Refresh patches (remove patches no longer relevant)

debian/patches/Gemfile/0010-relax-stable-libs.patch

@@ -30,8 +30,8 @@ gitlab Gemfile
 +gem 'default_value_for', '~> 3.4'
  
  # Supported DBs
--gem 'pg', '~> 1.4.3'
-+gem 'pg', '~> 1.4', '>= 1.4.3'
+-gem 'pg', '~> 1.4.5'
++gem 'pg', '~> 1.4', '>= 1.4.5'
  
  gem 'rugged', '~> 1.2'
 -gem 'grape-path-helpers', '~> 1.7.1'
@@ -90,9 +90,9 @@ gitlab Gemfile
  
  # Kerberos authentication. EE-only
  gem 'gssapi', group: :kerberos
-@@ -86,72 +86,72 @@
+@@ -86,28 +86,28 @@
  # Spam and anti-bot protection
- gem 'recaptcha', '~> 4.11', require: 'recaptcha/rails'
+ gem 'recaptcha', '~> 5.12', require: 'recaptcha/rails'
  gem 'akismet', '~> 3.0'
 -gem 'invisible_captcha', '~> 2.0.0'
 +gem 'invisible_captcha', '~> 2.0'
@@ -107,7 +107,7 @@ gitlab Gemfile
  # GitLab Pages
 -gem 'validates_hostname', '~> 1.0.11'
 -gem 'rubyzip', '~> 2.3.2', require: 'zip'
-+gem 'validates_hostname', '~> 1.0'
++gem 'validates_hostname', '~> 1.0', '>= 1.0.11'
 +gem 'rubyzip', '~> 2.0', '>= 2.3.2', require: 'zip'
  # GitLab Pages letsencrypt support
  gem 'acme-client', '~> 2.0'
@@ -125,10 +125,8 @@ gitlab Gemfile
  
  # LDAP Auth
  # GitLab fork with several improvements to original library. For full list of changes
- # see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
--gem 'gitlab_omniauth-ldap', '~> 2.2.0', require: 'omniauth-ldap'
-+gem 'gitlab_omniauth-ldap', '~> 2.2', require: 'omniauth-ldap'
- gem 'net-ldap', '~> 0.16.3'
+@@ -116,30 +116,30 @@
+ gem 'net-ldap', '~> 0.17.1'
  
  # API
 -gem 'grape', '~> 1.5.2'
@@ -166,12 +164,7 @@ gitlab Gemfile
  
  # for backups
  gem 'fog-aws', '~> 3.15'
- # Locked until fog-google resolves https://github.com/fog/fog-google/issues/421.
- # Also see config/initializers/fog_core_patch.rb.
--gem 'fog-core', '= 2.1.0'
-+gem 'fog-core', '= 2.1'
- gem 'fog-google', '~> 1.19', require: 'fog/google'
- gem 'fog-local', '~> 0.8'
+@@ -151,7 +151,7 @@
  gem 'fog-openstack', '~> 1.0'
  gem 'fog-rackspace', '~> 0.1.1'
  gem 'fog-aliyun', '~> 0.3'
@@ -238,8 +231,8 @@ gitlab Gemfile
  gem 'diff_match_patch', '~> 0.1.0'
  
  # Application server
--gem 'rack', '~> 2.2.4'
-+gem 'rack', '~> 2.2', '>= 2.2.4'
+-gem 'rack', '~> 2.2.6', '>= 2.2.6.2'
++gem 'rack', '~> 2.2', '>= 2.2.6.2'
  # https://github.com/zombocom/rack-timeout/blob/master/README.md#rails-apps-manually
  gem 'rack-timeout', '~> 0.6.3', require: 'rack/timeout/base'
  
@@ -306,8 +299,12 @@ gitlab Gemfile
  
  # Hangouts Chat integration
  gem 'hangouts-chat', '~> 0.0.5', require: 'hangouts_chat'
-@@ -284,7 +284,7 @@
- gem 'babosa', '~> 1.0.4'
+@@ -281,10 +281,10 @@
+ 
+ # Sanitize user input
+ gem 'sanitize', '~> 6.0'
+-gem 'babosa', '~> 1.0.4'
++gem 'babosa', '~> 1.0', '>= 1.0.4'
  
  # Sanitizes SVG input
 -gem 'loofah', '~> 2.19.1'
@@ -317,7 +314,7 @@ gitlab Gemfile
  # Detects the open source license the repository includes
 @@ -306,32 +306,32 @@
  
- gem 'rack-proxy', '~> 0.7.4'
+ gem 'rack-proxy', '~> 0.7.6'
  
 -gem 'sassc-rails', '~> 2.1.0'
 -gem 'autoprefixer-rails', '10.2.5.1'
@@ -329,8 +326,9 @@ gitlab Gemfile
  gem 'addressable', '~> 2.8'
  gem 'tanuki_emoji', '~> 0.6'
 -gem 'gon', '~> 6.4.0'
+-gem 'request_store', '~> 1.5.1'
 +gem 'gon', '~> 6.4'
- gem 'request_store', '~> 1.5.1'
++gem 'request_store', '~> 1.5', '>= 1.5.1'
  gem 'base32', '~> 0.3.0'
  
 -gem 'gitlab-license', '~> 2.2.1'
@@ -384,7 +382,7 @@ gitlab Gemfile
 +gem 'warning', '~> 1.3'
  
  group :development do
-   gem 'lefthook', '~> 1.2.6', require: false
+   gem 'lefthook', '~> 1.2.7', require: false
 @@ -437,24 +437,24 @@
  end
  
@@ -475,7 +473,14 @@ gitlab Gemfile
  
  # LRU cache
  gem 'lru_redux'
-@@ -544,12 +544,12 @@
+@@ -538,18 +538,18 @@
+ gem 'microsoft_graph_mailer', '~> 0.1.0', path: 'vendor/gems/microsoft_graph_mailer'
+ 
+ # File encryption
+-gem 'lockbox', '~> 1.1.1'
++gem 'lockbox', '~> 1.1', '>= 1.1.1'
+ 
+ # Email validation
  gem 'valid_email', '~> 0.1'
  
  # JSON

debian/patches/Gemfile/0020-remove-development-test.patch

@@ -30,12 +30,12 @@ Bundler will fail when it can't find these locally
  gem 'warning', '~> 1.3'
  
 -group :development do
--  gem 'lefthook', '~> 1.2.6', require: false
+-  gem 'lefthook', '~> 1.2.7', require: false
 -  gem 'rubocop'
 -  gem 'solargraph', '~> 0.47.2', require: false
 -
 -  gem 'letter_opener_web', '~> 2.0.0'
--  gem 'lookbook', '~> 1.2', '>= 1.2.1'
+-  gem 'lookbook', '~> 1.4', '>= 1.4.5'
 -
 -  # Better errors handler
 -  gem 'better_errors', '~> 2.9.1'
@@ -67,7 +67,7 @@ Bundler will fail when it can't find these locally
 -  gem 'spring', '~> 4.1.0'
 -  gem 'spring-commands-rspec', '~> 1.0.4'
 -
--  gem 'gitlab-styles', '~> 9.1.0', require: false
+-  gem 'gitlab-styles', '~> 9.2.0', require: false
 -
 -  gem 'haml_lint', '~> 0.40.0', require: false
 -  gem 'bundler-audit', '~> 0.7.0.1', require: false

debian/patches/Gemfile/0090-remove-ee-only-gems.patch

@@ -11,7 +11,7 @@ This gem is used only in gitlab Enterprise Edition
  
  # Spam and anti-bot protection
 @@ -313,8 +312,6 @@
- gem 'request_store', '~> 1.5.1'
+ gem 'request_store', '~> 1.5', '>= 1.5.1'
  gem 'base32', '~> 0.3.0'
  
 -gem 'gitlab-license', '~> 2.2','>= 2.2.1'

debian/patches/Gemfile/0180-add-parser-gem.patch

@@ -4,7 +4,7 @@ Forwarded: https://gitlab.com/gitlab-org/gitlab/-/issues/354323
 +++ b/Gemfile
 @@ -39,6 +39,9 @@
  # Supported DBs
- gem 'pg', '~> 1.4', '>= 1.4.3'
+ gem 'pg', '~> 1.4', '>= 1.4.5'
  
 +# Background migrations/fix vulnerabilities
 +gem 'parser', '~> 3.0'

debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch

@@ -2,9 +2,9 @@ Rakefile need this gem
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -490,5 +490,8 @@
- # Apple plist parsing
+@@ -491,5 +491,8 @@
  gem 'CFPropertyList'
+ gem 'app_store_connect'
  
 +# This is required for Rakefile
 +gem 'gitlab-dangerfiles'

debian/patches/Gemfile/0230-relax-net-ldap.patch

@@ -1,11 +0,0 @@
---- a/Gemfile
-+++ b/Gemfile
-@@ -115,7 +115,7 @@
- # GitLab fork with several improvements to original library. For full list of changes
- # see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
- gem 'gitlab_omniauth-ldap', '~> 2.2', require: 'omniauth-ldap'
--gem 'net-ldap', '~> 0.16.3'
-+gem 'net-ldap', '~> 0.17.0'
- 
- # API
- gem 'grape', '~> 1.5','>= 1.5.2'

debian/patches/nodejs/0020-remove-dev-dependencies.patch

@@ -2,7 +2,7 @@ These are not required in production
 
 --- a/package.json
 +++ b/package.json
-@@ -209,60 +209,7 @@
+@@ -211,60 +211,7 @@
      "yaml": "^2.0.0-10"
    },
    "devDependencies": {
@@ -47,7 +47,7 @@ These are not required in production
 -    "nodemon": "^2.0.19",
 -    "prettier": "2.2.1",
 -    "prosemirror-schema-basic": "^1.2.0",
--    "prosemirror-schema-list": "^1.2.0",
+-    "prosemirror-schema-list": "^1.2.2",
 -    "prosemirror-test-builder": "^1.1.0",
 -    "purgecss": "^4.0.3",
 -    "purgecss-from-html": "^4.0.3",

debian/patches/nodejs/0040-use-packaged-modules.patch

@@ -53,7 +53,7 @@ Use debian packaged node modules when available
    module: {
      strictExportPresence: true,
      rules: [
-@@ -419,7 +425,7 @@
+@@ -424,7 +430,7 @@
        },
        {
          test: /\.(eot|ttf|woff|woff2)$/,
@@ -62,7 +62,7 @@ Use debian packaged node modules when available
          loader: 'file-loader',
          options: {
            name: '[name].[contenthash:8].[ext]',
-@@ -840,6 +846,7 @@
+@@ -845,6 +851,7 @@
  
    node: {
      fs: 'empty', // editorconfig requires 'fs'
@@ -92,5 +92,5 @@ Use debian packaged node modules when available
 +    "@babel/core": "link:/usr/share/nodejs/@babel/core",
 +    "@babel/preset-env": "link:/usr/share/nodejs/@babel/preset-env",
      "@codesandbox/sandpack-client": "^1.2.2",
-     "@cubejs-client/core": "^0.31.0",
-     "@gitlab/at.js": "1.5.7",
+     "@cubejs-client/core": "^0.31.15",
+     "@cubejs-client/vue": "^0.31.19",

debian/patches/nodejs/0050-add-babel-plugins.patch

@@ -10,4 +10,4 @@
 +    "@babel/plugin-syntax-import-meta": "link:/usr/share/nodejs/@babel/plugin-syntax-import-meta",
      "@babel/preset-env": "link:/usr/share/nodejs/@babel/preset-env",
      "@codesandbox/sandpack-client": "^1.2.2",
-     "@cubejs-client/core": "^0.31.0",
+     "@cubejs-client/core": "^0.31.15",

debian/patches/nodejs/0060-use-system-yaml.patch

@@ -2,7 +2,7 @@ yaml from npm registry needs a newer nodejs than what is in bullseye
 
 --- a/package.json
 +++ b/package.json
-@@ -210,7 +210,7 @@
+@@ -212,7 +212,7 @@
      "webpack-stats-plugin": "^0.3.1",
      "worker-loader": "^2.0.0",
      "xterm": "3.14.5",

debian/patches/nodejs/0070-use-system-katex.patch

@@ -1,6 +1,6 @@
 --- a/package.json
 +++ b/package.json
-@@ -145,7 +145,7 @@
+@@ -147,7 +147,7 @@
      "js-cookie": "^3.0.0",
      "js-yaml": "^3.13.1",
      "jszip": "^3.1.3",

debian/patches/nodejs/0080-use-matching-tiptap-core.patch

@@ -1,66 +0,0 @@
---- a/package.json
-+++ b/package.json
-@@ -67,39 +67,39 @@
-     "@rails/actioncable": "6.1.4-7",
-     "@rails/ujs": "6.1.4-7",
-     "@sourcegraph/code-host-integration": "0.0.84",
--    "@tiptap/core": "^2.0.0-beta.182",
-+    "@tiptap/core": "2.0.0-beta.182",
-     "@tiptap/extension-blockquote": "^2.0.0-beta.29",
-     "@tiptap/extension-bold": "^2.0.0-beta.28",
--    "@tiptap/extension-bubble-menu": "^2.0.0-beta.61",
-+    "@tiptap/extension-bubble-menu": "2.0.0-beta.61",
-     "@tiptap/extension-bullet-list": "^2.0.0-beta.29",
--    "@tiptap/extension-code": "^2.0.0-beta.28",
-+    "@tiptap/extension-code": "2.0.0-beta.28",
-     "@tiptap/extension-code-block-lowlight": "2.0.0-beta.73",
-     "@tiptap/extension-document": "^2.0.0-beta.17",
--    "@tiptap/extension-dropcursor": "^2.0.0-beta.28",
--    "@tiptap/extension-gapcursor": "^2.0.0-beta.38",
-+    "@tiptap/extension-dropcursor": "2.0.0-beta.28",
-+    "@tiptap/extension-gapcursor": "2.0.0-beta.38",
-     "@tiptap/extension-hard-break": "^2.0.0-beta.33",
-     "@tiptap/extension-heading": "^2.0.0-beta.29",
-     "@tiptap/extension-highlight": "^2.0.0-beta.35",
--    "@tiptap/extension-history": "^2.0.0-beta.25",
--    "@tiptap/extension-horizontal-rule": "^2.0.0-beta.36",
-+    "@tiptap/extension-history": "2.0.0-beta.25",
-+    "@tiptap/extension-horizontal-rule": "2.0.0-beta.36",
-     "@tiptap/extension-image": "^2.0.0-beta.30",
-     "@tiptap/extension-italic": "^2.0.0-beta.28",
--    "@tiptap/extension-link": "^2.0.0-beta.43",
-+    "@tiptap/extension-link": "2.0.0-beta.43",
-     "@tiptap/extension-list-item": "^2.0.0-beta.23",
-     "@tiptap/extension-ordered-list": "^2.0.0-beta.30",
-     "@tiptap/extension-paragraph": "^2.0.0-beta.26",
-     "@tiptap/extension-strike": "^2.0.0-beta.29",
-     "@tiptap/extension-subscript": "^2.0.0-beta.13",
-     "@tiptap/extension-superscript": "^2.0.0-beta.13",
--    "@tiptap/extension-table": "^2.0.0-beta.54",
-+    "@tiptap/extension-table": "2.0.0-beta.54",
-     "@tiptap/extension-table-cell": "^2.0.0-beta.23",
-     "@tiptap/extension-table-header": "^2.0.0-beta.25",
-     "@tiptap/extension-table-row": "^2.0.0-beta.22",
-     "@tiptap/extension-task-item": "^2.0.0-beta.37",
-     "@tiptap/extension-task-list": "^2.0.0-beta.29",
-     "@tiptap/extension-text": "^2.0.0-beta.17",
--    "@tiptap/suggestion": "^2.0.0-beta.96",
--    "@tiptap/vue-2": "^2.0.0-beta.84",
-+    "@tiptap/suggestion": "2.0.0-beta.96",
-+    "@tiptap/vue-2": "2.0.0-beta.84",
-     "apollo-upload-client": "15.0.0",
-     "autosize": "^5.0.1",
-     "axios": "^0.24.0",
-@@ -219,7 +219,11 @@
-   },
-   "resolutions": {
-     "chokidar": "^3.5.3",
--    "@types/node": "14.17.5"
-+    "@types/node": "14.17.5",
-+    "@tiptap/extension-code-block": "2.0.0-beta.42",
-+    "@tiptap/extension-bubble-menu": "2.0.0-beta.61",
-+    "@tiptap/extension-floating-menu": "2.0.0-beta.56"
-+
-   },
-   "engines": {
-     "node": ">=12.22.1",

debian/patches/nodejs/0090-lock-mermaid-version.patch

@@ -2,7 +2,7 @@ webpack fails with mermaid 9.4.3 on bullseye, and 9.1.6 is known to work
 
 --- a/package.json
 +++ b/package.json
-@@ -151,7 +151,7 @@
+@@ -153,7 +153,7 @@
      "marked": "^4.0.18",
      "mathjax": "3",
      "mdurl": "^1.0.1",

debian/patches/nodejs/0100-lock-tiptap-versions.patch

@@ -0,0 +1,86 @@
+This fixes webpack error when newer versions are pulled by yarn
+
+--- a/package.json
++++ b/package.json
+@@ -68,39 +68,39 @@
+     "@rails/actioncable": "6.1.4-7",
+     "@rails/ujs": "6.1.4-7",
+     "@sourcegraph/code-host-integration": "0.0.84",
+-    "@tiptap/core": "^2.0.0-beta.202",
+-    "@tiptap/extension-blockquote": "^2.0.0-beta.202",
+-    "@tiptap/extension-bold": "^2.0.0-beta.202",
++    "@tiptap/core": "2.0.0-beta.202",
++    "@tiptap/extension-blockquote": "2.0.0-beta.202",
++    "@tiptap/extension-bold": "2.0.0-beta.202",
+     "@tiptap/extension-bubble-menu": "2.0.0-beta.200",
+-    "@tiptap/extension-bullet-list": "^2.0.0-beta.202",
+-    "@tiptap/extension-code": "^2.0.0-beta.202",
+-    "@tiptap/extension-code-block": "^2.0.0-beta.202",
++    "@tiptap/extension-bullet-list": "2.0.0-beta.202",
++    "@tiptap/extension-code": "2.0.0-beta.202",
++    "@tiptap/extension-code-block": "2.0.0-beta.202",
+     "@tiptap/extension-code-block-lowlight": "2.0.0-beta.202",
+-    "@tiptap/extension-document": "^2.0.0-beta.202",
+-    "@tiptap/extension-dropcursor": "^2.0.0-beta.202",
+-    "@tiptap/extension-gapcursor": "^2.0.0-beta.202",
+-    "@tiptap/extension-hard-break": "^2.0.0-beta.202",
+-    "@tiptap/extension-heading": "^2.0.0-beta.202",
+-    "@tiptap/extension-highlight": "^2.0.0-beta.209",
+-    "@tiptap/extension-history": "^2.0.0-beta.202",
+-    "@tiptap/extension-horizontal-rule": "^2.0.0-beta.202",
+-    "@tiptap/extension-image": "^2.0.0-beta.202",
+-    "@tiptap/extension-italic": "^2.0.0-beta.202",
+-    "@tiptap/extension-link": "^2.0.0-beta.202",
+-    "@tiptap/extension-list-item": "^2.0.0-beta.202",
+-    "@tiptap/extension-ordered-list": "^2.0.0-beta.202",
+-    "@tiptap/extension-paragraph": "^2.0.0-beta.202",
+-    "@tiptap/extension-strike": "^2.0.0-beta.202",
+-    "@tiptap/extension-subscript": "^2.0.0-beta.202",
+-    "@tiptap/extension-superscript": "^2.0.0-beta.202",
+-    "@tiptap/extension-table": "^2.0.0-beta.202",
+-    "@tiptap/extension-table-cell": "^2.0.0-beta.202",
+-    "@tiptap/extension-table-header": "^2.0.0-beta.202",
+-    "@tiptap/extension-table-row": "^2.0.0-beta.202",
+-    "@tiptap/extension-task-item": "^2.0.0-beta.202",
+-    "@tiptap/extension-task-list": "^2.0.0-beta.202",
+-    "@tiptap/extension-text": "^2.0.0-beta.202",
+-    "@tiptap/suggestion": "^2.0.0-beta.202",
++    "@tiptap/extension-document": "2.0.0-beta.202",
++    "@tiptap/extension-dropcursor": "2.0.0-beta.202",
++    "@tiptap/extension-gapcursor": "2.0.0-beta.202",
++    "@tiptap/extension-hard-break": "2.0.0-beta.202",
++    "@tiptap/extension-heading": "2.0.0-beta.202",
++    "@tiptap/extension-highlight": "2.0.0-beta.209",
++    "@tiptap/extension-history": "2.0.0-beta.202",
++    "@tiptap/extension-horizontal-rule": "2.0.0-beta.202",
++    "@tiptap/extension-image": "2.0.0-beta.202",
++    "@tiptap/extension-italic": "2.0.0-beta.202",
++    "@tiptap/extension-link": "2.0.0-beta.202",
++    "@tiptap/extension-list-item": "2.0.0-beta.202",
++    "@tiptap/extension-ordered-list": "2.0.0-beta.202",
++    "@tiptap/extension-paragraph": "2.0.0-beta.202",
++    "@tiptap/extension-strike": "2.0.0-beta.202",
++    "@tiptap/extension-subscript": "2.0.0-beta.202",
++    "@tiptap/extension-superscript": "2.0.0-beta.202",
++    "@tiptap/extension-table": "2.0.0-beta.202",
++    "@tiptap/extension-table-cell": "2.0.0-beta.202",
++    "@tiptap/extension-table-header": "2.0.0-beta.202",
++    "@tiptap/extension-table-row": "2.0.0-beta.202",
++    "@tiptap/extension-task-item": "2.0.0-beta.202",
++    "@tiptap/extension-task-list": "2.0.0-beta.202",
++    "@tiptap/extension-text": "2.0.0-beta.202",
++    "@tiptap/suggestion": "2.0.0-beta.202",
+     "@tiptap/vue-2": "2.0.0-beta.200",
+     "apollo-upload-client": "15.0.0",
+     "autosize": "^5.0.1",
+@@ -221,7 +221,9 @@
+   },
+   "resolutions": {
+     "chokidar": "^3.5.3",
+-    "@types/node": "14.17.5"
++    "@types/node": "14.17.5",
++    "@tiptap/extension-floating-menu": "2.0.0-beta.202",
++    "@tiptap/extension-bubble-menu": "2.0.0-beta.202"
+   },
+   "engines": {
+     "node": ">=12.22.1",

debian/patches/series

@@ -13,7 +13,6 @@ Gemfile/0190-relax-rdoc.patch
 Gemfile/0200-add-gitlab-dangerfiles.patch
 Gemfile/0210-comment-out-openssl.patch
 Gemfile/0220-relax-oj-in-ipynbdiff.patch
-Gemfile/0230-relax-net-ldap.patch
 nodejs/0010-set-webpack-root.patch
 nodejs/0020-remove-dev-dependencies.patch
 nodejs/0030-use-yarnpkg.patch
@@ -21,8 +20,8 @@ nodejs/0040-use-packaged-modules.patch
 nodejs/0050-add-babel-plugins.patch
 nodejs/0060-use-system-yaml.patch
 nodejs/0070-use-system-katex.patch
-nodejs/0080-use-matching-tiptap-core.patch
 nodejs/0090-lock-mermaid-version.patch
+nodejs/0100-lock-tiptap-versions.patch
 tweaks/0010-source-init-functions.patch
 tweaks/0020-fix-mail-room-path.patch
 tweaks/0030-fix-gitlab-yml-path.patch

debian/patches/tweaks/0050-add-salsa-link-to-help.patch

@@ -5,7 +5,7 @@ Last-Update: 2018-12-16
 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
 --- a/app/helpers/version_check_helper.rb
 +++ b/app/helpers/version_check_helper.rb
-@@ -24,7 +24,10 @@
+@@ -22,7 +22,10 @@
    end
  
    def link_to_version

debian/patches/tweaks/0070-remove-capybara-screenshot-rspec.patch

@@ -8,7 +8,7 @@
  require 'selenium-webdriver'
  
  # Give CI some extra time
-@@ -120,18 +119,6 @@
+@@ -133,18 +132,6 @@
  Capybara.default_normalize_ws = true
  Capybara.enable_aria_label = true