Update minimum version of dependencies and add new dependencies

debian/control

@@ -37,7 +37,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  openssh-client,
  bzip2,
  ucf,
- gitlab-workhorse (>= 8.46~),
+ gitlab-workhorse (>= 8.54.2~),
  ruby-rails (>= 2:6.0.3~),
    ruby-tzinfo (>= 1.2.6~),
    ruby-websocket-extensions (>= 0.1.5~),
@@ -74,7 +74,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  ruby-omniauth-openid-connect (>= 0.3.5~),
  ruby-omniauth-salesforce (>= 1.0.5~),
  ruby-omniauth-atlassian-oauth2 (>= 0.2.0~),
- ruby-rack-oauth2 (>= 1.9.3~),
+ ruby-rack-oauth2 (>= 1.16~),
  ruby-jwt (>= 2.1~),
 # Spam and anti-bot protection
  ruby-recaptcha (>= 4.11~),
@@ -106,6 +106,8 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  ruby-graphql (>= 1.11.4~),
  ruby-graphiql-rails (>= 1.4.10~),
  ruby-apollo-upload-server (>= 2.0.3~),
+# Used by BulkImport feature (group::import)
+ ruby-graphlient (>= 0.4.0),
 # Disable strong_params so that Mash does not respond to :permitted?
  ruby-hashie-forbidden-attributes,
 # Pagination
@@ -119,7 +121,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  ruby-fog-aws (>= 3.5~),
  ruby-fog-core (>= 2.1~),
    ruby-excon (>= 0.72~),
- ruby-fog-google (>= 1.10~),
+ ruby-fog-google (>= 1.11~),
  ruby-fog-local (>= 0.6~),
  ruby-fog-openstack (>= 1.0~),
  ruby-fog-rackspace (>= 0.1.1~),
@@ -166,7 +168,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  ruby-diffy (>= 3.3~),
  ruby-diff-match-patch (>= 0.1~),
 # Application server
- ruby-rack (>= 2.1~),
+ ruby-rack (>= 2.2~),
  ruby-rack-timeout (>= 0.5.1~),
  puma (>= 4.0~),
  ruby-puma-worker-killer,
@@ -267,12 +269,14 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  ruby-base32 (>= 0.3.0~),
 # Sentry integration
  ruby-sentry-raven (>= 2.13~),
+# PostgreSQL query parsing
+ ruby-gitlab-pg-query (>= 1.3~),
 #
  ruby-premailer-rails (>= 1.10.3-2~),
 # LabKit: Tracing and Correlation
- ruby-gitlab-labkit (>= 0.12.1~),
+ ruby-gitlab-labkit (>= 0.13.2~),
 # I18n
- ruby-ruby-parser (>= 3.8.2~),
+ ruby-ruby-parser (>= 3.15~),
  ruby-rails-i18n (>= 6.0~),
  ruby-gettext-i18n-rails (>= 1.8~),
  ruby-gettext-i18n-rails-js (>= 1.3~),
@@ -320,7 +324,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  ruby-ed25519 (>= 1.2~),
  ruby-bcrypt-pbkdf (>= 1.0~),
 # Gitaly GRPC client
- ruby-gitaly (>= 13.5~),
+ ruby-gitaly (>= 13.6~),
 # See #966653
 # ruby-grpc (>= 1.30.2~),
  ruby-google-protobuf (>= 3.12~),
@@ -391,7 +395,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  node-js-yaml (>= 3.13.1~),
  node-jszip,
  node-jszip-utils (>= 0.0.2+dfsg-2~),
- node-katex,
+ node-katex (>= 0.10.2+dfsg-8~),
  node-lodash (>= 4.17.20+dfsg+~cs8.31.172~),
  node-marked (>= 0.3~),
  node-mermaid,
@@ -435,7 +439,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
 # gitlab-sidekiq was failing without puma
  puma
 Recommends: certbot,
- gitaly (>= 13.5~)
+ gitaly (>= 13.6~)
 Conflicts: libruby2.5
 Description: git powered software platform to collaborate on code (non-omnibus)
  gitlab provides web based interface to host source code and track issues.

debian/patches/0499-70-relax-graphlient.patch

@@ -0,0 +1,13 @@
+newer version is in the archive
+
+--- a/Gemfile
++++ b/Gemfile
+@@ -94,7 +94,7 @@
+ # https://gitlab.com/gitlab-org/gitlab/issues/31747
+ gem 'graphiql-rails', '~> 1.4', '>= 1.4.10'
+ gem 'apollo_upload_server', '~> 2.0', '>= 2.0.2'
+-gem 'graphlient', '~> 0.4.0' # Used by BulkImport feature (group::import)
++gem 'graphlient', '~> 0.5.0' # Used by BulkImport feature (group::import)
+ 
+ gem 'hashie'
+ # Disable strong_params so that Mash does not respond to :permitted?

debian/patches/series

@@ -16,6 +16,7 @@
 0499-30-remove-guard-rspec.patch
 0499-40-relax-rouge.patch
 0499-60-relax-rugged.patch
+0499-70-relax-graphlient.patch
 0500-set-webpack-root.patch
 0510-remove-dev-dependencies.patch
 0520-add-system-lib-path-for-webpack.patch