Refresh patches

2022-07-29 14:51:45 +02:00 · 2022-07-29 14:51:45 +02:00 · 7e490ce8d4
commit 7e490ce8d4
parent 2f3c8b06da
10 changed files with 72 additions and 79 deletions
--- a/debian/patches/Gemfile/0010-relax-stable-libs.patch
+++ b/debian/patches/Gemfile/0010-relax-stable-libs.patch
@ -10,8 +10,8 @@ gitlab Gemfile
 -gem 'rails', '~> 6.1.4.7'
 +gem 'rails', '~> 6.1.4', '>= 6.1.4.7'
 
-gem 'bootsnap', '~> 1.9.4', require: false
-+gem 'bootsnap', '~> 1.9', '>= 1.9.4', require: false
+-gem 'bootsnap', '~> 1.12.0', require: false
+gem 'bootsnap', '~> 1.12', require: false
 
 # Responders respond_to and respond_with
 gem 'responders', '~> 3.0'
@ -27,7 +27,8 @@ gitlab Gemfile
 +gem 'default_value_for', '~> 3.4'
 
 # Supported DBs
- gem 'pg', '~> 1.1'
+-gem 'pg', '~> 1.3.0'
+gem 'pg', '~> 1.3'
 
 gem 'rugged', '~> 1.2'
 -gem 'grape-path-helpers', '~> 1.7.0'
@ -81,9 +82,9 @@ gitlab Gemfile
 -gem 'omniauth-salesforce', '~> 1.0.5'
 +gem 'omniauth-salesforce', '~> 1.0','>= 1.0.5'
 gem 'omniauth-atlassian-oauth2', '~> 0.2.0'
-gem 'rack-oauth2', '~> 1.16.0'
+-gem 'rack-oauth2', '~> 1.19.0'
 -gem 'jwt', '~> 2.1.0'
-+gem 'rack-oauth2', '~> 1.16'
+gem 'rack-oauth2', '~> 1.19'
 +gem 'jwt', '~> 2.1'
 
 # Kerberos authentication. EE-only
@ -127,12 +128,12 @@ gitlab Gemfile
 -gem 'grape', '~> 1.5.2'
 +gem 'grape', '~> 1.5','>= 1.5.2'
 gem 'grape-entity', '~> 0.10.0'
-gem 'rack-cors', '~> 1.0.6', require: 'rack/cors'
-+gem 'rack-cors', '~> 1.0','>= 1.0.6', require: 'rack/cors'
+-gem 'rack-cors', '~> 1.1.0', require: 'rack/cors'
+gem 'rack-cors', '~> 1.1', require: 'rack/cors'
 
 # GraphQL API
-gem 'graphql', '~> 1.11.10'
-+gem 'graphql', '~> 1.11', '>= 1.11.10'
+-gem 'graphql', '~> 1.13.12'
+gem 'graphql', '~> 1.13', '>= 1.13.12'
 gem 'graphiql-rails', '~> 1.8'
 -gem 'apollo_upload_server', '~> 2.1.0'
 +gem 'apollo_upload_server', '~> 2.1'
@ -152,7 +153,7 @@ gitlab Gemfile
 +gem 'mini_magick', '~> 4.10','>= 4.10.1'
 
 # for backups
- gem 'fog-aws', '~> 3.12'
+ gem 'fog-aws', '~> 3.14'
 # Locked until fog-google resolves https://github.com/fog/fog-google/issues/421.
 # Also see config/initializers/fog_core_patch.rb.
 -gem 'fog-core', '= 2.1.0'
@ -162,12 +163,12 @@ gitlab Gemfile
 gem 'fog-openstack', '~> 1.0'
 gem 'fog-rackspace', '~> 0.1.1'
 gem 'fog-aliyun', '~> 0.3'
-gem 'gitlab-fog-azure-rm', '~> 1.2.0', require: 'fog/azurerm'
-+gem 'gitlab-fog-azure-rm', '~> 1.2', require: 'fog/azurerm'
+-gem 'gitlab-fog-azure-rm', '~> 1.3.0', require: 'fog/azurerm'
+gem 'gitlab-fog-azure-rm', '~> 1.3', require: 'fog/azurerm'
 
 # for Google storage
 gem 'google-api-client', '~> 0.33'
-@@ -139,37 +139,37 @@
+@@ -139,38 +139,38 @@
 gem 'unf', '~> 0.1.4'
 
 # Seed data
@ -210,22 +211,24 @@ gitlab Gemfile
 gem 'asciidoctor-include-ext', '~> 0.4.0', require: false
 gem 'asciidoctor-plantuml', '~> 0.0.12'
 gem 'asciidoctor-kroki', '~> 0.5.0', require: false
-gem 'rouge', '~> 3.27.0'
-+gem 'rouge', '~> 3.27'
+-gem 'rouge', '~> 3.29.0'
+gem 'rouge', '~> 3.29'
 gem 'truncato', '~> 0.7.11'
 -gem 'bootstrap_form', '~> 4.2.0'
+-gem 'nokogiri', '~> 1.13.6'
 +gem 'bootstrap_form', '~> 4.2'
- gem 'nokogiri', '~> 1.12'
+gem 'nokogiri', '~> 1.13', '>= 1.13.6'
 gem 'escape_utils', '~> 1.1'
 
+ # Calendar rendering
@@ -181,12 +181,12 @@
 gem 'diff_match_patch', '~> 0.1.0'
 
 # Application server
-gem 'rack', '~> 2.2.3'
+-gem 'rack', '~> 2.2.3.0'
 +gem 'rack', '~> 2.2', '>= 2.2.3'
- # https://github.com/sharpstone/rack-timeout/blob/master/README.md#rails-apps-manually
- gem 'rack-timeout', '~> 0.5.1', require: 'rack/timeout/base'
+ # https://github.com/zombocom/rack-timeout/blob/master/README.md#rails-apps-manually
+ gem 'rack-timeout', '~> 0.6.0', require: 'rack/timeout/base'
 
 group :puma do
 -  gem 'puma', '~> 5.6.2', require: false
@ -255,8 +258,8 @@ gitlab Gemfile
 +gem 'settingslogic', '~> 2.0', '>= 2.0.9'
 
 # Linear-time regex library for untrusted regular expressions
-gem 're2', '~> 1.2.0'
-+gem 're2', '~> 1.2'
+-gem 're2', '~> 1.4.0'
+gem 're2', '~> 1.4'
 
 # Misc
 
@ -337,8 +340,8 @@ gitlab Gemfile
 +gem 'gitlab-license', '~> 2.1'
 
 # Protect against bruteforcing
-gem 'rack-attack', '~> 6.3.0'
-+gem 'rack-attack', '~> 6.3'
+-gem 'rack-attack', '~> 6.6.0'
+gem 'rack-attack', '~> 6.6'
 
 # Sentry integration
 gem 'sentry-raven', '~> 3.1'
@ -351,13 +354,14 @@ gitlab Gemfile
 
 # PostgreSQL query parsing
 #
- gem 'pg_query', '~> 2.1'
+-gem 'pg_query', '~> 2.1.0'
+gem 'pg_query', '~> 2.1'
 
 -gem 'premailer-rails', '~> 1.10.3'
 +gem 'premailer-rails', '~> 1.10','>=  1.10.3'
 
 # LabKit: Tracing and Correlation
- gem 'gitlab-labkit', '~> 0.22.0'
+ gem 'gitlab-labkit', '~> 0.23.0'
@@ -324,11 +324,11 @@
 # I18n
 gem 'ruby_parser', '~> 3.15', require: false
@ -384,8 +388,8 @@ gitlab Gemfile
 +gem 'warning', '~> 1.2'
 
 group :development do
-   gem 'lefthook', '~> 0.7.0', require: false
-@@ -424,22 +424,22 @@
+   gem 'lefthook', '~> 0.8.0', require: false
+@@ -426,22 +426,22 @@
 end
 
 group :test do
@ -417,7 +421,7 @@ gitlab Gemfile
   gem 'rspec_junit_formatter'
   gem 'guard-rspec'
 
-@@ -456,7 +456,7 @@
+@@ -458,7 +458,7 @@
 gem 'email_reply_trimmer', '~> 0.1'
 gem 'html2text'
 
@ -426,7 +430,7 @@ gitlab Gemfile
 gem 'stackprof', '~> 0.2.15', require: false
 gem 'rbtrace', '~> 0.4', require: false
 gem 'memory_profiler', '~> 0.9', require: false
-@@ -470,8 +470,8 @@
+@@ -472,8 +472,8 @@
 gem 'health_check', '~> 3.0'
 
 # System information
@ -437,7 +441,7 @@ gitlab Gemfile
 
 # NTP client
 gem 'net-ntp'
-@@ -488,9 +488,9 @@
+@@ -490,9 +490,9 @@
 # KAS GRPC protocol definitions
 gem 'kas-grpc', '~> 0.0.2'
 
@ -449,7 +453,7 @@ gitlab Gemfile
 
 gem 'toml-rb', '~> 2.0'
 
-@@ -498,7 +498,7 @@
+@@ -500,7 +500,7 @@
 gem 'flipper', '~> 0.21.0'
 gem 'flipper-active_record', '~> 0.21.0'
 gem 'flipper-active_support_cache_store', '~> 0.21.0'
@ -458,7 +462,7 @@ gitlab Gemfile
 gem 'gitlab-experiment', '~> 0.7.1'
 
 # Structured logging
-@@ -511,12 +511,12 @@
+@@ -513,12 +513,12 @@
 # Countries list
 gem 'countries', '~> 3.0'
 
@ -473,7 +477,7 @@ gitlab Gemfile
 
 # Locked as long as quoted-printable encoding issues are not resolved
 # Monkey-patched in `config/initializers/mail_encoding_patch.rb`
-@@ -531,11 +531,11 @@
+@@ -533,11 +533,11 @@
 gem 'valid_email', '~> 0.1'
 
 # JSON
@ -489,9 +493,12 @@ gitlab Gemfile
 
 gem 'webauthn', '~> 2.3'
 
-@@ -544,4 +544,4 @@
+@@ -546,6 +546,6 @@
 
 gem 'parslet', '~> 1.8'
 
 -gem 'ipynbdiff', '0.4.7'
 +gem 'ipynbdiff', '~> 0.4.7'
+ 
+-gem 'ed25519', '~> 1.3.0'
+gem 'ed25519', '~> 1.3'
--- a/debian/patches/Gemfile/0020-remove-development-test.patch
+++ b/debian/patches/Gemfile/0020-remove-development-test.patch
@ -3,7 +3,7 @@ Bundler will fail when it can't find these locally
 --- a/Gemfile
 +++ b/Gemfile
@@ -103,7 +103,6 @@
- gem 'graphql', '~> 1.11', '>= 1.11.10'
+ gem 'graphql', '~> 1.13', '>= 1.13.12'
 gem 'graphiql-rails', '~> 1.8'
 gem 'apollo_upload_server', '~> 2.1'
 -gem 'graphql-docs', '~> 1.6.0', group: [:development, :test]
@ -18,12 +18,12 @@ Bundler will fail when it can't find these locally
 
 gem 'batch-loader', '~> 2.0', '>= 2.0.1'
 
-@@ -343,86 +341,6 @@
+@@ -343,88 +341,6 @@
 
 gem 'warning', '~> 1.2'
 
 -group :development do
-  gem 'lefthook', '~> 0.7.0', require: false
+-  gem 'lefthook', '~> 0.8.0', require: false
 -  gem 'rubocop'
 -  gem 'solargraph', '~> 0.44.3', require: false
 -
@ -60,7 +60,7 @@ Bundler will fail when it can't find these locally
 -  gem 'spring', '~> 2.1.0'
 -  gem 'spring-commands-rspec', '~> 1.0.4'
 -
-  gem 'gitlab-styles', '~> 7.0.0', require: false
+-  gem 'gitlab-styles', '~> 7.1.0', require: false
 -
 -  gem 'haml_lint', '~> 0.36.0', require: false
 -  gem 'bundler-audit', '~> 0.7.0.1', require: false
@ -81,10 +81,12 @@ Bundler will fail when it can't find these locally
 -  gem 'test_file_finder', '~> 0.1.3'
 -
 -  gem 'sigdump', '~> 0.2.4', require: 'sigdump/setup'
+-
+-  gem 'pact', '~> 1.12'
 -end
 -
 -group :development, :test, :danger do
-  gem 'gitlab-dangerfiles', '~> 3.0', require: false
+-  gem 'gitlab-dangerfiles', '~> 3.4.0', require: false
 -end
 -
 -group :development, :test, :coverage do
--- a/debian/patches/Gemfile/0090-remove-ee-only-gems.patch
+++ b/debian/patches/Gemfile/0090-remove-ee-only-gems.patch
@ -17,5 +17,5 @@ This gem is used only in gitlab Enterprise Edition
 -gem 'gitlab-license', '~> 2.1'
 -
 # Protect against bruteforcing
- gem 'rack-attack', '~> 6.3'
+ gem 'rack-attack', '~> 6.6'
 
--- a/debian/patches/Gemfile/0180-add-parser-gem.patch
+++ b/debian/patches/Gemfile/0180-add-parser-gem.patch
@ -4,7 +4,7 @@ Forwarded: https://gitlab.com/gitlab-org/gitlab/-/issues/354323
 +++ b/Gemfile
@@ -19,6 +19,9 @@
 # Supported DBs
- gem 'pg', '~> 1.1'
+ gem 'pg', '~> 1.3'
 
 +# Background migrations/fix vulnerabilities
 +gem 'parser', '~> 3.0'
--- a/debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch
+++ b/debian/patches/Gemfile/0200-add-gitlab-dangerfiles.patch
@ -2,10 +2,10 @@ Rakefile need this gem

 --- a/Gemfile
 +++ b/Gemfile
-@@ -461,3 +461,6 @@
- gem 'parslet', '~> 1.8'
- 
+@@ -463,3 +463,6 @@
 gem 'ipynbdiff', '~> 0.4.7'
+ 
+ gem 'ed25519', '~> 1.3'
 +
 +# This is required for Rakefile
 +gem 'gitlab-dangerfiles'
--- a/debian/patches/nodejs/0020-remove-dev-dependencies.patch
+++ b/debian/patches/nodejs/0020-remove-dev-dependencies.patch
@ -2,14 +2,13 @@ These are not required in production

 --- a/package.json
 +++ b/package.json
-@@ -204,65 +204,7 @@
+@@ -200,62 +200,7 @@
     "yaml": "^2.0.0-10"
   },
   "devDependencies": {
-    "@babel/plugin-transform-modules-commonjs": "^7.10.1",
 -    "@gitlab/eslint-plugin": "12.1.0",
 -    "@gitlab/stylelint-config": "4.0.0",
-    "@graphql-eslint/eslint-plugin": "3.10.2",
+-    "@graphql-eslint/eslint-plugin": "3.10.4",
 -    "@testing-library/dom": "^7.16.2",
 -    "@types/jest": "^26.0.24",
 -    "@vue/test-utils": "1.3.0",
@ -18,8 +17,6 @@ These are not required in production
 -    "ajv-formats": "^2.1.1",
 -    "axios-mock-adapter": "^1.15.0",
 -    "babel-jest": "^26.5.2",
-    "babel-plugin-dynamic-import-node": "^2.3.3",
-    "babel-plugin-istanbul": "^6.0.0",
 -    "chalk": "^2.4.1",
 -    "cheerio": "^1.0.0-rc.9",
 -    "commander": "^2.20.3",
@ -60,7 +57,7 @@ These are not required in production
 -    "stylelint": "^14.3.0",
 -    "timezone-mock": "^1.0.8",
 -    "vue-jest": "4.0.1",
-    "webpack-dev-server": "4.9.0",
+-    "webpack-dev-server": "4.9.2",
 -    "xhr-mock": "^2.5.1",
 -    "yarn-check-webpack-plugin": "^1.2.0",
 -    "yarn-deduplicate": "^5.0.0"
--- a/debian/patches/nodejs/0040-use-packaged-modules.patch
+++ b/debian/patches/nodejs/0040-use-packaged-modules.patch
@ -90,16 +90,6 @@ Use debian packaged node modules when available
     setImmediate: false,
   },
 };
--- a/babel.config.js
-+++ b/babel.config.js
-@@ -14,6 +14,7 @@
- // include stage 3 proposals
- const plugins = [
-   '@babel/plugin-syntax-import-meta',
-+  '@babel/plugin-syntax-dynamic-import',
-   '@babel/plugin-proposal-class-properties',
-   '@babel/plugin-proposal-json-strings',
-   '@babel/plugin-proposal-private-methods',
 --- a/app/assets/javascripts/pdf/index.vue
 +++ b/app/assets/javascripts/pdf/index.vue
@@ -1,6 +1,6 @@
@ -112,16 +102,12 @@ Use debian packaged node modules when available
 
 --- a/package.json
 +++ b/package.json
-@@ -48,18 +48,18 @@
+@@ -48,14 +48,18 @@
   },
   "dependencies": {
     "@apollo/client": "^3.5.10",
-    "@babel/core": "^7.10.1",
-    "@babel/plugin-proposal-class-properties": "^7.10.1",
-    "@babel/plugin-proposal-json-strings": "^7.10.1",
-    "@babel/plugin-proposal-private-methods": "^7.10.1",
-    "@babel/plugin-syntax-import-meta": "^7.10.1",
-    "@babel/preset-env": "^7.10.1",
+-    "@babel/core": "^7.18.5",
+-    "@babel/preset-env": "^7.18.2",
 +    "@babel/core": "link:/usr/share/nodejs/@babel/core",
 +    "@babel/plugin-proposal-class-properties": "link:/usr/share/nodejs/@babel/plugin-proposal-class-properties",
 +    "@babel/plugin-proposal-json-strings": "link:/usr/share/nodejs/@babel/plugin-proposal-json-strings",
@ -130,15 +116,15 @@ Use debian packaged node modules when available
 +    "@babel/preset-env": "link:/usr/share/nodejs/@babel/preset-env",
     "@gitlab/at.js": "1.5.7",
     "@gitlab/favicon-overlay": "2.0.0",
-     "@gitlab/svgs": "2.14.0",
-     "@gitlab/ui": "40.2.1",
+     "@gitlab/svgs": "2.21.0",
+     "@gitlab/ui": "41.10.0",
     "@gitlab/visual-review-tools": "1.7.3",
 -    "@rails/actioncable": "6.1.4-7",
 +    "@rails/actioncable": "link:/usr/share/nodejs/@rails/actioncable",
     "@rails/ujs": "6.1.4-7",
     "@sentry/browser": "5.30.0",
     "@sourcegraph/code-host-integration": "0.0.60",
-@@ -100,24 +100,24 @@
+@@ -94,24 +98,24 @@
     "aws-sdk": "^2.637.0",
     "axios": "^0.24.0",
     "babel-loader": "^8.2.5",
@ -154,7 +140,7 @@ Use debian packaged node modules when available
     "codesandbox-api": "0.0.23",
     "compression-webpack-plugin": "^5.0.2",
     "copy-webpack-plugin": "^6.4.1",
-     "core-js": "^3.22.5",
+     "core-js": "^3.23.1",
 -    "cron-validator": "^1.1.1",
 +    "cron-validator": "link:/usr/share/nodejs/cron-validator",
     "cronstrue": "^1.122.0",
@ -171,7 +157,7 @@ Use debian packaged node modules when available
     "deckar01-task_list": "^2.3.1",
     "diff": "^3.4.0",
     "dompurify": "^2.3.8",
-@@ -136,31 +136,31 @@
+@@ -130,32 +134,32 @@
     "jed": "^1.1.1",
     "jquery": "^3.6.0",
     "jquery.caret": "^0.3.1",
@ -197,6 +183,7 @@ Use debian packaged node modules when available
     "monaco-yaml": "^2.5.1",
     "mousetrap": "1.6.5",
     "papaparse": "^5.3.1",
+     "patch-package": "^6.4.7",
 -    "pdfjs-dist": "^2.0.943",
 +    "pdfjs-dist": "link:/usr/share/nodejs/pdfjs-dist",
     "pikaday": "^1.8.0",
@ -215,7 +202,7 @@ Use debian packaged node modules when available
     "prosemirror-tables": "^1.1.1",
     "prosemirror-view": "^1.23.13",
     "raphael": "^2.2.7",
-@@ -176,27 +176,26 @@
+@@ -172,27 +176,26 @@
     "style-loader": "^2.0.0",
     "swagger-ui-dist": "4.8.0",
     "three": "^0.84.0",
@ -245,6 +232,6 @@ Use debian packaged node modules when available
     "web-vitals": "^0.2.4",
     "webpack": "^4.46.0",
 -    "webpack-bundle-analyzer": "^4.5.0",
-     "webpack-cli": "^4.9.2",
+     "webpack-cli": "^4.10.0",
     "webpack-stats-plugin": "^0.3.1",
     "worker-loader": "^2.0.0",
--- a/debian/patches/nodejs/0050-use-matching-monaco-editor-webpack-plugin.patch
+++ b/debian/patches/nodejs/0050-use-matching-monaco-editor-webpack-plugin.patch
@ -2,7 +2,7 @@

 --- a/package.json
 +++ b/package.json
-@@ -148,7 +148,7 @@
+@@ -146,7 +146,7 @@
     "mermaid": "^9.1.1",
     "minimatch": "link:/usr/share/nodejs/minimatch",
     "monaco-editor": "^0.25.2",
--- a/debian/patches/tweaks/0030-fix-gitlab-yml-path.patch
+++ b/debian/patches/tweaks/0030-fix-gitlab-yml-path.patch
@ -2,8 +2,8 @@ Fix for debian package layout

 --- a/config/settings.rb
 +++ b/config/settings.rb
-@@ -4,7 +4,7 @@
- require 'digest/md5'
+@@ -3,7 +3,7 @@
+ require 'settingslogic'
 
 class Settings < Settingslogic
 -  source ENV.fetch('GITLAB_CONFIG') { Pathname.new(File.expand_path('..', __dir__)).join('config/gitlab.yml') }
--- a/debian/patches/tweaks/0080-search-binaries-in-path.patch
+++ b/debian/patches/tweaks/0080-search-binaries-in-path.patch
@ -3,7 +3,7 @@ Author: Nilesh Patra <npatra974@gmail.com>
 Last-Update: 2021-01-26
 --- a/workhorse/internal/testhelper/testhelper.go
 +++ b/workhorse/internal/testhelper/testhelper.go
-@@ -13,6 +13,7 @@
+@@ -12,6 +12,7 @@
 	"runtime"
 	"testing"
 	"time"
@ -11,7 +11,7 @@ Last-Update: 2021-01-26
 
 	"github.com/golang-jwt/jwt/v4"
 	"github.com/stretchr/testify/require"
-@@ -97,8 +98,11 @@
+@@ -96,8 +97,11 @@
 	rootDir := RootDir()
 
 	for _, exe := range workhorseExecutables {