Refresh patches

This commit is contained in:
Pirate Praveen 2022-11-26 12:48:29 +05:30
parent 344ab67f83
commit b0e603a14e
No known key found for this signature in database
GPG key ID: 8F53E0193B294B75
18 changed files with 152 additions and 243 deletions

View file

@ -3,16 +3,19 @@ gitlab Gemfile
--- a/Gemfile
+++ b/Gemfile
@@ -4,63 +4,63 @@
gem 'bundler-checksum', '~> 0.1.0', path: 'vendor/gems/bundler-checksum', require: false
@@ -13,9 +13,9 @@
# NOTE: When incrementing the major or minor version here, also increment activerecord_version
# in vendor/gems/attr_encrypted/attr_encrypted.gemspec until we resolve
# https://gitlab.com/gitlab-org/gitlab/-/issues/375713
-gem 'rails', '~> 6.1.6.1'
+gem 'rails', '~> 6.1.6', '>= 6.1.6.1'
-gem 'bootsnap', '~> 1.13.0', require: false
+gem 'bootsnap', '~> 1.13', require: false
# Pin openssl to match the version bundled with our supported Rubies.
# See https://stdgems.org/openssl/#gem-version.
@@ -29,55 +29,55 @@
# Responders respond_to and respond_with
gem 'responders', '~> 3.0'
@ -27,16 +30,16 @@ gitlab Gemfile
+gem 'default_value_for', '~> 3.4'
# Supported DBs
-gem 'pg', '~> 1.4.0'
+gem 'pg', '~> 1.4'
-gem 'pg', '~> 1.4.3'
+gem 'pg', '~> 1.4', '>= 1.4.3'
gem 'rugged', '~> 1.2'
-gem 'grape-path-helpers', '~> 1.7.1'
+gem 'grape-path-helpers', '~> 1.7', '>= 1.7.1'
gem 'faraday', '~> 1.0'
-gem 'marginalia', '~> 1.10.0'
+gem 'marginalia', '~> 1.10'
-gem 'marginalia', '~> 1.11.1'
+gem 'marginalia', '~> 1.11', '>= 1.11.1'
# Authorization
-gem 'declarative_policy', '~> 1.1.0'
@ -51,46 +54,46 @@ gitlab Gemfile
-gem 'doorkeeper-openid_connect', '~> 1.7.5'
-gem 'rexml', '~> 3.2.5'
-gem 'ruby-saml', '~> 1.13.0'
-gem 'omniauth', '~> 2.1.0'
-gem 'omniauth-auth0', '~> 2.0.0'
+gem 'doorkeeper', '~> 5.5'
+gem 'doorkeeper-openid_connect', '~> 1.7','>= 1.7.5'
+gem 'rexml', '~> 3.2','>= 3.2.5'
+gem 'ruby-saml', '~> 1.13'
gem 'omniauth-rails_csrf_protection'
-gem 'omniauth', '~> 2.1.0'
-gem 'omniauth-auth0', '~> 2.0.0'
+gem 'omniauth', '~> 2.1'
+gem 'omniauth-auth0', '~> 2.0'
gem 'omniauth-azure-activedirectory-v2', '~> 1.0'
gem 'omniauth-azure-activedirectory-v2', '~> 2.0'
gem 'omniauth-azure-oauth2', '~> 0.0.9', path: 'vendor/gems/omniauth-azure-oauth2' # See gem README.md
gem 'omniauth-cas3', '~> 1.1.4', path: 'vendor/gems/omniauth-cas3' # See vendor/gems/omniauth-cas3/README.md
gem 'omniauth-dingtalk-oauth2', '~> 1.0'
-gem 'omniauth-alicloud', '~> 1.0.1'
-gem 'omniauth-alicloud', '~> 2.0.0'
-gem 'omniauth-facebook', '~> 4.0.0'
-gem 'omniauth-github', '2.0.0'
+gem 'omniauth-alicloud', '~> 1.0', '>= 1.0.1'
-gem 'omniauth-github', '2.0.1'
+gem 'omniauth-alicloud', '~> 2.0'
+gem 'omniauth-facebook', '~> 4.0'
+gem 'omniauth-github', '~> 2.0'
+gem 'omniauth-github', '~> 2.0', '>= 2.0.1'
gem 'omniauth-gitlab', '~> 4.0.0', path: 'vendor/gems/omniauth-gitlab' # See vendor/gems/omniauth-gitlab/README.md
gem 'omniauth-google-oauth2', '~> 1.0.1', path: 'vendor/gems/omniauth-google-oauth2' # See gem README.md
gem 'omniauth-google-oauth2', '~> 1.1'
gem 'omniauth-oauth2-generic', '~> 0.2.2'
-gem 'omniauth-saml', '~> 2.0.0'
-gem 'omniauth-shibboleth', '~> 1.3.0'
+gem 'omniauth-saml', '~> 2.0'
+gem 'omniauth-shibboleth', '~> 1.3'
gem 'omniauth-twitter', '~> 1.4'
gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md
-gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md
+gem 'omniauth_crowd', '~> 2.4', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md
gem 'omniauth-authentiq', '~> 0.3.3'
gem 'gitlab-omniauth-openid-connect', '~> 0.10.0', require: 'omniauth_openid_connect'
gem 'omniauth-salesforce', '~> 1.0.5', path: 'vendor/gems/omniauth-salesforce' # See gem README.md
gem 'omniauth-atlassian-oauth2', '~> 0.2.0'
-gem 'rack-oauth2', '~> 1.21.2'
-gem 'rack-oauth2', '~> 1.21.3'
-gem 'jwt', '~> 2.1.0'
+gem 'rack-oauth2', '~> 1.21', '>= 1.21.2'
+gem 'rack-oauth2', '~> 1.21', '>= 1.21.3'
+gem 'jwt', '~> 2.1'
# Kerberos authentication. EE-only
gem 'gssapi', group: :kerberos
@@ -69,17 +69,17 @@
@@ -86,17 +86,17 @@
# Spam and anti-bot protection
gem 'recaptcha', '~> 4.11', require: 'recaptcha/rails'
gem 'akismet', '~> 3.0'
@ -101,8 +104,7 @@ gitlab Gemfile
-gem 'devise-two-factor', '~> 4.0.2'
+gem 'devise-two-factor', '~> 4.0', '>= 4.0.2'
gem 'rqrcode-rails3', '~> 0.1.7'
-gem 'attr_encrypted', '~> 3.1.0'
+gem 'attr_encrypted', '~> 3.1'
gem 'attr_encrypted', '~> 3.2.4', path: 'vendor/gems/attr_encrypted'
gem 'u2f', '~> 0.2.1'
# GitLab Pages
@ -113,7 +115,7 @@ gitlab Gemfile
# GitLab Pages letsencrypt support
gem 'acme-client', '~> 2.0'
@@ -90,24 +90,24 @@
@@ -107,25 +107,25 @@
gem 'ohai', '~> 16.10'
# GPG
@ -131,21 +133,21 @@ gitlab Gemfile
-gem 'grape', '~> 1.5.2'
+gem 'grape', '~> 1.5','>= 1.5.2'
gem 'grape-entity', '~> 0.10.0'
-gem 'rack-cors', '~> 1.1.0', require: 'rack/cors'
+gem 'rack-cors', '~> 1.1', require: 'rack/cors'
-gem 'rack-cors', '~> 1.1.1', require: 'rack/cors'
+gem 'rack-cors', '~> 1.1', '>= 1.1.1', require: 'rack/cors'
gem 'grape-swagger', '~>1.5.0', group: [:development, :test]
gem 'grape-swagger-entity', '~> 0.5.1', group: [:development, :test]
# GraphQL API
-gem 'graphql', '~> 1.13.12'
+gem 'graphql', '~> 1.13', '>= 1.13.12'
gem 'graphiql-rails', '~> 1.8'
-gem 'apollo_upload_server', '~> 2.1.0'
-gem 'graphql-docs', '~> 2.1.0', group: [:development, :test]
+gem 'apollo_upload_server', '~> 2.1'
+gem 'graphql-docs', '~> 2.1', group: [:development, :test]
gem 'graphql-docs', '~> 2.1.0', group: [:development, :test]
gem 'graphlient', '~> 0.5.0' # Used by BulkImport feature (group::import)
gem 'hashie'
@@ -118,23 +118,23 @@
@@ -137,23 +137,23 @@
gem 'kaminari', '~> 1.0'
# HAML
@ -173,7 +175,7 @@ gitlab Gemfile
# for Google storage
gem 'google-api-client', '~> 0.33'
@@ -143,38 +143,38 @@
@@ -162,38 +162,38 @@
gem 'unf', '~> 0.1.4'
# Seed data
@ -184,9 +186,9 @@ gitlab Gemfile
gem 'elasticsearch-model', '~> 7.2'
gem 'elasticsearch-rails', '~> 7.2', require: 'elasticsearch/rails/instrumentation'
-gem 'elasticsearch-api', '7.13.3'
-gem 'aws-sdk-core', '~> 3.131.0'
-gem 'aws-sdk-core', '~> 3.159.0'
+gem 'elasticsearch-api', '~> 7.13', '>= 7.13.3'
+gem 'aws-sdk-core', '~> 3.131'
+gem 'aws-sdk-core', '~> 3.159'
gem 'aws-sdk-cloudformation', '~> 1'
-gem 'aws-sdk-s3', '~> 1.114.0'
+gem 'aws-sdk-s3', '~> 1.114'
@ -203,7 +205,7 @@ gitlab Gemfile
+gem 'deckar01-task_list', '~> 2.3','>= 2.3.1'
+gem 'gitlab-markup', '~> 1.8'
+gem 'github-markup', '~> 1.7', require: 'github/markup'
gem 'commonmarker', '~> 0.23.4'
gem 'commonmarker', '~> 0.23.6'
-gem 'kramdown', '~> 2.3.1'
-gem 'RedCloth', '~> 4.3.2'
-gem 'rdoc', '~> 6.3.2'
@ -226,17 +228,17 @@ gitlab Gemfile
-gem 'nokogiri', '~> 1.13.8'
+gem 'bootstrap_form', '~> 4.2'
+gem 'nokogiri', '~> 1.3', '>= 1.13.8'
gem 'escape_utils', '~> 1.1'
# Calendar rendering
@@ -185,12 +185,12 @@
gem 'icalendar'
@@ -203,12 +203,12 @@
gem 'diff_match_patch', '~> 0.1.0'
# Application server
-gem 'rack', '~> 2.2.4'
+gem 'rack', '~> 2.2', '>= 2.2.4'
# https://github.com/zombocom/rack-timeout/blob/master/README.md#rails-apps-manually
gem 'rack-timeout', '~> 0.6.0', require: 'rack/timeout/base'
gem 'rack-timeout', '~> 0.6.3', require: 'rack/timeout/base'
group :puma do
- gem 'puma', '~> 5.6.5', require: false
@ -244,16 +246,16 @@ gitlab Gemfile
gem 'puma_worker_killer', '~> 0.3.1', require: false
gem 'sd_notify', '~> 0.1.0', require: false
end
@@ -202,13 +202,13 @@
@@ -220,13 +220,13 @@
gem 'acts-as-taggable-on', '~> 9.0'
# Background jobs
-gem 'sidekiq', '~> 6.4.0'
-gem 'sidekiq-cron', '~> 1.4.0'
-gem 'redis-namespace', '~> 1.8.1'
-gem 'sidekiq-cron', '~> 1.8.0'
-gem 'redis-namespace', '~> 1.9.0'
+gem 'sidekiq', '~> 6.4'
+gem 'sidekiq-cron', '~> 1.4'
+gem 'redis-namespace', '~> 1.8','>= 1.8.1'
+gem 'sidekiq-cron', '~> 1.8'
+gem 'redis-namespace', '~> 1.9'
gem 'gitlab-sidekiq-fetcher', '0.8.0', require: 'sidekiq-reliable-fetch'
# Cron Parser
@ -262,7 +264,7 @@ gitlab Gemfile
# HTTP requests
gem 'httparty', '~> 0.16.4'
@@ -220,14 +220,14 @@
@@ -238,14 +238,14 @@
gem 'ruby-progressbar', '~> 1.10'
# GitLab settings
@ -270,8 +272,8 @@ gitlab Gemfile
+gem 'settingslogic', '~> 2.0', '>= 2.0.9'
# Linear-time regex library for untrusted regular expressions
-gem 're2', '~> 1.4.0'
+gem 're2', '~> 1.4'
-gem 're2', '~> 1.5.0'
+gem 're2', '~> 1.5'
# Misc
@ -280,7 +282,7 @@ gitlab Gemfile
# Export Ruby Regex to Javascript
gem 'js_regex', '~> 3.7'
@@ -236,11 +236,11 @@
@@ -254,24 +254,24 @@
gem 'device_detector'
# Redis
@ -294,7 +296,13 @@ gitlab Gemfile
# Discord integration
gem 'discordrb-webhooks', '~> 3.4', require: false
@@ -253,7 +253,7 @@
# Jira integration
-gem 'jira-ruby', '~> 2.1.4'
+gem 'jira-ruby', '~> 2.1', '>= 2.1.4'
gem 'atlassian-jwt', '~> 0.2.0'
# Flowdock integration
gem 'flowdock', '~> 0.7'
# Slack integration
@ -303,7 +311,7 @@ gitlab Gemfile
# Hangouts Chat integration
gem 'hangouts-chat', '~> 0.0.5', require: 'hangouts_chat'
@@ -265,14 +265,14 @@
@@ -283,14 +283,14 @@
gem 'ruby-fogbugz', '~> 0.2.1'
# Kubernetes integration
@ -316,14 +324,14 @@ gitlab Gemfile
+gem 'babosa', '~> 1.0','>= 1.0.4'
# Sanitizes SVG input
-gem 'loofah', '~> 2.18.0'
+gem 'loofah', '~> 2.18'
-gem 'loofah', '~> 2.19.0'
+gem 'loofah', '~> 2.19'
# Working with license
# Detects the open source license the repository includes
@@ -294,32 +294,32 @@
@@ -312,32 +312,32 @@
gem 'rack-proxy', '~> 0.7.2'
gem 'rack-proxy', '~> 0.7.4'
-gem 'sassc-rails', '~> 2.1.0'
-gem 'autoprefixer-rails', '10.2.5.1'
@ -343,8 +351,8 @@ gitlab Gemfile
+gem 'gitlab-license', '~> 2.2','>= 2.2.1'
# Protect against bruteforcing
-gem 'rack-attack', '~> 6.6.0'
+gem 'rack-attack', '~> 6.6'
-gem 'rack-attack', '~> 6.6.1'
+gem 'rack-attack', '~> 6.6','>= 6.6.1'
# Sentry integration
gem 'sentry-raven', '~> 3.1'
@ -357,15 +365,15 @@ gitlab Gemfile
# PostgreSQL query parsing
#
-gem 'pg_query', '~> 2.1.0'
+gem 'pg_query', '~> 2.1'
-gem 'pg_query', '~> 2.1.4'
+gem 'pg_query', '~> 2.1', '>= 2.1.4'
-gem 'premailer-rails', '~> 1.10.3'
+gem 'premailer-rails', '~> 1.10','>= 1.10.3'
# LabKit: Tracing and Correlation
gem 'gitlab-labkit', '~> 0.24.0'
@@ -328,11 +328,11 @@
@@ -346,11 +346,11 @@
# I18n
gem 'ruby_parser', '~> 3.15', require: false
gem 'rails-i18n', '~> 7.0'
@ -379,7 +387,7 @@ gitlab Gemfile
# Perf bar
gem 'peek', '~> 1.1'
@@ -341,10 +341,10 @@
@@ -359,10 +359,10 @@
gem 'snowplow-tracker', '~> 0.6.1'
# Metrics
@ -391,8 +399,8 @@ gitlab Gemfile
+gem 'warning', '~> 1.3'
group :development do
gem 'lefthook', '~> 1.1.1', require: false
@@ -426,24 +426,24 @@
gem 'lefthook', '~> 1.1.3', require: false
@@ -444,24 +444,24 @@
end
group :test do
@ -428,16 +436,7 @@ gitlab Gemfile
gem 'rspec_junit_formatter'
gem 'guard-rspec'
@@ -460,7 +460,7 @@
gem 'email_reply_trimmer', '~> 0.1'
gem 'html2text'
-gem 'ruby-prof', '~> 1.3.0'
+gem 'ruby-prof', '~> 1.3'
gem 'stackprof', '~> 0.2.21', require: false
gem 'rbtrace', '~> 0.4', require: false
gem 'memory_profiler', '~> 0.9', require: false
@@ -473,8 +473,8 @@
@@ -490,8 +490,8 @@
gem 'health_check', '~> 3.0'
# System information
@ -448,7 +447,7 @@ gitlab Gemfile
# NTP client
gem 'net-ntp'
@@ -483,15 +483,15 @@
@@ -500,15 +500,15 @@
gem 'ssh_data', '~> 1.3'
# Spamcheck GRPC protocol definitions
@ -467,7 +466,7 @@ gitlab Gemfile
gem 'google-protobuf', '~> 3.21'
@@ -501,7 +501,7 @@
@@ -518,7 +518,7 @@
gem 'flipper', '~> 0.25.0'
gem 'flipper-active_record', '~> 0.25.0'
gem 'flipper-active_support_cache_store', '~> 0.25.0'
@ -476,22 +475,7 @@ gitlab Gemfile
gem 'gitlab-experiment', '~> 0.7.1'
# Structured logging
@@ -514,12 +514,12 @@
# Countries list
gem 'countries', '~> 3.0'
-gem 'retriable', '~> 3.1.2'
+gem 'retriable', '~> 3.1', '>= 3.1.2'
# LRU cache
gem 'lru_redux'
-gem 'erubi', '~> 1.9.0'
+gem 'erubi', '~> 1.9'
# Locked as long as quoted-printable encoding issues are not resolved
# Monkey-patched in `config/initializers/mail_encoding_patch.rb`
@@ -536,12 +536,11 @@
@@ -551,12 +551,11 @@
gem 'valid_email', '~> 0.1'
# JSON
@ -508,7 +492,7 @@ gitlab Gemfile
gem 'webauthn', '~> 2.3'
# IPAddress utilities
@@ -551,7 +550,7 @@
@@ -566,14 +565,14 @@
gem 'ipynbdiff', path: 'vendor/gems/ipynbdiff'
@ -517,3 +501,11 @@ gitlab Gemfile
# Error Tracking OpenAPI client
# See https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/rake_tasks.md#update-openapi-client-for-error-tracking-feature
gem 'error_tracking_open_api', path: 'vendor/gems/error_tracking_open_api'
# Vulnerability advisories
-gem 'cvss-suite', '~> 3.0.1', require: 'cvss_suite'
+gem 'cvss-suite', '~> 3.0','>= 3.0.1', require: 'cvss_suite'
# Work with RPM packages
gem 'arr-pm', '~> 0.0.12'

View file

@ -2,15 +2,22 @@ Bundler will fail when it can't find these locally
--- a/Gemfile
+++ b/Gemfile
@@ -107,7 +107,6 @@
@@ -119,14 +119,11 @@
gem 'grape', '~> 1.5','>= 1.5.2'
gem 'grape-entity', '~> 0.10.0'
gem 'rack-cors', '~> 1.1', '>= 1.1.1', require: 'rack/cors'
-gem 'grape-swagger', '~>1.5.0', group: [:development, :test]
-gem 'grape-swagger-entity', '~> 0.5.1', group: [:development, :test]
# GraphQL API
gem 'graphql', '~> 1.13', '>= 1.13.12'
gem 'graphiql-rails', '~> 1.8'
gem 'apollo_upload_server', '~> 2.1'
-gem 'graphql-docs', '~> 2.1', group: [:development, :test]
-gem 'graphql-docs', '~> 2.1.0', group: [:development, :test]
gem 'graphlient', '~> 0.5.0' # Used by BulkImport feature (group::import)
gem 'hashie'
@@ -330,7 +329,6 @@
@@ -348,7 +345,6 @@
gem 'rails-i18n', '~> 7.0'
gem 'gettext_i18n_rails', '~> 1.8'
gem 'gettext_i18n_rails_js', '~> 1.3'
@ -18,17 +25,17 @@ Bundler will fail when it can't find these locally
gem 'batch-loader', '~> 2.0', '>= 2.0.1'
@@ -346,85 +344,6 @@
@@ -364,85 +360,6 @@
gem 'warning', '~> 1.3'
-group :development do
- gem 'lefthook', '~> 1.1.1', require: false
- gem 'lefthook', '~> 1.1.3', require: false
- gem 'rubocop'
- gem 'solargraph', '~> 0.46.0', require: false
- gem 'solargraph', '~> 0.47.2', require: false
-
- gem 'letter_opener_web', '~> 2.0.0'
- gem 'lookbook', '~> 1.0'
- gem 'lookbook', '~> 1.0', '>= 1.0.8'
-
- # Better errors handler
- gem 'better_errors', '~> 2.9.1'
@ -58,7 +65,7 @@ Bundler will fail when it can't find these locally
- gem 'spring', '~> 2.1.0'
- gem 'spring-commands-rspec', '~> 1.0.4'
-
- gem 'gitlab-styles', '~> 8.0.0', require: false
- gem 'gitlab-styles', '~> 9.0.0', require: false
-
- gem 'haml_lint', '~> 0.40.0', require: false
- gem 'bundler-audit', '~> 0.7.0.1', require: false
@ -82,7 +89,7 @@ Bundler will fail when it can't find these locally
-
- gem 'sigdump', '~> 0.2.4', require: 'sigdump/setup'
-
- gem 'pact', '~> 1.12'
- gem 'pact', '~> 1.63'
-end
-
-group :development, :test, :danger do

View file

@ -2,7 +2,7 @@ Make test dependencies conditional so we can enable them when running autopkgtes
--- a/Gemfile
+++ b/Gemfile
@@ -344,7 +344,7 @@
@@ -360,7 +360,7 @@
gem 'warning', '~> 1.3'

View file

@ -2,7 +2,7 @@ Allow newer versions of httparty to satisfy dependency
--- a/Gemfile
+++ b/Gemfile
@@ -210,7 +210,7 @@
@@ -226,7 +226,7 @@
gem 'fugit', '~> 1.2','>= 1.2.1'
# HTTP requests

View file

@ -2,8 +2,8 @@ Allow rdoc from ruby 2.5 to match requirement
--- a/Gemfile
+++ b/Gemfile
@@ -162,7 +162,7 @@
gem 'commonmarker', '~> 0.23.4'
@@ -179,7 +179,7 @@
gem 'commonmarker', '~> 0.23.6'
gem 'kramdown', '~> 2.3','>= 2.3.1'
gem 'RedCloth', '~> 4.3','>= 4.3.2'
-gem 'rdoc', '~> 6.3','>= 6.3.2'

View file

@ -2,7 +2,7 @@ This gem is used only in gitlab Enterprise Edition
--- a/Gemfile
+++ b/Gemfile
@@ -63,7 +63,6 @@
@@ -80,7 +80,6 @@
gem 'jwt', '~> 2.1'
# Kerberos authentication. EE-only
@ -10,12 +10,12 @@ This gem is used only in gitlab Enterprise Edition
gem 'timfel-krb5-auth', '~> 0.8', group: :kerberos
# Spam and anti-bot protection
@@ -303,8 +302,6 @@
@@ -319,8 +318,6 @@
gem 'request_store', '~> 1.5'
gem 'base32', '~> 0.3.0'
-gem 'gitlab-license', '~> 2.2','>= 2.2.1'
-
# Protect against bruteforcing
gem 'rack-attack', '~> 6.6'
gem 'rack-attack', '~> 6.6','>= 6.6.1'

View file

@ -1,6 +1,6 @@
--- a/Gemfile
+++ b/Gemfile
@@ -348,7 +348,7 @@
@@ -364,7 +364,7 @@
gem 'rspec-benchmark', '~> 0.6.0'
gem 'rspec-parameterized', require: false

View file

@ -1,6 +1,6 @@
--- a/Gemfile
+++ b/Gemfile
@@ -349,7 +349,6 @@
@@ -365,7 +365,6 @@
gem 'rspec-parameterized', require: false
gem 'capybara', '~> 3.12'

View file

@ -1,6 +1,6 @@
--- a/Gemfile
+++ b/Gemfile
@@ -360,7 +360,6 @@
@@ -376,7 +376,6 @@
gem 'concurrent-ruby', '~> 1.1'
gem 'test-prof', '~> 1.0', '>= 1.0.7'
gem 'rspec_junit_formatter'

View file

@ -2,12 +2,12 @@ libruby2.7 has rexml 3.2.3.1 which has latest security fixes
--- a/Gemfile
+++ b/Gemfile
@@ -36,7 +36,7 @@
@@ -54,7 +54,7 @@
gem 'bcrypt', '~> 3.1', '>= 3.1.14'
gem 'doorkeeper', '~> 5.5'
gem 'doorkeeper-openid_connect', '~> 1.7','>= 1.7.5'
-gem 'rexml', '~> 3.2','>= 3.2.5'
+gem 'rexml', '~> 3.2','>= 3.2.3.1'
gem 'ruby-saml', '~> 1.13'
gem 'omniauth-rails_csrf_protection'
gem 'omniauth', '~> 2.1'
gem 'omniauth-auth0', '~> 2.0'

View file

@ -2,9 +2,9 @@ Forwarded: https://gitlab.com/gitlab-org/gitlab/-/issues/354323
--- a/Gemfile
+++ b/Gemfile
@@ -21,6 +21,9 @@
@@ -39,6 +39,9 @@
# Supported DBs
gem 'pg', '~> 1.4'
gem 'pg', '~> 1.4', '>= 1.4.3'
+# Background migrations/fix vulnerabilities
+gem 'parser', '~> 3.0'

View file

@ -1,7 +1,7 @@
--- a/Gemfile
+++ b/Gemfile
@@ -164,7 +164,7 @@
gem 'commonmarker', '~> 0.23.4'
@@ -181,7 +181,7 @@
gem 'commonmarker', '~> 0.23.6'
gem 'kramdown', '~> 2.3','>= 2.3.1'
gem 'RedCloth', '~> 4.3','>= 4.3.2'
-gem 'rdoc', '~> 6.0'

View file

@ -2,10 +2,10 @@ Rakefile need this gem
--- a/Gemfile
+++ b/Gemfile
@@ -472,3 +472,6 @@
# Error Tracking OpenAPI client
# See https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/rake_tasks.md#update-openapi-client-for-error-tracking-feature
gem 'error_tracking_open_api', path: 'vendor/gems/error_tracking_open_api'
@@ -494,3 +494,6 @@
# Apple plist parsing
gem 'CFPropertyList'
+
+# This is required for Rakefile
+gem 'gitlab-dangerfiles'

View file

@ -2,8 +2,8 @@ Debian specific patch to help webpack find sources
--- a/config/webpack.config.js
+++ b/config/webpack.config.js
@@ -29,7 +29,7 @@
const MonacoWebpackPlugin = require('./plugins/monaco_webpack');
@@ -32,7 +32,7 @@
const GraphqlKnownOperationsPlugin = require('./plugins/graphql_known_operations_plugin');
-const ROOT_PATH = path.resolve(__dirname, '..');

View file

@ -2,13 +2,13 @@ These are not required in production
--- a/package.json
+++ b/package.json
@@ -197,59 +197,6 @@
@@ -203,60 +203,7 @@
"yaml": "^2.0.0-10"
},
"devDependencies": {
- "@gitlab/eslint-plugin": "17.0.0",
- "@gitlab/eslint-plugin": "18.1.0",
- "@gitlab/stylelint-config": "4.1.0",
- "@graphql-eslint/eslint-plugin": "3.10.7",
- "@graphql-eslint/eslint-plugin": "3.12.0",
- "@testing-library/dom": "^7.16.2",
- "@types/jest": "^27.5.1",
- "@vue/test-utils": "1.3.0",
@ -21,7 +21,7 @@ These are not required in production
- "cheerio": "^1.0.0-rc.9",
- "commander": "^2.20.3",
- "custom-jquery-matchers": "^2.1.0",
- "eslint": "8.23.1",
- "eslint": "8.25.0",
- "eslint-import-resolver-jest": "3.0.2",
- "eslint-import-resolver-webpack": "0.13.2",
- "eslint-plugin-import": "^2.26.0",
@ -40,8 +40,8 @@ These are not required in production
- "jest-jasmine2": "^27.5.1",
- "jest-junit": "^12.0.0",
- "jest-raw-loader": "^1.0.1",
- "jest-transform-graphql": "^2.1.0",
- "jest-util": "^27.5.1",
- "jsonlint": "^1.6.3",
- "markdownlint-cli": "0.32.2",
- "miragejs": "^0.1.40",
- "mock-apollo-client": "1.2.0",
@ -55,10 +55,19 @@ These are not required in production
- "sass": "^1.49.9",
- "stylelint": "^14.9.1",
- "timezone-mock": "^1.0.8",
- "webpack-dev-server": "4.11.0",
- "webpack-dev-server": "4.11.1",
- "xhr-mock": "^2.5.1",
- "yarn-check-webpack-plugin": "^1.2.0",
- "yarn-deduplicate": "^6.0.0"
},
- },
+ },
"blockedDependencies": {
"bootstrap-vue": "https://docs.gitlab.com/ee/development/fe_guide/dependencies.html#bootstrapvue"
},
@@ -268,4 +215,4 @@
"node": ">=12.22.1",
"yarn": "^1.10.0"
}
-}
\ No newline at end of file
+}

View file

@ -19,15 +19,15 @@ Use debian packaged node modules when available
--- a/config/webpack.config.js
+++ b/config/webpack.config.js
@@ -17,7 +17,6 @@
const VUE_VERSION = require('vue/package.json').version;
@@ -19,7 +19,6 @@
const { ESBuildMinifyPlugin } = require('esbuild-loader');
const webpack = require('webpack');
-const { BundleAnalyzerPlugin } = require('webpack-bundle-analyzer');
const { StatsWriterPlugin } = require('webpack-stats-plugin');
const WEBPACK_VERSION = require('webpack/package.json').version;
@@ -257,6 +256,8 @@
const MonacoWebpackPlugin = require('monaco-editor-webpack-plugin');
@@ -283,6 +282,8 @@
entry: generateEntries,
@ -36,7 +36,7 @@ Use debian packaged node modules when available
output: {
path: WEBPACK_OUTPUT_PATH,
publicPath: WEBPACK_PUBLIC_PATH,
@@ -268,10 +269,15 @@
@@ -294,10 +295,15 @@
},
resolve: {
@ -53,7 +53,7 @@ Use debian packaged node modules when available
module: {
strictExportPresence: true,
rules: [
@@ -370,7 +376,7 @@
@@ -412,7 +418,7 @@
},
{
test: /\.(eot|ttf|woff|woff2)$/,
@ -62,7 +62,7 @@ Use debian packaged node modules when available
loader: 'file-loader',
options: {
name: '[name].[contenthash:8].[ext]',
@@ -773,6 +779,7 @@
@@ -832,6 +838,7 @@
node: {
fs: 'empty', // editorconfig requires 'fs'
@ -72,14 +72,15 @@ Use debian packaged node modules when available
};
--- a/app/assets/javascripts/pdf/index.vue
+++ b/app/assets/javascripts/pdf/index.vue
@@ -1,6 +1,6 @@
<script>
import pdfjsLib from 'pdfjs-dist/build/pdf';
-import workerSrc from 'pdfjs-dist/build/pdf.worker.min';
+import workerSrc from 'pdfjs-dist/build/pdf.worker';
@@ -3,7 +3,7 @@
import Page from './page/index.vue';
-GlobalWorkerOptions.workerSrc = '/assets/webpack/pdfjs/pdf.worker.min.js';
+GlobalWorkerOptions.workerSrc = '/assets/webpack/pdfjs/pdf.worker.js';
export default {
components: { Page },
--- a/package.json
+++ b/package.json
@@ -47,8 +47,8 @@
@ -94,7 +95,7 @@ Use debian packaged node modules when available
"@gitlab/at.js": "1.5.7",
"@gitlab/favicon-overlay": "2.0.0",
@@ -56,7 +56,7 @@
"@gitlab/ui": "43.16.0",
"@gitlab/ui": "46.1.0",
"@gitlab/visual-review-tools": "1.7.3",
"@gitlab/web-ide": "0.0.1-dev-20220815034418",
- "@rails/actioncable": "6.1.4-7",
@ -102,103 +103,3 @@ Use debian packaged node modules when available
"@rails/ujs": "6.1.4-7",
"@sentry/browser": "5.30.0",
"@sourcegraph/code-host-integration": "0.0.60",
@@ -95,23 +95,23 @@
"autosize": "^5.0.1",
"axios": "^0.24.0",
"babel-loader": "^8.2.5",
- "babel-plugin-lodash": "^3.3.4",
+ "babel-plugin-lodash": "link:/usr/share/nodejs/babel-plugin-lodash",
"bootstrap": "4.5.3",
"cache-loader": "^4.1.0",
"canvas-confetti": "^1.4.0",
- "clipboard": "^2.0.8",
+ "clipboard": "link:/usr/share/nodejs/clipboard",
"codesandbox-api": "0.0.23",
"compression-webpack-plugin": "^5.0.2",
"copy-webpack-plugin": "^6.4.1",
"core-js": "^3.25.1",
- "cron-validator": "^1.1.1",
+ "cron-validator": "link:/usr/share/nodejs/cron-validator",
"cronstrue": "^1.122.0",
"cropper": "^2.3.0",
"css-loader": "^2.1.1",
- "d3": "^5.16.0",
- "d3-sankey": "^0.12.3",
- "d3-selection": "^1.2.0",
- "dateformat": "^5.0.1",
+ "d3": "link:/usr/share/nodejs/d3",
+ "d3-sankey": "link:/usr/share/nodejs/d3-sankey",
+ "d3-selection": "link:/usr/share/nodejs/d3-selection",
+ "dateformat": "link:/usr/share/nodejs/dateformat",
"deckar01-task_list": "^2.3.1",
"diff": "^3.4.0",
"dompurify": "^2.4.0",
@@ -129,29 +129,29 @@
"jed": "^1.1.1",
"jquery": "^3.6.0",
"jquery.caret": "^0.3.1",
- "js-cookie": "^3.0.0",
- "js-yaml": "^3.13.1",
+ "js-cookie": "link:/usr/share/nodejs/js-cookie",
+ "js-yaml": "link:/usr/share/nodejs/js-yaml",
"jszip": "^3.1.3",
- "katex": "^0.13.2",
- "lodash": "^4.17.20",
+ "katex": "link:/usr/share/nodejs/katex",
+ "lodash": "link:/usr/share/nodejs/lodash",
"lowlight": "^2.6.1",
"marked": "^4.0.18",
"mathjax": "3",
"mdurl": "^1.0.1",
"mermaid": "^9.1.3",
"micromatch": "^4.0.5",
- "minimatch": "^3.0.4",
+ "minimatch": "link:/usr/share/nodejs/minimatch",
"monaco-editor": "^0.30.1",
"monaco-editor-webpack-plugin": "^6.0.0",
"monaco-yaml": "3.0.0",
"mousetrap": "1.6.5",
"papaparse": "^5.3.1",
"patch-package": "^6.4.7",
- "pdfjs-dist": "^2.0.943",
+ "pdfjs-dist": "link:/usr/share/nodejs/pdfjs-dist",
"pikaday": "^1.8.0",
- "popper.js": "^1.16.1",
+ "popper.js": "link:/usr/share/nodejs/popper.js",
"portal-vue": "^2.1.7",
- "postcss": "8.4.14",
+ "postcss": "link:/usr/share/nodejs/postcss",
"prosemirror-markdown": "1.9.1",
"prosemirror-model": "^1.18.1",
"prosemirror-state": "^1.4.1",
@@ -170,26 +170,25 @@
"style-loader": "^2.0.0",
"swagger-ui-dist": "4.12.0",
"three": "^0.143.0",
- "timeago.js": "^4.0.2",
+ "timeago.js": "link:/usr/share/nodejs/timeago.js",
"unified": "^10.1.2",
"unist-builder": "^3.0.0",
"unist-util-visit-parents": "^5.1.0",
"url-loader": "^4.1.1",
- "uuid": "8.1.0",
+ "uuid": "link:/usr/share/nodejs/uuid",
"visibilityjs": "^1.2.4",
- "vue": "2.6.14",
+ "vue": "link:/usr/share/nodejs/vue",
"vue-apollo": "^3.0.7",
"vue-loader": "15.9.6",
"vue-observe-visibility": "^1.0.0",
"vue-resize": "^1.0.1",
"vue-router": "3.4.9",
- "vue-template-compiler": "2.6.14",
+ "vue-template-compiler": "link:/usr/share/nodejs/vue-template-compiler",
"vue-virtual-scroll-list": "^1.4.7",
"vuedraggable": "^2.23.0",
"vuex": "^3.6.2",
"web-vitals": "^0.2.4",
"webpack": "^4.46.0",
- "webpack-bundle-analyzer": "^4.6.1",
"webpack-cli": "^4.10.0",
"webpack-stats-plugin": "^0.3.1",
"worker-loader": "^2.0.0",

View file

@ -2,7 +2,7 @@ yaml from npm registry needs a newer nodejs than what is in bullseye
--- a/package.json
+++ b/package.json
@@ -197,7 +197,7 @@
@@ -204,7 +204,7 @@
"webpack-stats-plugin": "^0.3.1",
"worker-loader": "^2.0.0",
"xterm": "3.14.5",
@ -10,4 +10,4 @@ yaml from npm registry needs a newer nodejs than what is in bullseye
+ "yaml": "link:/usr/share/nodejs/yaml"
},
"devDependencies": {
},
},

View file

@ -5,4 +5,4 @@
+* text=auto
VERSION merge=ours
Dangerfile gitlab-language=ruby
*.pdf filter=lfs diff=lfs merge=lfs -text
*.rb diff=ruby