......@@ -27,7 +27,9 @@
.form-group.row
.col-sm-12= f.label :format, class: 'control-label-full-width'
.col-sm-12
= f.select :format, options_for_select(ProjectWiki::MARKUPS, {selected: @page.format}), {}, class: 'form-control'
.select-wrapper
= f.select :format, options_for_select(ProjectWiki::MARKUPS, {selected: @page.format}), {}, class: 'form-control select-control'
= icon('chevron-down')
.form-group.row
.col-sm-12= f.label :content, class: 'control-label-full-width'
......
......
---
title: Container Registry tag expiration policy settings
merge_request: 25123
author:
type: added
---
title: Add updateImageDiffNote mutation
merge_request: 24027
author:
type: added
---
title: Add specialized index to packages_packages database table
merge_request: 24182
author:
type: other
---
title: Updated ui elements in wiki page creation
merge_request: 25197
author: Marc Schwede
type: other
---
title: Fix sidekiq jobs not always getting a database connection when running with low concurrency
merge_request: 25261
author:
type: fixed
---
title: Show blocked status for all blocked issues on issue boards
merge_request: 24631
author:
type: fixed
---
title: Fix wrong MR link is shown on pipeline failure email
merge_request:
author:
type: fixed
---
title: Create snippet repository when it's created
merge_request: 22269
author:
type: added
---
title: Separate project entity into own class file
merge_request: 25297
author: Rajendra Kadam
type: added
# frozen_string_literal: true
class AddNugetIndexToPackagesPackages < ActiveRecord::Migration[6.0]
include Gitlab::Database::MigrationHelpers
DOWNTIME = false
INDEX_NAME = 'index_packages_project_id_name_partial_for_nuget'
disable_ddl_transaction!
def up
add_concurrent_index :packages_packages, [:project_id, :name], name: INDEX_NAME, where: "name <> 'NuGet.Temporary.Package' AND version is not null AND package_type = 4"
end
def down
remove_concurrent_index_by_name :packages_packages, INDEX_NAME
end
end
......@@ -3012,6 +3012,7 @@ ActiveRecord::Schema.define(version: 2020_02_13_204737) do
t.index ["name"], name: "index_packages_packages_on_name_trigram", opclass: :gin_trgm_ops, using: :gin
t.index ["project_id", "created_at"], name: "index_packages_packages_on_project_id_and_created_at"
t.index ["project_id", "name", "version", "package_type"], name: "idx_packages_packages_on_project_id_name_version_package_type"
t.index ["project_id", "name"], name: "index_packages_project_id_name_partial_for_nuget", where: "(((name)::text <> 'NuGet.Temporary.Package'::text) AND (version IS NOT NULL) AND (package_type = 4))"
t.index ["project_id", "package_type"], name: "index_packages_packages_on_project_id_and_package_type"
t.index ["project_id", "version"], name: "index_packages_packages_on_project_id_and_version"
end
......
......
......@@ -1406,12 +1406,12 @@ input DiffImagePositionInput {
width: Int!
"""
X position on which the comment was made
X position of the note
"""
x: Int!
"""
Y position on which the comment was made
Y position of the note
"""
y: Int!
}
......@@ -1475,12 +1475,12 @@ type DiffPosition {
width: Int
"""
X position on which the comment was made
X position of the note
"""
x: Int
"""
Y position on which the comment was made
Y position of the note
"""
y: Int
}
......@@ -4660,6 +4660,18 @@ type Mutation {
todosMarkAllDone(input: TodosMarkAllDoneInput!): TodosMarkAllDonePayload
toggleAwardEmoji(input: ToggleAwardEmojiInput!): ToggleAwardEmojiPayload
updateEpic(input: UpdateEpicInput!): UpdateEpicPayload
"""
Updates a DiffNote on an image (a `Note` where the `position.positionType` is
`"image"`). If the body of the Note contains only quick actions, the Note will
be destroyed during the update, and no Note will be returned
"""
updateImageDiffNote(input: UpdateImageDiffNoteInput!): UpdateImageDiffNotePayload
"""
Updates a Note. If the body of the Note contains only quick actions, the Note
will be destroyed during the update, and no Note will be returned
"""
updateNote(input: UpdateNoteInput!): UpdateNotePayload
updateSnippet(input: UpdateSnippetInput!): UpdateSnippetPayload
}
......@@ -7533,6 +7545,28 @@ enum TypeEnum {
project
}
input UpdateDiffImagePositionInput {
"""
Total height of the image
"""
height: Int
"""
Total width of the image
"""
width: Int
"""
X position of the note
"""
x: Int
"""
Y position of the note
"""
y: Int
}
"""
Autogenerated input type of UpdateEpic
"""
......@@ -7618,6 +7652,51 @@ type UpdateEpicPayload {
errors: [String!]!
}
"""
Autogenerated input type of UpdateImageDiffNote
"""
input UpdateImageDiffNoteInput {
"""
Content of the note
"""
body: String
"""
A unique identifier for the client performing the mutation.
"""
clientMutationId: String
"""
The global id of the note to update
"""
id: ID!
"""
The position of this note on a diff
"""
position: UpdateDiffImagePositionInput
}
"""
Autogenerated return type of UpdateImageDiffNote
"""
type UpdateImageDiffNotePayload {
"""
A unique identifier for the client performing the mutation.
"""
clientMutationId: String
"""
Reasons why the mutation failed.
"""
errors: [String!]!
"""
The note after mutation
"""
note: Note
}
"""
Autogenerated input type of UpdateNote
"""
......
......
......@@ -8063,7 +8063,7 @@
},
{
"name": "x",
"description": "X position on which the comment was made",
"description": "X position of the note",
"args": [
 
],
......@@ -8077,7 +8077,7 @@
},
{
"name": "y",
"description": "Y position on which the comment was made",
"description": "Y position of the note",
"args": [
 
],
......@@ -19427,8 +19427,35 @@
"deprecationReason": null
},
{
"name": "updateNote",
"name": "updateImageDiffNote",
"description": "Updates a DiffNote on an image (a `Note` where the `position.positionType` is `\"image\"`). If the body of the Note contains only quick actions, the Note will be destroyed during the update, and no Note will be returned",
"args": [
{
"name": "input",
"description": null,
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "INPUT_OBJECT",
"name": "UpdateImageDiffNoteInput",
"ofType": null
}
},
"defaultValue": null
}
],
"type": {
"kind": "OBJECT",
"name": "UpdateImageDiffNotePayload",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "updateNote",
"description": "Updates a Note. If the body of the Note contains only quick actions, the Note will be destroyed during the update, and no Note will be returned",
"args": [
{
"name": "input",
......@@ -21640,7 +21667,7 @@
},
{
"name": "x",
"description": "X position on which the comment was made",
"description": "X position of the note",
"type": {
"kind": "NON_NULL",
"name": null,
......@@ -21654,7 +21681,7 @@
},
{
"name": "y",
"description": "Y position on which the comment was made",
"description": "Y position of the note",
"type": {
"kind": "NON_NULL",
"name": null,
......@@ -21815,6 +21842,179 @@
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "UpdateImageDiffNotePayload",
"description": "Autogenerated return type of UpdateImageDiffNote",
"fields": [
{
"name": "clientMutationId",
"description": "A unique identifier for the client performing the mutation.",
"args": [
],
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "errors",
"description": "Reasons why the mutation failed.",
"args": [
],
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "String",
"ofType": null
}
}
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "note",
"description": "The note after mutation",
"args": [
],
"type": {
"kind": "OBJECT",
"name": "Note",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
}
],
"inputFields": null,
"interfaces": [
],
"enumValues": null,
"possibleTypes": null
},
{
"kind": "INPUT_OBJECT",
"name": "UpdateImageDiffNoteInput",
"description": "Autogenerated input type of UpdateImageDiffNote",
"fields": null,
"inputFields": [
{
"name": "id",
"description": "The global id of the note to update",
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "ID",
"ofType": null
}
},
"defaultValue": null
},
{
"name": "body",
"description": "Content of the note",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
},
{
"name": "position",
"description": "The position of this note on a diff",
"type": {
"kind": "INPUT_OBJECT",
"name": "UpdateDiffImagePositionInput",
"ofType": null
},
"defaultValue": null
},
{
"name": "clientMutationId",
"description": "A unique identifier for the client performing the mutation.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
}
],
"interfaces": null,
"enumValues": null,
"possibleTypes": null
},
{
"kind": "INPUT_OBJECT",
"name": "UpdateDiffImagePositionInput",
"description": null,
"fields": null,
"inputFields": [
{
"name": "x",
"description": "X position of the note",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
},
{
"name": "y",
"description": "Y position of the note",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
},
{
"name": "width",
"description": "Total width of the image",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
},
{
"name": "height",
"description": "Total height of the image",
"type": {
"kind": "SCALAR",
"name": "Int",
"ofType": null
},
"defaultValue": null
}
],
"interfaces": null,
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "DestroyNotePayload",
......
......
......@@ -246,8 +246,8 @@ Autogenerated return type of DestroySnippet
| `oldPath` | String | Path of the file on the start SHA |
| `positionType` | DiffPositionType! | Type of file the position refers to |
| `width` | Int | Total width of the image |
| `x` | Int | X position on which the comment was made |
| `y` | Int | Y position on which the comment was made |
| `x` | Int | X position of the note |
| `y` | Int | Y position of the note |
## DiffRefs
......@@ -1230,6 +1230,16 @@ Autogenerated return type of UpdateEpic
| `epic` | Epic | The epic after mutation |
| `errors` | String! => Array | Reasons why the mutation failed. |
## UpdateImageDiffNotePayload
Autogenerated return type of UpdateImageDiffNote
| Name | Type | Description |
| --- | ---- | ---------- |
| `clientMutationId` | String | A unique identifier for the client performing the mutation. |
| `errors` | String! => Array | Reasons why the mutation failed. |
| `note` | Note | The note after mutation |
## UpdateNotePayload
Autogenerated return type of UpdateNote
......
......
......@@ -25,10 +25,7 @@ Productivity Analytics allows GitLab users to:
## Accessing metrics and visualizations
To access the **Productivity Analytics** page:
1. Go to **Analytics** from the top navigation bar.
1. Select **Productivity Analytics** from the menu.
To access the chart, navigate to a group's sidebar and select **Analytics > Productivity Analytics**.
The following metrics and visualizations are available on a project or group level - currently only covering **merged** merge requests:
......
......
......@@ -137,7 +137,7 @@ build:
If you want to whitelist specific vulnerabilities, you'll need to:
1. Set `GIT_STRATEGY: fetch` in your `.gitlab-ci.yml` file by following the instructions described in the
1. Set [`GIT_STRATEGY: fetch`](../../../ci/yaml/README.md#git-strategy) in your `.gitlab-ci.yml` file by following the instructions described in the
[overriding the Container Scanning template](#overriding-the-container-scanning-template) section of this document.
1. Define the whitelisted vulnerabilities in a YAML file named `clair-whitelist.yml` which must use the format described
in the [following whitelist example file](https://github.com/arminc/clair-scanner/blob/v12/example-whitelist.yaml).
......@@ -173,8 +173,9 @@ using environment variables.
| `CLAIR_VULNERABILITIES_DB_URL` | This variable is explicitly set in the [services section](https://gitlab.com/gitlab-org/gitlab/blob/30522ca8b901223ac8c32b633d8d67f340b159c1/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml#L17-19) of the `Container-Scanning.gitlab-ci.yml` file and defaults to `clair-vulnerabilities-db`. This value represents the address that the [postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db) is running on and **shouldn't be changed** unless you're running the image locally as described in the [Running the scanning tool](https://gitlab.com/gitlab-org/security-products/analyzers/klar/#running-the-scanning-tool) section of the [GitLab klar analyzer readme](https://gitlab.com/gitlab-org/security-products/analyzers/klar). | `clair-vulnerabilities-db` |
| `CI_APPLICATION_REPOSITORY` | Docker repository URL for the image to be scanned. | `$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG` |
| `CI_APPLICATION_TAG` | Docker respository tag for the image to be scanned. | `$CI_COMMIT_SHA` |
| `CLAIR_DB_IMAGE` | The Docker image name and tag for the [postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version, for example, to provide a consistent set of vulnerabilities for integration testing purposes, or to refer to a locally hosted vulnerabilities database for an on-premise air-gapped installation. | `arminc/clair-db:latest` |
| `CLAIR_DB_IMAGE_TAG` | (**DEPRECATED - use `CLAIR_DB_IMAGE` instead**) The Docker image tag for the [postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version, for example, to provide a consistent set of vulnerabilities for integration testing purposes. | `latest` |
| `CLAIR_DB_IMAGE` | The Docker image name and tag for the [Postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version, for example, to provide a consistent set of vulnerabilities for integration testing purposes, or to refer to a locally hosted vulnerabilities database for an on-premise air-gapped installation. | `arminc/clair-db:latest` |
| `CLAIR_DB_IMAGE_TAG` | (**DEPRECATED - use `CLAIR_DB_IMAGE` instead**) The Docker image tag for the [Postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version, for example, to provide a consistent set of vulnerabilities for integration testing purposes. | `latest` |
| `DOCKERFILE_PATH` | The path to the `Dockerfile` to be used for generating remediations. By default, the scanner will look for a file named `Dockerfile` in the root directory of the project, so this variable should only be configured if your `Dockerfile` is in a non-standard location, such as a subdirectory. See [Solutions for vulnerabilities](#solutions-for-vulnerabilities-auto-remediation) for more details. | `Dockerfile` |
## Security Dashboard
......@@ -187,6 +188,19 @@ vulnerabilities in your groups, projects and pipelines. Read more about the
Once a vulnerability is found, you can interact with it. Read more on how to
[interact with the vulnerabilities](../index.md#interacting-with-the-vulnerabilities).
## Solutions for vulnerabilities (auto-remediation)
Some vulnerabilities can be fixed by applying the solution that GitLab
automatically generates.
To enable remediation support, the scanning tool _must_ have access to the `Dockerfile` specified by
the `DOCKERFILE_PATH` environment variable. To ensure that the scanning tool has access to this
file, it's necessary to set [`GIT_STRATEGY: fetch`](../../../ci/yaml/README.md#git-strategy) in
your `.gitlab-ci.yml` file by following the instructions described in this document's
[overriding the Container Scanning template](#overriding-the-container-scanning-template) section.
Read more about the [solutions for vulnerabilities](../index.md#solutions-for-vulnerabilities-auto-remediation).
## Vulnerabilities database update
For more information about the vulnerabilities database update, check the
......
......
......@@ -112,6 +112,7 @@ automatically generates. The following scanners are supported:
- [Dependency Scanning](dependency_scanning/index.md):
Automatic Patch creation is only available for Node.js projects managed with
`yarn`.
- [Container Scanning](container_scanning/index.md)
#### Manually applying the suggested patch
......
......
......@@ -144,8 +144,10 @@ which you can start a new discussion:
![Starting a new discussion on design](img/adding_note_to_design_1.png)
From GitLab 12.8 on, when you are starting a new discussion, you can adjust the badge's position by
dragging it around the image.
[Introduced](https://gitlab.com/gitlab-org/gitlab/issues/34353) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.8,
you can adjust the badge's position by dragging it around the image. This is useful
for when your design layout has changed between revisions, or if you need to move an
existing badge to add a new one in its place.
Different discussions have different badge numbers:
......
......
......@@ -34,3 +34,5 @@ module API
end
end
end
API::Entities::ApplicationSetting.prepend_if_ee('EE::API::Entities::ApplicationSetting')