diff --git a/debian/patches/0050-relax-stable-libs.patch b/debian/patches/0050-relax-stable-libs.patch index d64fd969d6..70ad00729d 100644 --- a/debian/patches/0050-relax-stable-libs.patch +++ b/debian/patches/0050-relax-stable-libs.patch @@ -12,7 +12,7 @@ gitlab Gemfile # Default values for AR models gem 'gitlab-default_value_for', '~> 3.1.1', require: 'default_value_for' -@@ -27,61 +27,61 @@ +@@ -27,63 +27,63 @@ gem 'doorkeeper', '~> 4.3' gem 'doorkeeper-openid_connect', '~> 1.5' gem 'omniauth', '~> 1.8' @@ -21,11 +21,11 @@ gitlab Gemfile gem 'omniauth-azure-oauth2', '~> 0.0.9' -gem 'omniauth-cas3', '~> 1.1.4' -gem 'omniauth-facebook', '~> 4.0.0' -+gem 'omniauth-cas3', '~> 1.1', '>= 1.1.4' ++gem 'omniauth-cas3', '~> 1.1', '>=1.1.4' +gem 'omniauth-facebook', '~> 4.0' gem 'omniauth-github', '~> 1.3' -gem 'omniauth-gitlab', '~> 1.0.2' -+gem 'omniauth-gitlab', '~> 1.0', '>= 1.0.2' ++gem 'omniauth-gitlab', '~> 1.0', '>=1.0.2' gem 'omniauth-google-oauth2', '~> 0.6.0' gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos gem 'omniauth-oauth2-generic', '~> 0.2.2' @@ -36,13 +36,13 @@ gitlab Gemfile -gem 'omniauth_crowd', '~> 2.2.0' +gem 'omniauth_crowd', '~> 2.2' gem 'omniauth-authentiq', '~> 0.3.3' - gem 'omniauth_openid_connect', '~> 0.3.0' + gem 'omniauth_openid_connect', '~> 0.3.1' gem "omniauth-ultraauth", '~> 0.0.2' -gem 'omniauth-salesforce', '~> 1.0.5' -gem 'rack-oauth2', '~> 1.9.3' -gem 'jwt', '~> 2.1.0' -+gem 'omniauth-salesforce', '~> 1.0', '>= 1.0.5' -+gem 'rack-oauth2', '~> 1.9', '>= 1.9.3' ++gem 'omniauth-salesforce', '~> 1.0', '>=1.0.5' ++gem 'rack-oauth2', '~> 1.9', '>=1.9.3' +gem 'jwt', '~> 2.1' # Spam and anti-bot protection @@ -60,21 +60,24 @@ gitlab Gemfile # GitLab Pages -gem 'validates_hostname', '~> 1.0.6' -gem 'rubyzip', '~> 1.2.2', require: 'zip' -+gem 'validates_hostname', '~> 1.0', '>= 1.0.6' -+gem 'rubyzip', '~> 1.2', '>= 1.2.2', require: 'zip' ++gem 'validates_hostname', '~> 1.0', '>=1.0.6' ++gem 'rubyzip', '~> 1.2', '>=1.2.2', require: 'zip' + # GitLab Pages letsencrypt support +-gem 'acme-client', '~> 2.0.2' ++gem 'acme-client', '~> 2.0', '>=2.0.2' # Browser detection gem 'browser', '~> 2.5' # GPG -gem 'gpgme', '~> 2.0.18' -+gem 'gpgme', '~> 2.0', '>= 2.0.18' ++gem 'gpgme', '~> 2.0', '>=2.0.18' # LDAP Auth # GitLab fork with several improvements to original library. For full list of changes # see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master -gem 'gitlab_omniauth-ldap', '~> 2.1.1', require: 'omniauth-ldap' -+gem 'gitlab_omniauth-ldap', '~> 2.1', '>= 2.1.1', require: 'omniauth-ldap' ++gem 'gitlab_omniauth-ldap', '~> 2.1', '>=2.1.1', require: 'omniauth-ldap' gem 'net-ldap' # API @@ -89,12 +92,12 @@ gitlab Gemfile -gem 'graphiql-rails', '~> 1.4.10' -gem 'apollo_upload_server', '~> 2.0.0.beta3' +gem 'graphql', '~> 1.8' -+gem 'graphiql-rails', '~> 1.4', '>= 1.4.10' -+gem 'apollo_upload_server', '~> 2.0', '>= 2.0.0.beta3' ++gem 'graphiql-rails', '~> 1.4', '>=1.4.10' ++gem 'apollo_upload_server', '~> 2.0', '>=2.0.0.beta3' # Disable strong_params so that Mash does not respond to :permitted? gem 'hashie-forbidden_attributes' -@@ -90,7 +90,7 @@ +@@ -92,7 +92,7 @@ gem 'kaminari', '~> 1.0' # HAML @@ -103,7 +106,7 @@ gitlab Gemfile # Files attachments gem 'carrierwave', '~> 1.3' -@@ -100,7 +100,7 @@ +@@ -102,7 +102,7 @@ gem 'fog-aws', '~> 3.3' # Locked until fog-google resolves https://github.com/fog/fog-google/issues/421. # Also see config/initializers/fog_core_patch.rb. @@ -112,12 +115,12 @@ gitlab Gemfile gem 'fog-google', '~> 1.8' gem 'fog-local', '~> 0.6' gem 'fog-openstack', '~> 1.0' -@@ -114,38 +114,38 @@ +@@ -116,39 +116,39 @@ gem 'unf', '~> 0.1.4' # Seed data -gem 'seed-fu', '~> 2.3.7' -+gem 'seed-fu', '~> 2.3', '>= 2.3.7' ++gem 'seed-fu', '~> 2.3', '>=2.3.7' # Markdown and HTML processing gem 'html-pipeline', '~> 2.8' @@ -129,20 +132,21 @@ gitlab Gemfile +gem 'github-markup', '~> 1.7', require: 'github/markup' gem 'commonmarker', '~> 0.17' -gem 'RedCloth', '~> 4.3.2' -+gem 'RedCloth', '~> 4.3', '>= 4.3.2' ++gem 'RedCloth', '~> 4.3', '>=4.3.2' gem 'rdoc', '~> 6.0' gem 'org-ruby', '~> 0.9.12' gem 'creole', '~> 0.5.0' gem 'wikicloth', '0.8.1' -gem 'asciidoctor', '~> 1.5.8' -+gem 'asciidoctor', '~> 1.5', '>= 1.5.8' ++gem 'asciidoctor', '~> 1.5', '>=1.5.8' + gem 'asciidoctor-include-ext', '~> 0.3.1', require: false gem 'asciidoctor-plantuml', '0.0.8' gem 'rouge', '~> 3.1' gem 'truncato', '~> 0.7.11' -gem 'bootstrap_form', '~> 4.2.0' -gem 'nokogiri', '~> 1.10.3' +gem 'bootstrap_form', '~> 4.2' -+gem 'nokogiri', '~> 1.10', '>= 1.10.3' ++gem 'nokogiri', '~> 1.10', '>=1.10.3' gem 'escape_utils', '~> 1.1' # Calendar rendering @@ -154,15 +158,15 @@ gitlab Gemfile # Application server -gem 'rack', '~> 2.0.7' -+gem 'rack', '~> 2.0', '>= 2.0.7' ++gem 'rack', '~> 2.0', '>=2.0.7' group :unicorn do - gem 'unicorn', '~> 5.4.1' -+ gem 'unicorn', '~> 5.4', '>= 5.4.1' ++ gem 'unicorn', '~> 5.4', '>=5.4.1' gem 'unicorn-worker-killer', '~> 0.4.4' end -@@ -161,9 +161,9 @@ +@@ -165,13 +165,13 @@ gem 'acts-as-taggable-on', '~> 6.0' # Background jobs @@ -174,7 +178,12 @@ gitlab Gemfile gem 'gitlab-sidekiq-fetcher', '~> 0.4.0', require: 'sidekiq-reliable-fetch' # Cron Parser -@@ -179,14 +179,14 @@ +-gem 'fugit', '~> 1.2.1' ++gem 'fugit', '~> 1.2', '>=1.2.1' + + # HTTP requests + gem 'httparty', '~> 0.16.4' +@@ -183,14 +183,14 @@ gem 'ruby-progressbar' # GitLab settings @@ -192,7 +201,7 @@ gitlab Gemfile # Export Ruby Regex to Javascript gem 'js_regex', '~> 3.1' -@@ -195,7 +195,7 @@ +@@ -199,7 +199,7 @@ gem 'device_detector' # Cache @@ -201,7 +210,7 @@ gitlab Gemfile # Redis gem 'redis', '~> 3.2' -@@ -205,7 +205,7 @@ +@@ -209,7 +209,7 @@ gem 'discordrb-webhooks-blackst0ne', '~> 3.3', require: false # HipChat integration @@ -210,7 +219,7 @@ gitlab Gemfile # JIRA integration gem 'jira-ruby', '~> 1.4' -@@ -214,7 +214,7 @@ +@@ -218,7 +218,7 @@ gem 'flowdock', '~> 0.7' # Slack integration @@ -219,7 +228,7 @@ gitlab Gemfile # Hangouts Chat integration gem 'hangouts-chat', '~> 0.0.5' -@@ -226,11 +226,11 @@ +@@ -230,11 +230,11 @@ gem 'ruby-fogbugz', '~> 0.2.1' # Kubernetes integration @@ -233,7 +242,7 @@ gitlab Gemfile # Sanitizes SVG input gem 'loofah', '~> 2.2' -@@ -239,10 +239,10 @@ +@@ -243,10 +243,10 @@ gem 'licensee', '~> 8.9' # Protect against bruteforcing @@ -246,34 +255,34 @@ gitlab Gemfile # Detect and convert string character encoding gem 'charlock_holmes', '~> 0.7.5' -@@ -260,21 +260,21 @@ +@@ -264,21 +264,21 @@ gem 'webpack-rails', '~> 0.9.10' gem 'rack-proxy', '~> 0.6.0' -gem 'sassc-rails', '~> 2.1.0' -gem 'uglifier', '~> 2.7.2' +gem 'sassc-rails', '~> 2.1' -+gem 'uglifier', '~> 2.7', '>= 2.7.2' ++gem 'uglifier', '~> 2.7', '>=2.7.2' -gem 'addressable', '~> 2.5.2' -+gem 'addressable', '~> 2.5', '>= 2.5.2' ++gem 'addressable', '~> 2.5', '>=2.5.2' gem 'font-awesome-rails', '~> 4.7' gem 'gemojione', '~> 3.3' gem 'gon', '~> 6.2' gem 'request_store', '~> 1.3' -gem 'virtus', '~> 1.0.1' -+gem 'virtus', '~> 1.0', '>= 1.0.1' ++gem 'virtus', '~> 1.0', '>=1.0.1' gem 'base32', '~> 0.3.0' # Sentry integration - gem 'sentry-raven', '~> 2.7' + gem 'sentry-raven', '~> 2.9' -gem 'premailer-rails', '~> 1.9.7' -+gem 'premailer-rails', '~> 1.9', '>= 1.9.7' ++gem 'premailer-rails', '~> 1.9', '>=1.9.7' # LabKit: Tracing and Correlation - gem 'gitlab-labkit', '~> 0.2.0' -@@ -282,19 +282,19 @@ + gem 'gitlab-labkit', '~> 0.3.0' +@@ -286,19 +286,19 @@ # I18n gem 'ruby_parser', '~> 3.8', require: false gem 'rails-i18n', '~> 5.1' @@ -300,25 +309,14 @@ gitlab Gemfile # Metrics group :metrics do -@@ -314,55 +314,55 @@ - gem 'rblineprof', '~> 0.3.6', platform: :mri, require: false - - # Better errors handler -- gem 'better_errors', '~> 2.5.0' -+ gem 'better_errors', '~> 2.5' - gem 'binding_of_caller', '~> 0.8.0' - - # thin instead webrick -- gem 'thin', '~> 1.7.0' -+ gem 'thin', '~> 1.7' - end +@@ -327,46 +327,46 @@ group :development, :test do gem 'bootsnap', '~> 1.4' - gem 'bullet', '~> 5.5.0', require: !!ENV['ENABLE_BULLET'] - gem 'pry-byebug', '~> 3.5.1', platform: :mri + gem 'bullet', '~> 5.5', require: !!ENV['ENABLE_BULLET'] -+ gem 'pry-byebug', '~> 3.5', '>= 3.5.1', platform: :mri ++ gem 'pry-byebug', '~> 3.5', '>=3.5.1', platform: :mri gem 'pry-rails', '~> 0.3.4' gem 'awesome_print', require: false @@ -329,7 +327,7 @@ gitlab Gemfile - gem 'factory_bot_rails', '~> 4.8.2' - gem 'rspec-rails', '~> 3.7.0' + gem 'database_cleaner', '~> 1.7' -+ gem 'factory_bot_rails', '~> 4.8', '>= 4.8.2' ++ gem 'factory_bot_rails', '~> 4.8', '>=4.8.2' + gem 'rspec-rails', '~> 3.7' gem 'rspec-retry', '~> 0.6.1' gem 'rspec_profiling', '~> 0.0.5' @@ -343,28 +341,28 @@ gitlab Gemfile # Generate Fake data gem 'ffaker', '~> 2.10' -- gem 'capybara', '~> 2.18.0' +- gem 'capybara', '~> 3.22.0' - gem 'capybara-screenshot', '~> 1.0.22' -+ gem 'capybara', '~> 2.18' -+ gem 'capybara-screenshot', '~> 1.0', '>= 1.0.22' ++ gem 'capybara', '~> 3.22' ++ gem 'capybara-screenshot', '~> 1.0', '>=1.0.22' gem 'selenium-webdriver', '~> 3.141' - gem 'spring', '~> 2.0.0' - gem 'spring-commands-rspec', '~> 1.0.4' + gem 'spring', '~> 2.0' -+ gem 'spring-commands-rspec', '~> 1.0', '>= 1.0.4' ++ gem 'spring-commands-rspec', '~> 1.0', '>=1.0.4' - gem 'gitlab-styles', '~> 2.6', require: false + gem 'gitlab-styles', '~> 2.7', require: false # Pin these dependencies, otherwise a new rule could break the CI pipelines - gem 'rubocop', '~> 0.68.1' + gem 'rubocop', '~> 0.69.0' - gem 'rubocop-performance', '~> 1.1.0' - gem 'rubocop-rspec', '~> 1.22.1' + gem 'rubocop-performance', '~> 1.1' -+ gem 'rubocop-rspec', '~> 1.22', '>= 1.22.1' ++ gem 'rubocop-rspec', '~> 1.22', '>=1.22.1' gem 'scss_lint', '~> 0.56.0', require: false - gem 'haml_lint', '~> 0.30.0', require: false - gem 'simplecov', '~> 0.14.0', require: false + gem 'haml_lint', '~> 0.31.0', require: false + gem 'simplecov', '~> 0.16.1', require: false gem 'bundler-audit', '~> 0.5.0', require: false - gem 'benchmark-ips', '~> 2.3.0', require: false @@ -372,32 +370,32 @@ gitlab Gemfile gem 'license_finder', '~> 5.4', require: false gem 'knapsack', '~> 1.17' -@@ -371,18 +371,18 @@ - +@@ -376,18 +376,18 @@ gem 'stackprof', '~> 0.2.10', require: false + gem 'derailed_benchmarks', require: false - gem 'simple_po_parser', '~> 1.1.2', require: false -+ gem 'simple_po_parser', '~> 1.1', '>= 1.1.2', require: false ++ gem 'simple_po_parser', '~> 1.1', '>=1.1.2', require: false gem 'timecop', '~> 0.8.0' end group :test do -- gem 'shoulda-matchers', '~> 3.1.2', require: false +- gem 'shoulda-matchers', '~> 4.0.1', require: false - gem 'email_spec', '~> 2.2.0' - gem 'json-schema', '~> 2.8.0' - gem 'webmock', '~> 3.5.1' -+ gem 'shoulda-matchers', '~> 3.1', '>= 3.1.2', require: false ++ gem 'shoulda-matchers', '~> 4.0', '>=4.0.1', require: false + gem 'email_spec', '~> 2.2' + gem 'json-schema', '~> 2.8' -+ gem 'webmock', '~> 3.5', '>= 3.5.1' ++ gem 'webmock', '~> 3.5', '>=3.5.1' gem 'rails-controller-testing' - gem 'sham_rack', '~> 1.3.6' -+ gem 'sham_rack', '~> 1.3', '>= 1.3.6' ++ gem 'sham_rack', '~> 1.3', '>=1.3.6' gem 'concurrent-ruby', '~> 1.1' gem 'test-prof', '~> 0.2.5' gem 'rspec_junit_formatter' -@@ -402,11 +402,11 @@ +@@ -410,11 +410,11 @@ gem 'oauth2', '~> 1.4' # Health check @@ -412,18 +410,18 @@ gitlab Gemfile # SSH host key support gem 'net-ssh', '~> 5.0' -@@ -419,13 +419,13 @@ +@@ -427,13 +427,13 @@ end # Gitaly GRPC client --gem 'gitaly-proto', '~> 1.27.2', require: 'gitaly' -+gem 'gitaly-proto', '~> 1.27', '>= 1.27.2', require: 'gitaly' +-gem 'gitaly-proto', '~> 1.32.0', require: 'gitaly' ++gem 'gitaly-proto', '~> 1.32', require: 'gitaly' -gem 'grpc', '~> 1.19.0' +gem 'grpc', '~> 1.19' -gem 'google-protobuf', '~> 3.7.1' -+gem 'google-protobuf', '~> 3.7', '>= 3.7.1' ++gem 'google-protobuf', '~> 3.7', '>=3.7.1' -gem 'toml-rb', '~> 1.0.0', require: false +gem 'toml-rb', '~> 1.0', require: false diff --git a/debian/patches/0100-remove-development-test.patch b/debian/patches/0100-remove-development-test.patch index b092a35c00..5f862a9a66 100644 --- a/debian/patches/0100-remove-development-test.patch +++ b/debian/patches/0100-remove-development-test.patch @@ -2,7 +2,7 @@ Bundler will fail when it can't find these locally --- a/Gemfile +++ b/Gemfile -@@ -284,7 +284,6 @@ +@@ -288,7 +288,6 @@ gem 'rails-i18n', '~> 5.1' gem 'gettext_i18n_rails', '~> 1.8' gem 'gettext_i18n_rails_js', '~> 1.3' @@ -10,7 +10,7 @@ Bundler will fail when it can't find these locally gem 'batch-loader', '~> 1.4' -@@ -306,21 +305,6 @@ +@@ -310,21 +309,6 @@ gem 'raindrops', '~> 0.18' end @@ -22,11 +22,11 @@ Bundler will fail when it can't find these locally - gem 'rblineprof', '~> 0.3.6', platform: :mri, require: false - - # Better errors handler -- gem 'better_errors', '~> 2.5' +- gem 'better_errors', '~> 2.5.0' - gem 'binding_of_caller', '~> 0.8.0' - - # thin instead webrick -- gem 'thin', '~> 1.7' +- gem 'thin', '~> 1.7.0' -end - group :development, :test do diff --git a/debian/patches/0110-make-test-dependencies-conditional.patch b/debian/patches/0110-make-test-dependencies-conditional.patch index 54948779b3..9e0369c0d3 100644 --- a/debian/patches/0110-make-test-dependencies-conditional.patch +++ b/debian/patches/0110-make-test-dependencies-conditional.patch @@ -1,6 +1,6 @@ --- a/Gemfile +++ b/Gemfile -@@ -306,7 +306,7 @@ +@@ -310,7 +310,7 @@ gem 'raindrops', '~> 0.18' end @@ -8,9 +8,9 @@ +if ENV["INCLUDE_TEST_DEPENDS"] == "true" gem 'bootsnap', '~> 1.4' gem 'bullet', '~> 5.5', require: !!ENV['ENABLE_BULLET'] - gem 'pry-byebug', '~> 3.5', '>= 3.5.1', platform: :mri -@@ -359,9 +359,9 @@ - gem 'simple_po_parser', '~> 1.1', '>= 1.1.2', require: false + gem 'pry-byebug', '~> 3.5', '>=3.5.1', platform: :mri +@@ -364,9 +364,9 @@ + gem 'simple_po_parser', '~> 1.1', '>=1.1.2', require: false gem 'timecop', '~> 0.8.0' -end @@ -18,6 +18,6 @@ -group :test do +#group :test do - gem 'shoulda-matchers', '~> 3.1', '>= 3.1.2', require: false + gem 'shoulda-matchers', '~> 4.0', '>=4.0.1', require: false gem 'email_spec', '~> 2.2' gem 'json-schema', '~> 2.8' diff --git a/debian/patches/0220-relax-webmock.patch b/debian/patches/0220-relax-webmock.patch deleted file mode 100644 index 06a207a051..0000000000 --- a/debian/patches/0220-relax-webmock.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/Gemfile -+++ b/Gemfile -@@ -365,7 +365,7 @@ if ENV["INCLUDE_TEST_DEPENDS"] == "true" - gem 'shoulda-matchers', '~> 3.1', '>= 3.1.2', require: false - gem 'email_spec', '~> 2.2' - gem 'json-schema', '~> 2.8' -- gem 'webmock', '~> 3.5', '>= 3.5.1' -+ gem 'webmock', '>= 3.5.1' - gem 'rails-controller-testing' - gem 'sham_rack', '~> 1.3', '>= 1.3.6' - gem 'concurrent-ruby', '~> 1.1' diff --git a/debian/patches/0290-skip-peek-mysql2.patch b/debian/patches/0290-skip-peek-mysql2.patch index b92202bf30..a56d30ab9e 100644 --- a/debian/patches/0290-skip-peek-mysql2.patch +++ b/debian/patches/0290-skip-peek-mysql2.patch @@ -1,6 +1,6 @@ --- a/Gemfile +++ b/Gemfile -@@ -291,7 +291,6 @@ +@@ -295,7 +295,6 @@ # Perf bar gem 'peek', '~> 1.0', '>= 1.0.1' gem 'peek-gc', '~> 0.0.2' diff --git a/debian/patches/0340-relax-httparty.patch b/debian/patches/0340-relax-httparty.patch index 12aa7485b1..cfde56e813 100644 --- a/debian/patches/0340-relax-httparty.patch +++ b/debian/patches/0340-relax-httparty.patch @@ -1,7 +1,7 @@ --- a/Gemfile +++ b/Gemfile -@@ -171,7 +171,7 @@ - gem 'fugit', '~> 1.1' +@@ -175,7 +175,7 @@ + gem 'fugit', '~> 1.2', '>=1.2.1' # HTTP requests -gem 'httparty', '~> 0.16.4' diff --git a/debian/patches/0430-remove-gitlab-markup.patch b/debian/patches/0430-remove-gitlab-markup.patch index 98689cf9ef..e8d9d221eb 100644 --- a/debian/patches/0430-remove-gitlab-markup.patch +++ b/debian/patches/0430-remove-gitlab-markup.patch @@ -1,10 +1,10 @@ --- a/Gemfile +++ b/Gemfile -@@ -120,7 +120,6 @@ +@@ -122,7 +122,6 @@ # Markdown and HTML processing gem 'html-pipeline', '~> 2.8' gem 'deckar01-task_list', '2.2' -gem 'gitlab-markup', '~> 1.7' gem 'github-markup', '~> 1.7', require: 'github/markup' gem 'commonmarker', '~> 0.17' - gem 'RedCloth', '~> 4.3', '>= 4.3.2' + gem 'RedCloth', '~> 4.3', '>=4.3.2' diff --git a/debian/patches/0440-remove-puma.patch b/debian/patches/0440-remove-puma.patch index 825ad4c366..029e0aa2e2 100644 --- a/debian/patches/0440-remove-puma.patch +++ b/debian/patches/0440-remove-puma.patch @@ -1,12 +1,13 @@ --- a/Gemfile +++ b/Gemfile -@@ -149,11 +149,6 @@ +@@ -152,12 +152,6 @@ gem 'unicorn-worker-killer', '~> 0.4.4' end -group :puma do - gem 'puma', '~> 3.12', require: false - gem 'puma_worker_killer', require: false +- gem 'rack-timeout', require: false -end - # State machine diff --git a/debian/patches/0450-remove-bullet.patch b/debian/patches/0450-remove-bullet.patch index 57576e2686..0a8ccaf977 100644 --- a/debian/patches/0450-remove-bullet.patch +++ b/debian/patches/0450-remove-bullet.patch @@ -1,10 +1,10 @@ --- a/Gemfile +++ b/Gemfile -@@ -301,7 +301,6 @@ +@@ -304,7 +304,6 @@ if ENV["INCLUDE_TEST_DEPENDS"] == "true" gem 'bootsnap', '~> 1.4' - gem 'bullet', '~> 5.5', require: !!ENV['ENABLE_BULLET'] - gem 'pry-byebug', '~> 3.5', '>= 3.5.1', platform: :mri + gem 'pry-byebug', '~> 3.5', '>=3.5.1', platform: :mri gem 'pry-rails', '~> 0.3.4' diff --git a/debian/patches/0480-relax-acts-as-taggable-on.patch b/debian/patches/0480-relax-acts-as-taggable-on.patch deleted file mode 100644 index df763f2861..0000000000 --- a/debian/patches/0480-relax-acts-as-taggable-on.patch +++ /dev/null @@ -1,13 +0,0 @@ -https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/25740 - ---- a/Gemfile -+++ b/Gemfile -@@ -151,7 +151,7 @@ - gem 'state_machines-activerecord', '~> 0.5.1' - - # Issue tags --gem 'acts-as-taggable-on', '~> 5.0' -+gem 'acts-as-taggable-on', '~> 6.0' - - # Background jobs - gem 'sidekiq', '~> 5.2', '>= 5.2.1' diff --git a/debian/patches/0510-remove-dev-dependencies.patch b/debian/patches/0510-remove-dev-dependencies.patch index 39117b6847..babdbe3bf3 100644 --- a/debian/patches/0510-remove-dev-dependencies.patch +++ b/debian/patches/0510-remove-dev-dependencies.patch @@ -1,11 +1,12 @@ --- a/package.json +++ b/package.json -@@ -137,58 +137,6 @@ +@@ -145,59 +145,6 @@ "xterm": "^3.5.0" }, "devDependencies": { - "@babel/plugin-transform-modules-commonjs": "^7.2.0", -- "@gitlab/eslint-config": "^1.5.0", +- "@gitlab/eslint-config": "^1.6.0", +- "@gitlab/eslint-plugin-i18n": "^1.1.0", - "@vue/test-utils": "^1.0.0-beta.25", - "axios-mock-adapter": "^1.15.0", - "babel-jest": "^24.1.0", @@ -45,7 +46,7 @@ - "karma-sourcemap-loader": "^0.3.7", - "karma-webpack": "^4.0.0-beta.0", - "md5": "^2.2.1", -- "node-sass": "^4.11.0", +- "node-sass": "^4.12.0", - "nodemon": "^1.18.9", - "pixelmatch": "^4.0.2", - "postcss": "^7.0.14", diff --git a/debian/patches/0689-jwt-and-omniauth-google-oauth2.patch b/debian/patches/0689-jwt-and-omniauth-google-oauth2.patch index cf5b8d2b97..a3f8c6dadf 100644 --- a/debian/patches/0689-jwt-and-omniauth-google-oauth2.patch +++ b/debian/patches/0689-jwt-and-omniauth-google-oauth2.patch @@ -1,18 +1,19 @@ --- a/Gemfile +++ b/Gemfile -@@ -44,7 +44,7 @@ +@@ -44,7 +44,8 @@ gem 'omniauth-facebook', '~> 4.0' gem 'omniauth-github', '~> 1.3' - gem 'omniauth-gitlab', '~> 1.0', '>= 1.0.2' + gem 'omniauth-gitlab', '~> 1.0', '>=1.0.2' -gem 'omniauth-google-oauth2', '~> 0.6.0' +gem 'omniauth-google-oauth2', '0.6.1', path: 'vendor/gems/omniauth-google-oauth2-0.6.1' ++ gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos gem 'omniauth-oauth2-generic', '~> 0.2.2' gem 'omniauth-saml', '~> 1.10' -@@ -56,7 +56,7 @@ +@@ -56,7 +57,7 @@ gem "omniauth-ultraauth", '~> 0.0.2' - gem 'omniauth-salesforce', '~> 1.0', '>= 1.0.5' - gem 'rack-oauth2', '~> 1.9', '>= 1.9.3' + gem 'omniauth-salesforce', '~> 1.0', '>=1.0.5' + gem 'rack-oauth2', '~> 1.9', '>=1.9.3' -gem 'jwt', '~> 2.1' +gem 'jwt', '2.1', path: 'vendor/gems/jwt-2.1.0' diff --git a/debian/patches/0740-use-packaged-modules.patch b/debian/patches/0740-use-packaged-modules.patch index 692baf1e9d..c5410c4b1b 100644 --- a/debian/patches/0740-use-packaged-modules.patch +++ b/debian/patches/0740-use-packaged-modules.patch @@ -1,7 +1,7 @@ --- a/package.json +++ b/package.json -@@ -38,32 +38,12 @@ - "apollo-client": "^2.5.1", +@@ -45,32 +45,12 @@ + "apollo-link-batch-http": "^1.2.11", "apollo-upload-client": "^10.0.0", "at.js": "^1.5.4", - "autosize": "^4.0.0", @@ -15,7 +15,7 @@ "clipboard": "^1.7.1", "codesandbox-api": "^0.0.20", "compression-webpack-plugin": "^2.0.0", -- "core-js": "^2.4.1", +- "core-js": "^3.1.3", "cropper": "^2.3.0", - "css-loader": "^1.0.0", - "d3": "^4.13.0", @@ -33,7 +33,7 @@ "deckar01-task_list": "^2.2.0", "diff": "^3.4.0", "document-register-element": "1.13.1", -@@ -71,37 +51,20 @@ +@@ -78,38 +58,21 @@ "echarts": "^4.2.0-rc.2", "emoji-regex": "^7.0.3", "emoji-unicode-version": "^0.2.1", @@ -60,6 +60,7 @@ "monaco-editor": "^0.15.6", "monaco-editor-webpack-plugin": "^1.7.0", - "mousetrap": "^1.4.6", + "pdfjs-dist": "^2.0.943", - "pikaday": "^1.6.1", - "popper.js": "^1.14.7", "prismjs": "^1.6.0", @@ -71,7 +72,7 @@ "sanitize-html": "^1.16.1", "select2": "3.5.2-browserify", "sha1": "^1.1.1", -@@ -113,28 +76,17 @@ +@@ -121,28 +84,17 @@ "stylelint-error-string-formatter": "1.0.2", "svg4everybody": "2.1.9", "three": "^0.84.0", diff --git a/debian/patches/0800-embed-omniauth0ultraauth.patch b/debian/patches/0800-embed-omniauth0ultraauth.patch deleted file mode 100644 index 23c0676dec..0000000000 --- a/debian/patches/0800-embed-omniauth0ultraauth.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/Gemfile -+++ b/Gemfile -@@ -53,7 +53,7 @@ - gem 'omniauth_crowd', '~> 2.2' - gem 'omniauth-authentiq', '~> 0.3.3' - gem 'omniauth_openid_connect', '~> 0.3.0' --gem "omniauth-ultraauth", '~> 0.0.2' -+gem "omniauth-ultraauth", '~> 0.0.2', path: 'vendor/gems/omniauth-ultraauth-0.0.2' - gem 'omniauth-salesforce', '~> 1.0', '>= 1.0.5' - gem 'rack-oauth2', '~> 1.9', '>= 1.9.3' - gem 'jwt', '2.1', path: 'vendor/gems/jwt-2.1.0' diff --git a/debian/patches/0810-embed-omniauth-salesforce.patch b/debian/patches/0810-embed-omniauth-salesforce.patch deleted file mode 100644 index 62d995855f..0000000000 --- a/debian/patches/0810-embed-omniauth-salesforce.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/Gemfile -+++ b/Gemfile -@@ -54,7 +54,7 @@ - gem 'omniauth-authentiq', '~> 0.3.3' - gem 'omniauth_openid_connect', '~> 0.3.0' - gem "omniauth-ultraauth", '~> 0.0.2', path: 'vendor/gems/omniauth-ultraauth-0.0.2' --gem 'omniauth-salesforce', '~> 1.0', '>= 1.0.5' -+gem 'omniauth-salesforce', '~> 1.0', '>= 1.0.5', path: 'vendor/gems/omniauth-salesforce-1.0.5' - gem 'rack-oauth2', '~> 1.9', '>= 1.9.3' - gem 'jwt', '2.1', path: 'vendor/gems/jwt-2.1.0' - diff --git a/debian/patches/0820-embed-apollo-upload-server.patch b/debian/patches/0820-embed-apollo-upload-server.patch deleted file mode 100644 index c33555bacf..0000000000 --- a/debian/patches/0820-embed-apollo-upload-server.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/Gemfile -+++ b/Gemfile -@@ -92,7 +92,7 @@ - # GraphQL API - gem 'graphql', '~> 1.8' - gem 'graphiql-rails', '~> 1.4', '>= 1.4.10' --gem 'apollo_upload_server', '~> 2.0', '>= 2.0.0.beta3' -+gem 'apollo_upload_server', '~> 2.0.0.beta3', path: 'vendor/gems/apollo-upload-server-2.0.0.beta.3/' - - # Disable strong_params so that Mash does not respond to :permitted? - gem 'hashie-forbidden_attributes' diff --git a/debian/patches/0830-embed-sassc-rails.patch b/debian/patches/0830-embed-sassc-rails.patch deleted file mode 100644 index 758442f29b..0000000000 --- a/debian/patches/0830-embed-sassc-rails.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/Gemfile -+++ b/Gemfile -@@ -265,7 +265,7 @@ - gem 'webpack-rails', '~> 0.9.10' - gem 'rack-proxy', '~> 0.6.0' - --gem 'sassc-rails', '~> 2.1' -+gem 'sassc-rails', '~> 2.1', path: 'vendor/gems/sassc-rails-2.1.2' - gem 'uglifier', '~> 2.7', '>= 2.7.2' - - gem 'addressable', '~> 2.5', '>= 2.5.2' diff --git a/debian/patches/0840-embed-gitlab-labkit.patch b/debian/patches/0840-embed-gitlab-labkit.patch index 5b3046eb2d..f812a727ec 100644 --- a/debian/patches/0840-embed-gitlab-labkit.patch +++ b/debian/patches/0840-embed-gitlab-labkit.patch @@ -1,10 +1,10 @@ --- a/Gemfile +++ b/Gemfile -@@ -282,7 +282,7 @@ - gem 'premailer-rails', '~> 1.9', '>= 1.9.7' +@@ -286,7 +286,7 @@ + gem 'premailer-rails', '~> 1.9', '>=1.9.7' # LabKit: Tracing and Correlation --gem 'gitlab-labkit', '~> 0.2.0' +-gem 'gitlab-labkit', '~> 0.3.0' +gem 'gitlab-labkit', '~> 0.2.0', path: 'vendor/gems/gitlab-labkit-0.2.0' # I18n diff --git a/debian/patches/bump-devise-to-4-6.patch b/debian/patches/bump-devise-to-4-6.patch deleted file mode 100644 index 923e71c925..0000000000 --- a/debian/patches/bump-devise-to-4-6.patch +++ /dev/null @@ -1,134 +0,0 @@ -Description: This patch helps in bumping devise to 4.6.2. -https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/28438 -Author: Utkarsh Gupta ---- - ---- a/Gemfile -+++ b/Gemfile -@@ -34,7 +34,7 @@ - gem 'faraday', '~> 0.12' - - # Authentication libraries --gem 'devise', '~> 4.4' -+gem 'devise', '~> 4.6' - gem 'doorkeeper', '~> 4.3' - gem 'doorkeeper-openid_connect', '~> 1.5' - gem 'omniauth', '~> 1.8' ---- a/Gemfile.lock -+++ b/Gemfile.lock -@@ -156,7 +156,7 @@ - descendants_tracker (0.0.4) - thread_safe (~> 0.3, >= 0.3.1) - device_detector (1.0.0) -- devise (4.4.3) -+ devise (4.6.2) - bcrypt (~> 3.0) - orm_adapter (~> 0.1) - railties (>= 4.1.0, < 6.0) -@@ -1032,7 +1032,7 @@ - database_cleaner (~> 1.7.0) - deckar01-task_list (= 2.2.0) - device_detector -- devise (~> 4.4) -+ devise (~> 4.6) - devise-two-factor (~> 3.0.0) - diffy (~> 3.1.0) - discordrb-webhooks-blackst0ne (~> 3.3) ---- a/app/models/user.rb -+++ b/app/models/user.rb -@@ -1497,15 +1497,6 @@ - devise_mailer.__send__(notification, self, *args).deliver_later # rubocop:disable GitlabSecurity/PublicSend - end - -- # This works around a bug in Devise 4.2.0 that erroneously causes a user to -- # be considered active in MySQL specs due to a sub-second comparison -- # issue. For more details, see: https://gitlab.com/gitlab-org/gitlab-ee/issues/2362#note_29004709 -- def confirmation_period_valid? -- return false if self.class.allow_unconfirmed_access_for == 0.days -- -- super -- end -- - def ensure_user_rights_and_limits - if external? - self.can_create_group = false ---- a/app/views/devise/confirmations/new.html.haml -+++ b/app/views/devise/confirmations/new.html.haml -@@ -3,7 +3,7 @@ - .login-body - = form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post, class: 'gl-show-field-errors' }) do |f| - .devise-errors -- = devise_error_messages! -+ = render "devise/shared/error_messages", resource: resource - .form-group - = f.label :email - = f.email_field :email, class: "form-control", required: true, title: 'Please provide a valid email address.' ---- a/app/views/devise/passwords/edit.html.haml -+++ b/app/views/devise/passwords/edit.html.haml -@@ -3,7 +3,7 @@ - .login-body - = form_for(resource, as: resource_name, url: password_path(:user), html: { method: :put, class: 'gl-show-field-errors' }) do |f| - .devise-errors -- = devise_error_messages! -+ = render "devise/shared/error_messages", resource: resource - = f.hidden_field :reset_password_token - .form-group - = f.label 'New password', for: "user_password" ---- a/app/views/devise/passwords/new.html.haml -+++ b/app/views/devise/passwords/new.html.haml -@@ -3,7 +3,7 @@ - .login-body - = form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post, class: 'gl-show-field-errors' }) do |f| - .devise-errors -- = devise_error_messages! -+ = render "devise/shared/error_messages", resource: resource - .form-group - = f.label :email - = f.email_field :email, class: "form-control", required: true, value: params[:user_email], autofocus: true, title: 'Please provide a valid email address.' ---- a/app/views/devise/registrations/edit.html.erb -+++ b/app/views/devise/registrations/edit.html.erb -@@ -1,7 +1,7 @@ -

Edit <%= resource_name.to_s.humanize %>

- - <%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %> -- <%= devise_error_messages! %> -+ <%= render "devise/shared/error_messages", resource: resource %> - -
<%= f.label :email %>
- <%= f.email_field :email %>
---- a/app/views/devise/shared/_signup_box.html.haml -+++ b/app/views/devise/shared/_signup_box.html.haml -@@ -2,7 +2,7 @@ - .login-body - = form_for(resource, as: "new_#{resource_name}", url: registration_path(resource_name), html: { class: "new_new_user gl-show-field-errors", "aria-live" => "assertive" }) do |f| - .devise-errors -- = devise_error_messages! -+ = render "devise/shared/error_messages", resource: resource - .name.form-group - = f.label :name, 'Full name', class: 'label-bold' - = f.text_field :name, class: "form-control top qa-new-user-name js-block-emoji", required: true, title: _("This field is required.") ---- a/app/views/devise/unlocks/new.html.haml -+++ b/app/views/devise/unlocks/new.html.haml -@@ -3,7 +3,7 @@ - .login-body - = form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post, class: 'gl-show-field-errors' }) do |f| - .devise-errors -- = devise_error_messages! -+ = render "devise/shared/error_messages", resource: resource - .form-group.append-bottom-20 - = f.label :email - = f.email_field :email, class: 'form-control', autofocus: 'autofocus', autocapitalize: 'off', autocorrect: 'off', title: 'Please provide a valid email address.' ---- a/config/initializers/8_devise.rb -+++ b/config/initializers/8_devise.rb -@@ -100,6 +100,11 @@ - # secure: true in order to force SSL only cookies. - # config.cookie_options = {} - -+ # When set to false, does not sign a user in automatically after their password is -+ # changed. Defaults to true, so a user is signed in automatically after a password -+ # is changed. -+ config.sign_in_after_change_password = false -+ - # Send a notification email when the user's password is changed - config.send_password_change_notification = true - diff --git a/debian/patches/series b/debian/patches/series index 88cdb48559..c4b3f3c2f4 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,14 +2,12 @@ 0100-remove-development-test.patch 0108-make-mysql-optional.patch 0110-make-test-dependencies-conditional.patch -0220-relax-webmock.patch 0290-skip-peek-mysql2.patch 0340-relax-httparty.patch #0400-Relax-recaptcha-version.patch 0430-remove-gitlab-markup.patch 0440-remove-puma.patch 0450-remove-bullet.patch -#0480-relax-acts-as-taggable-on.patch 0500-set-webpack-root.patch 0510-remove-dev-dependencies.patch 0520-add-system-lib-path-for-webpack.patch @@ -19,8 +17,6 @@ 0640-relax-ruby-version.patch 0660-fix-gitlab-yml-path.patch 0670-allow-doorkeepr-4_3.patch -#0680-rails-5-migrations.patch -#0685-bump-fog.patch 0686-rails-5.1-embed.patch 0689-jwt-and-omniauth-google-oauth2.patch 0690-debian-usage-ping.patch @@ -28,9 +24,4 @@ 0710-use-yarnpkg.patch 0730-install-graphql-tag.patch 0740-use-packaged-modules.patch -bump-devise-to-4-6.patch -0800-embed-omniauth0ultraauth.patch -0810-embed-omniauth-salesforce.patch -0820-embed-apollo-upload-server.patch -0830-embed-sassc-rails.patch 0840-embed-gitlab-labkit.patch