......@@ -4,10 +4,7 @@ lint-ci-gitlab:
extends:
- .default-tags
- .default-retry
- .default-only
only:
changes:
- "**/*.yml"
- .yaml:rules
image: sdesbure/yamllint:latest
dependencies: []
variables:
......
......
## Description of the proposal
<!--
Please describe the proposal and add a link to the source (for example, http://www.betterspecs.org/).
-->
- [ ] Mention the proposal in the next backend weekly call and the #backend channel to encourage contribution
- [ ] Proceed with the proposal once 50% of the maintainers have weighed in, and 80% of their votes are :+1:
- [ ] Once approved, mention it again in the next backend weekly call and the #backend channel
/label ~"development guidelines"
/label ~"Style decision"
/label ~documentation
/cc @gitlab-org/maintainers/rails-backend
......@@ -36,9 +36,18 @@ Personas are described at https://about.gitlab.com/handbook/marketing/product-ma
Add all known Documentation Requirements here, per https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html#documentation-requirements
If this feature requires changing permissions, this document https://docs.gitlab.com/ee/user/permissions.html must be updated accordingly. -->
### Testing
### Availability & Testing
<!-- What risks does this change pose? How might it affect the quality of the product? What additional test coverage or changes to tests will be needed? Will it require cross-browser testing? See the test engineering process for further help: https://about.gitlab.com/handbook/engineering/quality/test-engineering/ -->
<!-- This section needs to be retained and filled in during the workflow planning breakdown phase of this feature proposal, if not earlier.
What risks does this change pose to our availability? How might it affect the quality of the product? What additional test coverage or changes to tests will be needed? Will it require cross-browser testing?
Please list the test areas (unit, integration and end-to-end) that needs to be added or updated to ensure that this feature will work as intended. Please use the list below as guidance.
* Unit test changes
* Integration test changes
* End-to-end test change
See the test engineering planning process and reach out to your counterpart Software Engineer in Test for assistance: https://about.gitlab.com/handbook/engineering/quality/test-engineering/#test-planning -->
### What does success look like, and how can we measure that?
......
......
<!---
Before opening a new QA failure issue, make sure to first search for it in the
QA failures board: https://gitlab.com/groups/gitlab-org/-/boards/1385578
The issue should have the following:
- The relative path of the failing spec file in the title, e.g. if the login
test fails, include `qa/specs/features/browser_ui/1_manage/login/log_in_spec.rb` in the title.
This is required so that existing issues can easily be found by searching for the spec file.
- If the issue is about multiple test failures, include the path for each failing spec file in the description.
- A link to the failing job.
- The stack trace from the job's logs in the "Stack trace" section below.
- A screenshot (if available), and HTML capture (if available), in the "Screenshot / HTML page" section below.
--->
### Summary
### Stack trace
```
PUT STACK TRACE HERE
```
### Screenshot / HTML page
<!--
Attach the screenshot and HTML snapshot of the page from the job's artifacts:
1. Download the job's artifacts and unarchive them.
1. Open the `gitlab-qa-run-2020-*/gitlab-{ce,ee}-qa-*/{,ee}/{api,browser_ui}/<path to failed test>` folder.
1. Select the `.png` and `.html` files that appears in the job logs (look for `HTML screenshot: /path/to/html/page.html` / `Image screenshot: `/path/to/html/page.png`).
1. Drag and drop them here.
-->
### Possible fixes
<!-- Default due date. -->
/due in 2 weeks
<!-- Base labels. -->
/label ~Quality ~QA ~bug ~S1
<!--
Choose the stage that appears in the test path, e.g. ~"devops::create" for
`qa/specs/features/browser_ui/3_create/web_ide/add_file_template_spec.rb`.
-->
/label ~devops::
<!--
Select a label for where the failure was found, e.g. if the failure occurred in
a nightly pipeline, select ~"found:nightly".
-->
/label ~found:
<!--
https://about.gitlab.com/handbook/engineering/quality/guidelines/#priorities:
- ~P1: Tests that are needed to verify fundamental GitLab functionality.
- ~P2: Tests that deal with external integrations which may take a longer time to debug and fix.
-->
/label ~P
<!-- Select the current milestone if ~P1 or the next milestone if ~P2. -->
/milestone %
......@@ -16,37 +16,27 @@ Set the title to: `Security Release: 12.2.X, 12.1.X, and 12.0.X`
* 12.1.X: {release task link}
* 12.0.X: {release task link}
## Security Issues:
## Issues in GitLab Security
* {https://gitlab.com/gitlab-org/gitlab/issues link}
## Security Issues in dev.gitlab.org:
### CE
- {https://dev.gitlab.org/gitlab/gitlabhq/issues link}
* {https://gitlab.com/gitlab-org/security/gitlab/issues/ link}
| Version | MR |
|---------|----|
| 12.2 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
| 12.1 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
| 12.0 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
| master | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
| 12.2 | {https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests link} |
| 12.1 | {https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests link} |
| 12.0 | {https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests link} |
| master | {https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests link} |
## Issues in Omnibus-GitLab
### EE
* {https://dev.gitlab.org/gitlab/gitlabhq/issues/ link}
* {https://gitlab.com/gitlab-org/security/gitlab/issues/ link}
| Version | MR |
|---------|----|
| 12.2 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
| 12.1 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
| 12.0 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
| master | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
| 12.2 | {https://dev.gitlab.org/gitlab/omnibus-gitlab/merge_requests/ link} |
| 12.1 | {https://dev.gitlab.org/gitlab/omnibus-gitlab/merge_requests/ link} |
| 12.0 | {https://dev.gitlab.org/gitlab/omnibus-gitlab/merge_requests/ link} |
| master | {https://dev.gitlab.org/gitlab/omnibus-gitlab/merge_requests/ link} |
## QA
{QA issue link}
......@@ -54,7 +44,7 @@ Set the title to: `Security Release: 12.2.X, 12.1.X, and 12.0.X`
## Blog post
Dev: {https://dev.gitlab.org/gitlab/www-gitlab-com/merge_requests/ link}<br/>
gitlab.com: {https://gitlab.com/gitlab-com/www-gitlab-com/merge_requests/ link}
GitLab.com: {https://gitlab.com/gitlab-com/www-gitlab-com/merge_requests/ link}
## Email notification
{https://gitlab.com/gitlab-com/marketing/general/issues/ link}
......
......
## Description of the proposal
<!--
Please describe the proposal and add a link to the source (for example, http://www.betterspecs.org/).
-->
### Check-list
- [ ] Make sure this MR enables a static analysis check rule for new usage but
ignores current offenses
- [ ] Create a follow-up issue to fix the current offenses as a separate iteration: ISSUE_LINK
- [ ] Mention this proposal in the relevant Slack channels (e.g. `#development`, `#backend`, `#frontend`)
- [ ] If there is a choice to make between two potential styles, set up an emoji vote in the MR:
- CHOICE_A: :a:
- CHOICE_B: :b:
- Vote yourself for both choices so that people know these are the choices
- [ ] The MR doesn't have significant objections, and is getting a majority of :+1: vs :-1: (remember that [we don't need to reach a consensus](https://about.gitlab.com/handbook/values/#collaboration-is-not-consensus))
- [ ] (If applicable) One style is getting a majority of vote (compared to the other choice)
- [ ] (If applicable) Update the MR with the chosen style
- [ ] Follow the [review process](https://docs.gitlab.com/ee/development/code_review.html) as usual
- [ ] Once approved and merged by a maintainer, mention it again:
- [ ] In the relevant Slack channels (e.g. `#development`, `#backend`, `#frontend`)
- [ ] (Optional depending on the impact of the change) In the Engineering Week in Review
/label ~"Engineering Productivity" ~"Style decision" ~"development guidelines" ~"static analysis"
/cc @gitlab-org/maintainers/rails-backend
......@@ -15,6 +15,13 @@
#
# Uncomment the following lines to make the configuration take effect.
# Make sure to run `cd tooling/overcommit && make && cd -`
gemfile: 'tooling/overcommit/gems.rb'
PostCheckout:
BundleInstall:
enabled: true
PreCommit:
AuthorName:
enabled: false
......@@ -35,6 +42,19 @@ PreCommit:
# on_warn: fail # Treat all warnings as failures
ScssLint:
enabled: true
CommitMsg:
TextWidth:
enabled: true
min_subject_width: 8 # three 2-letter words with 2 spaces
max_subject_width: 72
quiet: false
EmptyMessage:
enabled: true
required: true
description: 'Checking for empty commit message'
#PostCheckout:
# ALL: # Special hook name that customizes all hooks of this type
# quiet: true # Change all post-checkout hooks to only display output on failure
......
......
......@@ -235,12 +235,6 @@ RSpec/FactoriesInMigrationSpecs:
- 'spec/lib/ee/gitlab/background_migration/**/*.rb'
- 'ee/spec/lib/ee/gitlab/background_migration/**/*.rb'
Cop/IncludeActionViewContext:
Enabled: true
Exclude:
- 'spec/**/*'
- 'ee/spec/**/*'
Cop/IncludeSidekiqWorker:
Enabled: true
Exclude:
......@@ -301,30 +295,6 @@ RSpec/AnyInstanceOf:
Enabled: false
# Cops for upgrade to gitlab-styles 3.1.0
Rails/SafeNavigationWithBlank:
Enabled: false
Rails/ApplicationController:
Enabled: false
Rails/ApplicationMailer:
Enabled: false
Rails/RakeEnvironment:
Enabled: false
Rails/HelperInstanceVariable:
Enabled: false
Rails/EnumHash:
Enabled: false
RSpec/ReceiveCounts:
Enabled: false
RSpec/ContextMethod:
Enabled: false
RSpec/ImplicitSubject:
Enabled: false
......@@ -361,8 +331,22 @@ RSpec/MissingExampleGroupArgument:
RSpec/UnspecifiedException:
Enabled: false
# Work in progress. See https://gitlab.com/gitlab-org/gitlab/issues/196163
RSpec/HaveGitlabHttpStatus:
Enabled: false
Enabled: true
Exclude:
- 'spec/support/matchers/have_gitlab_http_status.rb'
Include:
- 'spec/support/**/*'
- 'ee/spec/support/**/*'
- 'spec/features/**/*'
- 'ee/spec/features/**/*'
- 'spec/controllers/**/*'
- 'ee/spec/controllers/**/*'
- 'spec/requests/*.rb'
- 'ee/spec/requests/*.rb'
- 'spec/requests/api/*/**/*.rb'
- 'ee/spec/requests/api/*/**/*.rb'
Style/MultilineWhenThen:
Enabled: false
......
......
This diff is collapsed.
.vale.ini 0 → 100644
# Vale configuration file, taken from https://errata-ai.github.io/vale/config/
# The relative path to the folder containing linting rules (styles)
# -----------------------------------------------------------------
StylesPath = doc/.linting/vale/styles
# Minimum alert level
# -------------------
# The minimum alert level to display (suggestion, warning, or error).
# If integrated into CI, builds fail by default on error-level alerts,
# unless you execute Vale with the --no-exit flag
MinAlertLevel = suggestion
# Should Vale parse any file formats other than .md files as Markdown?
# --------------------------------------------------------------------
[formats]
mdx = md
# What file types should Vale test?
# ----------------------------------
[*.md]
# Styles to load
# --------------
# What styles, located in the StylesPath folder, should Vale load?
# Vale also currently includes write-good, proselint, joblint, and vale
BasedOnStyles = gitlab
# Enabling or disabling specific rules in a style
# -----------------------------------------------
# To disable a rule in an enabled style, use the following format:
# {style}.{filename} = NO
# To enable a single rule in a disabled style, use the following format:
# vale.Editorializing = YES
# Altering the severity of a rule in a style
# ------------------------------------------
# To change the reporting level (suggestion, warning, error) of a rule,
# use the following format: {style}.{filename} = {level}
# vale.Hedging = error
Please view this file on the master branch, on stable branches it's out of date.
## 12.7.6
- No changes.
## 12.7.5
### Fixed (1 change)
......@@ -11,18 +7,10 @@ Please view this file on the master branch, on stable branches it's out of date.
- Fix DB connection pool size for Geo database. !24021
## 12.7.4
- No changes.
## 12.7.3
- No changes.
## 12.7.2
- No changes.
## 12.7.1
### Fixed (1 change)
......@@ -118,6 +106,18 @@ Please view this file on the master branch, on stable branches it's out of date.
- Remove "creations" in gitlab_subscription_histories on gitlab.com. !22278
## 12.6.7
- No changes.
## 12.6.6
- No changes.
## 12.6.5
- No changes.
## 12.6.4
- No changes.
......@@ -230,6 +230,10 @@ Please view this file on the master branch, on stable branches it's out of date.
- Update the alerts used in the Dependency List to follow GitLab design guidelines. !21760
## 12.5.8
- No changes.
## 12.5.5
- No changes.
......
......
......@@ -2,13 +2,6 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
 
## 12.7.6
### Security (1 change)
- Fix ProjectAuthorization calculation for shared groups.
## 12.7.5
 
### Fixed (4 changes, 1 of them is from the community)
......@@ -19,13 +12,6 @@ entry.
- Remove invalid data from issue_tracker_data table.
 
 
## 12.7.4
### Security (1 change)
- Update workhorse to v8.20.0.
## 12.7.3
 
### Security (17 changes, 1 of them is from the community)
......@@ -49,10 +35,6 @@ entry.
- Add workhorse request verification to package upload endpoints.
 
 
## 12.7.2
- No changes.
## 12.7.1
 
### Fixed (6 changes)
......@@ -387,6 +369,45 @@ entry.
- Update the Net-LDAP gem to 0.16.2.
 
 
## 12.6.7
### Security (1 change)
- Fix ProjectAuthorization calculation for shared groups.
## 12.6.6
### Security (1 change)
- Update workhorse to v8.20.0.
## 12.6.5
### Security (19 changes, 1 of them is from the community)
- Update rack-cors to 1.0.6.
- Update rdoc to 6.1.2.
- Bump rubyzip to 2.0.0. (Utkarsh Gupta)
- Cleanup todos for users from a removed linked group.
- Disable access to last_pipeline in commits API for users without read permissions.
- Add constraint to group dependency proxy endpoint param.
- Limit number of AsciiDoc includes per document.
- Prevent API access for unconfirmed users.
- Enforce permission check when counting activity events.
- Prevent gafana integration token from being displayed as a plain text to other project maintainers, by only displaying a masked version of it.
- Fix xss on frequent groups dropdown.
- Fix XSS vulnerability on custom project templates form.
- Protect internal CI builds from external overrides.
- ImportExport::ExportService to require admin_project permission.
- Make sure that only system notes where all references are visible to user are exposed in GraphQL API.
- Disable caching of repository/files/:file_path/raw API endpoint.
- Make cross-repository comparisons happen in the source repository.
- Update excon to 0.71.1 to fix CVE-2019-16779.
- Add workhorse request verification to package upload endpoints.
## 12.6.4
 
### Security (1 change)
......@@ -807,6 +828,35 @@ entry.
- Replace Font Awesome bullhorn icon with GitLab bullhorn icon.
 
 
## 12.5.8
### Security (19 changes, 1 of them is from the community)
- Prevent gafana integration token from being displayed as a plain text to other project maintainers, by only displaying a masked version of it.
- Update rdoc to 6.1.2.
- Bump rubyzip to 2.0.0. (Utkarsh Gupta)
- Cleanup todos for users from a removed linked group.
- Disable access to last_pipeline in commits API for users without read permissions.
- Add constraint to group dependency proxy endpoint param.
- Limit number of AsciiDoc includes per document.
- Prevent API access for unconfirmed users.
- Enforce permission check when counting activity events.
- Update rack-cors to 1.0.6.
- Fix xss on frequent groups dropdown.
- Fix XSS vulnerability on custom project templates form.
- Protect internal CI builds from external overrides.
- ImportExport::ExportService to require admin_project permission.
- Make sure that only system notes where all references are visible to user are exposed in GraphQL API.
- Disable caching of repository/files/:file_path/raw API endpoint.
- Make cross-repository comparisons happen in the source repository.
- Update excon to 0.71.1 to fix CVE-2019-16779.
- Add workhorse request verification to package upload endpoints.
### Changed (1 change, 1 of them is from the community)
- Add template repository usage to the usage ping. !20126 (minghuan lei)
## 12.5.5
 
### Security (1 change)
......
......
1.83.0
263fd270787f96f22d431a8e77dd1f2f4d254d96
2.0.0
2.1.0
1.12.0
1.16.0
8.20.0
8.21.0
source 'https://rubygems.org'
gem 'rails', '5.2.3'
gem 'rails', '6.0.2'
gem 'bootsnap', '~> 1.4'
......@@ -26,14 +26,14 @@ gem 'marginalia', '~> 1.8.0'
# Authentication libraries
gem 'devise', '~> 4.6'
gem 'doorkeeper', '~> 4.3'
gem 'doorkeeper-openid_connect', '~> 1.5'
gem 'doorkeeper', '~> 5.0.2'
gem 'doorkeeper-openid_connect', '~> 1.6.3'
gem 'omniauth', '~> 1.8'
gem 'omniauth-auth0', '~> 2.0.0'
gem 'omniauth-azure-oauth2', '~> 0.0.9'
gem 'omniauth-cas3', '~> 1.1.4'
gem 'omniauth-facebook', '~> 4.0.0'
gem 'omniauth-github', '~> 1.3'
gem 'omniauth-github', '~> 1.4'
gem 'omniauth-gitlab', '~> 1.0.2'
gem 'omniauth-google-oauth2', '~> 0.6.0'
gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos
......@@ -67,7 +67,7 @@ gem 'u2f', '~> 0.2.1'
gem 'validates_hostname', '~> 1.0.6'
gem 'rubyzip', '~> 2.0.0', require: 'zip'
# GitLab Pages letsencrypt support
gem 'acme-client', '~> 2.0.2'
gem 'acme-client', '~> 2.0.5'
# Browser detection
gem 'browser', '~> 2.5'
......@@ -84,10 +84,10 @@ gem 'net-ldap'
# API
gem 'grape', '~> 1.1.0'
gem 'grape-entity', '~> 0.7.1'
gem 'rack-cors', '~> 1.0.0', require: 'rack/cors'
gem 'rack-cors', '~> 1.0.6', require: 'rack/cors'
# GraphQL API
gem 'graphql', '~> 1.9.11'
gem 'graphql', '~> 1.9.12'
# NOTE: graphiql-rails v1.5+ doesn't work: https://gitlab.com/gitlab-org/gitlab/issues/31771
# TODO: remove app/views/graphiql/rails/editors/show.html.erb when https://github.com/rmosolgo/graphiql-rails/pull/71 is released:
# https://gitlab.com/gitlab-org/gitlab/issues/31747
......@@ -149,7 +149,7 @@ gem 'wikicloth', '0.8.1'
gem 'asciidoctor', '~> 2.0.10'
gem 'asciidoctor-include-ext', '~> 0.3.1', require: false
gem 'asciidoctor-plantuml', '0.0.10'
gem 'rouge', '~> 3.11.0'
gem 'rouge', '~> 3.15.0'
gem 'truncato', '~> 0.7.11'
gem 'bootstrap_form', '~> 4.2.0'
gem 'nokogiri', '~> 1.10.5'
......@@ -301,11 +301,11 @@ gem 'sentry-raven', '~> 2.9'
gem 'premailer-rails', '~> 1.10.3'
# LabKit: Tracing and Correlation
gem 'gitlab-labkit', '0.8.0'
gem 'gitlab-labkit', '0.9.1'
# I18n
gem 'ruby_parser', '~> 3.8', require: false
gem 'rails-i18n', '~> 5.1'
gem 'rails-i18n', '~> 6.0'
gem 'gettext_i18n_rails', '~> 1.8.0'
gem 'gettext_i18n_rails_js', '~> 1.3'
gem 'gettext', '~> 3.2.2', require: false, group: :development
......@@ -349,7 +349,7 @@ end
group :development, :test do
gem 'bullet', '~> 6.0.2', require: !!ENV['ENABLE_BULLET']
gem 'pry-byebug', '~> 3.5.1', platform: :mri
gem 'pry-rails', '~> 0.3.4'
gem 'pry-rails', '~> 0.3.9'
gem 'awesome_print', require: false
......@@ -381,8 +381,6 @@ group :development, :test do
gem 'knapsack', '~> 1.17'
gem 'stackprof', '~> 0.2.13', require: false
gem 'simple_po_parser', '~> 1.1.2', require: false
gem 'timecop', '~> 0.8.0'
......@@ -427,6 +425,7 @@ gem 'email_reply_trimmer', '~> 0.1'
gem 'html2text'
gem 'ruby-prof', '~> 1.0.0'
gem 'stackprof', '~> 0.2.15', require: false
gem 'rbtrace', '~> 0.4', require: false
gem 'memory_profiler', '~> 0.9', require: false
gem 'benchmark-memory', '~> 0.1', require: false
......@@ -456,7 +455,7 @@ group :ed25519 do
end
# Gitaly GRPC protocol definitions
gem 'gitaly', '~> 1.81.0'
gem 'gitaly', '~> 1.86.0'
gem 'grpc', '~> 1.24.0'
......@@ -486,3 +485,10 @@ gem 'liquid', '~> 4.0'
# LRU cache
gem 'lru_redux'
gem 'erubi', '~> 1.9.0'
# Locked as long as quoted-printable encoding issues are not resolved
# Monkey-patched in `config/initializers/mail_encoding_patch.rb`
# See https://gitlab.com/gitlab-org/gitlab/issues/197386
gem 'mail', '= 2.7.1'
......@@ -4,52 +4,66 @@ GEM
RedCloth (4.3.2)
abstract_type (0.0.7)
ace-rails-ap (4.1.2)
acme-client (2.0.2)
acme-client (2.0.5)
faraday (~> 0.9, >= 0.9.1)
actioncable (5.2.3)
actionpack (= 5.2.3)
actioncable (6.0.2)
actionpack (= 6.0.2)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailer (5.2.3)
actionpack (= 5.2.3)
actionview (= 5.2.3)
activejob (= 5.2.3)
actionmailbox (6.0.2)
actionpack (= 6.0.2)
activejob (= 6.0.2)
activerecord (= 6.0.2)
activestorage (= 6.0.2)
activesupport (= 6.0.2)
mail (>= 2.7.1)
actionmailer (6.0.2)
actionpack (= 6.0.2)
actionview (= 6.0.2)
activejob (= 6.0.2)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.2.3)
actionview (= 5.2.3)
activesupport (= 5.2.3)
actionpack (6.0.2)
actionview (= 6.0.2)
activesupport (= 6.0.2)
rack (~> 2.0)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.2.3)
activesupport (= 5.2.3)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (6.0.2)
actionpack (= 6.0.2)
activerecord (= 6.0.2)
activestorage (= 6.0.2)
activesupport (= 6.0.2)
nokogiri (>= 1.8.5)
actionview (6.0.2)
activesupport (= 6.0.2)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (5.2.3)
activesupport (= 5.2.3)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
activejob (6.0.2)
activesupport (= 6.0.2)
globalid (>= 0.3.6)
activemodel (5.2.3)
activesupport (= 5.2.3)
activerecord (5.2.3)
activemodel (= 5.2.3)
activesupport (= 5.2.3)
arel (>= 9.0)
activemodel (6.0.2)
activesupport (= 6.0.2)
activerecord (6.0.2)
activemodel (= 6.0.2)
activesupport (= 6.0.2)
activerecord-explain-analyze (0.1.0)
activerecord (>= 4)
pg
activestorage (5.2.3)
actionpack (= 5.2.3)
activerecord (= 5.2.3)
activestorage (6.0.2)
actionpack (= 6.0.2)
activejob (= 6.0.2)
activerecord (= 6.0.2)
marcel (~> 0.3.1)
activesupport (5.2.3)
activesupport (6.0.2)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
zeitwerk (~> 2.2)
acts-as-taggable-on (6.5.0)
activerecord (>= 5.0, < 6.1)
adamantium (0.2.0)
......@@ -62,7 +76,6 @@ GEM
apollo_upload_server (2.0.0.beta.3)
graphql (>= 1.8)
rails (>= 4.2)
arel (9.0.0)
asana (0.9.3)
faraday (~> 0.9)
faraday_middleware (~> 0.9)
......@@ -171,7 +184,7 @@ GEM
unicode_utils (~> 1.4)
crack (0.4.3)
safe_yaml (~> 1.0.0)
crass (1.0.5)
crass (1.0.6)
creole (0.5.0)
css_parser (1.7.0)
addressable
......@@ -198,13 +211,14 @@ GEM
declarative-option (0.1.0)
default_value_for (3.3.0)
activerecord (>= 3.2.0, < 6.1)
derailed_benchmarks (1.3.5)
derailed_benchmarks (1.4.2)
benchmark-ips (~> 2)
get_process_mem (~> 0)
heapy (~> 0)
memory_profiler (~> 0)
rack (>= 1)
rake (> 10, < 13)
rake (> 10, < 14)
ruby-statistics (>= 2.1)
thor (~> 0.19)
descendants_tracker (0.0.4)
thread_safe (~> 0.3, >= 0.3.1)
......@@ -229,10 +243,10 @@ GEM
docile (1.3.1)
domain_name (0.5.20180417)
unf (>= 0.0.5, < 1.0.0)
doorkeeper (4.3.2)
doorkeeper (5.0.2)
railties (>= 4.2)
doorkeeper-openid_connect (1.5.0)
doorkeeper (~> 4.3)
doorkeeper-openid_connect (1.6.3)
doorkeeper (>= 5.0, < 5.2)
json-jwt (~> 1.6)
ed25519 (1.2.4)
elasticsearch (6.8.0)
......@@ -348,7 +362,8 @@ GEM
gemoji (3.0.1)
gemojione (3.3.0)
json
get_process_mem (0.2.3)
get_process_mem (0.2.5)
ffi (~> 1.0)
gettext (3.2.9)
locale (>= 2.0.5)
text (>= 1.3.0)
......@@ -360,12 +375,12 @@ GEM
po_to_json (>= 1.0.0)
rails (>= 3.2.0)
git (1.5.0)
gitaly (1.81.0)
gitaly (1.86.0)
grpc (~> 1.0)
github-markup (1.7.0)
gitlab-chronic (0.10.5)
numerizer (~> 0.2)
gitlab-labkit (0.8.0)
gitlab-labkit (0.9.1)
actionpack (>= 5.0.0, < 6.1.0)
activesupport (>= 5.0.0, < 6.1.0)
grpc (~> 1.19)
......@@ -434,12 +449,13 @@ GEM
activesupport
grape (~> 1.0)
rake (~> 12)
grape_logging (1.7.0)
grape_logging (1.8.3)
grape
rack
graphiql-rails (1.4.10)
railties
sprockets-rails
graphql (1.9.11)
graphql (1.9.12)
graphql-docs (1.6.0)
commonmarker (~> 0.16)
escape_utils (~> 1.2)
......@@ -510,7 +526,7 @@ GEM
mime-types (~> 3.0)
multi_xml (>= 0.5.2)
httpclient (2.8.3)
i18n (1.7.1)
i18n (1.8.2)
concurrent-ruby (~> 1.0)
i18n_data (0.8.0)
icalendar (2.4.1)
......@@ -609,12 +625,12 @@ GEM
memoist (0.16.0)
memoizable (0.4.2)
thread_safe (~> 0.3, >= 0.3.1)
memory_profiler (0.9.13)
memory_profiler (0.9.14)
method_source (0.9.2)
mime-types (3.2.2)
mime-types-data (~> 3.2015)
mime-types-data (3.2019.0331)
mimemagic (0.3.2)
mimemagic (0.3.3)
mini_magick (4.9.5)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
......@@ -672,7 +688,7 @@ GEM
omniauth (~> 1.2)
omniauth-facebook (4.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-github (1.3.0)
omniauth-github (1.4.0)
omniauth (~> 1.5)
omniauth-oauth2 (>= 1.4.0, < 2.0)
omniauth-gitlab (1.0.3)
......@@ -739,7 +755,7 @@ GEM
parslet (1.8.2)
peek (1.1.0)
railties (>= 4.0.0)
pg (1.1.4)
pg (1.2.2)
png_quantizator (0.2.1)
po_to_json (1.0.1)
json (>= 1.6.0)
......@@ -762,7 +778,7 @@ GEM
pry-byebug (3.5.1)
byebug (~> 9.1)
pry (~> 0.10)
pry-rails (0.3.6)
pry-rails (0.3.9)
pry (>= 0.10.4)
public_suffix (4.0.3)
pyu-ruby-sasl (0.0.3.3)
......@@ -787,18 +803,20 @@ GEM
rack-test (1.1.0)
rack (>= 1.0, < 3)
rack-timeout (0.5.1)
rails (5.2.3)
actioncable (= 5.2.3)
actionmailer (= 5.2.3)
actionpack (= 5.2.3)
actionview (= 5.2.3)
activejob (= 5.2.3)
activemodel (= 5.2.3)
activerecord (= 5.2.3)
activestorage (= 5.2.3)
activesupport (= 5.2.3)
rails (6.0.2)
actioncable (= 6.0.2)
actionmailbox (= 6.0.2)
actionmailer (= 6.0.2)
actionpack (= 6.0.2)
actiontext (= 6.0.2)
actionview (= 6.0.2)
activejob (= 6.0.2)
activemodel (= 6.0.2)
activerecord (= 6.0.2)
activestorage (= 6.0.2)
activesupport (= 6.0.2)
bundler (>= 1.3.0)
railties (= 5.2.3)
railties (= 6.0.2)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.4)
actionpack (>= 5.0.1.x)
......@@ -809,15 +827,15 @@ GEM
nokogiri (>= 1.6)
rails-html-sanitizer (1.3.0)
loofah (~> 2.3)
rails-i18n (5.1.1)
rails-i18n (6.0.0)
i18n (>= 0.7, < 2)
railties (>= 5.0, < 6)
railties (5.2.3)
actionpack (= 5.2.3)
activesupport (= 5.2.3)
railties (>= 6.0.0, < 7)
railties (6.0.2)
actionpack (= 6.0.2)
activesupport (= 6.0.2)
method_source
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
thor (>= 0.20.3, < 2.0)
rainbow (3.0.0)
raindrops (0.19.0)
rake (12.3.3)
......@@ -871,7 +889,7 @@ GEM
retriable (3.1.2)
rinku (2.0.0)
rotp (2.1.2)
rouge (3.11.0)
rouge (3.15.0)
rqrcode (0.7.0)
chunky_png
rqrcode-rails3 (0.1.7)
......@@ -937,6 +955,7 @@ GEM
ruby-progressbar (1.10.1)
ruby-saml (1.7.2)
nokogiri (>= 1.5.10)
ruby-statistics (2.1.1)
ruby_dep (1.5.0)
ruby_parser (3.13.1)
sexp_processor (~> 4.9)
......@@ -1018,7 +1037,7 @@ GEM
sprockets (>= 3.0.0)
sqlite3 (1.3.13)
sshkey (2.0.0)
stackprof (0.2.13)
stackprof (0.2.15)
state_machines (0.5.0)
state_machines-activemodel (0.7.1)
activemodel (>= 4.1)
......@@ -1111,9 +1130,9 @@ GEM
hashdiff
webpack-rails (0.9.11)
railties (>= 3.2.0)
websocket-driver (0.7.0)
websocket-driver (0.7.1)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.3)
websocket-extensions (0.1.4)
wikicloth (0.8.1)
builder
expression_parser
......@@ -1122,6 +1141,7 @@ GEM
xml-simple (1.1.5)
xpath (3.2.0)
nokogiri (~> 1.8)
zeitwerk (2.2.2)
PLATFORMS
ruby
......@@ -1129,7 +1149,7 @@ PLATFORMS
DEPENDENCIES
RedCloth (~> 4.3.2)
ace-rails-ap (~> 4.1.0)
acme-client (~> 2.0.2)
acme-client (~> 2.0.5)
activerecord-explain-analyze (~> 0.1)
acts-as-taggable-on (~> 6.0)
addressable (~> 2.7)
......@@ -1177,14 +1197,15 @@ DEPENDENCIES
diff_match_patch (~> 0.1.0)
diffy (~> 3.1.0)
discordrb-webhooks-blackst0ne (~> 3.3)
doorkeeper (~> 4.3)
doorkeeper-openid_connect (~> 1.5)
doorkeeper (~> 5.0.2)
doorkeeper-openid_connect (~> 1.6.3)
ed25519 (~> 1.2)
elasticsearch-api (~> 6.8)
elasticsearch-model (~> 6.1)
elasticsearch-rails (~> 6.1)
email_reply_trimmer (~> 0.1)
email_spec (~> 2.2.0)
erubi (~> 1.9.0)
escape_utils (~> 1.1)
factory_bot_rails (~> 5.1.0)
faraday (~> 0.12)
......@@ -1209,10 +1230,10 @@ DEPENDENCIES
gettext (~> 3.2.2)
gettext_i18n_rails (~> 1.8.0)
gettext_i18n_rails_js (~> 1.3)
gitaly (~> 1.81.0)
gitaly (~> 1.86.0)
github-markup (~> 1.7.0)
gitlab-chronic (~> 0.10.5)
gitlab-labkit (= 0.8.0)
gitlab-labkit (= 0.9.1)
gitlab-license (~> 1.0)
gitlab-markup (~> 1.7.0)
gitlab-net-dns (~> 0.9.1)
......@@ -1231,7 +1252,7 @@ DEPENDENCIES
grape-path-helpers (~> 1.2)
grape_logging (~> 1.7)
graphiql-rails (~> 1.4.10)
graphql (~> 1.9.11)
graphql (~> 1.9.12)
graphql-docs (~> 1.6.0)
grpc (~> 1.24.0)
gssapi
......@@ -1262,6 +1283,7 @@ DEPENDENCIES
lograge (~> 0.5)
loofah (~> 2.2)
lru_redux
mail (= 2.7.1)
mail_room (~> 0.10.0)
marginalia (~> 1.8.0)
memory_profiler (~> 0.9)
......@@ -1282,7 +1304,7 @@ DEPENDENCIES
omniauth-azure-oauth2 (~> 0.0.9)
omniauth-cas3 (~> 1.1.4)
omniauth-facebook (~> 4.0.0)
omniauth-github (~> 1.3)
omniauth-github (~> 1.4)
omniauth-gitlab (~> 1.0.2)
omniauth-google-oauth2 (~> 0.6.0)
omniauth-kerberos (~> 0.3.0)
......@@ -1302,16 +1324,16 @@ DEPENDENCIES
premailer-rails (~> 1.10.3)
prometheus-client-mmap (~> 0.10.0)
pry-byebug (~> 3.5.1)
pry-rails (~> 0.3.4)
pry-rails (~> 0.3.9)
rack (~> 2.0.7)
rack-attack (~> 6.2.0)
rack-cors (~> 1.0.0)
rack-cors (~> 1.0.6)
rack-oauth2 (~> 1.9.3)
rack-proxy (~> 0.6.0)
rack-timeout
rails (= 5.2.3)
rails (= 6.0.2)
rails-controller-testing
rails-i18n (~> 5.1)
rails-i18n (~> 6.0)
rainbow (~> 3.0)
raindrops (~> 0.18)
rblineprof (~> 0.3.6)
......@@ -1325,7 +1347,7 @@ DEPENDENCIES
request_store (~> 1.3)
responders (~> 3.0)
retriable (~> 3.1.2)
rouge (~> 3.11.0)
rouge (~> 3.15.0)
rqrcode-rails3 (~> 0.1.7)
rspec-parameterized
rspec-rails (~> 4.0.0.beta3)
......@@ -1360,7 +1382,7 @@ DEPENDENCIES
spring-commands-rspec (~> 1.0.4)
sprockets (~> 3.7.0)
sshkey (~> 2.0)
stackprof (~> 0.2.13)
stackprof (~> 0.2.15)
state_machines-activerecord (~> 0.6.0)
sys-filesystem (~> 1.1.6)
test-prof (~> 0.10.0)
......
......
......@@ -2,7 +2,7 @@
# More info at https://github.com/guard/guard#readme
cmd = ENV['SPRING'] ? 'spring rspec' : 'bundle exec rspec'
cmd = ENV['GUARD_CMD'] || (ENV['SPRING'] ? 'spring rspec' : 'bundle exec rspec')
guard :rspec, cmd: cmd do
require "guard/rspec/dsl"
......
......
......@@ -82,9 +82,9 @@ GitLab is a Ruby on Rails application that runs on the following software:
- Ruby (MRI) 2.6.5
- Git 2.8.4+
- Redis 2.8+
- PostgreSQL (preferred) or MySQL
- PostgreSQL 9.6+
For more information please see the [architecture documentation](https://docs.gitlab.com/ce/development/architecture.html).
For more information please see the [architecture](https://docs.gitlab.com/ee/development/architecture.html) and [requirements](https://docs.gitlab.com/ee/install/requirements.html) documentation.
## UX design
......
......