diff --git a/.eslintrc.yml b/.eslintrc.yml index e131d4c07d..a8cbd9731a 100644 --- a/.eslintrc.yml +++ b/.eslintrc.yml @@ -1,6 +1,8 @@ extends: - '@gitlab' - plugin:promise/recommended + - plugin:no-jquery/slim + - plugin:no-jquery/deprecated-3.4 globals: __webpack_public_path__: true gl: false @@ -30,7 +32,13 @@ rules: no-else-return: - error - allowElseIf: true + import/no-unresolved: + - error + - ignore: + # https://gitlab.com/gitlab-org/gitlab/issues/38226 + - '^ee_component/' import/no-useless-path-segments: off + import/order: off lines-between-class-members: off # Disabled for now, to make the plugin-vue 4.5 -> 5.0 update smoother vue/no-confusing-v-for-v-if: error @@ -38,11 +46,13 @@ rules: vue/no-use-v-if-with-v-for: off vue/no-v-html: off vue/use-v-on-exact: off - no-jquery/no-ajax: error - no-jquery/no-ajax-events: error - no-jquery/no-load: error - no-jquery/no-load-shorthand: error + no-jquery/no-animate: off + # all offenses of no-jquery/no-animate-toggle are false positives ( $toast.show() ) + no-jquery/no-animate-toggle: off + no-jquery/no-event-shorthand: off + no-jquery/no-fade: off no-jquery/no-serialize: error + no-jquery/no-sizzle: off promise/always-return: off promise/no-callback-in-promise: off overrides: diff --git a/.gitattributes b/.gitattributes index 55c422f0f8..ec47d175c5 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,2 +1,3 @@ VERSION merge=ours Dangerfile gitlab-language=ruby +*.pdf filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore index b8cbfe9966..d43b1908dd 100644 --- a/.gitignore +++ b/.gitignore @@ -66,7 +66,7 @@ eslint-report.html /vendor/gitaly-ruby /builds* /.gitlab_workhorse_secret -/.gitlab_pages_shared_secret +/.gitlab_pages_secret /webpack-report/ /knapsack/ /rspec_flaky/ @@ -84,3 +84,4 @@ jsdoc/ .overcommit.yml .projections.json /qa/.rakeTasks +webpack-dev-server.json diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 36108d04e9..388f3f4b3e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,38 +1,42 @@ -image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.3-golang-1.11-git-2.22-chrome-73.0-node-12.x-yarn-1.16-postgresql-9.6-graphicsmagick-1.3.33" +image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.3-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.16-postgresql-9.6-graphicsmagick-1.3.33" stages: - sync - prepare - quick-test - test + - post-test - review-prepare - review - qa - - post-test + - post-qa + - notification - pages variables: RAILS_ENV: "test" NODE_ENV: "test" SIMPLECOV: "true" - GIT_DEPTH: "50" + GIT_DEPTH: "20" GIT_SUBMODULE_STRATEGY: "none" GET_SOURCES_ATTEMPTS: "3" KNAPSACK_RSPEC_SUITE_REPORT_PATH: knapsack/report-master.json FLAKY_RSPEC_SUITE_REPORT_PATH: rspec_flaky/report-suite.json BUILD_ASSETS_IMAGE: "false" ES_JAVA_OPTS: "-Xms256m -Xmx256m" - ELASTIC_URL: "http://elastic:changeme@docker.elastic.co-elasticsearch-elasticsearch:9200" + ELASTIC_URL: "http://elastic:changeme@elasticsearch:9200" after_script: - date include: + - local: .gitlab/ci/cache-repo.gitlab-ci.yml - local: .gitlab/ci/cng.gitlab-ci.yml - local: .gitlab/ci/docs.gitlab-ci.yml - local: .gitlab/ci/frontend.gitlab-ci.yml - local: .gitlab/ci/global.gitlab-ci.yml - local: .gitlab/ci/memory.gitlab-ci.yml + - local: .gitlab/ci/notifications.gitlab-ci.yml - local: .gitlab/ci/pages.gitlab-ci.yml - local: .gitlab/ci/qa.gitlab-ci.yml - local: .gitlab/ci/reports.gitlab-ci.yml diff --git a/.gitlab/ci/cache-repo.gitlab-ci.yml b/.gitlab/ci/cache-repo.gitlab-ci.yml new file mode 100644 index 0000000000..f856afd3a0 --- /dev/null +++ b/.gitlab/ci/cache-repo.gitlab-ci.yml @@ -0,0 +1,33 @@ +# Builds a cached .tar.gz of the master branch with full history and +# uploads it to Google Cloud Storage. This archive is downloaded by a +# script defined by a CI/CD variable named CI_PRE_CLONE_SCRIPT. This has +# two benefits: +# +# 1. It speeds up builds. A 800 MB download only takes seconds. +# 2. It significantly reduces load on the file server. Smaller deltas +# means less time spent in git pack-objects. +# +# Since the destination directory of the archive depends on the project +# ID, this is only run on GitLab.com. +# +# CI_REPO_CACHE_CREDENTIALS contains the Google Cloud service account +# JSON for uploading to the gitlab-ci-git-repo-cache bucket. These +# credentials are stored in the Production vault. +# +# Note that this bucket should be located in the same continent as the +# runner, or network egress charges will apply: +# https://cloud.google.com/storage/pricing +cache-repo: + extends: + - .only:variables_refs-canonical-dot-com-schedules + image: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine + stage: sync + allow_failure: true + variables: + GIT_DEPTH: 0 + TAR_FILENAME: /tmp/gitlab-master.tar + script: + - gcloud auth activate-service-account --key-file=$CI_REPO_CACHE_CREDENTIALS + - tar cf $TAR_FILENAME . + - gzip $TAR_FILENAME + - gsutil cp $TAR_FILENAME.gz gs://gitlab-ci-git-repo-cache/project-$CI_PROJECT_ID/gitlab-master.tar.gz diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml index 07375fca61..cd0e4085e1 100644 --- a/.gitlab/ci/docs.gitlab-ci.yml +++ b/.gitlab/ci/docs.gitlab-ci.yml @@ -24,7 +24,8 @@ - apk add --update openssl - wget $CI_PROJECT_URL/raw/$CI_COMMIT_SHA/scripts/trigger-build-docs - chmod 755 trigger-build-docs - - gem install gitlab --no-document + - gem install httparty --no-document --version 0.17.3 + - gem install gitlab --no-document --version 4.13.0 # Always trigger a docs build in gitlab-docs only on docs-only branches. # Useful to preview the docs changes live. diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml index 0b72461a9f..6578eec823 100644 --- a/.gitlab/ci/frontend.gitlab-ci.yml +++ b/.gitlab/ci/frontend.gitlab-ci.yml @@ -13,7 +13,7 @@ - .default-before_script - .assets-compile-cache - .only:changes-code-backstage-qa - image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.3-git-2.22-chrome-73.0-node-12.x-yarn-1.16-graphicsmagick-1.3.33-docker-18.06.1 + image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.3-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.16-graphicsmagick-1.3.33-docker-19.03.1 stage: test dependencies: ["setup-test-env"] needs: ["setup-test-env"] @@ -74,7 +74,6 @@ gitlab:assets:compile pull-cache: - .default-before_script - .assets-compile-cache - .only:changes-code-backstage-qa - - .use-pg9 stage: prepare script: - node --version @@ -83,6 +82,7 @@ gitlab:assets:compile pull-cache: - retry bundle exec rake gitlab:assets:compile - scripts/clean-old-cached-assets variables: + SETUP_DB: "false" # we override the max_old_space_size to prevent OOM errors NODE_OPTIONS: --max_old_space_size=3584 cache: @@ -244,6 +244,12 @@ webpack-dev-server: dependencies: ["setup-test-env", "compile-assets pull-cache"] variables: WEBPACK_MEMORY_TEST: "true" + WEBPACK_VENDOR_DLL: "true" script: - - node --version + - yarn webpack-vendor - node --expose-gc node_modules/.bin/webpack-dev-server --config config/webpack.config.js + artifacts: + name: webpack-dev-server + expire_in: 31d + paths: + - webpack-dev-server.json diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml index d746d8fe03..9ebd28c725 100644 --- a/.gitlab/ci/global.gitlab-ci.yml +++ b/.gitlab/ci/global.gitlab-ci.yml @@ -93,7 +93,7 @@ - "config.ru" - "{package.json,yarn.lock}" - "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" - - "doc/api/graphql/**/*" + - "doc/api/graphql/reference/*" # Files in this folder are auto-generated .backstage-patterns: &backstage-patterns - "Dangerfile" @@ -139,7 +139,7 @@ - "config.ru" - "{package.json,yarn.lock}" - "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" - - "doc/api/graphql/**/*" + - "doc/api/graphql/reference/*" # Files in this folder are auto-generated # Backstage changes - "Dangerfile" - "danger/**/*" @@ -163,7 +163,7 @@ - "config.ru" - "{package.json,yarn.lock}" - "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" - - "doc/api/graphql/**/*" + - "doc/api/graphql/reference/*" # Files in this folder are auto-generated # QA changes - ".dockerignore" - "qa/**/*" @@ -183,7 +183,7 @@ - "config.ru" - "{package.json,yarn.lock}" - "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" - - "doc/api/graphql/**/*" + - "doc/api/graphql/reference/*" # Files in this folder are auto-generated # Backstage changes - "Dangerfile" - "danger/**/*" @@ -202,7 +202,7 @@ - name: redis:alpine .use-pg10: - image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.3-golang-1.11-git-2.22-chrome-73.0-node-12.x-yarn-1.16-postgresql-10-graphicsmagick-1.3.33" + image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.3-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.16-postgresql-10-graphicsmagick-1.3.33" services: - name: postgres:10.9 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] @@ -213,15 +213,15 @@ - name: postgres:9.6 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] - name: redis:alpine - - name: docker.elastic.co/elasticsearch/elasticsearch:5.6.12 + - name: elasticsearch:5.6.12 .use-pg10-ee: - image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.3-golang-1.11-git-2.22-chrome-73.0-node-12.x-yarn-1.16-postgresql-10-graphicsmagick-1.3.33" + image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.3-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.16-postgresql-10-graphicsmagick-1.3.33" services: - name: postgres:10.9 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] - name: redis:alpine - - name: docker.elastic.co/elasticsearch/elasticsearch:5.6.12 + - name: elasticsearch:5.6.12 .only-ee: only: diff --git a/.gitlab/ci/notifications.gitlab-ci.yml b/.gitlab/ci/notifications.gitlab-ci.yml new file mode 100644 index 0000000000..4271e709f4 --- /dev/null +++ b/.gitlab/ci/notifications.gitlab-ci.yml @@ -0,0 +1,23 @@ +.notify: + image: ruby:2.6-alpine + stage: notification + dependencies: [] + cache: {} + before_script: + - apk update && apk add git curl bash + - source scripts/utils.sh + - source scripts/notifications.sh + - install_gitlab_gem + variables: + COMMIT_NOTES_URL: "https://${CI_SERVER_HOST}/${CI_PROJECT_PATH}/commit/${CI_COMMIT_SHA}#notes-list" + +schedule:package-and-qa:notify-failure: + extends: + - .only:variables_refs-canonical-dot-com-schedules + - .notify + script: + - 'export NOTIFICATION_MESSAGE=":skull_and_crossbones: Scheduled QA against master failed! :skull_and_crossbones: See ${CI_PIPELINE_URL}. For downstream pipelines, see ${COMMIT_NOTES_URL}"' + - 'notify_on_job_failure schedule:package-and-qa qa-master "${NOTIFICATION_MESSAGE}" ci_failing' + needs: ["schedule:package-and-qa"] + allow_failure: true + when: always diff --git a/.gitlab/ci/releases.gitlab-ci.yml b/.gitlab/ci/releases.gitlab-ci.yml index 1ddc4e90fc..17bfaf5cc8 100644 --- a/.gitlab/ci/releases.gitlab-ci.yml +++ b/.gitlab/ci/releases.gitlab-ci.yml @@ -1,22 +1,27 @@ --- -# Syncs any changes pushed to a stable branch to the corresponding CE stable -# branch. We run this prior to any tests so that random failures don't prevent a -# sync. -sync-stable-branch: +# Syncs any changes pushed to a stable branch to the corresponding +# gitlab-foss/CE stable branch. We run this prior to any tests so that random +# failures don't prevent a sync. +.merge-train-sync: # We don't need/want any global before/after commands, so we overwrite these # settings. image: alpine:edge stage: sync - # This job should only run on EE stable branches on the canonical GitLab.com - # repository. - only: - variables: - - $CI_SERVER_HOST == "gitlab.com" - refs: - - /^[\d-]+-stable-ee$/@gitlab-org/gitlab before_script: - apk add --no-cache --update curl bash after_script: [] script: - bash scripts/sync-stable-branch.sh + only: + variables: + - $CI_SERVER_HOST == "gitlab.com" + +sync-stable-branch: + extends: .merge-train-sync + variables: + SOURCE_PROJECT: gitlab-org/gitlab + TARGET_PROJECT: gitlab-org/gitlab-foss + only: + refs: + - /^[\d-]+-stable-ee$/@gitlab-org/gitlab diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml index fbb7826b6f..4ff14b660b 100644 --- a/.gitlab/ci/reports.gitlab-ci.yml +++ b/.gitlab/ci/reports.gitlab-ci.yml @@ -20,6 +20,7 @@ code_quality: variables: DOCKER_DRIVER: overlay2 DOCKER_TLS_CERTDIR: "" + CODE_QUALITY_IMAGE: "registry.gitlab.com/gitlab-org/security-products/codequality:12-5-stable" script: - | if ! docker info &>/dev/null; then @@ -27,14 +28,17 @@ code_quality: export DOCKER_HOST='tcp://localhost:2375' fi fi + - docker pull --quiet "$CODE_QUALITY_IMAGE" - docker run --env SOURCE_CODE="$PWD" --volume "$PWD":/code --volume /var/run/docker.sock:/var/run/docker.sock - "registry.gitlab.com/gitlab-org/security-products/codequality:12-0-stable" /code + "$CODE_QUALITY_IMAGE" /code artifacts: reports: codequality: gl-code-quality-report.json + paths: + - gl-code-quality-report.json expire_in: 1 week dependencies: [] except: @@ -165,7 +169,6 @@ dependency_scanning: DS_ANALYZER_IMAGE_TAG \ DS_DEFAULT_ANALYZERS \ DS_EXCLUDED_PATHS \ - DEP_SCAN_DISABLE_REMOTE_CHECKS \ DS_DOCKER_CLIENT_NEGOTIATION_TIMEOUT \ DS_PULL_ANALYZER_IMAGE_TIMEOUT \ DS_RUN_ANALYZER_TIMEOUT \ @@ -231,9 +234,3 @@ dast: - gl-dast-report.json reports: dast: gl-dast-report.json - only: - variables: - - $GITLAB_FEATURES =~ /\bdast\b/ - except: - variables: - - $DAST_DISABLED diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml index 4ed9ac03d0..1062f6b03a 100644 --- a/.gitlab/ci/review.gitlab-ci.yml +++ b/.gitlab/ci/review.gitlab-ci.yml @@ -23,9 +23,11 @@ build-qa-image: stage: prepare script: - '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"' + - export QA_MASTER_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab/gitlab-${GITLAB_EDITION}-qa:master" - export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab/gitlab-${GITLAB_EDITION}-qa:${CI_COMMIT_REF_SLUG}" - - time docker build --cache-from gitlab/gitlab-${GITLAB_EDITION}-qa:nightly --tag ${QA_IMAGE} --file ./qa/Dockerfile ./ - echo "${CI_JOB_TOKEN}" | docker login --username gitlab-ci-token --password-stdin ${CI_REGISTRY} + - time docker pull "${QA_MASTER_IMAGE}" + - time docker build --cache-from "${QA_MASTER_IMAGE}" --tag ${QA_IMAGE} --file ./qa/Dockerfile ./ - time docker push ${QA_IMAGE} .base-review-cleanup: @@ -94,10 +96,7 @@ schedule:review-build-cng: variables: HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}" DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}" - # v2.4.4 + two improvements: - # - Allow to pass an EE license when installing the chart: https://gitlab.com/gitlab-org/charts/gitlab/merge_requests/1008 - # - Allow to customize the livenessProbe for `gitlab-shell`: https://gitlab.com/gitlab-org/charts/gitlab/merge_requests/1021 - GITLAB_HELM_CHART_REF: "6c655ed77e60f1f7f533afb97bef8c9cb7dc61eb" + GITLAB_HELM_CHART_REF: "v2.5.1" GITLAB_EDITION: "ce" environment: name: review/${CI_COMMIT_REF_NAME} @@ -135,13 +134,11 @@ review-deploy: - .review-deploy-base - .only-review - .only:changes-code-qa - needs: ["review-build-cng"] schedule:review-deploy: extends: - .review-deploy-base - .only-review-schedules - needs: ["schedule:review-build-cng"] .base-review-stop: extends: @@ -280,7 +277,7 @@ parallel-spec-reports: - .only-review - .only:changes-code-qa image: ruby:2.6-alpine - stage: post-test + stage: post-qa dependencies: ["review-qa-all"] variables: NEW_PARALLEL_SPECS_REPORT: qa/report-new.html diff --git a/.gitlab/issue_templates/Productivity Improvement.md b/.gitlab/issue_templates/Productivity Improvement.md new file mode 100644 index 0000000000..89505cd85b --- /dev/null +++ b/.gitlab/issue_templates/Productivity Improvement.md @@ -0,0 +1,47 @@ +## What is the productivity problem to solve? + + + +### Problem identification checklist + +- [ ] The root cause of the problem is identified. +- [ ] The surface of the problem is as small as possible. + +## What are the potential solutions? + + + +- [ ] All potential solutions are listed. +- [ ] A solution has been chosen for the first iteration: `PUT THE CHOSEN SOLUTION HERE` + +## Who and when will the solution be implemented? + + + +## Verify that the solution has improved the situation + + + +- [ ] The solution improved the situation. + - If yes, check this box and close the issue. Well done! :tada: + - Otherwise, create a new "Productivity Improvement" issue. You can re-use the description from this issue, but obviously another solution should be chosen this time. + +/label ~"Engineering Productivity" ~meta +/cc @gl-quality/eng-prod diff --git a/.haml-lint_todo.yml b/.haml-lint_todo.yml index 232a87c198..2e1b1770f9 100644 --- a/.haml-lint_todo.yml +++ b/.haml-lint_todo.yml @@ -411,6 +411,7 @@ linters: - 'app/views/shared/snippets/_snippet.html.haml' - 'app/views/shared/tokens/_scopes_list.html.haml' - 'app/views/shared/web_hooks/_form.html.haml' + - 'app/views/shared/web_hooks/_hook.html.haml' - 'app/views/shared/web_hooks/_test_button.html.haml' - 'app/views/u2f/_authenticate.html.haml' - 'app/views/u2f/_register.html.haml' @@ -442,7 +443,7 @@ linters: - 'ee/app/views/groups/epics/_epic.html.haml' - 'ee/app/views/groups/group_members/_ldap_sync.html.haml' - 'ee/app/views/groups/group_members/_sync_button.html.haml' - - 'ee/app/views/groups/hooks/_project_hook.html.haml' + - 'ee/app/views/groups/hooks/edit.html.haml' - 'ee/app/views/groups/hooks/index.html.haml' - 'ee/app/views/groups/ldap_group_links/index.html.haml' - 'ee/app/views/groups/pipeline_quota/index.html.haml' diff --git a/.markdownlint.json b/.markdownlint.json index f06c0766c3..fe3790f47e 100644 --- a/.markdownlint.json +++ b/.markdownlint.json @@ -26,5 +26,102 @@ "first-line-h1": false, "code-block-style": { "style": "fenced" + }, + "proper-names": { + "names": [ + "Akismet", + "Alertmanager", + "API", + "Asana", + "Auth0", + "Authentiq", + "Azure", + "Bamboo", + "Bitbucket", + "Bugzilla", + "CAS", + "CentOS", + "Consul", + "Debian", + "Elasticsearch", + "Facebook", + "Git LFS", + "git-annex", + "Git", + "Gitaly", + "GitHub", + "GitLab Geo", + "GitLab Monitor", + "GitLab Operator", + "GitLab Pages", + "GitLab Rails", + "GitLab Runner", + "GitLab Shell", + "GitLab Workhorse", + "GitLab", + "Gmail", + "Google", + "Grafana", + "Helm", + "HipChat", + "Ingress", + "jasmine-jquery", + "JavaScript", + "Jaeger", + "Jenkins", + "Jira", + "Jira Cloud", + "Jira Server", + "jQuery", + "JupyterHub", + "Karma", + "Kerberos", + "Knative", + "Kubernetes", + "LDAP", + "Let's Encrypt", + "Markdown", + "markdownlint", + "Mattermost", + "Microsoft", + "MinIO", + "NGINX Ingress", + "NGINX", + "OAuth", + "OAuth 2", + "OmniAuth", + "Omnibus GitLab", + "OpenID", + "OpenShift", + "PgBouncer", + "PostgreSQL", + "Prometheus", + "Puma", + "Python", + "Redis", + "Redmine", + "reCAPTCHA", + "runit", + "Salesforce", + "SAML", + "Sentry", + "Sidekiq", + "Shibboleth", + "Slack", + "SMTP", + "SSH", + "Tiller", + "Trello", + "Trello Power-Ups", + "TypeScript", + "Twitter", + "Ubuntu", + "Ultra Auth", + "Unicorn", + "unicorn-worker-killer", + "WebdriverIO", + "YouTrack" + ], + "code_blocks": false } } diff --git a/.nvmrc b/.nvmrc index f8c17e7809..4de623cfef 100644 --- a/.nvmrc +++ b/.nvmrc @@ -1 +1 @@ -12.4.0 +12.10.0 diff --git a/.rubocop.yml b/.rubocop.yml index 1d5cf7642c..27dce2239d 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -56,7 +56,6 @@ Style/FrozenStringLiteralComment: - 'qa/**/*' - 'rubocop/**/*' - 'scripts/**/*' - - 'spec/lib/gitlab/**/*' RSpec/FilePath: Exclude: diff --git a/CHANGELOG-EE.md b/CHANGELOG-EE.md index 3ee8fccc73..dc4e390ebc 100644 --- a/CHANGELOG-EE.md +++ b/CHANGELOG-EE.md @@ -1,5 +1,116 @@ Please view this file on the master branch, on stable branches it's out of date. +## 12.6.1 + +- No changes. + +## 12.6.0 + +### Fixed (32 changes, 5 of them are from the community) + +- Exclude forks from Group Security Dashboard filter. !14667 +- Clarify why Service Desk feature is unavailable. !19244 +- Bump code quality version in template to 0.85.5. !19354 +- Nullify user roles that have been accidentaly set to a value of 0. !19569 +- Display CI Minutes warning only if minutes left is still below last level. !19751 +- Add a unique constraint to `software_licenses.name` column. !19840 +- Link user accounts to new Smartcards identities on login. !20059 +- Allow valid namespace paths with dots for api PUT. !20079 +- Map software license names from the v1 license scan report to an equivalent SPDX identifer. !20195 +- Prefer sending external pull request pipeline statuses over general statuses to GitHub. !20364 +- Abort rendering of security reports that aren't enabled. !20381 +- Fix Infinite Scrolling on Environments Dashboard Project Selector. !20408 +- Link user accounts to new Smartcards certificate ldap identities on login. !20470 +- Handle design repositories when moving a project to a new storage. !20509 +- Resolve Version dropdown goes wrong if versions are not monotonic. !20515 (Tom Quirk) +- Turn auto_complete_issues on by default. !20525 +- Handle design repositories when moving existing projects to Hashed Storage. !20540 +- Fix dependency metadata on the NPM registry responses. !20549 +- Fix the hiding of undismissed vulnerabilities. !20599 +- Fix check for existing ES limited indexing IDs. !20866 +- Show actions area for fixed vulnerabilities in merge requests. !20867 +- Fix typo in Kubernetes GKE setup error message. !21091 +- Include projects in subgroups in group boards relative position. !21189 +- Fix inability to add comments to a discussion in Design Management. !21229 +- Fix Infinity % / Infinity % on Stacked Progress Bar. !21437 +- Fix sort icon direction when sorting by weight. !21447 (Jan Beckmann) +- Auto-focus title text box when creating new epics. !21516 (Jan Beckmann) +- Fix analytics icon alignment. !21555 +- Invalid trial form to remember user & country. !21840 +- Fix styling on contribution analytics dashboard. !207012 (briankabiro) +- Add correct link to milestone in groups for issuables list after refactor. +- Show the proper message when adding a duplicate issue to an epic. (20175) + +### Changed (13 changes, 1 of them is from the community) + +- Make "Learn more about" links for security scanning popovers on merge request page open in new tab. !13333 (Daniel Tian) +- Redirect Admin > Settings > Geo to Admin > Geo > Settings. !19833 +- Expose epic_id parameter in issues API. !19953 +- Allow to login with Smartcard certificates using SAN extensions that only defines one global email identity. !20052 +- Update SAST.gitlab-ci.yml - Add kubesec analyzer. !20129 +- Update start trial CTA in top right banner to only appear if all namespaces are free. !20177 +- Update billing page trial CTAs. !20383 +- Rename software_license_policies.approval_status to software_license_policies.classification. !20414 +- Add ability to edit Group Hooks. !20898 +- Improve the performance of group templates finder. !20947 +- Hide elasticsearch namespaces and projects when too many in rollout. !21225 +- Update Explore Geo Page. !21448 +- Renamed Conversational Development Index feature to DevOps Score. + +### Performance (1 change) + +- Do not trigger count query for pagination without count. !21232 + +### Added (24 changes, 2 of them are from the community) + +- Add new approval rule type which allows anyone to approve. !15378 +- Add Personal access token expiry policy. !17344 +- Expose time logs for group issues via the GraphQL API. !18689 +- Add application settings needed for soft-deletion. !18790 +- Add link to new epic for promoted issues. !18839 (Jan Beckmann) +- Use issue templates on service desk(backend). !19515 +- Log history for gitlab_subscriptions table. !19694 +- Resolve Show plan of root group on subgroup details page. !20218 +- Adjust group members API to include group SAML info. !20357 +- Add user ability to append template to incoming service desk issues. !20476 +- Add audit event when member access is removed due to expiration. !20529 +- Update CI templates to use sitespeed 11.2.0. !20561 +- Added migration for issue link types. !20617 +- Add security configuration navigation item. !20711 +- Create a new database composite index to support cross-project artifacts downloads. !20721 +- Add deployment API updated_at filters. !20731 +- Show loading spinner in design card while design is uploading. !20814 +- Add most affected projects to group security dashboard. !20892 +- Introduce Credentials Inventory. !20912 +- Add GraphQL mutation for changing weight of an issue. !21331 +- Cache vulnerability findings history endpoint for security dashboards. !21349 +- Added Marginalia feature which can generate PostgreSQL query comments to Gitlab. !21364 (BalaKumar) +- Add API for states by country. !21417 +- Improved trials sign up for gitlab.com. !21650 + +### Other (8 changes, 2 of them are from the community) + +- Store and look up design management version authorship from database. !17322 +- Remove redundant ManagedLicenses controller. !20131 (briankabiro) +- Updated board_service.js to use boardStore directly. !20141 (nuwe1) +- Delete any stale deploy access levels by group. !20689 +- Add project webhooks limits on GitLab.com. !20730 +- Remove the design_management_flag feature flag from the codebase. The feature flag toggles the Design Management feature, and has been enabled by default since 12.2. !20883 +- Remove operations_feature_flags_clients.token column. !21016 +- Update the alerts used in the Dependency List to follow GitLab design guidelines. !21760 + + +## 12.5.5 + +- No changes. + +## 12.5.4 + +### Security (1 change) + +- Fix stale Elasticsearch permissions when moving group from public group to private parent group. + + ## 12.5.3 ### Performance (1 change) @@ -11,10 +122,6 @@ Please view this file on the master branch, on stable branches it's out of date. - Geo - Does not schedule duplicated jobs while backfilling uploads, LFS objects and job artifacts. !20324 -## 12.5.2 - -- No changes. - ## 12.5.1 ### Security (6 changes) @@ -113,6 +220,18 @@ Please view this file on the master branch, on stable branches it's out of date. - Remove IIFEs from jira_connect.js file. !19248 (nuwe1) +## 12.4.5 + +- No changes. + +## 12.4.3 + +### Fixed (2 changes) + +- Fix admin welcome image not found. !19676 +- Revert ES support for public/internal project snippets. !19715 + + ## 12.4.2 ### Fixed (1 change) @@ -243,6 +362,25 @@ Please view this file on the master branch, on stable branches it's out of date. - Docs for protected branch code owner approval API. !17132 +## 12.3.9 + +### Security (1 change) + +- Fix stale Elasticsearch permissions when moving group from public group to private parent group. + + +## 12.3.7 + +### Security (6 changes) + +- Protect Jira integration endpoints from guest users. +- Fix private comment Elasticsearch leak on project search scope. +- Filter snippet search results by feature visibility. +- Hide AWS secret on Admin Integration page. +- Fail pull mirror when mirror user is blocked. +- Prevent IDOR when adding users to protected environments. + + ## 12.3.4 ### Fixed (2 changes) @@ -446,6 +584,13 @@ Please view this file on the master branch, on stable branches it's out of date. - Fixes style-lint errors and warnings for EE builds.scss file. +## 12.2.11 + +### Fixed (1 change) + +- Backport the new reliable fetcher. !21198 + + ## 12.2.8 ### Fixed (1 change) @@ -794,6 +939,21 @@ Please view this file on the master branch, on stable branches it's out of date. - Don't send CI usage email notifications for self-hosted instances. !14809 +## 12.0.12 + +### Fixed (1 change) + +- Backport the new reliable fetcher to 12.0.9. !20532 + + +## 12.0.10 + +- No changes. +### Fixed (1 change) + +- Backport the new reliable fetcher to 12.0.9. !20532 + + ## 12.0.7 ### Security (3 changes) diff --git a/CHANGELOG.md b/CHANGELOG.md index fc4868481b..c15baafe74 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,9 +2,424 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. -## 12.5.4 +## 12.6.1 - No changes. +### Fixed (2 changes) + +- Handle forbidden error when checking for knative. !22170 +- Fix stack trace highlight for PHP. !22258 + +### Performance (1 change) + +- Eliminate N+1 queries in PipelinesController#index. !22189 + + +## 12.6.0 + +### Security (4 changes) + +- Update Rugged to v0.28.4.1. !21869 +- Update maven_file_name_regex for full string match. +- Add maven file_name regex validation on incoming files. +- Update Workhorse and Gitaly to fix a security issue. + +### Removed (1 change) + +- Remove downstream pipeline connecting lines. !21196 + +### Fixed (101 changes, 16 of them are from the community) + +- Fix delete user dialog bypass caused by hitting enter. !17343 +- Fix broken UI on Environment folder. !17427 (Takuya Noguchi) +- Fix award emoji tooltip being escaped twice if multiple people voted. !19273 (Brian T) +- Use cascading deletes for deleting oauth_openid_requests upon deleting an oauth_access_grant. !19617 +- Update merging an MR behavior on the API when pipeline fails. !19641 (briankabiro) +- Vertically align collapse button on epic sidebar. !19656 +- Fix projects list to show info in user's locale. !20015 (Arun Kumar Mohan) +- Update padding for cluster alert warning. !20036 (George Tsiolis) +- Show correct warning on issue when project is archived. !20078 +- Resets aria-describedby on mouseleave. !20092 (carolcarvalhosa) +- Allow patch notes on repo tags page to word wrap. !20135 +- Remove Release edit url for users not allowed to update a release. !20136 +- Fix group managed accounts members cleanup. !20157 +- Epic tree bug fixes. !20209 +- Add missing external-link icon for Crossplane managed app. !20283 +- Fixes MR approvers tooltip wrong color. !20287 (Dheeraj Joshi) +- Ignore empty MR diffs when migrating to external storage. !20296 +- Add link color to design comments. !20302 +- Fix graph groups in monitor dashboard that are hidden on load. !20312 +- Update Container Registry naming restrictions to allow for sequential '-'. !20318 +- Fixed monitor charts from throwing error when zoomed. !20331 +- Validate the merge sha before merging, confirming that the merge will only contain what the user saw. !20348 +- Change container registry column name from Tag ID to Image ID. !20349 +- Fix dropdown location on the monitoring charts. !20400 +- Fixed project import from export ignoring namespace selection. !20405 +- Backup: Disable setting of ACL for Google uploads. !20407 +- Fix documentation link from empty environment dashboard. !20415 +- Move persistent_ref.create into run_after_commit. !20422 +- Update external link to provider in cluster settings. !20425 +- Fix issue trying to edit weight with collapsed sidebar as guest. !20431 +- Handle empty stacktrace and entries with no code. !20458 +- Refactor the Deployment model so state machine events are used by both CI and the API. !20474 +- Guest users should not delete project snippets they created. !20477 +- Accept user-defined dashboard uids in Grafana embeds. !20486 +- Fix multi select input padding in project and group user select. !20520 (Kevin Lee) +- Use correct fragment identifier for vulnerability help path. !20524 +- Fix group search in groups dropdown. !20535 +- Fix removing of child epics that belong to subgroups. !20610 +- Fix opening Sentry error details in new tab. !20611 +- Ensure next unresolved discussion button takes user to the right place. !20620 +- Allow Gitlab GKE clusters to access Google Cloud Registry private images. !20662 (Tan Yee Jian) +- Fix cron parsing for Daylight Savings. !20667 +- Fix incorrect new branch name from issue. !20677 (Lee Tickett) +- Improve the way the metrics dashboard waits for data. !20687 +- Remove destroy_personal_snippet ability. !20717 +- Try longer to clean up after using a gpg-keychain and raise exption if the cleanup fails. !20718 +- Fix tooltip hovers in environments table. !20737 +- Remove DB transaction from Rebase operation. !20739 +- Improve UX for vulnerability dismissal note. !20768 +- Fix change to default foreground and backgorund colors in job log. !20787 +- Display Labels item in sidebar when Issues are disabled. !20817 +- Junit success percentage no longer displays 100% if there are failures. !20835 +- Ensure to check create_personal_snippet ability. !20838 +- Fix a display bug in the fork removal description message. !20843 +- Validate unique environment scope for instance clusters. !20886 +- Add empty region when group metrics are missing. !20900 +- Adjust issue metrics first_mentioned_in_commit_at calculation. !20923 +- Update copy on managed namespace prefixes. !20935 +- Add protected branch permission check to run downstream pipelines. !20964 +- Fix assignee url in issue board sidebar. !20992 (Lee Tickett) +- Retrieve issues from subgroups when rendering group milestone. !21024 +- Adds 409 when user cannot be soft deleted through the API. !21037 +- Respect the timezone reported from Gitaly. !21066 +- Fix Container repositories can not be replicated when s3 is used. !21068 +- Remove redundant toast.scss file and variables. !21105 +- Respect snippet query params when displaying embed urls. !21131 +- Remove action buttons from designs tab if there are no designs. !21186 +- Correctly return stripped PGP text. !21187 (Roger Meier) +- Fix error when linking already linked issue to epic. !21213 +- Do not attribute unverified commit e-mails to GitLab users. !21214 +- Add nonunique indexes to Labels. !21230 +- Fix snippet routes. !21248 +- Fix Zoom Quick Action server error when creating a GitLab Issue. !21262 +- Rename snippet refactored routes. !21267 +- Validate connection section in direct upload config. !21270 +- Fix pipeline retry in a CI DAG. !21296 +- Authenticate runner requests in Rack::Attack. !21311 +- Fix top border of README file header in file list. !21314 +- Fix forking a deduplicated project after it was moved to a different shard. !21339 +- Fix misaligned approval tr. !21368 (Lee Tickett) +- Fix crash registry contains helm charts. !21381 +- Web IDE: Fix the console error that happens when discarding a newly added/uploaded file. !21537 +- Authenticate requests with job token as basic auth header for request limiting. !21562 +- Fix Single-File-Editor-Layout breaking when branch name is too long. !21577 (Roman Kuba) +- Fix top border of README in vue_file_list. !21578 (Hector Bustillos) +- Stage dropdown lists style corrections. !21607 (Hector Bustillos) +- Change commit_id type on commit_user_mentions table. !21651 +- Do not clean the prometheus metrics directory for sidekiq. !21671 +- !21542 Part 1: Add new utils for Web IDE store. !21673 +- Update auto-deploy-image to v0.8.3. !21696 +- Match external user new snippet button visibility to permissions. !21718 +- Links to design comments now lead to specific note. !21724 +- Re-enable the cloud run feature. !21762 +- Ensure forks count cache refresh for source project. !21771 +- Fix padding on the design comments. !21839 +- Fix "Discard all" for new and renamed files. !21854 +- Fix project file finder url encoding file path separators. !21861 +- Ensure namespace is present for Managed-Cluster-Applications CI template. !21903 +- Rename common template jobs in sast and ds. !22084 +- Fixed query behind release filter on merge request search page. !38244 +- Activate projects Prometheus service integration when Prometheus managed application is installed on shared cluster. + +### Deprecated (4 changes) + +- Drop deprecated column from projects table. !18914 +- Limit number of projects displayed in GET /groups/:id API. !20023 +- Move operations project routes under - scope. !20456 +- Move wiki routing under /-/ scope. !21185 + +### Changed (60 changes, 10 of them are from the community) + +- Use better context-specific empty state screens for the Security Dashboards. !18382 +- Add evidence collection for Releases. !18874 +- Update information and button text for deployment footer. !18918 +- Move merge request description into discussions tab. !18940 +- Keep details in MR when changing target branch. !19138 +- Make internal projects poolable. !19295 (briankabiro) +- Enable support for multiple content query in GraphQL Todo API. !19576 +- Allow merge without refresh when new commits are pushed. !19725 +- Correct link to Merge trains documentation on MR widget. !19726 +- Preserve merge train history. !19864 +- Support go-source meta tag for godoc.org. !19888 (Ethan Reesor (@firelizzard)) +- Display a better message when starting a discussion on a deleted comment. !20031 (Jacopo Beschi @jacopo-beschi) +- Add sort param to error tracking issue index. !20101 +- Add template repository usage to the usage ping. !20126 (minghuan lei) +- Convert flash epic error to form validation error. !20130 +- Add 'download' button to Performance Bar. !20205 (Will Chandler) +- SaaS trial copy shows plan. !20207 +- Add rbac access to knative-serving namespace deployments to get knative version information. !20244 +- Unlock button changed from Icon to String. !20307 +- Upgrade to Gitaly v1.72.0. !20313 +- Increase upper limit of start_in attribute to 1 week. !20323 (Will Layton) +- Add CI variable to show when Auto-DevOps is explicitly enabled. !20332 +- Hashed Storage attachments migration: exclude files in object storage as they are all hashed already. !20338 +- Removes caching for design tab discusisons. !20374 +- Fixes to inconsistent margins/sapcing in the project detail page. !20395 +- Changes to how the search term is styled in the results. !20416 +- Move confidence column in the security dashboard. !20435 (Dheeraj Joshi) +- Upgrade to Gitaly v1.73.0. !20443 +- Replacing incorrect icon in security dashboard. !20510 +- Rework pod logs navigation scheme. !20578 +- Reduce start a trial rocket emoji size. !20579 +- Upgrade auto-deploy-image for helm default values file. !20588 +- Exposed deployment build manual actions for merge request page. !20615 +- Upgrade to Gitaly v1.74.0. !20706 +- Fetches initial merge request widget data async. !20719 +- Add service desk information to project graphQL endpoint. !20722 +- Add admin mode controller path to Rack::Attack defaults. !20735 (Diego Louzán) +- Add more filters to SnippetsFinder. !20767 +- Clean up the cohorts table. !20779 +- Remove vulnerability counter from security tab. !20800 +- Only blacklist IPs from Git requests. !20828 +- Optimize Deployments endpoint by preloading associations and make record ordering more consistent. !20848 +- Update deploy instances color scheme. !20890 +- Add service desk information to projects API endpoint. !20913 +- Added event tracking to the package details installation components. !20967 +- Hide Merge Request information on milestones when MRs are disabled for project. !20985 (Wolfgang Faust) +- Upgrade to Gitaly v1.75.0. !21045 +- Evidence - Added restriction for guest on Release page. !21102 +- Increase lower DAG `needs` limit from five to ten. !21237 +- Add doc links to features on admin dashboard. !21419 +- Autofocus cluster dropdown search input. !21440 +- Add autofocus to label search fields. !21508 +- When a forked project is less visible than its source, merge requests opened in the fork now target the less visible project by default. !21517 +- UI improvements in the views for new project from template and the user groups and snippets. !21524 (Hector Bustillos) +- Show merge immediately dialog even if the MR's pipeline hasn't finished. !21556 +- Support toggling service desk from API. !21627 +- Make `workflow:rules` to work well with Merge Requests. !21742 +- Upgrade to Gitaly v1.76.0. !21857 +- Remove authentication step from visual review tools instructions. +- Fixes wording on runner admin. + +### Performance (22 changes) + +- Optimize query for CI pipelines of merge request. !19653 +- Replace index on environments table project_id and state with project_id, state, and environment_type. !19902 +- Remove reactive caching value keys once the alive key has expired. !20111 +- Suggest squash commit messages based on recent commits. !20231 +- Improve performance of /api/:version/snippets/public API and only return public personal snippets. !20339 +- Add limit for snippet content size. !20346 +- Reduce Gitaly calls in BuildHooksWorker. !20365 +- Enable ETag caching for MR notes polling. !20440 +- Disable public project counts on welcome page. !20517 +- Optimize query when Projects API requests private visibility level. !20594 +- Improve issues search performance on GraphQL. !20784 +- UpdateProjectStatistics updates after commit. !20852 +- Run housekeeping after moving a repository between shards. !20863 +- Require group_id or project_id for MR target branch autocomplete action. !20933 +- Cache the ancestor? Gitaly call to speed up polling for the merge request widget. !20958 +- Optimize loading the repository deploy keys page. !20970 +- Added lightweight check when retrieving Prometheus metrics. !21099 +- Limit max metrics embeds in GFM to 100. !21356 +- Fork Puma to validate scheduler fixes. !21547 +- Remove an N+1 call rendering projects search results. !21626 +- Skip updating LFS objects in mirror updates if repository has not changed. !21744 +- Add indexes on deployments to improve environments search. !21789 + +### Added (117 changes, 16 of them are from the community) + +- Add upvote/downvotes attributes to GraphQL Epic query. !14311 +- Delete kubernetes cluster association and resources. !16954 +- Add badge name field. !16998 (Lee Tickett) +- Add OmniAuth authentication support to admin mode feature. !18214 (Diego Louzán) +- Creates DB tables for storing mentioned users, groups, projects referenced in a note or issuable description. !18316 +- Add body data elements for pageview context. !18450 +- Added filtering of inherited members for subgroups. !18842 +- Added responsiveness to audit events table. !18859 +- Add ability to make Jira comments optional. !19004 +- Store users, groups, projects mentioned in Markdown to DB tables. !19088 +- Upgrade `mail_room` gem to 0.10.0 and enable structured logging. !19186 +- Add possibility to save max issue weight on lists. !19220 +- Return 422 status code in case of error in submitting comments. !19276 (raju249) +- Add Personal Access Token expiration reminder. !19296 +- Add recent search to error tracking. !19301 +- Resolve Limit the number of stored sessions per user. !19325 +- Add services for 'soft-delete for groups' feature. !19358 +- Notify user when over 1000 epics in roadmap. !19419 +- Search list of Sentry errors by title in GitLab. !19439 +- Add issue statistics to releases on the Releases page. !19448 +- Add snowplow events for monitoring dashboard. !19455 +- Add snowplow events for APM. !19463 +- Add GraphQL mutation to mark all todos done for a user. !19482 +- Added rules configuration for Ci::Bridge. !19605 +- Add workers for 'soft-delete for groups' feature. !19679 +- add tagger within tag view. !19681 (Roger Meier) +- Strong validate import export references. !19682 +- Update Release API with evidence related data. !19706 +- Graphql query for issues can now be sorted by weight. !19721 +- GraphQL for Sentry rror details. !19733 +- View closed issues in epic. !19741 +- Add API endpoint to unpublish GitLab Pages. !19781 +- Add Pipeline Metadata to Packages. !19796 +- Create data model for serverless domains. !19835 +- Add Unify Circuit project integration service. !19849 (Fabio Huser) +- add sha256 fingerprint to keys model, view and extend users API to search user via fingerprint. !19860 (Roger Meier) +- Allow order_by updated_at in Pipelines API. !19886 +- Implement pagination for project releases page. !19912 (Fabio Huser) +- Add migrations for secret snippets. !19939 +- Control passing artifacts from CI DAG needs. !19943 +- Genereate a set of sample prometheus metrics and route to the sample metrics when enabled. !19987 +- Add warning dialog when users click the "Merge immediately" merge train option. !20054 +- Expose moved_to_id in issues API. !20083 (Lee Tickett) +- Relate issues when they are marked as duplicated. !20161 (minghuan lei) +- Asks for confirmation before changing project visibility level. !20170 +- Allow CI config path to point to a URL or file in a different repository. !20179 +- Allow groups to disable mentioning their members, if the group is mentioned. !20184 (Fabio Huser) +- Add modsecurity deployment counts to usage ping. !20196 +- Added legend to deploy boards. !20208 +- Support passing CI variables via git push options. !20255 +- Add GraphQL mutation to restore a Todo. !20261 +- Allow specifying Kubernetes namespace for an environment in gitlab-ci.yml. !20270 +- Add migrations for 'soft-delete for groups' feature. !20276 +- Add Maven installation commands to package detail page for Maven packages. !20300 +- Add feature to allow specifying userWithId strategies per environment spec. !20325 +- Enable creating Amazon EKS clusters from GitLab. !20333 +- Add ability to create new issue from sentry error detail page. !20337 +- Convert flash alerts to toasts. !20356 +- Return project commit url instead of commits url. !20369 (raju249) +- Collect the date a SaaS trial starts on. !20384 +- Add option to delete cached Kubernetes namespaces. !20411 +- Create container expiration policies for projects. !20412 +- Adjust fork network relations upon project visibility change. !20466 +- Create a license info rake task. !20501 (Jason Colyer) +- Add GraphQL mutation for changing due date of an issue. !20577 +- Add Snippet GraphQL resolver endpoints. !20613 +- Allow Job-Token authentication on Releases creation API. !20632 +- Add created_before/after filter to group/project audit events. !20641 +- Allow searching of projects by full path. !20659 +- Allow administrators to set a minimum password length. !20661 +- Update helper text for sentry error tracking settings. !20663 (Rajendra Kadam) +- Adds ability to create issues from sentry details page. !20666 +- Add coverage difference visualization to merge request page. !20676 (Fabio Huser) +- Use CI configured namespace for deployments to unmanaged clusters. !20686 +- Resolve Design view: Download single issue design image. !20703 +- Import large gitlab_project exports via rake task. !20724 +- Added Total/Frontend metrics to the performance bar. !20725 +- Add dependency scanning flag for skipping automatic bundler audit update. !20743 +- Add GraphQL mutation for setting an issue as confidential. !20785 +- Track adding metric via monitoring dashboard. !20818 +- Add _links object to package api response. !20820 +- CI template for installing cluster applications. !20822 +- Add SalesforceDX project template. !20831 +- Allow NPM package downloads with CI_JOB_TOKEN. !20868 +- Allow raw blobs to be served from an external storage. !20936 +- Added Snippets GraphQL mutations. !20956 +- Added WebHookLogs for ServiceHooks. !20976 +- Surface GitLab issue in error detail page. !21019 +- Add type to broadcast messages. !21038 +- add OpenAPI file viewer. !21106 (Roger Meier) +- Add updated_before and updated_after filters to the Pipelines API endpoint. !21133 +- Implement pagination for sentry errors. !21136 +- Add support for Conan package management in the package registry. !21152 +- Add syntax highlight for Sentry error stack trace. !21182 +- Keyset pagination for REST API (Project endpoint). !21194 +- CI template for Sentry managed app. !21208 +- Add CI variable to set the version of pip when scanning dependencies of Python projects. !21218 +- Add dependency scanning flag for specifying pip requirements file for scanning. !21219 +- Do not allow specifying a Kubernetes namespace via CI template for managed clusters. !21223 +- Sort Sentry error list by first seen, last seen or frequency. !21250 +- Add documentation about dependency scanning gradle support. !21253 +- Allow PDF attachments to be opened on browser. !21272 +- Add child label to commit box. !21323 +- Update Knative to 0.9.0. !21361 (cab105) +- Add target_path to broadcast message API. !21430 +- Allow Kubernetes namespaces specified via CI template to be used for terminals, pod logs and deploy boards. !21460 +- Allow styling broadcast messages. !21522 +- Enable new job log by default. !21543 +- Document support for sbt dependency scanning. !21588 +- Return multiple errors from CI linter. !21589 +- Add specific error states to dashboard. !21618 +- Add timestamps to pod logs. !21663 +- Hide profile information when user is blocked. !21706 +- link to group on group admin page. !21709 +- Added migration which adds service desk username column. !21733 +- Add SentryIssue table to store a link between issue and sentry issue. !37026 +- Add path based targeting to broadcast messages. + +### Other (51 changes, 28 of them are from the community) + +- Remove done callbacks from vue_shared/components/markdown. !16842 (Lee Tickett) +- Update timeago to the latest release. !19407 +- Improve job tokens and provide access helper. !19793 +- Add post deployment migration to complete pages metadata migration. !19928 +- Resolve Document - Make using GitLab auth with Vault easy. !19980 +- Remove IIFEs from gl_dropdown.js. !19983 (nuwe1) +- Improve sparkline chart in MR widget deployment. !20085 +- Updated jekyll project_template. !20090 (Marc Schwede) +- Updated hexo project_template. !20105 (Marc Schwede) +- Updated hugo project_template. !20109 (Marc Schwede) +- Resolve environment rollback was not friendly. !20121 +- Removed all references of BoardService. !20144 (nuwe1) +- Removes references of BoardService in list file. !20145 (nuwe1) +- replace var gl_dropdown.js. !20166 (nuwe1) +- delete board_service.js. !20168 (nuwe1) +- Improve create confidential MR dropdown styling. !20176 (Lee Tickett) +- Remove milestone_id from epics. !20187 (Lee Tickett) +- Remove build badge path from route. !20188 (Lee Tickett) +- Add worker attributes to Sidekiq metrics. !20292 +- Update GitLab Runner Helm Chart to 0.11.0. !20461 +- add missing test for add_index rubocop rule. !20464 (Eric Thomas) +- Suppress progress on pulling image on Code Quality of Auto DevOps. !20604 (Takuya Noguchi) +- Increase margin between project stats. !20606 +- Remove extra spacing below sidebar time tracking info. !20657 (Lee Tickett) +- Add e2e qa test for email delivery. !20675 (Diego Louzán) +- Collect project import failures instead of failing fast. !20727 +- Removed unused methods in monitoring dashboard. !20819 +- removes references of BoardService. !20872 (nuwe1) +- removes references of BoardService. !20874 (nuwe1) +- removes references of BoardService. !20875 (nuwe1) +- removes references of BoardService. !20876 (nuwe1) +- removes references of BoardService. !20877 (nuwe1) +- removes references of BoardService. !20879 (nuwe1) +- removes references of BoardService. !20880 (nuwe1) +- removes references of BoardService. !20881 (nuwe1) +- Remove whitespaces between tree-controls elements. !20952 +- Add Project Export request/download rate limits. !20962 +- Remove feature flag for limiting diverging commit counts. !20999 +- Changed 'Add approvers' to 'Approval rules'. !21079 +- Resolve Add missing popover and remove none in MR widget. !21095 +- Change Puma log format to JSON. !21101 +- Update GitLab Shell to v10.3.0. !21151 +- Improve diff expansion text. !21616 +- Remove var from app/assets/javascripts/commit/image_file.js. !21649 (Abubakar Hassan) +- Rename User#full_private_access? to User#can_read_all_resources?. !21668 (Diego Louzán) +- Replace CI_COMMIT_REF with CI_COMMIT_SHA on CI docs. !21781 (Takuya Noguchi) +- Add reportSnippet permission to Snippet GraphQL. !21836 +- Harmonize capitalization on cluster UI. !21878 (Evan Read) +- Add mark as spam snippet mutation. !21912 +- Update Workhorse to v8.18.0. !22091 +- Replace Font Awesome bullhorn icon with GitLab bullhorn icon. + + +## 12.5.5 + +### Security (1 change) + +- Upgrade Akismet gem to v3.0.0. !21786 + +### Fixed (2 changes) + +- Fix error in updating runner session. !20902 +- Fix Asana integration. !21501 + + +## 12.5.4 + +### Security (1 change) + +- Update maven_file_name_regex for full string match. + ## 12.5.3 @@ -20,13 +435,6 @@ entry. - Flatten exception details in API and controller logs. !20434 -## 12.5.2 - -### Security (1 change) - -- Fix 500 error caused by invalid byte sequences in links. - - ## 12.5.1 ### Security (11 changes) @@ -395,6 +803,18 @@ entry. - Change selects from default browser style to custom style. +## 12.4.5 + +- No changes. + +## 12.4.3 + +### Fixed (2 changes) + +- Only enable protected paths for POST requests. !19184 +- Fix Bitbucket Cloud importer pull request state. !19734 + + ## 12.4.2 ### Fixed (10 changes) @@ -755,6 +1175,31 @@ entry. - Remove Postgresql specific setup tasks and move to schema.rb. +## 12.3.9 + +### Security (1 change) + +- Update maven_file_name_regex for full string match. + + +## 12.3.7 + +### Security (12 changes) + +- Do not create todos for approvers without access. !1442 +- Limit potential for DNS rebind SSRF in chat notifications. +- Encrypt application setting tokens. +- Update Workhorse and Gitaly to fix a security issue. +- Add maven file_name regex validation on incoming files. +- Hide commit counts from guest users in Cycle Analytics. +- Check permissions before showing a forked project's source. +- Fix 500 error caused by invalid byte sequences in links. +- Ensure are cleaned by ImportExport::AttributeCleaner. +- Remove notes regarding Related Branches from Issue activity feeds for guest users. +- Escape namespace in label references to prevent XSS. +- Add authorization to using filter vulnerable in Dependency List. + + ## 12.3.4 ### Fixed (2 changes) @@ -1060,6 +1505,10 @@ entry. - Updates tooltip of 'detached' label/state. +## 12.2.11 + +- No changes. + ## 12.2.8 ### Security (1 change) @@ -1774,6 +2223,15 @@ entry. - Removes EE differences for app/views/admin/users/show.html.haml. +## 12.0.12 + +- No changes. + +## 12.0.10 + +- No changes. +- No changes. + ## 12.0.7 ### Security (22 changes) diff --git a/Dangerfile b/Dangerfile index b65a907407..7879c14b31 100644 --- a/Dangerfile +++ b/Dangerfile @@ -5,6 +5,7 @@ require_relative 'lib/gitlab/danger/request_helper' danger.import_plugin('danger/plugins/helper.rb') danger.import_plugin('danger/plugins/roulette.rb') +danger.import_plugin('danger/plugins/changelog.rb') unless helper.release_automation? GitlabDanger.new(helper.gitlab_helper).rule_names.each do |file| diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 22d6771a47..93952905b6 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -1.72.1 +a4b6c71d4b7c1588587345e2dfe0c6bd7cc63a83 diff --git a/GITLAB_SHELL_VERSION b/GITLAB_SHELL_VERSION index 2bd6f7e392..0719d81025 100644 --- a/GITLAB_SHELL_VERSION +++ b/GITLAB_SHELL_VERSION @@ -1 +1 @@ -10.2.0 +10.3.0 diff --git a/GITLAB_WORKHORSE_VERSION b/GITLAB_WORKHORSE_VERSION index 6092827e64..38b5f0deae 100644 --- a/GITLAB_WORKHORSE_VERSION +++ b/GITLAB_WORKHORSE_VERSION @@ -1 +1 @@ -8.14.1 +8.18.0 diff --git a/Gemfile b/Gemfile index d27bc27608..b6f57297c0 100644 --- a/Gemfile +++ b/Gemfile @@ -22,6 +22,7 @@ gem 'rugged', '~> 0.28' gem 'grape-path-helpers', '~> 1.1' gem 'faraday', '~> 0.12' +gem 'marginalia', '~> 1.8.0' # Authentication libraries gem 'devise', '~> 4.6' @@ -53,7 +54,7 @@ gem 'gssapi', group: :kerberos # Spam and anti-bot protection gem 'recaptcha', '~> 4.11', require: 'recaptcha/rails' -gem 'akismet', '~> 2.0' +gem 'akismet', '~> 3.0' gem 'invisible_captcha', '~> 0.12.1' # Two-factor authentication @@ -101,7 +102,7 @@ gem 'hashie-forbidden_attributes' gem 'kaminari', '~> 1.0' # HAML -gem 'hamlit', '~> 2.8.8' +gem 'hamlit', '~> 2.11.0' # Files attachments gem 'carrierwave', '~> 1.3' @@ -135,11 +136,11 @@ gem 'aws-sdk' gem 'faraday_middleware-aws-signers-v4' # Markdown and HTML processing -gem 'html-pipeline', '~> 2.8' +gem 'html-pipeline', '~> 2.12' gem 'deckar01-task_list', '2.2.1' gem 'gitlab-markup', '~> 1.7.0' gem 'github-markup', '~> 1.7.0', require: 'github/markup' -gem 'commonmarker', '~> 0.17' +gem 'commonmarker', '~> 0.20' gem 'RedCloth', '~> 4.3.2' gem 'rdoc', '~> 6.0' gem 'org-ruby', '~> 0.9.12' @@ -170,8 +171,8 @@ group :unicorn do end group :puma do - gem 'puma', '~> 3.12', require: false - gem 'puma_worker_killer', require: false + gem 'gitlab-puma', '~> 4.3.1.gitlab.2', require: false + gem 'gitlab-puma_worker_killer', '~> 0.1.1.gitlab.1', require: false gem 'rack-timeout', require: false end @@ -242,7 +243,7 @@ gem 'slack-notifier', '~> 1.5.1' gem 'hangouts-chat', '~> 0.0.5' # Asana integration -gem 'asana', '~> 0.8.1' +gem 'asana', '~> 0.9' # FogBugz integration gem 'ruby-fogbugz', '~> 0.2.1' @@ -273,8 +274,8 @@ gem 'mimemagic', '~> 0.3.2' gem 'fast_blank' # Parse time & duration -gem 'chronic', '~> 0.10.2' -gem 'gitlab_chronic_duration', '~> 0.10.6.1' +gem 'gitlab-chronic', '~> 0.10.5' +gem 'gitlab_chronic_duration', '~> 0.10.6.2' gem 'webpack-rails', '~> 0.9.10' gem 'rack-proxy', '~> 0.6.0' @@ -312,8 +313,7 @@ gem 'gettext', '~> 3.2.2', require: false, group: :development gem 'batch-loader', '~> 1.4.0' # Perf bar -# https://gitlab.com/gitlab-org/gitlab/issues/13996 -gem 'gitlab-peek', '~> 0.0.1', require: 'peek' +gem 'peek', '~> 1.1' # Snowplow events tracking gem 'snowplow-tracker', '~> 0.6.1' @@ -347,20 +347,15 @@ group :development do end group :development, :test do - gem 'bullet', '~> 5.5.0', require: !!ENV['ENABLE_BULLET'] + gem 'bullet', '~> 6.0.2', require: !!ENV['ENABLE_BULLET'] gem 'pry-byebug', '~> 3.5.1', platform: :mri gem 'pry-rails', '~> 0.3.4' gem 'awesome_print', require: false - gem 'fuubar', '~> 2.2.0' gem 'database_cleaner', '~> 1.7.0' gem 'factory_bot_rails', '~> 5.1.0' - gem 'rspec-rails', '~> 3.8.0' - gem 'rspec-retry', '~> 0.6.1' - gem 'rspec_profiling', '~> 0.0.5' - gem 'rspec-set', '~> 0.1.3' - gem 'rspec-parameterized', require: false + gem 'rspec-rails', '~> 4.0.0.beta3' # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826) gem 'minitest', '~> 5.11.0' @@ -368,10 +363,6 @@ group :development, :test do # Generate Fake data gem 'ffaker', '~> 2.10' - gem 'capybara', '~> 3.22.0' - gem 'capybara-screenshot', '~> 1.0.22' - gem 'selenium-webdriver', '~> 3.141' - gem 'spring', '~> 2.0.0' gem 'spring-commands-rspec', '~> 1.0.4' @@ -382,7 +373,7 @@ group :development, :test do gem 'rubocop-rspec', '~> 1.22.1' gem 'scss_lint', '~> 0.56.0', require: false - gem 'haml_lint', '~> 0.31.0', require: false + gem 'haml_lint', '~> 0.34.0', require: false gem 'simplecov', '~> 0.16.1', require: false gem 'bundler-audit', '~> 0.5.0', require: false @@ -390,7 +381,7 @@ group :development, :test do gem 'knapsack', '~> 1.17' - gem 'stackprof', '~> 0.2.10', require: false + gem 'stackprof', '~> 0.2.13', require: false gem 'simple_po_parser', '~> 1.1.2', require: false @@ -403,6 +394,16 @@ group :development, :test, :omnibus do end group :test do + gem 'fuubar', '~> 2.2.0' + gem 'rspec-retry', '~> 0.6.1' + gem 'rspec_profiling', '~> 0.0.5' + gem 'rspec-set', '~> 0.1.3' + gem 'rspec-parameterized', require: false + + gem 'capybara', '~> 3.22.0' + gem 'capybara-screenshot', '~> 1.0.22' + gem 'selenium-webdriver', '~> 3.142' + gem 'shoulda-matchers', '~> 4.0.1', require: false gem 'email_spec', '~> 2.2.0' gem 'json-schema', '~> 2.8.0' @@ -416,7 +417,7 @@ end gem 'octokit', '~> 4.9' -gem 'mail_room', '~> 0.9.1' +gem 'mail_room', '~> 0.10.0' gem 'email_reply_trimmer', '~> 0.1' gem 'html2text' @@ -451,7 +452,7 @@ group :ed25519 do end # Gitaly GRPC protocol definitions -gem 'gitaly', '~> 1.70.0' +gem 'gitaly', '~> 1.73.0' gem 'grpc', '~> 1.24.0' diff --git a/Gemfile.lock b/Gemfile.lock index 15465cd6b0..0e32270586 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -58,16 +58,16 @@ GEM addressable (2.5.2) public_suffix (>= 2.0.2, < 4.0) aes_key_wrap (1.0.1) - akismet (2.0.0) + akismet (3.0.0) apollo_upload_server (2.0.0.beta.3) graphql (>= 1.8) rails (>= 4.2) arel (9.0.0) - asana (0.8.1) + asana (0.9.3) faraday (~> 0.9) faraday_middleware (~> 0.9) faraday_middleware-multi_json (~> 0.0) - oauth2 (~> 1.0) + oauth2 (~> 1.4) asciidoctor (2.0.10) asciidoctor-include-ext (0.3.1) asciidoctor (>= 1.5.6, < 3.0.0) @@ -118,9 +118,9 @@ GEM brakeman (4.2.1) browser (2.5.3) builder (3.2.3) - bullet (5.5.1) + bullet (6.0.2) activesupport (>= 3.0.0) - uniform_notifier (~> 1.10.0) + uniform_notifier (~> 1.11) bundler-audit (0.5.0) bundler (~> 1.2) thor (~> 0.18) @@ -143,9 +143,7 @@ GEM cause (0.1) character_set (1.1.2) charlock_holmes (0.7.6) - childprocess (0.9.0) - ffi (~> 1.0, >= 1.0.11) - chronic (0.10.2) + childprocess (3.0.0) chunky_png (1.3.5) citrus (3.0.2) claide (1.0.3) @@ -157,7 +155,7 @@ GEM coercible (1.0.0) descendants_tracker (~> 0.0.1) colored2 (3.1.2) - commonmarker (0.17.13) + commonmarker (0.20.1) ruby-enum (~> 0.5) concord (0.1.5) adamantium (~> 0.2.0) @@ -287,7 +285,7 @@ GEM fast_blank (1.0.0) fast_gettext (1.6.0) ffaker (2.10.0) - ffi (1.11.1) + ffi (1.11.3) flipper (0.17.1) flipper-active_record (0.17.1) activerecord (>= 4.2, < 7) @@ -359,9 +357,11 @@ GEM po_to_json (>= 1.0.0) rails (>= 3.2.0) git (1.5.0) - gitaly (1.70.0) + gitaly (1.73.0) grpc (~> 1.0) github-markup (1.7.0) + gitlab-chronic (0.10.5) + numerizer (~> 0.2) gitlab-labkit (0.7.0) actionpack (>= 5.0.0, < 6.1.0) activesupport (>= 5.0.0, < 6.1.0) @@ -372,8 +372,11 @@ GEM gitlab-license (1.0.0) gitlab-markup (1.7.0) gitlab-net-dns (0.9.1) - gitlab-peek (0.0.1) - railties (>= 4.0.0) + gitlab-puma (4.3.1.gitlab.2) + nio4r (~> 2.0) + gitlab-puma_worker_killer (0.1.1.gitlab.1) + get_process_mem (~> 0.2) + gitlab-puma (>= 2.7, < 5) gitlab-sidekiq-fetcher (0.5.2) sidekiq (~> 5) gitlab-styles (2.8.0) @@ -381,8 +384,8 @@ GEM rubocop-gitlab-security (~> 0.1.0) rubocop-performance (~> 1.1.0) rubocop-rspec (~> 1.19) - gitlab_chronic_duration (0.10.6.1) - numerizer (~> 0.1.1) + gitlab_chronic_duration (0.10.6.2) + numerizer (~> 0.2) gitlab_omniauth-ldap (2.1.1) net-ldap (~> 0.16) omniauth (~> 1.3) @@ -460,17 +463,16 @@ GEM guard (~> 2.1) guard-compat (~> 1.1) rspec (>= 2.99.0, < 4.0) - haml (5.0.4) + haml (5.1.2) temple (>= 0.8.0) tilt - haml_lint (0.31.0) - haml (>= 4.0, < 5.1) + haml_lint (0.34.0) + haml (>= 4.0, < 5.2) rainbow - rake (>= 10, < 13) rubocop (>= 0.50.0) sysexits (~> 1.1) - hamlit (2.8.8) - temple (>= 0.8.0) + hamlit (2.11.0) + temple (>= 0.8.2) thor tilt hangouts-chat (0.0.5) @@ -484,7 +486,7 @@ GEM hipchat (1.5.2) httparty mimemagic - html-pipeline (2.8.4) + html-pipeline (2.12.2) activesupport (>= 2) nokogiri (>= 1.4) html2text (0.2.0) @@ -591,9 +593,12 @@ GEM lumberjack (1.0.13) mail (2.7.1) mini_mime (>= 0.1.1) - mail_room (0.9.1) + mail_room (0.10.0) marcel (0.3.3) mimemagic (~> 0.3.2) + marginalia (1.8.0) + actionpack (>= 2.3) + activerecord (>= 2.3) memoist (0.16.0) memoizable (0.4.2) thread_safe (~> 0.3, >= 0.3.1) @@ -622,7 +627,7 @@ GEM net-ntp (2.1.3) net-ssh (5.2.0) netrc (0.11.0) - nio4r (2.3.1) + nio4r (2.5.2) no_proxy_fix (0.1.2) nokogiri (1.10.5) mini_portile2 (~> 2.4.0) @@ -631,7 +636,7 @@ GEM notiffany (0.1.3) nenv (~> 0.1) shellany (~> 0.0) - numerizer (0.1.1) + numerizer (0.2.0) oauth (0.5.4) oauth2 (1.4.1) faraday (>= 0.8, < 0.16.0) @@ -724,6 +729,8 @@ GEM parser (2.6.3.0) ast (~> 2.4.0) parslet (1.8.2) + peek (1.1.0) + railties (>= 4.0.0) pg (1.1.4) po_to_json (1.0.1) json (>= 1.6.0) @@ -749,10 +756,6 @@ GEM pry-rails (0.3.6) pry (>= 0.10.4) public_suffix (3.1.1) - puma (3.12.0) - puma_worker_killer (0.1.0) - get_process_mem (~> 0.2) - puma (>= 2.7, < 4) pyu-ruby-sasl (0.0.3.3) raabro (1.1.6) rack (2.0.7) @@ -881,14 +884,14 @@ GEM proc_to_ast rspec (>= 2.13, < 4) unparser - rspec-rails (3.8.2) - actionpack (>= 3.0) - activesupport (>= 3.0) - railties (>= 3.0) - rspec-core (~> 3.8.0) - rspec-expectations (~> 3.8.0) - rspec-mocks (~> 3.8.0) - rspec-support (~> 3.8.0) + rspec-rails (4.0.0.beta3) + actionpack (>= 4.2) + activesupport (>= 4.2) + railties (>= 4.2) + rspec-core (~> 3.8) + rspec-expectations (~> 3.8) + rspec-mocks (~> 3.8) + rspec-support (~> 3.8) rspec-retry (0.6.1) rspec-core (> 3.3) rspec-set (0.1.3) @@ -927,7 +930,7 @@ GEM rubyntlm (0.6.2) rubypants (0.2.0) rubyzip (1.3.0) - rugged (0.28.3.1) + rugged (0.28.4.1) safe_yaml (1.0.4) sanitize (4.6.6) crass (~> 1.0.2) @@ -956,9 +959,9 @@ GEM seed-fu (2.3.7) activerecord (>= 3.1) activesupport (>= 3.1) - selenium-webdriver (3.141.0) - childprocess (~> 0.5) - rubyzip (~> 1.2, >= 1.2.2) + selenium-webdriver (3.142.6) + childprocess (>= 0.5, < 4.0) + rubyzip (>= 1.2.2) sentry-raven (2.9.0) faraday (>= 0.7.6, < 1.0) settingslogic (2.0.9) @@ -1002,7 +1005,7 @@ GEM sprockets (>= 3.0.0) sqlite3 (1.3.13) sshkey (2.0.0) - stackprof (0.2.10) + stackprof (0.2.13) state_machines (0.5.0) state_machines-activemodel (0.7.1) activemodel (>= 4.1) @@ -1017,7 +1020,7 @@ GEM sys-filesystem (1.1.6) ffi sysexits (1.2.0) - temple (0.8.1) + temple (0.8.2) terminal-table (1.8.0) unicode-display_width (~> 1.1, >= 1.1.1) test-prof (0.10.0) @@ -1026,10 +1029,10 @@ GEM daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) - thor (0.19.4) + thor (0.20.3) thread_safe (0.3.6) thrift (0.11.0.0) - tilt (2.0.9) + tilt (2.0.10) timecop (0.8.1) timfel-krb5-auth (0.8.3) toml (0.2.0) @@ -1057,7 +1060,7 @@ GEM unicorn-worker-killer (0.4.4) get_process_mem (~> 0) unicorn (>= 4, < 6) - uniform_notifier (1.10.0) + uniform_notifier (1.13.0) unleash (0.1.5) murmurhash3 (~> 0.1.6) unparser (0.4.5) @@ -1117,9 +1120,9 @@ DEPENDENCIES activerecord-explain-analyze (~> 0.1) acts-as-taggable-on (~> 6.0) addressable (~> 2.5.2) - akismet (~> 2.0) + akismet (~> 3.0) apollo_upload_server (~> 2.0.0.beta3) - asana (~> 0.8.1) + asana (~> 0.9) asciidoctor (~> 2.0.10) asciidoctor-include-ext (~> 0.3.1) asciidoctor-plantuml (= 0.0.9) @@ -1139,14 +1142,13 @@ DEPENDENCIES bootstrap_form (~> 4.2.0) brakeman (~> 4.2) browser (~> 2.5) - bullet (~> 5.5.0) + bullet (~> 6.0.2) bundler-audit (~> 0.5.0) capybara (~> 3.22.0) capybara-screenshot (~> 1.0.22) carrierwave (~> 1.3) charlock_holmes (~> 0.7.5) - chronic (~> 0.10.2) - commonmarker (~> 0.17) + commonmarker (~> 0.20) concurrent-ruby (~> 1.1) connection_pool (~> 2.0) countries (~> 3.0) @@ -1194,16 +1196,18 @@ DEPENDENCIES gettext (~> 3.2.2) gettext_i18n_rails (~> 1.8.0) gettext_i18n_rails_js (~> 1.3) - gitaly (~> 1.70.0) + gitaly (~> 1.73.0) github-markup (~> 1.7.0) + gitlab-chronic (~> 0.10.5) gitlab-labkit (~> 0.5) gitlab-license (~> 1.0) gitlab-markup (~> 1.7.0) gitlab-net-dns (~> 0.9.1) - gitlab-peek (~> 0.0.1) + gitlab-puma (~> 4.3.1.gitlab.2) + gitlab-puma_worker_killer (~> 0.1.1.gitlab.1) gitlab-sidekiq-fetcher (= 0.5.2) gitlab-styles (~> 2.7) - gitlab_chronic_duration (~> 0.10.6.1) + gitlab_chronic_duration (~> 0.10.6.2) gitlab_omniauth-ldap (~> 2.1.1) gon (~> 6.2) google-api-client (~> 0.23) @@ -1219,13 +1223,13 @@ DEPENDENCIES grpc (~> 1.24.0) gssapi guard-rspec - haml_lint (~> 0.31.0) - hamlit (~> 2.8.8) + haml_lint (~> 0.34.0) + hamlit (~> 2.11.0) hangouts-chat (~> 0.0.5) hashie-forbidden_attributes health_check (~> 2.6.0) hipchat (~> 1.5.0) - html-pipeline (~> 2.8) + html-pipeline (~> 2.12) html2text httparty (~> 0.16.4) icalendar @@ -1243,7 +1247,8 @@ DEPENDENCIES licensee (~> 8.9) lograge (~> 0.5) loofah (~> 2.2) - mail_room (~> 0.9.1) + mail_room (~> 0.10.0) + marginalia (~> 1.8.0) memory_profiler (~> 0.9) method_source (~> 0.8) mimemagic (~> 0.3.2) @@ -1275,13 +1280,12 @@ DEPENDENCIES omniauth_crowd (~> 2.2.0) omniauth_openid_connect (~> 0.3.3) org-ruby (~> 0.9.12) + peek (~> 1.1) pg (~> 1.1) premailer-rails (~> 1.10.3) prometheus-client-mmap (~> 0.9.10) pry-byebug (~> 3.5.1) pry-rails (~> 0.3.4) - puma (~> 3.12) - puma_worker_killer rack (~> 2.0.7) rack-attack (~> 6.2.0) rack-cors (~> 1.0.0) @@ -1307,7 +1311,7 @@ DEPENDENCIES rouge (~> 3.11.0) rqrcode-rails3 (~> 0.1.7) rspec-parameterized - rspec-rails (~> 3.8.0) + rspec-rails (~> 4.0.0.beta3) rspec-retry (~> 0.6.1) rspec-set (~> 0.1.3) rspec_junit_formatter @@ -1325,7 +1329,7 @@ DEPENDENCIES sassc-rails (~> 2.1.0) scss_lint (~> 0.56.0) seed-fu (~> 2.3.7) - selenium-webdriver (~> 3.141) + selenium-webdriver (~> 3.142) sentry-raven (~> 2.9) settingslogic (~> 2.0.9) shoulda-matchers (~> 4.0.1) @@ -1339,7 +1343,7 @@ DEPENDENCIES spring-commands-rspec (~> 1.0.4) sprockets (~> 3.7.0) sshkey (~> 2.0) - stackprof (~> 0.2.10) + stackprof (~> 0.2.13) state_machines-activerecord (~> 0.6.0) sys-filesystem (~> 1.1.6) test-prof (~> 0.10.0) diff --git a/VERSION b/VERSION index b6125ec500..1b62f91726 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -12.5.4 +12.6.1 diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js index aee9990bc0..071ae8ca8c 100644 --- a/app/assets/javascripts/api.js +++ b/app/assets/javascripts/api.js @@ -5,6 +5,8 @@ import { joinPaths } from './lib/utils/url_utility'; import flash from '~/flash'; import { __ } from '~/locale'; +const DEFAULT_PER_PAGE = 20; + const Api = { groupsPath: '/api/:version/groups.json', groupPath: '/api/:version/groups/:id', @@ -41,7 +43,7 @@ const Api = { releasesPath: '/api/:version/projects/:id/releases', releasePath: '/api/:version/projects/:id/releases/:tag_name', mergeRequestsPipeline: '/api/:version/projects/:id/merge_requests/:merge_request_iid/pipelines', - adminStatisticsPath: 'api/:version/application/statistics', + adminStatisticsPath: '/api/:version/application/statistics', group(groupId, callback) { const url = Api.buildUrl(Api.groupPath).replace(':id', groupId); @@ -66,7 +68,7 @@ const Api = { params: Object.assign( { search: query, - per_page: 20, + per_page: DEFAULT_PER_PAGE, }, options, ), @@ -90,7 +92,7 @@ const Api = { .get(url, { params: { search: query, - per_page: 20, + per_page: DEFAULT_PER_PAGE, }, }) .then(({ data }) => callback(data)); @@ -101,7 +103,7 @@ const Api = { const url = Api.buildUrl(Api.projectsPath); const defaults = { search: query, - per_page: 20, + per_page: DEFAULT_PER_PAGE, simple: true, }; @@ -126,7 +128,7 @@ const Api = { .get(url, { params: { search: query, - per_page: 20, + per_page: DEFAULT_PER_PAGE, ...options, }, }) @@ -235,7 +237,7 @@ const Api = { const url = Api.buildUrl(Api.groupProjectsPath).replace(':id', groupId); const defaults = { search: query, - per_page: 20, + per_page: DEFAULT_PER_PAGE, }; return axios .get(url, { @@ -325,7 +327,7 @@ const Api = { params: Object.assign( { search: query, - per_page: 20, + per_page: DEFAULT_PER_PAGE, }, options, ), @@ -355,7 +357,7 @@ const Api = { const url = Api.buildUrl(Api.userProjectsPath).replace(':id', userId); const defaults = { search: query, - per_page: 20, + per_page: DEFAULT_PER_PAGE, }; return axios .get(url, { @@ -371,7 +373,7 @@ const Api = { return axios.get(url, { params: { search: query, - per_page: 20, + per_page: DEFAULT_PER_PAGE, ...options, }, }); @@ -403,10 +405,15 @@ const Api = { return axios.post(url); }, - releases(id) { + releases(id, options = {}) { const url = Api.buildUrl(this.releasesPath).replace(':id', encodeURIComponent(id)); - return axios.get(url); + return axios.get(url, { + params: { + per_page: DEFAULT_PER_PAGE, + ...options, + }, + }); }, release(projectPath, tagName) { diff --git a/app/assets/javascripts/autosave.js b/app/assets/javascripts/autosave.js index 7652b67ae1..07d79ea1c7 100644 --- a/app/assets/javascripts/autosave.js +++ b/app/assets/javascripts/autosave.js @@ -1,9 +1,9 @@ -/* eslint-disable no-param-reassign, no-void, consistent-return */ +/* eslint-disable no-param-reassign, consistent-return */ import AccessorUtilities from './lib/utils/accessor'; export default class Autosave { - constructor(field, key) { + constructor(field, key, fallbackKey) { this.field = field; this.isLocalStorageAvailable = AccessorUtilities.isLocalStorageAccessSafe(); @@ -11,6 +11,7 @@ export default class Autosave { key = key.join('/'); } this.key = `autosave/${key}`; + this.fallbackKey = fallbackKey; this.field.data('autosave', this); this.restore(); this.field.on('input', () => this.save()); @@ -21,9 +22,12 @@ export default class Autosave { if (!this.field.length) return; const text = window.localStorage.getItem(this.key); + const fallbackText = window.localStorage.getItem(this.fallbackKey); - if ((text != null ? text.length : void 0) > 0) { + if (text) { this.field.val(text); + } else if (fallbackText) { + this.field.val(fallbackText); } this.field.trigger('input'); @@ -41,7 +45,10 @@ export default class Autosave { const text = this.field.val(); - if (this.isLocalStorageAvailable && (text != null ? text.length : void 0) > 0) { + if (this.isLocalStorageAvailable && text) { + if (this.fallbackKey) { + window.localStorage.setItem(this.fallbackKey, text); + } return window.localStorage.setItem(this.key, text); } @@ -51,6 +58,7 @@ export default class Autosave { reset() { if (!this.isLocalStorageAvailable) return; + window.localStorage.removeItem(this.fallbackKey); return window.localStorage.removeItem(this.key); } diff --git a/app/assets/javascripts/badges/components/badge.vue b/app/assets/javascripts/badges/components/badge.vue index eb720f5380..00c0334db7 100644 --- a/app/assets/javascripts/badges/components/badge.vue +++ b/app/assets/javascripts/badges/components/badge.vue @@ -1,6 +1,6 @@ + + diff --git a/app/assets/javascripts/boards/components/issue_due_date.vue b/app/assets/javascripts/boards/components/issue_due_date.vue index 3bc7f13a9e..a32ebdab5e 100644 --- a/app/assets/javascripts/boards/components/issue_due_date.vue +++ b/app/assets/javascripts/boards/components/issue_due_date.vue @@ -35,10 +35,10 @@ export default { title() { const timeago = getTimeago(); const { timeDifference, standardDateFormat } = this; - const formatedDate = standardDateFormat; + const formattedDate = standardDateFormat; if (timeDifference >= -1 && timeDifference < 7) { - return `${timeago.format(this.issueDueDate)} (${formatedDate})`; + return `${timeago.format(this.issueDueDate)} (${formattedDate})`; } return timeago.format(this.issueDueDate); diff --git a/app/assets/javascripts/boards/components/modal/index.vue b/app/assets/javascripts/boards/components/modal/index.vue index 618c2ada1f..20344b6614 100644 --- a/app/assets/javascripts/boards/components/modal/index.vue +++ b/app/assets/javascripts/boards/components/modal/index.vue @@ -1,5 +1,6 @@ + + diff --git a/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue b/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue index 125bcaacc1..e33431d2ea 100644 --- a/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue +++ b/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue @@ -1,7 +1,7 @@