the Labels page - -## 8.6.3 - - - Mentions on confidential issues doesn't create todos for non-members. !3374 - - Destroy related todos when an Issue/MR is deleted. !3376 - - Fix error 500 when target is nil on todo list. !3376 - - Fix copying uploads when moving issue to another project. !3382 - - Ensuring Merge Request API returns boolean values for work_in_progress (Abhi Rao). !3432 - - Fix raw/rendered diff producing different results on merge requests. !3450 - - Fix commit comment alignment (Stan Hu). !3466 - - Fix Error 500 when searching for a comment in a project snippet. !3468 - - Allow temporary email as notification email. !3477 - - Fix issue with dropdowns not selecting values. !3478 - - Update gitlab-shell version and doc to 2.6.12. gitlab-org/gitlab-ee!280 - -## 8.6.2 - - - Fix dropdown alignment. !3298 - - Fix issuable sidebar overlaps on tablet. !3299 - - Make dropdowns pixel perfect. !3337 - - Fix order of steps to prevent PostgreSQL errors when running migration. !3355 - - Fix bold text in issuable sidebar. !3358 - - Fix error with anonymous token in applications settings. !3362 - - Fix the milestone 'upcoming' filter. !3364 + !3368 - - Fix comments on confidential issues showing up in activity feed to non-members. !3375 - - Fix `NoMethodError` when visiting CI root path at `/ci`. !3377 - - Add a tooltip to new branch button in issue page. !3380 - - Fix an issue hiding the password form when signed-in with a linked account. !3381 - - Add links to CI setup documentation from project settings and builds pages. !3384 - - Fix an issue with width of project select dropdown. !3386 - - Remove redundant `require`s from Banzai files. !3391 - - Fix error 500 with cancel button on issuable edit form. !3392 + !3417 - - Fix background when editing a highlighted note. !3423 - - Remove tabstop from the WIP toggle links. !3426 - - Ensure private project snippets are not viewable by unauthorized people. - - Gracefully handle notes on deleted commits in merge requests (Stan Hu). !3402 - - Fixed issue with notification settings not saving. !3452 - -## 8.6.1 - - - Add option to reload the schema before restoring a database backup. !2807 - - Display navigation controls on mobile. !3214 - - Fixed bug where participants would not work correctly on merge requests. !3329 - - Fix sorting issues by votes on the groups issues page results in SQL errors. !3333 - - Restrict notifications for confidential issues. !3334 - - Do not allow to move issue if it has not been persisted. !3340 - - Add a confirmation step before deleting an issuable. !3341 - - Fixes issue with signin button overflowing on mobile. !3342 - - Auto collapses the navigation sidebar when resizing. !3343 - - Fix build dependencies, when the dependency is a string. !3344 - - Shows error messages when trying to create label in dropdown menu. !3345 - - Fixes issue with assign milestone not loading milestone list. !3346 - - Fix an issue causing the Dashboard/Milestones page to be blank. !3348 - -## 8.6.0 (2016-03-22) - - - Add ability to move issue to another project - - Prevent tokens in the import URL to be showed by the UI - - Fix bug where wrong commit ID was being used in a merge request diff to show old image (Stan Hu) - - Add confidential issues - - Bump gitlab_git to 9.0.3 (Stan Hu) - - Fix diff image view modes (2-up, swipe, onion skin) not working (Stan Hu) - - Support Golang subpackage fetching (Stan Hu) - - Bump Capybara gem to 2.6.2 (Stan Hu) - - New branch button appears on issues where applicable - - Contributions to forked projects are included in calendar - - Improve the formatting for the user page bio (Connor Shea) - - Easily (un)mark merge request as WIP using link - - Use specialized system notes when MR is (un)marked as WIP - - Removed the default password from the initial admin account created during - setup. A password can be provided during setup (see installation docs), or - GitLab will ask the user to create a new one upon first visit. - - Fix issue when pushing to projects ending in .wiki - - Properly display YAML front matter in Markdown - - Add support for wiki with UTF-8 page names (Hiroyuki Sato) - - Fix wiki search results point to raw source (Hiroyuki Sato) - - Don't load all of GitLab in mail_room - - Add information about `image` and `services` field at `job` level in the `.gitlab-ci.yml` documentation (Pat Turner) - - HTTP error pages work independently from location and config (Artem Sidorenko) - - Update `omniauth-saml` to 1.5.0 to allow for custom response attributes to be set - - Memoize @group in Admin::GroupsController (Yatish Mehta) - - Indicate how much an MR diverged from the target branch (Pierre de La Morinerie) - - Added omniauth-auth0 Gem (Daniel Carraro) - - Add label description in tooltip to labels in issue index and sidebar - - Strip leading and trailing spaces in URL validator (evuez) - - Add "last_sign_in_at" and "confirmed_at" to GET /users/* API endpoints for admins (evuez) - - Return empty array instead of 404 when commit has no statuses in commit status API - - Decrease the font size and the padding of the `.anchor` icons used in the README (Roberto Dip) - - Rewrite logo to simplify SVG code (Sean Lang) - - Allow to use YAML anchors when parsing the `.gitlab-ci.yml` (Pascal Bach) - - Ignore jobs that start with `.` (hidden jobs) - - Hide builds from project's settings when the feature is disabled - - Allow to pass name of created artifacts archive in `.gitlab-ci.yml` - - Refactor and greatly improve search performance - - Add support for cross-project label references - - Ensure "new SSH key" email do not ends up as dead Sidekiq jobs - - Update documentation to reflect Guest role not being enforced on internal projects - - Allow search for logged out users - - Allow to define on which builds the current one depends on - - Allow user subscription to a label: get notified for issues/merge requests related to that label (Timothy Andrew) - - Fix bug where Bitbucket `closed` issues were imported as `opened` (Iuri de Silvio) - - Don't show Issues/MRs from archived projects in Groups view - - Fix wrong "iid of max iid" in Issuable sidebar for some merged MRs - - Fix empty source_sha on Merge Request when there is no diff (Pierre de La Morinerie) - - Increase the notes polling timeout over time (Roberto Dip) - - Add shortcut to toggle markdown preview (Florent Baldino) - - Show labels in dashboard and group milestone views - - Fix an issue when the target branch of a MR had been deleted - - Add main language of a project in the list of projects (Tiago Botelho) - - Add #upcoming filter to Milestone filter (Tiago Botelho) - - Add ability to show archived projects on dashboard, explore and group pages - - Remove fork link closes all merge requests opened on source project (Florent Baldino) - - Move group activity to separate page - - Create external users which are excluded of internal and private projects unless access was explicitly granted - - Continue parameters are checked to ensure redirection goes to the same instance - - User deletion is now done in the background so the request can not time out - - Canceled builds are now ignored in compound build status if marked as `allowed to fail` - - Trigger a todo for mentions on commits page - - Let project owners and admins soft delete issues and merge requests - -## 8.5.13 - - - Prevent unauthorized access to other projects build traces - - Forbid scripting for wiki files - -## 8.5.12 - - - Prevent privilege escalation via "impersonate" feature - - Prevent privilege escalation via notes API - - Prevent privilege escalation via project webhook API - - Prevent XSS via Git branch and tag names - - Prevent XSS via custom issue tracker URL - - Prevent XSS via `window.opener` - - Prevent information disclosure via snippet API - - Prevent information disclosure via project labels - - Prevent information disclosure via new merge request page - -## 8.5.11 - - - Fix persistent XSS vulnerability in `commit_person_link` helper - -## 8.5.10 - - - Fix a 2FA authentication spoofing vulnerability. - -## 8.5.9 - - - Don't attempt to fetch any tags from a forked repo (Stan Hu). - -## 8.5.8 - - - Bump Git version requirement to 2.7.4 - -## 8.5.7 - - - Bump Git version requirement to 2.7.3 - -## 8.5.6 - - - Obtain a lease before querying LDAP - -## 8.5.5 - - - Ensure removing a project removes associated Todo entries - - Prevent a 500 error in Todos when author was removed - - Fix pagination for filtered dashboard and explore pages - - Fix "Show all" link behavior - -## 8.5.4 - - - Do not cache requests for badges (including builds badge) - -## 8.5.3 - - - Flush repository caches before renaming projects - - Sort starred projects on dashboard based on last activity by default - - Show commit message in JIRA mention comment - - Makes issue page and merge request page usable on mobile browsers. - - Improved UI for profile settings - -## 8.5.2 - - - Fix sidebar overlapping content when screen width was below 1200px - - Don't repeat labels listed on Labels tab - - Bring the "branded appearance" feature from EE to CE - - Fix error 500 when commenting on a commit - - Show days remaining instead of elapsed time for Milestone - - Fix broken icons on installations with relative URL (Artem Sidorenko) - - Fix issue where tag list wasn't refreshed after deleting a tag - - Fix import from gitlab.com (KazSawada) - - Improve implementation to check read access to forks and add pagination - - Don't show any "2FA required" message if it's not actually required - - Fix help keyboard shortcut on relative URL setups (Artem Sidorenko) - - Update Rails to 4.2.5.2 - - Fix permissions for deprecated CI build status badge - - Don't show "Welcome to GitLab" when the search didn't return any projects - - Add Todos documentation - -## 8.5.1 - - - Fix group projects styles - - Show Crowd login tab when sign in is disabled and Crowd is enabled (Peter Hudec) - - Fix a set of small UI glitches in project, profile, and wiki pages - - Restrict permissions on public/uploads - - Fix the merge request side-by-side view after loading diff results - - Fix the look of tooltip for the "Revert" button - - Add when the Builds & Runners API changes got introduced - - Fix error 500 on some merged merge requests - - Fix an issue causing the content of the issuable sidebar to disappear - - Fix error 500 when trying to mark an already done todo as "done" - - Fix an issue where MRs weren't sortable - - Issues can now be dragged & dropped into empty milestone lists. This is also - possible with MRs - - Changed padding & background color for highlighted notes - - Re-add the newrelic_rpm gem which was removed without any deprecation or warning (Stan Hu) - - Update sentry-raven gem to 0.15.6 - - Add build coverage in project's builds page (Steffen Köhler) - - Changed # to ! for merge requests in activity view - -## 8.5.0 (2016-02-22) - - - Fix duplicate "me" in tooltip of the "thumbsup" awards Emoji (Stan Hu) - - Cache various Repository methods to improve performance - - Fix duplicated branch creation/deletion Webhooks/service notifications when using Web UI (Stan Hu) - - Ensure rake tasks that don't need a DB connection can be run without one - - Update New Relic gem to 3.14.1.311 (Stan Hu) - - Add "visibility" flag to GET /projects api endpoint - - Add an option to supply root email through an environmental variable (Koichiro Mikami) - - Ignore binary files in code search to prevent Error 500 (Stan Hu) - - Render sanitized SVG images (Stan Hu) - - Support download access by PRIVATE-TOKEN header (Stan Hu) - - Upgrade gitlab_git to 7.2.23 to fix commit message mentions in first branch push - - Add option to include the sender name in body of Notify email (Jason Lee) - - New UI for pagination - - Don't prevent sign out when 2FA enforcement is enabled and user hasn't yet - set it up - - API: Added "merge_requests/:merge_request_id/closes_issues" (Gal Schlezinger) - - Fix diff comments loaded by AJAX to load comment with diff in discussion tab - - Fix relative links in other markup formats (Ben Boeckel) - - Whitelist raw "abbr" elements when parsing Markdown (Benedict Etzel) - - Fix label links for a merge request pointing to issues list - - Don't vendor minified JS - - Increase project import timeout to 15 minutes - - Be more permissive with email address validation: it only has to contain a single '@' - - Display 404 error on group not found - - Track project import failure - - Support Two-factor Authentication for LDAP users - - Display database type and version in Administration dashboard - - Allow limited Markdown in Broadcast Messages - - Fix visibility level text in admin area (Zeger-Jan van de Weg) - - Warn admin during OAuth of granting admin rights (Zeger-Jan van de Weg) - - Update the ExternalIssue regex pattern (Blake Hitchcock) - - Remember user's inline/side-by-side diff view preference in a cookie (Kirill Katsnelson) - - Optimized performance of finding issues to be closed by a merge request - - Add `avatar_url`, `description`, `git_ssh_url`, `git_http_url`, `path_with_namespace` - and `default_branch` in `project` in push, issue, merge-request and note webhooks data (Kirill Zaitsev) - - Deprecate the `ssh_url` in favor of `git_ssh_url` and `http_url` in favor of `git_http_url` - in `project` for push, issue, merge-request and note webhooks data (Kirill Zaitsev) - - Deprecate the `repository` key in push, issue, merge-request and note webhooks data, use `project` instead (Kirill Zaitsev) - - API: Expose MergeRequest#merge_status (Andrei Dziahel) - - Revert "Add IP check against DNSBLs at account sign-up" - - Actually use the `skip_merges` option in Repository#commits (Tony Chu) - - Fix API to keep request parameters in Link header (Michael Potthoff) - - Deprecate API "merge_request/:merge_request_id/comments". Use "merge_requests/:merge_request_id/notes" instead - - Deprecate API "merge_request/:merge_request_id/...". Use "merge_requests/:merge_request_id/..." instead - - Prevent parse error when name of project ends with .atom and prevent path issues - - Discover branches for commit statuses ref-less when doing merge when succeeded - - Mark inline difference between old and new paths when a file is renamed - - Support Akismet spam checking for creation of issues via API (Stan Hu) - - API: Allow to set or update a merge-request's milestone (Kirill Skachkov) - - Improve UI consistency between projects and groups lists - - Add sort dropdown to dashboard projects page - - Fixed logo animation on Safari (Roman Rott) - - Fix Merge When Succeeded when multiple stages - - Hide remove source branch button when the MR is merged but new commits are pushed (Zeger-Jan van de Weg) - - In seach autocomplete show only groups and projects you are member of - - Don't process cross-reference notes from forks - - Fix: init.d script not working on OS X - - Faster snippet search - - Added API to download build artifacts - - Title for milestones should be unique (Zeger-Jan van de Weg) - - Validate correctness of maximum attachment size application setting - - Replaces "Create merge request" link with one to the "Merge Request" when one exists - - Fix CI builds badge, add a new link to builds badge, deprecate the old one - - Fix broken link to project in build notification emails - - Ability to see and sort on vote count from Issues and MR lists - - Fix builds scheduler when first build in stage was allowed to fail - - User project limit is reached notice is hidden if the projects limit is zero - - Add API support for managing runners and project's runners - - Allow SAML users to login with no previous account without having to allow - all Omniauth providers to do so. - - Allow existing users to auto link their SAML credentials by logging in via SAML - - Make it possible to erase a build (trace, artifacts) using UI and API - - Ability to revert changes from a Merge Request or Commit - - Emoji comment on diffs are not award emoji - - Add label description (Nuttanart Pornprasitsakul) - - Show label row when filtering issues or merge requests by label (Nuttanart Pornprasitsakul) - - Add Todos - -## 8.4.11 - - - Prevent unauthorized access to other projects build traces - - Forbid scripting for wiki files - -## 8.4.10 - - - Prevent privilege escalation via "impersonate" feature - - Prevent privilege escalation via notes API - - Prevent privilege escalation via project webhook API - - Prevent XSS via Git branch and tag names - - Prevent XSS via custom issue tracker URL - - Prevent XSS via `window.opener` - - Prevent information disclosure via snippet API - - Prevent information disclosure via project labels - - Prevent information disclosure via new merge request page - -## 8.4.9 - - - Fix persistent XSS vulnerability in `commit_person_link` helper - -## 8.4.8 - - - Fix a 2FA authentication spoofing vulnerability. - -## 8.4.7 - - - Don't attempt to fetch any tags from a forked repo (Stan Hu). - -## 8.4.6 - - - Bump Git version requirement to 2.7.4 - -## 8.4.5 - - - No CE-specific changes - -## 8.4.4 - - - Update omniauth-saml gem to 1.4.2 - - Prevent long-running backup tasks from timing out the database connection - - Add a Project setting to allow guests to view build logs (defaults to true) - - Sort project milestones by due date including issue editor (Oliver Rogers / Orih) - -## 8.4.3 - - - Increase lfs_objects size column to 8-byte integer to allow files larger - than 2.1GB - - Correctly highlight MR diff when MR has merge conflicts - - Fix highlighting in blame view - - Update sentry-raven gem to prevent "Not a git repository" console output - when running certain commands - - Add instrumentation to additional Gitlab::Git and Rugged methods for - performance monitoring - - Allow autosize textareas to also be manually resized - -## 8.4.2 - - - Bump required gitlab-workhorse version to bring in a fix for missing - artifacts in the build artifacts browser - - Get rid of those ugly borders on the file tree view - - Fix updating the runner information when asking for builds - - Bump gitlab_git version to 7.2.24 in order to bring in a performance - improvement when checking if a repository was empty - - Add instrumentation for Gitlab::Git::Repository instance methods so we can - track them in Performance Monitoring. - - Increase contrast between highlighted code comments and inline diff marker - - Fix method undefined when using external commit status in builds - - Fix highlighting in blame view. - -## 8.4.1 - - - Apply security updates for Rails (4.2.5.1), rails-html-sanitizer (1.0.3), - and Nokogiri (1.6.7.2) - - Fix redirect loop during import - - Fix diff highlighting for all syntax themes - - Delete project and associations in a background worker - -## 8.4.0 (2016-01-22) - - - Allow LDAP users to change their email if it was not set by the LDAP server - - Ensure Gravatar host looks like an actual host - - Consider re-assign as a mention from a notification point of view - - Add pagination headers to already paginated API resources - - Properly generate diff of orphan commits, like the first commit in a repository - - Improve the consistency of commit titles, branch names, tag names, issue/MR titles, on their respective project pages - - Autocomplete data is now always loaded, instead of when focusing a comment text area - - Improved performance of finding issues for an entire group - - Added custom application performance measuring system powered by InfluxDB - - Add syntax highlighting to diffs - - Gracefully handle invalid UTF-8 sequences in Markdown links (Stan Hu) - - Bump fog to 1.36.0 (Stan Hu) - - Add user's last used IP addresses to admin page (Stan Hu) - - Add housekeeping function to project settings page - - The default GitLab logo now acts as a loading indicator - - Fix caching issue where build status was not updating in project dashboard (Stan Hu) - - Accept 2xx status codes for successful Webhook triggers (Stan Hu) - - Fix missing date of month in network graph when commits span a month (Stan Hu) - - Expire view caches when application settings change (e.g. Gravatar disabled) (Stan Hu) - - Don't notify users twice if they are both project watchers and subscribers (Stan Hu) - - Remove gray background from layout in UI - - Fix signup for OAuth providers that don't provide a name - - Implement new UI for group page - - Implement search inside emoji picker - - Let the CI runner know about builds that this build depends on - - Add API support for looking up a user by username (Stan Hu) - - Add project permissions to all project API endpoints (Stan Hu) - - Link to milestone in "Milestone changed" system note - - Only allow group/project members to mention `@all` - - Expose Git's version in the admin area (Trey Davis) - - Add "Frequently used" category to emoji picker - - Add CAS support (tduehr) - - Add link to merge request on build detail page - - Fix: Problem with projects ending with .keys (Jose Corcuera) - - Revert back upvote and downvote button to the issue and MR pages - - Swap position of Assignee and Author selector on Issuables (Zeger-Jan van de Weg) - - Add system hook messages for project rename and transfer (Steve Norman) - - Fix version check image in Safari - - Show 'All' tab by default in the builds page - - Add Open Graph and Twitter Card data to all pages - - Fix API project lookups when querying with a namespace with dots (Stan Hu) - - Enable forcing Two-factor authentication sitewide, with optional grace period - - Import GitHub Pull Requests into GitLab - - Change single user API endpoint to return more detailed data (Michael Potthoff) - - Update version check images to use SVG - - Validate README format before displaying - - Enable Microsoft Azure OAuth2 support (Janis Meybohm) - - Properly set task-list class on single item task lists - - Add file finder feature in tree view (Kyungchul Shin) - - Ajax filter by message for commits page - - API: Add support for deleting a tag via the API (Robert Schilling) - - Allow subsequent validations in CI Linter - - Show referenced MRs & Issues only when the current viewer can access them - - Fix Encoding::CompatibilityError bug when markdown content has some complex URL (Jason Lee) - - Add API support for managing project's builds - - Add API support for managing project's build triggers - - Add API support for managing project's build variables - - Allow broadcast messages to be edited - - Autosize Markdown textareas - - Import GitHub wiki into GitLab - - Add reporters ability to download and browse build artifacts (Andrew Johnson) - - Autofill referring url in message box when reporting user abuse. - - Remove leading comma on award emoji when the user is the first to award the emoji (Zeger-Jan van de Weg) - - Add build artifacts browser - - Improve UX in builds artifacts browser - - Increase default size of `data` column in `events` table when using MySQL - - Expose button to CI Lint tool on project builds page - - Fix: Creator should be added as a master of the project on creation - - Added X-GitLab-... headers to emails from CI and Email On Push services (Anton Baklanov) - - Add IP check against DNSBLs at account sign-up - - Added cache:key to .gitlab-ci.yml allowing to fine tune the caching - -## 8.3.10 - - - Prevent unauthorized access to other projects build traces - - Forbid scripting for wiki files - -## 8.3.9 - - - Prevent privilege escalation via "impersonate" feature - - Prevent privilege escalation via notes API - - Prevent privilege escalation via project webhook API - - Prevent XSS via custom issue tracker URL - - Prevent XSS via `window.opener` - - Prevent information disclosure via project labels - - Prevent information disclosure via new merge request page - -## 8.3.8 - - - Fix persistent XSS vulnerability in `commit_person_link` helper - -## 8.3.7 - - - Fix a 2FA authentication spoofing vulnerability. - -## 8.3.6 - - - Don't attempt to fetch any tags from a forked repo (Stan Hu). - -## 8.3.5 - - - Bump Git version requirement to 2.7.4 - -## 8.3.4 - - - Use gitlab-workhorse 0.5.4 (fixes API routing bug) - -## 8.3.3 - - - Preserve CE behavior with JIRA integration by only calling API if URL is set - - Fix duplicated branch creation/deletion events when using Web UI (Stan Hu) - - Add configurable LDAP server query timeout - - Get "Merge when build succeeds" to work when commits were pushed to MR target branch while builds were running - - Suppress e-mails on failed builds if allow_failure is set (Stan Hu) - - Fix project transfer e-mail sending incorrect paths in e-mail notification (Stan Hu) - - Better support for referencing and closing issues in Asana service (Mike Wyatt) - - Enable "Add key" button when user fills in a proper key (Stan Hu) - - Fix error in processing reply-by-email messages (Jason Lee) - - Fix Error 500 when visiting build page of project with nil runners_token (Stan Hu) - - Use WOFF versions of SourceSansPro fonts - - Fix regression when builds were not generated for tags created through web/api interface - - Fix: maintain milestone filter between Open and Closed tabs (Greg Smethells) - - Fix missing artifacts and build traces for build created before 8.3 - -## 8.3.2 - - - Disable --follow in `git log` to avoid loading duplicate commit data in infinite scroll (Stan Hu) - - Add support for Google reCAPTCHA in user registration - -## 8.3.1 - - - Fix Error 500 when global milestones have slashes (Stan Hu) - - Fix Error 500 when doing a search in dashboard before visiting any project (Stan Hu) - - Fix LDAP identity and user retrieval when special characters are used - - Move Sidekiq-cron configuration to gitlab.yml - -## 8.3.0 (2015-12-22) - - - Bump rack-attack to 4.3.1 for security fix (Stan Hu) - - API support for starred projects for authorized user (Zeger-Jan van de Weg) - - Add open_issues_count to project API (Stan Hu) - - Expand character set of usernames created by Omniauth (Corey Hinshaw) - - Add button to automatically merge a merge request when the build succeeds (Zeger-Jan van de Weg) - - Add unsubscribe link in the email footer (Zeger-Jan van de Weg) - - Provide better diagnostic message upon project creation errors (Stan Hu) - - Bump devise to 3.5.3 to fix reset token expiring after account creation (Stan Hu) - - Remove api credentials from link to build_page - - Deprecate GitLabCiService making it to always be inactive - - Bump gollum-lib to 4.1.0 (Stan Hu) - - Fix broken group avatar upload under "New group" (Stan Hu) - - Update project repositorize size and commit count during import:repos task (Stan Hu) - - Fix API setting of 'public' attribute to false will make a project private (Stan Hu) - - Handle and report SSL errors in Webhook test (Stan Hu) - - Bump Redis requirement to 2.8 for Sidekiq 4 (Stan Hu) - - Fix: Assignee selector is empty when 'Unassigned' is selected (Jose Corcuera) - - WIP identifier on merge requests no longer requires trailing space - - Add rake tasks for git repository maintainance (Zeger-Jan van de Weg) - - Fix 500 error when update group member permission - - Fix: As an admin, cannot add oneself as a member to a group/project - - Trim leading and trailing whitespace of milestone and issueable titles (Jose Corcuera) - - Recognize issue/MR/snippet/commit links as references - - Backport JIRA features from EE to CE - - Add ignore whitespace change option to commit view - - Fire update hook from GitLab - - Allow account unlock via email - - Style warning about mentioning many people in a comment - - Fix: sort milestones by due date once again (Greg Smethells) - - Migrate all CI::Services and CI::WebHooks to Services and WebHooks - - Don't show project fork event as "imported" - - Add API endpoint to fetch merge request commits list - - Don't create CI status for refs that doesn't have .gitlab-ci.yml, even if the builds are enabled - - Expose events API with comment information and author info - - Fix: Ensure "Remove Source Branch" button is not shown when branch is being deleted. #3583 - - Run custom Git hooks when branch is created or deleted. - - Fix bug when simultaneously accepting multiple MRs results in MRs that are of "merged" status, but not merged to the target branch - - Add languages page to graphs - - Block LDAP user when they are no longer found in the LDAP server - - Improve wording on project visibility levels (Zeger-Jan van de Weg) - - Fix editing notes on a merge request diff - - Automatically select default clone protocol based on user preferences (Eirik Lygre) - - Make Network page as sub tab of Commits - - Add copy-to-clipboard button for Snippets - - Add indication to merge request list item that MR cannot be merged automatically - - Default target branch to patch-n when editing file in protected branch - - Add Builds tab to merge request detail page - - Allow milestones, issues and MRs to be created from dashboard and group indexes - - Use new style for wiki - - Use new style for milestone detail page - - Fix sidebar tooltips when collapsed - - Prevent possible XSS attack with award-emoji - - Upgraded Sidekiq to 4.x - - Accept COPYING,COPYING.lesser, and licence as license file (Zeger-Jan van de Weg) - - Fix emoji aliases problem - - Fix award-emojis Flash alert's width - - Fix deleting notes on a merge request diff - - Display referenced merge request statuses in the issue description (Greg Smethells) - - Implement new sidebar for issue and merge request pages - - Emoji picker improvements - - Suppress warning about missing `.gitlab-ci.yml` if builds are disabled - - Do not show build status unless builds are enabled and `.gitlab-ci.yml` is present - - Persist runners registration token in database - - Fix online editor should not remove newlines at the end of the file - - Expose Git's version in the admin area - - Show "New Merge Request" buttons on canonical repos when you have a fork (Josh Frye) - -## 8.2.6 - - - Prevent unauthorized access to other projects build traces - - Forbid scripting for wiki files - -## 8.2.5 - - - Prevent privilege escalation via "impersonate" feature - - Prevent privilege escalation via notes API - - Prevent privilege escalation via project webhook API - - Prevent XSS via `window.opener` - - Prevent information disclosure via project labels - - Prevent information disclosure via new merge request page - -## 8.2.4 - - - Bump Git version requirement to 2.7.4 - -## 8.2.3 - - - Fix application settings cache not expiring after changes (Stan Hu) - - Fix Error 500s when creating global milestones with Unicode characters (Stan Hu) - - Update documentation for "Guest" permissions - - Properly convert Emoji-only comments into Award Emojis - - Enable devise paranoid mode to prevent user enumeration attack - - Webhook payload has an added, modified and removed properties for each commit - - Fix 500 error when creating a merge request that removes a submodule - -## 8.2.2 - - - Fix 404 in redirection after removing a project (Stan Hu) - - Ensure cached application settings are refreshed at startup (Stan Hu) - - Fix Error 500 when viewing user's personal projects from admin page (Stan Hu) - - Fix: Raw private snippets access workflow - - Prevent "413 Request entity too large" errors when pushing large files with LFS - - Fix invalid links within projects dashboard header - - Make current user the first user in assignee dropdown in issues detail page (Stan Hu) - - Fix: duplicate email notifications on issue comments - -## 8.2.1 - - - Forcefully update builds that didn't want to update with state machine - - Fix: saving GitLabCiService as Admin Template - -## 8.2.0 (2015-11-22) - - - Improved performance of finding projects and groups in various places - - Improved performance of rendering user profile pages and Atom feeds - - Expose build artifacts path as config option - - Fix grouping of contributors by email in graph. - - Improved performance of finding issues with/without labels - - Fix Drone CI service template not saving properly (Stan Hu) - - Fix avatars not showing in Atom feeds and project issues when Gravatar disabled (Stan Hu) - - Added a GitLab specific profiling tool called "Sherlock" (see GitLab CE merge request #1749) - - Upgrade gitlab_git to 7.2.20 and rugged to 0.23.3 (Stan Hu) - - Improved performance of finding users by one of their Email addresses - - Add allow_failure field to commit status API (Stan Hu) - - Commits without .gitlab-ci.yml are marked as skipped - - Save detailed error when YAML syntax is invalid - - Since GitLab CI is enabled by default, remove enabling it by pushing .gitlab-ci.yml - - Added build artifacts - - Improved performance of replacing references in comments - - Show last project commit to default branch on project home page - - Highlight comment based on anchor in URL - - Adds ability to remove the forked relationship from project settings screen. (Han Loong Liauw) - - Improved performance of sorting milestone issues - - Allow users to select the Files view as default project view (Cristian Bica) - - Show "Empty Repository Page" for repository without branches (Artem V. Navrotskiy) - - Fix: Inability to reply to code comments in the MR view, if the MR comes from a fork - - Use git follow flag for commits page when retrieve history for file or directory - - Show merge request CI status on merge requests index page - - Send build name and stage in CI notification e-mail - - Extend yml syntax for only and except to support specifying repository path - - Enable shared runners to all new projects - - Bump GitLab-Workhorse to 0.4.1 - - Allow to define cache in `.gitlab-ci.yml` - - Fix: 500 error returned if destroy request without HTTP referer (Kazuki Shimizu) - - Remove deprecated CI events from project settings page - - Use issue editor as cross reference comment author when issue is edited with a new mention. - - Add graphs of commits ahead and behind default branch (Jeff Stubler) - - Improve personal snippet access workflow (Douglas Alexandre) - - [API] Add ability to fetch the commit ID of the last commit that actually touched a file - - Fix omniauth documentation setting for omnibus configuration (Jon Cairns) - - Add "New file" link to dropdown on project page - - Include commit logs in project search - - Add "added", "modified" and "removed" properties to commit object in webhook - - Rename "Back to" links to "Go to" because its not always a case it point to place user come from - - Allow groups to appear in the search results if the group owner allows it - - Add email notification to former assignee upon unassignment (Adam Lieskovský) - - New design for project graphs page - - Remove deprecated dumped yaml file generated from previous job definitions - - Show specific runners from projects where user is master or owner - - MR target branch is now visible on a list view when it is different from project's default one - - Improve Continuous Integration graphs page - - Make color of "Accept Merge Request" button consistent with current build status - - Add ignore white space option in merge request diff and commit and compare view - - Ability to add release notes (markdown text and attachments) to git tags (aka Releases) - - Relative links from a repositories README.md now link to the default branch - - Fix trailing whitespace issue in merge request/issue title - - Fix bug when milestone/label filter was empty for dashboard issues page - - Add ability to create milestone in group projects from single form - - Add option to create merge request when editing/creating a file (Dirceu Tiegs) - - Prevent the last owner of a group from being able to delete themselves by 'adding' themselves as a master (James Lopez) - - Add Award Emoji to issue and merge request pages - -## 8.1.4 - - - Fix bug where manually merged branches in a MR would end up with an empty diff (Stan Hu) - - Prevent redirect loop when home_page_url is set to the root URL - - Fix incoming email config defaults - - Remove CSS property preventing hard tabs from rendering in Chromium 45 (Stan Hu) - -## 8.1.3 - - - Force update refs/merge-requests/X/head upon a push to the source branch of a merge request (Stan Hu) - - Spread out runner contacted_at updates - - Use issue editor as cross reference comment author when issue is edited with a new mention - - Add Facebook authentication - -## 8.1.2 - - - Fix cloning Wiki repositories via HTTP (Stan Hu) - - Add migration to remove satellites directory - - Fix specific runners visibility - - Fix 500 when editing CI service - - Require CI jobs to be named - - Fix CSS for runner status - - Fix CI badge - - Allow developer to manage builds - -## 8.1.1 - - - Removed, see 8.1.2 - -## 8.1.0 (2015-10-22) - - - Ensure MySQL CI limits DB migrations occur after the fields have been created (Stan Hu) - - Fix duplicate repositories in GitHub import page (Stan Hu) - - Redirect to a default path if HTTP_REFERER is not set (Stan Hu) - - Adds ability to create directories using the web editor (Ben Ford) - - Cleanup stuck CI builds - - Send an email to admin email when a user is reported for spam (Jonathan Rochkind) - - Show notifications button when user is member of group rather than project (Grzegorz Bizon) - - Fix bug preventing mentioned issued from being closed when MR is merged using fast-forward merge. - - Fix nonatomic database update potentially causing project star counts to go negative (Stan Hu) - - Don't show "Add README" link in an empty repository if user doesn't have access to push (Stan Hu) - - Fix error preventing displaying of commit data for a directory with a leading dot (Stan Hu) - - Speed up load times of issue detail pages by roughly 1.5x - - Fix CI rendering regressions - - If a merge request is to close an issue, show this on the issue page (Zeger-Jan van de Weg) - - Add a system note and update relevant merge requests when a branch is deleted or re-added (Stan Hu) - - Make diff file view easier to use on mobile screens (Stan Hu) - - Improved performance of finding users by username or Email address - - Fix bug where merge request comments created by API would not trigger notifications (Stan Hu) - - Add support for creating directories from Files page (Stan Hu) - - Allow removing of project without confirmation when JavaScript is disabled (Stan Hu) - - Support filtering by "Any" milestone or issue and fix "No Milestone" and "No Label" filters (Stan Hu) - - Improved performance of the trending projects page - - Remove CI migration task - - Improved performance of finding projects by their namespace - - Add assignee data to Issuables' hook_data (Bram Daams) - - Fix bug where transferring a project would result in stale commit links (Stan Hu) - - Fix build trace updating - - Include full path of source and target branch names in New Merge Request page (Stan Hu) - - Add user preference to view activities as default dashboard (Stan Hu) - - Add option to admin area to sign in as a specific user (Pavel Forkert) - - Show CI status on all pages where commits list is rendered - - Automatically enable CI when push .gitlab-ci.yml file to repository - - Move CI charts to project graphs area - - Fix cases where Markdown did not render links in activity feed (Stan Hu) - - Add first and last to pagination (Zeger-Jan van de Weg) - - Added Commit Status API - - Added Builds View - - Added when to .gitlab-ci.yml - - Show CI status on commit page - - Added CI_BUILD_TAG, _STAGE, _NAME and _TRIGGERED to CI builds - - Show CI status on Your projects page and Starred projects page - - Remove "Continuous Integration" page from dashboard - - Add notes and SSL verification entries to hook APIs (Ben Boeckel) - - Fix grammar in admin area "labels" .nothing-here-block when no labels exist. - - Move CI runners page to project settings area - - Move CI variables page to project settings area - - Move CI triggers page to project settings area - - Move CI project settings page to CE project settings area - - Fix bug when removed file was not appearing in merge request diff - - Show warning when build cannot be served by any of the available CI runners - - Note the original location of a moved project when notifying users of the move - - Improve error message when merging fails - - Add support of multibyte characters in LDAP UID (Roman Petrov) - - Show additions/deletions stats on merge request diff - - Remove footer text in emails (Zeger-Jan van de Weg) - - Ensure code blocks are properly highlighted after a note is updated - - Fix wrong access level badge on MR comments - - Hide password in the service settings form - - Move CI webhooks page to project settings area - - Fix User Identities API. It now allows you to properly create or update user's identities. - - Add user preference to change layout width (Peter Göbel) - - Use commit status in merge request widget as preferred source of CI status - - Integrate CI commit and build pages into project pages - - Move CI services page to project settings area - - Add "Quick Submit" behavior to input fields throughout the application. Use - Cmd+Enter on Mac and Ctrl+Enter on Windows/Linux. - - Fix position of hamburger in header for smaller screens (Han Loong Liauw) - - Fix bug where Emojis in Markdown would truncate remaining text (Sakata Sinji) - - Persist filters when sorting on admin user page (Jerry Lukins) - - Update style of snippets pages (Han Loong Liauw) - - Allow dashboard and group issues/MRs to be filtered by label - - Add spellcheck=false to certain input fields - - Invalidate stored service password if the endpoint URL is changed - - Project names are not fully shown if group name is too big, even on group page view - - Apply new design for Files page - - Add "New Page" button to Wiki Pages tab (Stan Hu) - - Only render 404 page from /public - - Hide passwords from services API (Alex Lossent) - - Fix: Images cannot show when projects' path was changed - - Let gitlab-git-http-server generate and serve 'git archive' downloads - - Optimize query when filtering on issuables (Zeger-Jan van de Weg) - - Fix padding of outdated discussion item. - - Animate the logo on hover - -## 8.0.5 - - - Correct lookup-by-email for LDAP logins - - Fix loading spinner sometimes not being hidden on Merge Request tab switches - -## 8.0.4 - - - Fix Message-ID header to be RFC 2111-compliant to prevent e-mails being dropped (Stan Hu) - - Fix referrals for :back and relative URL installs - - Fix anchors to comments in diffs - - Remove CI token from build traces - - Fix "Assign All" button on Runner admin page - - Fix search in Files - - Add full project namespace to payload of system webhooks (Ricardo Band) - -## 8.0.3 - - - Fix URL shown in Slack notifications - - Fix bug where projects would appear to be stuck in the forked import state (Stan Hu) - - Fix Error 500 in creating merge requests with > 1000 diffs (Stan Hu) - - Add work_in_progress key to MR webhooks (Ben Boeckel) - -## 8.0.2 - - - Fix default avatar not rendering in network graph (Stan Hu) - - Skip check_initd_configured_correctly on omnibus installs - - Prevent double-prefixing of help page paths - - Clarify confirmation text on user deletion - - Make commit graphs responsive to window width changes (Stan Hu) - - Fix top margin for sign-in button on public pages - - Fix LDAP attribute mapping - - Remove git refs used internally by GitLab from network graph (Stan Hu) - - Use standard Markdown font in Markdown preview instead of fixed-width font (Stan Hu) - - Fix Reply by email for non-UTF-8 messages. - - Add option to use StartTLS with Reply by email IMAP server. - - Allow AWS S3 Server-Side Encryption with Amazon S3-Managed Keys for backups (Paul Beattie) - -## 8.0.1 - - - Improve CI migration procedure and documentation - -## 8.0.0 (2015-09-22) - - - Fix Markdown links not showing up in dashboard activity feed (Stan Hu) - - Remove milestones from merge requests when milestones are deleted (Stan Hu) - - Fix HTML link that was improperly escaped in new user e-mail (Stan Hu) - - Fix broken sort in merge request API (Stan Hu) - - Bump rouge to 1.10.1 to remove warning noise and fix other syntax highlighting bugs (Stan Hu) - - Gracefully handle errors in syntax highlighting by leaving the block unformatted (Stan Hu) - - Add "replace" and "upload" functionalities to allow user replace existing file and upload new file into current repository - - Fix URL construction for merge requests, issues, notes, and commits for relative URL config (Stan Hu) - - Fix emoji URLs in Markdown when relative_url_root is used (Stan Hu) - - Omit filename in Content-Disposition header in raw file download to avoid RFC 6266 encoding issues (Stan HU) - - Fix broken Wiki Page History (Stan Hu) - - Import forked repositories asynchronously to prevent large repositories from timing out (Stan Hu) - - Prevent anchors from being hidden by header (Stan Hu) - - Fix bug where only the first 15 Bitbucket issues would be imported (Stan Hu) - - Sort issues by creation date in Bitbucket importer (Stan Hu) - - Prevent too many redirects upon login when home page URL is set to external_url (Stan Hu) - - Improve dropdown positioning on the project home page (Hannes Rosenögger) - - Upgrade browser gem to 1.0.0 to avoid warning in IE11 compatibilty mode (Stan Hu) - - Remove user OAuth tokens from the database and request new tokens each session (Stan Hu) - - Restrict users API endpoints to use integer IDs (Stan Hu) - - Only show recent push event if the branch still exists or a recent merge request has not been created (Stan Hu) - - Remove satellites - - Better performance for web editor (switched from satellites to rugged) - - Faster merge - - Ability to fetch merge requests from refs/merge-requests/:id - - Allow displaying of archived projects in the admin interface (Artem Sidorenko) - - Allow configuration of import sources for new projects (Artem Sidorenko) - - Search for comments should be case insensetive - - Create cross-reference for closing references on commits pushed to non-default branches (Maël Valais) - - Ability to search milestones - - Gracefully handle SMTP user input errors (e.g. incorrect email addresses) to prevent Sidekiq retries (Stan Hu) - - Move dashboard activity to separate page (for your projects and starred projects) - - Improve performance of git blame - - Limit content width to 1200px for most of pages to improve readability on big screens - - Fix 500 error when submit project snippet without body - - Improve search page usability - - Bring more UI consistency in way how projects, snippets and groups lists are rendered - - Make all profiles and group public - - Fixed login failure when extern_uid changes (Joel Koglin) - - Don't notify users without access to the project when they are (accidentally) mentioned in a note. - - Retrieving oauth token with LDAP credentials - - Load Application settings from running database unless env var USE_DB=false - - Added Drone CI integration (Kirill Zaitsev) - - Allow developers to retry builds - - Hide advanced project options for non-admin users - - Fail builds if no .gitlab-ci.yml is found - - Refactored service API and added automatically service docs generator (Kirill Zaitsev) - - Added web_url key project hook_attrs (Kirill Zaitsev) - - Add ability to get user information by ID of an SSH key via the API - - Fix bug which IE cannot show image at markdown when the image is raw file of gitlab - - Add support for Crowd - - Global Labels that are available to all projects - - Fix highlighting of deleted lines in diffs. - - Project notification level can be set on the project page itself - - Added service API endpoint to retrieve service parameters (Petheő Bence) - - Add FogBugz project import (Jared Szechy) - - Sort users autocomplete lists by user (Allister Antosik) - - Webhook for issue now contains repository field (Jungkook Park) - - Add ability to add custom text to the help page (Jeroen van Baarsen) - - Add pg_schema to backup config - - Fix references to target project issues in Merge Requests markdown preview and textareas (Francesco Levorato) - - Redirect from incorrectly cased group or project path to correct one (Francesco Levorato) - - Removed API calls from CE to CI - -## 7.14.3 through 0.8.0 +## 8.15.8 through 0.8.0 - See [changelogs/archive.md](changelogs/archive.md) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 12fb34b24b..ed56da0353 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,11 +1,15 @@ -## Contributor license agreement +## Developer Certificate of Origin + License -By submitting code as an individual you agree to the -[individual contributor license agreement](doc/legal/individual_contributor_license_agreement.md). -By submitting code as an entity you agree to the -[corporate contributor license agreement](doc/legal/corporate_contributor_license_agreement.md). +By contributing to GitLab B.V., You accept and agree to the following terms and +conditions for Your present and future Contributions submitted to GitLab B.V. +Except for the license granted herein to GitLab B.V. and recipients of software +distributed by GitLab B.V., You reserve all right, title, and interest in and to +Your Contributions. All Contributions are subject to the following DCO + License +terms. -_This notice should stay as the first item in the CONTRIBUTING.MD file._ +[DCO + License](https://gitlab.com/gitlab-org/dco/blob/master/README.md) + +_This notice should stay as the first item in the CONTRIBUTING.md file._ --- @@ -21,10 +25,10 @@ _This notice should stay as the first item in the CONTRIBUTING.MD file._ - [Workflow labels](#workflow-labels) - [Type labels (~"feature proposal", ~bug, ~customer, etc.)](#type-labels-feature-proposal-bug-customer-etc) - [Subject labels (~wiki, ~"container registry", ~ldap, ~api, etc.)](#subject-labels-wiki-container-registry-ldap-api-etc) - - [Team labels (~CI, ~Discussion, ~Edge, ~Platform, etc.)](#team-labels-ci-discussion-edge-platform-etc) + - [Team labels (~"CI/CD", ~Discussion, ~Edge, ~Platform, etc.)](#team-labels-cicd-discussion-edge-platform-etc) - [Priority labels (~Deliverable and ~Stretch)](#priority-labels-deliverable-and-stretch) - [Label for community contributors (~"Accepting Merge Requests")](#label-for-community-contributors-accepting-merge-requests) -- [Implement design & UI elements](#implement-design--ui-elements) +- [Implement design & UI elements](#implement-design-ui-elements) - [Issue tracker](#issue-tracker) - [Issue triaging](#issue-triaging) - [Feature proposals](#feature-proposals) @@ -46,10 +50,13 @@ _This notice should stay as the first item in the CONTRIBUTING.MD file._ ## Contribute to GitLab +For a first-time step-by-step guide to the contribution process, see +["Contributing to GitLab"](https://about.gitlab.com/contributing/). + Thank you for your interest in contributing to GitLab. This guide details how to contribute to GitLab in a way that is efficient for everyone. -Looking for something to work on? Look for the label [Accepting Merge Requests](#i-want-to-contribute). +Looking for something to work on? Look for issues with the label [Accepting Merge Requests](#i-want-to-contribute). GitLab comes into two flavors, GitLab Community Edition (CE) our free and open source edition, and GitLab Enterprise Edition (EE) which is our commercial @@ -100,10 +107,13 @@ the remaining issues on the GitHub issue tracker. ## I want to contribute! -If you want to contribute to GitLab, but are not sure where to start, -look for [issues with the label `Accepting Merge Requests` and weight < 5][accepting-mrs-weight]. -These issues will be of reasonable size and challenge, for anyone to start -contributing to GitLab. +If you want to contribute to GitLab [issues with the label `Accepting Merge Requests` and small weight][accepting-mrs-weight] +is a great place to start. Issues with a lower weight (1 or 2) are deemed +suitable for beginners. These issues will be of reasonable size and challenge, +for anyone to start contributing to GitLab. If you have any questions or need help visit [Getting Help](https://about.gitlab.com/getting-help/#discussion) to +learn how to communicate with GitLab. If you're looking for a Gitter or Slack channel +please consider we favor +[asynchronous communication](https://about.gitlab.com/handbook/communication/#internal-communication) over real time communication. Thanks for your contribution! ## Workflow labels @@ -115,7 +125,7 @@ Most issues will have labels for at least one of the following: - Type: ~"feature proposal", ~bug, ~customer, etc. - Subject: ~wiki, ~"container registry", ~ldap, ~api, ~frontend, etc. -- Team: ~CI, ~Discussion, ~Edge, ~Platform, etc. +- Team: ~"CI/CD", ~Discussion, ~Edge, ~Platform, etc. - Priority: ~Deliverable, ~Stretch All labels, their meaning and priority are defined on the @@ -157,14 +167,14 @@ Examples of subject labels are ~wiki, ~"container registry", ~ldap, ~api, Subject labels are always all-lowercase. -### Team labels (~CI, ~Discussion, ~Edge, ~Platform, etc.) +### Team labels (~"CI/CD", ~Discussion, ~Edge, ~Platform, etc.) Team labels specify what team is responsible for this issue. Assigning a team label makes sure issues get the attention of the appropriate people. -The current team labels are ~Build, ~CI, ~Discussion, ~Documentation, ~Edge, -~Gitaly, ~Platform, ~Prometheus, ~Release, and ~"UX". +The current team labels are ~Build, ~"CI/CD", ~Discussion, ~Documentation, ~Edge, +~Geo, ~Gitaly, ~Platform, ~Monitoring, ~Release, and ~"UX". The descriptions on the [labels page][labels-page] explain what falls under the responsibility of each team. @@ -209,19 +219,29 @@ We add the ~"Accepting Merge Requests" label to: - Low priority ~bug issues (i.e. we do not add it to the bugs that we want to solve in the ~"Next Patch Release") -- Small ~"feature proposal" that do not need ~UX / ~"Product work", or for which -the ~UX / ~"Product work" is already done +- Small ~"feature proposal" - Small ~"technical debt" issues After adding the ~"Accepting Merge Requests" label, we try to estimate the [weight](#issue-weight) of the issue. We use issue weight to let contributors know how difficult the issue is. Additionally: -- We advertise [~"Accepting Merge Requests" issues with weight < 5][up-for-grabs] +- We advertise ["Accepting Merge Requests" issues with weight < 5][up-for-grabs] as suitable for people that have never contributed to GitLab before on the [Up For Grabs campaign](http://up-for-grabs.net) - We encourage people that have never contributed to any open source project to - look for [~"Accepting Merge Requests" issues with a weight of 1][firt-timers] + look for ["Accepting Merge Requests" issues with a weight of 1][firt-timers] + +If you've decided that you would like to work on an issue, please @-mention +the [appropriate product manager](https://about.gitlab.com/handbook/product/#who-to-talk-to-for-what) +as soon as possible. The product manager will then pull in appropriate GitLab team +members to further discuss scope, design, and technical considerations. This will +ensure that that your contribution is aligned with the GitLab product and minimize +any rework and delay in getting it merged into master. + +GitLab team members who apply the ~"Accepting Merge Requests" label to an issue +should update the issue description with a responsible product manager, inviting +any potential community contributor to @-mention per above. [up-for-grabs]: https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name=Accepting+Merge+Requests&scope=all&sort=weight_asc&state=opened [firt-timers]: https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name%5B%5D=Accepting+Merge+Requests&scope=all&sort=upvotes_desc&state=opened&weight=1 @@ -286,7 +306,10 @@ might be edited to make them small and simple. Please submit Feature Proposals using the ['Feature Proposal' issue template](.gitlab/issue_templates/Feature Proposal.md) provided on the issue tracker. -For changes in the interface, it can be helpful to create a mockup first. +For changes in the interface, it is helpful to include a mockup. Issues that add to, or change, the interface should +be given the ~"UX" label. This will allow the UX team to provide input and guidance. You may +need to ask one of the [core team] members to add the label, if you do not have permissions to do it by yourself. + If you want to create something yourself, consider opening an issue first to discuss whether it is interesting to include this in GitLab. @@ -421,7 +444,7 @@ request is as follows: 1. Fork the project into your personal space on GitLab.com 1. Create a feature branch, branch away from `master` -1. Write [tests](https://gitlab.com/gitlab-org/gitlab-development-kit#running-the-tests) and code +1. Write [tests](https://docs.gitlab.com/ee/development/rake_tasks.html#run-tests) and code 1. [Generate a changelog entry with `bin/changelog`][changelog] 1. If you are writing documentation, make sure to follow the [documentation styleguide][doc-styleguide] @@ -527,6 +550,7 @@ When having your code reviewed and when reviewing merge requests please take the etc.), they should conform to our [Licensing guidelines][license-finder-doc]. See the instructions in that document for help if your MR fails the "license-finder" test with a "Dependencies that need approval" error. +1. The merge request meets the [definition of done](#definition-of-done). ## Definition of done @@ -536,7 +560,7 @@ the feature you contribute through all of these steps. 1. Description explaining the relevancy (see following item) 1. Working and clean code that is commented where needed -1. [Unit and system tests][testing] that pass on the CI server +1. [Unit, integration, and system tests][testing] that pass on the CI server 1. Performance/scalability implications have been considered, addressed, and tested 1. [Documented][doc-styleguide] in the `/doc` directory 1. [Changelog entry added][changelog], if necessary @@ -581,6 +605,7 @@ merge request: present time and never use past tense (has been/was). For example instead of _prohibited this user from being saved due to the following errors:_ the text should be _sorry, we could not create your account because:_ +1. Code should be written in [US English][us-english] This is also the style used by linting tools such as [RuboCop](https://github.com/bbatsov/rubocop), @@ -645,7 +670,8 @@ available at [http://contributor-covenant.org/version/1/1/0/](http://contributor [license-finder-doc]: doc/development/licensing.md [GitLab Inc engineering workflow]: https://about.gitlab.com/handbook/engineering/workflow/#labelling-issues [polling-etag]: https://docs.gitlab.com/ce/development/polling.html -[testing]: doc/development/testing.md +[testing]: doc/development/testing_guide/index.md +[us-english]: https://en.wikipedia.org/wiki/American_English [^1]: Please note that specs other than JavaScript specs are considered backend code. diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 7b52f5e517..9a55e28031 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -0.35.0 +0.81.0 diff --git a/GITLAB_PAGES_VERSION b/GITLAB_PAGES_VERSION index 4b9fcbec10..ee6cdce3c2 100644 --- a/GITLAB_PAGES_VERSION +++ b/GITLAB_PAGES_VERSION @@ -1 +1 @@ -0.5.1 +0.6.1 diff --git a/GITLAB_SHELL_VERSION b/GITLAB_SHELL_VERSION index 11d9efa3d5..090ea9dad1 100644 --- a/GITLAB_SHELL_VERSION +++ b/GITLAB_SHELL_VERSION @@ -1 +1 @@ -5.8.0 +6.0.3 diff --git a/GITLAB_WORKHORSE_VERSION b/GITLAB_WORKHORSE_VERSION index 4a36342fca..40c341bdcd 100644 --- a/GITLAB_WORKHORSE_VERSION +++ b/GITLAB_WORKHORSE_VERSION @@ -1 +1 @@ -3.0.0 +3.6.0 diff --git a/Gemfile b/Gemfile index 1610881f74..880ed483c3 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ source 'https://rubygems.org' -gem 'rails', '4.2.8' +gem 'rails', '4.2.10' gem 'rails-deprecated_sanitizer', '~> 1.0.3' # Responders respond_to and respond_with @@ -12,26 +12,26 @@ gem 'sprockets', '~> 3.7.0' gem 'default_value_for', '~> 3.0.0' # Supported DBs -gem 'mysql2', '~> 0.4.5', group: :mysql +gem 'mysql2', '~> 0.4.10', group: :mysql gem 'pg', '~> 0.18.2', group: :postgres gem 'rugged', '~> 0.26.0' -gem 'grape-route-helpers', '~> 2.0.0' +gem 'grape-route-helpers', '~> 2.1.0' gem 'faraday', '~> 0.12' # Authentication libraries gem 'devise', '~> 4.2' gem 'doorkeeper', '~> 4.2.0' -gem 'doorkeeper-openid_connect', '~> 1.1.0' +gem 'doorkeeper-openid_connect', '~> 1.2.0' gem 'omniauth', '~> 1.4.2' gem 'omniauth-auth0', '~> 1.4.1' -gem 'omniauth-azure-oauth2', '~> 0.0.6' +gem 'omniauth-azure-oauth2', '~> 0.0.9' gem 'omniauth-cas3', '~> 1.1.4' gem 'omniauth-facebook', '~> 4.0.0' gem 'omniauth-github', '~> 1.1.1' gem 'omniauth-gitlab', '~> 1.0.2' -gem 'omniauth-google-oauth2', '~> 0.4.1' +gem 'omniauth-google-oauth2', '~> 0.5.2' gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos gem 'omniauth-oauth2-generic', '~> 0.2.2' gem 'omniauth-saml', '~> 1.7.0' @@ -64,21 +64,29 @@ gem 'gpgme' # LDAP Auth # GitLab fork with several improvements to original library. For full list of changes # see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master -gem 'gitlab_omniauth-ldap', '~> 2.0.3', require: 'omniauth-ldap' +gem 'gitlab_omniauth-ldap', '~> 2.0.4', require: 'omniauth-ldap' gem 'net-ldap' # Git Wiki # Required manually in config/initializers/gollum.rb to control load order +# Before updating this gem, check if +# https://github.com/gollum/gollum-lib/pull/292 has been merged. +# If it has, then remove the monkey patch for update_page, rename_page and raw_data_in_committer +# in config/initializers/gollum.rb gem 'gollum-lib', '~> 4.2', require: false + +# Before updating this gem, check if +# https://github.com/gollum/rugged_adapter/pull/28 has been merged. +# If it has, then remove the monkey patch for tree_entry in config/initializers/gollum.rb gem 'gollum-rugged_adapter', '~> 0.4.4', require: false # Language detection gem 'github-linguist', '~> 4.7.0', require: 'linguist' # API -gem 'grape', '~> 0.19.2' +gem 'grape', '~> 1.0' gem 'grape-entity', '~> 0.6.0' -gem 'rack-cors', '~> 0.4.0', require: 'rack/cors' +gem 'rack-cors', '~> 1.0.0', require: 'rack/cors' # Disable strong_params so that Mash does not respond to :permitted? gem 'hashie-forbidden_attributes' @@ -90,7 +98,7 @@ gem 'kaminari', '~> 1.0' gem 'hamlit', '~> 2.6.1' # Files attachments -gem 'carrierwave', '~> 1.1' +gem 'carrierwave', '~> 1.2' # Drag and Drop UI gem 'dropzonejs-rails', '~> 0.7.1' @@ -102,21 +110,21 @@ gem 'fog-google', '~> 0.5' gem 'fog-local', '~> 0.3' gem 'fog-openstack', '~> 0.1' gem 'fog-rackspace', '~> 0.1.1' -gem 'fog-aliyun', '~> 0.1.0' +gem 'fog-aliyun', '~> 0.2.0' # for Google storage -gem 'google-api-client', '~> 0.8.6' +gem 'google-api-client', '~> 0.13.6' # for aws storage gem 'unf', '~> 0.1.4' # Seed data -gem 'seed-fu', '~> 2.3.5' +gem 'seed-fu', '~> 2.3.7' # Markdown and HTML processing gem 'html-pipeline', '~> 1.11.0' gem 'deckar01-task_list', '2.0.0' -gem 'gitlab-markup', '~> 1.5.1' +gem 'gitlab-markup', '~> 1.6.2' gem 'redcarpet', '~> 3.4' gem 'RedCloth', '~> 4.3.2' gem 'rdoc', '~> 4.2' @@ -128,7 +136,7 @@ gem 'asciidoctor-plantuml', '0.0.7' gem 'rouge', '~> 2.0' gem 'truncato', '~> 0.7.9' gem 'bootstrap_form', '~> 2.7.0' -gem 'nokogiri', '~> 1.8.0' +gem 'nokogiri', '~> 1.8.2' # Diffs gem 'diffy', '~> 3.1.0' @@ -141,8 +149,6 @@ end # State machine gem 'state_machines-activerecord', '~> 0.4.0' -# Run events after state machine commits -gem 'after_commit_queue', '~> 1.3.0' # Issue tags gem 'acts-as-taggable-on', '~> 4.0' @@ -173,7 +179,7 @@ gem 're2', '~> 1.1.1' gem 'version_sorter', '~> 2.1.0' # Cache -gem 'redis-rails', '~> 5.0.1' +gem 'redis-rails', '~> 5.0.2' # Redis gem 'redis', '~> 3.2' @@ -183,7 +189,7 @@ gem 'connection_pool', '~> 2.0' gem 'hipchat', '~> 1.5.0' # JIRA integration -gem 'jira-ruby', '~> 1.1.2' +gem 'jira-ruby', '~> 1.4' # Flowdock integration gem 'gitlab-flowdock-git-hook', '~> 1.0.1' @@ -206,9 +212,6 @@ gem 'kubeclient', '~> 2.2.0' # d3 gem 'd3_rails', '~> 3.5.0' -# underscore-rails -gem 'underscore-rails', '~> 1.8.0' - # Sanitize user input gem 'sanitize', '~> 2.0' gem 'babosa', '~> 1.0.2' @@ -229,11 +232,14 @@ gem 'ace-rails-ap', '~> 4.1.0' gem 'mousetrap-rails', '~> 1.4.6' # Detect and convert string character encoding -gem 'charlock_holmes', '~> 0.7.3' +gem 'charlock_holmes', '~> 0.7.5' # Faster JSON gem 'oj', '~> 2.17.4' +# Faster blank +gem 'fast_blank' + # Parse time & duration gem 'chronic', '~> 0.10.2' gem 'chronic_duration', '~> 0.10.6' @@ -244,13 +250,13 @@ gem 'rack-proxy', '~> 0.6.0' gem 'sass-rails', '~> 5.0.6' gem 'uglifier', '~> 2.7.2' -gem 'addressable', '~> 2.3.8' +gem 'addressable', '~> 2.5.2' gem 'bootstrap-sass', '~> 3.3.0' gem 'font-awesome-rails', '~> 4.7' gem 'gemojione', '~> 3.3' gem 'gon', '~> 6.1.0' gem 'jquery-atwho-rails', '~> 1.3.2' -gem 'jquery-rails', '~> 4.1.0' +gem 'jquery-rails', '~> 4.3.1' gem 'request_store', '~> 1.3' gem 'select2-rails', '~> 3.5.9' gem 'virtus', '~> 1.0.1' @@ -268,6 +274,8 @@ gem 'gettext_i18n_rails', '~> 1.8.0' gem 'gettext_i18n_rails_js', '~> 1.2.0' gem 'gettext', '~> 3.2.2', require: false, group: :development +gem 'batch-loader', '~> 1.2.1' + # Perf bar gem 'peek', '~> 1.0.1' gem 'peek-gc', '~> 0.0.2' @@ -286,7 +294,7 @@ group :metrics do gem 'influxdb', '~> 0.2', require: false # Prometheus - gem 'prometheus-client-mmap', '~>0.7.0.beta14' + gem 'prometheus-client-mmap', '~> 0.9.1' gem 'raindrops', '~> 0.18' end @@ -314,13 +322,14 @@ group :development, :test do gem 'fuubar', '~> 2.2.0' gem 'database_cleaner', '~> 1.5.0' - gem 'factory_girl_rails', '~> 4.7.0' + gem 'factory_bot_rails', '~> 4.8.2' gem 'rspec-rails', '~> 3.6.0' gem 'rspec-retry', '~> 0.4.5' gem 'spinach-rails', '~> 0.2.1' gem 'spinach-rerun-reporter', '~> 0.0.2' gem 'rspec_profiling', '~> 0.0.5' gem 'rspec-set', '~> 0.1.3' + gem 'rspec-parameterized', require: false # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826) gem 'minitest', '~> 5.7.0' @@ -328,41 +337,47 @@ group :development, :test do # Generate Fake data gem 'ffaker', '~> 2.4' - gem 'capybara', '~> 2.6.2' + gem 'capybara', '~> 2.15' gem 'capybara-screenshot', '~> 1.0.0' - gem 'poltergeist', '~> 1.9.0' + gem 'selenium-webdriver', '~> 3.5' gem 'spring', '~> 2.0.0' gem 'spring-commands-rspec', '~> 1.0.4' gem 'spring-commands-spinach', '~> 1.1.0' - gem 'rubocop', '~> 0.49.1', require: false - gem 'rubocop-rspec', '~> 1.15.1', require: false - gem 'scss_lint', '~> 0.54.0', require: false + gem 'gitlab-styles', '~> 2.3', require: false + # Pin these dependencies, otherwise a new rule could break the CI pipelines + gem 'rubocop', '~> 0.52.1' + gem 'rubocop-rspec', '~> 1.22.1' + + gem 'scss_lint', '~> 0.56.0', require: false gem 'haml_lint', '~> 0.26.0', require: false gem 'simplecov', '~> 0.14.0', require: false - gem 'flay', '~> 2.8.0', require: false + gem 'flay', '~> 2.10.0', require: false gem 'bundler-audit', '~> 0.5.0', require: false gem 'benchmark-ips', '~> 2.3.0', require: false - gem 'license_finder', '~> 2.1.0', require: false + gem 'license_finder', '~> 3.1', require: false gem 'knapsack', '~> 1.11.0' gem 'activerecord_sane_schema_dumper', '0.2' - gem 'stackprof', '~> 0.2.10' + gem 'stackprof', '~> 0.2.10', require: false + + gem 'simple_po_parser', '~> 1.1.2', require: false end group :test do gem 'shoulda-matchers', '~> 3.1.2', require: false gem 'email_spec', '~> 1.6.0' - gem 'json-schema', '~> 2.6.2' + gem 'json-schema', '~> 2.8.0' gem 'webmock', '~> 2.3.2' gem 'test_after_commit', '~> 1.1' gem 'sham_rack', '~> 1.3.6' gem 'timecop', '~> 0.8.0' gem 'concurrent-ruby', '~> 1.0.5' + gem 'test-prof', '~> 0.2.5' end gem 'octokit', '~> 4.6.2' @@ -377,9 +392,6 @@ gem 'ruby-prof', '~> 0.16.2' # OAuth gem 'oauth2', '~> 1.4' -# Soft deletion -gem 'paranoia', '~> 2.3.1' - # Health check gem 'health_check', '~> 2.6.0' @@ -393,18 +405,25 @@ gem 'net-ssh', '~> 4.1.0' # Required for ED25519 SSH host key support group :ed25519 do gem 'rbnacl-libsodium' - gem 'rbnacl', '~> 3.2' + gem 'rbnacl', '~> 4.0' gem 'bcrypt_pbkdf', '~> 1.0' end # Gitaly GRPC client -gem 'gitaly', '~> 0.26.0' +gem 'gitaly-proto', '~> 0.84.0', require: 'gitaly' +# Locked until https://github.com/google/protobuf/issues/4210 is closed +gem 'google-protobuf', '= 3.5.1' gem 'toml-rb', '~> 0.3.15', require: false # Feature toggles -gem 'flipper', '~> 0.10.2' -gem 'flipper-active_record', '~> 0.10.2' +gem 'flipper', '~> 0.11.0' +gem 'flipper-active_record', '~> 0.11.0' +gem 'flipper-active_support_cache_store', '~> 0.11.0' # Structured logging gem 'lograge', '~> 0.5' +gem 'grape_logging', '~> 1.7' + +# Asset synchronization +gem 'asset_sync', '~> 2.2.0' diff --git a/Gemfile.lock b/Gemfile.lock index 9a7cbaf849..22c4fc0ef2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,48 +2,51 @@ GEM remote: https://rubygems.org/ specs: RedCloth (4.3.2) + abstract_type (0.0.7) ace-rails-ap (4.1.2) - actionmailer (4.2.8) - actionpack (= 4.2.8) - actionview (= 4.2.8) - activejob (= 4.2.8) + actionmailer (4.2.10) + actionpack (= 4.2.10) + actionview (= 4.2.10) + activejob (= 4.2.10) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 1.0, >= 1.0.5) - actionpack (4.2.8) - actionview (= 4.2.8) - activesupport (= 4.2.8) + actionpack (4.2.10) + actionview (= 4.2.10) + activesupport (= 4.2.10) rack (~> 1.6) rack-test (~> 0.6.2) rails-dom-testing (~> 1.0, >= 1.0.5) rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (4.2.8) - activesupport (= 4.2.8) + actionview (4.2.10) + activesupport (= 4.2.10) builder (~> 3.1) erubis (~> 2.7.0) rails-dom-testing (~> 1.0, >= 1.0.5) rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (4.2.8) - activesupport (= 4.2.8) + activejob (4.2.10) + activesupport (= 4.2.10) globalid (>= 0.3.0) - activemodel (4.2.8) - activesupport (= 4.2.8) + activemodel (4.2.10) + activesupport (= 4.2.10) builder (~> 3.1) - activerecord (4.2.8) - activemodel (= 4.2.8) - activesupport (= 4.2.8) + activerecord (4.2.10) + activemodel (= 4.2.10) + activesupport (= 4.2.10) arel (~> 6.0) activerecord_sane_schema_dumper (0.2) rails (>= 4, < 5) - activesupport (4.2.8) + activesupport (4.2.10) i18n (~> 0.7) minitest (~> 5.1) thread_safe (~> 0.3, >= 0.3.4) tzinfo (~> 1.1) acts-as-taggable-on (4.0.0) activerecord (>= 4.0) - addressable (2.3.8) - after_commit_queue (1.3.0) - activerecord (>= 3.0) + adamantium (0.2.0) + ice_nine (~> 0.11.0) + memoizable (~> 0.4.0) + addressable (2.5.2) + public_suffix (>= 2.0.2, < 4.0) akismet (2.0.0) allocations (1.0.5) arel (6.0.4) @@ -55,15 +58,16 @@ GEM asciidoctor (1.5.3) asciidoctor-plantuml (0.0.7) asciidoctor (~> 1.5) + asset_sync (2.2.0) + activemodel (>= 4.1.0) + fog-core + mime-types (>= 2.99) + unf ast (2.3.0) atomic (1.1.99) attr_encrypted (3.0.3) encryptor (~> 3.0.0) attr_required (1.0.0) - autoparse (0.3.3) - addressable (>= 2.3.1) - extlib (>= 0.9.15) - multi_json (>= 1.0.0) autoprefixer-rails (6.2.3) execjs json @@ -74,6 +78,7 @@ GEM thread_safe (~> 0.3, >= 0.3.1) babosa (1.0.2) base32 (0.3.2) + batch-loader (1.2.1) bcrypt (3.1.11) bcrypt_pbkdf (1.0.0) benchmark-ips (2.3.0) @@ -81,9 +86,10 @@ GEM coderay (>= 1.0.0) erubis (>= 2.6.6) rack (>= 0.9.0) - bindata (2.3.5) + bindata (2.4.1) binding_of_caller (0.7.2) debug_inspector (>= 0.0.1) + blankslate (2.1.2.4) bootstrap-sass (3.3.6) autoprefixer-rails (>= 5.2.1) sass (>= 3.3.4) @@ -98,9 +104,9 @@ GEM bundler (~> 1.2) thor (~> 0.18) byebug (9.0.6) - capybara (2.6.2) + capybara (2.15.1) addressable - mime-types (>= 1.16) + mini_mime (>= 0.1.3) nokogiri (>= 1.3.3) rack (>= 1.0.0) rack-test (>= 0.5.4) @@ -108,22 +114,26 @@ GEM capybara-screenshot (1.0.14) capybara (>= 1.0, < 3) launchy - carrierwave (1.1.0) + carrierwave (1.2.1) activemodel (>= 4.0.0) activesupport (>= 4.0.0) mime-types (>= 1.16) cause (0.1) - charlock_holmes (0.7.3) + charlock_holmes (0.7.5) + childprocess (0.7.0) + ffi (~> 1.0, >= 1.0.11) chronic (0.10.2) chronic_duration (0.10.6) numerizer (~> 0.1.1) chunky_png (1.3.5) citrus (3.0.2) - cliver (0.3.2) coderay (1.1.1) coercible (1.0.0) descendants_tracker (~> 0.0.1) colorize (0.7.7) + concord (0.1.5) + adamantium (~> 0.2.0) + equalizer (~> 0.0.9) concurrent-ruby (1.0.5) concurrent-ruby-ext (1.0.5) concurrent-ruby (= 1.0.5) @@ -141,6 +151,8 @@ GEM debugger-ruby_core_source (1.3.8) deckar01-task_list (2.0.0) html-pipeline + declarative (0.0.10) + declarative-option (0.1.0) default_value_for (3.0.2) activerecord (>= 3.2.0, < 5.1) descendants_tracker (0.0.4) @@ -162,9 +174,9 @@ GEM docile (1.1.5) domain_name (0.5.20161021) unf (>= 0.0.5, < 1.0.0) - doorkeeper (4.2.0) + doorkeeper (4.2.6) railties (>= 4.2) - doorkeeper-openid_connect (1.1.2) + doorkeeper-openid_connect (1.2.0) doorkeeper (~> 4.0) json-jwt (~> 1.6) dropzonejs-rails (0.7.2) @@ -183,35 +195,38 @@ GEM excon (0.57.1) execjs (2.6.0) expression_parser (0.9.0) - extlib (0.9.16) - factory_girl (4.7.0) + factory_bot (4.8.2) activesupport (>= 3.0.0) - factory_girl_rails (4.7.0) - factory_girl (~> 4.7.0) + factory_bot_rails (4.8.2) + factory_bot (~> 4.8.2) railties (>= 3.0.0) - faraday (0.12.1) + faraday (0.12.2) multipart-post (>= 1.2, < 3) faraday_middleware (0.11.0.1) faraday (>= 0.7.4, < 1.0) faraday_middleware-multi_json (0.0.6) faraday_middleware multi_json + fast_blank (1.0.0) fast_gettext (1.4.0) ffaker (2.4.0) - ffi (1.9.10) - flay (2.8.1) + ffi (1.9.18) + flay (2.10.0) erubis (~> 2.7.0) path_expander (~> 1.0) ruby_parser (~> 3.0) sexp_processor (~> 4.0) - flipper (0.10.2) - flipper-active_record (0.10.2) + flipper (0.11.0) + flipper-active_record (0.11.0) activerecord (>= 3.2, < 6) - flipper (~> 0.10.2) + flipper (~> 0.11.0) + flipper-active_support_cache_store (0.11.0) + activesupport (>= 3.2, < 6) + flipper (~> 0.11.0) flowdock (0.7.1) httparty (~> 0.7) multi_json - fog-aliyun (0.1.0) + fog-aliyun (0.2.0) fog-core (~> 1.27) fog-json (~> 1.0) ipaddress (~> 0.8) @@ -270,7 +285,7 @@ GEM po_to_json (>= 1.0.0) rails (>= 3.2.0) gherkin-ruby (0.3.2) - gitaly (0.26.0) + gitaly-proto (0.84.0) google-protobuf (~> 3.1) grpc (~> 1.0) github-linguist (4.7.6) @@ -283,19 +298,23 @@ GEM flowdock (~> 0.7) gitlab-grit (>= 2.4.1) multi_json - gitlab-grit (2.8.1) + gitlab-grit (2.8.2) charlock_holmes (~> 0.6) diff-lcs (~> 1.1) - mime-types (>= 1.16, < 3) + mime-types (>= 1.16) posix-spawn (~> 0.3) - gitlab-markup (1.5.1) - gitlab_omniauth-ldap (2.0.3) + gitlab-markup (1.6.3) + gitlab-styles (2.3.2) + rubocop (~> 0.51) + rubocop-gitlab-security (~> 0.1.0) + rubocop-rspec (~> 1.19) + gitlab_omniauth-ldap (2.0.4) net-ldap (~> 0.16) omniauth (~> 1.3) pyu-ruby-sasl (>= 0.0.3.3, < 0.1) rubyntlm (~> 0.5) - globalid (0.3.7) - activesupport (>= 4.1.0) + globalid (0.4.1) + activesupport (>= 4.2.0) gollum-grit_adapter (1.0.1) gitlab-grit (~> 2.7, >= 2.7.1) gollum-lib (4.2.7) @@ -314,20 +333,18 @@ GEM json multi_json request_store (>= 1.0) - google-api-client (0.8.7) - activesupport (>= 3.2, < 5.0) - addressable (~> 2.3) - autoparse (~> 0.3) - extlib (~> 0.9) - faraday (~> 0.9) - googleauth (~> 0.3) - launchy (~> 2.4) - multi_json (~> 1.10) - retriable (~> 1.4) - signet (~> 0.6) - google-protobuf (3.3.0) - googleauth (0.5.1) - faraday (~> 0.9) + google-api-client (0.13.6) + addressable (~> 2.5, >= 2.5.1) + googleauth (~> 0.5) + httpclient (>= 2.8.1, < 3.0) + mime-types (~> 3.0) + representable (~> 3.0) + retriable (>= 2.0, < 4.0) + google-protobuf (3.5.1) + googleapis-common-protos-types (1.0.1) + google-protobuf (~> 3.0) + googleauth (0.5.3) + faraday (~> 0.12) jwt (~> 1.4) logging (~> 2.0) memoist (~> 0.12) @@ -336,12 +353,9 @@ GEM signet (~> 0.7) gpgme (2.0.13) mini_portile2 (~> 2.1) - grape (0.19.2) + grape (1.0.0) activesupport builder - hashie (>= 2.1.0) - multi_json (>= 1.3.2) - multi_xml (>= 0.5.2) mustermann-grape (~> 1.0.0) rack (>= 1.3.0) rack-accept @@ -349,13 +363,16 @@ GEM grape-entity (0.6.0) activesupport multi_json (>= 1.3.2) - grape-route-helpers (2.0.0) + grape-route-helpers (2.1.0) activesupport - grape (~> 0.16, >= 0.16.0) + grape (>= 0.16.0) rake - grpc (1.4.0) + grape_logging (1.7.0) + grape + grpc (1.8.3) google-protobuf (~> 3.1) - googleauth (~> 0.5.1) + googleapis-common-protos-types (~> 1.0.0) + googleauth (>= 0.5.1, < 0.7) haml (4.0.7) tilt haml_lint (0.26.0) @@ -369,7 +386,7 @@ GEM thor tilt hashdiff (0.3.4) - hashie (3.5.5) + hashie (3.5.6) hashie-forbidden_attributes (0.1.1) hashie (>= 3.0) health_check (2.6.0) @@ -396,29 +413,31 @@ GEM json (~> 1.8) multi_xml (>= 0.5.2) httpclient (2.8.2) - i18n (0.8.6) + i18n (0.9.1) + concurrent-ruby (~> 1.0) ice_nine (0.11.2) influxdb (0.2.3) cause json ipaddress (0.8.3) - jira-ruby (1.1.2) + jira-ruby (1.4.1) activesupport + multipart-post oauth (~> 0.5, >= 0.5.0) jquery-atwho-rails (1.3.2) - jquery-rails (4.1.1) + jquery-rails (4.3.1) rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) json (1.8.6) - json-jwt (1.7.1) + json-jwt (1.7.2) activesupport bindata multi_json (>= 1.3) securecompare url_safe_base64 - json-schema (2.6.2) - addressable (~> 2.3.8) + json-schema (2.8.0) + addressable (>= 2.4) jwt (1.5.6) kaminari (1.0.1) activesupport (>= 4.1.0) @@ -448,11 +467,13 @@ GEM actionmailer (>= 3.2) letter_opener (~> 1.0) railties (>= 3.2) - license_finder (2.1.0) + license_finder (3.1.1) bundler httparty rubyzip thor + toml (= 0.1.2) + with_env (> 1.0) xml-simple licensee (8.7.0) rugged (~> 0.24) @@ -467,29 +488,33 @@ GEM railties (>= 4, < 5.2) loofah (2.0.3) nokogiri (>= 1.5.9) - mail (2.6.6) - mime-types (>= 1.16, < 4) + mail (2.7.0) + mini_mime (>= 0.1.1) mail_room (0.9.1) - memoist (0.15.0) + memoist (0.16.0) + memoizable (0.4.2) + thread_safe (~> 0.3, >= 0.3.1) method_source (0.8.2) - mime-types (2.99.3) + mime-types (3.1) + mime-types-data (~> 3.2015) + mime-types-data (3.2016.0521) mimemagic (0.3.0) - mini_portile2 (2.2.0) + mini_mime (0.1.4) + mini_portile2 (2.3.0) minitest (5.7.0) - mmap2 (2.2.7) mousetrap-rails (1.4.6) - multi_json (1.12.1) + multi_json (1.12.2) multi_xml (0.6.0) multipart-post (2.0.0) mustermann (1.0.0) mustermann-grape (1.0.0) mustermann (~> 1.0.0) - mysql2 (0.4.5) + mysql2 (0.4.10) net-ldap (0.16.0) net-ssh (4.1.0) netrc (0.11.0) - nokogiri (1.8.0) - mini_portile2 (~> 2.2.0) + nokogiri (1.8.2) + mini_portile2 (~> 2.3.0) numerizer (0.1.1) oauth (0.5.1) oauth2 (1.4.0) @@ -508,10 +533,10 @@ GEM omniauth-oauth2 (~> 1.1) omniauth-authentiq (0.3.1) omniauth-oauth2 (~> 1.3, >= 1.3.1) - omniauth-azure-oauth2 (0.0.6) + omniauth-azure-oauth2 (0.0.9) jwt (~> 1.0) omniauth (~> 1.0) - omniauth-oauth2 (~> 1.1) + omniauth-oauth2 (~> 1.4) omniauth-cas3 (1.1.4) addressable (~> 2.3) nokogiri (~> 1.7, >= 1.7.1) @@ -524,8 +549,8 @@ GEM omniauth-gitlab (1.0.2) omniauth (~> 1.0) omniauth-oauth2 (~> 1.0) - omniauth-google-oauth2 (0.4.1) - jwt (~> 1.5.2) + omniauth-google-oauth2 (0.5.2) + jwt (~> 1.5) multi_json (~> 1.3) omniauth (>= 1.1.1) omniauth-oauth2 (>= 1.3.1) @@ -537,7 +562,7 @@ GEM omniauth-oauth (1.1.0) oauth omniauth (~> 1.0) - omniauth-oauth2 (1.3.1) + omniauth-oauth2 (1.4.0) oauth2 (~> 1.0) omniauth (~> 1.2) omniauth-oauth2-generic (0.2.2) @@ -558,12 +583,12 @@ GEM rubypants (~> 0.2) orm_adapter (0.5.0) os (0.9.6) - parallel (1.11.2) - paranoia (2.3.1) - activerecord (>= 4.0, < 5.2) - parser (2.4.0.0) - ast (~> 2.2) - path_expander (1.0.1) + parallel (1.12.1) + parser (2.4.0.2) + ast (~> 2.3) + parslet (1.5.0) + blankslate (~> 2.0) + path_expander (1.0.2) peek (1.0.1) concurrent-ruby (>= 0.9.0) concurrent-ruby-ext (>= 0.9.0) @@ -597,11 +622,6 @@ GEM pg (0.18.4) po_to_json (1.0.1) json (>= 1.6.0) - poltergeist (1.9.0) - capybara (~> 2.1) - cliver (~> 0.3.1) - multi_json (~> 1.0) - websocket-driver (>= 0.2.0) posix-spawn (0.3.13) powerpack (0.1.1) premailer (1.10.4) @@ -616,8 +636,7 @@ GEM parser unparser procto (0.0.3) - prometheus-client-mmap (0.7.0.beta14) - mmap2 (~> 2.2, >= 2.2.7) + prometheus-client-mmap (0.9.1) pry (0.10.4) coderay (~> 1.1.0) method_source (~> 0.8.1) @@ -627,13 +646,14 @@ GEM pry (~> 0.10) pry-rails (0.3.5) pry (>= 0.9.10) + public_suffix (3.0.0) pyu-ruby-sasl (0.0.3.3) rack (1.6.8) rack-accept (0.4.5) rack (>= 0.4) rack-attack (4.4.1) rack - rack-cors (0.4.0) + rack-cors (1.0.2) rack-oauth2 (1.2.3) activesupport (>= 2.3) attr_required (>= 0.0.5) @@ -646,16 +666,16 @@ GEM rack rack-test (0.6.3) rack (>= 1.0) - rails (4.2.8) - actionmailer (= 4.2.8) - actionpack (= 4.2.8) - actionview (= 4.2.8) - activejob (= 4.2.8) - activemodel (= 4.2.8) - activerecord (= 4.2.8) - activesupport (= 4.2.8) + rails (4.2.10) + actionmailer (= 4.2.10) + actionpack (= 4.2.10) + actionview (= 4.2.10) + activejob (= 4.2.10) + activemodel (= 4.2.10) + activerecord (= 4.2.10) + activesupport (= 4.2.10) bundler (>= 1.3.0, < 2.0) - railties (= 4.2.8) + railties (= 4.2.10) sprockets-rails rails-deprecated_sanitizer (1.0.3) activesupport (>= 4.2.0.alpha) @@ -668,18 +688,21 @@ GEM rails-i18n (4.0.9) i18n (~> 0.7) railties (~> 4.0) - railties (4.2.8) - actionpack (= 4.2.8) - activesupport (= 4.2.8) + railties (4.2.10) + actionpack (= 4.2.10) + activesupport (= 4.2.10) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) rainbow (2.2.2) rake raindrops (0.18.0) - rake (12.0.0) + rake (12.3.0) + rb-fsevent (0.10.2) + rb-inotify (0.9.10) + ffi (>= 0.5.0, < 2) rblineprof (0.3.6) debugger-ruby_core_source (~> 1.3) - rbnacl (3.4.0) + rbnacl (4.0.2) ffi rbnacl-libsodium (1.0.11) rbnacl (>= 3.0.1) @@ -690,25 +713,29 @@ GEM json recursive-open-struct (1.0.0) redcarpet (3.4.0) - redis (3.3.3) - redis-actionpack (5.0.1) + redis (3.3.5) + redis-actionpack (5.0.2) actionpack (>= 4.0, < 6) redis-rack (>= 1, < 3) - redis-store (>= 1.1.0, < 1.4.0) - redis-activesupport (5.0.1) + redis-store (>= 1.1.0, < 2) + redis-activesupport (5.0.4) activesupport (>= 3, < 6) - redis-store (~> 1.2.0) + redis-store (>= 1.3, < 2) redis-namespace (1.5.2) redis (~> 3.0, >= 3.0.4) - redis-rack (1.6.0) - rack (~> 1.5) - redis-store (~> 1.2.0) - redis-rails (5.0.1) - redis-actionpack (~> 5.0.0) - redis-activesupport (~> 5.0.0) - redis-store (~> 1.2.0) - redis-store (1.2.0) - redis (>= 2.2) + redis-rack (2.0.4) + rack (>= 1.5, < 3) + redis-store (>= 1.2, < 2) + redis-rails (5.0.2) + redis-actionpack (>= 5.0, < 6) + redis-activesupport (>= 5.0, < 6) + redis-store (>= 1.2, < 2) + redis-store (1.4.1) + redis (>= 2.2, < 5) + representable (3.0.4) + declarative (< 0.1.0) + declarative-option (< 0.2.0) + uber (< 0.2.0) request_store (1.3.1) responders (2.3.0) railties (>= 4.2.0, < 5.1) @@ -716,14 +743,18 @@ GEM http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) netrc (~> 0.8) - retriable (1.4.1) + retriable (3.1.1) rinku (2.0.0) rotp (2.1.2) - rouge (2.1.0) + rouge (2.2.1) rqrcode (0.7.0) chunky_png rqrcode-rails3 (0.1.7) rqrcode (>= 0.4.2) + rspec (3.6.0) + rspec-core (~> 3.6.0) + rspec-expectations (~> 3.6.0) + rspec-mocks (~> 3.6.0) rspec-core (3.6.0) rspec-support (~> 3.6.0) rspec-expectations (3.6.0) @@ -732,6 +763,12 @@ GEM rspec-mocks (3.6.0) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.6.0) + rspec-parameterized (0.4.0) + binding_of_caller + parser + proc_to_ast + rspec (>= 2.13, < 4) + unparser rspec-rails (3.6.0) actionpack (>= 3.0) activesupport (>= 3.0) @@ -749,19 +786,21 @@ GEM pg rails sqlite3 - rubocop (0.49.1) + rubocop (0.52.1) parallel (~> 1.10) - parser (>= 2.3.3.1, < 3.0) + parser (>= 2.4.0.2, < 3.0) powerpack (~> 0.1) - rainbow (>= 1.99.1, < 3.0) + rainbow (>= 2.2.2, < 4.0) ruby-progressbar (~> 1.7) unicode-display_width (~> 1.0, >= 1.0.1) - rubocop-rspec (1.15.1) - rubocop (>= 0.42.0) + rubocop-gitlab-security (0.1.1) + rubocop (>= 0.51) + rubocop-rspec (1.22.1) + rubocop (>= 0.52.1) ruby-fogbugz (0.2.1) crack (~> 0.4) ruby-prof (0.16.2) - ruby-progressbar (1.8.1) + ruby-progressbar (1.9.0) ruby-saml (1.4.1) nokogiri (>= 1.5.10) ruby_parser (3.9.0) @@ -775,7 +814,11 @@ GEM safe_yaml (1.0.4) sanitize (2.1.0) nokogiri (>= 1.4.4) - sass (3.4.22) + sass (3.5.5) + sass-listen (~> 4.0.0) + sass-listen (4.0.0) + rb-fsevent (~> 0.9, >= 0.9.4) + rb-inotify (~> 0.9, >= 0.9.7) sass-rails (5.0.6) railties (>= 4.0.0, < 6) sass (~> 3.1) @@ -785,15 +828,18 @@ GEM sawyer (0.8.1) addressable (>= 2.3.5, < 2.6) faraday (~> 0.8, < 1.0) - scss_lint (0.54.0) + scss_lint (0.56.0) rake (>= 0.9, < 13) - sass (~> 3.4.20) + sass (~> 3.5.3) securecompare (1.0.0) - seed-fu (2.3.6) + seed-fu (2.3.7) activerecord (>= 3.1) activesupport (>= 3.1) select2-rails (3.5.9.3) thor (~> 0.14) + selenium-webdriver (3.5.0) + childprocess (~> 0.5) + rubyzip (~> 1.0) sentry-raven (2.5.3) faraday (>= 0.7.6, < 1.0) settingslogic (2.0.9) @@ -802,11 +848,11 @@ GEM rack shoulda-matchers (3.1.2) activesupport (>= 4.0.0) - sidekiq (5.0.4) + sidekiq (5.0.5) concurrent-ruby (~> 1.0) connection_pool (~> 2.2, >= 2.2.0) rack-protection (>= 1.5.0) - redis (~> 3.3, >= 3.3.3) + redis (>= 3.3.4, < 5) sidekiq-cron (0.6.0) rufus-scheduler (>= 3.3.0) sidekiq (>= 4.2.1) @@ -817,6 +863,7 @@ GEM faraday (~> 0.9) jwt (~> 1.5) multi_json (~> 1.10) + simple_po_parser (1.1.2) simplecov (0.14.1) docile (~> 1.1.0) json (>= 1.8, < 3) @@ -843,7 +890,7 @@ GEM sprockets (3.7.1) concurrent-ruby (~> 1.0) rack (> 1, < 3) - sprockets-rails (3.2.0) + sprockets-rails (3.2.1) actionpack (>= 4.0) activesupport (>= 4.0) sprockets (>= 3.0.0) @@ -861,6 +908,7 @@ GEM ffi sysexits (1.2.0) temple (0.7.7) + test-prof (0.2.5) test_after_commit (1.1.0) activerecord (>= 3.2) text (1.3.1) @@ -873,21 +921,23 @@ GEM tilt (2.0.6) timecop (0.8.1) timfel-krb5-auth (0.8.3) + toml (0.1.2) + parslet (~> 1.5.0) toml-rb (0.3.15) citrus (~> 3.0, > 3.0) truncato (0.7.10) htmlentities (~> 4.3.1) nokogiri (~> 1.8.0, >= 1.7.0) - tzinfo (1.2.3) + tzinfo (1.2.4) thread_safe (~> 0.1) u2f (0.2.1) + uber (0.1.0) uglifier (2.7.2) execjs (>= 0.3.0) json (>= 1.8.0) - underscore-rails (1.8.3) unf (0.1.4) unf_ext - unf_ext (0.0.7.2) + unf_ext (0.0.7.4) unicode-display_width (1.3.0) unicorn (5.1.0) kgio (~> 2.6) @@ -896,6 +946,14 @@ GEM get_process_mem (~> 0) unicorn (>= 4, < 6) uniform_notifier (1.10.0) + unparser (0.2.6) + abstract_type (~> 0.0.7) + adamantium (~> 0.2.0) + concord (~> 0.1.5) + diff-lcs (~> 1.3) + equalizer (~> 0.0.9) + parser (>= 2.3.1.2, < 2.5) + procto (~> 0.0.2) url_safe_base64 (0.2.2) validates_hostname (1.0.6) activerecord (>= 3.0) @@ -915,15 +973,13 @@ GEM hashdiff webpack-rails (0.9.10) railties (>= 3.2.0) - websocket-driver (0.6.3) - websocket-extensions (>= 0.1.0) - websocket-extensions (0.1.2) wikicloth (0.8.1) builder expression_parser rinku + with_env (1.1.0) xml-simple (1.1.5) - xpath (2.0.0) + xpath (2.1.0) nokogiri (~> 1.3) PLATFORMS @@ -934,17 +990,18 @@ DEPENDENCIES ace-rails-ap (~> 4.1.0) activerecord_sane_schema_dumper (= 0.2) acts-as-taggable-on (~> 4.0) - addressable (~> 2.3.8) - after_commit_queue (~> 1.3.0) + addressable (~> 2.5.2) akismet (~> 2.0) allocations (~> 1.0) asana (~> 0.6.0) asciidoctor (~> 1.5.2) asciidoctor-plantuml (= 0.0.7) + asset_sync (~> 2.2.0) attr_encrypted (~> 3.0.0) awesome_print (~> 1.2.0) babosa (~> 1.0.2) base32 (~> 0.3.0) + batch-loader (~> 1.2.1) bcrypt_pbkdf (~> 1.0) benchmark-ips (~> 2.3.0) better_errors (~> 2.1.0) @@ -955,10 +1012,10 @@ DEPENDENCIES browser (~> 2.2) bullet (~> 5.5.0) bundler-audit (~> 0.5.0) - capybara (~> 2.6.2) + capybara (~> 2.15) capybara-screenshot (~> 1.0.0) - carrierwave (~> 1.1) - charlock_holmes (~> 0.7.3) + carrierwave (~> 1.2) + charlock_holmes (~> 0.7.5) chronic (~> 0.10.2) chronic_duration (~> 0.10.6) concurrent-ruby (~> 1.0.5) @@ -972,17 +1029,19 @@ DEPENDENCIES devise-two-factor (~> 3.0.0) diffy (~> 3.1.0) doorkeeper (~> 4.2.0) - doorkeeper-openid_connect (~> 1.1.0) + doorkeeper-openid_connect (~> 1.2.0) dropzonejs-rails (~> 0.7.1) email_reply_trimmer (~> 0.1) email_spec (~> 1.6.0) - factory_girl_rails (~> 4.7.0) + factory_bot_rails (~> 4.8.2) faraday (~> 0.12) + fast_blank ffaker (~> 2.4) - flay (~> 2.8.0) - flipper (~> 0.10.2) - flipper-active_record (~> 0.10.2) - fog-aliyun (~> 0.1.0) + flay (~> 2.10.0) + flipper (~> 0.11.0) + flipper-active_record (~> 0.11.0) + flipper-active_support_cache_store (~> 0.11.0) + fog-aliyun (~> 0.2.0) fog-aws (~> 1.4) fog-core (~> 1.44) fog-google (~> 0.5) @@ -997,19 +1056,22 @@ DEPENDENCIES gettext (~> 3.2.2) gettext_i18n_rails (~> 1.8.0) gettext_i18n_rails_js (~> 1.2.0) - gitaly (~> 0.26.0) + gitaly-proto (~> 0.84.0) github-linguist (~> 4.7.0) gitlab-flowdock-git-hook (~> 1.0.1) - gitlab-markup (~> 1.5.1) - gitlab_omniauth-ldap (~> 2.0.3) + gitlab-markup (~> 1.6.2) + gitlab-styles (~> 2.3) + gitlab_omniauth-ldap (~> 2.0.4) gollum-lib (~> 4.2) gollum-rugged_adapter (~> 0.4.4) gon (~> 6.1.0) - google-api-client (~> 0.8.6) + google-api-client (~> 0.13.6) + google-protobuf (= 3.5.1) gpgme - grape (~> 0.19.2) + grape (~> 1.0) grape-entity (~> 0.6.0) - grape-route-helpers (~> 2.0.0) + grape-route-helpers (~> 2.1.0) + grape_logging (~> 1.7) haml_lint (~> 0.26.0) hamlit (~> 2.6.1) hashie-forbidden_attributes @@ -1019,16 +1081,16 @@ DEPENDENCIES html2text httparty (~> 0.13.3) influxdb (~> 0.2) - jira-ruby (~> 1.1.2) + jira-ruby (~> 1.4) jquery-atwho-rails (~> 1.3.2) - jquery-rails (~> 4.1.0) - json-schema (~> 2.6.2) + jquery-rails (~> 4.3.1) + json-schema (~> 2.8.0) jwt (~> 1.5.6) kaminari (~> 1.0) knapsack (~> 1.11.0) kubeclient (~> 2.2.0) letter_opener_web (~> 1.3.0) - license_finder (~> 2.1.0) + license_finder (~> 3.1) licensee (~> 8.7.0) lograge (~> 0.5) loofah (~> 2.0.3) @@ -1036,22 +1098,22 @@ DEPENDENCIES method_source (~> 0.8) minitest (~> 5.7.0) mousetrap-rails (~> 1.4.6) - mysql2 (~> 0.4.5) + mysql2 (~> 0.4.10) net-ldap net-ssh (~> 4.1.0) - nokogiri (~> 1.8.0) + nokogiri (~> 1.8.2) oauth2 (~> 1.4) octokit (~> 4.6.2) oj (~> 2.17.4) omniauth (~> 1.4.2) omniauth-auth0 (~> 1.4.1) omniauth-authentiq (~> 0.3.1) - omniauth-azure-oauth2 (~> 0.0.6) + omniauth-azure-oauth2 (~> 0.0.9) omniauth-cas3 (~> 1.1.4) omniauth-facebook (~> 4.0.0) omniauth-github (~> 1.1.1) omniauth-gitlab (~> 1.0.2) - omniauth-google-oauth2 (~> 0.4.1) + omniauth-google-oauth2 (~> 0.5.2) omniauth-kerberos (~> 0.3.0) omniauth-oauth2-generic (~> 0.2.2) omniauth-saml (~> 1.7.0) @@ -1059,7 +1121,6 @@ DEPENDENCIES omniauth-twitter (~> 1.2.0) omniauth_crowd (~> 2.2.0) org-ruby (~> 0.9.12) - paranoia (~> 2.3.1) peek (~> 1.0.1) peek-gc (~> 0.0.2) peek-host (~> 1.0.0) @@ -1070,22 +1131,21 @@ DEPENDENCIES peek-redis (~> 1.2.0) peek-sidekiq (~> 1.0.3) pg (~> 0.18.2) - poltergeist (~> 1.9.0) premailer-rails (~> 1.9.7) - prometheus-client-mmap (~> 0.7.0.beta14) + prometheus-client-mmap (~> 0.9.1) pry-byebug (~> 3.4.1) pry-rails (~> 0.3.4) rack-attack (~> 4.4.1) - rack-cors (~> 0.4.0) + rack-cors (~> 1.0.0) rack-oauth2 (~> 1.2.1) rack-proxy (~> 0.6.0) - rails (= 4.2.8) + rails (= 4.2.10) rails-deprecated_sanitizer (~> 1.0.3) rails-i18n (~> 4.0.9) rainbow (~> 2.2) raindrops (~> 0.18) rblineprof (~> 0.3.6) - rbnacl (~> 3.2) + rbnacl (~> 4.0) rbnacl-libsodium rdoc (~> 4.2) re2 (~> 1.1.1) @@ -1093,17 +1153,18 @@ DEPENDENCIES redcarpet (~> 3.4) redis (~> 3.2) redis-namespace (~> 1.5.2) - redis-rails (~> 5.0.1) + redis-rails (~> 5.0.2) request_store (~> 1.3) responders (~> 2.0) rouge (~> 2.0) rqrcode-rails3 (~> 0.1.7) + rspec-parameterized rspec-rails (~> 3.6.0) rspec-retry (~> 0.4.5) rspec-set (~> 0.1.3) rspec_profiling (~> 0.0.5) - rubocop (~> 0.49.1) - rubocop-rspec (~> 1.15.1) + rubocop (~> 0.52.1) + rubocop-rspec (~> 1.22.1) ruby-fogbugz (~> 0.2.1) ruby-prof (~> 0.16.2) ruby_parser (~> 3.8) @@ -1111,9 +1172,10 @@ DEPENDENCIES rugged (~> 0.26.0) sanitize (~> 2.0) sass-rails (~> 5.0.6) - scss_lint (~> 0.54.0) - seed-fu (~> 2.3.5) + scss_lint (~> 0.56.0) + seed-fu (~> 2.3.7) select2-rails (~> 3.5.9) + selenium-webdriver (~> 3.5) sentry-raven (~> 2.5.3) settingslogic (~> 2.0.9) sham_rack (~> 1.3.6) @@ -1121,6 +1183,7 @@ DEPENDENCIES sidekiq (~> 5.0) sidekiq-cron (~> 0.6.0) sidekiq-limit_fetch (~> 3.4) + simple_po_parser (~> 1.1.2) simplecov (~> 0.14.0) slack-notifier (~> 1.5.1) spinach-rails (~> 0.2.1) @@ -1132,6 +1195,7 @@ DEPENDENCIES stackprof (~> 0.2.10) state_machines-activerecord (~> 0.4.0) sys-filesystem (~> 1.1.6) + test-prof (~> 0.2.5) test_after_commit (~> 1.1) thin (~> 1.7.0) timecop (~> 0.8.0) @@ -1139,7 +1203,6 @@ DEPENDENCIES truncato (~> 0.7.9) u2f (~> 0.2.1) uglifier (~> 2.7.2) - underscore-rails (~> 1.8.0) unf (~> 0.1.4) unicorn (~> 5.1.0) unicorn-worker-killer (~> 0.4.4) @@ -1152,4 +1215,4 @@ DEPENDENCIES wikicloth (= 0.8.1) BUNDLED WITH - 1.15.3 + 1.16.1 diff --git a/LICENSE b/LICENSE index ad4f2872db..15c423e141 100644 --- a/LICENSE +++ b/LICENSE @@ -1,5 +1,7 @@ Copyright (c) 2011-2017 GitLab B.V. +With regard to the GitLab Software: + Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights @@ -17,3 +19,7 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +For all third party components incorporated into the GitLab Software, those +components are licensed under the original license provided by the owner of the +applicable component. \ No newline at end of file diff --git a/MAINTENANCE.md b/MAINTENANCE.md index 1efb2a35f6..5cf9fee1a1 100644 --- a/MAINTENANCE.md +++ b/MAINTENANCE.md @@ -1,35 +1,3 @@ # GitLab Maintenance Policy -GitLab follows the [Semantic Versioning](http://semver.org/) for its releases: -`(Major).(Minor).(Patch)` in a [pragmatic way]. - -- **Major version**: Whenever there is something significant or any backwards - incompatible changes are introduced to the public API. -- **Minor version**: When new, backwards compatible functionality is introduced - to the public API or a minor feature is introduced, or when a set of smaller - features is rolled out. -- **Patch number**: When backwards compatible bug fixes are introduced that fix - incorrect behavior. - -The current stable release will receive security patches and bug fixes -(eg. `8.9.0` -> `8.9.1`). Feature releases will mark the next supported stable -release where the minor version is increased numerically by increments of one -(eg. `8.9 -> 8.10`). - -Our current policy is to support one stable release at any given time, but for -medium-level security issues, we may consider [backporting to the previous two -monthly releases][rel-sec]. - -We encourage everyone to run the latest stable release to ensure that you can -easily upgrade to the most secure and feature-rich GitLab experience. In order -to make sure you can easily run the most recent stable release, we are working -hard to keep the update process simple and reliable. - -More information about the release procedures can be found in our -[release-tools documentation][rel]. You may also want to read our -[Responsible Disclosure Policy][disclosure]. - -[rel-sec]: https://gitlab.com/gitlab-org/release-tools/blob/master/doc/security.md#backporting -[rel]: https://gitlab.com/gitlab-org/release-tools/blob/master/doc/ -[disclosure]: https://about.gitlab.com/disclosure/ -[pragmatic way]: https://gist.github.com/jashkenas/cbd2b088e20279ae2c8e +See [doc/policy/maintenance.md](doc/policy/maintenance.md) diff --git a/PROCESS.md b/PROCESS.md index 2b3d142bf7..99af3be7f1 100644 --- a/PROCESS.md +++ b/PROCESS.md @@ -1,4 +1,4 @@ -## GitLab Core Team & GitLab Inc. Contribution Process +## GitLab core team & GitLab Inc. contribution process --- @@ -85,7 +85,8 @@ These types of merge requests for the upcoming release need special consideratio and a dedicated team with front-end, back-end, and UX. * **Small features**: any other feature request. -**Large features** must be with a maintainer **by the 1st**. This means that: +It is strongly recommended that **large features** be with a maintainer **by the +1st**. This means that: * There is a merge request (even if it's WIP). * The person (or people, if it needs a frontend and backend maintainer) who will @@ -100,14 +101,37 @@ The maintainer can also choose to assign a reviewer to perform an initial review, but this way the maintainer is unlikely to be surprised by receiving an MR later in the cycle. -**Small features** must be with a reviewer (not necessarily maintainer) **by the -3rd**. +It is strongly recommended that **small features** be with a reviewer (not +necessarily a maintainer) **by the 3rd**. Most merge requests from the community do not have a specific release target. However, if one does and falls into either of the above categories, it's the reviewer's responsibility to manage the above communication and assignment on behalf of the community member. +#### What happens if these deadlines are missed? + +If a small or large feature is _not_ with a maintainer or reviewer by the +recommended date, this does _not_ mean that maintainers or reviewers will refuse +to review or merge it, or that the feature will definitely not make it in before +the feature freeze. + +However, with every day that passes without review, it will become more likely +that the feature will slip, because maintainers and reviewers may not have +enough time to do a thorough review, and developers may not have enough time to +adequately address any feedback that may come back. + +A maintainer or reviewer may also determine that it will not be possible to +finish the current scope of the feature in time, but that it is possible to +reduce the scope so that something can still ship this month, with the remaining +scope moving to the next release. The sooner this decision is made, in +conversation with the Product Manager and developer, the more time there is to +extract that which is now out of scope, and to finish that which remains in scope. + +For these reasons, it is strongly recommended to follow the guidelines above, +to maximize the chances of your feature making it in before the feature freeze, +and to prevent any last minute surprises. + ### On the 7th Merge requests should still be complete, following the @@ -119,20 +143,54 @@ only be left until after the freeze if: are aware of it. * It is in the correct milestone, with the ~Deliverable label. +If a merge request is not ready, but the developers and Product Manager +responsible for the feature think it is essential that it is in the release, +they can [ask for an exception](#asking-for-an-exception) in advance. This is +preferable to merging something that we are not confident in, but should still +be a rare case: most features can be allowed to slip a release. + All Community Edition merge requests from GitLab team members merged on the freeze date (the 7th) should have a corresponding Enterprise Edition merge request, even if there are no conflicts. This is to reduce the size of the subsequent EE merge, as we often merge a lot to CE on the release date. For more information, see -[limit conflicts with EE when developing on CE][limit_ee_conflicts]. +[Automatic CE->EE merge][automatic_ce_ee_merge] and +[Guidelines for implementing Enterprise Edition features][ee_features]. ### After the 7th -Once the stable branch is frozen, only fixes for [regressions](#regressions) -and security issues will be cherry-picked into the stable branch. -Any merge requests cherry-picked into the stable branch for a previous release will also be picked into the latest stable branch. -These fixes will be shipped in the next RC for that release if it is before the 22nd. -If the fixes are are completed on or after the 22nd, they will be shipped in a patch for that release. +Once the stable branch is frozen, the only MRs that can be cherry-picked into +the stable branch are: + +* Fixes for [regressions](#regressions) +* Fixes for security issues +* New or updated translations (as long as they do not touch application code) + +During the feature freeze all merge requests that are meant to go into the +upcoming release should have the correct milestone assigned _and_ the +`Pick into X.Y` label where `X.Y` is equal to the milestone, so that release +managers can find and pick them. +Merge requests without this label will not be picked into the stable release. + +For example, if the upcoming release is `10.2.0` you will need to set the +`Pick into 10.2` label. + +Fixes marked like this will be shipped in the next RC (before the 22nd), or the +next patch release. + +If a merge request is to be picked into more than one release it will need one +`Pick into X.Y` label per release where the merge request should be back-ported +to. + +For example, if the current patch release is `10.1.1` and a regression fix needs +to be backported down to the `9.5` release, you will need to assign it the +`10.1` milestone and the following labels: + +- `Pick into 10.1` +- `Pick into 10.0` +- `Pick into 9.5` + +### Asking for an exception If you think a merge request should go into an RC or patch even though it does not meet these requirements, you can ask for an exception to be made. Exceptions require sign-off from 3 people besides the developer: @@ -152,11 +210,7 @@ When in doubt, we err on the side of _not_ cherry-picking. For example, it is likely that an exception will be made for a trivial 1-5 line performance improvement (e.g. adding a database index or adding `includes` to a query), but not for a new feature, no matter how relatively small or thoroughly tested. -During the feature freeze all merge requests that are meant to go into the upcoming -release should have the correct milestone assigned _and_ have the label -~"Pick into Stable" set, so that release managers can find and pick them. -Merge requests without a milestone and this label will -not be merged into any stable branches. +All MRs which have had exceptions granted must be merged by the 15th. ### Regressions @@ -176,28 +230,15 @@ month. When we say 'the most recent monthly release', this can refer to either the version currently running on GitLab.com, or the most recent version available in the package repositories. +A regression issue should be labeled with the appropriate [subject label](../CONTRIBUTING.md#subject-labels-wiki-container-registry-ldap-api-etc) +and [team label](../CONTRIBUTING.md#team-labels-ci-discussion-edge-platform-etc), +just like any other issue, to help GitLab team members focus on issues that are +relevant to [their area of responsibility](https://about.gitlab.com/handbook/engineering/workflow/#choosing-something-to-work-on). + ## Release retrospective and kickoff -### Retrospective - -After each release, we have a retrospective call where we discuss what went well, -what went wrong, and what we can improve for the next release. The -[retrospective notes] are public and you are invited to comment on them. -If you're interested, you can even join the -[retrospective call][retro-kickoff-call], on the first working day after the -22nd at 6pm CET / 9am PST. - -### Kickoff - -Before working on the next release, we have a -kickoff call to explain what we expect to ship in the next release. The -[kickoff notes] are public and you are invited to comment on them. -If you're interested, you can even join the [kickoff call][retro-kickoff-call], -on the first working day after the 7th at 6pm CET / 9am PST.. - -[retrospective notes]: https://docs.google.com/document/d/1nEkM_7Dj4bT21GJy0Ut3By76FZqCfLBmFQNVThmW2TY/edit?usp=sharing -[kickoff notes]: https://docs.google.com/document/d/1ElPkZ90A8ey_iOkTvUs_ByMlwKK6NAB2VOK5835wYK0/edit?usp=sharing -[retro-kickoff-call]: https://gitlab.zoom.us/j/918821206 +- [Retrospective](https://about.gitlab.com/handbook/engineering/workflow/#retrospective) +- [Kickoff](https://about.gitlab.com/handbook/engineering/workflow/#kickoff) ## Copy & paste responses @@ -265,4 +306,5 @@ still an issue I encourage you to open it on the [GitLab.com issue tracker](http ["Implement design & UI elements" guidelines]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#implement-design-ui-elements [Thoughtbot code review guide]: https://github.com/thoughtbot/guides/tree/master/code-review [done]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#definition-of-done -[limit_ee_conflicts]: https://docs.gitlab.com/ce/development/limit_ee_conflicts.html +[automatic_ce_ee_merge]: https://docs.gitlab.com/ce/development/automatic_ce_ee_merge.html +[ee_features]: https://docs.gitlab.com/ce/development/ee_features.html diff --git a/README.md b/README.md index 9309922ae3..9ead6d51c5 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,7 @@ [![Build status](https://gitlab.com/gitlab-org/gitlab-ce/badges/master/build.svg)](https://gitlab.com/gitlab-org/gitlab-ce/commits/master) [![Overall test coverage](https://gitlab.com/gitlab-org/gitlab-ce/badges/master/coverage.svg)](https://gitlab.com/gitlab-org/gitlab-ce/pipelines) +[![Dependency Status](https://gemnasium.com/gitlabhq/gitlabhq.svg)](https://gemnasium.com/gitlabhq/gitlabhq) [![Code Climate](https://codeclimate.com/github/gitlabhq/gitlabhq.svg)](https://codeclimate.com/github/gitlabhq/gitlabhq) [![Core Infrastructure Initiative Best Practices](https://bestpractices.coreinfrastructure.org/projects/42/badge)](https://bestpractices.coreinfrastructure.org/projects/42) [![Gitter](https://badges.gitter.im/gitlabhq/gitlabhq.svg)](https://gitter.im/gitlabhq/gitlabhq?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge) diff --git a/VERSION b/VERSION index 44711452c7..23b7528bc2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -9.5.4 +10.5.5 diff --git a/app/assets/images/auth_buttons/signin_with_google.png b/app/assets/images/auth_buttons/signin_with_google.png new file mode 100644 index 0000000000..f27bb24330 Binary files /dev/null and b/app/assets/images/auth_buttons/signin_with_google.png differ diff --git a/app/assets/images/emoji.png b/app/assets/images/emoji.png index 5dcd9c09b7..723c2c3f4c 100644 Binary files a/app/assets/images/emoji.png and b/app/assets/images/emoji.png differ diff --git a/app/assets/images/emoji/gay_pride_flag.png b/app/assets/images/emoji/gay_pride_flag.png new file mode 100644 index 0000000000..1bec5f2ffd Binary files /dev/null and b/app/assets/images/emoji/gay_pride_flag.png differ diff --git a/app/assets/images/emoji/mrs_claus.png b/app/assets/images/emoji/mrs_claus.png index 078f0657f9..9cf2458df1 100644 Binary files a/app/assets/images/emoji/mrs_claus.png and b/app/assets/images/emoji/mrs_claus.png differ diff --git a/app/assets/images/emoji/speech_left.png b/app/assets/images/emoji/speech_left.png new file mode 100644 index 0000000000..00c05959bc Binary files /dev/null and b/app/assets/images/emoji/speech_left.png differ diff --git a/app/assets/images/emoji@2x.png b/app/assets/images/emoji@2x.png index b0fa9e1139..987279c13c 100644 Binary files a/app/assets/images/emoji@2x.png and b/app/assets/images/emoji@2x.png differ diff --git a/app/assets/images/favicon-blue.ico b/app/assets/images/favicon-blue.ico old mode 100755 new mode 100644 diff --git a/app/assets/images/file_icons.svg b/app/assets/images/file_icons.svg new file mode 100644 index 0000000000..26ec1a6b38 --- /dev/null +++ b/app/assets/images/file_icons.svg @@ -0,0 +1 @@ +api-blueprintLayer 1Browserslist logoBrowserslist logoCfcucumber-mark-transparent-pipsNVIDIA-LogoDartGroup 3Group 3Group 3Asset 3logoklLayer 1MMocha Logonodemonnpostcss-logo-symbolprettier-icon-darkGroupGroup 2stylelint-icon-whitestylelint-icon-blackTEXTShoudinibadgeBrandVisualStudioCodewolframLanguage \ No newline at end of file diff --git a/app/assets/images/icons.json b/app/assets/images/icons.json new file mode 100644 index 0000000000..19843d24e2 --- /dev/null +++ b/app/assets/images/icons.json @@ -0,0 +1 @@ +{"iconCount":191,"spriteSize":86607,"icons":["abuse","account","admin","angle-double-left","angle-double-right","angle-down","angle-left","angle-right","angle-up","appearance","applications","approval","arrow-down","arrow-right","assignee","bold","book","bookmark","branch","bullhorn","calendar","cancel","chart","chevron-down","chevron-left","chevron-right","chevron-up","clock","close","code","collapse","comment-dots","comment-next","comment","comments","commit","credit-card","cut","dashboard","disk","doc_code","doc_image","doc_text","double-headed-arrow","download","duplicate","earth","ellipsis_v","emoji_slightly_smiling_face","emoji_smile","emoji_smiley","epic","external-link","eye-slash","eye","file-addition","file-deletion","file-modified","filter","folder-o","folder-open","folder","fork","geo-nodes","git-merge","group","history","home","hook","hourglass","image-comment-dark","image-comment-light","import","issue-block","issue-child","issue-close","issue-duplicate","issue-external","issue-new","issue-open-m","issue-open","issue-parent","issues","italic","key-2","key","label","labels","leave","level-up","license","link","list-bulleted","list-numbered","location-dot","location","lock-open","lock","log","mail","menu","merge-request-close","messages","mobile-issue-close","monitor","more","notifications-off","notifications","overview","pencil-square","pencil","pipeline","play","plus-square-o","plus-square","plus","podcast","preferences","profile","project","push-rules","question-o","question","quote","redo","remove","repeat","retry","scale","screen-full","screen-normal","scroll_down","scroll_up","search","settings","shield","slight-frown","slight-smile","smile","smiley","snippet","soft-unwrap","soft-wrap","spam","spinner","staged","star-o","star","status_canceled_borderless","status_canceled","status_closed","status_created_borderless","status_created","status_failed_borderless","status_failed","status_manual_borderless","status_manual","status_notfound_borderless","status_notfound","status_open","status_pending_borderless","status_pending","status_running_borderless","status_running","status_skipped_borderless","status_skipped","status_success_borderless","status_success_solid","status_success","status_warning_borderless","status_warning","stop","task-done","template","terminal","thumb-down","thumb-up","thumbtack","timer","todo-add","todo-done","token","unapproval","unassignee","unlink","unstaged","user","users","volume-up","warning","work"]} \ No newline at end of file diff --git a/app/assets/images/icons.svg b/app/assets/images/icons.svg new file mode 100644 index 0000000000..6aec54d054 --- /dev/null +++ b/app/assets/images/icons.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/cluster_popover.svg b/app/assets/images/illustrations/cluster_popover.svg new file mode 100644 index 0000000000..202231373f --- /dev/null +++ b/app/assets/images/illustrations/cluster_popover.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/clusters_empty.svg b/app/assets/images/illustrations/clusters_empty.svg new file mode 100644 index 0000000000..39627a1c31 --- /dev/null +++ b/app/assets/images/illustrations/clusters_empty.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/convdev_no_data.svg b/app/assets/images/illustrations/convdev/convdev_no_data.svg new file mode 100644 index 0000000000..b90eddcccf --- /dev/null +++ b/app/assets/images/illustrations/convdev/convdev_no_data.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/convdev_no_index.svg b/app/assets/images/illustrations/convdev/convdev_no_index.svg new file mode 100644 index 0000000000..4aaf505e0b --- /dev/null +++ b/app/assets/images/illustrations/convdev/convdev_no_index.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/convdev_overview.svg b/app/assets/images/illustrations/convdev/convdev_overview.svg new file mode 100644 index 0000000000..a06d70812c --- /dev/null +++ b/app/assets/images/illustrations/convdev/convdev_overview.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/i2p_step_1.svg b/app/assets/images/illustrations/convdev/i2p_step_1.svg new file mode 100644 index 0000000000..67467b1513 --- /dev/null +++ b/app/assets/images/illustrations/convdev/i2p_step_1.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/i2p_step_10.svg b/app/assets/images/illustrations/convdev/i2p_step_10.svg new file mode 100644 index 0000000000..588ecd8141 --- /dev/null +++ b/app/assets/images/illustrations/convdev/i2p_step_10.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/i2p_step_2.svg b/app/assets/images/illustrations/convdev/i2p_step_2.svg new file mode 100644 index 0000000000..4280024c23 --- /dev/null +++ b/app/assets/images/illustrations/convdev/i2p_step_2.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/i2p_step_3.svg b/app/assets/images/illustrations/convdev/i2p_step_3.svg new file mode 100644 index 0000000000..7690f91b42 --- /dev/null +++ b/app/assets/images/illustrations/convdev/i2p_step_3.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/i2p_step_4.svg b/app/assets/images/illustrations/convdev/i2p_step_4.svg new file mode 100644 index 0000000000..ba21b9e2c3 --- /dev/null +++ b/app/assets/images/illustrations/convdev/i2p_step_4.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/i2p_step_5.svg b/app/assets/images/illustrations/convdev/i2p_step_5.svg new file mode 100644 index 0000000000..3c8f8422a9 --- /dev/null +++ b/app/assets/images/illustrations/convdev/i2p_step_5.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/i2p_step_6.svg b/app/assets/images/illustrations/convdev/i2p_step_6.svg new file mode 100644 index 0000000000..933860798a --- /dev/null +++ b/app/assets/images/illustrations/convdev/i2p_step_6.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/i2p_step_7.svg b/app/assets/images/illustrations/convdev/i2p_step_7.svg new file mode 100644 index 0000000000..d97c8f7c2d --- /dev/null +++ b/app/assets/images/illustrations/convdev/i2p_step_7.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/i2p_step_8.svg b/app/assets/images/illustrations/convdev/i2p_step_8.svg new file mode 100644 index 0000000000..919bbeff31 --- /dev/null +++ b/app/assets/images/illustrations/convdev/i2p_step_8.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/convdev/i2p_step_9.svg b/app/assets/images/illustrations/convdev/i2p_step_9.svg new file mode 100644 index 0000000000..2d1b10d430 --- /dev/null +++ b/app/assets/images/illustrations/convdev/i2p_step_9.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/epics.svg b/app/assets/images/illustrations/epics.svg new file mode 100644 index 0000000000..1a37e6bba5 --- /dev/null +++ b/app/assets/images/illustrations/epics.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/gitlab_logo.svg b/app/assets/images/illustrations/gitlab_logo.svg new file mode 100644 index 0000000000..8dbd75a340 --- /dev/null +++ b/app/assets/images/illustrations/gitlab_logo.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/image_comment_light_cursor.svg b/app/assets/images/illustrations/image_comment_light_cursor.svg new file mode 100644 index 0000000000..ac712ea0c9 --- /dev/null +++ b/app/assets/images/illustrations/image_comment_light_cursor.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/image_comment_light_cursor@2x.svg b/app/assets/images/illustrations/image_comment_light_cursor@2x.svg new file mode 100644 index 0000000000..02943acd9d --- /dev/null +++ b/app/assets/images/illustrations/image_comment_light_cursor@2x.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/issues.svg b/app/assets/images/illustrations/issues.svg new file mode 100644 index 0000000000..c8e0504732 --- /dev/null +++ b/app/assets/images/illustrations/issues.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/job_not_triggered.svg b/app/assets/images/illustrations/job_not_triggered.svg new file mode 100644 index 0000000000..e13c1cb0a7 --- /dev/null +++ b/app/assets/images/illustrations/job_not_triggered.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/labels.svg b/app/assets/images/illustrations/labels.svg new file mode 100644 index 0000000000..3a2d521323 --- /dev/null +++ b/app/assets/images/illustrations/labels.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/logos/go_logo.svg b/app/assets/images/illustrations/logos/go_logo.svg new file mode 100644 index 0000000000..7fd4911800 --- /dev/null +++ b/app/assets/images/illustrations/logos/go_logo.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/logos/mattermost_logo.svg b/app/assets/images/illustrations/logos/mattermost_logo.svg new file mode 100644 index 0000000000..b577c0599a --- /dev/null +++ b/app/assets/images/illustrations/logos/mattermost_logo.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/manual_action.svg b/app/assets/images/illustrations/manual_action.svg new file mode 100644 index 0000000000..85735855b4 --- /dev/null +++ b/app/assets/images/illustrations/manual_action.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/merge_request_changes_empty.svg b/app/assets/images/illustrations/merge_request_changes_empty.svg new file mode 100644 index 0000000000..40efeb2de5 --- /dev/null +++ b/app/assets/images/illustrations/merge_request_changes_empty.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/merge_requests.svg b/app/assets/images/illustrations/merge_requests.svg new file mode 100644 index 0000000000..b9b8f0058e --- /dev/null +++ b/app/assets/images/illustrations/merge_requests.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/monitoring/getting_started.svg b/app/assets/images/illustrations/monitoring/getting_started.svg new file mode 100644 index 0000000000..ff783bdd38 --- /dev/null +++ b/app/assets/images/illustrations/monitoring/getting_started.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/monitoring/loading.svg b/app/assets/images/illustrations/monitoring/loading.svg new file mode 100644 index 0000000000..1e196fc8ad --- /dev/null +++ b/app/assets/images/illustrations/monitoring/loading.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/monitoring/unable_to_connect.svg b/app/assets/images/illustrations/monitoring/unable_to_connect.svg new file mode 100644 index 0000000000..314c052f93 --- /dev/null +++ b/app/assets/images/illustrations/monitoring/unable_to_connect.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/multi-editor_all_changes_committed_empty.svg b/app/assets/images/illustrations/multi-editor_all_changes_committed_empty.svg new file mode 100644 index 0000000000..06d73941c3 --- /dev/null +++ b/app/assets/images/illustrations/multi-editor_all_changes_committed_empty.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/multi-editor_no_changes_empty.svg b/app/assets/images/illustrations/multi-editor_no_changes_empty.svg new file mode 100644 index 0000000000..ebeea1f3dd --- /dev/null +++ b/app/assets/images/illustrations/multi-editor_no_changes_empty.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/multi-editor_no_staged_files_empty.svg b/app/assets/images/illustrations/multi-editor_no_staged_files_empty.svg new file mode 100644 index 0000000000..08321ef526 --- /dev/null +++ b/app/assets/images/illustrations/multi-editor_no_staged_files_empty.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/multi_file_editor_empty.svg b/app/assets/images/illustrations/multi_file_editor_empty.svg new file mode 100644 index 0000000000..bd376f0a05 --- /dev/null +++ b/app/assets/images/illustrations/multi_file_editor_empty.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/no_commits.svg b/app/assets/images/illustrations/no_commits.svg new file mode 100644 index 0000000000..76fa25156d --- /dev/null +++ b/app/assets/images/illustrations/no_commits.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/pending_job_empty.svg b/app/assets/images/illustrations/pending_job_empty.svg new file mode 100644 index 0000000000..8de695afa1 --- /dev/null +++ b/app/assets/images/illustrations/pending_job_empty.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/pipelines_empty.svg b/app/assets/images/illustrations/pipelines_empty.svg new file mode 100644 index 0000000000..f3107c8f06 --- /dev/null +++ b/app/assets/images/illustrations/pipelines_empty.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/pipelines_failed.svg b/app/assets/images/illustrations/pipelines_failed.svg new file mode 100644 index 0000000000..8daf7da86e --- /dev/null +++ b/app/assets/images/illustrations/pipelines_failed.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/pipelines_pending.svg b/app/assets/images/illustrations/pipelines_pending.svg new file mode 100644 index 0000000000..25038366e9 --- /dev/null +++ b/app/assets/images/illustrations/pipelines_pending.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/priority_labels.svg b/app/assets/images/illustrations/priority_labels.svg new file mode 100644 index 0000000000..b79c551d3d --- /dev/null +++ b/app/assets/images/illustrations/priority_labels.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/service_desk_callout.svg b/app/assets/images/illustrations/service_desk_callout.svg new file mode 100644 index 0000000000..2886388279 --- /dev/null +++ b/app/assets/images/illustrations/service_desk_callout.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/service_desk_empty.svg b/app/assets/images/illustrations/service_desk_empty.svg new file mode 100644 index 0000000000..daaaeae6a1 --- /dev/null +++ b/app/assets/images/illustrations/service_desk_empty.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/slack_logo.svg b/app/assets/images/illustrations/slack_logo.svg new file mode 100644 index 0000000000..b8d7906c2e --- /dev/null +++ b/app/assets/images/illustrations/slack_logo.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/todos_all_done.svg b/app/assets/images/illustrations/todos_all_done.svg new file mode 100644 index 0000000000..6387497a6f --- /dev/null +++ b/app/assets/images/illustrations/todos_all_done.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/todos_empty.svg b/app/assets/images/illustrations/todos_empty.svg new file mode 100644 index 0000000000..4de6cb403b --- /dev/null +++ b/app/assets/images/illustrations/todos_empty.svg @@ -0,0 +1 @@ +@ \ No newline at end of file diff --git a/app/assets/images/illustrations/welcome/add_new_group.svg b/app/assets/images/illustrations/welcome/add_new_group.svg new file mode 100644 index 0000000000..b10a3ae881 --- /dev/null +++ b/app/assets/images/illustrations/welcome/add_new_group.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/welcome/add_new_project.svg b/app/assets/images/illustrations/welcome/add_new_project.svg new file mode 100644 index 0000000000..4b8dc34c08 --- /dev/null +++ b/app/assets/images/illustrations/welcome/add_new_project.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/welcome/add_new_user.svg b/app/assets/images/illustrations/welcome/add_new_user.svg new file mode 100644 index 0000000000..d4c184989b --- /dev/null +++ b/app/assets/images/illustrations/welcome/add_new_user.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/welcome/configure_server.svg b/app/assets/images/illustrations/welcome/configure_server.svg new file mode 100644 index 0000000000..f9dda816f1 --- /dev/null +++ b/app/assets/images/illustrations/welcome/configure_server.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/welcome/ee_trial.svg b/app/assets/images/illustrations/welcome/ee_trial.svg new file mode 100644 index 0000000000..6d0dcf0020 --- /dev/null +++ b/app/assets/images/illustrations/welcome/ee_trial.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/welcome/globe.svg b/app/assets/images/illustrations/welcome/globe.svg new file mode 100644 index 0000000000..c2daae5f31 --- /dev/null +++ b/app/assets/images/illustrations/welcome/globe.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/welcome/lightbulb.svg b/app/assets/images/illustrations/welcome/lightbulb.svg new file mode 100644 index 0000000000..fce1031208 --- /dev/null +++ b/app/assets/images/illustrations/welcome/lightbulb.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/wiki-fro-logged-out-users.svg b/app/assets/images/illustrations/wiki-fro-logged-out-users.svg new file mode 100644 index 0000000000..c71841f72e --- /dev/null +++ b/app/assets/images/illustrations/wiki-fro-logged-out-users.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/wiki_login_empty.svg b/app/assets/images/illustrations/wiki_login_empty.svg new file mode 100644 index 0000000000..1cfa47220a --- /dev/null +++ b/app/assets/images/illustrations/wiki_login_empty.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/illustrations/wiki_logout_empty.svg b/app/assets/images/illustrations/wiki_logout_empty.svg new file mode 100644 index 0000000000..c71841f72e --- /dev/null +++ b/app/assets/images/illustrations/wiki_logout_empty.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/app/assets/images/multi-editor-off.png b/app/assets/images/multi-editor-off.png new file mode 100644 index 0000000000..82a6127f85 Binary files /dev/null and b/app/assets/images/multi-editor-off.png differ diff --git a/app/assets/images/multi-editor-on.png b/app/assets/images/multi-editor-on.png new file mode 100644 index 0000000000..d51b68da98 Binary files /dev/null and b/app/assets/images/multi-editor-on.png differ diff --git a/app/assets/images/new_nav.png b/app/assets/images/new_nav.png deleted file mode 100644 index f98ca15d78..0000000000 Binary files a/app/assets/images/new_nav.png and /dev/null differ diff --git a/app/assets/images/old_nav.png b/app/assets/images/old_nav.png deleted file mode 100644 index 23fae7aa19..0000000000 Binary files a/app/assets/images/old_nav.png and /dev/null differ diff --git a/app/assets/javascripts/activities.js b/app/assets/javascripts/activities.js index 5d060165f4..6a0662ba90 100644 --- a/app/assets/javascripts/activities.js +++ b/app/assets/javascripts/activities.js @@ -1,9 +1,10 @@ /* eslint-disable no-param-reassign, class-methods-use-this */ -/* global Pager */ import Cookies from 'js-cookie'; +import Pager from './pager'; +import { localTimeAgo } from './lib/utils/datetime_utility'; -class Activities { +export default class Activities { constructor() { Pager.init(20, true, false, data => data, this.updateTooltips); @@ -15,7 +16,7 @@ class Activities { } updateTooltips() { - gl.utils.localTimeAgo($('.js-timeago', '.content_list')); + localTimeAgo($('.js-timeago', '.content_list')); } reloadActivities() { @@ -33,6 +34,3 @@ class Activities { $sender.closest('li').toggleClass('active'); } } - -window.gl = window.gl || {}; -window.gl.Activities = Activities; diff --git a/app/assets/javascripts/admin.js b/app/assets/javascripts/admin.js deleted file mode 100644 index 34669dd13d..0000000000 --- a/app/assets/javascripts/admin.js +++ /dev/null @@ -1,62 +0,0 @@ -/* eslint-disable func-names, space-before-function-paren, wrap-iife, one-var, no-var, one-var-declaration-per-line, no-unused-vars, no-else-return, prefer-arrow-callback, camelcase, quotes, comma-dangle, max-len */ - -window.Admin = (function() { - function Admin() { - var modal, showBlacklistType; - $('input#user_force_random_password').on('change', function(elem) { - var elems; - elems = $('#user_password, #user_password_confirmation'); - if ($(this).attr('checked')) { - return elems.val('').attr('disabled', true); - } else { - return elems.removeAttr('disabled'); - } - }); - $('body').on('click', '.js-toggle-colors-link', function(e) { - e.preventDefault(); - return $('.js-toggle-colors-container').toggle(); - }); - $('.log-tabs a').click(function(e) { - e.preventDefault(); - return $(this).tab('show'); - }); - $('.log-bottom').click(function(e) { - var visible_log; - e.preventDefault(); - visible_log = $(".file-content:visible"); - return visible_log.animate({ - scrollTop: visible_log.find('ol').height() - }, "fast"); - }); - modal = $('.change-owner-holder'); - $('.change-owner-link').bind("click", function(e) { - e.preventDefault(); - $(this).hide(); - return modal.show(); - }); - $('.change-owner-cancel-link').bind("click", function(e) { - e.preventDefault(); - modal.hide(); - return $('.change-owner-link').show(); - }); - $('li.project_member').bind('ajax:success', function() { - return gl.utils.refreshCurrentPage(); - }); - $('li.group_member').bind('ajax:success', function() { - return gl.utils.refreshCurrentPage(); - }); - showBlacklistType = function() { - if ($("input[name='blacklist_type']:checked").val() === 'file') { - $('.blacklist-file').show(); - return $('.blacklist-raw').hide(); - } else { - $('.blacklist-file').hide(); - return $('.blacklist-raw').show(); - } - }; - $("input[name='blacklist_type']").click(showBlacklistType); - showBlacklistType(); - } - - return Admin; -})(); diff --git a/app/assets/javascripts/ajax_loading_spinner.js b/app/assets/javascripts/ajax_loading_spinner.js index 8f5e2e545e..2bc77859c2 100644 --- a/app/assets/javascripts/ajax_loading_spinner.js +++ b/app/assets/javascripts/ajax_loading_spinner.js @@ -1,4 +1,4 @@ -class AjaxLoadingSpinner { +export default class AjaxLoadingSpinner { static init() { const $elements = $('.js-ajax-loading-spinner'); @@ -30,6 +30,3 @@ class AjaxLoadingSpinner { classList.toggle('fa-spin'); } } - -window.gl = window.gl || {}; -gl.AjaxLoadingSpinner = AjaxLoadingSpinner; diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js index 56f91e95bb..1f34c6b50c 100644 --- a/app/assets/javascripts/api.js +++ b/app/assets/javascripts/api.js @@ -1,12 +1,15 @@ -import $ from 'jquery'; +import _ from 'underscore'; +import axios from './lib/utils/axios_utils'; const Api = { groupsPath: '/api/:version/groups.json', - groupPath: '/api/:version/groups/:id.json', + groupPath: '/api/:version/groups/:id', namespacesPath: '/api/:version/namespaces.json', groupProjectsPath: '/api/:version/groups/:id/projects.json', - projectsPath: '/api/:version/projects.json?simple=true', - labelsPath: '/:namespace_path/:project_path/labels', + projectsPath: '/api/:version/projects.json', + projectPath: '/api/:version/projects/:id', + projectLabelsPath: '/:namespace_path/:project_path/labels', + groupLabelsPath: '/groups/:namespace_path/labels', licensePath: '/api/:version/templates/licenses/:key', gitignorePath: '/api/:version/templates/gitignores/:key', gitlabCiYmlPath: '/api/:version/templates/gitlab_ci_ymls/:key', @@ -14,153 +17,177 @@ const Api = { issuableTemplatePath: '/:namespace_path/:project_path/templates/:type/:key', usersPath: '/api/:version/users.json', commitPath: '/api/:version/projects/:id/repository/commits', + branchSinglePath: '/api/:version/projects/:id/repository/branches/:branch', + createBranchPath: '/api/:version/projects/:id/repository/branches', group(groupId, callback) { const url = Api.buildUrl(Api.groupPath) .replace(':id', groupId); - return $.ajax({ - url, - dataType: 'json', - }) - .done(group => callback(group)); + return axios.get(url) + .then(({ data }) => { + callback(data); + + return data; + }); }, // Return groups list. Filtered by query groups(query, options, callback) { const url = Api.buildUrl(Api.groupsPath); - return $.ajax({ - url, - data: Object.assign({ + return axios.get(url, { + params: Object.assign({ search: query, per_page: 20, }, options), - dataType: 'json', }) - .done(groups => callback(groups)); + .then(({ data }) => { + callback(data); + + return data; + }); }, // Return namespaces list. Filtered by query namespaces(query, callback) { const url = Api.buildUrl(Api.namespacesPath); - return $.ajax({ - url, - data: { + return axios.get(url, { + params: { search: query, per_page: 20, }, - dataType: 'json', - }).done(namespaces => callback(namespaces)); + }) + .then(({ data }) => callback(data)); }, // Return projects list. Filtered by query - projects(query, options, callback) { + projects(query, options, callback = _.noop) { const url = Api.buildUrl(Api.projectsPath); - return $.ajax({ - url, - data: Object.assign({ - search: query, - per_page: 20, - membership: true, - }, options), - dataType: 'json', + const defaults = { + search: query, + per_page: 20, + simple: true, + }; + + if (gon.current_user_id) { + defaults.membership = true; + } + + return axios.get(url, { + params: Object.assign(defaults, options), }) - .done(projects => callback(projects)); + .then(({ data }) => { + callback(data); + + return data; + }); + }, + + // Return single project + project(projectPath) { + const url = Api.buildUrl(Api.projectPath) + .replace(':id', encodeURIComponent(projectPath)); + + return axios.get(url); }, newLabel(namespacePath, projectPath, data, callback) { - const url = Api.buildUrl(Api.labelsPath) - .replace(':namespace_path', namespacePath) - .replace(':project_path', projectPath); - return $.ajax({ - url, - type: 'POST', - data: { label: data }, - dataType: 'json', + let url; + + if (projectPath) { + url = Api.buildUrl(Api.projectLabelsPath) + .replace(':namespace_path', namespacePath) + .replace(':project_path', projectPath); + } else { + url = Api.buildUrl(Api.groupLabelsPath).replace(':namespace_path', namespacePath); + } + + return axios.post(url, { + label: data, }) - .done(label => callback(label)) - .fail(message => callback(message.responseJSON)); + .then(res => callback(res.data)) + .catch(e => callback(e.response.data)); }, // Return group projects list. Filtered by query groupProjects(groupId, query, callback) { const url = Api.buildUrl(Api.groupProjectsPath) .replace(':id', groupId); - return $.ajax({ - url, - data: { + return axios.get(url, { + params: { search: query, per_page: 20, }, - dataType: 'json', }) - .done(projects => callback(projects)); + .then(({ data }) => callback(data)); }, - commitMultiple(id, data, callback) { + commitMultiple(id, data) { + // see https://docs.gitlab.com/ce/api/commits.html#create-a-commit-with-multiple-files-and-actions const url = Api.buildUrl(Api.commitPath) - .replace(':id', id); - return $.ajax({ - url, - type: 'POST', - contentType: 'application/json; charset=utf-8', - data: JSON.stringify(data), - dataType: 'json', - }) - .done(commitData => callback(commitData)) - .fail(message => callback(message.responseJSON)); + .replace(':id', encodeURIComponent(id)); + return axios.post(url, JSON.stringify(data), { + headers: { + 'Content-Type': 'application/json; charset=utf-8', + }, + }); + }, + + branchSingle(id, branch) { + const url = Api.buildUrl(Api.branchSinglePath) + .replace(':id', encodeURIComponent(id)) + .replace(':branch', branch); + + return axios.get(url); }, // Return text for a specific license licenseText(key, data, callback) { const url = Api.buildUrl(Api.licensePath) .replace(':key', key); - return $.ajax({ - url, - data, + return axios.get(url, { + params: data, }) - .done(license => callback(license)); + .then(res => callback(res.data)); }, gitignoreText(key, callback) { const url = Api.buildUrl(Api.gitignorePath) .replace(':key', key); - return $.get(url, gitignore => callback(gitignore)); + return axios.get(url) + .then(({ data }) => callback(data)); }, gitlabCiYml(key, callback) { const url = Api.buildUrl(Api.gitlabCiYmlPath) .replace(':key', key); - return $.get(url, file => callback(file)); + return axios.get(url) + .then(({ data }) => callback(data)); }, dockerfileYml(key, callback) { const url = Api.buildUrl(Api.dockerfilePath).replace(':key', key); - $.get(url, callback); + return axios.get(url) + .then(({ data }) => callback(data)); }, issueTemplate(namespacePath, projectPath, key, type, callback) { const url = Api.buildUrl(Api.issuableTemplatePath) - .replace(':key', key) + .replace(':key', encodeURIComponent(key)) .replace(':type', type) .replace(':project_path', projectPath) .replace(':namespace_path', namespacePath); - $.ajax({ - url, - dataType: 'json', - }) - .done(file => callback(null, file)) - .fail(callback); + return axios.get(url) + .then(({ data }) => callback(null, data)) + .catch(callback); }, users(query, options) { const url = Api.buildUrl(this.usersPath); - return Api.wrapAjaxCall({ - url, - data: Object.assign({ + return axios.get(url, { + params: Object.assign({ search: query, per_page: 20, }, options), - dataType: 'json', }); }, @@ -171,20 +198,6 @@ const Api = { } return urlRoot + url.replace(':version', gon.api_version); }, - - wrapAjaxCall(options) { - return new Promise((resolve, reject) => { - // jQuery 2 is not Promises/A+ compatible (missing catch) - $.ajax(options) // eslint-disable-line promise/catch-or-return - .then(data => resolve(data), - (jqXHR, textStatus, errorThrown) => { - const error = new Error(`${options.url}: ${errorThrown}`); - error.textStatus = textStatus; - reject(error); - }, - ); - }); - }, }; export default Api; diff --git a/app/assets/javascripts/aside.js b/app/assets/javascripts/aside.js deleted file mode 100644 index 88756884d1..0000000000 --- a/app/assets/javascripts/aside.js +++ /dev/null @@ -1,24 +0,0 @@ -/* eslint-disable func-names, space-before-function-paren, wrap-iife, quotes, prefer-arrow-callback, no-var, one-var, one-var-declaration-per-line, no-else-return, max-len */ - -window.Aside = (function() { - function Aside() { - $(document).off("click", "a.show-aside"); - $(document).on("click", 'a.show-aside', function(e) { - var btn, icon; - e.preventDefault(); - btn = $(e.currentTarget); - icon = btn.find('i'); - if (icon.hasClass('fa-angle-left')) { - btn.parent().find('section').hide(); - btn.parent().find('aside').fadeIn(); - return icon.removeClass('fa-angle-left').addClass('fa-angle-right'); - } else { - btn.parent().find('aside').hide(); - btn.parent().find('section').fadeIn(); - return icon.removeClass('fa-angle-right').addClass('fa-angle-left'); - } - }); - } - - return Aside; -})(); diff --git a/app/assets/javascripts/autosave.js b/app/assets/javascripts/autosave.js index cfab6c40b3..0f28bd233a 100644 --- a/app/assets/javascripts/autosave.js +++ b/app/assets/javascripts/autosave.js @@ -1,25 +1,22 @@ -/* eslint-disable func-names, space-before-function-paren, wrap-iife, no-param-reassign, quotes, prefer-template, no-var, one-var, no-unused-vars, one-var-declaration-per-line, no-void, consistent-return, no-empty, max-len */ +/* eslint-disable no-param-reassign, prefer-template, no-var, no-void, consistent-return */ + import AccessorUtilities from './lib/utils/accessor'; -window.Autosave = (function() { - function Autosave(field, key) { +export default class Autosave { + constructor(field, key, resource) { this.field = field; this.isLocalStorageAvailable = AccessorUtilities.isLocalStorageAccessSafe(); - + this.resource = resource; if (key.join != null) { - key = key.join("/"); + key = key.join('/'); } - this.key = "autosave/" + key; - this.field.data("autosave", this); + this.key = 'autosave/' + key; + this.field.data('autosave', this); this.restore(); - this.field.on("input", (function(_this) { - return function() { - return _this.save(); - }; - })(this)); + this.field.on('input', () => this.save()); } - Autosave.prototype.restore = function() { + restore() { var text; if (!this.isLocalStorageAvailable) return; @@ -29,10 +26,20 @@ window.Autosave = (function() { if ((text != null ? text.length : void 0) > 0) { this.field.val(text); } - return this.field.trigger("input"); - }; + if (!this.resource && this.resource !== 'issue') { + this.field.trigger('input'); + } else { + // v-model does not update with jQuery trigger + // https://github.com/vuejs/vue/issues/2804#issuecomment-216968137 + const event = new Event('change', { bubbles: true, cancelable: false }); + const field = this.field.get(0); + if (field) { + field.dispatchEvent(event); + } + } + } - Autosave.prototype.save = function() { + save() { var text; text = this.field.val(); @@ -41,15 +48,11 @@ window.Autosave = (function() { } return this.reset(); - }; + } - Autosave.prototype.reset = function() { + reset() { if (!this.isLocalStorageAvailable) return; return window.localStorage.removeItem(this.key); - }; - - return Autosave; -})(); - -export default window.Autosave; + } +} diff --git a/app/assets/javascripts/awards_handler.js b/app/assets/javascripts/awards_handler.js index 097f79a250..87109a802e 100644 --- a/app/assets/javascripts/awards_handler.js +++ b/app/assets/javascripts/awards_handler.js @@ -1,7 +1,10 @@ /* eslint-disable class-methods-use-this */ -/* global Flash */ import _ from 'underscore'; import Cookies from 'js-cookie'; +import { __ } from './locale'; +import { isInIssuePage, updateTooltipTitle } from './lib/utils/common_utils'; +import flash from './flash'; +import axios from './lib/utils/axios_utils'; const animationEndEventString = 'animationend webkitAnimationEnd MSAnimationEnd oAnimationEnd'; const transitionEndEventString = 'transitionend webkitTransitionEnd oTransitionEnd MSTransitionEnd'; @@ -23,6 +26,9 @@ const categoryLabelMap = { flags: 'Flags', }; +const IS_VISIBLE = 'is-visible'; +const IS_RENDERED = 'is-rendered'; + class AwardsHandler { constructor(emoji) { this.emoji = emoji; @@ -50,7 +56,7 @@ class AwardsHandler { if (!$target.closest('.emoji-menu').length) { if ($('.emoji-menu').is(':visible')) { $('.js-add-award.is-active').removeClass('is-active'); - $('.emoji-menu').removeClass('is-visible'); + this.hideMenuElement($('.emoji-menu')); } } }); @@ -87,12 +93,12 @@ class AwardsHandler { if ($menu.length) { if ($menu.is('.is-visible')) { $addBtn.removeClass('is-active'); - $menu.removeClass('is-visible'); + this.hideMenuElement($menu); $('.js-emoji-menu-search').blur(); } else { $addBtn.addClass('is-active'); this.positionMenu($menu, $addBtn); - $menu.addClass('is-visible'); + this.showMenuElement($menu); $('.js-emoji-menu-search').focus(); } } else { @@ -102,13 +108,14 @@ class AwardsHandler { $addBtn.removeClass('is-loading'); this.positionMenu($createdMenu, $addBtn); return setTimeout(() => { - $createdMenu.addClass('is-visible'); + this.showMenuElement($createdMenu); $('.js-emoji-menu-search').focus(); }, 200); }); } $thumbsBtn.toggleClass('disabled', $userAuthored); + $thumbsBtn.prop('disabled', $userAuthored); } // Create the emoji menu with the first category of emojis. @@ -234,14 +241,35 @@ class AwardsHandler { } addAward(votesBlock, awardUrl, emoji, checkMutuality, callback) { + const isMainAwardsBlock = votesBlock.closest('.js-issue-note-awards').length; + + if (isInIssuePage() && !isMainAwardsBlock) { + const id = votesBlock.attr('id').replace('note_', ''); + + this.hideMenuElement($('.emoji-menu')); + + $('.js-add-award.is-active').removeClass('is-active'); + const toggleAwardEvent = new CustomEvent('toggleAward', { + detail: { + awardName: emoji, + noteId: id, + }, + }); + + document.querySelector('.js-vue-notes-event').dispatchEvent(toggleAwardEvent); + } + const normalizedEmoji = this.emoji.normalizeEmojiName(emoji); const $emojiButton = this.findEmojiIcon(votesBlock, normalizedEmoji).parent(); + this.postEmoji($emojiButton, awardUrl, normalizedEmoji, () => { this.addAwardToEmojiBar(votesBlock, normalizedEmoji, checkMutuality); return typeof callback === 'function' ? callback() : undefined; }); - $('.emoji-menu').removeClass('is-visible'); - $('.js-add-award.is-active').removeClass('is-active'); + + this.hideMenuElement($('.emoji-menu')); + + return $('.js-add-award.is-active').removeClass('is-active'); } addAwardToEmojiBar(votesBlock, emoji, checkForMutuality) { @@ -268,6 +296,14 @@ class AwardsHandler { } getVotesBlock() { + if (isInIssuePage()) { + const $el = $('.js-add-award.is-active').closest('.note.timeline-entry'); + + if ($el.length) { + return $el; + } + } + const currentBlock = $('.js-awards-block.current'); let resultantVotesBlock = currentBlock; if (currentBlock.length === 0) { @@ -407,13 +443,15 @@ class AwardsHandler { if (this.isUserAuthored($emojiButton)) { this.userAuthored($emojiButton); } else { - $.post(awardUrl, { + axios.post(awardUrl, { name: emoji, - }, (data) => { + }) + .then(({ data }) => { if (data.ok) { callback(); } - }).fail(() => new Flash('Something went wrong on our end.')); + }) + .catch(() => flash(__('Something went wrong on our end.'))); } } @@ -424,11 +462,11 @@ class AwardsHandler { userAuthored($emojiButton) { const oldTitle = this.getAwardTooltip($emojiButton); const newTitle = 'You cannot vote on your own issue, MR and note'; - gl.utils.updateTooltipTitle($emojiButton, newTitle).tooltip('show'); + updateTooltipTitle($emojiButton, newTitle).tooltip('show'); // Restore tooltip back to award list return setTimeout(() => { $emojiButton.tooltip('hide'); - gl.utils.updateTooltipTitle($emojiButton, oldTitle); + updateTooltipTitle($emojiButton, oldTitle); }, 2800); } @@ -500,6 +538,33 @@ class AwardsHandler { return $matchingElements.closest('li').clone(); } + /* showMenuElement and hideMenuElement are performance optimizations. We use + * opacity to show/hide the emoji menu, because we can animate it. But opacity + * leaves hidden elements in the render tree, which is unacceptable given the number + * of emoji elements in the emoji menu (5k+). To get the best of both worlds, we separately + * apply IS_RENDERED to add/remove the menu from the render tree and IS_VISIBLE to animate + * the menu being opened and closed. */ + + showMenuElement($emojiMenu) { + $emojiMenu.addClass(IS_RENDERED); + + // enqueues animation as a microtask, so it begins ASAP once IS_RENDERED added + return Promise.resolve() + .then(() => $emojiMenu.addClass(IS_VISIBLE)); + } + + hideMenuElement($emojiMenu) { + $emojiMenu.on(transitionEndEventString, (e) => { + if (e.currentTarget === e.target) { + $emojiMenu + .removeClass(IS_RENDERED) + .off(transitionEndEventString); + } + }); + + $emojiMenu.removeClass(IS_VISIBLE); + } + destroy() { this.eventListeners.forEach((entry) => { entry.element.off.call(entry.element, ...entry.args); diff --git a/app/assets/javascripts/behaviors/autosize.js b/app/assets/javascripts/behaviors/autosize.js index e00af4b2fa..add43b81f6 100644 --- a/app/assets/javascripts/behaviors/autosize.js +++ b/app/assets/javascripts/behaviors/autosize.js @@ -1,8 +1,8 @@ -import autosize from 'vendor/autosize'; +import Autosize from 'autosize'; document.addEventListener('DOMContentLoaded', () => { const autosizeEls = document.querySelectorAll('.js-autosize'); - autosize(autosizeEls); - autosize.update(autosizeEls); + Autosize(autosizeEls); + Autosize.update(autosizeEls); }); diff --git a/app/assets/javascripts/copy_as_gfm.js b/app/assets/javascripts/behaviors/copy_as_gfm.js similarity index 80% rename from app/assets/javascripts/copy_as_gfm.js rename to app/assets/javascripts/behaviors/copy_as_gfm.js index 13ba4a5729..ffe90595b5 100644 --- a/app/assets/javascripts/copy_as_gfm.js +++ b/app/assets/javascripts/behaviors/copy_as_gfm.js @@ -1,7 +1,8 @@ /* eslint-disable class-methods-use-this, object-shorthand, no-unused-vars, no-use-before-define, no-new, max-len, no-restricted-syntax, guard-for-in, no-continue */ + import _ from 'underscore'; -import './lib/utils/common_utils'; -import { placeholderImage } from './lazy_loader'; +import { insertText, getSelectedFragment, nodeMatchesSelector } from '../lib/utils/common_utils'; +import { placeholderImage } from '../lazy_loader'; const gfmRules = { // The filters referenced in lib/banzai/pipeline/gfm_pipeline.rb convert @@ -73,6 +74,18 @@ const gfmRules = { return `![${el.dataset.title}](${el.getAttribute('src')})`; }, }, + MermaidFilter: { + 'svg.mermaid'(el, text) { + const sourceEl = el.querySelector('text.source'); + if (!sourceEl) return false; + + return `\`\`\`mermaid\n${CopyAsGFM.nodeToGFM(sourceEl)}\n\`\`\``; + }, + 'svg.mermaid style, svg.mermaid g'(el, text) { + // We don't want to include the content of these elements in the copied text. + return ''; + }, + }, MathFilter: { 'pre.code.math[data-math-style=display]'(el, text) { return `\`\`\`math\n${text.trim()}\n\`\`\``; @@ -284,8 +297,15 @@ const gfmRules = { }, }; -class CopyAsGFM { +export class CopyAsGFM { constructor() { + // iOS currently does not support clipboardData.setData(). This bug should + // be fixed in iOS 12, but for now we'll disable this for all iOS browsers + // ref: https://trac.webkit.org/changeset/222228/webkit + const userAgent = (typeof navigator !== 'undefined' && navigator.userAgent) || ''; + const isIOS = /\b(iPad|iPhone|iPod)(?=;)/.test(userAgent); + if (isIOS) return; + $(document).on('copy', '.md, .wiki', (e) => { CopyAsGFM.copyAsGFM(e, CopyAsGFM.transformGFMSelection); }); $(document).on('copy', 'pre.code.highlight, .diff-content .line_content', (e) => { CopyAsGFM.copyAsGFM(e, CopyAsGFM.transformCodeSelection); }); $(document).on('paste', '.js-gfm-input', CopyAsGFM.pasteGFM); @@ -295,10 +315,10 @@ class CopyAsGFM { const clipboardData = e.originalEvent.clipboardData; if (!clipboardData) return; - const documentFragment = window.gl.utils.getSelectedFragment(); + const documentFragment = getSelectedFragment(); if (!documentFragment) return; - const el = transformer(documentFragment.cloneNode(true)); + const el = transformer(documentFragment.cloneNode(true), e.currentTarget); if (!el) return; e.preventDefault(); @@ -338,55 +358,64 @@ class CopyAsGFM { } static transformGFMSelection(documentFragment) { - const gfmEls = documentFragment.querySelectorAll('.md, .wiki'); - switch (gfmEls.length) { + const gfmElements = documentFragment.querySelectorAll('.md, .wiki'); + switch (gfmElements.length) { case 0: { return documentFragment; } case 1: { - return gfmEls[0]; + return gfmElements[0]; } default: { - const allGfmEl = document.createElement('div'); + const allGfmElement = document.createElement('div'); - for (let i = 0; i < gfmEls.length; i += 1) { - const lineEl = gfmEls[i]; - allGfmEl.appendChild(lineEl); - allGfmEl.appendChild(document.createTextNode('\n\n')); + for (let i = 0; i < gfmElements.length; i += 1) { + const gfmElement = gfmElements[i]; + allGfmElement.appendChild(gfmElement); + allGfmElement.appendChild(document.createTextNode('\n\n')); } - return allGfmEl; + return allGfmElement; } } } - static transformCodeSelection(documentFragment) { - const lineEls = documentFragment.querySelectorAll('.line'); + static transformCodeSelection(documentFragment, target) { + let lineSelector = '.line'; - let codeEl; - if (lineEls.length > 1) { - codeEl = document.createElement('pre'); - codeEl.className = 'code highlight'; + if (target) { + const lineClass = ['left-side', 'right-side'].filter(name => target.classList.contains(name))[0]; + if (lineClass) { + lineSelector = `.line_content.${lineClass} ${lineSelector}`; + } + } - const lang = lineEls[0].getAttribute('lang'); + const lineElements = documentFragment.querySelectorAll(lineSelector); + + let codeElement; + if (lineElements.length > 1) { + codeElement = document.createElement('pre'); + codeElement.className = 'code highlight'; + + const lang = lineElements[0].getAttribute('lang'); if (lang) { - codeEl.setAttribute('lang', lang); + codeElement.setAttribute('lang', lang); } } else { - codeEl = document.createElement('code'); + codeElement = document.createElement('code'); } - if (lineEls.length > 0) { - for (let i = 0; i < lineEls.length; i += 1) { - const lineEl = lineEls[i]; - codeEl.appendChild(lineEl); - codeEl.appendChild(document.createTextNode('\n')); + if (lineElements.length > 0) { + for (let i = 0; i < lineElements.length; i += 1) { + const lineElement = lineElements[i]; + codeElement.appendChild(lineElement); + codeElement.appendChild(document.createTextNode('\n')); } } else { - codeEl.appendChild(documentFragment); + codeElement.appendChild(documentFragment); } - return codeEl; + return codeElement; } static nodeToGFM(node, respectWhitespaceParam = false) { @@ -412,7 +441,7 @@ class CopyAsGFM { for (const selector in rules) { const func = rules[selector]; - if (!window.gl.utils.nodeMatchesSelector(node, selector)) continue; + if (!nodeMatchesSelector(node, selector)) continue; let result; if (func.length === 2) { @@ -460,7 +489,12 @@ class CopyAsGFM { } } -window.gl = window.gl || {}; -window.gl.CopyAsGFM = CopyAsGFM; +// Export CopyAsGFM as a global for rspec to access +// see /spec/features/copy_as_gfm_spec.rb +if (process.env.NODE_ENV !== 'production') { + window.CopyAsGFM = CopyAsGFM; +} -new CopyAsGFM(); +export default function initCopyAsGFM() { + return new CopyAsGFM(); +} diff --git a/app/assets/javascripts/behaviors/copy_to_clipboard.js b/app/assets/javascripts/behaviors/copy_to_clipboard.js new file mode 100644 index 0000000000..cdea625fc8 --- /dev/null +++ b/app/assets/javascripts/behaviors/copy_to_clipboard.js @@ -0,0 +1,73 @@ +import Clipboard from 'clipboard'; + +function showTooltip(target, title) { + const $target = $(target); + const originalTitle = $target.data('original-title'); + + if (!$target.data('hideTooltip')) { + $target + .attr('title', title) + .tooltip('fixTitle') + .tooltip('show') + .attr('title', originalTitle) + .tooltip('fixTitle'); + } +} + +function genericSuccess(e) { + showTooltip(e.trigger, 'Copied'); + // Clear the selection and blur the trigger so it loses its border + e.clearSelection(); + $(e.trigger).blur(); +} + +/** + * Safari > 10 doesn't support `execCommand`, so instead we inform the user to copy manually. + * See http://clipboardjs.com/#browser-support + */ +function genericError(e) { + let key; + if (/Mac/i.test(navigator.userAgent)) { + key = '⌘'; // Command + } else { + key = 'Ctrl'; + } + showTooltip(e.trigger, `Press ${key}-C to copy`); +} + +export default function initCopyToClipboard() { + const clipboard = new Clipboard('[data-clipboard-target], [data-clipboard-text]'); + clipboard.on('success', genericSuccess); + clipboard.on('error', genericError); + + /** + * This a workaround around ClipboardJS limitations to allow the context-specific copy/pasting + * of plain text or GFM. The Ruby `clipboard_button` helper sneaks a JSON hash with `text` and + * `gfm` keys into the `data-clipboard-text` attribute that ClipboardJS reads from. + * When ClipboardJS creates a new `textarea` (directly inside `body`, with a `readonly` + * attribute`), sets its value to the value of this data attribute, focusses on it, and finally + * programmatically issues the 'Copy' command, this code intercepts the copy command/event at + * the last minute to deconstruct this JSON hash and set the `text/plain` and `text/x-gfm` copy + * data types to the intended values. + */ + $(document).on('copy', 'body > textarea[readonly]', (e) => { + const clipboardData = e.originalEvent.clipboardData; + if (!clipboardData) return; + + const text = e.target.value; + + let json; + try { + json = JSON.parse(text); + } catch (ex) { + return; + } + + if (!json.text || !json.gfm) return; + + e.preventDefault(); + + clipboardData.setData('text/plain', json.text); + clipboardData.setData('text/x-gfm', json.gfm); + }); +} diff --git a/app/assets/javascripts/behaviors/index.js b/app/assets/javascripts/behaviors/index.js index 44b2c974b9..8d021de799 100644 --- a/app/assets/javascripts/behaviors/index.js +++ b/app/assets/javascripts/behaviors/index.js @@ -1,9 +1,14 @@ import './autosize'; import './bind_in_out'; +import initCopyAsGFM from './copy_as_gfm'; +import initCopyToClipboard from './copy_to_clipboard'; import './details_behavior'; import installGlEmojiElement from './gl_emoji'; import './quick_submit'; import './requires_input'; import './toggler_behavior'; +import '../preview_markdown'; installGlEmojiElement(); +initCopyAsGFM(); +initCopyToClipboard(); diff --git a/app/assets/javascripts/behaviors/quick_submit.js b/app/assets/javascripts/behaviors/quick_submit.js index bc69361646..2cf8f4fa93 100644 --- a/app/assets/javascripts/behaviors/quick_submit.js +++ b/app/assets/javascripts/behaviors/quick_submit.js @@ -1,4 +1,5 @@ import '../commons/bootstrap'; +import { isInIssuePage } from '../lib/utils/common_utils'; // Quick Submit behavior // @@ -44,7 +45,10 @@ $(document).on('keydown.quick_submit', '.js-quick-submit', (e) => { if (!$submitButton.attr('disabled')) { $submitButton.trigger('click', [e]); - $submitButton.disable(); + + if (!isInIssuePage()) { + $submitButton.disable(); + } } }); diff --git a/app/assets/javascripts/behaviors/secret_values.js b/app/assets/javascripts/behaviors/secret_values.js new file mode 100644 index 0000000000..0d6e0dbefc --- /dev/null +++ b/app/assets/javascripts/behaviors/secret_values.js @@ -0,0 +1,47 @@ +import { n__ } from '../locale'; +import { convertPermissionToBoolean } from '../lib/utils/common_utils'; + +export default class SecretValues { + constructor({ + container, + valueSelector = '.js-secret-value', + placeholderSelector = '.js-secret-value-placeholder', + }) { + this.container = container; + this.valueSelector = valueSelector; + this.placeholderSelector = placeholderSelector; + } + + init() { + this.revealButton = this.container.querySelector('.js-secret-value-reveal-button'); + + if (this.revealButton) { + const isRevealed = convertPermissionToBoolean(this.revealButton.dataset.secretRevealStatus); + this.updateDom(isRevealed); + + this.revealButton.addEventListener('click', this.onRevealButtonClicked.bind(this)); + } + } + + onRevealButtonClicked() { + const previousIsRevealed = convertPermissionToBoolean( + this.revealButton.dataset.secretRevealStatus, + ); + this.updateDom(!previousIsRevealed); + } + + updateDom(isRevealed) { + const values = this.container.querySelectorAll(this.valueSelector); + values.forEach((value) => { + value.classList.toggle('hide', !isRevealed); + }); + + const placeholders = this.container.querySelectorAll(this.placeholderSelector); + placeholders.forEach((placeholder) => { + placeholder.classList.toggle('hide', isRevealed); + }); + + this.revealButton.textContent = isRevealed ? n__('Hide value', 'Hide values', values.length) : n__('Reveal value', 'Reveal values', values.length); + this.revealButton.dataset.secretRevealStatus = isRevealed; + } +} diff --git a/app/assets/javascripts/behaviors/toggler_behavior.js b/app/assets/javascripts/behaviors/toggler_behavior.js index b70b0a9bbf..417ac31fc8 100644 --- a/app/assets/javascripts/behaviors/toggler_behavior.js +++ b/app/assets/javascripts/behaviors/toggler_behavior.js @@ -5,6 +5,7 @@ // %button.js-toggle-button // %div.js-toggle-content // +import { getLocationHash } from '../lib/utils/url_utility'; $(() => { function toggleContainer(container, toggleState) { @@ -32,7 +33,7 @@ $(() => { // If we're accessing a permalink, ensure it is not inside a // closed js-toggle-container! - const hash = window.gl.utils.getLocationHash(); + const hash = getLocationHash(); const anchor = hash && document.getElementById(hash); const container = anchor && $(anchor).closest('.js-toggle-container'); diff --git a/app/assets/javascripts/blob/balsamiq_viewer.js b/app/assets/javascripts/blob/balsamiq_viewer.js index 8641a6fdae..062577af38 100644 --- a/app/assets/javascripts/blob/balsamiq_viewer.js +++ b/app/assets/javascripts/blob/balsamiq_viewer.js @@ -1,9 +1,8 @@ -/* global Flash */ - +import Flash from '../flash'; import BalsamiqViewer from './balsamiq/balsamiq_viewer'; function onError() { - const flash = new window.Flash('Balsamiq file could not be loaded.'); + const flash = new Flash('Balsamiq file could not be loaded.'); return flash; } diff --git a/app/assets/javascripts/blob/blob_file_dropzone.js b/app/assets/javascripts/blob/blob_file_dropzone.js index 26d3419a16..83cac896f8 100644 --- a/app/assets/javascripts/blob/blob_file_dropzone.js +++ b/app/assets/javascripts/blob/blob_file_dropzone.js @@ -1,8 +1,10 @@ /* eslint-disable func-names, object-shorthand, prefer-arrow-callback */ -/* global Dropzone */ - -import '../lib/utils/url_utility'; +import Dropzone from 'dropzone'; +import { visitUrl } from '../lib/utils/url_utility'; import { HIDDEN_CLASS } from '../lib/utils/constants'; +import csrf from '../lib/utils/csrf'; + +Dropzone.autoDiscover = false; function toggleLoading($el, $icon, loading) { if (loading) { @@ -36,9 +38,7 @@ export default class BlobFileDropzone { maxFiles: 1, addRemoveLinks: true, previewsContainer: '.dropzone-previews', - headers: { - 'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content'), - }, + headers: csrf.headers, init: function () { this.on('addedfile', function () { toggleLoading(submitButton, submitButtonLoadingIcon, false); @@ -51,7 +51,7 @@ export default class BlobFileDropzone { }); this.on('success', function (header, response) { $('#modal-upload-blob').modal('hide'); - window.gl.utils.visitUrl(response.filePath); + visitUrl(response.filePath); }); this.on('maxfilesexceeded', function (file) { dropzoneMessage.addClass(HIDDEN_CLASS); diff --git a/app/assets/javascripts/blob/blob_line_permalink_updater.js b/app/assets/javascripts/blob/blob_line_permalink_updater.js index c8f68860fb..d36d9f0de2 100644 --- a/app/assets/javascripts/blob/blob_line_permalink_updater.js +++ b/app/assets/javascripts/blob/blob_line_permalink_updater.js @@ -1,7 +1,9 @@ +import { getLocationHash } from '../lib/utils/url_utility'; + const lineNumberRe = /^L[0-9]+/; const updateLineNumbersOnBlobPermalinks = (linksToUpdate) => { - const hash = gl.utils.getLocationHash(); + const hash = getLocationHash(); if (hash && lineNumberRe.test(hash)) { const hashUrlString = `#${hash}`; diff --git a/app/assets/javascripts/blob/file_template_mediator.js b/app/assets/javascripts/blob/file_template_mediator.js index a20c6ca7a2..37074301b5 100644 --- a/app/assets/javascripts/blob/file_template_mediator.js +++ b/app/assets/javascripts/blob/file_template_mediator.js @@ -1,6 +1,5 @@ /* eslint-disable class-methods-use-this */ -/* global Flash */ - +import Flash from '../flash'; import FileTemplateTypeSelector from './template_selectors/type_selector'; import BlobCiYamlSelector from './template_selectors/ci_yaml_selector'; import DockerfileSelector from './template_selectors/dockerfile_selector'; @@ -236,7 +235,7 @@ export default class FileTemplateMediator { } setFilename(name) { - this.$filenameInput.val(name); + this.$filenameInput.val(name).trigger('change'); } getSelected() { diff --git a/app/assets/javascripts/blob/notebook/index.js b/app/assets/javascripts/blob/notebook/index.js index 27312d718b..6f1350e80f 100644 --- a/app/assets/javascripts/blob/notebook/index.js +++ b/app/assets/javascripts/blob/notebook/index.js @@ -1,15 +1,16 @@ /* eslint-disable no-new */ import Vue from 'vue'; -import VueResource from 'vue-resource'; +import axios from '../../lib/utils/axios_utils'; import notebookLab from '../../notebook/index.vue'; -Vue.use(VueResource); - export default () => { const el = document.getElementById('js-notebook-viewer'); new Vue({ el, + components: { + notebookLab, + }, data() { return { error: false, @@ -18,53 +19,6 @@ export default () => { json: {}, }; }, - components: { - notebookLab, - }, - template: ` -
-
- -
- -

- - An error occured whilst loading the file. Please try again later. - - - An error occured whilst parsing the file. - -

-
- `, - methods: { - loadFile() { - this.$http.get(el.dataset.endpoint) - .then(response => response.json()) - .then((res) => { - this.json = res; - this.loading = false; - }) - .catch((e) => { - if (e.status) { - this.loadError = true; - } - - this.error = true; - }); - }, - }, mounted() { if (gon.katex_css_url) { const katexStyles = document.createElement('link'); @@ -84,5 +38,49 @@ export default () => { this.loadFile(); } }, + methods: { + loadFile() { + axios.get(el.dataset.endpoint) + .then(res => res.data) + .then((data) => { + this.json = data; + this.loading = false; + }) + .catch((e) => { + if (e.status !== 200) { + this.loadError = true; + } + + this.error = true; + }); + }, + }, + template: ` +
+
+ +
+ +

+ + An error occurred whilst loading the file. Please try again later. + + + An error occurred whilst parsing the file. + +

+
+ `, }); }; diff --git a/app/assets/javascripts/blob/pdf/index.js b/app/assets/javascripts/blob/pdf/index.js index 0ed915c1ac..70136cc408 100644 --- a/app/assets/javascripts/blob/pdf/index.js +++ b/app/assets/javascripts/blob/pdf/index.js @@ -7,6 +7,9 @@ export default () => { return new Vue({ el, + components: { + pdfLab, + }, data() { return { error: false, @@ -15,9 +18,6 @@ export default () => { pdf: el.dataset.endpoint, }; }, - components: { - pdfLab, - }, methods: { onLoad() { this.loading = false; @@ -48,10 +48,10 @@ export default () => { class="text-center" v-if="error"> - An error occured whilst loading the file. Please try again later. + An error occurred whilst loading the file. Please try again later. - An error occured whilst decoding the file. + An error occurred whilst decoding the file.

diff --git a/app/assets/javascripts/blob/viewer/index.js b/app/assets/javascripts/blob/viewer/index.js index 187fab084f..612f604e72 100644 --- a/app/assets/javascripts/blob/viewer/index.js +++ b/app/assets/javascripts/blob/viewer/index.js @@ -1,4 +1,7 @@ -/* global Flash */ +import Flash from '../../flash'; +import { handleLocationHash } from '../../lib/utils/common_utils'; +import axios from '../../lib/utils/axios_utils'; + export default class BlobViewer { constructor() { BlobViewer.initAuxiliaryViewer(); @@ -114,7 +117,7 @@ export default class BlobViewer { $(viewer).renderGFM(); this.$fileHolder.trigger('highlight:line'); - gl.utils.handleLocationHash(); + handleLocationHash(); this.toggleCopyButtonState(); }) @@ -125,25 +128,18 @@ export default class BlobViewer { const viewer = viewerParam; const url = viewer.getAttribute('data-url'); - return new Promise((resolve, reject) => { - if (!url || viewer.getAttribute('data-loaded') || viewer.getAttribute('data-loading')) { - resolve(viewer); - return; - } + if (!url || viewer.getAttribute('data-loaded') || viewer.getAttribute('data-loading')) { + return Promise.resolve(viewer); + } - viewer.setAttribute('data-loading', 'true'); + viewer.setAttribute('data-loading', 'true'); - $.ajax({ - url, - dataType: 'JSON', - }) - .fail(reject) - .done((data) => { + return axios.get(url) + .then(({ data }) => { viewer.innerHTML = data.html; viewer.setAttribute('data-loaded', 'true'); - resolve(viewer); + return viewer; }); - }); } } diff --git a/app/assets/javascripts/blob_edit/blob_bundle.js b/app/assets/javascripts/blob_edit/blob_bundle.js index b5500ac116..6b06344f5b 100644 --- a/app/assets/javascripts/blob_edit/blob_bundle.js +++ b/app/assets/javascripts/blob_edit/blob_bundle.js @@ -1,7 +1,6 @@ /* eslint-disable func-names, space-before-function-paren, prefer-arrow-callback, no-var, quotes, vars-on-top, no-unused-vars, no-new, max-len */ /* global EditBlob */ -/* global NewCommitForm */ - +import NewCommitForm from '../new_commit_form'; import EditBlob from './edit_blob'; import BlobFileDropzone from '../blob/blob_file_dropzone'; diff --git a/app/assets/javascripts/blob_edit/edit_blob.js b/app/assets/javascripts/blob_edit/edit_blob.js index b37988a674..a25f7fb3dc 100644 --- a/app/assets/javascripts/blob_edit/edit_blob.js +++ b/app/assets/javascripts/blob_edit/edit_blob.js @@ -1,5 +1,8 @@ /* global ace */ +import axios from '~/lib/utils/axios_utils'; +import createFlash from '~/flash'; +import { __ } from '~/locale'; import TemplateSelectorMediator from '../blob/file_template_mediator'; export default class EditBlob { @@ -56,12 +59,14 @@ export default class EditBlob { if (paneId === '#preview') { this.$toggleButton.hide(); - return $.post(currentLink.data('preview-url'), { + axios.post(currentLink.data('preview-url'), { content: this.editor.getValue(), - }, (response) => { - currentPane.empty().append(response); - return currentPane.renderGFM(); - }); + }) + .then(({ data }) => { + currentPane.empty().append(data); + currentPane.renderGFM(); + }) + .catch(() => createFlash(__('An error occurred previewing the blob'))); } this.$toggleButton.show(); diff --git a/app/assets/javascripts/boards/boards_bundle.js b/app/assets/javascripts/boards/boards_bundle.js index 89c1418014..90166b3d3d 100644 --- a/app/assets/javascripts/boards/boards_bundle.js +++ b/app/assets/javascripts/boards/boards_bundle.js @@ -1,12 +1,12 @@ /* eslint-disable one-var, quote-props, comma-dangle, space-before-function-paren */ -/* global BoardService */ -/* global Flash */ import _ from 'underscore'; import Vue from 'vue'; -import VueResource from 'vue-resource'; +import Flash from '../flash'; +import { __ } from '../locale'; import FilteredSearchBoards from './filtered_search_boards'; import eventHub from './eventhub'; +import sidebarEventHub from '../sidebar/event_hub'; import './models/issue'; import './models/label'; import './models/list'; @@ -14,7 +14,7 @@ import './models/milestone'; import './models/assignee'; import './stores/boards_store'; import './stores/modal_store'; -import './services/board_service'; +import BoardService from './services/board_service'; import './mixins/modal_mixins'; import './mixins/sortable_default_options'; import './filters/due_date_filters'; @@ -24,8 +24,6 @@ import './components/new_list_dropdown'; import './components/modal/index'; import '../vue_shared/vue_resource_interceptor'; -Vue.use(VueResource); - $(() => { const $boardApp = document.getElementById('board-app'); const Store = gl.issueBoards.BoardsStore; @@ -53,7 +51,8 @@ $(() => { data: { state: Store.state, loading: true, - endpoint: $boardApp.dataset.endpoint, + boardsEndpoint: $boardApp.dataset.boardsEndpoint, + listsEndpoint: $boardApp.dataset.listsEndpoint, boardId: $boardApp.dataset.boardId, disabled: $boardApp.dataset.disabled === 'true', issueLinkBase: $boardApp.dataset.issueLinkBase, @@ -68,28 +67,38 @@ $(() => { }, }, created () { - gl.boardService = new BoardService(this.endpoint, this.bulkUpdatePath, this.boardId); + gl.boardService = new BoardService({ + boardsEndpoint: this.boardsEndpoint, + listsEndpoint: this.listsEndpoint, + bulkUpdatePath: this.bulkUpdatePath, + boardId: this.boardId, + }); + Store.rootPath = this.boardsEndpoint; - this.filterManager = new FilteredSearchBoards(Store.filter, true); - this.filterManager.setup(); - - // Listen for updateTokens event eventHub.$on('updateTokens', this.updateTokens); + eventHub.$on('newDetailIssue', this.updateDetailIssue); + eventHub.$on('clearDetailIssue', this.clearDetailIssue); + sidebarEventHub.$on('toggleSubscription', this.toggleSubscription); }, beforeDestroy() { eventHub.$off('updateTokens', this.updateTokens); + eventHub.$off('newDetailIssue', this.updateDetailIssue); + eventHub.$off('clearDetailIssue', this.clearDetailIssue); + sidebarEventHub.$off('toggleSubscription', this.toggleSubscription); }, mounted () { + this.filterManager = new FilteredSearchBoards(Store.filter, true); + this.filterManager.setup(); + Store.disabled = this.disabled; gl.boardService.all() - .then(response => response.json()) - .then((resp) => { - resp.forEach((board) => { + .then(res => res.data) + .then((data) => { + data.forEach((board) => { const list = Store.addList(board, this.defaultAvatar); if (list.type === 'closed') { list.position = Infinity; - list.label = { description: 'Shows all closed issues. Moving an issue to this list closes it' }; } else if (list.type === 'backlog') { list.position = -1; } @@ -100,11 +109,53 @@ $(() => { Store.addBlankState(); this.loading = false; }) - .catch(() => new Flash('An error occurred. Please try again.')); + .catch(() => { + Flash('An error occurred while fetching the board lists. Please try again.'); + }); }, methods: { updateTokens() { this.filterManager.updateTokens(); + }, + updateDetailIssue(newIssue) { + const sidebarInfoEndpoint = newIssue.sidebarInfoEndpoint; + if (sidebarInfoEndpoint && newIssue.subscribed === undefined) { + newIssue.setFetchingState('subscriptions', true); + BoardService.getIssueInfo(sidebarInfoEndpoint) + .then(res => res.data) + .then((data) => { + newIssue.setFetchingState('subscriptions', false); + newIssue.updateData({ + subscribed: data.subscribed, + }); + }) + .catch(() => { + newIssue.setFetchingState('subscriptions', false); + Flash(__('An error occurred while fetching sidebar data')); + }); + } + + Store.detail.issue = newIssue; + }, + clearDetailIssue() { + Store.detail.issue = {}; + }, + toggleSubscription(id) { + const issue = Store.detail.issue; + if (issue.id === id && issue.toggleSubscriptionEndpoint) { + issue.setFetchingState('subscriptions', true); + BoardService.toggleIssueSubscription(issue.toggleSubscriptionEndpoint) + .then(() => { + issue.setFetchingState('subscriptions', false); + issue.updateData({ + subscribed: !issue.subscribed, + }); + }) + .catch(() => { + issue.setFetchingState('subscriptions', false); + Flash(__('An error occurred when toggling the notification subscription')); + }); + } } }, }); @@ -112,27 +163,27 @@ $(() => { gl.IssueBoardsSearch = new Vue({ el: document.getElementById('js-add-list'), data: { - filters: Store.state.filters + filters: Store.state.filters, }, mounted () { gl.issueBoards.newListDropdownInit(); - } + }, }); gl.IssueBoardsModalAddBtn = new Vue({ - mixins: [gl.issueBoards.ModalMixins], el: document.getElementById('js-add-issues-btn'), - data: { - modal: ModalStore.store, - store: Store.state, - }, - watch: { - disabled() { - this.updateTooltip(); - }, + mixins: [gl.issueBoards.ModalMixins], + data() { + return { + modal: ModalStore.store, + store: Store.state, + }; }, computed: { disabled() { + if (!this.store) { + return true; + } return !this.store.lists.filter(list => !list.preset).length; }, tooltipTitle() { @@ -143,9 +194,17 @@ $(() => { return ''; }, }, + watch: { + disabled() { + this.updateTooltip(); + }, + }, + mounted() { + this.updateTooltip(); + }, methods: { updateTooltip() { - const $tooltip = $(this.$el); + const $tooltip = $(this.$refs.addIssuesButton); this.$nextTick(() => { if (this.disabled) { @@ -161,20 +220,20 @@ $(() => { } }, }, - mounted() { - this.updateTooltip(); - }, template: ` - +
+ +
`, }); }); diff --git a/app/assets/javascripts/boards/components/board.js b/app/assets/javascripts/boards/components/board.js index adb7360327..9c4cc2338c 100644 --- a/app/assets/javascripts/boards/components/board.js +++ b/app/assets/javascripts/boards/components/board.js @@ -1,8 +1,8 @@ /* eslint-disable comma-dangle, space-before-function-paren, one-var */ -/* global Sortable */ +import Sortable from 'vendor/Sortable'; import Vue from 'vue'; import AccessorUtilities from '../../lib/utils/accessor'; -import boardList from './board_list'; +import boardList from './board_list.vue'; import boardBlankState from './board_blank_state'; import './board_delete'; diff --git a/app/assets/javascripts/boards/components/board_blank_state.js b/app/assets/javascripts/boards/components/board_blank_state.js index edfe7c326d..72db626d3c 100644 --- a/app/assets/javascripts/boards/components/board_blank_state.js +++ b/app/assets/javascripts/boards/components/board_blank_state.js @@ -65,7 +65,7 @@ export default { // Save the labels gl.boardService.generateDefaultLists() - .then(resp => resp.json()) + .then(res => res.data) .then((data) => { data.forEach((listObj) => { const list = Store.findList('title', listObj.title); diff --git a/app/assets/javascripts/boards/components/board_card.js b/app/assets/javascripts/boards/components/board_card.js deleted file mode 100644 index 079fb6438b..0000000000 --- a/app/assets/javascripts/boards/components/board_card.js +++ /dev/null @@ -1,67 +0,0 @@ -import './issue_card_inner'; - -const Store = gl.issueBoards.BoardsStore; - -export default { - name: 'BoardsIssueCard', - template: ` -
  • - -
    • - `, - components: { - 'issue-card-inner': gl.issueBoards.IssueCardInner, - }, - props: { - list: Object, - issue: Object, - issueLinkBase: String, - disabled: Boolean, - index: Number, - rootPath: String, - }, - data() { - return { - showDetail: false, - detailIssue: Store.detail, - }; - }, - computed: { - issueDetailVisible() { - return this.detailIssue.issue && this.detailIssue.issue.id === this.issue.id; - }, - }, - methods: { - mouseDown() { - this.showDetail = true; - }, - mouseMove() { - this.showDetail = false; - }, - showIssue(e) { - if (e.target.classList.contains('js-no-trigger')) return; - - if (this.showDetail) { - this.showDetail = false; - - if (Store.detail.issue && Store.detail.issue.id === this.issue.id) { - Store.detail.issue = {}; - } else { - Store.detail.issue = this.issue; - Store.detail.list = this.list; - } - } - }, - }, -}; diff --git a/app/assets/javascripts/boards/components/board_card.vue b/app/assets/javascripts/boards/components/board_card.vue new file mode 100644 index 0000000000..23fec50358 --- /dev/null +++ b/app/assets/javascripts/boards/components/board_card.vue @@ -0,0 +1,95 @@ + + + diff --git a/app/assets/javascripts/boards/components/board_list.js b/app/assets/javascripts/boards/components/board_list.js deleted file mode 100644 index bebca17fb1..0000000000 --- a/app/assets/javascripts/boards/components/board_list.js +++ /dev/null @@ -1,209 +0,0 @@ -/* global Sortable */ -import boardNewIssue from './board_new_issue'; -import boardCard from './board_card'; -import eventHub from '../eventhub'; -import loadingIcon from '../../vue_shared/components/loading_icon.vue'; - -const Store = gl.issueBoards.BoardsStore; - -export default { - name: 'BoardList', - props: { - disabled: { - type: Boolean, - required: true, - }, - list: { - type: Object, - required: true, - }, - issues: { - type: Array, - required: true, - }, - loading: { - type: Boolean, - required: true, - }, - issueLinkBase: { - type: String, - required: true, - }, - rootPath: { - type: String, - required: true, - }, - }, - data() { - return { - scrollOffset: 250, - filters: Store.state.filters, - showCount: false, - showIssueForm: false, - }; - }, - components: { - boardCard, - boardNewIssue, - loadingIcon, - }, - methods: { - listHeight() { - return this.$refs.list.getBoundingClientRect().height; - }, - scrollHeight() { - return this.$refs.list.scrollHeight; - }, - scrollTop() { - return this.$refs.list.scrollTop + this.listHeight(); - }, - scrollToTop() { - this.$refs.list.scrollTop = 0; - }, - loadNextPage() { - const getIssues = this.list.nextPage(); - const loadingDone = () => { - this.list.loadingMore = false; - }; - - if (getIssues) { - this.list.loadingMore = true; - getIssues - .then(loadingDone) - .catch(loadingDone); - } - }, - toggleForm() { - this.showIssueForm = !this.showIssueForm; - }, - onScroll() { - if ((this.scrollTop() > this.scrollHeight() - this.scrollOffset) && !this.list.loadingMore) { - this.loadNextPage(); - } - }, - }, - watch: { - filters: { - handler() { - this.list.loadingMore = false; - this.$refs.list.scrollTop = 0; - }, - deep: true, - }, - issues() { - this.$nextTick(() => { - if (this.scrollHeight() <= this.listHeight() && - this.list.issuesSize > this.list.issues.length) { - this.list.page += 1; - this.list.getIssues(false) - .catch(() => { - // TODO: handle request error - }); - } - - if (this.scrollHeight() > Math.ceil(this.listHeight())) { - this.showCount = true; - } else { - this.showCount = false; - } - }); - }, - }, - created() { - eventHub.$on(`hide-issue-form-${this.list.id}`, this.toggleForm); - eventHub.$on(`scroll-board-list-${this.list.id}`, this.scrollToTop); - }, - mounted() { - const options = gl.issueBoards.getBoardSortableDefaultOptions({ - scroll: document.querySelectorAll('.boards-list')[0], - group: 'issues', - disabled: this.disabled, - filter: '.board-list-count, .is-disabled', - dataIdAttr: 'data-issue-id', - onStart: (e) => { - const card = this.$refs.issue[e.oldIndex]; - - card.showDetail = false; - Store.moving.list = card.list; - Store.moving.issue = Store.moving.list.findIssue(+e.item.dataset.issueId); - - gl.issueBoards.onStart(); - }, - onAdd: (e) => { - gl.issueBoards.BoardsStore - .moveIssueToList(Store.moving.list, this.list, Store.moving.issue, e.newIndex); - - this.$nextTick(() => { - e.item.remove(); - }); - }, - onUpdate: (e) => { - const sortedArray = this.sortable.toArray().filter(id => id !== '-1'); - gl.issueBoards.BoardsStore - .moveIssueInList(this.list, Store.moving.issue, e.oldIndex, e.newIndex, sortedArray); - }, - onMove(e) { - return !e.related.classList.contains('board-list-count'); - }, - }); - - this.sortable = Sortable.create(this.$refs.list, options); - - // Scroll event on list to load more - this.$refs.list.addEventListener('scroll', this.onScroll); - }, - beforeDestroy() { - eventHub.$off(`hide-issue-form-${this.list.id}`, this.toggleForm); - eventHub.$off(`scroll-board-list-${this.list.id}`, this.scrollToTop); - this.$refs.list.removeEventListener('scroll', this.onScroll); - }, - template: ` -
    -
    - -
    - - - -
      - -
    • - - - - - Showing all issues - - - Showing {{ list.issues.length }} of {{ list.issuesSize }} issues - -
      • -
    -
    - `, -}; diff --git a/app/assets/javascripts/boards/components/board_list.vue b/app/assets/javascripts/boards/components/board_list.vue new file mode 100644 index 0000000000..9a0442e2af --- /dev/null +++ b/app/assets/javascripts/boards/components/board_list.vue @@ -0,0 +1,212 @@ + + + diff --git a/app/assets/javascripts/boards/components/board_new_issue.js b/app/assets/javascripts/boards/components/board_new_issue.js index 4af8b0c771..bc28f7f45f 100644 --- a/app/assets/javascripts/boards/components/board_new_issue.js +++ b/app/assets/javascripts/boards/components/board_new_issue.js @@ -6,7 +6,10 @@ const Store = gl.issueBoards.BoardsStore; export default { name: 'BoardNewIssue', props: { - list: Object, + list: { + type: Object, + required: true, + }, }, data() { return { @@ -65,7 +68,7 @@ export default {
    - An error occured. Please try again. + An error occurred. Please try again.