Refresh patches (create new patches to fix dependency mismatch)

debian/patches/0050-relax-stable-libs.patch

@@ -3,9 +3,11 @@ gitlab Gemfile
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -2,7 +2,7 @@
+@@ -1,8 +1,8 @@
+ source 'https://rubygems.org'
  
- gem 'rails', '~> 6.0.3.1'
+-gem 'rails', '~> 6.0.3.1'
++gem 'rails', '~> 6.0.3'
  
 -gem 'bootsnap', '~> 1.4.6'
 +gem 'bootsnap', '~> 1.4', '>= 1.4.6'
@@ -25,18 +27,23 @@ gitlab Gemfile
  
  # Supported DBs
  gem 'pg', '~> 1.1'
-@@ -22,32 +22,32 @@
- gem 'grape-path-helpers', '~> 1.3'
+@@ -22,34 +22,34 @@
+ gem 'grape-path-helpers', '~> 1.4'
  
  gem 'faraday', '~> 1.0'
 -gem 'marginalia', '~> 1.9.0'
 +gem 'marginalia', '~> 1.9'
  
  # Authentication libraries
- gem 'devise', '~> 4.6'
+-gem 'devise', '~> 4.7.2'
++gem 'devise', '~> 4.7', '>= 4.7.2'
+ # TODO: verify ARM compile issue on 3.1.13+ version (see https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18828)
+-gem 'bcrypt', '3.1.12'
 -gem 'doorkeeper', '~> 5.3.0'
+-gem 'doorkeeper-openid_connect', '~> 1.7.4'
++gem 'bcrypt', '~> 3.1', '>= 3.1.12'
 +gem 'doorkeeper', '~> 5.3'
- gem 'doorkeeper-openid_connect', '~> 1.7.4'
++gem 'doorkeeper-openid_connect', '~> 1.7','>= 1.7.4'
  gem 'omniauth', '~> 1.8'
 -gem 'omniauth-auth0', '~> 2.0.0'
 +gem 'omniauth-auth0', '~> 2.0'
@@ -64,12 +71,12 @@ gitlab Gemfile
  gem 'omniauth-atlassian-oauth2', '~> 0.2.0'
 -gem 'rack-oauth2', '~> 1.9.3'
 -gem 'jwt', '~> 2.1.0'
-+gem 'rack-oauth2', '~> 1.9', '>= 1.9.3'
-+gem 'jwt', '~> 2.1', '>= 2.1.0'
++gem 'rack-oauth2', '~> 1.9','>= 1.9.3'
++gem 'jwt', '~> 2.1'
  
  # Kerberos authentication. EE-only
  gem 'gssapi', group: :kerberos
-@@ -58,14 +58,14 @@
+@@ -60,14 +60,14 @@
  gem 'invisible_captcha', '~> 0.12.1'
  
  # Two-factor authentication
@@ -88,7 +95,7 @@ gitlab Gemfile
  # GitLab Pages letsencrypt support
  gem 'acme-client', '~> 2.0', '>= 2.0.6'
  
-@@ -73,12 +73,12 @@
+@@ -75,12 +75,12 @@
  gem 'browser', '~> 4.2'
  
  # GPG
@@ -103,7 +110,7 @@ gitlab Gemfile
  gem 'net-ldap'
  
  # API
-@@ -86,16 +86,16 @@
+@@ -88,16 +88,16 @@
  # Remove config/initializers/grape_patch.rb
  gem 'grape', '= 1.4.0'
  gem 'grape-entity', '~> 0.7.1'
@@ -117,14 +124,15 @@ gitlab Gemfile
  # TODO: remove app/views/graphiql/rails/editors/show.html.erb when https://github.com/rmosolgo/graphiql-rails/pull/71 is released:
  # https://gitlab.com/gitlab-org/gitlab/issues/31747
 -gem 'graphiql-rails', '~> 1.4.10'
-+gem 'graphiql-rails', '~> 1.4', '>= 1.4.10'
- gem 'apollo_upload_server', '~> 2.0.2'
+-gem 'apollo_upload_server', '~> 2.0.2'
 -gem 'graphql-docs', '~> 1.6.0', group: [:development, :test]
++gem 'graphiql-rails', '~> 1.4', '>= 1.4.10'
++gem 'apollo_upload_server', '~> 2.0', '>= 2.0.2'
 +gem 'graphql-docs', '~> 1.6', group: [:development, :test]
  
+ gem 'hashie'
  # Disable strong_params so that Mash does not respond to :permitted?
- gem 'hashie-forbidden_attributes'
-@@ -104,7 +104,7 @@
+@@ -107,17 +107,17 @@
  gem 'kaminari', '~> 1.0'
  
  # HAML
@@ -133,7 +141,10 @@ gitlab Gemfile
  
  # Files attachments
  gem 'carrierwave', '~> 1.3'
-@@ -114,7 +114,7 @@
+-gem 'mini_magick', '~> 4.10.1'
++gem 'mini_magick', '~> 4.10', '>= 4.10.1'
+ 
+ # for backups
  gem 'fog-aws', '~> 3.5'
  # Locked until fog-google resolves https://github.com/fog/fog-google/issues/421.
  # Also see config/initializers/fog_core_patch.rb.
@@ -142,7 +153,7 @@ gitlab Gemfile
  gem 'fog-google', '~> 1.10'
  gem 'fog-local', '~> 0.6'
  gem 'fog-openstack', '~> 1.0'
-@@ -129,7 +129,7 @@
+@@ -132,36 +132,36 @@
  gem 'unf', '~> 0.1.4'
  
  # Seed data
@@ -151,7 +162,14 @@ gitlab Gemfile
  
  # Search
  gem 'elasticsearch-model', '~> 6.1'
-@@ -142,23 +142,23 @@
+ gem 'elasticsearch-rails', '~> 6.1', require: 'elasticsearch/rails/instrumentation'
+-gem 'elasticsearch-api',   '~> 6.8.2'
++gem 'elasticsearch-api',   '~> 6.8', '>= 6.8.2'
+ gem 'aws-sdk-core', '~> 3'
+ gem 'aws-sdk-cloudformation', '~> 1'
+ gem 'aws-sdk-s3', '~> 1'
+-gem 'faraday_middleware-aws-sigv4', '~>0.3.0'
++gem 'faraday_middleware-aws-sigv4', '~> 0.3.0'
  
  # Markdown and HTML processing
  gem 'html-pipeline', '~> 2.12'
@@ -175,8 +193,8 @@ gitlab Gemfile
 +gem 'asciidoctor', '~> 2.0', '>= 2.0.10'
  gem 'asciidoctor-include-ext', '~> 0.3.1', require: false
  gem 'asciidoctor-plantuml', '~> 0.0.12'
--gem 'rouge', '~> 3.21.0'
-+gem 'rouge', '~> 3.21'
+-gem 'rouge', '~> 3.24.0'
++gem 'rouge', '~> 3.24'
  gem 'truncato', '~> 0.7.11'
 -gem 'bootstrap_form', '~> 4.2.0'
 -gem 'nokogiri', '~> 1.10.9'
@@ -185,16 +203,16 @@ gitlab Gemfile
  gem 'escape_utils', '~> 1.1'
  
  # Calendar rendering
-@@ -169,7 +169,7 @@
+@@ -172,7 +172,7 @@
  gem 'diff_match_patch', '~> 0.1.0'
  
  # Application server
--gem 'rack', '~> 2.0.9'
-+gem 'rack', '~> 2.0', '>= 2.0.9'
+-gem 'rack', '~> 2.1.4'
++gem 'rack', '~> 2.0', '>= 2.1.4'
  # https://github.com/sharpstone/rack-timeout/blob/master/README.md#rails-apps-manually
  gem 'rack-timeout', '~> 0.5.1', require: 'rack/timeout/base'
  
-@@ -190,13 +190,13 @@
+@@ -193,13 +193,13 @@
  gem 'acts-as-taggable-on', '~> 6.0'
  
  # Background jobs
@@ -211,7 +229,7 @@ gitlab Gemfile
  
  # HTTP requests
  gem 'httparty', '~> 0.16.4'
-@@ -208,14 +208,14 @@
+@@ -211,14 +211,14 @@
  gem 'ruby-progressbar'
  
  # GitLab settings
@@ -229,7 +247,7 @@ gitlab Gemfile
  
  # Export Ruby Regex to Javascript
  gem 'js_regex', '~> 3.4'
-@@ -228,23 +228,23 @@
+@@ -231,39 +231,39 @@
  gem 'connection_pool', '~> 2.0'
  
  # Redis session store
@@ -252,26 +270,32 @@ gitlab Gemfile
  gem 'flowdock', '~> 0.7'
  
  # Slack integration
--gem 'slack-messenger', '~> 2.3.3'
-+gem 'slack-messenger', '~> 2.3', '>= 2.3.3'
+-gem 'slack-messenger', '~> 2.3.4'
++gem 'slack-messenger', '~> 2.3', '>= 2.3.4'
  
  # Hangouts Chat integration
  gem 'hangouts-chat', '~> 0.0.5'
-@@ -256,11 +256,11 @@
+ 
+ # Asana integration
+-gem 'asana', '0.10.2'
++gem 'asana', '~> 0.10.2'
+ 
+ # FogBugz integration
  gem 'ruby-fogbugz', '~> 0.2.1'
  
  # Kubernetes integration
--gem 'kubeclient', '~> 4.6.0'
-+gem 'kubeclient', '~> 4.6'
+-gem 'kubeclient', '~> 4.9.1'
++gem 'kubeclient', '~> 4.9', '>= 4.9.1'
  
  # Sanitize user input
- gem 'sanitize', '~> 5.2.1'
+-gem 'sanitize', '~> 5.2.1'
 -gem 'babosa', '~> 1.0.2'
++gem 'sanitize', '~> 5.2', '>= 5.2.1'
 +gem 'babosa', '~> 1.0', '>= 1.0.2'
  
  # Sanitizes SVG input
  gem 'loofah', '~> 2.2'
-@@ -269,7 +269,7 @@
+@@ -272,7 +272,7 @@
  gem 'licensee', '~> 8.9'
  
  # Ace editor
@@ -279,19 +303,19 @@ gitlab Gemfile
 +gem 'ace-rails-ap', '~> 4.1'
  
  # Detect and convert string character encoding
- gem 'charlock_holmes', '~> 0.7.5'
-@@ -287,8 +287,8 @@
- gem 'webpack-rails', '~> 0.9.10'
+ gem 'charlock_holmes', '~> 0.7.7'
+@@ -289,8 +289,8 @@
+ 
  gem 'rack-proxy', '~> 0.6.0'
  
 -gem 'sassc-rails', '~> 2.1.0'
--gem 'uglifier', '~> 2.7.2'
+-gem 'terser', '1.0.2'
 +gem 'sassc-rails', '~> 2.1'
-+gem 'uglifier', '~> 2.7', '>= 2.7.2'
++gem 'terser', '~> 1.0', '>= 1.0.2'
  
  gem 'addressable', '~> 2.7'
  gem 'font-awesome-rails', '~> 4.7'
-@@ -300,24 +300,24 @@
+@@ -302,24 +302,24 @@
  gem "gitlab-license", "~> 1.0"
  
  # Protect against bruteforcing
@@ -305,8 +329,8 @@ gitlab Gemfile
 +gem 'premailer-rails', '~> 1.10', '>= 1.10.3'
  
  # LabKit: Tracing and Correlation
--gem 'gitlab-labkit', '0.12.1'
-+gem 'gitlab-labkit', '~> 0.12.1'
+-gem 'gitlab-labkit', '0.12.2'
++gem 'gitlab-labkit', '~> 0.12.2'
  
  # I18n
  gem 'ruby_parser', '~> 3.8', require: false
@@ -321,7 +345,7 @@ gitlab Gemfile
  
  # Perf bar
  gem 'peek', '~> 1.1'
-@@ -348,30 +348,30 @@
+@@ -350,40 +350,40 @@
  end
  
  group :development, :test do
@@ -364,8 +388,6 @@ gitlab Gemfile
  
    gem 'scss_lint', '~> 0.56.0', require: false
    gem 'haml_lint', '~> 0.34.0', require: false
-@@ -379,11 +379,11 @@
-   gem 'simplecov-cobertura', '~> 1.3.1', require: false
    gem 'bundler-audit', '~> 0.6.1', require: false
  
 -  gem 'benchmark-ips', '~> 2.3.0', require: false
@@ -378,7 +400,7 @@ gitlab Gemfile
  
    gem 'timecop', '~> 0.9.1'
  
-@@ -400,18 +400,18 @@
+@@ -405,18 +405,18 @@
  end
  
  group :test do
@@ -396,14 +418,14 @@ gitlab Gemfile
  
 -  gem 'shoulda-matchers', '~> 4.0.1', require: false
 -  gem 'email_spec', '~> 2.2.0'
--  gem 'webmock', '~> 3.5.1'
+-  gem 'webmock', '~> 3.9.1'
 +  gem 'shoulda-matchers', '~> 4.0', '>= 4.0.1', require: false
 +  gem 'email_spec', '~> 2.2'
-+  gem 'webmock', '~> 3.5', '>= 3.5.1'
++  gem 'webmock', '~> 3.5', '>= 3.9.1'
    gem 'rails-controller-testing'
    gem 'concurrent-ruby', '~> 1.1'
    gem 'test-prof', '~> 0.12.0'
-@@ -430,7 +430,7 @@
+@@ -435,7 +435,7 @@
  gem 'email_reply_trimmer', '~> 0.1'
  gem 'html2text'
  
@@ -412,7 +434,7 @@ gitlab Gemfile
  gem 'stackprof', '~> 0.2.15', require: false
  gem 'rbtrace', '~> 0.4', require: false
  gem 'memory_profiler', '~> 0.9', require: false
-@@ -444,8 +444,8 @@
+@@ -449,8 +449,8 @@
  gem 'health_check', '~> 3.0'
  
  # System information
@@ -423,14 +445,15 @@ gitlab Gemfile
  
  # NTP client
  gem 'net-ntp'
-@@ -461,13 +461,13 @@
+@@ -466,13 +466,13 @@
  end
  
  # Gitaly GRPC protocol definitions
--gem 'gitaly', '~> 13.3.0-rc1'
-+gem 'gitaly', '~> 13.3'
+-gem 'gitaly', '~> 13.5.0-rc2'
++gem 'gitaly', '~> 13.5'
  
- gem 'grpc', '~> 1.30.2'
+-gem 'grpc', '~> 1.30.2'
++gem 'grpc', '~> 1.30', '>= 1.30.2'
  
  gem 'google-protobuf', '~> 3.12'
  
@@ -439,7 +462,7 @@ gitlab Gemfile
  
  # Feature toggles
  gem 'flipper', '~> 0.17.1'
-@@ -485,12 +485,12 @@
+@@ -490,12 +490,12 @@
  # Countries list
  gem 'countries', '~> 3.0'
  
@@ -454,7 +477,7 @@ gitlab Gemfile
  
  # Locked as long as quoted-printable encoding issues are not resolved
  # Monkey-patched in `config/initializers/mail_encoding_patch.rb`
-@@ -504,11 +504,11 @@
+@@ -509,12 +509,12 @@
  gem 'valid_email', '~> 0.1'
  
  # JSON
@@ -471,3 +494,4 @@ gitlab Gemfile
 +gem 'yajl-ruby', '~> 1.4', '>= 1.4.1', require: 'yajl'
  
  gem 'webauthn', '~> 2.3'
+ 

debian/patches/0100-remove-development-test.patch

@@ -2,15 +2,15 @@ Bundler will fail when it can't find these locally
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -95,7 +95,6 @@
+@@ -97,7 +97,6 @@
  # https://gitlab.com/gitlab-org/gitlab/issues/31747
  gem 'graphiql-rails', '~> 1.4', '>= 1.4.10'
- gem 'apollo_upload_server', '~> 2.0.2'
+ gem 'apollo_upload_server', '~> 2.0', '>= 2.0.2'
 -gem 'graphql-docs', '~> 1.6', group: [:development, :test]
  
+ gem 'hashie'
  # Disable strong_params so that Mash does not respond to :permitted?
- gem 'hashie-forbidden_attributes'
-@@ -315,7 +314,6 @@
+@@ -317,7 +316,6 @@
  gem 'rails-i18n', '~> 6.0'
  gem 'gettext_i18n_rails', '~> 1.8'
  gem 'gettext_i18n_rails_js', '~> 1.3'
@@ -18,13 +18,13 @@ Bundler will fail when it can't find these locally
  
  gem 'batch-loader', '~> 1.4'
  
-@@ -334,19 +332,6 @@
+@@ -336,19 +334,6 @@
    gem 'raindrops', '~> 0.18'
  end
  
 -group :development do
 -  gem 'brakeman', '~> 4.2', require: false
--  gem 'danger', '~> 8.0', require: false
+-  gem 'danger', '~> 8.0.6', require: false
 -
 -  gem 'letter_opener_web', '~> 1.3.4'
 -
@@ -38,7 +38,7 @@ Bundler will fail when it can't find these locally
  group :development, :test do
    gem 'bullet', '~> 6.1'
    gem 'pry-byebug', '~> 3.9', platform: :mri
-@@ -367,18 +352,6 @@
+@@ -369,16 +354,6 @@
    gem 'spring', '~> 2.0'
    gem 'spring-commands-rspec', '~> 1.0', '>= 1.0.4'
  
@@ -50,20 +50,23 @@ Bundler will fail when it can't find these locally
 -
 -  gem 'scss_lint', '~> 0.56.0', require: false
 -  gem 'haml_lint', '~> 0.34.0', require: false
--  gem 'simplecov', '~> 0.18.5', require: false
--  gem 'simplecov-cobertura', '~> 1.3.1', require: false
 -  gem 'bundler-audit', '~> 0.6.1', require: false
 -
    gem 'benchmark-ips', '~> 2.3', require: false
  
    gem 'knapsack', '~> 1.17'
-@@ -394,11 +367,6 @@
+@@ -394,16 +369,6 @@
    gem 'rblineprof', '~> 0.3.6', platform: :mri, require: false
  end
  
+-group :development, :test, :coverage do
+-  gem 'simplecov', '~> 0.18.5', require: false
+-  gem 'simplecov-cobertura', '~> 1.3.1', require: false
+-end
+-
 -# Gems required in omnibus-gitlab pipeline
 -group :development, :test, :omnibus do
--  gem 'license_finder', '~> 5.4', require: false
+-  gem 'license_finder', '~> 6.0', require: false
 -end
 -
  group :test do

debian/patches/0110-make-test-dependencies-conditional.patch

@@ -2,7 +2,7 @@ Make test dependencies conditional so we can enable them when running autopkgtes
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -332,7 +332,7 @@
+@@ -334,7 +334,7 @@
    gem 'raindrops', '~> 0.18'
  end
  
@@ -11,7 +11,7 @@ Make test dependencies conditional so we can enable them when running autopkgtes
    gem 'bullet', '~> 6.1'
    gem 'pry-byebug', '~> 3.9', platform: :mri
    gem 'pry-rails', '~> 0.3.9'
-@@ -365,9 +365,7 @@
+@@ -367,9 +367,7 @@
    gem 'parallel', '~> 1.19', require: false
  
    gem 'rblineprof', '~> 0.3.6', platform: :mri, require: false

debian/patches/0340-relax-httparty.patch

@@ -2,7 +2,7 @@ Allow newer versions of httparty to satisfy dependency
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -198,7 +198,7 @@
+@@ -201,7 +201,7 @@
  gem 'fugit', '~> 1.2', '>= 1.2.1'
  
  # HTTP requests

debian/patches/0350-relax-rdoc.patch

@@ -2,7 +2,7 @@ Allow rdoc from ruby 2.5 to match requirement
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -147,7 +147,7 @@
+@@ -150,7 +150,7 @@
  gem 'commonmarker', '~> 0.20'
  gem 'kramdown', '~> 2.3'
  gem 'RedCloth', '~> 4.3', '>= 4.3.2'

debian/patches/0430-remove-gitlab-markup.patch

@@ -4,7 +4,7 @@ maintaining two almost same packages.
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -142,7 +142,6 @@
+@@ -145,7 +145,6 @@
  # Markdown and HTML processing
  gem 'html-pipeline', '~> 2.12'
  gem 'deckar01-task_list', '~> 2.3', '>= 2.3.1'

debian/patches/0440-remove-unicorn.patch

@@ -3,7 +3,7 @@ gitlab-puma changes is included in puma package.
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -171,14 +171,9 @@
+@@ -174,14 +174,9 @@
  # https://github.com/sharpstone/rack-timeout/blob/master/README.md#rails-apps-manually
  gem 'rack-timeout', '~> 0.5.1', require: 'rack/timeout/base'
  

debian/patches/0480-embed-elasticsearch-model.patch

@@ -2,12 +2,12 @@ Embed this gem until gitlab moved to 7.x version
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -131,7 +131,7 @@
+@@ -134,7 +134,7 @@
  gem 'seed-fu', '~> 2.3', '>= 2.3.7'
  
  # Search
 -gem 'elasticsearch-model', '~> 6.1'
 +gem 'elasticsearch-model', '~> 6.1', path: 'vendor/gems/elasticsearch-model'
  gem 'elasticsearch-rails', '~> 6.1', require: 'elasticsearch/rails/instrumentation'
- gem 'elasticsearch-api',   '~> 6.8.2'
+ gem 'elasticsearch-api',   '~> 6.8', '>= 6.8.2'
  gem 'aws-sdk-core', '~> 3'

debian/patches/0480-embed-elasticsearch-rails.patch

@@ -2,12 +2,12 @@ Embed this gem until gitlab moved to 7.x version
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -132,7 +132,7 @@
+@@ -135,7 +135,7 @@
  
  # Search
  gem 'elasticsearch-model', '~> 6.1', path: 'vendor/gems/elasticsearch-model'
 -gem 'elasticsearch-rails', '~> 6.1', require: 'elasticsearch/rails/instrumentation'
 +gem 'elasticsearch-rails', '~> 6.1', require: 'elasticsearch/rails/instrumentation', path: 'vendor/gems/elasticsearch-rails'
- gem 'elasticsearch-api',   '~> 6.8.2'
+ gem 'elasticsearch-api',   '~> 6.8', '>= 6.8.2'
  gem 'aws-sdk-core', '~> 3'
  gem 'aws-sdk-cloudformation', '~> 1'

debian/patches/0482-remove-ee-only-gems.patch

@@ -2,9 +2,9 @@ This gem is used only in gitlab Enterprise Edition
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -49,9 +49,6 @@
- gem 'rack-oauth2', '~> 1.9', '>= 1.9.3'
- gem 'jwt', '~> 2.1', '>= 2.1.0'
+@@ -51,9 +51,6 @@
+ gem 'rack-oauth2', '~> 1.9','>= 1.9.3'
+ gem 'jwt', '~> 2.1'
  
 -# Kerberos authentication. EE-only
 -gem 'gssapi', group: :kerberos
@@ -12,7 +12,7 @@ This gem is used only in gitlab Enterprise Edition
  # Spam and anti-bot protection
  gem 'recaptcha', '~> 4.11', require: 'recaptcha/rails'
  gem 'akismet', '~> 3.0'
-@@ -290,8 +287,6 @@
+@@ -292,8 +289,6 @@
  gem 'request_store', '~> 1.5'
  gem 'base32', '~> 0.3.0'
  

debian/patches/0484-relax-grape-entity.patch

@@ -2,7 +2,7 @@ Debian already has 0.8
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -82,7 +82,7 @@
+@@ -84,7 +84,7 @@
  # Locked at Grape v1.4.0 until https://github.com/ruby-grape/grape/pull/2088 is merged
  # Remove config/initializers/grape_patch.rb
  gem 'grape', '= 1.4.0'

debian/patches/0485-relax-gitlab-sidekiq-fetcher.patch

@@ -2,7 +2,7 @@ Allow newer version in the archive to satisfy the requirement
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -183,7 +183,7 @@
+@@ -186,7 +186,7 @@
  gem 'sidekiq', '~> 5.2', '>= 5.2.7'
  gem 'sidekiq-cron', '~> 1.0'
  gem 'redis-namespace', '~> 1.7'

debian/patches/0486-relax-sidekiq.patch

@@ -2,7 +2,7 @@ ruby-sidekiq 6 is in unstable
 
 --- a/Gemfile
 +++ b/Gemfile
-@@ -180,7 +180,7 @@
+@@ -183,7 +183,7 @@
  gem 'acts-as-taggable-on', '~> 6.0'
  
  # Background jobs

debian/patches/0499-10-relax-capybara.patch

@@ -1,6 +1,6 @@
 --- a/Gemfile
 +++ b/Gemfile
-@@ -360,7 +360,7 @@
+@@ -362,7 +362,7 @@
    gem 'rspec_profiling', '~> 0.0.5'
    gem 'rspec-parameterized', require: false
  

debian/patches/0499-20-remove-capybara-screenshot.patch

@@ -1,6 +1,6 @@
 --- a/Gemfile
 +++ b/Gemfile
-@@ -361,7 +361,6 @@
+@@ -363,7 +363,6 @@
    gem 'rspec-parameterized', require: false
  
    gem 'capybara', '~> 3.12'

debian/patches/0499-30-remove-guard-rspec.patch

@@ -1,6 +1,6 @@
 --- a/Gemfile
 +++ b/Gemfile
-@@ -370,7 +370,6 @@
+@@ -372,7 +372,6 @@
    gem 'concurrent-ruby', '~> 1.1'
    gem 'test-prof', '~> 0.12.0'
    gem 'rspec_junit_formatter'

debian/patches/0499-40-relax-rouge.patch

@@ -0,0 +1,14 @@
+rouge update is blocked by
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971841
+
+--- a/Gemfile
++++ b/Gemfile
+@@ -153,7 +153,7 @@
+ gem 'asciidoctor', '~> 2.0', '>= 2.0.10'
+ gem 'asciidoctor-include-ext', '~> 0.3.1', require: false
+ gem 'asciidoctor-plantuml', '~> 0.0.12'
+-gem 'rouge', '~> 3.24'
++gem 'rouge', '~> 3.21'
+ gem 'truncato', '~> 0.7.11'
+ gem 'bootstrap_form', '~> 4.2'
+ gem 'nokogiri', '~> 1.10', '>= 1.10.9'

debian/patches/0499-50-relax-rack.patch

@@ -0,0 +1,13 @@
+3 tests are failing when updating rack to 2.1.4, but CVE patches are backported
+
+--- a/Gemfile
++++ b/Gemfile
+@@ -167,7 +167,7 @@
+ gem 'diff_match_patch', '~> 0.1.0'
+ 
+ # Application server
+-gem 'rack', '~> 2.0', '>= 2.1.4'
++gem 'rack', '~> 2.1'
+ # https://github.com/sharpstone/rack-timeout/blob/master/README.md#rails-apps-manually
+ gem 'rack-timeout', '~> 0.5.1', require: 'rack/timeout/base'
+ 

debian/patches/0499-60-relax-rugged.patch

@@ -0,0 +1,20 @@
+--- a/Gemfile
++++ b/Gemfile
+@@ -18,7 +18,7 @@
+ # Supported DBs
+ gem 'pg', '~> 1.1'
+ 
+-gem 'rugged', '~> 0.28'
++gem 'rugged', '~> 1.1'
+ gem 'grape-path-helpers', '~> 1.4'
+ 
+ gem 'faraday', '~> 1.0'
+@@ -259,7 +259,7 @@
+ gem 'loofah', '~> 2.2'
+ 
+ # Working with license
+-gem 'licensee', '~> 8.9'
++gem 'licensee', '~> 9.14'
+ 
+ # Ace editor
+ gem 'ace-rails-ap', '~> 4.1'

debian/patches/0510-remove-dev-dependencies.patch

@@ -2,7 +2,7 @@ These are not required in production
 
 --- a/package.json
 +++ b/package.json
-@@ -162,64 +162,6 @@
+@@ -160,64 +160,6 @@
      "xterm": "3.14.5"
    },
    "devDependencies": {
@@ -12,9 +12,9 @@ These are not required in production
 -    "@vue/test-utils": "1.0.0-beta.30",
 -    "acorn": "^6.3.0",
 -    "axios-mock-adapter": "^1.15.0",
--    "babel-jest": "^24.1.0",
--    "babel-plugin-dynamic-import-node": "^2.2.0",
--    "babel-plugin-istanbul": "^5.1.0",
+-    "babel-jest": "^26.5.2",
+-    "babel-plugin-dynamic-import-node": "^2.3.3",
+-    "babel-plugin-istanbul": "^6.0.0",
 -    "chalk": "^2.4.1",
 -    "commander": "^2.18.0",
 -    "custom-jquery-matchers": "^2.1.0",
@@ -32,11 +32,11 @@ These are not required in production
 -    "jasmine-core": "^2.9.0",
 -    "jasmine-diff": "^0.1.3",
 -    "jasmine-jquery": "^2.1.1",
--    "jest": "^24.1.0",
+-    "jest": "^26.5.2",
 -    "jest-canvas-mock": "^2.1.2",
--    "jest-environment-jsdom-sixteen": "^1.0.0",
--    "jest-junit": "^6.3.0",
--    "jest-util": "^24.0.0",
+-    "jest-environment-jsdom": "^26.5.2",
+-    "jest-junit": "^12.0.0",
+-    "jest-util": "^26.5.2",
 -    "jsdoc": "^3.5.5",
 -    "jsdoc-vue": "^1.0.0",
 -    "karma": "^4.2.0",
@@ -49,7 +49,7 @@ These are not required in production
 -    "karma-webpack": "^4.0.2",
 -    "markdownlint-cli": "0.23.2",
 -    "md5": "^2.2.1",
--    "node-sass": "^4.12.0",
+-    "node-sass": "^4.14.1",
 -    "nodemon": "^2.0.4",
 -    "pixelmatch": "^4.0.2",
 -    "postcss": "^7.0.14",
@@ -59,7 +59,7 @@ These are not required in production
 -    "stylelint-config-recommended": "^2.2.0",
 -    "stylelint-scss": "^3.9.2",
 -    "timezone-mock": "^1.0.8",
--    "vue-jest": "4.0.0-beta.2",
+-    "vue-jest": "4.0.0-rc.0",
 -    "webpack-dev-server": "^3.10.3",
 -    "xhr-mock": "^2.5.1",
 -    "yarn-check-webpack-plugin": "^1.2.0",

debian/patches/0520-add-system-lib-path-for-webpack.patch

@@ -2,7 +2,7 @@ Debian specific patch to allow webpack to resolve packaged node modules
 
 --- a/config/webpack.config.js
 +++ b/config/webpack.config.js
-@@ -159,9 +159,14 @@
+@@ -162,9 +162,14 @@
  
    resolve: {
      extensions: ['.js', '.gql', '.graphql'],

debian/patches/0740-use-packaged-modules.patch

@@ -6,8 +6,13 @@ Use debian packaged node modules when available
  - Add mkdirp 1.0 and loader-utils 2.0 to ensure compatibility for packaged
    modules (See #976310)
  - Use link protocol for modules with permission issues (which has a bin: entry
-   in package.json)
+   in package.json) or dependencies. Use portal protocol only for modules that
+   1. does not have any other dependency and 2. does not have a bin: entry
    See https://github.com/yarnpkg/berry/issues/2266
+ - Even better, portal protocol tries to satisfy even devDependencies so avoid
+   it
+ - Modules with problems compression-webpack-plugin, copy-webpack-plugin,
+   jszip, mkdirp, js-yaml, font-awesome, katex, cache-loader, webpack
 
 --- a/config/webpack.config.js
 +++ b/config/webpack.config.js
@@ -19,7 +24,7 @@ Use debian packaged node modules when available
  const CopyWebpackPlugin = require('copy-webpack-plugin');
  const vendorDllHash = require('./helpers/vendor_dll_hash');
  
-@@ -150,6 +149,8 @@
+@@ -152,6 +151,8 @@
  
    entry: generateEntries,
  
@@ -28,7 +33,7 @@ Use debian packaged node modules when available
    output: {
      path: path.join(ROOT_PATH, 'public/assets/webpack'),
      publicPath: '/assets/webpack/',
-@@ -159,13 +160,13 @@
+@@ -161,13 +162,13 @@
    },
  
    resolve: {
@@ -45,7 +50,7 @@ Use debian packaged node modules when available
    },
  
    module: {
-@@ -178,9 +179,13 @@
+@@ -180,9 +181,13 @@
        },
        {
          test: /\.js$/,
@@ -60,7 +65,7 @@ Use debian packaged node modules when available
          loader: 'babel-loader',
          options: {
            cacheDirectory: path.join(CACHE_PATH, 'babel-loader'),
-@@ -516,19 +521,6 @@
+@@ -526,19 +531,6 @@
      // enable HMR only in webpack-dev-server
      DEV_SERVER_LIVERELOAD && new webpack.HotModuleReplacementPlugin(),
  
@@ -80,7 +85,7 @@ Use debian packaged node modules when available
      new webpack.DefinePlugin({
        // This one is used to define window.gon.ee and other things properly in tests:
        'process.env.IS_EE': JSON.stringify(IS_EE),
-@@ -563,6 +555,7 @@
+@@ -574,6 +566,7 @@
  
    node: {
      fs: 'empty', // sqljs requires fs
@@ -101,36 +106,34 @@ Use debian packaged node modules when available
 -    "@babel/plugin-syntax-import-meta": "^7.10.1",
 -    "@babel/preset-env": "^7.10.1",
      "@gitlab/at.js": "1.5.5",
-     "@gitlab/svgs": "1.164.0",
-     "@gitlab/ui": "21.3.1",
-@@ -55,29 +49,28 @@
+     "@gitlab/svgs": "1.171.0",
+     "@gitlab/ui": "21.33.0",
+@@ -55,29 +49,27 @@
      "apollo-link": "^1.2.14",
      "apollo-link-batch-http": "^1.2.14",
      "apollo-upload-client": "^13.0.0",
 -    "autosize": "^4.0.2",
-+    "autosize": "portal:/usr/share/nodejs/autosize",
++    "autosize": "link:/usr/share/nodejs/autosize",
      "aws-sdk": "^2.637.0",
 -    "axios": "^0.20.0",
 -    "babel-loader": "^8.0.6",
-+    "axios": "portal:/usr/share/nodejs/axios",
-+    "babel-loader": "portal:/usr/share/nodejs/babel-loader",
++    "axios": "link:/usr/share/nodejs/axios",
++    "babel-loader": "link:/usr/share/nodejs/babel-loader",
      "babel-plugin-lodash": "^3.3.4",
      "bootstrap": "4.4.1",
 -    "brace-expansion": "^1.1.8",
 -    "cache-loader": "^4.1.0",
 -    "clipboard": "^1.7.1",
 -    "codemirror": "^5.48.4",
-+    "brace-expansion": "portal:/usr/share/nodejs/brace-expansion",
-+    "cache-loader": "portal:/usr/share/nodejs/cache-loader",
-+    "clipboard": "portal:/usr/share/nodejs/clipboard",
-+    "codemirror": "portal:/usr/share/nodejs/codemirror",
++    "brace-expansion": "link:/usr/share/nodejs/brace-expansion",
++    "cache-loader": "link:/usr/share/nodejs/cache-loader",
++    "clipboard": "link:/usr/share/nodejs/clipboard",
++    "codemirror": "link:/usr/share/nodejs/codemirror",
      "codesandbox-api": "0.0.23",
 -    "compression-webpack-plugin": "^3.0.1",
 -    "copy-webpack-plugin": "^5.0.5",
 -    "core-js": "^3.6.4",
-+    "core-js": "portal:/usr/share/nodejs/core-js",
-+    "compression-webpack-plugin": "portal:/usr/share/nodejs/compression-webpack-plugin",
-+    "copy-webpack-plugin": "portal:/usr/share/nodejs/copy-webpack-plugin",
++    "core-js": "link:/usr/share/nodejs/core-js",
      "cron-validator": "^1.1.1",
      "cropper": "^2.3.0",
 -    "css-loader": "^2.1.1",
@@ -140,36 +143,40 @@ Use debian packaged node modules when available
 -    "d3-selection": "^1.2.0",
 -    "dateformat": "^3.0.3",
 -    "deckar01-task_list": "^2.3.1",
-+    "d3": "portal:/usr/share/nodejs/d3",
-+    "d3-sankey": "portal:/usr/share/nodejs/d3-sankey",
-+    "d3-scale": "portal:/usr/share/nodejs/d3-scale",
-+    "d3-selection": "portal:/usr/share/nodejs/d3-selection",
-+    "dateformat": "portal:/usr/share/nodejs/dateformat",
-+    "deckar01-task_list": "portal:/usr/share/nodejs/deckar01-task_list",
++    "css-loader": "link:/usr/share/nodejs/css-loader",
++    "d3": "link:/usr/share/nodejs/d3",
++    "d3-sankey": "link:/usr/share/nodejs/d3-sankey",
++    "d3-scale": "link:/usr/share/nodejs/d3-scale",
++    "d3-selection": "link:/usr/share/nodejs/d3-selection",
++    "dateformat": "link:/usr/share/nodejs/dateformat",
++    "deckar01-task_list": "link:/usr/share/nodejs/deckar01-task_list",
      "diff": "^3.4.0",
      "document-register-element": "1.14.3",
-     "dompurify": "^2.0.11",
-@@ -85,81 +78,54 @@
+     "dompurify": "^2.1.1",
+@@ -85,79 +77,80 @@
      "editorconfig": "^0.15.3",
      "emoji-regex": "^7.0.3",
      "emoji-unicode-version": "^0.2.1",
 -    "exports-loader": "^0.7.0",
 -    "file-loader": "^5.1.0",
 -    "font-awesome": "4.7.0",
++    "exports-loader": "link:/usr/share/nodejs/exports-loader",
++    "file-loader": "link:/usr/share/nodejs/file-loader",
 +    "font-awesome": "link:/usr/share/nodejs/font-awesome",
      "fuzzaldrin-plus": "^0.6.0",
 -    "glob": "^7.1.6",
++    "glob": "link:/usr/share/nodejs/glob",
      "graphql": "^14.7.0",
      "graphql-tag": "^2.10.1",
-     "gray-matter": "^4.0.2",
      "immer": "^7.0.7",
 -    "imports-loader": "^0.8.0",
++    "imports-loader": "link:/usr/share/nodejs/imports-loader",
      "ipaddr.js": "^1.9.1",
 -    "jed": "^1.1.1",
++    "jed": "link:/usr/share/nodejs/jed",
      "jest-transform-graphql": "^2.1.0",
 -    "jquery": "^3.5.0",
--    "jquery-ujs": "1.2.2",
-+    "jquery": "portal:/usr/share/nodejs/jquery",
++    "jquery": "link:/usr/share/nodejs/jquery",
      "jquery.caret": "^0.3.1",
      "jquery.waitforimages": "^2.2.0",
 -    "js-cookie": "^2.2.1",
@@ -178,27 +185,40 @@ Use debian packaged node modules when available
 -    "jszip-utils": "^0.0.2",
 -    "katex": "^0.10.0",
 -    "lodash": "^4.17.20",
++    "js-cookie": "link:/usr/share/nodejs/js-cookie",
++    "js-yaml": "link:/usr/share/nodejs/js-yaml",
++    "jszip": "link:/usr/share/nodejs/jszip",
++    "jszip-utils": "portal:/usr/share/nodejs/jszip-utils",
 +    "katex": "link:/usr/share/nodejs/katex",
-+    "loader-utils": "portal:/usr/share/nodejs/loader-utils",
++    "lodash": "link:/usr/share/nodejs/lodash",
      "marked": "^0.3.12",
 -    "mermaid": "^8.5.2",
++    "mermaid": "link:/usr/share/nodejs/mermaid",
      "mersenne-twister": "1.1.0",
 -    "minimatch": "^3.0.4",
 -    "miragejs": "^0.1.40",
-+    "miragejs": "portal:/usr/share/nodejs/miragejs",
++    "minimatch": "link:/usr/share/nodejs/minimatch",
++    "miragejs": "link:/usr/share/nodejs/miragejs",
      "mock-apollo-client": "^0.4.0",
      "monaco-editor": "^0.20.0",
      "monaco-editor-webpack-plugin": "^1.9.0",
      "monaco-yaml": "^2.4.1",
 -    "mousetrap": "1.6.5",
 -    "pdfjs-dist": "^2.0.943",
++    "mousetrap": "link:/usr/share/nodejs/mousetrap",
++    "pdfjs-dist": "link:/usr/share/nodejs/pdfjs-dist",
      "pikaday": "^1.8.0",
 -    "popper.js": "^1.16.1",
 -    "prismjs": "^1.21.0",
 -    "prosemirror-markdown": "^1.3.0",
 -    "prosemirror-model": "^1.6.4",
++    "popper.js": "link:/usr/share/nodejs/popper.js",
++    "prismjs": "link:/usr/share/nodejs/prismjs",
++    "prosemirror-markdown": "link:/usr/share/nodejs/prosemirror-markdown",
++    "prosemirror-model": "link:/usr/share/nodejs/prosemirror-model",
      "raphael": "^2.2.7",
 -    "raw-loader": "^4.0.0",
++    "raw-loader": "link:/usr/share/nodejs/raw-loader",
      "select2": "3.5.2-browserify",
      "smooshpack": "^0.0.62",
      "sortablejs": "^1.10.2",
@@ -206,29 +226,34 @@ Use debian packaged node modules when available
      "stickyfilljs": "^2.1.0",
      "string-hash": "1.1.3",
 -    "style-loader": "^1.1.3",
++    "style-loader": "link:/usr/share/nodejs/style-loader",
      "swagger-ui-dist": "^3.32.4",
      "three": "^0.84.0",
 -    "three-orbit-controls": "^82.1.0",
 -    "three-stl-loader": "^1.0.4",
 -    "timeago.js": "^4.0.2",
++    "three-orbit-controls": "link:/usr/share/nodejs/three-orbit-controls",
++    "three-stl-loader": "link:/usr/share/nodejs/three-stl-loader",
++    "timeago.js": "link:/usr/share/nodejs/timeago.js",
      "tiptap": "^1.8.0",
      "tiptap-commands": "^1.4.0",
      "tiptap-extensions": "^1.8.0",
      "tributejs": "5.1.3",
 -    "url-loader": "^3.0.0",
 -    "uuid": "8.1.0",
++    "url-loader": "link:/usr/share/nodejs/url-loader",
++    "uuid": "link:/usr/share/nodejs/uuid",
      "visibilityjs": "^1.2.4",
--    "vue": "^2.6.10",
+-    "vue": "^2.6.12",
 +    "vue": "link:/usr/share/nodejs/vue",
      "vue-apollo": "^3.0.3",
-     "vue-loader": "^15.9.0",
-     "vue-router": "^3.4.3",
--    "vue-template-compiler": "^2.6.10",
+     "vue-loader": "^15.9.3",
+     "vue-router": "3.4.5",
+-    "vue-template-compiler": "^2.6.12",
 +    "vue-template-compiler": "link:/usr/share/nodejs/vue-template-compiler",
      "vue-virtual-scroll-list": "^1.4.4",
      "vuedraggable": "^2.23.0",
      "vuex": "^3.5.1",
-+    "webpack": "link:/usr/share/nodejs/webpack",
      "web-vitals": "^0.2.4",
 -    "webpack": "^4.42.0",
 -    "webpack-bundle-analyzer": "^3.6.0",
@@ -236,9 +261,13 @@ Use debian packaged node modules when available
 -    "webpack-stats-plugin": "^0.3.1",
 -    "worker-loader": "^2.0.0",
 -    "xterm": "3.14.5"
++    "webpack-stats-plugin": "link:/usr/share/nodejs/webpack-stats-plugin",
++    "worker-loader": "link:/usr/share/nodejs/worker-loader",
++    "xterm": "portal:/usr/share/nodejs/xterm",
++    "loader-utils": "link:/usr/share/nodejs/loader-utils",
 +    "mkdirp": "link:/usr/share/nodejs/mkdirp",
-+    "postcss": "portal:/usr/share/nodejs/postcss",
-+    "schema-utils": "portal:/usr/share/nodejs/schema-utils"
++    "postcss": "link:/usr/share/nodejs/postcss",
++    "schema-utils": "link:/usr/share/nodejs/schema-utils"
    },
    "devDependencies": {
    },
@@ -269,7 +298,7 @@ Use debian packaged node modules when available
  
 --- a/config/application.rb
 +++ b/config/application.rb
-@@ -203,7 +203,7 @@
+@@ -218,7 +218,7 @@
      config.assets.precompile << "illustrations/*.svg"
  
      # Import Fontawesome fonts

debian/patches/0760-remove-simplecov-cobertura.patch

@@ -1,10 +0,0 @@
---- a/spec/simplecov_env.rb
-+++ b/spec/simplecov_env.rb
-@@ -1,7 +1,6 @@
- # frozen_string_literal: true
- 
- require 'simplecov'
--require 'simplecov-cobertura'
- require 'active_support/core_ext/numeric/time'
- require_relative '../lib/gitlab/utils'
- 

debian/patches/0770-remove-capybara-screenshot-rspec.patch

@@ -8,7 +8,7 @@
  require 'selenium-webdriver'
  
  # Give CI some extra time
-@@ -82,18 +81,6 @@
+@@ -86,18 +85,6 @@
  Capybara.default_normalize_ws = true
  Capybara.enable_aria_label = true
  

debian/patches/0780-css-loader-3.patch

@@ -11,7 +11,7 @@ Subject: [PATCH] Update css-loader node module 2.1.1 -> 3.2.1
 
 --- a/config/webpack.config.js
 +++ b/config/webpack.config.js
-@@ -254,8 +254,10 @@
+@@ -256,8 +256,10 @@
            {
              loader: 'css-loader',
              options: {

debian/patches/0790-worker-loader-3.patch

@@ -11,7 +11,7 @@ Subject: [PATCH] Update worker-loader from 2.x to 3.x
 
 --- a/config/webpack.config.js
 +++ b/config/webpack.config.js
-@@ -232,8 +232,8 @@
+@@ -234,8 +234,8 @@
            {
              loader: 'worker-loader',
              options: {

debian/patches/series

@@ -14,6 +14,9 @@
 0499-10-relax-capybara.patch
 0499-20-remove-capybara-screenshot.patch
 0499-30-remove-guard-rspec.patch
+0499-40-relax-rouge.patch
+0499-50-relax-rack.patch
+0499-60-relax-rugged.patch
 0500-set-webpack-root.patch
 0510-remove-dev-dependencies.patch
 0520-add-system-lib-path-for-webpack.patch
@@ -26,7 +29,6 @@
 0710-use-yarnpkg.patch
 0740-use-packaged-modules.patch
 0750-fix-relative-paths.patch
-0760-remove-simplecov-cobertura.patch
 0770-remove-rubocop-rspec.patch
 0770-remove-capybara-screenshot-rspec.patch
 0780-css-loader-3.patch