diff --git a/.babelrc b/.babelrc deleted file mode 100644 index 50d85f58d69507095a853e3220dac8a4d601c4b5..0000000000000000000000000000000000000000 --- a/.babelrc +++ /dev/null @@ -1,25 +0,0 @@ -{ - "presets": [["latest", { "es2015": { "modules": false } }], "stage-2"], - "env": { - "karma": { - "plugins": ["rewire"] - }, - "coverage": { - "plugins": [ - [ - "istanbul", - { - "exclude": ["spec/javascripts/**/*", "app/assets/javascripts/locale/**/app.js"] - } - ], - [ - "transform-define", - { - "process.env.BABEL_ENV": "coverage" - } - ], - "rewire" - ] - } - } -} diff --git a/.babelrc.js b/.babelrc.js new file mode 100644 index 0000000000000000000000000000000000000000..27caf378b99401bb80c5279bd61587f5e17b2170 --- /dev/null +++ b/.babelrc.js @@ -0,0 +1,38 @@ +const BABEL_ENV = process.env.BABEL_ENV || process.env.NODE_ENV || null; + +const presets = [ + [ + '@babel/preset-env', + { + modules: false, + targets: { + ie: '11', + }, + }, + ], +]; + +// include stage 3 proposals +const plugins = [ + '@babel/plugin-syntax-dynamic-import', + '@babel/plugin-syntax-import-meta', + '@babel/plugin-proposal-class-properties', + '@babel/plugin-proposal-json-strings', +]; + +// add code coverage tooling if necessary +if (BABEL_ENV === 'coverage') { + plugins.push([ + 'babel-plugin-istanbul', + { + exclude: ['spec/javascripts/**/*', 'app/assets/javascripts/locale/**/app.js'], + }, + ]); +} + +// add rewire support when running tests +if (BABEL_ENV === 'karma' || BABEL_ENV === 'coverage') { + plugins.push('babel-plugin-rewire'); +} + +module.exports = { presets, plugins }; diff --git a/.eslintrc.yml b/.eslintrc.yml index f851e3b67e6b889f4fe2b69ce54ea98c620d7fd9..fe0d5f5dce37f983cf77beb85687df1af5bc8a14 100644 --- a/.eslintrc.yml +++ b/.eslintrc.yml @@ -1,77 +1,37 @@ ---- -env: - browser: true - es6: true extends: - - airbnb-base - - plugin:vue/recommended + - '@gitlab' globals: __webpack_public_path__: true gl: false gon: false localStorage: false -parserOptions: - parser: babel-eslint plugins: - - filenames - import - html - - promise settings: html/html-extensions: - - ".html" - - ".html.raw" + - '.html' + - '.html.raw' import/resolver: webpack: - config: "./config/webpack.config.js" + config: './config/webpack.config.js' rules: - filenames/match-regex: - - error - - "^[a-z0-9_]+$" import/no-commonjs: error - no-multiple-empty-lines: - - error - - max: 1 - promise/catch-or-return: error no-underscore-dangle: - error - allow: - - __ - - _links - no-mixed-operators: off - vue/html-self-closing: - - error - - html: - void: always - normal: never - component: always - svg: always - math: always - ## Conflicting rules with prettier: - space-before-function-paren: off - curly: off - arrow-parens: off - function-paren-newline: off - object-curly-newline: off - padded-blocks: off - # Disabled for now, to make the eslint 3 -> eslint 4 update smoother - ## Indent rule. We are using the old for now: https://eslint.org/docs/user-guide/migrating-to-4.0.0#indent-rewrite - indent: off - indent-legacy: + - __ + - _links + # Disabled for now, to make the airbnb-base 12.1.0 -> 13.1.0 update smoother + no-else-return: - error - - 2 - - SwitchCase: 1 - VariableDeclarator: 1 - outerIIFEBody: 1 - FunctionDeclaration: - parameters: 1 - body: 1 - FunctionExpression: - parameters: 1 - body: 1 - ## Destructuring: https://eslint.org/docs/rules/prefer-destructuring - prefer-destructuring: off - ## no-restricted-globals: https://eslint.org/docs/rules/no-restricted-globals - no-restricted-globals: off - ## no-multi-assign: https://eslint.org/docs/rules/no-multi-assign - no-multi-assign: off + - allowElseIf: true + import/no-useless-path-segments: off + lines-between-class-members: off + # Disabled for now, to make the plugin-vue 4.5 -> 5.0 update smoother + vue/html-closing-bracket-newline: off + vue/html-closing-bracket-spacing: off + vue/no-confusing-v-for-v-if: error + vue/no-unused-components: off + vue/no-use-v-if-with-v-for: off + vue/no-v-html: off diff --git a/.flayignore b/.flayignore deleted file mode 100644 index 7faa6c7bb90dd1b27d9b88b896c9fdff133139a5..0000000000000000000000000000000000000000 --- a/.flayignore +++ /dev/null @@ -1,16 +0,0 @@ -*.erb -lib/gitlab/sanitizers/svg/whitelist.rb -lib/gitlab/diff/position_tracer.rb -app/policies/project_policy.rb -app/models/concerns/relative_positioning.rb -app/workers/stuck_merge_jobs_worker.rb -lib/gitlab/redis/*.rb -lib/gitlab/gitaly_client/operation_service.rb -lib/gitlab/background_migration/* -app/models/project_services/kubernetes_service.rb -lib/gitlab/workhorse.rb -lib/gitlab/ci/trace/chunked_io.rb -lib/gitlab/gitaly_client/ref_service.rb -lib/gitlab/gitaly_client/commit_service.rb -lib/gitlab/git/commit.rb -lib/gitlab/git/tag.rb diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000000000000000000000000000000000000..f1c41c9bb76cd2d6e6749e51e5a8680a2ad67b70 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +Dangerfile gitlab-language=ruby diff --git a/.gitignore b/.gitignore index 51b77d5ac9e7a4a88226bbcd200a6c933f8d6ce2..82b3d08f7a88f2370c7f15ca70aaa480e1c7bed9 100644 --- a/.gitignore +++ b/.gitignore @@ -29,7 +29,7 @@ eslint-report.html /app/assets/javascripts/locale/**/app.js /backups/* /config/aws.yml -/config/database.yml +/config/database*.yml /config/gitlab.yml /config/gitlab_ci.yml /config/initializers/rack_attack.rb @@ -76,3 +76,6 @@ eslint-report.html /.rspec /plugins/* /.gitlab_pages_secret +package-lock.json +/junit_rspec.xml +/junit_karma.xml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e366538d907ad229b1f59c5f945797a0176ba094..c652b6c75e2e34ac8376e4857104e030500b3820 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,4 +1,4 @@ -image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.4.4-golang-1.9-git-2.17-chrome-65.0-node-8.x-yarn-1.2-postgresql-9.6-graphicsmagick-1.3.29" +image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.4.4-golang-1.9-git-2.18-chrome-69.0-node-8.x-yarn-1.2-postgresql-9.6-graphicsmagick-1.3.29" .dedicated-runner: &dedicated-runner retry: 1 @@ -67,10 +67,7 @@ stages: .use-pg: &use-pg services: - # As of Jan 2018, we don't have a strong reason to upgrade to 9.6 for CI yet, - # so using the least common denominator ensures backwards compatibility - # (as many users are still using 9.2). - - postgres:9.2 + - postgres:9.6 - redis:alpine .use-mysql: &use-mysql @@ -86,14 +83,16 @@ stages: .rails5: &rails5 allow_failure: true only: - - /rails5/ + variables: + - $CI_COMMIT_REF_NAME =~ /rails5/ + - $RAILS5_ENABLED variables: BUNDLE_GEMFILE: "Gemfile.rails5" RAILS5: "true" # Skip all jobs except the ones that begin with 'docs/'. # Used for commits including ONLY documentation changes. -# https://docs.gitlab.com/ce/development/writing_documentation.html#testing +# https://docs.gitlab.com/ce/development/documentation/#testing .except-docs: &except-docs except: - /(^docs[\/-].*|.*-docs$)/ @@ -128,8 +127,7 @@ stages: .single-script-job: &single-script-job image: ruby:2.4-alpine - before_script: [] - stage: build + stage: test cache: {} dependencies: [] variables: &single-script-job-variables @@ -169,7 +167,7 @@ stages: - '[[ -f $FLAKY_RSPEC_REPORT_PATH ]] || echo "{}" > ${FLAKY_RSPEC_REPORT_PATH}' - '[[ -f $NEW_FLAKY_RSPEC_REPORT_PATH ]] || echo "{}" > ${NEW_FLAKY_RSPEC_REPORT_PATH}' - scripts/gitaly-test-spawn - - knapsack rspec "--color --format documentation" + - knapsack rspec "--color --format documentation --format RspecJunitFormatter --out junit_rspec.xml" artifacts: expire_in: 31d when: always @@ -178,6 +176,8 @@ stages: - knapsack/ - rspec_flaky/ - tmp/capybara/ + reports: + junit: junit_rspec.xml .rspec-metadata-pg: &rspec-metadata-pg <<: *rspec-metadata @@ -220,18 +220,6 @@ stages: paths: - log/development.log -# Review docs base -.review-docs: &review-docs - <<: *dedicated-runner - <<: *except-qa - <<: *single-script-job - variables: - <<: *single-script-job-variables - SCRIPT_NAME: trigger-build-docs - when: manual - only: - - branches - # DB migration, rollback, and seed jobs .db-migrate-reset: &db-migrate-reset <<: *dedicated-no-docs-and-no-qa-pull-cache-job @@ -264,40 +252,71 @@ package-and-qa: <<: *single-script-job variables: <<: *single-script-job-variables - SCRIPT_NAME: trigger-build-omnibus + SCRIPT_NAME: trigger-build retry: 0 script: - - ./$SCRIPT_NAME + - gem install gitlab --no-document + - ./$SCRIPT_NAME omnibus when: manual only: - //@gitlab-org/gitlab-ce - //@gitlab-org/gitlab-ee -# Trigger a docs build in gitlab-docs -# Useful to preview the docs changes live -review-docs-deploy: - <<: *review-docs - stage: build +# Review docs base +.review-docs: &review-docs + <<: *dedicated-runner + <<: *single-script-job + variables: + <<: *single-script-job-variables + SCRIPT_NAME: trigger-build-docs environment: - name: review-docs/$CI_COMMIT_REF_NAME + name: review-docs/$CI_COMMIT_REF_SLUG # DOCS_REVIEW_APPS_DOMAIN and DOCS_GITLAB_REPO_SUFFIX are secret variables # Discussion: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14236/diffs#note_40140693 - url: http://$DOCS_GITLAB_REPO_SUFFIX-$CI_COMMIT_REF_SLUG.$DOCS_REVIEW_APPS_DOMAIN/$DOCS_GITLAB_REPO_SUFFIX + url: http://$CI_ENVIRONMENT_SLUG.$DOCS_REVIEW_APPS_DOMAIN/$DOCS_GITLAB_REPO_SUFFIX on_stop: review-docs-cleanup + +# Trigger a manual docs build in gitlab-docs only on non docs-only branches. +# Useful to preview the docs changes live. +review-docs-deploy-manual: + <<: *review-docs + stage: build + script: + - gem install gitlab --no-document + - ./$SCRIPT_NAME deploy + when: manual + only: + - branches@gitlab-org/gitlab-ce + - branches@gitlab-org/gitlab-ee + <<: *except-docs-and-qa + +# Always trigger a docs build in gitlab-docs only on docs-only branches. +# Useful to preview the docs changes live. +review-docs-deploy: + <<: *review-docs + stage: post-test script: - - gem install gitlab --no-ri --no-rdoc + - gem install gitlab --no-document - ./$SCRIPT_NAME deploy + only: + - /(^docs[\/-].*|.*-docs$)/@gitlab-org/gitlab-ce + - /(^docs[\/-].*|.*-docs$)/@gitlab-org/gitlab-ee + <<: *except-qa # Cleanup remote environment of gitlab-docs review-docs-cleanup: <<: *review-docs stage: post-cleanup environment: - name: review-docs/$CI_COMMIT_REF_NAME + name: review-docs/$CI_COMMIT_REF_SLUG action: stop script: - - gem install gitlab --no-ri --no-rdoc - - ./SCRIPT_NAME cleanup + - gem install gitlab --no-document + - ./$SCRIPT_NAME cleanup + when: manual + only: + - branches@gitlab-org/gitlab-ce + - branches@gitlab-org/gitlab-ee ## # Trigger a docker image build in CNG (Cloud Native GitLab) repository @@ -305,16 +324,14 @@ review-docs-cleanup: cloud-native-image: image: ruby:2.4-alpine before_script: [] - stage: build + stage: test allow_failure: true variables: GIT_DEPTH: "1" cache: {} - before_script: - - gem install gitlab --no-rdoc --no-ri - - chmod 755 ./scripts/trigger-build-cloud-native script: - - ./scripts/trigger-build-cloud-native + - gem install gitlab --no-document + - CNG_PROJECT_PATH="gitlab-org/build/CNG" BUILD_TRIGGER_TOKEN=$CI_JOB_TOKEN ./scripts/trigger-build cng only: - tags@gitlab-org/gitlab-ce - tags@gitlab-org/gitlab-ee @@ -346,7 +363,7 @@ update-tests-metadata: - rspec_flaky/ policy: push script: - - retry gem install fog-aws mime-types activesupport --no-ri --no-rdoc + - retry gem install fog-aws mime-types activesupport --no-document - scripts/merge-reports ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/rspec-pg_node_*.json - scripts/merge-reports ${FLAKY_RSPEC_SUITE_REPORT_PATH} rspec_flaky/all_*_*.json - FLAKY_RSPEC_GENERATE_REPORT=1 scripts/prune-old-flaky-specs ${FLAKY_RSPEC_SUITE_REPORT_PATH} @@ -394,7 +411,11 @@ compile-assets: - date - yarn install --frozen-lockfile --cache-folder .yarn-cache - date + - free -m - bundle exec rake gitlab:assets:compile + variables: + # we override the max_old_space_size to prevent OOM errors + NODE_OPTIONS: --max_old_space_size=3584 artifacts: expire_in: 7d paths: @@ -411,6 +432,7 @@ setup-test-env: script: - bundle exec ruby -Ispec -e 'require "spec_helper" ; TestEnv.init' - scripts/gitaly-test-build # Do not use 'bundle exec' here + - BUNDLE_GEMFILE=Gemfile.rails5 bundle install $BUNDLE_INSTALL_FLAGS artifacts: expire_in: 7d paths: @@ -418,6 +440,28 @@ setup-test-env: - config/secrets.yml - vendor/gitaly-ruby +danger-review: + <<: *pull-cache + image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger + stage: test + allow_failure: true + dependencies: [] + before_script: [] + only: + variables: + - $DANGER_GITLAB_API_TOKEN + except: + refs: + - master + variables: + - $CI_COMMIT_REF_NAME =~ /^ce-to-ee-.*/ + - $CI_COMMIT_REF_NAME =~ /.*-stable(-ee)?-prepare-.*/ + script: + - git version + - node --version + - yarn install --frozen-lockfile --cache-folder .yarn-cache + - danger --fail-on-errors=true + rspec-pg 0 30: *rspec-metadata-pg rspec-pg 1 30: *rspec-metadata-pg rspec-pg 2 30: *rspec-metadata-pg @@ -562,7 +606,7 @@ static-analysis: docs lint: <<: *dedicated-runner <<: *except-qa - image: "registry.gitlab.com/gitlab-org/gitlab-build-images:nanoc-bootstrap-ruby-2.4-alpine" + image: "registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-docs-lint" stage: test cache: {} dependencies: [] @@ -570,8 +614,8 @@ docs lint: script: - scripts/lint-doc.sh - scripts/lint-changelog-yaml - - mv doc/ /nanoc/content/ - - cd /nanoc + - mv doc/ /tmp/gitlab-docs/content/ + - cd /tmp/gitlab-docs # Build HTML from Markdown - bundle exec nanoc # Check the internal links @@ -586,6 +630,12 @@ downtime_check: - /(^docs[\/-].*|.*-docs$)/ - /(^qa[\/-].*|.*-qa$)/ +rails5_gemfile_lock_check: + <<: *dedicated-no-docs-no-db-pull-cache-job + <<: *except-docs-and-qa + script: + - scripts/rails5-gemfile-lock-check + ee_compat_check: <<: *rake-exec except: @@ -657,17 +707,20 @@ gitlab:assets:compile: SETUP_DB: "false" SKIP_STORAGE_VALIDATION: "true" WEBPACK_REPORT: "true" - NO_COMPRESSION: "true" + # we override the max_old_space_size to prevent OOM errors + NODE_OPTIONS: --max_old_space_size=3584 script: - date - yarn install --frozen-lockfile --production --cache-folder .yarn-cache - date + - free -m - bundle exec rake gitlab:assets:compile artifacts: name: webpack-report expire_in: 31d paths: - webpack-report/ + - public/assets/ karma: <<: *dedicated-no-docs-and-no-qa-pull-cache-job @@ -675,6 +728,9 @@ karma: dependencies: - compile-assets - setup-test-env + variables: + # we override the max_old_space_size to prevent OOM errors + NODE_OPTIONS: --max_old_space_size=3584 script: - export BABEL_ENV=coverage CHROME_LOG_FILE=chrome_debug.log - date @@ -689,8 +745,10 @@ karma: paths: - chrome_debug.log - coverage-javascript/ + reports: + junit: junit_karma.xml -codequality: +code_quality: <<: *dedicated-no-docs-no-db-pull-cache-job image: docker:stable allow_failure: true @@ -708,9 +766,13 @@ codequality: script: # Extract "MAJOR.MINOR" from CI_SERVER_VERSION and generate "MAJOR-MINOR-stable" for Security Products - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/') - - docker run --env SOURCE_CODE="$PWD" --volume "$PWD":/code --volume /var/run/docker.sock:/var/run/docker.sock "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code + - docker run + --env SOURCE_CODE="$PWD" + --volume "$PWD":/code + --volume /var/run/docker.sock:/var/run/docker.sock + "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code artifacts: - paths: [codeclimate.json] + paths: [gl-code-quality-report.json] expire_in: 1 week sast: @@ -801,8 +863,6 @@ lint:javascript:report: - setup-test-env before_script: [] script: - - date - - find app/ spec/ -name '*.js' -exec sed --in-place 's|/\* eslint-disable .*\*/||' {} \; # run report over all files - date - yarn run eslint-report || true # ignore exit code artifacts: diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS new file mode 100644 index 0000000000000000000000000000000000000000..a4b773b15a9d2d91fa9927306e3c9d8bd8114229 --- /dev/null +++ b/.gitlab/CODEOWNERS @@ -0,0 +1,20 @@ +# Backend Maintainers are the default for all ruby files +*.rb @ayufan @DouweM @dzaporozhets @grzesiek @nick.thomas @rspeicher @rymai @smcgivern +*.rake @ayufan @DouweM @dzaporozhets @grzesiek @nick.thomas @rspeicher @rymai @smcgivern + +# Technical writing team are the default reviewers for everything in `doc/` +/doc/ @axil @marcia + +# Frontend maintainers should see everything in `app/assets/` +app/assets/ @ClemMakesApps @fatihacet @filipa @iamphill @mikegreiling @timzallmann +*.scss @annabeldunstone @ClemMakesApps @fatihacet @filipa @iamphill @mikegreiling @timzallmann + +# Someone from the database team should review changes in `db/` +db/ @abrandl @NikolayS + +# Feature specific owners +/ee/lib/gitlab/code_owners/ @reprazent +/ee/lib/ee/gitlab/auth/ldap/ @dblessing @mkozono +/lib/gitlab/auth/ldap/ @dblessing @mkozono +/lib/gitlab/ci/templates/ @nolith @zj +/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @DylanGriffith @mayra-cabrera @tkuah diff --git a/.gitlab/issue_templates/Acceptance_Testing.md b/.gitlab/issue_templates/Acceptance_Testing.md new file mode 100644 index 0000000000000000000000000000000000000000..f1fbb96ce6115a9a6db5708081b97078f801f73d --- /dev/null +++ b/.gitlab/issue_templates/Acceptance_Testing.md @@ -0,0 +1,100 @@ +## Details +- **Feature Toggle Name**: `FEATURE_NAME` +- **Required GitLab Version**: `vX.X` + +-------------------------------------------------------------------------------- + +## 1. Preparation + +- [ ] **Controllers and workers**: + 1. Please link to dashboards of the workers, and the controllers and actions that can be impacted + 2. ... + 3. ... + +## 2. Development Trial + +#### Check Dev Server Versions +- [ ] GitLab: https://dev.gitlab.org/help + +#### Enable on `dev.gitlab.org`: +- [ ] `/chatops feature set FEATURE_NAME true --dev` in [`#dev-gitlab`](https://gitlab.slack.com/messages/C6WQ87MU3) + +Then leave running while monitoring and performing some testing through web, api or SSH. + +#### Monitor + +- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net) +- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana) +- [ ] [Check for errors in GitLab Dev Sentry](https://sentry.gitlap.com/gitlab/devgitlaborg/?query=is%3Aunresolved) + +## 2. Staging Trial + +#### Check Staging Server Versions +- [ ] GitLab: https://staging.gitlab.com/help + +#### Enable on `staging.gitlab.com` +- [ ] `/chatops run feature set FEATURE_NAME true --staging` in [`#development`](https://gitlab.slack.com/messages/C02PF508L/) + +Then leave running while monitoring for at least **15 minutes** while performing some testing through web, api or SSH. + +#### Monitor + +- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net) +- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana) +- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved) + +## 4. Production Server Version Check + +- [ ] GitLab: https://gitlab.com/help + +## 5. Initial Impact Check + +- [ ] Enable for a subset of users, when using percentage gates: 1%. + +Then leave running while monitoring for at least **15 minutes** while performing some testing through web, api or SSH. + +#### Monitor + +- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net) +- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana) +- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved) + +## 6. Low Impact Check + +- [ ] Enable for a bigger subset of users, when using percentage gates: 10%. + +Then leave running while monitoring for at least **30 minutes** while performing some testing through web, api or SSH. + +#### Monitor + +- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net) +- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana) +- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved) + +## 7. Mid Impact Trial + +- [ ] Enable for a big subset of users, when using percentage gates: 50%. + +Then leave running while monitoring for at least **12 hours** while performing some testing through web, api or SSH. + +#### Monitor + +- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net) +- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana) +- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved) + +## 8. Full Impact Trial + +- [ ] Enable for all users: `/chatops run feature set FEATURE_NAME true + +Then leave running while monitoring for at least **1 week**. + +#### Monitor + +- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net) +- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana) +- [ ] [Check for errors in GitLab Dev Sentry](https://sentry.gitlap.com/gitlab/devgitlaborg/?query=is%3Aunresolved) + +#### Success? + +- [ ] Remove the feature gate from the code, and close this issue with that MR. diff --git a/.gitlab/issue_templates/Documentation.md b/.gitlab/issue_templates/Documentation.md new file mode 100644 index 0000000000000000000000000000000000000000..b33ed5bcaa846468e86578fdc0a5b18afa989134 --- /dev/null +++ b/.gitlab/issue_templates/Documentation.md @@ -0,0 +1,54 @@ + + + + + + + + +- [ ] Documents Feature A +- [ ] Follow-up from: #XXX, !YYY + +## New doc or update? + + + +- [ ] New documentation +- [ ] Update existing documentation + +## Checklists + +### Product Manager + + + +- [ ] Add the correct labels +- [ ] Add the correct milestone +- [ ] Indicate the correct document/directory for this feature +- [ ] Fill the doc blurb below + +#### Documentation blurb + + + +- Doc **title** + + + +- Feature **overview/description** + + + +- Feature **use cases** + + + +### Developer + + + +- [ ] Copy the doc blurb above and paste it into the doc +- [ ] Write the tutorial - explain how to use the feature +- [ ] Submit the MR using the appropriate MR description template + +/label ~Documentation diff --git a/.gitlab/issue_templates/Feature Proposal.md b/.gitlab/issue_templates/Feature proposal.md similarity index 100% rename from .gitlab/issue_templates/Feature Proposal.md rename to .gitlab/issue_templates/Feature proposal.md diff --git a/.gitlab/issue_templates/Research Proposal.md b/.gitlab/issue_templates/Research proposal.md similarity index 100% rename from .gitlab/issue_templates/Research Proposal.md rename to .gitlab/issue_templates/Research proposal.md diff --git a/.gitlab/issue_templates/Security Developer Workflow.md b/.gitlab/issue_templates/Security developer workflow.md similarity index 92% rename from .gitlab/issue_templates/Security Developer Workflow.md rename to .gitlab/issue_templates/Security developer workflow.md index 0c878dbf64c119e9e75d27933f42564b83253d77..64b54b171f7d5b891aa52528f574a5168129d624 100644 --- a/.gitlab/issue_templates/Security Developer Workflow.md +++ b/.gitlab/issue_templates/Security developer workflow.md @@ -12,7 +12,7 @@ Set the title to: `[Security] Description of the original issue` - [ ] Link to the original issue adding it to the [links section](#links) - [ ] Run `scripts/security-harness` in the CE, EE, and/or Omnibus to prevent pushing to any remote besides `dev.gitlab.org` - [ ] Create an MR targetting `org` `master`, prefixing your branch with `security-` -- [ ] Label your MR with the ~security label, prefix the title with `WIP: [master]` +- [ ] Label your MR with the ~security label, prefix the title with `WIP: [master]` - [ ] Add a link to the MR to the [links section](#links) - [ ] Add a link to an EE MR if required - [ ] Make sure the MR remains in-progress and gets approved after the review cycle, **but never merged**. @@ -22,13 +22,13 @@ Set the title to: `[Security] Description of the original issue` - [ ] Once the MR is ready to be merged, create MRs targetting the last 3 releases - [ ] At this point, it might be easy to squash the commits from the MR into one - - You can use the script `bin/secpick` instead of the following steps, to help you cherry-picking. See the [seckpick documentation] + - You can use the script `bin/secpick` instead of the following steps, to help you cherry-picking. See the [secpick documentation] - [ ] Create the branch `security-X-Y` from `X-Y-stable` if it doesn't exist (and make sure it's up to date with stable) - [ ] Create each MR targetting the security branch `security-X-Y` - [ ] Add the ~security label and prefix with the version `WIP: [X.Y]` the title of the MR - [ ] Make sure all MRs have a link in the [links section](#links) and are assigned to a Release Manager. -[seckpick documentation]: https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#secpick-script +[secpick documentation]: https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#secpick-script #### Documentation and final details @@ -39,6 +39,7 @@ Set the title to: `[Security] Description of the original issue` - [ ] Add the nickname of the external user who found the issue (and/or HackerOne profile) to the Thanks row in the [details section](#details) ### Summary + #### Links | Description | Link | @@ -67,4 +68,4 @@ Set the title to: `[Security] Description of the original issue` [security process for developers]: https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md [RM list]: https://about.gitlab.com/release-managers/ -/label ~security +/label ~security diff --git a/.gitlab/issue_templates/Test plan.md b/.gitlab/issue_templates/Test plan.md new file mode 100644 index 0000000000000000000000000000000000000000..db8e30c419c6b7130e9f95d640cdc8dd08ed985d --- /dev/null +++ b/.gitlab/issue_templates/Test plan.md @@ -0,0 +1,96 @@ +# Test Plan + + + +## Introduction + + + +## Scope + + + +## ACC Matrix + + + +| | Secure | Responsive | Intuitive | Reliable | +|------------|:------:|:----------:|:---------:|:--------:| +| Admin | | | | | +| Groups | | | | | +| Project | | | | | +| Repository | | | | | +| Issues | | | | | +| MRs | | | | | +| CI/CD | | | | | +| Ops | | | | | +| Registry | | | | | +| Wiki | | | | | +| Snippets | | | | | +| Settings | | | | | +| Tracking | | | | | +| API | | | | | + +## Capabilities + + + +## Test Plan + + + +/label ~Quality ~"test plan" \ No newline at end of file diff --git a/.gitlab/merge_request_templates/Change documentation location.md b/.gitlab/merge_request_templates/Change documentation location.md new file mode 100644 index 0000000000000000000000000000000000000000..b4a6d2bd3b4b6de1906eb659bb404a598d476138 --- /dev/null +++ b/.gitlab/merge_request_templates/Change documentation location.md @@ -0,0 +1,32 @@ + + + + +## What does this MR do? + + + +## Related issues + + + +Closes + +## Moving docs to a new location? + +Read the guidelines: +https://docs.gitlab.com/ce/development/documentation/index.html#changing-document-location + +- [ ] Make sure the old link is not removed and has its contents replaced with + a link to the new location. +- [ ] Make sure internal links pointing to the document in question are not broken. +- [ ] Search and replace any links referring to old docs in GitLab Rails app, + specifically under the `app/views/` and `ee/app/views` (for GitLab EE) directories. +- [ ] Make sure to add [`redirect_from`](https://docs.gitlab.com/ce/development/writing_documentation.html#redirections-for-pages-with-disqus-comments) + to the new document if there are any Disqus comments on the old document thread. +- [ ] Update the link in `features.yml` (if applicable) +- [ ] If working on CE and the `ee-compat-check` jobs fails, submit an MR to EE + with the changes as well (https://docs.gitlab.com/ce/development/writing_documentation.html#cherry-picking-from-ce-to-ee). +- [ ] Ping one of the technical writers for review. + +/label ~Documentation diff --git a/.gitlab/merge_request_templates/Database Changes.md b/.gitlab/merge_request_templates/Database changes.md similarity index 55% rename from .gitlab/merge_request_templates/Database Changes.md rename to .gitlab/merge_request_templates/Database changes.md index 1c4f30d93202eb1b13f327e37fa08e04a9e3c312..354393b60e08fefa74c1c03f8514be8fdeb4fcbc 100644 --- a/.gitlab/merge_request_templates/Database Changes.md +++ b/.gitlab/merge_request_templates/Database changes.md @@ -1,7 +1,22 @@ -Add a description of your merge request here. Merge requests without an adequate -description will not be reviewed until one is added. +## What does this MR do? -## Database Checklist + + +Add a description of your merge request here. + +## Database checklist + +- [ ] Conforms to the [database guides](https://docs.gitlab.com/ee/development/README.html#databases-guides) When adding migrations: @@ -31,20 +46,13 @@ When removing columns, tables, indexes or other structures: - [ ] Removed these in a post-deployment migration - [ ] Made sure the application no longer uses (or ignores) these structures -## General Checklist +## General checklist - [ ] [Changelog entry](https://docs.gitlab.com/ee/development/changelog.html) added, if necessary -- [ ] [Documentation created/updated](https://docs.gitlab.com/ee/development/doc_styleguide.html) -- [ ] API support added -- [ ] Tests added for this feature/bug -- Conform by the [code review guidelines](https://docs.gitlab.com/ee/development/code_review.html) - - [ ] Has been reviewed by a Backend maintainer - - [ ] Has been reviewed by a Database specialist -- [ ] Conform by the [merge request performance guides](https://docs.gitlab.com/ee/development/merge_request_performance_guidelines.html) -- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/CONTRIBUTING.md#style-guides) -- [ ] If you have multiple commits, please combine them into a few logically organized commits by [squashing them](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) -- [ ] Internationalization required/considered -- [ ] If paid feature, have we considered GitLab.com plan and how it works for groups and is there a design for promoting it to users who aren't on the correct plan -- [ ] End-to-end tests pass (`package-and-qa` manual pipeline job) +- [ ] [Documentation created/updated](https://docs.gitlab.com/ee/development/documentation/index.html#contributing-to-docs) +- [ ] [Tests added for this feature/bug](https://docs.gitlab.com/ee/development/testing_guide/index.html) +- [ ] Conforms to the [code review guidelines](https://docs.gitlab.com/ee/development/code_review.html) +- [ ] Conforms to the [merge request performance guidelines](https://docs.gitlab.com/ee/development/merge_request_performance_guidelines.html) +- [ ] Conforms to the [style guides](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/CONTRIBUTING.md#style-guides) /label ~database diff --git a/.gitlab/merge_request_templates/Documentation.md b/.gitlab/merge_request_templates/Documentation.md index da38a703c3c2e8e87ec53d1588d474fb4efb6ab2..8b7e7119790c5ec093557fef501d28cf65b855ab 100644 --- a/.gitlab/merge_request_templates/Documentation.md +++ b/.gitlab/merge_request_templates/Documentation.md @@ -1,4 +1,8 @@ - + + + + + ## What does this MR do? @@ -10,20 +14,20 @@ Closes -## Moving docs to a new location? - -Read the guidelines: -https://docs.gitlab.com/ce/development/writing_documentation.html#changing-document-location - -- [ ] Make sure the old link is not removed and has its contents replaced with - a link to the new location. -- [ ] Make sure internal links pointing to the document in question are not broken. -- [ ] Search and replace any links referring to old docs in GitLab Rails app, - specifically under the `app/views/` and `ee/app/views` (for GitLab EE) directories. -- [ ] Make sure to add [`redirect_from`](https://docs.gitlab.com/ce/development/writing_documentation.html#redirections-for-pages-with-disqus-comments) - to the new document if there are any Disqus comments on the old document thread. -- [ ] If working on CE and the `ee-compat-check` jobs fails, submit an MR to EE - with the changes as well (https://docs.gitlab.com/ce/development/writing_documentation.html#cherry-picking-from-ce-to-ee). -- [ ] Ping one of the technical writers for review. +## Author's checklist + +- [ ] [Apply the correct labels and milestone](https://docs.gitlab.com/ee/development/documentation/workflow.html#2-developer-s-role-in-the-documentation-process) +- [ ] Crosslink the document from the higher-level index +- [ ] Crosslink the document from other subject-related docs +- [ ] Feature moving tiers? Make sure the change is also reflected in [`features.yml`](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/features.yml) +- [ ] Correctly apply the product [badges](https://docs.gitlab.com/ee/development/documentation/styleguide.html#product-badges) and [tiers](https://docs.gitlab.com/ee/development/documentation/styleguide.html#gitlab-versions-and-tiers) +- [ ] [Port the MR to EE (or backport from CE)](https://docs.gitlab.com/ee/development/documentation/index.html#cherry-picking-from-ce-to-ee): _always recommended, required when the `ee-compat-check` job fails_ + +## Review checklist + +- [ ] Your team's review (required) +- [ ] PM's review (recommended, but not a blocker) +- [ ] Technical writer's review (required) +- [ ] Merge the EE-MR first, CE-MR afterwards /label ~Documentation diff --git a/.haml-lint.yml b/.haml-lint.yml index 32c7de0fb78b47bc01bcfa23c1d8fc925e494d51..bad918ef35d196f0c5cae22fe5eaa4f3709371ae 100644 --- a/.haml-lint.yml +++ b/.haml-lint.yml @@ -70,14 +70,15 @@ linters: enabled: false RuboCop: - enabled: false + enabled: true # These cops are incredibly noisy when it comes to HAML templates, so we # ignore them. ignored_cops: - - Lint/BlockAlignment - - Lint/EndAlignment + - Layout/BlockAlignment + - Layout/EndAlignment - Lint/Void - Metrics/LineLength + - Naming/FileName - Style/AlignParameters - Style/BlockNesting - Style/ElseAlignment @@ -91,6 +92,51 @@ linters: - Style/TrailingWhitespace - Style/WhileUntilModifier + # These cops should eventually get enabled + - Cop/LineBreakAfterGuardClauses + - Cop/LineBreakAroundConditionalBlock + - Cop/ProjectPathHelper + - GitlabSecurity/PublicSend + - Layout/LeadingCommentSpace + - Layout/SpaceAfterColon + - Layout/SpaceAfterComma + - Layout/SpaceAroundOperators + - Layout/SpaceBeforeBlockBraces + - Layout/SpaceBeforeComma + - Layout/SpaceBeforeFirstArg + - Layout/SpaceInsideArrayLiteralBrackets + - Layout/SpaceInsideHashLiteralBraces + - Layout/SpaceInsideStringInterpolation + - Layout/TrailingBlankLines + - Lint/BooleanSymbol + - Lint/LiteralInInterpolation + - Lint/ParenthesesAsGroupedExpression + - Lint/RedundantWithIndex + - Lint/Syntax + - Metrics/BlockNesting + - Naming/VariableName + - Performance/RedundantMatch + - Performance/StringReplacement + - Rails/Presence + - Rails/RequestReferer + - Style/AndOr + - Style/ColonMethodCall + - Style/ConditionalAssignment + - Style/HashSyntax + - Style/IdenticalConditionalBranches + - Style/NegatedIf + - Style/NestedTernaryOperator + - Style/Not + - Style/ParenthesesAroundCondition + - Style/RedundantParentheses + - Style/SelfAssignment + - Style/Semicolon + - Style/TernaryParentheses + - Style/TrailingCommaInHashLiteral + - Style/UnlessElse + - Style/WordArray + - Style/ZeroLengthPredicate + RubyComments: enabled: true diff --git a/.nvmrc b/.nvmrc index f7ee06693c17a06e2a0f51ef7eb2a61866e77b8e..dba04c1e1786b2c5f953ebf2c24c6fcc615c2d9a 100644 --- a/.nvmrc +++ b/.nvmrc @@ -1 +1 @@ -9.0.0 +8.11.3 diff --git a/.rubocop.yml b/.rubocop.yml index 0582bfe8d70ce2fb8f824eb35f05ecb64508a710..0f4018326a118d360a0de55df204da225d06e306 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -3,16 +3,18 @@ inherit_gem: - rubocop-default.yml inherit_from: .rubocop_todo.yml -require: ./rubocop/rubocop +require: + - ./rubocop/rubocop + - rubocop-rspec AllCops: TargetRailsVersion: 4.2 Exclude: - 'vendor/**/*' - 'node_modules/**/*' - - 'db/**/*' - 'db/fixtures/**/*' - - 'ee/db/**/*' + - 'db/schema.rb' + - 'ee/db/geo/schema.rb' - 'tmp/**/*' - 'bin/**/*' - 'generator_templates/**/*' @@ -31,9 +33,42 @@ Style/MutableConstant: - 'ee/db/post_migrate/**/*' - 'ee/db/geo/migrate/**/*' +# TODO: Move this to gitlab-styles +Style/SafeNavigation: + Enabled: false + +# Frozen String Literal +Style/FrozenStringLiteralComment: + Enabled: true + Exclude: + - 'config.ru' + - 'Dangerfile' + - 'Gemfile' + - 'Rakefile' + - 'app/views/**/*' + - 'config/**/*' + - 'danger/**/*' + - 'db/**/*' + - 'ee/**/*' + - 'lib/gitlab/**/*' + - 'lib/tasks/**/*' + - 'qa/**/*' + - 'rubocop/**/*' + - 'scripts/**/*' + - 'spec/**/*' + +RSpec/FilePath: + Exclude: + - 'qa/**/*' + - 'spec/javascripts/fixtures/*' + - 'ee/spec/javascripts/fixtures/*' + - 'spec/requests/api/v3/*' + Naming/FileName: ExpectMatchingDefinition: true Exclude: + - 'db/**/*' + - 'ee/db/**/*' - 'spec/**/*' - 'features/**/*' - 'ee/spec/**/*' @@ -42,12 +77,15 @@ Naming/FileName: - 'qa/bin/*' - 'config/**/*' - 'lib/generators/**/*' + - 'locale/unfound_translations.rb' + - 'ee/locale/unfound_translations.rb' - 'ee/lib/generators/**/*' IgnoreExecutableScripts: true AllowedAcronyms: - EE - JSON - LDAP + - SAML - IO - HMAC - QA @@ -103,7 +141,7 @@ Naming/FileName: - XSRF - XSS -# Gitlab ################################################################### +# GitLab ################################################################### Gitlab/ModuleWithInstanceVariables: Enable: true diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 1fb352306d76c457f0f9ba6fc866a63c6c2d8f69..571df7534cb65a446106dfa0672aa9db79615763 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -10,28 +10,6 @@ Capybara/CurrentPathExpectation: Enabled: false -# Offense count: 956 -Capybara/FeatureMethods: - Enabled: false - -# Offense count: 23 -FactoryBot/DynamicAttributeDefinedStatically: - Exclude: - - 'spec/factories/broadcast_messages.rb' - - 'spec/factories/ci/builds.rb' - - 'spec/factories/ci/runners.rb' - - 'spec/factories/clusters/applications/helm.rb' - - 'spec/factories/clusters/platforms/kubernetes.rb' - - 'spec/factories/emails.rb' - - 'spec/factories/gpg_keys.rb' - - 'spec/factories/group_members.rb' - - 'spec/factories/merge_requests.rb' - - 'spec/factories/notes.rb' - - 'spec/factories/oauth_access_grants.rb' - - 'spec/factories/project_members.rb' - - 'spec/factories/todos.rb' - - 'spec/factories/uploads.rb' - # Offense count: 167 # Cop supports --auto-correct. Layout/EmptyLinesAroundArguments: @@ -57,20 +35,6 @@ Layout/IndentArray: Layout/IndentHash: Enabled: false -# Offense count: 11 -# Cop supports --auto-correct. -# Configuration parameters: AllowForAlignment. -Layout/SpaceBeforeFirstArg: - Exclude: - - 'config/routes/project.rb' - - 'db/migrate/20170506185517_add_foreign_key_pipeline_schedules_and_pipelines.rb' - - 'features/steps/project/source/browse_files.rb' - - 'features/steps/project/source/markdown_render.rb' - - 'lib/api/runners.rb' - - 'spec/features/search/user_uses_search_filters_spec.rb' - - 'spec/routing/project_routing_spec.rb' - - 'spec/services/system_note_service_spec.rb' - # Offense count: 93 # Cop supports --auto-correct. # Configuration parameters: EnforcedStyle. @@ -78,15 +42,6 @@ Layout/SpaceBeforeFirstArg: Layout/SpaceInLambdaLiteral: Enabled: false -# Offense count: 1 -# Cop supports --auto-correct. -# Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBrackets. -# SupportedStyles: space, no_space, compact -# SupportedStylesForEmptyBrackets: space, no_space -Layout/SpaceInsideArrayLiteralBrackets: - Exclude: - - 'spec/lib/gitlab/import_export/relation_factory_spec.rb' - # Offense count: 327 # Cop supports --auto-correct. # Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBraces, SpaceBeforeBlockParameters. @@ -100,14 +55,6 @@ Layout/SpaceInsideBlockBraces: Layout/SpaceInsideParens: Enabled: false -# Offense count: 14 -# Cop supports --auto-correct. -Layout/SpaceInsidePercentLiteralDelimiters: - Exclude: - - 'lib/gitlab/git_access.rb' - - 'lib/gitlab/health_checks/fs_shards_check.rb' - - 'spec/lib/gitlab/health_checks/fs_shards_check_spec.rb' - # Offense count: 26 Lint/DuplicateMethods: Exclude: @@ -139,31 +86,11 @@ Lint/InterpolationCheck: Lint/MissingCopEnableDirective: Enabled: false -# Offense count: 2 -Lint/NestedPercentLiteral: - Exclude: - - 'lib/gitlab/git/repository.rb' - - 'spec/support/shared_examples/email_format_shared_examples.rb' - # Offense count: 1 Lint/ReturnInVoidContext: Exclude: - 'app/models/project.rb' -# Offense count: 1 -# Configuration parameters: IgnoreImplicitReferences. -Lint/ShadowedArgument: - Exclude: - - 'lib/gitlab/database/sha_attribute.rb' - -# Offense count: 3 -# Cop supports --auto-correct. -Lint/UnneededRequireStatement: - Exclude: - - 'db/post_migrate/20161221153951_rename_reserved_project_names.rb' - - 'db/post_migrate/20170313133418_rename_more_reserved_project_names.rb' - - 'lib/declarative_policy.rb' - # Offense count: 9 Lint/UriEscapeUnescape: Exclude: @@ -203,22 +130,6 @@ Naming/HeredocDelimiterCase: Naming/HeredocDelimiterNaming: Enabled: false -# Offense count: 27 -# Cop supports --auto-correct. -# Configuration parameters: AutoCorrect. -Performance/HashEachMethods: - Enabled: false - -# Offense count: 1 -Performance/UnfreezeString: - Exclude: - - 'features/steps/project/commits/commits.rb' - -# Offense count: 1 -# Cop supports --auto-correct. -Performance/UriDefaultParser: - Exclude: - - 'lib/gitlab/url_sanitizer.rb' # Offense count: 3821 # Configuration parameters: Prefixes. @@ -455,7 +366,6 @@ Style/Dir: # Cop supports --auto-correct. Style/EachWithObject: Exclude: - - 'config/initializers/gollum.rb' - 'lib/expand_variables.rb' - 'lib/gitlab/ci/ansi2html.rb' - 'lib/gitlab/ee_compat_check.rb' @@ -487,7 +397,7 @@ Style/EmptyLiteral: - 'lib/gitlab/fogbugz_import/importer.rb' - 'lib/gitlab/git/diff_collection.rb' - 'lib/gitlab/gitaly_client.rb' - - 'scripts/trigger-build-omnibus' + - 'scripts/trigger-build' - 'spec/features/merge_requests/versions_spec.rb' - 'spec/helpers/merge_requests_helper_spec.rb' - 'spec/lib/gitlab/request_context_spec.rb' @@ -716,12 +626,6 @@ Style/RescueModifier: Style/RescueStandardError: Enabled: false -# Offense count: 92 -# Cop supports --auto-correct. -# Configuration parameters: ConvertCodeThatCanStartToReturnNil. -Style/SafeNavigation: - Enabled: false - # Offense count: 8 # Cop supports --auto-correct. Style/SelfAssignment: @@ -824,20 +728,6 @@ Style/UnlessElse: Style/UnneededInterpolation: Enabled: false -# Offense count: 11 -# Cop supports --auto-correct. -Style/ZeroLengthPredicate: - Exclude: - - 'app/models/deploy_key.rb' - - 'app/models/network/commit.rb' - - 'app/models/network/graph.rb' - - 'app/models/project_services/asana_service.rb' - - 'app/services/boards/create_service.rb' - - 'app/services/merge_requests/conflicts/list_service.rb' - - 'lib/declarative_policy/dsl.rb' - - 'lib/extracts_path.rb' - - 'lib/gitlab/git/repository.rb' - # Offense count: 22840 # Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns. # URISchemes: http, https diff --git a/CHANGELOG.md b/CHANGELOG.md index 0d843c3f3180a2c895602d1059aeb0b5a7296bb7..2fc5b24aa3999dd4ecc1f437ec42400b087bdea3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,1476 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.4.0 (2018-10-22) + +### Security (9 changes) + +- Filter user sensitive data from discussions JSON. !2536 +- Encrypt webhook tokens and URLs in the database. !21645 +- Redact confidential events in the API. +- Set timeout for syntax highlighting. +- Sanitize JSON data properly to fix XSS on Issue details page. +- Markdown API no longer displays confidential title references unless authorized. +- Properly filter private references from system notes. +- Fix stored XSS in merge requests from imported repository. +- Fix xss vulnerability sourced from package.json. + +### Removed (2 changes) + +- Remove background job throttling feature. !21748 +- Remove sidekiq info from performance bar. + +### Fixed (68 changes, 18 of them are from the community) + +- Fixes 500 for cherry pick API with empty branch name. !21501 (Jacopo Beschi @jacopo-beschi) +- Fix sorting by priority or popularity on group issues page, when also searching issue content. !21521 +- Fix vertical alignment of text in diffs. !21573 +- Fix performance bar modal position. !21577 +- Bump KaTeX version to 0.9.0. !21625 +- Correctly show legacy diff notes in the merge request changes tab. !21652 +- Synchronize the default branch when updating a remote mirror. !21653 +- Filter group milestones based on user membership. !21660 +- Fix double title in merge request chat messages. !21670 (Kukovskii Vladimir) +- Delete container repository tags outside of transaction. !21679 +- Images are no longer displayed in Todo descriptions. !21704 +- Fixed merge request widget discussion state not updating after resolving discussions. !21705 +- Vendor Auto-DevOps.gitlab-ci.yml to fix bug where the deploy job does not wait for Deployment to complete. !21713 +- Use Reliable Sidekiq fetch. !21715 +- No longer show open issues from archived projects in group issue board. !21721 +- Issue and MR count now ignores archived projects. !21721 +- Fix resizing of monitoring dashboard. !21730 +- Fix object storage uploads not working with AWS v2. !21731 +- Don't ignore first action when assign and unassign quick actions are used in the same comment. !21749 +- Align form labels following Bootstrap 4 docs. !21752 +- Respect the user commit email in more places. !21773 +- Use stats RPC when comparing diffs. !21778 +- Show commit details for selected commit in MR diffs. !21784 +- Resolve "Geo: Does not mark repositories as missing on primary due to stale cache". !21789 +- Fix leading slash in redirects and add rubocop cop. !21828 (Sanad Liaquat) +- Fix activity titles for MRs in chat notification services. !21834 +- Hides Close Merge request btn on merged Merge request. !21840 (Jacopo Beschi @jacopo-beschi) +- Doesn't synchronize the default branch for push mirrors. !21861 +- Fix broken styling when issue board is collapsed. !21868 (Andrea Leone) +- Set a header for custom error pages to prevent them from being intercepted by gitlab-workhorse. !21870 (David Piegza) +- Fix resolved discussions being unresolved when commented on. !21881 +- Fix timeout when running the RemoveRestrictedTodos background migration. !21893 +- Enable the ability to use the force env for rebuilding authorized_keys during a restore. !21896 +- Fix link handling for issue cards to avoid too sensitive drag events. !21910 (Johann Hubert Sonntagbauer) +- Guard against a login attempt with invalid CSRF token. !21934 +- Allow setting user's organization and location attributes through the API by adding them to the list of allowed parameters. !21938 (Alexis Reigel) +- Includes commit stats in POST project commits API. !21968 (Jacopo Beschi @jacopo-beschi) +- Fix loading issue on some merge request discussion. !21982 +- Prevent Error 500s with invalid relative links. !22001 +- Fix stale issue boards after browser back. !22006 (Johann Hubert Sonntagbauer) +- Filter issues without an Assignee via the API. !22009 (Eva Kadlecová) +- Fixes modal button alignment. !22024 (Jacopo Beschi @jacopo-beschi) +- Fix rendering placeholder notes. !22078 +- Instance Configuration page now displays correct SSH fingerprints. !22081 +- Fix showing diff file header for renamed files. !22089 +- Fix LFS uploaded images not being rendered. !22092 +- Fix the issue where long environment names aren't being truncated, causing the environment name to overlap into the column next to it. !22104 +- Trim whitespace when inviting a new user by email. !22119 (Jacopo Beschi @jacopo-beschi) +- Fix incorrect parent path on group settings page. !22142 +- Update copy to clipboard button data for application secret. !22268 (George Tsiolis) +- Improve MR file tree in smaller screens. !22273 +- Fix project deletion when there is a export available. !22276 +- Fixes stuck block URL linking to documentation instead of settings page. !22286 +- Fix caching issue with pipelines URL. !22293 +- Fix erased block not being rendered when job was erased. !22294 +- Load correct stage in the stages dropdown. !22317 +- Fixes close/reopen quick actions preview for issues and merge_requests. !22343 (Jacopo Beschi @jacopo-beschi) +- Allow Issue and Merge Request sidebar to be toggled from collapsed state. !22353 +- Fix filter bar height bug when a tag is added. +- Fix the state of the Done button when there is an error in the GitLab Todos section. (marcos8896) +- Fix wrong text color of help text in merge request creation. (Gerard Montemayor) +- Add borders and white background to markdown tables. +- Fixed mention autocomplete in edit merge request. +- Fix long webhook URL overflow for custom integration. (Kukovskii Vladimir) +- Fixed file templates not fully being fetched in Web IDE. +- Fixes performance bar looking for a key in a undefined prop. +- Hides sidebar for job page in mobile. +- Fixes triggered/created labeled in job header. + +### Changed (26 changes, 4 of them are from the community) + +- Enable unauthenticated access to public SSH keys via the API. !20118 (Ronald Claveau) +- Support Kubernetes RBAC for GitLab Managed Apps when creating new clusters. !21401 +- Highlight current user in comments. !21406 +- Excludes project marked from deletion to projects API. !21542 (Jacopo Beschi @jacopo-beschi) +- Improve install flow of Kubernetes cluster apps. !21567 +- Move including external files in .gitlab-ci.yml from Starter to Libre. !21603 +- Simplify runner registration token resetting. !21658 +- Filter any parameters ending with "key" in logs. !21688 +- Ensure the schema is loaded with post_migrations included. !21689 +- Updated icons used in filtered search dropdowns. !21694 +- Enable omniauth by default. !21700 +- Vendor Auto-DevOps.gitlab-ci.yml to refactor registry_login. !21714 (Laurent Goderre @LaurentGoderre) +- Add Gitaly diff stats RPC client. !21732 +- Allow user to revoke an authorized application even if User OAuth applications setting is disabled in admin settings. !21835 +- Change vertical margin of page titles to 16px. !21888 +- Preserve order of project tags list. !21897 +- Avoid close icon leaving the modal header. !21904 +- Allow /copy_metadata for new issues and MRs. !21953 +- Link to the tag for a version on the help page instead of to the commit. !22015 +- Show SHA for pre-release versions on the help page. !22026 +- Use local tiller for Auto DevOps. !22036 +- Remove 'rbac_clusters' feature flag. !22096 +- Increased retained event data by extending events pruner timeframe to 2 years. !22145 +- Add installation type to backup information file. !22150 +- Remove duplicate button from the markdown header toolbar. !22192 (George Tsiolis) +- Update to Rouge 3.3.0 including frozen string literals for improved memory usage. + +### Performance (17 changes, 6 of them are from the community) + +- Enable frozen string in app/controllers/**/*.rb. +- Improve lazy image loading performance by using IntersectionObserver where available. !21565 +- Adds support for Gitaly ListLastCommitsForTree RPC in order to make bulk-fetch of commits more performant. !21921 +- Dont create license_management build when not included in license. !21958 +- Skip creating auto devops jobs for sast, container_scanning, dast, dependency_scanning when not licensed. !21959 +- Reduce queries needed to compute notification recipients. !22050 +- Banzai label ref finder - minimize SQL calls by sharing context more aggresively. !22070 +- Removes expensive dead code on main MR page request. !22153 +- Lazy load xterm custom colors css. +- Mitigate N+1 queries when parsing commit references in comments. +- Enable more frozen string in app/controllers/. (gfyoung) +- Increase performance when creating discussions on diff. +- Enable frozen string in lib/api and lib/backup. (gfyoung) +- Enable frozen string in vestigial files. (gfyoung) +- Enable frozen string for app/helpers/**/*.rb. (gfyoung) +- Enable frozen string in app/graphql + app/finders. (gfyoung) +- Enable even more frozen string in app/controllers. (gfyoung) + +### Added (37 changes, 21 of them are from the community) + +- Allow file templates to be requested at the project level. !7776 +- Add /lock and /unlock quick actions. !15197 (Mehdi Lahmam (@mehlah)) +- Added search functionality for Work In Progress (WIP) merge requests. !18119 (Chantal Rollison) +- pipeline webhook event now contain pipeline variables. !18171 (Pierre Tardy) +- Add markdown header toolbar button to insert table. !18480 (George Tsiolis) +- Add link button to markdown editor toolbar. !18579 (Jan Beckmann) +- Add access control to GitLab pages and make it possible to enable/disable it in project settings. !18589 (Tuomo Ala-Vannesluoma) +- Add a filter bar to the admin runners view and add a state filter. !19625 (Alexis Reigel) +- Add a type filter to the admin runners view. !19649 (Alexis Reigel) +- Allow user to choose the email used for commits made through GitLab's UI. !21213 (Joshua Campbell) +- Add autocomplete drop down filter for project snippets. !21458 (Fabian Schneider) +- Allow events filter to be set in the URL in addition to cookie. !21557 (Igor @igas) +- Adds a initialize_with_readme parameter to POST /projects. !21617 (Steve) +- Add ability to skip user email confirmation with API. !21630 +- Add sorting for labels on labels page. !21642 +- Set user status from within user menu. !21643 +- Copy nurtch demo notebooks at Jupyter startup. !21698 (Amit Rathi) +- Allows to sort projects by most stars. !21762 (Jacopo Beschi @jacopo-beschi) +- Allow pipelines to schedule delayed job runs. !21767 +- Added tree of changed files to merge request diffs. !21833 +- Add GitLab version components to CI environment variables. !21853 +- Allows to chmod file with commits API. !21866 (Jacopo Beschi @jacopo-beschi) +- Make single diff patch limit configurable. !21886 +- Extend reports feature to support Security Products. !21892 +- Adds the user's public_email attribute to the API. !21909 (Alexis Reigel) +- Update all gitlab CI templates from gitlab-org/gitlab-ci-yml. !21929 +- Add support for setting the public email through the api. !21938 (Alexis Reigel) +- Support db migration and initialization for Auto DevOps. !21955 +- Add subscribe filter to group and project labels pages. !21965 +- Add support for pipeline only/except policy for modified paths. !21981 +- Docs for Project/Groups members API with inherited members. !21984 (Jacopo Beschi @jacopo-beschi) +- Adds Web IDE commits to usage ping. !22007 +- Add timed incremental rollout to Auto DevOps. !22023 +- Show percentage of language detection on the language bar. !22056 (Johann Hubert Sonntagbauer) +- Allows to filter issues by Any milestone in the API. !22080 (Jacopo Beschi @jacopo-beschi) +- Add button to download 2FA codes. (Luke Picciau) +- Render log artifact files in GitLab. + +### Other (42 changes, 16 of them are from the community) + +- Send deployment information in job API. !21307 +- Split admin settings into multiple sub pages. !21467 +- Remove Rugged and shell code from Gitlab::Git. !21488 +- Add trigger information in job API. !21495 +- Add empty state illustration information in job API. !21532 +- Add retried jobs to pipeline stage. !21558 +- Rails 5: fix issue move service In rails 5, the attributes method for an enum returns the name instead of the database integer. !21616 (Jasper Maes) +- Expose project runners in job API. !21618 +- create from template: hide checkbox for initializing repository with readme. !21646 +- Adds new 'Overview' tab on user profile page. !21663 +- Add clean-up phase for ScheduleDiffFilesDeletion migration. !21734 +- Prevents private profile help link from toggling checkbox. !21757 +- Make AutoDevOps work behind proxy. !21775 (Sergej - @kinolaev) +- Use Vue components and new API to render Artifacts, Trigger Variables and Commit blocks on Job page. !21777 +- Add wrapper rake task to migrate all uploads to OS. !21779 +- Retroactively fill pipeline source for external pipelines. !21814 +- Rename squash before merge vue component. !21851 (George Tsiolis) +- Fix merge request header margins. !21878 +- Fix committer typo. !21899 (George Tsiolis) +- Adds an extra width to the responsive tables. !21928 +- Expose has_trace in job API. !21950 +- Rename block scope local variable in table pagination spec. !21969 (George Tsiolis) +- Fix blue, orange, and red color inconsistencies. !21972 +- Update operations metrics empty state. !21974 (George Tsiolis) +- Improve empty project placeholder for non-members and members without write access. !21977 (George Tsiolis) +- Add copy to clipboard button for application id and secret. !21978 (George Tsiolis) +- Add link component to UserAvatarLink component. !21986 (George Tsiolis) +- Add link component to DownloadViewer component. !21987 (George Tsiolis) +- Rephrase 2FA and TOTP documentation and view. !21998 (Marc Schwede) +- Update project path on project name autofill. !22016 +- Improve logging when username update fails due to registry tags. !22038 +- Align collapsed sidebar avatar container. !22044 (George Tsiolis) +- Rails5: fix artifacts controller download spec Rails5 has params[:file_type] as '' if file_type is included as nil in the request. !22123 (Jasper Maes) +- Hide pagination for personal projects on profile overview tab. !22321 +- Extracts scroll position check into reusable functions. +- Uses Vuex store in job details page and removes old mediator pattern. +- Render 412 when invalid UTF-8 parameters are passed to controller. +- Renders Job show page in new Vue app. +- Add link to User Snippets in breadcrumbs of New User Snippet page. (J.D. Bean) +- Log project services errors when executing async. +- Update docs regarding frozen string. (gfyoung) +- Check frozen string in style builds. (gfyoung) + + +## 11.3.6 (2018-10-17) + +- No changes. + +## 11.3.5 (2018-10-15) + +### Fixed (2 changes) + +- Fix loading issue on some merge request discussion. !21982 +- Fix project deletion when there is a export available. !22276 + + +## 11.3.3 (2018-10-04) + +- No changes. + +## 11.3.2 (2018-10-03) + +### Fixed (4 changes) + +- Fix NULL pipeline import problem and pipeline user mapping issue. !21875 +- Fix migration to avoid an exception during upgrade. !22055 +- Fixes admin runners table not wrapping content. +- Fix Error 500 when forking projects with Gravatar disabled. + +### Other (1 change) + +- Removes the 'required' attribute from the 'project name' field. !21770 + + +## 11.3.1 (2018-09-26) + +### Security (6 changes) + +- Redact confidential events in the API. +- Set timeout for syntax highlighting. +- Sanitize JSON data properly to fix XSS on Issue details page. +- Fix stored XSS in merge requests from imported repository. +- Fix xss vulnerability sourced from package.json. +- Block loopback addresses in UrlBlocker. + + +## 11.3.0 (2018-09-22) + +### Security (5 changes, 1 of them is from the community) + +- Disable the Sidekiq Admin Rack session. !21441 +- Set issuable_sort, diff_view, and perf_bar_enabled cookies to secure when possible. !21442 +- Update rubyzip to 1.2.2 (CVE-2018-1000544). !21460 (Takuya Noguchi) +- Fixed persistent XSS rendering/escaping of diff location lines. +- Block link-local addresses in URLBlocker. + +### Removed (1 change) + +- Remove Gemnasium service. !21185 + +### Fixed (83 changes, 24 of them are from the community) + +- Hide PAT creation advice for HTTP clone if PAT exists. !18208 (George Thomas @thegeorgeous) +- Allow spaces in wiki markdown links when using CommonMark. !20417 +- disable_statement_timeout no longer leak to other migrations. !20503 +- Events API now requires the read_user or api scope. !20627 (Warren Parad) +- Fix If-Check the result that a function was executed several times. !20640 (Max Dicker) +- Add migration to cleanup internal_ids inconsistency. !20926 +- Fix fallback logic for automatic MR title assignment. !20930 (Franz Liedke) +- Fixed bug when the project logo file is stored in LFS. !20948 +- Fix buttons on the new file page wrapping outside of the container. !21015 +- Solve tooltip appears under modal. !21017 +- Fix Bitbucket Cloud importer omitting replies. !21076 +- Fix pipeline fixture seeder. !21088 +- Fix blocked user card style. !21095 +- Fix empty merge requests not opening in the Web IDE. !21102 +- Fix label list item container height when there is no label description. !21106 +- Fixes input alignment in user admin form with errors. !21108 (Jacopo Beschi @jacopo-beschi) +- Rails5 fix specs duplicate key value violates unique constraint 'index_gpg_signatures_on_commit_sha'. !21119 (Jasper Maes) +- Add gitlab theme to spam logs pagination. !21145 +- Split remembering sorting for issues and merge requests. !21153 (Jacopo Beschi @jacopo-beschi) +- Fix git submodule link for subgroup projects with relative path. !21154 +- Fix: Project deletion may not log audit events during group deletion. !21162 +- Fix 1px cutoff of emojis. !21180 (gfyoung) +- Auto-DevOps.gitlab-ci.yml: update glibc package to 2.28. !21191 (sgerrand) +- Show google icon in audit log. !21207 (Jan Beckmann) +- Fix bin/secpick error and security branch prefixing. !21210 +- Importing a project no longer fails when visibility level holds a string value type. !21242 +- Fix attachments not displaying inline with Google Cloud Storage. !21265 +- Fix IDE issues with persistent banners. !21283 +- Fix "Confidential comments" button not saving in project hooks. !21289 +- Bump fog-google to 1.7.0 and google-api-client to 0.23.0. !21295 +- Don't use arguments keyword in gettext script. !21296 (gfyoung) +- Fix breadcrumb link to issues on new issue page. !21305 (J.D. Bean) +- Show '< 1%' when percent value evaluated is less than 1 on Stacked Progress Bar. !21306 +- API: Catch empty commit messages. !21322 (Robert Schilling) +- Fix SQL error when sorting 2FA-enabled users by name in admin area. !21324 +- API: Catch empty code content for project snippets. !21325 (Robert Schilling) +- Avoid nil safe message. !21326 (Yi Siliang) +- Allow date parameters on Issues, Notes, and Discussions API for group owners. !21342 (Florent Dubois) +- Fix remote mirrors failing if Git remotes have not been added. !21351 +- Removing a group no longer triggers hooks for project deletion twice. !21366 +- Use slugs for default project path and sanitize names before import. !21367 +- Vertically centres landscape avatars. !21371 (Vicary Archangel) +- Fix Web IDE unable to commit to same file twice. !21372 +- Fix project transfer name validation issues causing a redirect loop. !21408 +- Fix Error 500s due to encoding issues when Wiki hooks fire. !21414 +- Rails 5: include opclasses in rails 5 schema dump. !21416 (Jasper Maes) +- Bump GitLab Pages to v1.1.0. !21419 +- Fix links in RSS feed elements. !21424 (Marc Schwede) +- Allow gaps in multiseries metrics charts. !21427 +- Auto-DevOps.gitlab-ci.yml: fix redeploying deleted app gives helm error. !21429 +- Use sample data for push event when no commits created. !21440 (Takuya Noguchi) +- Fix importers not assigning a new default group. !21456 +- Fix edge cases of JUnitParser. !21469 +- Fix breadcrumb link to merge requests on new merge request page. !21502 (J.D. Bean) +- Handle database statement timeouts in usage ping. !21523 +- Handles exception during file upload - replaces the stack trace with a small error message. !21528 +- Fix closing issue default pattern. !21531 (Samuele Kaplun) +- Fix outdated discussions being shown on Merge Request Changes tab. !21543 +- Remove orphaned label links. !21552 +- Delete a container registry asynchronously. !21553 +- Make MR diff file filter input Clear button functional. !21556 +- Replace white spaces in wiki attachments file names. !21569 +- API: Use find_branch! in all places. !21614 (Robert Schilling) +- Fixes double +/- on inline diff view. !21634 +- Fix broken exports when they include a projet avatar. !21649 +- Fix workhorse temp path for namespace uploads. !21650 +- Fixed resolved discussions not toggling expanded state on changes tab. !21676 +- Update GitLab Shell to v8.3.2. !21701 +- Fix absent Click to Expand link on diffs not rendered on first load of Merge Requests Changes tab. !21716 +- Update GitLab Shell to v8.3.3. !21750 +- Fix import error when archive does not have the correct extension. !21765 +- Fixed IDE deleting new files creating wrong state. +- Does not collapse runners section when using pagination. +- Fix Emojis cutting in the right way. (Alexander Popov) +- Fix NamespaceUploader.base_dir for remote uploads. +- Increase width of checkout branch modal box. +- Fixes SVGs for empty states in job page overflowing on mobile. +- Fix checkboxes on runner admin settings - The labels are now clickable. +- Fixed IDE file row scrolling into view when hovering. +- Accept upload files in public/uplaods/tmp when using accelerated uploads. +- Include correct CSS file for xterm in environments page. +- Increase padding in code blocks. +- Fix: Project deletion may not log audit events during user deletion. + +### Changed (32 changes, 5 of them are from the community) + +- Add default avatar to group. !17271 (George Tsiolis) +- Allow project owners to set up forking relation through API. !18104 +- Limit navbar search for current project or group for small viewports. !18634 (George Tsiolis) +- Add Noto Color Emoji font support. !19036 (Alexander Popov) +- Update design of project overview page. !20536 +- Improve visuals of language bar on projects. !21006 +- Migrate NULL wiki_access_level to correct number so we count active wikis correctly. !21030 +- Support a custom action, such as proxying to another server, after /api/v4/internal/allowed check succeeds. !21034 +- Remove storage path dependency of gitaly install task. !21101 +- Support Kubernetes RBAC for GitLab Managed Apps when adding a existing cluster. !21127 +- Change 'Backlog' list title to 'Open' in Issue Boards. !21131 +- Enable Auto DevOps Instance Wide Default. !21157 +- Allow author to vote on their own issue and MRs. !21203 +- Truncate branch names and update "commits behind" text in MR page. !21206 +- Adds count for different board list types (label lists, assignee lists, and milestone lists) to usage statistics. !21208 +- Render files (`.md`) and wikis using CommonMark. !21228 +- Show deprecation message on project milestone page for category tabs. !21236 +- Remove redundant header from metrics page. !21282 +- Add default parameter to branches API. !21294 (Riccardo Padovani) +- Restrict reopening locked issues for non authorized issue authors. !21299 +- Send back required object storage PUT headers in /uploads/authorize API. !21319 +- Display default status emoji if only message is entered. !21330 +- Move badge settings to general settings. !21333 +- Move project settings for default branch under "Repository". !21380 +- Import all common metrics into database. !21459 +- Improved commit panel in Web IDE. !21471 +- Administrative cleanup rake tasks now leverage Gitaly. !21588 +- Remove health check feature flag in BackgroundMigrationWorker. +- Expose user's id in /admin/users/ show page. (Eva Kadlecova) +- Improved styling of top bar in IDE job trace pane. +- Make terminal button more visible. +- Shows download artifacts button for pipelines on small screens. + +### Performance (13 changes, 2 of them are from the community) + +- Enable frozen string in rest of app/models/**/*.rb. +- Add background migrations for legacy artifacts. !18615 +- Optimize querying User#manageable_groups. !21050 +- Incremental rendering with Vue on merge request page. !21063 +- Remove redundant ci_builds (status) index. !21070 +- Enable frozen in app/mailers/**/*.rb. !21147 (gfyoung) +- Improve performance when fetching related merge requests for an issue. !21237 +- Speed up diff comparisons by limiting number of commit messages rendered. !21335 +- Write diff highlighting cache upon MR creation (refactors caching). !21489 +- Bulk-render commit titles in the tree view to improve performance. !21500 +- Enable frozen string in vestigial app files. (gfyoung) +- Disable project avatar validation if avatar has not changed. +- Bitbucket Server importer: Eliminate most idle-in-transaction issues. + +### Added (41 changes, 17 of them are from the community) + +- API: Protected tags. !14986 (Robert Schilling) +- Include private contributions to contributions calendar. !17296 (George Tsiolis) +- Add an option to whitelist users based on email address as internal when the "New user set to external" setting is enabled. !17711 (Roger Rüttimann) +- Overhaul listing of projects in the group overview page. !20262 +- Add the ability to reference projects in comments and other markdown text. !20285 (Reuben Pereira) +- Add branch filter to project webhooks. !20338 (Duana Saskia) +- Allows to cancel a Created job. !20635 (Jacopo Beschi @jacopo-beschi) +- First Improvements made to the contributor on-boarding experience. !20682 (Eddie Stubbington) +- `/tag` quick action on Commit comments. !20694 (Peter Leitzen) +- Allow admins to configure the maximum Git push size. !20758 +- Expose all artifacts sizes in jobs api. !20821 (Peter Marko) +- Get the merge base of two refs through the API. !20929 +- Add ability to suppress the global "You won't be able to use SSH" message. !21027 (Ævar Arnfjörð Bjarmason) +- API: Add expiration date for shared projects to the project entity. !21104 (Robert Schilling) +- Added tooltips to tree list header. !21138 +- #47845 Add failure_reason to job webhook. !21143 (matemaciek) +- Vendor Auto-DevOps.gitlab-ci.yml with new proxy env vars passed through to docker. !21159 (kinolaev) +- Disable Auto DevOps for project upon first pipeline failure. !21172 +- Add rake command to migrate archived traces from local storage to object storage. !21193 +- Add Czech as an available language. !21201 +- Add Galician as an available language. !21202 +- Add support for extendable CI/CD config with. !21243 +- Disable Web IDE button if user is not allowed to push the source branch. !21288 +- Feature flag to disable Hashed Storage migration when renaming a repository. !21291 +- Store wiki uploads inside git repository. !21362 +- Adds Rubocop rule to enforce class_methods over module ClassMethods. !21379 (Jacopo Beschi @jacopo-beschi) +- Merge request copies all associated issue labels and milestone on creation. !21383 +- Add group name badge under group milestone. !21384 +- Adds diverged_commits_count field to GET api/v4/projects/:project_id/merge_requests/:merge_request_iid. !21405 (Jacopo Beschi @jacopo-beschi) +- Update Import/Export to only use new storage uploaders logic. !21409 +- Ask user explicitly about usage stats agreement on single user deployments. !21423 +- Added atom feed for tags. !21428 +- Add search to a group labels page. !21480 +- Display banner on project page if AutoDevOps is implicitly enabled. !21503 +- Recognize 'UNLICENSE' license files. !21508 (J.D. Bean) +- Add git_v2 feature flag. !21520 +- Added file templates to the Web IDE. +- Enabled multiple file uploads in the Web IDE. +- Allow to delete group milestones. +- Use separate model for tracking resource label changes and render label system notes based on data from this model. +- Add system note when due date is changed. (Eva Kadlecova) + +### Other (48 changes, 16 of them are from the community) + +- Remove extra spaces from MR discussion notes. !18946 (Takuya Noguchi) +- Add an example of the configuration of archive trace cron worker in gitlab.yml.example. !20583 +- Add target branch name to cherrypick confirmation message. !20846 (George Andrinopoulos) +- CE Port of Protected Environments backend. !20859 +- Added missing i18n strings to issue boards lables dropdown. !21081 +- Combines emoji award spec files into single user_interacts_with_awards_in_issue_spec.rb file. !21126 (Nate Geslin) +- Clarify current runners online text. !21151 (Ben Bodenmiller) +- Rails5: Enable verbose query logs. !21231 (Jasper Maes) +- Update presentation for SSO providers on log in page. !21233 +- Make margin of user status emoji consistent. !21268 +- Move usage ping payload from User Cohorts page to admin application settings. !21343 +- Add JSON logging for Bitbucket Server importer. !21378 +- Re-add project name field on "Create new project" page. !21386 +- Rails 5: replace removed silence_stream. !21387 (Jasper Maes) +- Rails5 update Gemfile.rails5.lock. !21388 (Jasper Maes) +- Rails5: fix can't quote ActiveSupport::HashWithIndifferentAccess. !21397 (Jasper Maes) +- Don't show flash messages for performance bar errors. !21411 +- Backport schema_changed.sh from EE which prints the diff if the schema is different. !21422 (Jasper Maes) +- Remove unused CSS part in mobile framework. !21439 (Takuya Noguchi) +- Bump unauthenticated session time from 1 hour to 2 hours. !21453 +- Run review-docs-cleanup job for gitlab-org repos only. !21463 (Takuya Noguchi) +- Rails 5: support schema t.index for mysql. !21485 (Jasper Maes) +- Add route information to lograge structured logging for API logs. !21487 +- Add gitaly_calls attribute to API logs. !21496 +- Ignore irrelevant sql commands in metrics. !21498 +- Rails 5: fix hashed_path? method that looks up file_location that doesn't exist when running certain migration specs. !21510 (Jasper Maes) +- Explicit hashed path check for trace, prevents background migration from accessing file_location column that doesn't exist. !21533 (Jasper Maes) +- Add terminal_path to job API response. !21537 +- Add User-Agent to production_json.log. !21546 +- Make cluster page settings easier to read. !21550 +- Remove striped table styling of Find files and Admin Area Applications views. !21560 (Andreas Kämmerle) +- Update ffi to 1.9.25. !21561 (Takuya Noguchi) +- Send max_patch_bytes to Gitaly via Gitaly::CommitDiffRequest. !21575 +- Add margin between username and subsequent text in issuable header. !21697 +- Send artifact information in job API. !50460 +- Reduce differences between CE and EE code base in reports components. +- Move project services log to a separate file. +- Creates vue component for job log top bar with controllers. +- Creates Vue component for trigger variables block in job log page. +- Creates Vvue component for warning block about stuck runners. +- Creates vue component for job log trace. +- Creates vue component for erased block on job view. +- Creates vue component for environments information in job log view. +- Upgrade Monaco editor. +- Creates empty state vue component for job view. +- Creates vue component for commit block in job log page. +- Creates vue components for stage dropdowns and job list container for job log view. +- Creates Vue component for artifacts block on job page. + + +## 11.2.5 (2018-10-05) + +### Security (3 changes) + +- Filter user sensitive data from discussions JSON. !2538 +- Properly filter private references from system notes. +- Markdown API no longer displays confidential title references unless authorized. + + +## 11.2.4 (2018-09-26) + +### Security (6 changes) + +- Redact confidential events in the API. +- Set timeout for syntax highlighting. +- Sanitize JSON data properly to fix XSS on Issue details page. +- Fix stored XSS in merge requests from imported repository. +- Fix xss vulnerability sourced from package.json. +- Block loopback addresses in UrlBlocker. + + +## 11.2.3 (2018-08-28) + +### Fixed (1 change) + +- Fixed cache invalidation issue with diff lines from 11.2.2. + +## 11.2.2 (2018-08-27) + +### Security (3 changes) + +- Fixed persistent XSS rendering/escaping of diff location lines. +- Adding CSRF protection to Hooks resend action. +- Block link-local addresses in URLBlocker. + + +## 11.2.1 (2018-08-22) + +### Fixed (2 changes) + +- Fix wrong commit count in push event payload. !21338 +- Fix broken Git over HTTP clones with LDAP users. !21352 + +### Performance (1 change) + +- Eliminate unnecessary and duplicate system hook fires. !21337 + + +## 11.2.0 (2018-08-22) + +### Security (5 changes) + +- Bump Gitaly to 0.117.1 for Rouge update. !21277 +- Fix symlink vulnerability in project import. +- Bump rugged to 0.27.4 for security fixes. +- Fixed XSS in branch name in Web IDE. +- Adding CSRF protection to Hooks test action. + +### Removed (1 change) + +- Remove gitlab:user:check_repos, gitlab:check_repo, gitlab:git:prune, gitlab:git:gc, and gitlab:git:repack. !20806 + +### Fixed (81 changes, 26 of them are from the community) + +- Fix namespace move callback behavior, especially to fix Geo replication of namespace moves during certain exceptions. !19297 +- Fix breadcrumbs in Admin/User interface. !19608 (Robin Naundorf) +- Remove changes_count from MR API documentation where necessary. !19745 (Jan Beckmann) +- Fix email confirmation bug when user adds additional email to account. !20084 (muhammadn) +- Add support for daylight savings time to pipleline schedules. !20145 +- Fixing milestone date change when editing. !20279 (Orlando Del Aguila) +- Add missing maximum_timeout parameter. !20355 (gfyoung) +- [Rails5] Fix 'Invalid single-table inheritance type: Group is not a subclass of Gitlab::BackgroundMigration::FixCrossProjectLabelLinks::Namespace'. !20462 (@blackst0ne) +- Rails5 fix mysql milliseconds problem in specs. !20464 (Jasper Maes) +- Update Gemfile.rails5.lock with latest Gemfile.lock changes. !20466 (Jasper Maes) +- Rails5 mysql fix milliseconds problem in pull request importer spec. !20475 (Jasper Maes) +- Rails5 MySQL fix rename_column as part of cleanup_concurrent_column_type_change. !20514 (Jasper Maes) +- Process commits as normal in forks when the upstream project is deleted. !20534 +- Fix project visibility tooltip. !20535 (Jamie Schembri) +- Fix archived parameter for projects API. !20566 (Peter Marko) +- Limit maximum project build timeout setting to 1 month. !20591 +- Fix GitLab project imports not loading due to API timeouts. !20599 +- Avoid process deadlock in popen by consuming input pipes. !20600 +- Disable SAML and Bitbucket if OmniAuth is disabled. !20608 +- Support multiple scopes when authing container registry scopes. !20617 +- Adds the ability to view group milestones on the dashboard milestone page. !20618 +- Allow issues API to receive an internal ID (iid) on create. !20626 (Jamie Schembri) +- Fix typo in CSS transform property for Memory Graph component. !20650 +- Update design for system metrics popovers. !20655 +- Toggle Show / Hide Button for Kubernetes Password. !20659 (gfyoung) +- Board label edit dropdown shows incorrect selected labels summary. !20673 +- Resolve "Unable to save user profile update with Safari". !20676 +- Escape username and password in UrlSanitizer#full_url. !20684 +- Remove background color from card-body style. !20689 (George Tsiolis) +- Update total storage size when changing size of artifacts. !20697 (Peter Marko) +- Rails5 fix user sees revert modal spec. !20706 (Jasper Maes) +- Fix Web IDE crashing on directories named 'blob'. !20712 +- Fix accessing imported pipeline builds. !20713 +- Fixed bug with invalid repository reference using the wiki search. !20722 +- Resolve Copy diff file path as GFM is broken. !20725 +- Chart versions for applications installed by one click install buttons should be version locked. !20765 +- Fix misalignment of broadcast message on login page. !20794 (Robin Naundorf) +- Fix Vue datatype errors for markdownVersion parsing. !20800 +- Fix authorization for interactive web terminals. !20811 +- Increase width of Web IDE sidebar resize handles. !20818 +- Fix new MR card styles. !20822 +- Fix link color in markdown code brackets. !20841 +- Rails5 update Gemfile.rails5.lock. !20858 (Jasper Maes) +- fix height of full-width Metrics charts on large screens. !20866 +- Fix sorting by name on milestones page. !20881 +- Permit concurrent loads in gpg keychain mutex. !20894 (Jasper Maes) +- Prevent editing and updating wiki pages with non UTF-8 encoding via web interface. !20906 +- Retrieve merge request closing issues from database cache. !20911 +- Fix LFS uploads not working with git-lfs 2.5.0. !20923 +- Fix bug setting http headers in Files API. !20938 +- Rails5: fix flaky spec. !20953 (Jasper Maes) +- Fixed list of projects not loading in group boards. !20955 +- Fix autosave and ESC confirmation issues for MR discussions. !20968 +- Fix navigation to First and Next discussion on MR Changes tab. !20968 +- Fix rendering of the context lines in MR diffs page. !20968 +- fix error caused when using the search bar while unauthenticated. !20970 +- Fix GPG status badge loading regressions. !20987 +- Ensure links in notifications footer are not escaped. !21000 +- Rails5: update Rails5 lock for forgotten gem rouge. !21010 (Jasper Maes) +- Fix UI error whereby prometheus application status is updated. !21029 +- Solves group dashboard line height is too tall for group names. !21033 +- Fix rendering of pipeline failure view when directly navigationg to it. !21043 +- Fix missing and duplicates on project milestone listing page. !21058 +- Fix merge requests not showing any diff files for big patches. !21125 +- Auto-DevOps.gitlab-ci.yml: Update glibc package signing key URL. !21182 (sgerrand) +- Fix issue stopping Instance Statistics javascript to be executed. !21211 +- Fix broken JavaScript in IE11. !21214 +- Improve JUnit test reports in merge request widgets. !49966 +- Properly handle colons in URL passwords. +- Renders test reports for resolved failures and resets error state. +- Fix handling of annotated tags when Gitaly is not in use. +- Fix serialization of LegacyDiffNote. +- Escapes milestone and label's names on flash notice when promoting them. +- Allow to toggle notifications for issues due soon. +- Sanitize git URL in import errors. (Jamie Schembri) +- Add missing predefined variable and fix docs. +- Allow updating a project's avatar without other params. (Jamie Schembri) +- Fix the UI for listing system-level labels. +- Update hamlit to fix ruby 2.5 incompatibilities, fixes #42045. (Matthew Dawson) +- Fix updated_at if created_at is set for Note API. +- Fix search bar text input alignment. + +### Changed (32 changes, 7 of them are from the community) + +- Rack attack is now disabled by default. !16669 +- Include full image URL in webhooks for uploaded images. !18109 (Satish Perala) +- Enable hashed storage for all newly created or renamed projects. !19747 +- Support manually stopping any environment from the UI. !20077 +- Close revert and cherry pick modal on escape keypress. !20341 (George Tsiolis) +- Adds with_projects optional parameter to GET /groups/:id API endpoint. !20494 +- Improve feedback when a developer is unable to push to an empty repository. !20519 +- Display GPG status on repository and blob pages. !20524 +- Updated design of new entry dropdown in Web IDE. !20526 +- UX improvements to top nav search bar. !20537 +- Update issue closing pattern. !20554 (George Tsiolis) +- Add merge request header branch actions left margin. !20643 (George Tsiolis) +- Rubix, scikit-learn, tensorflow & other useful libraries pre-installed with JupyterHub. !20714 (Amit Rathi) +- Show decimal place up to single digit in Stacked Progress Bar. !20776 +- Wrap job name on pipeline job sidebar. !20804 (George Tsiolis) +- Redesign Web IDE back button and context header. !20850 +- Removes "show all" on reports and adds an actionButtons slot. !20855 +- Put fallback reply-key address first in the References header. !20871 +- Allow non-admins to view instance statistics (if permitted by the instance admins). !20874 +- Adds the project and group name to the return type for project and group milestones. !20890 +- Restyle status message input on profile settings. !20903 +- Ensure installed Helm Tiller For GitLab Managed Apps Is protected by mutual auth. !20928 +- Allow multiple JIRA transition ids. !20939 +- Use Helm 2.7.2 for GitLab Managed Apps. !20956 +- Create branch and MR picker for Web IDE. !20978 +- Update commit message styles with monospace font and overflow-x. !20988 +- Update to Rouge 3.2.0, including Terraform and Crystal lexer and bug fixes. !20991 +- Update design of project templates. !21012 +- Update to Rouge 3.2.1, which includes a critical fix to the Perl Lexer. !21263 +- Add a 10 ms bucket for SQL timings. +- Show one digit after dot in commit_per_day value in charts page. (msdundar) +- Redesign GCP offer banner. + +### Performance (30 changes, 10 of them are from the community) + +- Stop dynamically creating project and namespace routes. !20313 +- Tracking the number of repositories and wikis with a cached counter for site-wide statistics. !20413 +- Optimize ProjectWiki#empty? check. !20573 +- Delete UserActivities and related workers. !20597 +- Enable frozen string in app/services/**/*.rb. !20656 (gfyoung) +- Enable more frozen string in app/services/**/*.rb. !20677 (gfyoung) +- Limit the TTL for anonymous sessions to 1 hour. !20700 +- Enable even more frozen string in app/services/**/*.rb. !20702 (gfyoung) +- Enable frozen string in app/serializers/**/*.rb. !20726 (gfyoung) +- Enable frozen string in newly added files to previously processed directories. !20763 (gfyoung) +- Use limit parameter to retrieve Wikis from Gitaly. !20764 +- Add Dangerfile for frozen_string_literal. !20767 (gfyoung) +- Remove method instrumentation for Banzai filters and reference parsers. !20770 +- Enable frozen strings in lib/banzai/filter/*.rb. !20775 +- Enable frozen strings in remaining lib/banzai/filter/*.rb files. !20777 +- DNS prefetching if asset_host for CDN hosting is set. !20781 +- Bump nokogiri to 1.8.4 and sanitize to 4.6.6 for performance. !20795 +- Enable frozen string in app/presenters and app/policies. !20819 (gfyoung) +- Bump haml gem to 5.0.4. !20847 +- Enable frozen string in app/models/*.rb. !20851 (gfyoung) +- Performing Commit GPG signature calculation in bulk. !20870 +- Fix /admin/jobs failing to load due to statement timeout. !20909 +- refactor pipeline job log animation to reduce CPU usage. !20915 +- Improve performance when fetching collapsed diffs and commenting in merge requests. !20940 +- Enable frozen string for app/models/**/*.rb. !21001 (gfyoung) +- Don't set gon variables in JSON requests. !21016 (Peter Leitzen) +- Improve performance and memory footprint of Changes tab of Merge Requests. !21028 +- Avoid N+1 on MRs page when metrics merging date cannot be found. !21053 +- Bump Gitaly to 0.117.0. !21055 +- Access metadata directly from Object Storage. + +### Added (41 changes, 18 of them are from the community) + +- Show repository languages for projects. !19480 +- Adds API endpoint /api/v4/(project/group)/:id/members/all to list also inherited members. !19748 (Jacopo Beschi @jacopo-beschi) +- Added live preview for JavaScript projects in the Web IDE. !19764 +- Add support for SSH certificate authentication. !19911 (Ævar Arnfjörð Bjarmason) +- Add Hangouts Chat integration. !20290 (Kukovskii Vladimir) +- Add ability to import multiple repositories by uploading a manifest file. !20304 +- Show Project ID on project home panel. !20305 (Tuğçe Nur Taş) +- Add an option to have a private profile on GitLab. !20387 (jxterry) +- Extend gitlab-ci.yml to request junit.xml test reports. !20390 +- Add the first mutations for merge requests to GraphQL. !20443 +- Add /-/health basic health check endpoint. !20456 +- Add filter for minimal access level in groups and projects API. !20478 (Marko, Peter) +- Add download button for single file (including raw files) in repository. !20480 (Kia Mei Somabes) +- Gitaly Servers link into Admin > Overview navigation menu. !20550 +- Adds foreign key to notification_settings.user_id. !20567 (Jacopo Beschi @jacopo-beschi) +- JUnit XML Test Summary In MR widget. !20576 +- Cleans up display of Deploy Tokens to match Personal Access Tokens. !20578 (Marcel Amirault) +- Users can set a status message and emoji. !20614 (niedermyer & davamr) +- Add emails delivery Prometheus metrics. !20638 +- Verify runner feature set. !20664 +- Add more comprehensive metrics tracking authentication activity. !20668 +- Add support for tar.gz AUTO_DEVOPS_CHART charts (#49324). !20691 (@kondi1) +- Adds Vuex store for reports section in MR widget. !20709 +- Redirect commits to root if no ref is provided (31576). !20738 (Kia Mei Somabes) +- Search for labels by title or description on project labels page. !20749 +- Add object storage logic to project import. !20773 +- Enable renaming files and folders in Web IDE. !20835 +- Warn user when reload IDE with staged changes. !20857 +- Add local project uploads cleanup task. !20863 +- Improve error message when adding invalid user to a project. !20885 (Jacopo Beschi @jacopo-beschi) +- Add link to homepage on static http status pages (404, 500, etc). !20898 (Jason Funk) +- Clean orphaned files in object storage. !20918 +- Adds frontend support to render test reports on the MR widget. !20936 +- Trigger system hooks when project is archived/unarchived. !20995 +- Custom Wiki Sidebar Support Issue 14995. (Josh Sooter) +- Emails on push recipients now accepts formats like John Doe . (George Thomas) +- Add new model for tracking label events. +- Improve danger confirmation modals by focusing input field. (Jamie Schembri) +- Clicking CI icon in Web IDE now opens up pipelines panel. +- Enabled deletion of files in the Web IDE. +- Added button to regenerate 2FA codes. (Luke Picciau) + +### Other (26 changes, 7 of them are from the community) + +- Update specific runners help URL. !20213 (George Tsiolis) +- Enable frozen string in apps/uploaders/*.rb. !20401 (gfyoung) +- Update docs of Helm Tiller. !20515 (Takuya Noguchi) +- Persist 'Auto DevOps' banner dismissal globally. !20540 +- Move xterm to a node dependency and remove it from vendor's folder. !20588 +- Upgrade grape-path-helpers to 1.0.6. !20601 +- Delete todos when user loses access to read the target. !20665 +- Remove tooltips from commit author avatar and name in commit lists. !20674 +- Allow cloning LFS repositories through DeployTokens. !20729 +- Replace 'Sidekiq::Testing.inline!' with 'perform_enqueued_jobs'. !20768 (@blackst0ne) +- Replace author_link snake case in stylesheets, specs, and helpers. !20797 (George Tsiolis) +- Replace snake case in SCSS variables. !20799 (George Tsiolis) +- Add rbtrace to Gemfile. !20831 +- Add support for searching users by confirmed e-mails. !20893 +- Changes poll.js to keep polling on any 2xx http status code. !20904 +- Remove todos of users without access to targets migration. !20927 +- Improve and simplify Auto DevOps settings flow. !20946 +- Keep admin settings sections open after submitting forms. !21040 +- CE port of "List groups with developer maintainer access on project creation". !21051 +- Update git rerere link in docs. !21060 (gfyoung) +- Add 'tabindex' attribute support on Icon component to show BS4 popover on trigger type 'focus'. !21066 +- Add a Gitlab::Profiler.print_by_total_time convenience method for profiling from a Rails console. +- Automatically expand runner's settings block when linking to the runner's settings page. +- Increases title column on modal for reports. +- Disables toggle comments button if diff has no discussions. +- Moves help_popover component to a common location. + + +## 11.1.8 (2018-10-05) + +### Security (3 changes) + +- Filter user sensitive data from discussions JSON. !2539 +- Properly filter private references from system notes. +- Markdown API no longer displays confidential title references unless authorized. + + +## 11.1.7 (2018-09-26) + +### Security (6 changes) + +- Redact confidential events in the API. +- Set timeout for syntax highlighting. +- Sanitize JSON data properly to fix XSS on Issue details page. +- Fix stored XSS in merge requests from imported repository. +- Fix xss vulnerability sourced from package.json. +- Block loopback addresses in UrlBlocker. + + +## 11.1.6 (2018-08-28) + +### Fixed (1 change) + +- Fixed cache invalidation issue with diff lines from 11.2.2. + +## 11.1.5 (2018-08-27) + +### Security (3 changes) + +- Fixed persistent XSS rendering/escaping of diff location lines. +- Adding CSRF protection to Hooks resend action. +- Block link-local addresses in URLBlocker. + +### Fixed (1 change, 1 of them is from the community) + +- Sanitize git URL in import errors. (Jamie Schembri) + + +## 11.1.4 (2018-07-30) + +### Fixed (4 changes, 1 of them is from the community) + +- Rework some projects table indexes around repository_storage field. !20377 +- Don't overflow project/group dropdown results. !20704 (gfyoung) +- Fixed IDE not opening JSON files. !20798 +- Disable Gitaly timeouts when creating or restoring backups. !20810 + +## 11.1.3 (2018-07-27) + +- Not released. + +## 11.1.2 (2018-07-26) + +### Security (4 changes) + +- Adding CSRF protection to Hooks test action. +- Don't expose project names in GitHub counters. +- Don't expose project names in various counters. +- Fixed XSS in branch name in Web IDE. + +### Fixed (1 change) + +- Escapes milestone and label's names on flash notice when promoting them. + +### Performance (1 change) + +- Fix slow Markdown rendering. !20820 + + +## 11.1.1 (2018-07-23) + +### Fixed (2 changes) + +- Add missing Gitaly branch_update nil checks. !20711 +- Fix filename for accelerated uploads. + +### Added (1 change) + +- Add uploader support to Import/Export uploads. !20484 + + +## 11.1.0 (2018-07-22) + +### Security (6 changes) + +- Fix XSS vulnerability for table of content generation. +- Update sanitize gem to 4.6.5 to fix HTML injection vulnerability. +- HTML escape branch name in project graphs page. +- HTML escape the name of the user in ProjectsHelper#link_to_member. +- Don't show events from internal projects for anonymous users in public feed. +- Fix symlink vulnerability in project import. + +### Removed (1 change) + +- Remove deprecated object_storage_upload queue. + +### Fixed (98 changes, 52 of them are from the community) + +- Keep lists ordered when copying only list items. !18522 (Jan Beckmann) +- Fix bug where maintainer would not be allowed to push to forks with merge requests that have `Allow maintainer edits` enabled. !18968 +- mergeError message has been binded using v-html directive. !19058 (Murat Dogan) +- Set MR target branch to default branch if target branch is not valid. !19067 +- Fix CSS for buttons not to be hidden on issues/MR title. !19176 (Takuya Noguchi) +- Use same gem versions for rails5 as for rails4 where possible. !19498 (Jasper Maes) +- Fix extra blank line at start of rendered reStructuredText code block. !19596 +- Fix username validation order on signup, resolves #45575. !19610 (Jan Beckmann) +- Make quick commands case insensitive. !19614 (Jan Beckmann) +- Remove incorrect CI doc re: PowerShell. !19622 (gfyoung) +- Fixes Microsoft Teams notifications for pipeline events. !19632 (Jeff Brown) +- Fix branch name encoding for dropdown on issue page. !19634 +- Rails5 fix expected `issuable.reload.updated_at` to have changed. !19733 (Jasper Maes) +- Rails5 fix stack level too deep. !19762 (Jasper Maes) +- Rails5 ActionController::ParameterMissing: param is missing or the value is empty: application_setting. !19763 (Jasper Maes) +- Invalidate cache with project details when repository is updated. !19774 +- Rails5 fix no implicit conversion of Hash into String. ActionController::Parameters no longer returns an hash in Rails 5. !19792 (Jasper Maes) +- [Rails5] Fix snippets_finder arel queries. !19796 (@blackst0ne) +- Fix fields for author & assignee in MR API docs. !19798 (gfyoung) +- Remove scrollbar in Safari in repo settings page. !19809 (gfyoung) +- Omits operartions and kubernetes item from project sidebar when repository or builds are disabled. !19835 +- Rails5 fix passing Group objects array into for_projects_and_groups milestone scope. !19863 (Jasper Maes) +- Fix chat service tag notifications not sending when only default branch enabled. !19864 +- Only show new issue / new merge request on group page when issues / merge requests are enabled. !19869 (Jan Beckmann) +- [Rails5] Explicitly set request.format for blob_controller. !19876 (@blackst0ne) +- [Rails5] Fix optimistic lock value. !19878 (@blackst0ne) +- Rails5 fix update_attribute usage not causing a save. !19881 (Jasper Maes) +- Rails5 fix connection execute return integer instead of string. !19901 (Jasper Maes) +- Rails5 fix format in uploads actions. !19907 (Jasper Maes) +- [Rails5] Fix "-1 is not a valid data_store". !19917 (@blackst0ne) +- [Rails5] Invalid single-table inheritance type: Group is not a subclass of Namespace. !19918 (@blackst0ne) +- [Rails5] Fix pipeline_schedules_controller_spec. !19919 (@blackst0ne) +- Rails5 fix passing Group objects array into for_projects_and_groups milestone scope. !19920 (Jasper Maes) +- Rails5 update Gemfile.rails5.lock. !19921 (Jasper Maes) +- [Rails5] Fix sessions_controller_spec. !19936 (@blackst0ne) +- [Rails5] Set request.format for artifacts_controller. !19937 (@blackst0ne) +- Fix webhook error when password is not present. !19945 (Jan Beckmann) +- Fix label and milestone duplicated records and IID errors. !19961 +- Rails5 fix expected: 1 time with arguments: (97, anything, {"squash"=>false}) received: 0 times. !20004 (Jasper Maes) +- Rails5 fix Projects::PagesController spec. !20007 (Jasper Maes) +- [Rails5] Fix ActionCable '/cable' mountpoint conflict. !20015 (@blackst0ne) +- Fix branches are not shown in Merge Request dropdown when preferred language is not English. !20016 (Hiroyuki Sato) +- Rails5 fix Admin::HooksController. !20017 (Jasper Maes) +- Rails5 fix expected: 0 times with any arguments received: 1 time with arguments: DashboardController. !20018 (Jasper Maes) +- [Rails5] Set request.format in commits_controller. !20023 (@blackst0ne) +- Keeps the label on an issue when the issue is moved. !20036 +- Cleanup Prometheus ruby metrics. !20039 (Ben Kochie) +- Rails 5 fix Capybara::ElementNotFound: Unable to find visible css #modal-revert-commit and expected: "/bar" got: "/foo". !20044 (Jasper Maes) +- [Rails5] Force the callback run first. !20055 (@blackst0ne) +- Add readme button to non-empty project page. !20104 +- Fixed bug when editing a comment in an issue,the preview mode is toggled in the main textarea. !20112 (Constance Okoghenun) +- Ignore unknown OAuth sources in ApplicationSetting. !20129 +- Fix paragraph line height for emoji. !20137 (George Tsiolis) +- Fixes issue with uploading same image to Profile Avatar twice. !20161 (Chirag Bhatia) +- Rails5 fix arel from in mysql_median_datetime_sql. !20167 (Jasper Maes) +- Adds the `locked` state to the merge request API so that it can be used as a search filter. !20186 +- Enable Doorkeeper option to avoid generating new tokens when users login via oauth. !20200 +- Fix OAuth Application Authorization screen to appear with each access. !20216 +- Rails5 fix MySQL milliseconds problem in specs. !20221 (Jasper Maes) +- Rails5 fix Mysql comparison failure caused by milliseconds problem. !20222 (Jasper Maes) +- Updated last commit link color. !20234 (Constance Okoghenun) +- Fixed Merge request changes dropdown displays incorrectly. !20237 (Constance Okoghenun) +- Show jobs from same pipeline in sidebar in job details view. !20243 +- [Rails5] Fix milestone GROUP BY query. !20256 (@blackst0ne) +- Line separator to the left of the 'Admin area' wrench icon had vanished. !20282 (bitsapien) +- Check if archived trace exist before archive it. !20297 +- Load Devise with Omniauth when auto_sign_in_with_provider is configured. !20302 +- Fix link to job when creating a new issue from a failed job. !20328 +- Fix double "in" in time to artifact deletion message. !20357 (@bbodenmiller) +- Fix wrong role badge displayed in projects dashboard. !20374 +- Stop relying on migrations in the CacheableAttributes cache key and cache attributes for 1 minute instead. !20389 +- Fixes toggle discussion button not expanding collapsed discussions. !20452 +- Resolve compatibility issues with node 6. !20461 +- Fixes base command used in Helm installations. !20471 +- Fix RSS button interaction on Dashboard, Project and Group activities. !20549 +- Use appropriate timeout on Gitaly server info checks, avoid error on timeout. !20552 +- Remove healthchecks from prometheus endpoint. !20565 +- Render MR page when diffs cannot be fetched from the database or the git repository. !20680 +- Expire correct method caches after HEAD changed. +- Ensure MR diffs always exist in the PR importer. +- Fix overlapping file title and file actions in MR changes tag. +- Mark MR as merged regardless of errors when closing issues. +- Fix performance bar modal visibility in Safari. +- Prevent browser autocomplete for milestone date fields. +- Limit the action suffixes in transaction metrics. +- Add /uploads subdirectory to allowed upload paths. +- Fix cross-project label references. +- Invalidate merge request diffs cache if diff data change. +- Don't show context button for diffs of deleted files. +- Structure getters for diff Store properly and adds specs. +- Bump rugged to 0.27.2. +- Fix Bamboo CI status not showing for branch plans. +- Fixed bug that allowed to remove other wiki pages if the title had wildcard characters. +- Disabled Web IDE autocomplete suggestions for Markdown files. (Isaac Smith) +- Fix merge request diffs when created with gitaly_diff_between enabled. +- Properly detect label reference if followed by period or question mark. +- Deactivate new KubernetesService created from active template to prevent project creation from failing. +- Allow trailing whitespace on blockquote fence lines. + +### Deprecated (1 change) + +- Removes unused bootstrap 4 scss files. !19423 + +### Changed (33 changes, 16 of them are from the community) + +- Change label link vertical alignment property. !18777 (George Tsiolis) +- Updated the icon for expand buttons to ellipsis. !18793 (Constance Okoghenun) +- Create new or add existing Kubernetes cluster from a single page. !18963 +- Use object storage as the first class persistable store for new live trace architecture. !19515 +- Hide project name if searching against a project. !19595 +- Allows you to create another deploy token dimmediately after creating one. !19639 +- Removes the environment scope field for users that cannot edit it. !19643 +- Don't hash user ID in OIDC subject claim. !19784 (Markus Koller) +- Milestone page list redesign. !19832 (Constance Okoghenun) +- Add environment dropdown for the metrics page. !19833 +- Allow querying a single merge request within a project. !19853 +- Update WebIDE to show file in tree on load. !19887 +- Remove small container width. !19893 (George Tsiolis) +- Improve U2F workflow when using unsupported browsers. !19938 (Jan Beckmann) +- Update Web IDE file tree styles. !19969 +- Highlight cluster settings message. !19996 (George Tsiolis) +- Fade uneditable area in Web IDE. !20008 +- Update pipeline icon in web ide sidebar. !20058 (George Tsiolis) +- Revert merge request discussion buttons padding. !20060 (George Tsiolis) +- Fix boards issue highlight. !20063 (George Tsiolis) +- Update external link icon in header user dropdown. !20150 (George Tsiolis) +- Update external link icon in merge request widget. !20154 (George Tsiolis) +- Update environments nav controls icons. !20199 (George Tsiolis) +- Update integrations external link icons. !20205 (George Tsiolis) +- Fixes an issue where migrations instead of schema loading were run. !20227 +- Add title placeholder for new issues. !20271 (George Tsiolis) +- Close revoke deploy token modal on escape keypress. !20347 (George Tsiolis) +- Change environment scope text depending on number of project clusters. Update form to only include form-groups. +- Improve Web IDE commit flow. +- Add machine type and pricing documentation links, add class to labels to make bold. +- Remove remaining traces of the Allocations Gem. +- Use one column form layout on Admin Area Settings page. +- Add back copy for existing gcp accounts within offer banner. + +### Performance (16 changes, 4 of them are from the community) + +- Fully migrate pipeline stages position. !19369 +- Use Tooltip component in MrWidgetAuthorTime vue comonent. !19635 (George Tsiolis) +- Move boards modal EmptyState vue component. !20068 (George Tsiolis) +- Bump carrierwave gem verion to 1.2.3. !20287 +- Remove redundant query when removing trace. !20324 +- Improves performance of mr code, by fixing the state being mutated outside of the store in the util function trimFirstCharOfLineContent and in map operations. Avoids map operation in an empty array. Adds specs to the trimFirstCharOfLineContent function. !20380 (filipa) +- Reduce the number of queries when searching for groups. !20398 +- Improve render performance of large wiki pages. !20465 (Peter Leitzen) +- Improves performance on Merge Request diff tab by removing the scroll event listeners being added to every file. +- Remove the ci_job_request_with_tags_matcher. +- Updated Gitaly fail-fast timeout values. +- Add index on deployable_type/id for deployments. +- Eliminate N+1 queries in LFS file locks checks during a push. +- Fix performance problem of accessing tag list for projects api endpoints. +- Improve performance of listing users without projects. +- Fixed pagination of web hook logs. + +### Added (29 changes, 9 of them are from the community) + +- Add dropdown to Groups link in top bar. !18280 +- Web IDE supports now Image + Download Diff Viewing. !18768 +- Use CommonMark syntax and rendering for new Markdown content. !19331 +- Add SHA256 and HEAD on File API. !19439 (ahmet2mir) +- Add filename filtering to code search. !19509 +- Add CI_PIPELINE_URL and CI_JOB_URL. !19618 +- Expose visibility via Snippets API. !19620 (Jan Beckmann) +- Fixed pagination of groups API. !19665 (Marko, Peter) +- Added id sorting option to GET groups and subgroups API. !19665 (Marko, Peter) +- Add a link to the contributing page in the user dropdown. !19708 +- Add Object Storage to project export. !20105 +- Change avatar image in the header when user updates their avatar. !20119 (Jamie Schembri) +- Allow straight diff in Compare API. !20120 (Maciej Nowak) +- Add transfer project API endpoint. !20122 (Aram Visser) +- Expose permissions of the current user on resources in GraphQL. !20152 +- Run repository checks in parallel for each shard. !20179 +- Add pipeline lists to GraphQL. !20249 +- Add option to add README when creating a project. !20335 +- Add option to hide third party offers in admin application settings. !20379 +- Add /confidential quick action. (Jan Beckmann) +- Support direct_upload for generic uploads. +- Display merge request title & description in Web IDE. +- Prune web hook logs older than 90 days. +- Add Web Terminal for Ci Builds. (Vicky Chijwani) +- Expose whether current user can push into a branch on branches API. +- Present state indication on GFM preview. +- migrate backup rake task to gitaly. +- Add Gitlab::SQL:CTE for easily building CTE statements. +- Added with_statsoption for GET /projects/:id/repository/commits. + +### Other (28 changes, 11 of them are from the community) + +- Move some Gitaly RPC's to opt-out. !19591 +- Bump grape-path-helpers to 1.0.5. !19604 (@blackst0ne) +- Add CI job to check Gemfile.rails5.lock. !19605 (@blackst0ne) +- Move Gitaly branch/tag/ref RPC's to opt-out. !19644 +- CE port gitlab-ee!6112. !19714 +- Enable no-multi-assignment in JS files. !19808 (gfyoung) +- Enable no-restricted globals in JS files. !19877 (gfyoung) +- Improve no-multi-assignment fixes after enabling rule. !19915 (gfyoung) +- Enable prefer-structuring in JS files. !19943 (gfyoung) +- Enable frozen string in app/workers/*.rb. !19944 (gfyoung) +- Uses long sha version of the merged commit in MR widget copy to clipboard button. !19955 +- Update new group page to better explain what groups are. !19991 +- Update new SSH key page to improve copy. !19994 +- Update new SSH key page to improve key input validation. !19997 +- Gitaly metrics check for read/writeability. !20022 +- Add ellispsis to web ide commit button. !20030 +- Minor style changes to personal access token form and scope checkboxes. !20052 +- Finish enabling frozen string for app/workers/*.rb. !20197 (gfyoung) +- Allows settings sections to expand by default when linking to them. !20211 +- Enable frozen string in apps/validators/*.rb. !20220 (gfyoung) +- update bcrypt to also support libxcrypt. !20260 (muhammadn) +- Enable frozen string in apps/validators/*.rb. !20382 (gfyoung) +- Removes unused vuex code in mr refactor and removes unneeded dependencies. !20499 +- Delete non-latest merge request diff files upon merge. +- Schedule workers to delete non-latest diffs in post-migration. +- Remove the use of `is_shared` of `Ci::Runner`. +- Add more detailed logging to githost.log when rebasing. +- Use monospaced font for MR diff commit link ref on GFM. + + +## 11.0.6 (2018-08-27) + +### Security (3 changes) + +- Fixed persistent XSS rendering/escaping of diff location lines. +- Adding CSRF protection to Hooks resend action. +- Block link-local addresses in URLBlocker. + +### Fixed (1 change, 1 of them is from the community) + +- Sanitize git URL in import errors. (Jamie Schembri) + + +## 11.0.5 (2018-07-26) + +### Security (4 changes) + +- Don't expose project names in various counters. +- Don't expose project names in GitHub counters. +- Adding CSRF protection to Hooks test action. +- Fixed XSS in branch name in Web IDE. + +### Fixed (1 change) + +- Escapes milestone and label's names on flash notice when promoting them. + + +## 11.0.4 (2018-07-17) + +### Security (1 change) + +- Fix symlink vulnerability in project import. + + +## 11.0.3 (2018-07-05) + +### Fixed (14 changes, 1 of them is from the community) + +- Revert merge request widget button max height. !20175 (George Tsiolis) +- Implement upload copy when moving an issue with upload on object storage. !20191 +- Fix broken '!' support to autocomplete MRs in GFM fields. !20204 +- Restore showing Elasticsearch and Geo status on dashboard. !20276 +- Fix merge request page rendering error when its target/source branch is missing. !20280 +- Fix sidebar collapse breapoints for job and wiki pages. +- fix size of code blocks in headings. +- Fix loading screen for search autocomplete dropdown. +- Fix ambiguous due_date column for Issue scopes. +- Always serve favicon from main GitLab domain so that CI badge can be drawn over it. +- Fix tooltip flickering bug. +- Fix refreshing cache keys for open issues count. +- Replace deprecated bs.affix in merge request tabs with sticky polyfill. +- Prevent pipeline job tooltip from scrolling off dropdown container. + + +## 11.0.2 (2018-06-26) + +### Fixed (8 changes, 1 of them is from the community) + +- Serve favicon image always from the main GitLab domain to avoid issues with CORS. !19810 (Alexis Reigel) +- Specify chart version when installing applications on Clusters. !20010 +- Fix invalid fuzzy translations being generated during installation. !20048 +- Fix incremental rollouts for Auto DevOps. !20061 +- Notify conflict for only open merge request. !20125 +- Only load Omniauth if enabled. !20132 +- Fix sorting by name on explore projects page. !20162 +- Fix alert button styling so that they don't show up white. + +### Performance (1 change) + +- Remove performance bottleneck preventing large wiki pages from displaying. !20174 + +### Added (1 change) + +- Add support for verifying remote uploads, artifacts, and LFS objects in check rake tasks. !19501 + + +## 11.0.1 (2018-06-21) + +### Security (5 changes) + +- Fix XSS vulnerability for table of content generation. +- Update sanitize gem to 4.6.5 to fix HTML injection vulnerability. +- HTML escape branch name in project graphs page. +- HTML escape the name of the user in ProjectsHelper#link_to_member. +- Don't show events from internal projects for anonymous users in public feed. + + +## 11.0.0 (2018-06-22) + +### Security (3 changes) + +- Fix API to remove deploy key from project instead of deleting it entirely. +- Fixed bug that allowed importing arbitrary project attributes. +- Prevent user passwords from being changed without providing the previous password. + +### Removed (2 changes) + +- Removed API v3 from the codebase. !18970 +- Removes outdated `g t` shortcut for TODO in favor of `Shift+T`. !19002 + +### Fixed (69 changes, 23 of them are from the community) + +- Optimize the upload migration proces. !15947 +- Import bitbucket issues that are reported by an anonymous user. !18199 (bartl) +- Fix an issue where the notification email address would be set to an unconfirmed email address. !18474 +- Stop logging email information when emails are disabled. !18521 (Marc Shaw) +- Fix double-brackets being linkified in wiki markdown. !18524 (brewingcode) +- Use case in-sensitive ordering by name for dashboard. !18553 (@vedharish) +- Fix width of contributors graphs. !18639 (Paul Vorbach) +- Fix modal width of shorcuts help page. !18766 (Lars Greiss) +- Add missing tooltip to creation date on container registry overview. !18767 (Lars Greiss) +- Add missing migration for minimal Project build_timeout. !18775 +- Update commit status from external CI services less aggressively. !18802 +- Fix Runner contacted at tooltip cache. !18810 +- Added support for LFS Download in the importing process. !18871 +- Fix issue board bug with long strings in titles. !18924 +- Does not log failed sign-in attempts when the database is in read-only mode. !18957 +- Fixes 500 error on /estimate BIG_VALUE. !18964 (Jacopo Beschi @jacopo-beschi) +- Forbid to patch traces for finished jobs. !18969 +- Do not allow to trigger manual actions that were skipped. !18985 +- Renamed 'Overview' to 'Project' in collapsed contextual navigation at a project level. !18996 (Constance Okoghenun) +- Fixed bug where generated api urls didn't add the base url if set. !19003 +- Fixed badge api endpoint route when relative url is set. !19004 +- Fixes: Runners search input placeholder is cut off. !19015 (Jacopo Beschi @jacopo-beschi) +- Exclude CI_PIPELINE_ID from variables supported in dynamic environment name. !19032 +- Updates updated_at on label changes. !19065 (Jacopo Beschi @jacopo-beschi) +- Disallow updating job status if the job is not running. !19101 +- Fix FreeBSD can not upload artifacts due to wrong tmp path. !19148 +- Check for nil AutoDevOps when saving project CI/CD settings. !19190 +- Missing timeout value in object storage pre-authorization. !19201 +- Use strings as properties key in kubernetes service spec. !19265 (Jasper Maes) +- Fixed HTTP_PROXY environment not honored when reading remote traces. !19282 (NLR) +- Updates ReactiveCaching clear_reactive_caching method to clear both data and alive caching. !19311 +- Fixes the styling on the modal headers. !19312 (samdbeckham) +- Fixes a spelling error on the new label page. !19316 (samdbeckham) +- Rails5 fix arel from. !19340 (Jasper Maes) +- Support rails5 in postgres indexes function and fix some migrations. !19400 (Jasper Maes) +- Fix repository archive generation when hashed storage is enabled. !19441 +- Rails 5 fix unknown keywords: changes, key_id, project, gl_repository, action, secret_token, protocol. !19466 (Jasper Maes) +- Rails 5 fix glob spec. !19469 (Jasper Maes) +- Showing project import_status in a humanized form no longer gives an error. !19470 +- Make avatars/icons hidden on mobile. !19585 (Takuya Noguchi) +- Fix active tab highlight when creating new merge request. !19781 (Jan Beckmann) +- Fixes Web IDE button on merge requests when GitLab is installed with relative URL. +- Unverified hover state color changed to black. +- Fix   after sign-in with Google button. +- Don't trim incoming emails that create new issues. (Cameron Crockett) +- Wrapping problem on the issues page has been fixed. +- Fix resolvable check if note's commit could not be found. +- Fix filename matching when processing file or blob search results. +- Allow maintainers to retry pipelines on forked projects (if allowed in merge request). +- Fix deletion of Object Store uploads. +- Fix overflowing Failed Jobs table in sm viewports on IE11. +- Adjust insufficient diff hunks being persisted on NoteDiffFile. +- Render calendar feed inline when accessed from GitLab. +- Line height fixed. (Murat Dogan) +- Use upload ID for creating lease key for file uploaders. +- Use Github repo visibility during import while respecting restricted visibility levels. +- Adjust permitted params filtering on merge scheduling. +- Fix unscrollable Markdown preview of WebIDE on Firefox. +- Enforce UTF-8 encoding on user input in LogrageWithTimestamp formatter and filter out file content from logs. +- Fix project destruction failing due to idle in transaction timeouts. +- Add a unique and not null constraint on the project_features.project_id column. +- Expire Wiki content cache after importing a repository. +- Fix admin counters not working when PostgreSQL has secondaries. +- Fix backup creation and restore for specific Rake tasks. +- Fix cross-origin errors when attempting to download JavaScript attachments. +- Fix api_json.log not always reporting the right HTTP status code. +- Fix attr_encryption key settings. +- Remove gray button styles. +- Fix print styles for markdown pages. + +### Deprecated (4 changes) + +- Deprecate Gemnasium project service. !18954 +- Rephrasing Merge Request's 'allow edits from maintainer' functionality. !19061 +- Rename issue scope created-by-me to created_by_me, and assigned-to-me to assigned_to_me. !44799 +- Migrate any remaining jobs from deprecated `object_storage_upload` queue. + +### Changed (42 changes, 11 of them are from the community) + +- Add support for smarter system notes. !17164 +- Automatically accepts project/group invite by email after user signup. !17634 (Jacopo Beschi @jacopo-beschi) +- Dynamically fetch GCP cluster creation parameters. !17806 +- Label list page redesign. !18466 +- Move discussion actions to the right for small viewports. !18476 (George Tsiolis) +- Add 2FA filter to the group members page. !18483 +- made listing and showing public issue apis available without authentication. !18638 (haseebeqx) +- Refactoring UrlValidators to include url blocking. !18686 +- Removed "(Beta)" from "Auto DevOps" messages. !18759 +- Expose runner ip address to runners API. !18799 (Lars Greiss) +- Moves MR widget external link icon to the right. !18828 (Jacopo Beschi @jacopo-beschi) +- Add support for 'active' setting on Runner Registration API endpoint. !18848 +- Add dot to separate system notes content. !18864 +- Remove modalbox confirmation when retrying a pipeline. !18879 +- Remove docker pull prefix from registry clipboard feature. !18933 (Lars Greiss) +- Move project sidebar sub-entries 'Environments' and 'Kubernetes' from 'CI/CD' to a new entry 'Operations'. !18941 +- Updated icons for branch and tag names in commit details. !18953 (Constance Okoghenun) +- Expose readme url in Project API. !18960 (Imre Farkas) +- Changes keyboard shortcut of Activity feed to `g v`. !19002 +- Updated Mattermost integration to use API v4 and only allow creation of Mattermost slash commands in the current user's teams. !19043 (Harrison Healey) +- Add shortcuts to Web IDE docs and modal. !19044 +- Rename merge request widget author component. !19079 (George Tsiolis) +- Rename the Master role to Maintainer. !19080 +- Use "right now" for short time periods. !19095 +- Update 404 and 403 pages with helpful actions. !19096 +- Add username to terms message in git and API calls. !19126 +- Change the IDE file buttons for an "Open in file view" button. !19129 (Sam Beckham) +- Removes redundant script failure message from Job page. !19138 +- Add flash notice if user has already accepted terms and allow users to continue to root path. !19156 +- Redesign group settings page into expandable sections. !19184 +- Hashed Storage: migration rake task now can be executed to specific project. !19268 +- Make CI job update entrypoint to work as keep-alive endpoint. !19543 +- Avoid checking the user format in every url validation. !19575 +- Apply notification settings level of groups to all child objects. +- Support restoring repositories into gitaly. +- Bump omniauth-gitlab to 1.0.3. +- Move API group deletion to Sidekiq. +- Improve Failed Jobs tab in the Pipeline detail page. +- Add additional theme color options. +- Include milestones from parent groups when assigning a milestone to an issue or merge request. +- Restore API v3 user endpoint. +- Hide merge request option in IDE when disabled. + +### Performance (28 changes, 1 of them is from the community) + +- Add backgound migration for filling nullfied file_store columns. !18557 +- Add a cronworker to rescue stale live traces. !18680 +- Move SquashBeforeMerge vue component. !18813 (George Tsiolis) +- Add index on runner_type for ci_runners. !18897 +- Fix CarrierWave reads local files into memoery when migrates to ObjectStorage. !19102 +- Remove double-checked internal id generation. !19181 +- Throttle updates to Project#last_repository_updated_at. !19183 +- Add background migrations for archiving legacy job traces. !19194 +- Use NPM provided version of SortableJS. !19274 +- Improve performance of group issues filtering on GitLab.com. !19429 +- Improve performance of LFS integrity check. !19494 +- Fix an N+1 when loading user avatars. +- Only preload member records for the relevant projects/groups/user in projects API. +- Fix some sources of excessive query counts when calculating notification recipients. +- Optimise PagesWorker usage. +- Optimise paused runners to reduce amount of used requests. +- Update runner cached informations without performing validations. +- Improve performance of project pipelines pages. +- Persist truncated note diffs on a new table. +- Remove unused running_or_pending_build_count. +- Remove N+1 query for author in issues API. +- Eliminate N+1 queries with authors and push_data_payload in Events API. +- Eliminate cached N+1 queries for projects in Issue API. +- Eliminate N+1 queries for CI job artifacts in /api/prjoects/:id/pipelines/:pipeline_id/jobs. +- Fix N+1 with source_projects in merge requests API. +- Replace grape-route-helpers with our own grape-path-helpers. +- Move PR IO operations out of a transaction. +- Improve performance of GroupsController#show. + +### Added (25 changes, 10 of them are from the community) + +- Closes MR check out branch modal with escape. (19050) +- Allow changing the default favicon to a custom icon. !14497 (Alexis Reigel) +- Export assigned issues in iCalendar feed. !17783 (Imre Farkas) +- When MR becomes unmergeable, notify and create todo for author and merge user. !18042 +- Display help text below auto devops domain with nip.io domain name (#45561). !18496 +- Add per-project pipeline id. !18558 +- New design for wiki page deletion confirmation. !18712 (Constance Okoghenun) +- Updates updated_at on issuable when setting time spent. !18757 (Jacopo Beschi @jacopo-beschi) +- Expose artifacts_expire_at field for job entity in api. !18872 (Semyon Pupkov) +- Add support for variables expression pattern matching syntax. !18902 +- Add API endpoint to render markdown text. !18926 (@blackst0ne) +- Add `Squash and merge` to GitLab Core (CE). !18956 (@blackst0ne) +- Adds keyboard shortcut `g k` for Kubernetes on Project pages. !19002 +- Adds keyboard shortcut `g e` for Environments on Project pages. !19002 +- Setup graphql with initial project & merge request query. !19008 +- Adds JupyterHub to cluster applications. !19019 +- Added ability to search by wiki titles. !19112 +- Add Avatar API. !19121 (Imre Farkas) +- Add variables to POST api/v4/projects/:id/pipeline. !19124 (Jacopo Beschi @jacopo-beschi) +- Add deploy strategies to the Auto DevOps settings. !19172 +- Automatize Deploy Token creation for Auto Devops. !19507 +- Add anchor for incoming email regex. +- Support direct_upload with S3 Multipart uploads. +- Add Open in Xcode link for xcode repositories. +- Add pipeline status to the status bar of the Web IDE. + +### Other (40 changes, 17 of them are from the community) + +- Expand documentation for Runners API. !16484 +- Order UsersController#projects.json by updated_at. !18227 (Takuya Noguchi) +- Replace the `project/issues/references.feature` spinach test with an rspec analog. !18769 (@blackst0ne) +- Replace the `project/merge_requests/references.feature` spinach test with an rspec analog. !18794 (@blackst0ne) +- Replace the `project/deploy_keys.feature` spinach test with an rspec analog. !18796 (@blackst0ne) +- Replace the `project/ff_merge_requests.feature` spinach test with an rspec analog. !18800 (@blackst0ne) +- Apply NestingDepth (level 5) (pages/pipelines.scss). !18830 (Takuya Noguchi) +- Replace the `project/forked_merge_requests.feature` spinach test with an rspec analog. !18867 (@blackst0ne) +- Remove Spinach. !18869 (@blackst0ne) +- Add NOT NULL constraints to project_authorizations. !18980 +- Add helpful messages to empty wiki view. !19007 +- Increase text limit for GPG keys (mysql only). !19069 +- Take two for MR metrics population background migration. !19097 +- Remove Gemnasium badge from project README.md. !19136 (Takuya Noguchi) +- Update awesome_print to 1.8.0. !19163 (Takuya Noguchi) +- Update email_spec to 2.2.0. !19164 (Takuya Noguchi) +- Update redis-namespace to 1.6.0. !19166 (Takuya Noguchi) +- Update rdoc to 6.0.4. !19167 (Takuya Noguchi) +- Updates the version of kubeclient from 3.0 to 3.1.0. !19199 +- Fix UI broken in line profiling modal due to Bootstrap 4. !19253 (Takuya Noguchi) +- Add migration to disable the usage of DSA keys. !19299 +- Use the default strings of timeago.js for timeago. !19350 (Takuya Noguchi) +- Update selenium-webdriver to 3.12.0. !19351 (Takuya Noguchi) +- Include username in output when testing SSH to GitLab. !19358 +- Update screenshot in GitLab.com integration documentation. !19433 (Tuğçe Nur Taş) +- Users can accept terms during registration. !19583 +- Fix issue count on sidebar. +- Add merge requests list endpoint for groups. +- Upgrade GitLab from Bootstrap 3 to 4. +- Make ActiveRecordSubscriber rails 5 compatible. +- Show a more helpful error for import status. +- Log response body to production_json.log when a controller responds with a 422 status. +- Log Workhorse queue duration for Grape API calls. +- Adjust SQL and transaction Prometheus buckets. +- Adding branches through the WebUI is handled by Gitaly. +- Remove shellout implementation for Repository checksums. +- Refs containting sha checks are done by Gitaly. +- Finding a wiki page is done by Gitaly by default. +- Workhorse will use Gitaly to create archives. +- Workhorse to send raw diff and patch for commits. + + +## 10.8.6 (2018-07-17) + +### Security (2 changes) + +- Fix symlink vulnerability in project import. +- Merge branch 'fix-mr-widget-border' into 'master'. + + +## 10.8.5 (2018-06-21) + +### Security (5 changes) + +- Fix XSS vulnerability for table of content generation. +- Update sanitize gem to 4.6.5 to fix HTML injection vulnerability. +- HTML escape branch name in project graphs page. +- HTML escape the name of the user in ProjectsHelper#link_to_member. +- Don't show events from internal projects for anonymous users in public feed. + + ## 10.8.4 (2018-06-06) - No changes. @@ -95,7 +1565,7 @@ entry. - Make toggle markdown preview shortcut only toggle selected field. - Verifiy if pipeline has commit idetails and render information in MR widget when branch is deleted. - Fixed inconsistent protected branch pill baseline. -- Fix setting Gitlab metrics content types. +- Fix setting GitLab metrics content types. - Display only generic message on merge error to avoid exposing any potentially sensitive or user unfriendly backend messages. - Fix label links update on project transfer. - Breaks commit not found message in pipelines table. @@ -220,6 +1690,29 @@ entry. - Gitaly handles repository forks by default. +## 10.7.7 (2018-07-17) + +### Security (1 change) + +- Fix symlink vulnerability in project import. + + +## 10.7.6 (2018-06-21) + +### Security (6 changes) + +- Fix XSS vulnerability for table of content generation. +- Update sanitize gem to 4.6.5 to fix HTML injection vulnerability. +- HTML escape branch name in project graphs page. +- HTML escape the name of the user in ProjectsHelper#link_to_member. +- Don't show events from internal projects for anonymous users in public feed. +- XSS fix to use safe_params instead of params in url_for helpers. + +### Other (1 change) + +- Replacing gollum libraries for gitlab custom libs. !18343 + + ## 10.7.5 (2018-05-28) ### Security (3 changes) @@ -442,7 +1935,7 @@ entry. - Add 'Assigned Issues' and 'Assigned Merge Requests' as dashboard view choices for users. !17860 (Elias Werberich) - Extend API for importing a project export with overwrite support. !17883 - Create Deploy Tokens to allow permanent access to repository and registry. !17894 -- Detect commit message trailers and link users properly to their accounts on Gitlab. !17919 (cousine) +- Detect commit message trailers and link users properly to their accounts on GitLab. !17919 (cousine) - Adds cancel btn to new pages domain page. !18026 (Jacopo Beschi @jacopo-beschi) - API: Add parameter merge_method to projects. !18031 (Jan Beckmann) - Introduce simpler env vars for auto devops REPLICAS and CANARY_REPLICAS #41436. !18036 @@ -1890,7 +3383,7 @@ entry. - [FIXED] Fix broken wiki pages that link to a wiki file. !15019 - [FIXED] Don't rename paths that were freed up when upgrading. !15029 - [FIXED] Fix bitbucket login. !15051 -- [FIXED] Update gitaly in Gitlab 10.1 to 0.43.1 for temp file cleanup. !15055 +- [FIXED] Update gitaly in GitLab 10.1 to 0.43.1 for temp file cleanup. !15055 - [FIXED] Use the correct visibility attribute for projects in system hooks. !15065 - [FIXED] Normalize LDAP DN when looking up identity. - [FIXED] Adds callback functions for initial request in clusters page. @@ -3600,7 +5093,7 @@ entry. - Make user mentions case-insensitive. !10285 (blackst0ne) - Update rugged to 0.25.1.1. !10286 (Elan Ruusamäe) - Handle parsing OpenBSD ps output properly to display sidekiq infos on admin->monitoring->background. !10303 (Sebastian Reitenbach) -- Log errors during generating of Gitlab Pages to debug log. !10335 (Danilo Bargen) +- Log errors during generating of GitLab Pages to debug log. !10335 (Danilo Bargen) - Update issue board cards design. !10353 - Tags can be protected, restricting creation of matching tags by user role. !10356 - Set GIT_TERMINAL_PROMPT env variable in initializer. !10372 @@ -4013,7 +5506,7 @@ entry. - Restore keyboard shortcuts for "Activity" and "Charts". !9680 - Added commit array to Syshook json. !9685 (Gabriele Pongelli) - Document ability to list issues with no labels using API. !9697 (Vignesh Ravichandran) -- Fix typo in Gitlab config file. !9702 (medied) +- Fix typo in GitLab config file. !9702 (medied) - Fix json response in branches controller. !9710 (George Andrinopoulos) - Refactor dropdown_assignee_spec. !9711 (George Andrinopoulos) - Delete artifacts for pages unless expiry date is specified. !9716 diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 82d1abff4a42d54abe6b4b245790b2faba9ba27f..b33ef79558eb6b880591a3f10aa7d3dd440b7582 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -21,19 +21,23 @@ _This notice should stay as the first item in the CONTRIBUTING.md file._ **Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)* +- [Contributing Documentation has been moved](#contributing-documentation-has-been-moved) - [Contribute to GitLab](#contribute-to-gitlab) - [Security vulnerability disclosure](#security-vulnerability-disclosure) +- [Code of conduct](#code-of-conduct) - [Closing policy for issues and merge requests](#closing-policy-for-issues-and-merge-requests) - [Helping others](#helping-others) - [I want to contribute!](#i-want-to-contribute) +- [Contribution Flow](#contribution-flow) - [Workflow labels](#workflow-labels) - - [Type labels (~"feature proposal", ~bug, ~customer, etc.)](#type-labels-feature-proposal-bug-customer-etc) - - [Subject labels (~wiki, ~"container registry", ~ldap, ~api, etc.)](#subject-labels-wiki-container-registry-ldap-api-etc) - - [Team labels (~"CI/CD", ~Discussion, ~Quality, ~Platform, etc.)](#team-labels-cicd-discussion-quality-platform-etc) - - [Milestone labels (~Deliverable, ~Stretch, ~"Next Patch Release")](#milestone-labels-deliverable-stretch-next-patch-release) - - [Priority labels (~P1, ~P2, ~P3 , ~P4)](#bug-priority-labels-p1-p2-p3-p4) - - [Severity labels (~S1, ~S2, ~S3 , ~S4)](#bug-severity-labels-s1-s2-s3-s4) - - [Label for community contributors (~"Accepting Merge Requests")](#label-for-community-contributors-accepting-merge-requests) + - [Type labels](#type-labels) + - [Subject labels](#subject-labels) + - [Team labels](#team-labels) + - [Release Scoping labels](#release-scoping-labels) + - [Priority labels](#priority-labels) + - [Severity labels](#severity-labels) + - [Severity impact guidance](#severity-impact-guidance) + - [Label for community contributors](#label-for-community-contributors) - [Implement design & UI elements](#implement-design--ui-elements) - [Issue tracker](#issue-tracker) - [Issue triaging](#issue-triaging) @@ -48,692 +52,133 @@ _This notice should stay as the first item in the CONTRIBUTING.md file._ - [Contribution acceptance criteria](#contribution-acceptance-criteria) - [Definition of done](#definition-of-done) - [Style guides](#style-guides) -- [Code of conduct](#code-of-conduct) --- -## Contribute to GitLab - -For a first-time step-by-step guide to the contribution process, see -["Contributing to GitLab"](https://about.gitlab.com/contributing/). - -Thank you for your interest in contributing to GitLab. This guide details how -to contribute to GitLab in a way that is efficient for everyone. +## Contributing Documentation has been moved -Looking for something to work on? Look for issues with the label [Accepting Merge Requests](#i-want-to-contribute). +As of July 2018, all the documentation for contributing to the GitLab project has been moved to a new location. +[view the new documentation](doc/development/contributing/index.md) to find the latest information. -GitLab comes into two flavors, GitLab Community Edition (CE) our free and open -source edition, and GitLab Enterprise Edition (EE) which is our commercial -edition. Throughout this guide you will see references to CE and EE for -abbreviation. - -If you have read this guide and want to know how the GitLab [core team] -operates please see [the GitLab contributing process](PROCESS.md). +## Contribute to GitLab -- [GitLab Inc engineers should refer to the engineering workflow document](https://about.gitlab.com/handbook/engineering/workflow/) +This [documentation](doc/development/contributing/index.md#contribute-to-gitlab) has been moved. ## Security vulnerability disclosure -Please report suspected security vulnerabilities in private to -`support@gitlab.com`, also see the -[disclosure section on the GitLab.com website](https://about.gitlab.com/disclosure/). -Please do **NOT** create publicly viewable issues for suspected security -vulnerabilities. +This [documentation](doc/development/contributing/index.md#security-vulnerability-disclosure) has been moved. -## Closing policy for issues and merge requests +## Code of Conduct -GitLab is a popular open source project and the capacity to deal with issues -and merge requests is limited. Out of respect for our volunteers, issues and -merge requests not in line with the guidelines listed in this document may be -closed without notice. +This [documentation](doc/development/contributing/index.md#code-of-conduct) has been moved. -Please treat our volunteers with courtesy and respect, it will go a long way -towards getting your issue resolved. - -Issues and merge requests should be in English and contain appropriate language -for audiences of all ages. +## Closing policy for issues and merge requests -If a contributor is no longer actively working on a submitted merge request -we can decide that the merge request will be finished by one of our -[Merge request coaches][team] or close the merge request. We make this decision -based on how important the change is for our product vision. If a Merge request -coach is going to finish the merge request we assign the -~"coach will finish" label. +This [documentation](doc/development/contributing/index.md#closing-policy-for-issues-and-merge-requests) has been moved. ## Helping others -Please help other GitLab users when you can. -The methods people will use to seek help can be found on the [getting help page][getting-help]. - -Sign up for the mailing list, answer GitLab questions on StackOverflow or -respond in the IRC channel. You can also sign up on [CodeTriage][codetriage] to help with -the remaining issues on the GitHub issue tracker. +This [documentation](doc/development/contributing/index.md#helping-others) has been moved. ## I want to contribute! -If you want to contribute to GitLab [issues with the label `Accepting Merge Requests` and small weight][accepting-mrs-weight] -is a great place to start. Issues with a lower weight (1 or 2) are deemed -suitable for beginners. These issues will be of reasonable size and challenge, -for anyone to start contributing to GitLab. If you have any questions or need help visit [Getting Help](https://about.gitlab.com/getting-help/#discussion) to -learn how to communicate with GitLab. If you're looking for a Gitter or Slack channel -please consider we favor -[asynchronous communication](https://about.gitlab.com/handbook/communication/#internal-communication) over real time communication. Thanks for your contribution! - -## Workflow labels - -To allow for asynchronous issue handling, we use [milestones][milestones-page] -and [labels][labels-page]. Leads and product managers handle most of the -scheduling into milestones. Labelling is a task for everyone. - -Most issues will have labels for at least one of the following: - -- Type: ~"feature proposal", ~bug, ~customer, etc. -- Subject: ~wiki, ~"container registry", ~ldap, ~api, ~frontend, etc. -- Team: ~"CI/CD", ~Discussion, ~Quality, ~Platform, etc. -- Milestone: ~Deliverable, ~Stretch, ~"Next Patch Release" -- Priority: ~P1, ~P2, ~P3, ~P4 -- Severity: ~S1, ~S2, ~S3, ~S4 - -All labels, their meaning and priority are defined on the -[labels page][labels-page]. - -If you come across an issue that has none of these, and you're allowed to set -labels, you can _always_ add the team and type, and often also the subject. - -[milestones-page]: https://gitlab.com/gitlab-org/gitlab-ce/milestones -[labels-page]: https://gitlab.com/gitlab-org/gitlab-ce/labels - -### Type labels (~"feature proposal", ~bug, ~customer, etc.) +This [documentation](doc/development/contributing/index.md#i-want-to-contribute) has been moved. -Type labels are very important. They define what kind of issue this is. Every -issue should have one or more. +## Contribution Flow -Examples of type labels are ~"feature proposal", ~bug, ~customer, ~security, -and ~"direction". +This [documentation](doc/development/contributing/index.md) has been moved. -A number of type labels have a priority assigned to them, which automatically -makes them float to the top, depending on their importance. - -Type labels are always lowercase, and can have any color, besides blue (which is -already reserved for subject labels). - -The descriptions on the [labels page][labels-page] explain what falls under each type label. - -### Subject labels (~wiki, ~"container registry", ~ldap, ~api, etc.) - -Subject labels are labels that define what area or feature of GitLab this issue -hits. They are not always necessary, but very convenient. - -If you are an expert in a particular area, it makes it easier to find issues to -work on. You can also subscribe to those labels to receive an email each time an -issue is labeled with a subject label corresponding to your expertise. - -Examples of subject labels are ~wiki, ~"container registry", ~ldap, ~api, -~issues, ~"merge requests", ~labels, and ~"container registry". - -Subject labels are always all-lowercase. - -### Team labels (~"CI/CD", ~Discussion, ~Quality, ~Platform, etc.) - -Team labels specify what team is responsible for this issue. -Assigning a team label makes sure issues get the attention of the appropriate -people. - -The current team labels are ~Distribution, ~"CI/CD", ~Discussion, ~Documentation, ~Quality, -~Geo, ~Gitaly, ~Monitoring, ~Platform, ~Release, ~"Security Products", ~"Configuration", and ~"UX". +## Workflow labels -The descriptions on the [labels page][labels-page] explain what falls under the -responsibility of each team. +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. -Within those team labels, we also have the ~backend and ~frontend labels to -indicate if an issue needs backend work, frontend work, or both. +### Type labels -Team labels are always capitalized so that they show up as the first label for -any issue. +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. -### Milestone labels (~Deliverable, ~Stretch, ~"Next Patch Release") +### Subject labels -Milestone labels help us clearly communicate expectations of the work for the -release. There are three levels of Milestone labels: +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. -- ~Deliverable: Issues that are expected to be delivered in the current - milestone. -- ~Stretch: Issues that are a stretch goal for delivering in the current - milestone. If these issues are not done in the current release, they will - strongly be considered for the next release. -- ~"Next Patch Release": Issues to put in the next patch release. Work on these - first, and add the "Pick Into X" label to the merge request, along with the - appropriate milestone. +### Team labels -Each issue scheduled for the current milestone should be labeled ~Deliverable -or ~"Stretch". Any open issue for a previous milestone should be labeled -~"Next Patch Release", or otherwise rescheduled to a different milestone. +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. -### Bug Priority labels (~P1, ~P2, ~P3, ~P4) +### Release Scoping labels -Bug Priority labels help us define the time a ~bug fix should be completed. Priority determines how quickly the defect turnaround time must be. -If there are multiple defects, the priority decides which defect has to be fixed immediately versus later. -This label documents the planned timeline & urgency which is used to measure against our actual SLA on delivering ~bug fixes. +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. -| Label | Meaning | Estimate time to fix | Guidance | -|-------|-----------------|------------------------------------------------------------------|----------| -| ~P1 | Urgent Priority | The current release + potentially immediate hotfix to GitLab.com | | -| ~P2 | High Priority | The next release | | -| ~P3 | Medium Priority | Within the next 3 releases (approx one quarter) | | -| ~P4 | Low Priority | Anything outside the next 3 releases (approx beyond one quarter) | The issue is prominent but does not impact user workflow and a workaround is documented | +### Priority labels -### Bug Severity labels (~S1, ~S2, ~S3, ~S4) +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. -Severity labels help us clearly communicate the impact of a ~bug on users. +### Severity labels -| Label | Meaning | Impact of the defect | Example | -|-------|-------------------|-------------------------------------------------------|---------| -| ~S1 | Blocker | Outage, broken feature with no workaround | Unable to create an issue. Data corruption/loss. Security breach. | -| ~S2 | Critical Severity | Broken Feature, workaround too complex & unacceptable | Can push commits, but only via the command line. | -| ~S3 | Major Severity | Broken Feature, workaround acceptable | Can create merge requests only from the Merge Requests page, not through the Issue. | -| ~S4 | Low Severity | Functionality inconvenience or cosmetic issue | Label colors are incorrect / not being displayed. | +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. #### Severity impact guidance -| Label | Security Impact | Availability / Performance Impact | -|-------|---------------------------------------------------------------------|--------------------------------------------------------------| -| ~S1 | >50% users impacted (possible company extinction level event) | | -| ~S2 | Many users or multiple paid customers impacted (but not apocalyptic)| The issue is (almost) guaranteed to occur in the near future | -| ~S3 | A few users or a single paid customer impacted | The issue is likely to occur in the near future | -| ~S4 | No paid users/customer impacted, or expected impact within 30 days | The issue _may_ occur but it's not likely | - -### Label for community contributors (~"Accepting Merge Requests") - -Issues that are beneficial to our users, 'nice to haves', that we currently do -not have the capacity for or want to give the priority to, are labeled as -~"Accepting Merge Requests", so the community can make a contribution. - -Community contributors can submit merge requests for any issue they want, but -the ~"Accepting Merge Requests" label has a special meaning. It points to -changes that: - -1. We already agreed on, -1. Are well-defined, -1. Are likely to get accepted by a maintainer. - -We want to avoid a situation when a contributor picks an -~"Accepting Merge Requests" issue and then their merge request gets closed, -because we realize that it does not fit our vision, or we want to solve it in a -different way. - -We add the ~"Accepting Merge Requests" label to: - -- Low priority ~bug issues (i.e. we do not add it to the bugs that we want to -solve in the ~"Next Patch Release") -- Small ~"feature proposal" -- Small ~"technical debt" issues - -After adding the ~"Accepting Merge Requests" label, we try to estimate the -[weight](#issue-weight) of the issue. We use issue weight to let contributors -know how difficult the issue is. Additionally: +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. -- We advertise ["Accepting Merge Requests" issues with weight < 5][up-for-grabs] - as suitable for people that have never contributed to GitLab before on the - [Up For Grabs campaign](http://up-for-grabs.net) -- We encourage people that have never contributed to any open source project to - look for ["Accepting Merge Requests" issues with a weight of 1][firt-timers] +### Label for community contributors -If you've decided that you would like to work on an issue, please @-mention -the [appropriate product manager](https://about.gitlab.com/handbook/product/#who-to-talk-to-for-what) -as soon as possible. The product manager will then pull in appropriate GitLab team -members to further discuss scope, design, and technical considerations. This will -ensure that that your contribution is aligned with the GitLab product and minimize -any rework and delay in getting it merged into master. - -GitLab team members who apply the ~"Accepting Merge Requests" label to an issue -should update the issue description with a responsible product manager, inviting -any potential community contributor to @-mention per above. - -[up-for-grabs]: https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name=Accepting+Merge+Requests&scope=all&sort=weight_asc&state=opened -[firt-timers]: https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name%5B%5D=Accepting+Merge+Requests&scope=all&sort=upvotes_desc&state=opened&weight=1 +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. ## Implement design & UI elements -For guidance on UX implementation at GitLab, please refer to our [Design System](https://design.gitlab.com/). - -The UX team uses labels to manage their workflow. - -The ~"UX" label on an issue is a signal to the UX team that it will need UX attention. -To better understand the priority by which UX tackles issues, see the [UX section](https://about.gitlab.com/handbook/ux/) of the handbook. - -Once an issue has been worked on and is ready for development, a UXer applies the ~"UX ready" label to that issue. - -The UX team has a special type label called ~"design artifact". This label indicates that the final output -for an issue is a UX solution/design. The solution will be developed by frontend and/or backend in a subsequent milestone. -Any issue labeled ~"design artifact" should not also be labeled ~"frontend" or ~"backend" since no development is -needed until the solution has been decided. - -~"design artifact" issues are like any other issue and should contain a milestone label, ~"Deliverable" or ~"Stretch", when scheduled in the current milestone. - -Once the ~"design artifact" issue has been completed, the UXer removes the ~"design artifact" label and applies the ~"UX ready" label. The Product Manager can use the -existing issue or decide to create a whole new issue for the purpose of development. +This [documentation](doc/development/contributing/design.md) has been moved. ## Issue tracker -To get support for your particular problem please use the -[getting help channels](https://about.gitlab.com/getting-help/). - -The [GitLab CE issue tracker on GitLab.com][ce-tracker] is for bugs concerning -the latest GitLab release and [feature proposals](#feature-proposals). - -When submitting an issue please conform to the issue submission guidelines -listed below. Not all issues will be addressed and your issue is more likely to -be addressed if you submit a merge request which partially or fully solves -the issue. - -If you're unsure where to post, post to the [mailing list][google-group] or -[Stack Overflow][stackoverflow] first. There are a lot of helpful GitLab users -there who may be able to help you quickly. If your particular issue turns out -to be a bug, it will find its way from there. - -If it happens that you know the solution to an existing bug, please first -open the issue in order to keep track of it and then open the relevant merge -request that potentially fixes it. +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. ### Issue triaging -Our issue triage policies are [described in our handbook]. You are very welcome -to help the GitLab team triage issues. We also organize [issue bash events] once -every quarter. - -The most important thing is making sure valid issues receive feedback from the -development team. Therefore the priority is mentioning developers that can help -on those issues. Please select someone with relevant experience from the -[GitLab team][team]. If there is nobody mentioned with that expertise look in -the commit history for the affected files to find someone. - -[described in our handbook]: https://about.gitlab.com/handbook/engineering/issue-triage/ -[issue bash events]: https://gitlab.com/gitlab-org/gitlab-ce/issues/17815 +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. ### Feature proposals -To create a feature proposal for CE, open an issue on the -[issue tracker of CE][ce-tracker]. - -For feature proposals for EE, open an issue on the -[issue tracker of EE][ee-tracker]. - -In order to help track the feature proposals, we have created a -[`feature proposal`][fpl] label. For the time being, users that are not members -of the project cannot add labels. You can instead ask one of the [core team] -members to add the label ~"feature proposal" to the issue or add the following -code snippet right after your description in a new line: `~"feature proposal"`. - -Please keep feature proposals as small and simple as possible, complex ones -might be edited to make them small and simple. - -Please submit Feature Proposals using the ['Feature Proposal' issue template](.gitlab/issue_templates/Feature Proposal.md) provided on the issue tracker. - -For changes in the interface, it is helpful to include a mockup. Issues that add to, or change, the interface should -be given the ~"UX" label. This will allow the UX team to provide input and guidance. You may -need to ask one of the [core team] members to add the label, if you do not have permissions to do it by yourself. - -If you want to create something yourself, consider opening an issue first to -discuss whether it is interesting to include this in GitLab. +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. ### Issue tracker guidelines -**[Search the issue tracker][ce-tracker]** for similar entries before -submitting your own, there's a good chance somebody else had the same issue or -feature proposal. Show your support with an award emoji and/or join the -discussion. - -Please submit bugs using the ['Bug' issue template](.gitlab/issue_templates/Bug.md) provided on the issue tracker. -The text in the parenthesis is there to help you with what to include. Omit it -when submitting the actual issue. You can copy-paste it and then edit as you -see fit. +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. ### Issue weight -Issue weight allows us to get an idea of the amount of work required to solve -one or multiple issues. This makes it possible to schedule work more accurately. - -You are encouraged to set the weight of any issue. Following the guidelines -below will make it easy to manage this, without unnecessary overhead. - -1. Set weight for any issue at the earliest possible convenience -1. If you don't agree with a set weight, discuss with other developers until -consensus is reached about the weight -1. Issue weights are an abstract measurement of complexity of the issue. Do not -relate issue weight directly to time. This is called [anchoring](https://en.wikipedia.org/wiki/Anchoring) -and something you want to avoid. -1. Something that has a weight of 1 (or no weight) is really small and simple. -Something that is 9 is rewriting a large fundamental part of GitLab, -which might lead to many hard problems to solve. Changing some text in GitLab -is probably 1, adding a new Git Hook maybe 4 or 5, big features 7-9. -1. If something is very large, it should probably be split up in multiple -issues or chunks. You can simply not set the weight of a parent issue and set -weights to children issues. +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. ### Regression issues -Every monthly release has a corresponding issue on the CE issue tracker to keep -track of functionality broken by that release and any fixes that need to be -included in a patch release (see [8.3 Regressions] as an example). - -As outlined in the issue description, the intended workflow is to post one note -with a reference to an issue describing the regression, and then to update that -note with a reference to the merge request that fixes it as it becomes available. - -If you're a contributor who doesn't have the required permissions to update -other users' notes, please post a new note with a reference to both the issue -and the merge request. - -The release manager will [update the notes] in the regression issue as fixes are -addressed. - -[8.3 Regressions]: https://gitlab.com/gitlab-org/gitlab-ce/issues/4127 -[update the notes]: https://gitlab.com/gitlab-org/release-tools/blob/master/doc/pro-tips.md#update-the-regression-issue +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. ### Technical and UX debt -In order to track things that can be improved in GitLab's codebase, -we use the ~"technical debt" label in [GitLab's issue tracker][ce-tracker]. -For user experience improvements, we use the ~"UX debt" label. - -These labels should be added to issues that describe things that can be improved, -shortcuts that have been taken, features that need additional attention, and all -other things that have been left behind due to high velocity of development. -For example, code that needs refactoring should use the ~"technical debt" label, -user experience refinements should use the ~"UX debt" label. - -Everyone can create an issue, though you may need to ask for adding a specific -label, if you do not have permissions to do it by yourself. Additional labels -can be combined with these labels, to make it easier to schedule -the improvements for a release. - -Issues tagged with these labels have the same priority like issues -that describe a new feature to be introduced in GitLab, and should be scheduled -for a release by the appropriate person. - -Make sure to mention the merge request that the ~"technical debt" issue or -~"UX debt" issue is associated with in the description of the issue. +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. ### Stewardship -For issues related to the open source stewardship of GitLab, -there is the ~"stewardship" label. - -This label is to be used for issues in which the stewardship of GitLab -is a topic of discussion. For instance if GitLab Inc. is planning to add -features from GitLab EE to GitLab CE, related issues would be labelled with -~"stewardship". - -A recent example of this was the issue for -[bringing the time tracking API to GitLab CE][time-tracking-issue]. - -[time-tracking-issue]: https://gitlab.com/gitlab-org/gitlab-ce/issues/25517#note_20019084 +This [documentation](doc/development/contributing/issue_workflow.md) has been moved. ## Merge requests -We welcome merge requests with fixes and improvements to GitLab code, tests, -and/or documentation. The issues that are specifically suitable for -community contributions are listed with the label -[`Accepting Merge Requests` on our issue tracker for CE][accepting-mrs-ce] -and [EE][accepting-mrs-ee], but you are free to contribute to any other issue -you want. - -Please note that if an issue is marked for the current milestone either before -or while you are working on it, a team member may take over the merge request -in order to ensure the work is finished before the release date. - -If you want to add a new feature that is not labeled it is best to first create -a feedback issue (if there isn't one already) and leave a comment asking for it -to be marked as `Accepting Merge Requests`. Please include screenshots or -wireframes if the feature will also change the UI. - -Merge requests should be opened at [GitLab.com][gitlab-mr-tracker]. - -If you are new to GitLab development (or web development in general), see the -[I want to contribute!](#i-want-to-contribute) section to get you started with -some potentially easy issues. - -To start with GitLab development download the [GitLab Development Kit][gdk] and -see the [Development section](doc/development/README.md) for some guidelines. +This [documentation](doc/development/contributing/merge_request_workflow.md) has been moved. ### Merge request guidelines -If you can, please submit a merge request with the fix or improvements -including tests. If you don't know how to fix the issue but can write a test -that exposes the issue we will accept that as well. In general bug fixes that -include a regression test are merged quickly while new features without proper -tests are least likely to receive timely feedback. The workflow to make a merge -request is as follows: - -1. Fork the project into your personal space on GitLab.com -1. Create a feature branch, branch away from `master` -1. Write [tests](https://docs.gitlab.com/ee/development/rake_tasks.html#run-tests) and code -1. [Generate a changelog entry with `bin/changelog`][changelog] -1. If you are writing documentation, make sure to follow the - [documentation guidelines][doc-guidelines] -1. If you have multiple commits please combine them into a few logically - organized commits by [squashing them][git-squash] -1. Push the commit(s) to your fork -1. Submit a merge request (MR) to the `master` branch - 1. Your merge request needs at least 1 approval but feel free to require more. - For instance if you're touching backend and frontend code, it's a good idea - to require 2 approvals: 1 from a backend maintainer and 1 from a frontend - maintainer - 1. You don't have to select any approvers, but you can if you really want - specific people to approve your merge request -1. The MR title should describe the change you want to make -1. The MR description should give a motive for your change and the method you - used to achieve it. - 1. If you are contributing code, fill in the template already provided in the - "Description" field. - 1. If you are contributing documentation, choose `Documentation` from the - "Choose a template" menu and fill in the template. - 1. Mention the issue(s) your merge request solves, using the `Solves #XXX` or - `Closes #XXX` syntax to auto-close the issue(s) once the merge request will - be merged. -1. If you're allowed to, set a relevant milestone and labels -1. If the MR changes the UI it should include *Before* and *After* screenshots -1. If the MR changes CSS classes please include the list of affected pages, - `grep css-class ./app -R` -1. Be prepared to answer questions and incorporate feedback even if requests - for this arrive weeks or months after your MR submission - 1. If a discussion has been addressed, select the "Resolve discussion" button - beneath it to mark it resolved. -1. If your MR touches code that executes shell commands, reads or opens files or - handles paths to files on disk, make sure it adheres to the - [shell command guidelines](doc/development/shell_commands.md) -1. If your code creates new files on disk please read the - [shared files guidelines](doc/development/shared_files.md). -1. When writing commit messages please follow - [these](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) - [guidelines](http://chris.beams.io/posts/git-commit/). -1. If your merge request adds one or more migrations, make sure to execute all - migrations on a fresh database before the MR is reviewed. If the review leads - to large changes in the MR, do this again once the review is complete. -1. For more complex migrations, write tests. -1. Merge requests **must** adhere to the [merge request performance - guidelines](doc/development/merge_request_performance_guidelines.md). -1. For tests that use Capybara or PhantomJS, see this [article on how - to write reliable asynchronous tests](https://robots.thoughtbot.com/write-reliable-asynchronous-integration-tests-with-capybara). - -Please keep the change in a single MR **as small as possible**. If you want to -contribute a large feature think very hard what the minimum viable change is. -Can you split the functionality? Can you only submit the backend/API code? Can -you start with a very simple UI? Can you do part of the refactor? The increased -reviewability of small MRs that leads to higher code quality is more important -to us than having a minimal commit log. The smaller an MR is the more likely it -is it will be merged (quickly). After that you can send more MRs to enhance it. -The ['How to get faster PR reviews' document of Kubernetes](https://github.com/kubernetes/community/blob/master/contributors/devel/faster_reviews.md) also has some great points regarding this. - -For examples of feedback on merge requests please look at already -[closed merge requests][closed-merge-requests]. If you would like quick feedback -on your merge request feel free to mention someone from the [core team] or one -of the [Merge request coaches][team]. -Please ensure that your merge request meets the contribution acceptance criteria. - -When having your code reviewed and when reviewing merge requests please take the -[code review guidelines](doc/development/code_review.md) into account. +This [documentation](doc/development/contributing/merge_request_workflow.md) has been moved. + ### Contribution acceptance criteria -1. The change is as small as possible -1. Include proper tests and make all tests pass (unless it contains a test - exposing a bug in existing code). Every new class should have corresponding - unit tests, even if the class is exercised at a higher level, such as a feature test. -1. If you suspect a failing CI build is unrelated to your contribution, you may - try and restart the failing CI job or ask a developer to fix the - aforementioned failing test -1. Your MR initially contains a single commit (please use `git rebase -i` to - squash commits) -1. Your changes can merge without problems (if not please rebase if you're the - only one working on your feature branch, otherwise, merge `master`) -1. Does not break any existing functionality -1. Fixes one specific issue or implements one specific feature (do not combine - things, send separate merge requests if needed) -1. Migrations should do only one thing (e.g., either create a table, move data - to a new table or remove an old table) to aid retrying on failure -1. Keeps the GitLab code base clean and well structured -1. Contains functionality we think other users will benefit from too -1. Doesn't add configuration options or settings options since they complicate - making and testing future changes -1. Changes do not adversely degrade performance. - - Avoid repeated polling of endpoints that require a significant amount of overhead - - Check for N+1 queries via the SQL log or [`QueryRecorder`](https://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - - Avoid repeated access of filesystem -1. If you need polling to support real-time features, please use - [polling with ETag caching][polling-etag]. -1. Changes after submitting the merge request should be in separate commits - (no squashing). -1. It conforms to the [style guides](#style-guides) and the following: - - If your change touches a line that does not follow the style, modify the - entire line to follow it. This prevents linting tools from generating warnings. - - Don't touch neighbouring lines. As an exception, automatic mass - refactoring modifications may leave style non-compliant. -1. If the merge request adds any new libraries (gems, JavaScript libraries, - etc.), they should conform to our [Licensing guidelines][license-finder-doc]. - See the instructions in that document for help if your MR fails the - "license-finder" test with a "Dependencies that need approval" error. -1. The merge request meets the [definition of done](#definition-of-done). +This [documentation](doc/development/contributing/merge_request_workflow.md) has been moved. ## Definition of done -If you contribute to GitLab please know that changes involve more than just -code. We have the following [definition of done][definition-of-done]. Please ensure you support -the feature you contribute through all of these steps. - -1. Description explaining the relevancy (see following item) -1. Working and clean code that is commented where needed -1. [Unit, integration, and system tests][testing] that pass on the CI server -1. Performance/scalability implications have been considered, addressed, and tested -1. [Documented][doc-styleguide] in the `/doc` directory -1. [Changelog entry added][changelog], if necessary -1. Reviewed and any concerns are addressed -1. Merged by a project maintainer -1. Added to the release blog article, if relevant -1. Added to [the website](https://gitlab.com/gitlab-com/www-gitlab-com/), if relevant -1. Community questions answered -1. Answers to questions radiated (in docs/wiki/support etc.) - -If you add a dependency in GitLab (such as an operating system package) please -consider updating the following and note the applicability of each in your -merge request: - -1. Note the addition in the release blog post (create one if it doesn't exist yet) https://gitlab.com/gitlab-com/www-gitlab-com/merge_requests/ -1. Upgrade guide, for example https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/update/7.5-to-7.6.md -1. Upgrader https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/update/upgrader.md#2-run-gitlab-upgrade-tool -1. Installation guide https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/install/installation.md#1-packages-dependencies -1. GitLab Development Kit https://gitlab.com/gitlab-org/gitlab-development-kit -1. Test suite https://gitlab.com/gitlab-org/gitlab-ce/blob/master/scripts/prepare_build.sh -1. Omnibus package creator https://gitlab.com/gitlab-org/omnibus-gitlab +This [documentation](doc/development/contributing/merge_request_workflow.md) has been moved. ## Style guides -1. [Ruby](https://github.com/bbatsov/ruby-style-guide). - Important sections include [Source Code Layout][rss-source] and - [Naming][rss-naming]. Use: - - multi-line method chaining style **Option A**: dot `.` on the second line - - string literal quoting style **Option A**: single quoted by default -1. [Rails](https://github.com/bbatsov/rails-style-guide) -1. [Newlines styleguide][newlines-styleguide] -1. [Testing][testing] -1. [JavaScript styleguide][js-styleguide] -1. [SCSS styleguide][scss-styleguide] -1. [Shell commands](doc/development/shell_commands.md) created by GitLab - contributors to enhance security -1. [Database Migrations](doc/development/migration_style_guide.md) -1. [Markdown](http://www.cirosantilli.com/markdown-styleguide) -1. [Documentation styleguide][doc-styleguide] -1. Interface text should be written subjectively instead of objectively. It - should be the GitLab core team addressing a person. It should be written in - present time and never use past tense (has been/was). For example instead - of _prohibited this user from being saved due to the following errors:_ the - text should be _sorry, we could not create your account because:_ -1. Code should be written in [US English][us-english] - -This is also the style used by linting tools such as -[RuboCop](https://github.com/bbatsov/rubocop), -[PullReview](https://www.pullreview.com/) and [Hound CI](https://houndci.com). - -## Code of conduct - -As contributors and maintainers of this project, we pledge to respect all -people who contribute through reporting issues, posting feature requests, -updating documentation, submitting pull requests or patches, and other -activities. - -We are committed to making participation in this project a harassment-free -experience for everyone, regardless of level of experience, gender, gender -identity and expression, sexual orientation, disability, personal appearance, -body size, race, ethnicity, age, or religion. - -Examples of unacceptable behavior by participants include the use of sexual -language or imagery, derogatory comments or personal attacks, trolling, public -or private harassment, insults, or other unprofessional conduct. - -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct. Project maintainers who do not -follow the Code of Conduct may be removed from the project team. - -This code of conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. - -Instances of abusive, harassing, or otherwise unacceptable behavior can be -reported by emailing `contact@gitlab.com`. - -This Code of Conduct is adapted from the [Contributor Covenant][contributor-covenant], version 1.1.0, -available at [http://contributor-covenant.org/version/1/1/0/](http://contributor-covenant.org/version/1/1/0/). - -[core team]: https://about.gitlab.com/core-team/ -[team]: https://about.gitlab.com/team/ -[getting-help]: https://about.gitlab.com/getting-help/ -[codetriage]: http://www.codetriage.com/gitlabhq/gitlabhq -[accepting-mrs-weight]: https://gitlab.com/gitlab-org/gitlab-ce/issues?assignee_id=0&label_name[]=Accepting%20Merge%20Requests&sort=weight_asc -[ce-tracker]: https://gitlab.com/gitlab-org/gitlab-ce/issues -[ee-tracker]: https://gitlab.com/gitlab-org/gitlab-ee/issues -[google-group]: https://groups.google.com/forum/#!forum/gitlabhq -[stackoverflow]: https://stackoverflow.com/questions/tagged/gitlab -[fpl]: https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name=feature+proposal -[accepting-mrs-ce]: https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name=Accepting+Merge+Requests -[accepting-mrs-ee]: https://gitlab.com/gitlab-org/gitlab-ee/issues?label_name=Accepting+Merge+Requests -[gitlab-mr-tracker]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests -[gdk]: https://gitlab.com/gitlab-org/gitlab-development-kit -[git-squash]: https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits -[closed-merge-requests]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests?assignee_id=&label_name=&milestone_id=&scope=&sort=&state=closed -[definition-of-done]: http://guide.agilealliance.org/guide/definition-of-done.html -[contributor-covenant]: http://contributor-covenant.org -[rss-source]: https://github.com/bbatsov/ruby-style-guide/blob/master/README.md#source-code-layout -[rss-naming]: https://github.com/bbatsov/ruby-style-guide/blob/master/README.md#naming -[changelog]: doc/development/changelog.md "Generate a changelog entry" -[doc-guidelines]: doc/development/documentation/index.md "Documentation guidelines" -[js-styleguide]: doc/development/fe_guide/style_guide_js.md "JavaScript styleguide" -[scss-styleguide]: doc/development/fe_guide/style_guide_scss.md "SCSS styleguide" -[newlines-styleguide]: doc/development/newlines_styleguide.md "Newlines styleguide" -[UX Guide for GitLab]: http://docs.gitlab.com/ce/development/ux_guide/ -[license-finder-doc]: doc/development/licensing.md -[GitLab Inc engineering workflow]: https://about.gitlab.com/handbook/engineering/workflow/#labelling-issues -[polling-etag]: https://docs.gitlab.com/ce/development/polling.html -[testing]: doc/development/testing_guide/index.md -[us-english]: https://en.wikipedia.org/wiki/American_English +This [documentation](doc/development/contributing/design.md) has been moved. diff --git a/Dangerfile b/Dangerfile new file mode 100644 index 0000000000000000000000000000000000000000..10caacff4c4f6ecc0d917307a53e80c5f789c056 --- /dev/null +++ b/Dangerfile @@ -0,0 +1,11 @@ +danger.import_dangerfile(path: 'danger/metadata') +danger.import_dangerfile(path: 'danger/changes_size') +danger.import_dangerfile(path: 'danger/changelog') +danger.import_dangerfile(path: 'danger/specs') +danger.import_dangerfile(path: 'danger/gemfile') +danger.import_dangerfile(path: 'danger/database') +danger.import_dangerfile(path: 'danger/documentation') +danger.import_dangerfile(path: 'danger/frozen_string') +danger.import_dangerfile(path: 'danger/commit_messages') +danger.import_dangerfile(path: 'danger/prettier') +danger.import_dangerfile(path: 'danger/eslint') diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index f1b9cc4cd952f48061dc282891bdaded7f459d9a..33e061fe7a0fd3ad61986929b279931c559682da 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -0.105.0 +0.125.1 diff --git a/GITLAB_PAGES_VERSION b/GITLAB_PAGES_VERSION index f374f6662e9a1983e9b8a534a3295df618772ffe..6085e946503a10fb4d58a5c7d9a6e572c21ddd2e 100644 --- a/GITLAB_PAGES_VERSION +++ b/GITLAB_PAGES_VERSION @@ -1 +1 @@ -0.9.1 +1.2.1 diff --git a/GITLAB_SHELL_VERSION b/GITLAB_SHELL_VERSION index b7f8ee41e6934d953db404b5c91f4465bd1850cb..9da0a092a0d2c0db26992cc4e9fef0f0614aad31 100644 --- a/GITLAB_SHELL_VERSION +++ b/GITLAB_SHELL_VERSION @@ -1 +1 @@ -7.1.4 +8.4.0 \ No newline at end of file diff --git a/GITLAB_WORKHORSE_VERSION b/GITLAB_WORKHORSE_VERSION index f77856a6f1af5be6984fa25aaa2e17616e1030ab..4122521804fa232f4eb0203d024fbf5ed0f55012 100644 --- a/GITLAB_WORKHORSE_VERSION +++ b/GITLAB_WORKHORSE_VERSION @@ -1 +1 @@ -4.3.1 +7.0.0 \ No newline at end of file diff --git a/Gemfile b/Gemfile index f8908ded9b3b84eb9f13c2d5785e35645a5c9d8c..64d87baf69779af3d18a230b92e48725a77a089e 100644 --- a/Gemfile +++ b/Gemfile @@ -35,7 +35,7 @@ gem 'faraday', '~> 0.12' # Authentication libraries gem 'devise', '~> 4.4' gem 'doorkeeper', '~> 4.3' -gem 'doorkeeper-openid_connect', '~> 1.3' +gem 'doorkeeper-openid_connect', '~> 1.5' gem 'omniauth', '~> 1.8' gem 'omniauth-auth0', '~> 2.0.0' gem 'omniauth-azure-oauth2', '~> 0.0.9' @@ -47,7 +47,7 @@ gem 'omniauth-google-oauth2', '~> 0.5.3' gem 'omniauth-kerberos', '~> 0.3.0', group: :kerberos gem 'omniauth-oauth2-generic', '~> 0.2.2' gem 'omniauth-saml', '~> 1.10' -gem 'omniauth-shibboleth', '~> 1.2.0' +gem 'omniauth-shibboleth', '~> 1.3.0' gem 'omniauth-twitter', '~> 1.4' gem 'omniauth_crowd', '~> 2.2.0' gem 'omniauth-authentiq', '~> 0.3.3' @@ -68,7 +68,7 @@ gem 'u2f', '~> 0.2.1' gem 'validates_hostname', '~> 1.0.6' # Browser detection -gem 'browser', '~> 2.2' +gem 'browser', '~> 2.5' # GPG gem 'gpgme' @@ -79,17 +79,8 @@ gem 'gpgme' gem 'gitlab_omniauth-ldap', '~> 2.0.4', require: 'omniauth-ldap' gem 'net-ldap' -# Git Wiki -# Required manually in config/initializers/gollum.rb to control load order -gem 'gitlab-gollum-lib', '~> 4.2', require: false - -gem 'gitlab-gollum-rugged_adapter', '~> 0.4.4', require: false - -# Language detection -gem 'github-linguist', '~> 5.3.3', require: 'linguist' - # API -gem 'grape', '~> 1.0' +gem 'grape', '~> 1.1' gem 'grape-entity', '~> 0.7.1' gem 'rack-cors', '~> 1.0.0', require: 'rack/cors' @@ -104,26 +95,25 @@ gem 'hashie-forbidden_attributes' gem 'kaminari', '~> 1.0' # HAML -gem 'hamlit', '~> 2.6.1' +gem 'hamlit', '~> 2.8.8' # Files attachments -gem 'carrierwave', '~> 1.2' +# Locked until https://github.com/carrierwaveuploader/carrierwave/pull/2332/files is merged. +# config/initializers/carrierwave_patch.rb can be removed once that change is released. +gem 'carrierwave', '= 1.2.3' gem 'mini_magick' -# Drag and Drop UI -gem 'dropzonejs-rails', '~> 0.7.1' - # for backups gem 'fog-aws', '~> 2.0.1' gem 'fog-core', '~> 1.44' -gem 'fog-google', '~> 1.3.3' +gem 'fog-google', '~> 1.7.1' gem 'fog-local', '~> 0.3' gem 'fog-openstack', '~> 0.1' gem 'fog-rackspace', '~> 0.1.1' gem 'fog-aliyun', '~> 0.2.0' # for Google storage -gem 'google-api-client', '~> 0.19.8' +gem 'google-api-client', '~> 0.23' # for aws storage gem 'unf', '~> 0.1.4' @@ -132,9 +122,10 @@ gem 'unf', '~> 0.1.4' gem 'seed-fu', '~> 2.3.7' # Markdown and HTML processing -gem 'html-pipeline', '~> 2.7.1' +gem 'html-pipeline', '~> 2.8' gem 'deckar01-task_list', '2.0.0' -gem 'gitlab-markup', '~> 1.6.2' +gem 'gitlab-markup', '~> 1.6.4' +gem 'github-markup', '~> 1.7.0', require: 'github/markup' gem 'redcarpet', '~> 3.4' gem 'commonmarker', '~> 0.17' gem 'RedCloth', '~> 4.3.2' @@ -148,6 +139,7 @@ gem 'rouge', '~> 3.1' gem 'truncato', '~> 0.7.9' gem 'bootstrap_form', '~> 2.7.0' gem 'nokogiri', '~> 1.8.2' +gem 'escape_utils', '~> 1.1' # Calendar rendering gem 'icalendar' @@ -168,10 +160,9 @@ gem 'state_machines-activerecord', '~> 0.5.1' gem 'acts-as-taggable-on', '~> 5.0' # Background jobs -gem 'sidekiq', '~> 5.1' +gem 'sidekiq', '~> 5.2.1' gem 'sidekiq-cron', '~> 0.6.0' gem 'redis-namespace', '~> 1.6.0' -gem 'sidekiq-limit_fetch', '~> 3.4', require: false # Cron Parser gem 'rufus-scheduler', '~> 3.4' @@ -180,7 +171,7 @@ gem 'rufus-scheduler', '~> 3.4' gem 'httparty', '~> 0.13.3' # Colored output to console -gem 'rainbow', '~> 2.2' +gem 'rainbow', '~> 3.0' # Progress bar gem 'ruby-progressbar' @@ -195,6 +186,9 @@ gem 're2', '~> 1.1.1' gem 'version_sorter', '~> 2.1.0' +# Export Ruby Regex to Javascript +gem 'js_regex', '~> 2.2.1' + # User agent parsing gem 'device_detector' @@ -212,14 +206,14 @@ gem 'hipchat', '~> 1.5.0' gem 'jira-ruby', '~> 1.4' # Flowdock integration -gem 'gitlab-flowdock-git-hook', '~> 1.0.1' - -# Gemnasium integration -gem 'gemnasium-gitlab-service', '~> 0.2' +gem 'flowdock', '~> 0.7' # Slack integration gem 'slack-notifier', '~> 1.5.1' +# Hangouts Chat integration +gem 'hangouts-chat', '~> 0.0.5' + # Asana integration gem 'asana', '~> 0.6.0' @@ -230,7 +224,7 @@ gem 'ruby-fogbugz', '~> 0.2.1' gem 'kubeclient', '~> 3.1.0' # Sanitize user input -gem 'sanitize', '~> 2.0' +gem 'sanitize', '~> 4.6' gem 'babosa', '~> 1.0.2' # Sanitizes SVG input @@ -295,16 +289,15 @@ gem 'peek-mysql2', '~> 1.1.0', group: :mysql gem 'peek-pg', '~> 1.3.0', group: :postgres gem 'peek-rblineprof', '~> 0.2.0' gem 'peek-redis', '~> 1.2.0' -gem 'peek-sidekiq', '~> 1.0.3' +gem 'gitlab-sidekiq-fetcher', require: 'sidekiq-reliable-fetch' # Metrics group :metrics do - gem 'allocations', '~> 1.0', require: false, platform: :mri gem 'method_source', '~> 0.8', require: false gem 'influxdb', '~> 0.2', require: false # Prometheus - gem 'prometheus-client-mmap', '~> 0.9.3' + gem 'prometheus-client-mmap', '~> 0.9.4' gem 'raindrops', '~> 0.18' end @@ -324,6 +317,7 @@ group :development do end group :development, :test do + gem 'bootsnap', '~> 1.3' gem 'bullet', '~> 5.5.0', require: !!ENV['ENABLE_BULLET'] gem 'pry-byebug', '~> 3.4.1', platform: :mri gem 'pry-rails', '~> 0.3.4' @@ -333,7 +327,7 @@ group :development, :test do gem 'database_cleaner', '~> 1.5.0' gem 'factory_bot_rails', '~> 4.8.2' - gem 'rspec-rails', '~> 3.6.0' + gem 'rspec-rails', '~> 3.7.0' gem 'rspec-retry', '~> 0.4.5' gem 'rspec_profiling', '~> 0.0.5' gem 'rspec-set', '~> 0.1.3' @@ -352,20 +346,19 @@ group :development, :test do gem 'spring', '~> 2.0.0' gem 'spring-commands-rspec', '~> 1.0.4' - gem 'gitlab-styles', '~> 2.3', require: false + gem 'gitlab-styles', '~> 2.4', require: false # Pin these dependencies, otherwise a new rule could break the CI pipelines - gem 'rubocop', '~> 0.52.1' + gem 'rubocop', '~> 0.54.0' gem 'rubocop-rspec', '~> 1.22.1' gem 'scss_lint', '~> 0.56.0', require: false gem 'haml_lint', '~> 0.26.0', require: false gem 'simplecov', '~> 0.14.0', require: false - gem 'flay', '~> 2.10.0', require: false gem 'bundler-audit', '~> 0.5.0', require: false gem 'benchmark-ips', '~> 2.3.0', require: false - gem 'license_finder', '~> 3.1', require: false + gem 'license_finder', '~> 5.4', require: false gem 'knapsack', '~> 1.16' gem 'activerecord_sane_schema_dumper', gem_versions['activerecord_sane_schema_dumper'] @@ -387,6 +380,7 @@ group :test do gem 'sham_rack', '~> 1.3.6' gem 'concurrent-ruby', '~> 1.0.5' gem 'test-prof', '~> 0.2.5' + gem 'rspec_junit_formatter' end gem 'octokit', '~> 4.9' @@ -397,6 +391,7 @@ gem 'email_reply_trimmer', '~> 0.1' gem 'html2text' gem 'ruby-prof', '~> 0.17.0' +gem 'rbtrace', '~> 0.4', require: false # OAuth gem 'oauth2', '~> 1.4' @@ -419,8 +414,8 @@ group :ed25519 do end # Gitaly GRPC client -gem 'gitaly-proto', '~> 0.100.0', require: 'gitaly' -gem 'grpc', '~> 1.11.0' +gem 'gitaly-proto', '~> 0.118.1', require: 'gitaly' +gem 'grpc', '~> 1.15.0' # Locked until https://github.com/google/protobuf/issues/4210 is closed gem 'google-protobuf', '= 3.5.1' diff --git a/Gemfile.lock b/Gemfile.lock index 5f8d1a8fa6844a96fc6aa758c49baf4456c3c91a..a39788bee9f3a9da23df13242fac135042250cd9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -49,7 +49,6 @@ GEM public_suffix (>= 2.0.2, < 4.0) aes_key_wrap (1.0.1) akismet (2.0.0) - allocations (1.0.5) arel (6.0.4) asana (0.6.0) faraday (~> 0.9) @@ -77,7 +76,7 @@ GEM babosa (1.0.2) base32 (0.3.2) batch-loader (1.2.1) - bcrypt (3.1.11) + bcrypt (3.1.12) bcrypt_pbkdf (1.0.0) benchmark-ips (2.3.0) better_errors (2.1.1) @@ -87,10 +86,11 @@ GEM bindata (2.4.3) binding_of_caller (0.7.2) debug_inspector (>= 0.0.1) - blankslate (2.1.2.4) + bootsnap (1.3.2) + msgpack (~> 1.0) bootstrap_form (2.7.0) brakeman (4.2.1) - browser (2.2.0) + browser (2.5.3) builder (3.2.3) bullet (5.5.1) activesupport (>= 3.0.0) @@ -109,7 +109,7 @@ GEM capybara-screenshot (1.0.14) capybara (>= 1.0, < 3) launchy - carrierwave (1.2.1) + carrierwave (1.2.3) activemodel (>= 4.0.0) activesupport (>= 4.0.0) mime-types (>= 1.16) @@ -122,10 +122,10 @@ GEM numerizer (~> 0.1.1) chunky_png (1.3.5) citrus (3.0.2) - coderay (1.1.1) + coderay (1.1.2) coercible (1.0.0) descendants_tracker (~> 0.0.1) - commonmarker (0.17.8) + commonmarker (0.17.13) ruby-enum (~> 0.5) concord (0.1.5) adamantium (~> 0.2.0) @@ -133,14 +133,14 @@ GEM concurrent-ruby (1.0.5) concurrent-ruby-ext (1.0.5) concurrent-ruby (= 1.0.5) - connection_pool (2.2.1) + connection_pool (2.2.2) crack (0.4.3) safe_yaml (~> 1.0.0) crass (1.0.4) creole (0.5.0) css_parser (1.5.0) addressable - daemons (1.2.3) + daemons (1.2.6) database_cleaner (1.5.3) debug_inspector (0.0.2) debugger-ruby_core_source (1.3.8) @@ -172,11 +172,9 @@ GEM unf (>= 0.0.5, < 1.0.0) doorkeeper (4.3.2) railties (>= 4.2) - doorkeeper-openid_connect (1.4.0) + doorkeeper-openid_connect (1.5.0) doorkeeper (~> 4.3) json-jwt (~> 1.6) - dropzonejs-rails (0.7.2) - rails (> 3.1) ed25519 (1.2.4) email_reply_trimmer (0.1.6) email_spec (2.2.0) @@ -189,7 +187,7 @@ GEM escape_utils (1.1.1) et-orbi (1.0.3) tzinfo - eventmachine (1.0.8) + eventmachine (1.2.7) excon (0.62.0) execjs (2.6.0) expression_parser (0.9.0) @@ -208,12 +206,7 @@ GEM fast_blank (1.0.0) fast_gettext (1.6.0) ffaker (2.4.0) - ffi (1.9.18) - flay (2.10.0) - erubis (~> 2.7.0) - path_expander (~> 1.0) - ruby_parser (~> 3.0) - sexp_processor (~> 4.0) + ffi (1.9.25) flipper (0.13.0) flipper-active_record (0.13.0) activerecord (>= 3.2, < 6) @@ -238,11 +231,11 @@ GEM builder excon (~> 0.58) formatador (~> 0.2) - fog-google (1.3.3) + fog-google (1.7.1) fog-core fog-json fog-xml - google-api-client (~> 0.19.1) + google-api-client (~> 0.23.0) fog-json (1.0.2) fog-core (~> 1.0) multi_json (~> 1.10) @@ -268,8 +261,6 @@ GEM fuubar (2.2.0) rspec-core (~> 3.0) ruby-progressbar (~> 1.4) - gemnasium-gitlab-service (0.2.6) - rugged (~> 0.21) gemojione (3.3.0) json get_process_mem (0.2.0) @@ -283,38 +274,15 @@ GEM gettext_i18n_rails (>= 0.7.1) po_to_json (>= 1.0.0) rails (>= 3.2.0) - gitaly-proto (0.100.0) + gitaly-proto (0.118.1) google-protobuf (~> 3.1) grpc (~> 1.10) - github-linguist (5.3.3) - charlock_holmes (~> 0.7.5) - escape_utils (~> 1.1.0) - mime-types (>= 1.19) - rugged (>= 0.25.1) github-markup (1.7.0) - gitlab-flowdock-git-hook (1.0.1) - flowdock (~> 0.7) - gitlab-grit (>= 2.4.1) - multi_json - gitlab-gollum-lib (4.2.7.2) - gemojione (~> 3.2) - github-markup (~> 1.6) - gollum-grit_adapter (~> 1.0) - nokogiri (>= 1.6.1, < 2.0) - rouge (~> 3.1) - sanitize (~> 2.1) - stringex (~> 2.6) - gitlab-gollum-rugged_adapter (0.4.4) - mime-types (>= 1.15) - rugged (~> 0.25) - gitlab-grit (2.8.2) - charlock_holmes (~> 0.6) - diff-lcs (~> 1.1) - mime-types (>= 1.16) - posix-spawn (~> 0.3) - gitlab-markup (1.6.3) - gitlab-styles (2.3.2) - rubocop (~> 0.51) + gitlab-markup (1.6.4) + gitlab-sidekiq-fetcher (0.3.0) + sidekiq (~> 5) + gitlab-styles (2.4.1) + rubocop (~> 0.54.0) rubocop-gitlab-security (~> 0.1.0) rubocop-rspec (~> 1.19) gitlab_omniauth-ldap (2.0.4) @@ -324,13 +292,11 @@ GEM rubyntlm (~> 0.5) globalid (0.4.1) activesupport (>= 4.2.0) - gollum-grit_adapter (1.0.1) - gitlab-grit (~> 2.7, >= 2.7.1) gon (6.2.0) actionpack (>= 3.0) multi_json request_store (>= 1.0) - google-api-client (0.19.8) + google-api-client (0.23.4) addressable (~> 2.5, >= 2.5.1) googleauth (>= 0.5, < 0.7.0) httpclient (>= 2.8.1, < 3.0) @@ -338,19 +304,18 @@ GEM representable (~> 3.0) retriable (>= 2.0, < 4.0) google-protobuf (3.5.1) - googleapis-common-protos-types (1.0.1) + googleapis-common-protos-types (1.0.2) google-protobuf (~> 3.0) - googleauth (0.6.2) + googleauth (0.6.6) faraday (~> 0.12) jwt (>= 1.4, < 3.0) - logging (~> 2.0) memoist (~> 0.12) multi_json (~> 1.11) - os (~> 0.9) + os (>= 0.9, < 2.0) signet (~> 0.7) gpgme (2.0.13) mini_portile2 (~> 2.1) - grape (1.0.3) + grape (1.1.0) activesupport builder mustermann-grape (~> 1.0.0) @@ -360,8 +325,8 @@ GEM grape-entity (0.7.1) activesupport (>= 4.0) multi_json (>= 1.3.2) - grape-path-helpers (1.0.4) - activesupport (~> 4) + grape-path-helpers (1.0.6) + activesupport (>= 4, < 5.1) grape (~> 1.0) rake (~> 12) grape_logging (1.7.0) @@ -370,11 +335,11 @@ GEM railties sprockets-rails graphql (1.8.1) - grpc (1.11.0) + grpc (1.15.0) google-protobuf (~> 3.1) googleapis-common-protos-types (~> 1.0.0) - googleauth (>= 0.5.1, < 0.7) - haml (4.0.7) + haml (5.0.4) + temple (>= 0.8.0) tilt haml_lint (0.26.0) haml (>= 4.0, < 5.1) @@ -382,10 +347,11 @@ GEM rake (>= 10, < 13) rubocop (>= 0.49.0) sysexits (~> 1.1) - hamlit (2.6.1) - temple (~> 0.7.6) + hamlit (2.8.8) + temple (>= 0.8.0) thor tilt + hangouts-chat (0.0.5) hashdiff (0.3.4) hashie (3.5.7) hashie-forbidden_attributes (0.1.1) @@ -395,7 +361,7 @@ GEM hipchat (1.5.2) httparty mimemagic - html-pipeline (2.7.1) + html-pipeline (2.8.4) activesupport (>= 2) nokogiri (>= 1.4) html2text (0.2.0) @@ -427,13 +393,13 @@ GEM multipart-post oauth (~> 0.5, >= 0.5.0) jquery-atwho-rails (1.3.2) + js_regex (2.2.1) + regexp_parser (>= 0.4.11, <= 0.5.0) json (1.8.6) - json-jwt (1.9.2) + json-jwt (1.9.4) activesupport aes_key_wrap bindata - securecompare - url_safe_base64 json-schema (2.8.0) addressable (>= 2.4) jwt (1.5.6) @@ -452,7 +418,6 @@ GEM kgio (2.10.0) knapsack (1.16.0) rake - timecop (>= 0.1.0) kubeclient (3.1.0) http (~> 2.2.2) recursive-open-struct (~> 1.0, >= 1.0.4) @@ -465,21 +430,16 @@ GEM actionmailer (>= 3.2) letter_opener (~> 1.0) railties (>= 3.2) - license_finder (3.1.1) + license_finder (5.4.0) bundler - httparty rubyzip thor - toml (= 0.1.2) - with_env (> 1.0) + toml (= 0.2.0) + with_env (= 1.1.0) xml-simple licensee (8.9.2) rugged (~> 0.24) - little-plugger (1.1.4) locale (2.1.2) - logging (2.2.2) - little-plugger (~> 1.1) - multi_json (~> 1.10) lograge (0.10.0) actionpack (>= 4) activesupport (>= 4) @@ -494,28 +454,31 @@ GEM memoist (0.16.0) memoizable (0.4.2) thread_safe (~> 0.3, >= 0.3.1) - method_source (0.8.2) + method_source (0.9.0) mime-types (3.1) mime-types-data (~> 3.2015) mime-types-data (3.2016.0521) mimemagic (0.3.0) mini_magick (4.8.0) - mini_mime (1.0.0) + mini_mime (1.0.1) mini_portile2 (2.3.0) minitest (5.7.0) mousetrap-rails (1.4.6) + msgpack (1.2.4) multi_json (1.13.1) multi_xml (0.6.0) multipart-post (2.0.0) - mustermann (1.0.2) + mustermann (1.0.3) mustermann-grape (1.0.0) mustermann (~> 1.0.0) mysql2 (0.4.10) net-ldap (0.16.0) net-ssh (5.0.1) netrc (0.11.0) - nokogiri (1.8.2) + nokogiri (1.8.4) mini_portile2 (~> 2.3.0) + nokogumbo (1.5.0) + nokogiri numerizer (0.1.1) oauth (0.5.4) oauth2 (1.4.0) @@ -570,7 +533,7 @@ GEM omniauth-saml (1.10.0) omniauth (~> 1.3, >= 1.3.2) ruby-saml (~> 1.7) - omniauth-shibboleth (1.2.1) + omniauth-shibboleth (1.3.0) omniauth (>= 1.0.0) omniauth-twitter (1.4.0) omniauth-oauth (~> 1.1) @@ -582,13 +545,11 @@ GEM org-ruby (0.9.12) rubypants (~> 0.2) orm_adapter (0.5.0) - os (0.9.6) + os (1.0.0) parallel (1.12.1) parser (2.5.1.0) ast (~> 2.4.0) - parslet (1.5.0) - blankslate (~> 2.0) - path_expander (1.0.2) + parslet (1.8.2) peek (1.0.1) concurrent-ruby (>= 0.9.0) concurrent-ruby-ext (>= 0.9.0) @@ -611,14 +572,9 @@ GEM atomic (>= 1.0.0) peek redis - peek-sidekiq (1.0.3) - atomic (>= 1.0.0) - peek - sidekiq pg (0.18.4) po_to_json (1.0.1) json (>= 1.6.0) - posix-spawn (0.3.13) powerpack (0.1.1) premailer (1.10.4) addressable @@ -632,17 +588,16 @@ GEM parser unparser procto (0.0.3) - prometheus-client-mmap (0.9.3) - pry (0.10.4) + prometheus-client-mmap (0.9.4) + pry (0.11.3) coderay (~> 1.1.0) - method_source (~> 0.8.1) - slop (~> 3.4) - pry-byebug (3.4.2) - byebug (~> 9.0) + method_source (~> 0.9.0) + pry-byebug (3.4.3) + byebug (>= 9.0, < 9.1) pry (~> 0.10) - pry-rails (0.3.5) - pry (>= 0.9.10) - public_suffix (3.0.2) + pry-rails (0.3.6) + pry (>= 0.10.4) + public_suffix (3.0.3) pyu-ruby-sasl (0.0.3.3) rack (1.6.10) rack-accept (0.4.5) @@ -656,7 +611,7 @@ GEM httpclient (>= 2.4) multi_json (>= 1.3.6) rack (>= 1.1) - rack-protection (2.0.1) + rack-protection (2.0.3) rack rack-proxy (0.6.0) rack @@ -689,8 +644,7 @@ GEM activesupport (= 4.2.10) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) - rainbow (2.2.2) - rake + rainbow (3.0.0) raindrops (0.18.0) rake (12.3.1) rb-fsevent (0.10.2) @@ -698,6 +652,10 @@ GEM ffi (>= 0.5.0, < 2) rblineprof (0.3.6) debugger-ruby_core_source (~> 1.3) + rbtrace (0.4.10) + ffi (>= 1.0.6) + msgpack (>= 0.4.3) + trollop (>= 1.16.2) rdoc (6.0.4) re2 (1.1.1) recaptcha (3.0.0) @@ -723,6 +681,7 @@ GEM redis-store (>= 1.2, < 2) redis-store (1.4.1) redis (>= 2.2, < 5) + regexp_parser (0.5.0) representable (3.0.4) declarative (< 0.1.0) declarative-option (< 0.2.0) @@ -735,59 +694,62 @@ GEM http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) netrc (~> 0.8) - retriable (3.1.1) + retriable (3.1.2) rinku (2.0.0) rotp (2.1.2) - rouge (3.1.1) + rouge (3.3.0) rqrcode (0.7.0) chunky_png rqrcode-rails3 (0.1.7) rqrcode (>= 0.4.2) - rspec (3.6.0) - rspec-core (~> 3.6.0) - rspec-expectations (~> 3.6.0) - rspec-mocks (~> 3.6.0) - rspec-core (3.6.0) - rspec-support (~> 3.6.0) - rspec-expectations (3.6.0) + rspec (3.7.0) + rspec-core (~> 3.7.0) + rspec-expectations (~> 3.7.0) + rspec-mocks (~> 3.7.0) + rspec-core (3.7.1) + rspec-support (~> 3.7.0) + rspec-expectations (3.7.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.6.0) - rspec-mocks (3.6.0) + rspec-support (~> 3.7.0) + rspec-mocks (3.7.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.6.0) + rspec-support (~> 3.7.0) rspec-parameterized (0.4.0) binding_of_caller parser proc_to_ast rspec (>= 2.13, < 4) unparser - rspec-rails (3.6.0) + rspec-rails (3.7.2) actionpack (>= 3.0) activesupport (>= 3.0) railties (>= 3.0) - rspec-core (~> 3.6.0) - rspec-expectations (~> 3.6.0) - rspec-mocks (~> 3.6.0) - rspec-support (~> 3.6.0) + rspec-core (~> 3.7.0) + rspec-expectations (~> 3.7.0) + rspec-mocks (~> 3.7.0) + rspec-support (~> 3.7.0) rspec-retry (0.4.5) rspec-core rspec-set (0.1.3) - rspec-support (3.6.0) + rspec-support (3.7.1) + rspec_junit_formatter (0.2.3) + builder (< 4) + rspec-core (>= 2, < 4, != 2.12.0) rspec_profiling (0.0.5) activerecord pg rails sqlite3 - rubocop (0.52.1) + rubocop (0.54.0) parallel (~> 1.10) - parser (>= 2.4.0.2, < 3.0) + parser (>= 2.5) powerpack (~> 0.1) rainbow (>= 2.2.2, < 4.0) ruby-progressbar (~> 1.7) unicode-display_width (~> 1.0, >= 1.0.1) rubocop-gitlab-security (0.1.1) rubocop (>= 0.51) - rubocop-rspec (1.22.1) + rubocop-rspec (1.22.2) rubocop (>= 0.52.1) ruby-enum (0.7.2) i18n @@ -801,13 +763,15 @@ GEM sexp_processor (~> 4.1) rubyntlm (0.6.2) rubypants (0.2.0) - rubyzip (1.2.1) + rubyzip (1.2.2) rufus-scheduler (3.4.0) et-orbi (~> 1.0) - rugged (0.27.1) + rugged (0.27.5) safe_yaml (1.0.4) - sanitize (2.1.0) + sanitize (4.6.6) + crass (~> 1.0.2) nokogiri (>= 1.4.4) + nokogumbo (~> 1.4) sass (3.5.5) sass-listen (~> 4.0.0) sass-listen (4.0.0) @@ -825,7 +789,6 @@ GEM scss_lint (0.56.0) rake (>= 0.9, < 13) sass (~> 3.5.3) - securecompare (1.0.0) seed-fu (2.3.7) activerecord (>= 3.1) activesupport (>= 3.1) @@ -842,17 +805,14 @@ GEM rack shoulda-matchers (3.1.2) activesupport (>= 4.0.0) - sidekiq (5.1.3) - concurrent-ruby (~> 1.0) - connection_pool (~> 2.2, >= 2.2.0) + sidekiq (5.2.1) + connection_pool (~> 2.2, >= 2.2.2) rack-protection (>= 1.5.0) redis (>= 3.3.5, < 5) sidekiq-cron (0.6.0) rufus-scheduler (>= 3.3.0) sidekiq (>= 4.2.1) - sidekiq-limit_fetch (3.4.0) - sidekiq (>= 4) - signet (0.8.1) + signet (0.11.0) addressable (~> 2.3) faraday (~> 0.9) jwt (>= 1.5, < 3.0) @@ -864,12 +824,11 @@ GEM simplecov-html (~> 0.10.0) simplecov-html (0.10.0) slack-notifier (1.5.1) - slop (3.6.0) - spring (2.0.1) + spring (2.0.2) activesupport (>= 4.2) spring-commands-rspec (1.0.4) spring (>= 0.9.1) - sprockets (3.7.1) + sprockets (3.7.2) concurrent-ruby (~> 1.0) rack (> 1, < 3) sprockets-rails (3.2.1) @@ -886,28 +845,28 @@ GEM state_machines-activerecord (0.5.1) activerecord (>= 4.1, < 6.0) state_machines-activemodel (>= 0.5.0) - stringex (2.8.4) sys-filesystem (1.1.6) ffi sysexits (1.2.0) - temple (0.7.7) + temple (0.8.0) test-prof (0.2.5) test_after_commit (1.1.0) activerecord (>= 3.2) text (1.3.1) - thin (1.7.0) + thin (1.7.2) daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) thor (0.19.4) thread_safe (0.3.6) - tilt (2.0.6) + tilt (2.0.8) timecop (0.8.1) timfel-krb5-auth (0.8.3) - toml (0.1.2) - parslet (~> 1.5.0) + toml (0.2.0) + parslet (~> 1.8.0) toml-rb (1.0.0) citrus (~> 3.0, > 3.0) + trollop (2.1.3) truncato (0.7.10) htmlentities (~> 4.3.1) nokogiri (~> 1.8.0, >= 1.7.0) @@ -937,7 +896,6 @@ GEM equalizer (~> 0.0.9) parser (>= 2.3.1.2, < 2.6) procto (~> 0.0.2) - url_safe_base64 (0.2.2) validates_hostname (1.0.6) activerecord (>= 3.0) activesupport (>= 3.0) @@ -954,7 +912,7 @@ GEM addressable (>= 2.3.6) crack (>= 0.3.2) hashdiff - webpack-rails (0.9.10) + webpack-rails (0.9.11) railties (>= 3.2.0) wikicloth (0.8.1) builder @@ -975,7 +933,6 @@ DEPENDENCIES acts-as-taggable-on (~> 5.0) addressable (~> 2.5.2) akismet (~> 2.0) - allocations (~> 1.0) asana (~> 0.6.0) asciidoctor (~> 1.5.6) asciidoctor-plantuml (= 0.0.8) @@ -989,14 +946,15 @@ DEPENDENCIES benchmark-ips (~> 2.3.0) better_errors (~> 2.1.0) binding_of_caller (~> 0.7.2) + bootsnap (~> 1.3) bootstrap_form (~> 2.7.0) brakeman (~> 4.2) - browser (~> 2.2) + browser (~> 2.5) bullet (~> 5.5.0) bundler-audit (~> 0.5.0) capybara (~> 2.15) capybara-screenshot (~> 1.0.0) - carrierwave (~> 1.2) + carrierwave (= 1.2.3) charlock_holmes (~> 0.7.5) chronic (~> 0.10.2) chronic_duration (~> 0.10.6) @@ -1012,72 +970,71 @@ DEPENDENCIES devise-two-factor (~> 3.0.0) diffy (~> 3.1.0) doorkeeper (~> 4.3) - doorkeeper-openid_connect (~> 1.3) - dropzonejs-rails (~> 0.7.1) + doorkeeper-openid_connect (~> 1.5) ed25519 (~> 1.2) email_reply_trimmer (~> 0.1) email_spec (~> 2.2.0) + escape_utils (~> 1.1) factory_bot_rails (~> 4.8.2) faraday (~> 0.12) fast_blank ffaker (~> 2.4) - flay (~> 2.10.0) flipper (~> 0.13.0) flipper-active_record (~> 0.13.0) flipper-active_support_cache_store (~> 0.13.0) + flowdock (~> 0.7) fog-aliyun (~> 0.2.0) fog-aws (~> 2.0.1) fog-core (~> 1.44) - fog-google (~> 1.3.3) + fog-google (~> 1.7.1) fog-local (~> 0.3) fog-openstack (~> 0.1) fog-rackspace (~> 0.1.1) font-awesome-rails (~> 4.7) foreman (~> 0.84.0) fuubar (~> 2.2.0) - gemnasium-gitlab-service (~> 0.2) gemojione (~> 3.3) gettext (~> 3.2.2) gettext_i18n_rails (~> 1.8.0) gettext_i18n_rails_js (~> 1.3) - gitaly-proto (~> 0.100.0) - github-linguist (~> 5.3.3) - gitlab-flowdock-git-hook (~> 1.0.1) - gitlab-gollum-lib (~> 4.2) - gitlab-gollum-rugged_adapter (~> 0.4.4) - gitlab-markup (~> 1.6.2) - gitlab-styles (~> 2.3) + gitaly-proto (~> 0.118.1) + github-markup (~> 1.7.0) + gitlab-markup (~> 1.6.4) + gitlab-sidekiq-fetcher + gitlab-styles (~> 2.4) gitlab_omniauth-ldap (~> 2.0.4) gon (~> 6.2) - google-api-client (~> 0.19.8) + google-api-client (~> 0.23) google-protobuf (= 3.5.1) gpgme - grape (~> 1.0) + grape (~> 1.1) grape-entity (~> 0.7.1) grape-path-helpers (~> 1.0) grape_logging (~> 1.7) graphiql-rails (~> 1.4.10) graphql (~> 1.8.0) - grpc (~> 1.11.0) + grpc (~> 1.15.0) haml_lint (~> 0.26.0) - hamlit (~> 2.6.1) + hamlit (~> 2.8.8) + hangouts-chat (~> 0.0.5) hashie-forbidden_attributes health_check (~> 2.6.0) hipchat (~> 1.5.0) - html-pipeline (~> 2.7.1) + html-pipeline (~> 2.8) html2text httparty (~> 0.13.3) icalendar influxdb (~> 0.2) jira-ruby (~> 1.4) jquery-atwho-rails (~> 1.3.2) + js_regex (~> 2.2.1) json-schema (~> 2.8.0) jwt (~> 1.5.6) kaminari (~> 1.0) knapsack (~> 1.16) kubeclient (~> 3.1.0) letter_opener_web (~> 1.3.0) - license_finder (~> 3.1) + license_finder (~> 5.4) licensee (~> 8.9) lograge (~> 0.5) loofah (~> 2.2) @@ -1104,7 +1061,7 @@ DEPENDENCIES omniauth-kerberos (~> 0.3.0) omniauth-oauth2-generic (~> 0.2.2) omniauth-saml (~> 1.10) - omniauth-shibboleth (~> 1.2.0) + omniauth-shibboleth (~> 1.3.0) omniauth-twitter (~> 1.4) omniauth_crowd (~> 2.2.0) org-ruby (~> 0.9.12) @@ -1114,10 +1071,9 @@ DEPENDENCIES peek-pg (~> 1.3.0) peek-rblineprof (~> 0.2.0) peek-redis (~> 1.2.0) - peek-sidekiq (~> 1.0.3) pg (~> 0.18.2) premailer-rails (~> 1.9.7) - prometheus-client-mmap (~> 0.9.3) + prometheus-client-mmap (~> 0.9.4) pry-byebug (~> 3.4.1) pry-rails (~> 0.3.4) rack-attack (~> 4.4.1) @@ -1127,9 +1083,10 @@ DEPENDENCIES rails (= 4.2.10) rails-deprecated_sanitizer (~> 1.0.3) rails-i18n (~> 4.0.9) - rainbow (~> 2.2) + rainbow (~> 3.0) raindrops (~> 0.18) rblineprof (~> 0.3.6) + rbtrace (~> 0.4) rdoc (~> 6.0) re2 (~> 1.1.1) recaptcha (~> 3.0) @@ -1142,11 +1099,12 @@ DEPENDENCIES rouge (~> 3.1) rqrcode-rails3 (~> 0.1.7) rspec-parameterized - rspec-rails (~> 3.6.0) + rspec-rails (~> 3.7.0) rspec-retry (~> 0.4.5) rspec-set (~> 0.1.3) + rspec_junit_formatter rspec_profiling (~> 0.0.5) - rubocop (~> 0.52.1) + rubocop (~> 0.54.0) rubocop-rspec (~> 1.22.1) ruby-fogbugz (~> 0.2.1) ruby-prof (~> 0.17.0) @@ -1154,7 +1112,7 @@ DEPENDENCIES ruby_parser (~> 3.8) rufus-scheduler (~> 3.4) rugged (~> 0.27) - sanitize (~> 2.0) + sanitize (~> 4.6) sass-rails (~> 5.0.6) scss_lint (~> 0.56.0) seed-fu (~> 2.3.7) @@ -1164,9 +1122,8 @@ DEPENDENCIES settingslogic (~> 2.0.9) sham_rack (~> 1.3.6) shoulda-matchers (~> 3.1.2) - sidekiq (~> 5.1) + sidekiq (~> 5.2.1) sidekiq-cron (~> 0.6.0) - sidekiq-limit_fetch (~> 3.4) simple_po_parser (~> 1.1.2) simplecov (~> 0.14.0) slack-notifier (~> 1.5.1) @@ -1197,4 +1154,4 @@ DEPENDENCIES wikicloth (= 0.8.1) BUNDLED WITH - 1.16.2 + 1.16.6 diff --git a/Gemfile.rails5.lock b/Gemfile.rails5.lock index bee13dd1d5371c6fab95a206330669b3ebf01183..1421edb1d39ef7e51ea77c37edb8f33918237c33 100644 --- a/Gemfile.rails5.lock +++ b/Gemfile.rails5.lock @@ -3,7 +3,7 @@ GEM specs: RedCloth (4.3.2) abstract_type (0.0.7) - ace-rails-ap (4.1.4) + ace-rails-ap (4.1.2) actioncable (5.0.7) actionpack (= 5.0.7) nio4r (>= 1.2, < 3.0) @@ -52,14 +52,13 @@ GEM public_suffix (>= 2.0.2, < 4.0) aes_key_wrap (1.0.1) akismet (2.0.0) - allocations (1.0.5) arel (7.1.4) - asana (0.6.3) + asana (0.6.0) faraday (~> 0.9) faraday_middleware (~> 0.9) faraday_middleware-multi_json (~> 0.0) oauth2 (~> 1.0) - asciidoctor (1.5.6.1) + asciidoctor (1.5.6.2) asciidoctor-plantuml (0.0.8) asciidoctor (~> 1.5) asset_sync (2.4.0) @@ -71,8 +70,8 @@ GEM atomic (1.1.99) attr_encrypted (3.1.0) encryptor (~> 3.0.0) - attr_required (1.0.1) - awesome_print (1.2.0) + attr_required (1.0.0) + awesome_print (1.8.0) axiom-types (0.1.1) descendants_tracker (~> 0.0.4) ice_nine (~> 0.11.0) @@ -80,7 +79,7 @@ GEM babosa (1.0.2) base32 (0.3.2) batch-loader (1.2.1) - bcrypt (3.1.11) + bcrypt (3.1.12) bcrypt_pbkdf (1.0.0) benchmark-ips (2.3.0) better_errors (2.1.1) @@ -88,9 +87,10 @@ GEM erubis (>= 2.6.6) rack (>= 0.9.0) bindata (2.4.3) - binding_of_caller (0.7.3) + binding_of_caller (0.7.2) debug_inspector (>= 0.0.1) - blankslate (2.1.2.4) + bootsnap (1.3.2) + msgpack (~> 1.0) bootstrap_form (2.7.0) brakeman (4.2.1) browser (2.5.3) @@ -102,32 +102,33 @@ GEM bundler (~> 1.2) thor (~> 0.18) byebug (9.0.6) - capybara (2.18.0) + capybara (2.15.1) addressable mini_mime (>= 0.1.3) nokogiri (>= 1.3.3) rack (>= 1.0.0) rack-test (>= 0.5.4) - xpath (>= 2.0, < 4.0) - capybara-screenshot (1.0.18) + xpath (~> 2.0) + capybara-screenshot (1.0.14) capybara (>= 1.0, < 3) launchy - carrierwave (1.2.2) + carrierwave (1.2.3) activemodel (>= 4.0.0) activesupport (>= 4.0.0) mime-types (>= 1.16) - charlock_holmes (0.7.5) + cause (0.1) + charlock_holmes (0.7.6) childprocess (0.9.0) ffi (~> 1.0, >= 1.0.11) chronic (0.10.2) chronic_duration (0.10.6) numerizer (~> 0.1.1) - chunky_png (1.3.10) + chunky_png (1.3.5) citrus (3.0.2) coderay (1.1.2) coercible (1.0.0) descendants_tracker (~> 0.0.1) - commonmarker (0.17.9) + commonmarker (0.17.13) ruby-enum (~> 0.5) concord (0.1.5) adamantium (~> 0.2.0) @@ -135,16 +136,16 @@ GEM concurrent-ruby (1.0.5) concurrent-ruby-ext (1.0.5) concurrent-ruby (= 1.0.5) - connection_pool (2.2.1) + connection_pool (2.2.2) crack (0.4.3) safe_yaml (~> 1.0.0) crass (1.0.4) creole (0.5.0) - css_parser (1.6.0) + css_parser (1.5.0) addressable daemons (1.2.6) database_cleaner (1.5.3) - debug_inspector (0.0.3) + debug_inspector (0.0.2) debugger-ruby_core_source (1.3.8) deckar01-task_list (2.0.0) html-pipeline @@ -154,33 +155,31 @@ GEM activerecord (>= 3.2.0, < 5.2) descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) - device_detector (1.0.1) - devise (4.4.1) + device_detector (1.0.0) + devise (4.4.3) bcrypt (~> 3.0) orm_adapter (~> 0.1) - railties (>= 4.1.0, < 5.2) + railties (>= 4.1.0, < 6.0) responders warden (~> 1.2.3) - devise-two-factor (3.0.2) - activesupport (< 5.2) + devise-two-factor (3.0.0) + activesupport attr_encrypted (>= 1.3, < 4, != 2) devise (~> 4.0) - railties (< 5.2) + railties rotp (~> 2.0) diff-lcs (1.3) diffy (3.1.0) docile (1.1.5) domain_name (0.5.20180417) unf (>= 0.0.5, < 1.0.0) - doorkeeper (4.3.1) + doorkeeper (4.3.2) railties (>= 4.2) - doorkeeper-openid_connect (1.3.0) + doorkeeper-openid_connect (1.5.0) doorkeeper (~> 4.3) json-jwt (~> 1.6) - dropzonejs-rails (0.7.4) - rails (> 3.1) ed25519 (1.2.4) - email_reply_trimmer (0.1.10) + email_reply_trimmer (0.1.6) email_spec (2.2.0) htmlentities (~> 4.3.3) launchy (~> 2.1) @@ -189,11 +188,11 @@ GEM equalizer (0.0.11) erubis (2.7.0) escape_utils (1.1.1) - et-orbi (1.0.9) + et-orbi (1.0.3) tzinfo - eventmachine (1.2.5) - excon (0.60.0) - execjs (2.7.0) + eventmachine (1.2.7) + excon (0.62.0) + execjs (2.6.0) expression_parser (0.9.0) factory_bot (4.8.2) activesupport (>= 3.0.0) @@ -209,13 +208,8 @@ GEM multi_json fast_blank (1.0.0) fast_gettext (1.6.0) - ffaker (2.8.1) - ffi (1.9.23) - flay (2.10.0) - erubis (~> 2.7.0) - path_expander (~> 1.0) - ruby_parser (~> 3.0) - sexp_processor (~> 4.0) + ffaker (2.4.0) + ffi (1.9.25) flipper (0.13.0) flipper-active_record (0.13.0) activerecord (>= 3.2, < 6) @@ -240,21 +234,21 @@ GEM builder excon (~> 0.58) formatador (~> 0.2) - fog-google (1.3.3) + fog-google (1.7.1) fog-core fog-json fog-xml - google-api-client (~> 0.19.1) + google-api-client (~> 0.23.0) fog-json (1.0.2) fog-core (~> 1.0) multi_json (~> 1.10) - fog-local (0.5.0) - fog-core (>= 1.27, < 3.0) - fog-openstack (0.1.24) - fog-core (~> 1.40) + fog-local (0.3.1) + fog-core (~> 1.27) + fog-openstack (0.1.21) + fog-core (>= 1.40) fog-json (>= 1.0) ipaddress (>= 0.8) - fog-rackspace (0.1.5) + fog-rackspace (0.1.1) fog-core (>= 1.35) fog-json (>= 1.0) fog-xml (>= 0.1) @@ -262,19 +256,17 @@ GEM fog-xml (0.1.3) fog-core nokogiri (>= 1.5.11, < 2.0.0) - font-awesome-rails (4.7.0.3) - railties (>= 3.2, < 5.2) + font-awesome-rails (4.7.0.1) + railties (>= 3.2, < 5.1) foreman (0.84.0) thor (~> 0.19.1) formatador (0.2.5) fuubar (2.2.0) rspec-core (~> 3.0) ruby-progressbar (~> 1.4) - gemnasium-gitlab-service (0.2.6) - rugged (~> 0.21) gemojione (3.3.0) json - get_process_mem (0.2.1) + get_process_mem (0.2.0) gettext (3.2.9) locale (>= 2.0.5) text (>= 1.3.0) @@ -285,38 +277,15 @@ GEM gettext_i18n_rails (>= 0.7.1) po_to_json (>= 1.0.0) rails (>= 3.2.0) - gitaly-proto (0.100.0) + gitaly-proto (0.118.1) google-protobuf (~> 3.1) grpc (~> 1.10) - github-linguist (5.3.3) - charlock_holmes (~> 0.7.5) - escape_utils (~> 1.1.0) - mime-types (>= 1.19) - rugged (>= 0.25.1) github-markup (1.7.0) - gitlab-flowdock-git-hook (1.0.1) - flowdock (~> 0.7) - gitlab-grit (>= 2.4.1) - multi_json - gitlab-gollum-lib (4.2.7.2) - gemojione (~> 3.2) - github-markup (~> 1.6) - gollum-grit_adapter (~> 1.0) - nokogiri (>= 1.6.1, < 2.0) - rouge (~> 3.1) - sanitize (~> 2.1) - stringex (~> 2.6) - gitlab-gollum-rugged_adapter (0.4.4) - mime-types (>= 1.15) - rugged (~> 0.25) - gitlab-grit (2.8.2) - charlock_holmes (~> 0.6) - diff-lcs (~> 1.1) - mime-types (>= 1.16) - posix-spawn (~> 0.3) - gitlab-markup (1.6.3) - gitlab-styles (2.3.2) - rubocop (~> 0.51) + gitlab-markup (1.6.4) + gitlab-sidekiq-fetcher (0.3.0) + sidekiq (~> 5) + gitlab-styles (2.4.1) + rubocop (~> 0.54.0) rubocop-gitlab-security (~> 0.1.0) rubocop-rspec (~> 1.19) gitlab_omniauth-ldap (2.0.4) @@ -326,13 +295,11 @@ GEM rubyntlm (~> 0.5) globalid (0.4.1) activesupport (>= 4.2.0) - gollum-grit_adapter (1.0.1) - gitlab-grit (~> 2.7, >= 2.7.1) gon (6.2.0) actionpack (>= 3.0) multi_json request_store (>= 1.0) - google-api-client (0.19.8) + google-api-client (0.23.4) addressable (~> 2.5, >= 2.5.1) googleauth (>= 0.5, < 0.7.0) httpclient (>= 2.8.1, < 3.0) @@ -340,19 +307,18 @@ GEM representable (~> 3.0) retriable (>= 2.0, < 4.0) google-protobuf (3.5.1) - googleapis-common-protos-types (1.0.1) + googleapis-common-protos-types (1.0.2) google-protobuf (~> 3.0) - googleauth (0.6.2) + googleauth (0.6.6) faraday (~> 0.12) jwt (>= 1.4, < 3.0) - logging (~> 2.0) memoist (~> 0.12) multi_json (~> 1.11) - os (~> 0.9) + os (>= 0.9, < 2.0) signet (~> 0.7) - gpgme (2.0.16) - mini_portile2 (~> 2.3) - grape (1.0.2) + gpgme (2.0.13) + mini_portile2 (~> 2.1) + grape (1.1.0) activesupport builder mustermann-grape (~> 1.0.0) @@ -362,17 +328,21 @@ GEM grape-entity (0.7.1) activesupport (>= 4.0) multi_json (>= 1.3.2) - grape-path-helpers (1.0.0) - activesupport + grape-path-helpers (1.0.6) + activesupport (>= 4, < 5.1) grape (~> 1.0) - rake + rake (~> 12) grape_logging (1.7.0) grape - grpc (1.11.0) + graphiql-rails (1.4.10) + railties + sprockets-rails + graphql (1.8.1) + grpc (1.15.0) google-protobuf (~> 3.1) googleapis-common-protos-types (~> 1.0.0) - googleauth (>= 0.5.1, < 0.7) - haml (4.0.7) + haml (5.0.4) + temple (>= 0.8.0) tilt haml_lint (0.26.0) haml (>= 4.0, < 5.1) @@ -380,23 +350,24 @@ GEM rake (>= 10, < 13) rubocop (>= 0.49.0) sysexits (~> 1.1) - hamlit (2.6.2) - temple (~> 0.7.6) + hamlit (2.8.8) + temple (>= 0.8.0) thor tilt - hashdiff (0.3.7) + hangouts-chat (0.0.5) + hashdiff (0.3.4) hashie (3.5.7) hashie-forbidden_attributes (0.1.1) hashie (>= 3.0) health_check (2.6.0) rails (>= 4.0) - hipchat (1.5.4) + hipchat (1.5.2) httparty mimemagic - html-pipeline (2.7.1) + html-pipeline (2.8.4) activesupport (>= 2) nokogiri (>= 1.4) - html2text (0.2.1) + html2text (0.2.0) nokogiri (~> 1.6) htmlentities (4.3.4) http (2.2.2) @@ -412,70 +383,67 @@ GEM json (~> 1.8) multi_xml (>= 0.5.2) httpclient (2.8.3) - i18n (1.0.1) + i18n (1.1.0) concurrent-ruby (~> 1.0) icalendar (2.4.1) ice_nine (0.11.2) - influxdb (0.5.3) + influxdb (0.2.3) + cause + json ipaddress (0.8.3) - jira-ruby (1.5.0) + jira-ruby (1.4.1) activesupport multipart-post oauth (~> 0.5, >= 0.5.0) jquery-atwho-rails (1.3.2) + js_regex (2.2.1) + regexp_parser (>= 0.4.11, <= 0.5.0) json (1.8.6) - json-jwt (1.9.2) + json-jwt (1.9.4) activesupport aes_key_wrap bindata - securecompare - url_safe_base64 json-schema (2.8.0) addressable (>= 2.4) jwt (1.5.6) - kaminari (1.1.1) + kaminari (1.0.1) activesupport (>= 4.1.0) - kaminari-actionview (= 1.1.1) - kaminari-activerecord (= 1.1.1) - kaminari-core (= 1.1.1) - kaminari-actionview (1.1.1) + kaminari-actionview (= 1.0.1) + kaminari-activerecord (= 1.0.1) + kaminari-core (= 1.0.1) + kaminari-actionview (1.0.1) actionview - kaminari-core (= 1.1.1) - kaminari-activerecord (1.1.1) + kaminari-core (= 1.0.1) + kaminari-activerecord (1.0.1) activerecord - kaminari-core (= 1.1.1) - kaminari-core (1.1.1) - kgio (2.11.2) + kaminari-core (= 1.0.1) + kaminari-core (1.0.1) + kgio (2.10.0) knapsack (1.16.0) rake - kubeclient (3.1.1) + kubeclient (3.1.0) http (~> 2.2.2) recursive-open-struct (~> 1.0, >= 1.0.4) rest-client (~> 2.0) launchy (2.4.3) addressable (~> 2.3) - letter_opener (1.6.0) + letter_opener (1.4.1) launchy (~> 2.2) - letter_opener_web (1.3.3) + letter_opener_web (1.3.0) actionmailer (>= 3.2) letter_opener (~> 1.0) railties (>= 3.2) - license_finder (3.1.1) + license_finder (5.4.0) bundler - httparty rubyzip thor - toml (= 0.1.2) - with_env (> 1.0) + toml (= 0.2.0) + with_env (= 1.1.0) xml-simple licensee (8.9.2) rugged (~> 0.24) - little-plugger (1.1.4) locale (2.1.2) - logging (2.2.2) - little-plugger (~> 1.1) - multi_json (~> 1.10) - lograge (0.9.0) + lograge (0.10.0) actionpack (>= 4) activesupport (>= 4) railties (>= 4) @@ -493,24 +461,28 @@ GEM mime-types (3.1) mime-types-data (~> 3.2015) mime-types-data (3.2016.0521) - mimemagic (0.3.2) - mini_mime (1.0.0) + mimemagic (0.3.0) + mini_magick (4.8.0) + mini_mime (1.0.1) mini_portile2 (2.3.0) minitest (5.7.0) mousetrap-rails (1.4.6) + msgpack (1.2.4) multi_json (1.13.1) multi_xml (0.6.0) multipart-post (2.0.0) - mustermann (1.0.2) + mustermann (1.0.3) mustermann-grape (1.0.0) mustermann (~> 1.0.0) mysql2 (0.4.10) - net-ldap (0.16.1) + net-ldap (0.16.0) net-ssh (5.0.1) netrc (0.11.0) nio4r (2.3.1) - nokogiri (1.8.2) + nokogiri (1.8.4) mini_portile2 (~> 2.3.0) + nokogumbo (1.5.0) + nokogiri numerizer (0.1.1) oauth (0.5.4) oauth2 (1.4.0) @@ -560,12 +532,12 @@ GEM omniauth-oauth2 (1.5.0) oauth2 (~> 1.1) omniauth (~> 1.2) - omniauth-oauth2-generic (0.2.4) + omniauth-oauth2-generic (0.2.2) omniauth-oauth2 (~> 1.0) omniauth-saml (1.10.0) omniauth (~> 1.3, >= 1.3.2) ruby-saml (~> 1.7) - omniauth-shibboleth (1.2.1) + omniauth-shibboleth (1.3.0) omniauth (>= 1.0.0) omniauth-twitter (1.4.0) omniauth-oauth (~> 1.1) @@ -577,13 +549,11 @@ GEM org-ruby (0.9.12) rubypants (~> 0.2) orm_adapter (0.5.0) - os (0.9.6) + os (1.0.0) parallel (1.12.1) - parser (2.5.0.5) + parser (2.5.1.0) ast (~> 2.4.0) - parslet (1.5.0) - blankslate (~> 2.0) - path_expander (1.0.2) + parslet (1.8.2) peek (1.0.1) concurrent-ruby (>= 0.9.0) concurrent-ruby-ext (>= 0.9.0) @@ -606,18 +576,13 @@ GEM atomic (>= 1.0.0) peek redis - peek-sidekiq (1.0.3) - atomic (>= 1.0.0) - peek - sidekiq pg (0.18.4) po_to_json (1.0.1) json (>= 1.6.0) - posix-spawn (0.3.13) powerpack (0.1.1) - premailer (1.11.1) + premailer (1.10.4) addressable - css_parser (>= 1.6.0) + css_parser (>= 1.4.10) htmlentities (>= 4.0.0) premailer-rails (1.9.7) actionmailer (>= 3, < 6) @@ -627,7 +592,7 @@ GEM parser unparser procto (0.0.3) - prometheus-client-mmap (0.9.3) + prometheus-client-mmap (0.9.4) pry (0.11.3) coderay (~> 1.1.0) method_source (~> 0.9.0) @@ -636,7 +601,7 @@ GEM pry (~> 0.10) pry-rails (0.3.6) pry (>= 0.10.4) - public_suffix (3.0.2) + public_suffix (3.0.3) pyu-ruby-sasl (0.0.3.3) rack (2.0.5) rack-accept (0.4.5) @@ -650,9 +615,9 @@ GEM httpclient (>= 2.4) multi_json (>= 1.3.6) rack (>= 1.1) - rack-protection (2.0.1) + rack-protection (2.0.3) rack - rack-proxy (0.6.4) + rack-proxy (0.6.0) rack rack-test (0.6.3) rack (>= 1.0) @@ -688,18 +653,21 @@ GEM method_source rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) - rainbow (2.2.2) - rake - raindrops (0.19.0) + rainbow (3.0.0) + raindrops (0.18.0) rake (12.3.1) - rb-fsevent (0.10.3) + rb-fsevent (0.10.2) rb-inotify (0.9.10) ffi (>= 0.5.0, < 2) - rblineprof (0.3.7) + rblineprof (0.3.6) debugger-ruby_core_source (~> 1.3) + rbtrace (0.4.10) + ffi (>= 1.0.6) + msgpack (>= 0.4.3) + trollop (>= 1.16.2) rdoc (6.0.4) re2 (1.1.1) - recaptcha (3.4.0) + recaptcha (3.0.0) json recursive-open-struct (1.1.0) redcarpet (3.4.0) @@ -722,12 +690,12 @@ GEM redis-store (>= 1.2, < 2) redis-store (1.4.1) redis (>= 2.2, < 5) + regexp_parser (0.5.0) representable (3.0.4) declarative (< 0.1.0) declarative-option (< 0.2.0) uber (< 0.2.0) - request_store (1.4.0) - rack (>= 1.4) + request_store (1.3.1) responders (2.4.0) actionpack (>= 4.2.0, < 5.3) railties (>= 4.2.0, < 5.3) @@ -735,52 +703,54 @@ GEM http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) netrc (~> 0.8) - retriable (3.1.1) - rinku (2.0.4) + retriable (3.1.2) + rinku (2.0.0) rotp (2.1.2) - rouge (3.1.1) - rqrcode (0.10.1) - chunky_png (~> 1.0) + rouge (3.3.0) + rqrcode (0.7.0) + chunky_png rqrcode-rails3 (0.1.7) rqrcode (>= 0.4.2) - rspec (3.6.0) - rspec-core (~> 3.6.0) - rspec-expectations (~> 3.6.0) - rspec-mocks (~> 3.6.0) - rspec-core (3.6.0) - rspec-support (~> 3.6.0) - rspec-expectations (3.6.0) + rspec (3.7.0) + rspec-core (~> 3.7.0) + rspec-expectations (~> 3.7.0) + rspec-mocks (~> 3.7.0) + rspec-core (3.7.1) + rspec-support (~> 3.7.0) + rspec-expectations (3.7.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.6.0) - rspec-mocks (3.6.0) + rspec-support (~> 3.7.0) + rspec-mocks (3.7.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.6.0) + rspec-support (~> 3.7.0) rspec-parameterized (0.4.0) binding_of_caller parser proc_to_ast rspec (>= 2.13, < 4) unparser - rspec-rails (3.6.1) + rspec-rails (3.7.2) actionpack (>= 3.0) activesupport (>= 3.0) railties (>= 3.0) - rspec-core (~> 3.6.0) - rspec-expectations (~> 3.6.0) - rspec-mocks (~> 3.6.0) - rspec-support (~> 3.6.0) - rspec-retry (0.4.6) + rspec-core (~> 3.7.0) + rspec-expectations (~> 3.7.0) + rspec-mocks (~> 3.7.0) + rspec-support (~> 3.7.0) + rspec-retry (0.4.5) rspec-core rspec-set (0.1.3) - rspec-support (3.6.0) + rspec-support (3.7.1) + rspec_junit_formatter (0.4.1) + rspec-core (>= 2, < 4, != 2.12.0) rspec_profiling (0.0.5) activerecord pg rails sqlite3 - rubocop (0.52.1) + rubocop (0.54.0) parallel (~> 1.10) - parser (>= 2.4.0.2, < 3.0) + parser (>= 2.5) powerpack (~> 0.1) rainbow (>= 2.2.2, < 4.0) ruby-progressbar (~> 1.7) @@ -797,23 +767,25 @@ GEM ruby-progressbar (1.9.0) ruby-saml (1.7.2) nokogiri (>= 1.5.10) - ruby_parser (3.11.0) - sexp_processor (~> 4.9) + ruby_parser (3.9.0) + sexp_processor (~> 4.1) rubyntlm (0.6.2) - rubypants (0.7.0) - rubyzip (1.2.1) - rufus-scheduler (3.4.2) + rubypants (0.2.0) + rubyzip (1.2.2) + rufus-scheduler (3.4.0) et-orbi (~> 1.0) - rugged (0.27.0) + rugged (0.27.5) safe_yaml (1.0.4) - sanitize (2.1.0) + sanitize (4.6.6) + crass (~> 1.0.2) nokogiri (>= 1.4.4) + nokogumbo (~> 1.4) sass (3.5.5) sass-listen (~> 4.0.0) sass-listen (4.0.0) rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) - sass-rails (5.0.7) + sass-rails (5.0.6) railties (>= 4.0.0, < 6) sass (~> 3.1) sprockets (>= 2.8, < 4.0) @@ -825,11 +797,10 @@ GEM scss_lint (0.56.0) rake (>= 0.9, < 13) sass (~> 3.5.3) - securecompare (1.0.0) seed-fu (2.3.7) activerecord (>= 3.1) activesupport (>= 3.1) - select2-rails (3.5.10) + select2-rails (3.5.9.3) thor (~> 0.14) selenium-webdriver (3.12.0) childprocess (~> 0.5) @@ -837,38 +808,35 @@ GEM sentry-raven (2.7.2) faraday (>= 0.7.6, < 1.0) settingslogic (2.0.9) - sexp_processor (4.10.1) + sexp_processor (4.9.0) sham_rack (1.3.6) rack shoulda-matchers (3.1.2) activesupport (>= 4.0.0) - sidekiq (5.1.1) - concurrent-ruby (~> 1.0) - connection_pool (~> 2.2, >= 2.2.0) + sidekiq (5.2.1) + connection_pool (~> 2.2, >= 2.2.2) rack-protection (>= 1.5.0) redis (>= 3.3.5, < 5) - sidekiq-cron (0.6.3) + sidekiq-cron (0.6.0) rufus-scheduler (>= 3.3.0) sidekiq (>= 4.2.1) - sidekiq-limit_fetch (3.4.0) - sidekiq (>= 4) - signet (0.8.1) + signet (0.11.0) addressable (~> 2.3) faraday (~> 0.9) jwt (>= 1.5, < 3.0) multi_json (~> 1.10) - simple_po_parser (1.1.3) + simple_po_parser (1.1.2) simplecov (0.14.1) docile (~> 1.1.0) json (>= 1.8, < 3) simplecov-html (~> 0.10.0) - simplecov-html (0.10.2) + simplecov-html (0.10.0) slack-notifier (1.5.1) spring (2.0.2) activesupport (>= 4.2) spring-commands-rspec (1.0.4) spring (>= 0.9.1) - sprockets (3.7.1) + sprockets (3.7.2) concurrent-ruby (~> 1.0) rack (> 1, < 3) sprockets-rails (3.2.1) @@ -877,7 +845,7 @@ GEM sprockets (>= 3.0.0) sqlite3 (1.3.13) sshkey (1.9.0) - stackprof (0.2.11) + stackprof (0.2.10) state_machines (0.5.0) state_machines-activemodel (0.5.1) activemodel (>= 4.1, < 6.0) @@ -885,11 +853,10 @@ GEM state_machines-activerecord (0.5.1) activerecord (>= 4.1, < 6.0) state_machines-activemodel (>= 0.5.0) - stringex (2.8.4) - sys-filesystem (1.1.9) + sys-filesystem (1.1.6) ffi sysexits (1.2.0) - temple (0.7.7) + temple (0.8.0) test-prof (0.2.5) text (1.3.1) thin (1.7.2) @@ -901,10 +868,11 @@ GEM tilt (2.0.8) timecop (0.8.1) timfel-krb5-auth (0.8.3) - toml (0.1.2) - parslet (~> 1.5.0) + toml (0.2.0) + parslet (~> 1.8.0) toml-rb (1.0.0) citrus (~> 3.0, > 3.0) + trollop (2.1.3) truncato (0.7.10) htmlentities (~> 4.3.1) nokogiri (~> 1.8.0, >= 1.7.0) @@ -918,7 +886,7 @@ GEM unf (0.1.4) unf_ext unf_ext (0.0.7.5) - unicode-display_width (1.3.0) + unicode-display_width (1.3.2) unicorn (5.1.0) kgio (~> 2.6) raindrops (~> 0.7) @@ -934,8 +902,7 @@ GEM equalizer (~> 0.0.9) parser (>= 2.3.1.2, < 2.6) procto (~> 0.0.2) - url_safe_base64 (0.2.2) - validates_hostname (1.0.8) + validates_hostname (1.0.6) activerecord (>= 3.0) activesupport (>= 3.0) version_sorter (2.1.0) @@ -962,8 +929,8 @@ GEM rinku with_env (1.1.0) xml-simple (1.1.5) - xpath (3.0.0) - nokogiri (~> 1.8) + xpath (2.1.0) + nokogiri (~> 1.3) PLATFORMS ruby @@ -975,7 +942,6 @@ DEPENDENCIES acts-as-taggable-on (~> 5.0) addressable (~> 2.5.2) akismet (~> 2.0) - allocations (~> 1.0) asana (~> 0.6.0) asciidoctor (~> 1.5.6) asciidoctor-plantuml (= 0.0.8) @@ -989,14 +955,15 @@ DEPENDENCIES benchmark-ips (~> 2.3.0) better_errors (~> 2.1.0) binding_of_caller (~> 0.7.2) + bootsnap (~> 1.3) bootstrap_form (~> 2.7.0) brakeman (~> 4.2) - browser (~> 2.2) + browser (~> 2.5) bullet (~> 5.5.0) bundler-audit (~> 0.5.0) capybara (~> 2.15) capybara-screenshot (~> 1.0.0) - carrierwave (~> 1.2) + carrierwave (= 1.2.3) charlock_holmes (~> 0.7.5) chronic (~> 0.10.2) chronic_duration (~> 0.10.6) @@ -1012,75 +979,77 @@ DEPENDENCIES devise-two-factor (~> 3.0.0) diffy (~> 3.1.0) doorkeeper (~> 4.3) - doorkeeper-openid_connect (~> 1.3) - dropzonejs-rails (~> 0.7.1) + doorkeeper-openid_connect (~> 1.5) ed25519 (~> 1.2) email_reply_trimmer (~> 0.1) email_spec (~> 2.2.0) + escape_utils (~> 1.1) factory_bot_rails (~> 4.8.2) faraday (~> 0.12) fast_blank ffaker (~> 2.4) - flay (~> 2.10.0) flipper (~> 0.13.0) flipper-active_record (~> 0.13.0) flipper-active_support_cache_store (~> 0.13.0) + flowdock (~> 0.7) fog-aliyun (~> 0.2.0) fog-aws (~> 2.0.1) fog-core (~> 1.44) - fog-google (~> 1.3.3) + fog-google (~> 1.7.1) fog-local (~> 0.3) fog-openstack (~> 0.1) fog-rackspace (~> 0.1.1) font-awesome-rails (~> 4.7) foreman (~> 0.84.0) fuubar (~> 2.2.0) - gemnasium-gitlab-service (~> 0.2) gemojione (~> 3.3) gettext (~> 3.2.2) gettext_i18n_rails (~> 1.8.0) gettext_i18n_rails_js (~> 1.3) - gitaly-proto (~> 0.100.0) - github-linguist (~> 5.3.3) - gitlab-flowdock-git-hook (~> 1.0.1) - gitlab-gollum-lib (~> 4.2) - gitlab-gollum-rugged_adapter (~> 0.4.4) - gitlab-markup (~> 1.6.2) - gitlab-styles (~> 2.3) + gitaly-proto (~> 0.118.1) + github-markup (~> 1.7.0) + gitlab-markup (~> 1.6.4) + gitlab-sidekiq-fetcher + gitlab-styles (~> 2.4) gitlab_omniauth-ldap (~> 2.0.4) gon (~> 6.2) - google-api-client (~> 0.19.8) + google-api-client (~> 0.23) google-protobuf (= 3.5.1) gpgme - grape (~> 1.0) + grape (~> 1.1) grape-entity (~> 0.7.1) grape-path-helpers (~> 1.0) grape_logging (~> 1.7) - grpc (~> 1.11.0) + graphiql-rails (~> 1.4.10) + graphql (~> 1.8.0) + grpc (~> 1.15.0) haml_lint (~> 0.26.0) - hamlit (~> 2.6.1) + hamlit (~> 2.8.8) + hangouts-chat (~> 0.0.5) hashie-forbidden_attributes health_check (~> 2.6.0) hipchat (~> 1.5.0) - html-pipeline (~> 2.7.1) + html-pipeline (~> 2.8) html2text httparty (~> 0.13.3) icalendar influxdb (~> 0.2) jira-ruby (~> 1.4) jquery-atwho-rails (~> 1.3.2) + js_regex (~> 2.2.1) json-schema (~> 2.8.0) jwt (~> 1.5.6) kaminari (~> 1.0) knapsack (~> 1.16) kubeclient (~> 3.1.0) letter_opener_web (~> 1.3.0) - license_finder (~> 3.1) + license_finder (~> 5.4) licensee (~> 8.9) lograge (~> 0.5) loofah (~> 2.2) mail_room (~> 0.9.1) method_source (~> 0.8) + mini_magick minitest (~> 5.7.0) mousetrap-rails (~> 1.4.6) mysql2 (~> 0.4.10) @@ -1101,7 +1070,7 @@ DEPENDENCIES omniauth-kerberos (~> 0.3.0) omniauth-oauth2-generic (~> 0.2.2) omniauth-saml (~> 1.10) - omniauth-shibboleth (~> 1.2.0) + omniauth-shibboleth (~> 1.3.0) omniauth-twitter (~> 1.4) omniauth_crowd (~> 2.2.0) org-ruby (~> 0.9.12) @@ -1111,10 +1080,9 @@ DEPENDENCIES peek-pg (~> 1.3.0) peek-rblineprof (~> 0.2.0) peek-redis (~> 1.2.0) - peek-sidekiq (~> 1.0.3) pg (~> 0.18.2) premailer-rails (~> 1.9.7) - prometheus-client-mmap (~> 0.9.3) + prometheus-client-mmap (~> 0.9.4) pry-byebug (~> 3.4.1) pry-rails (~> 0.3.4) rack-attack (~> 4.4.1) @@ -1125,9 +1093,10 @@ DEPENDENCIES rails-controller-testing rails-deprecated_sanitizer (~> 1.0.3) rails-i18n (~> 5.1) - rainbow (~> 2.2) + rainbow (~> 3.0) raindrops (~> 0.18) rblineprof (~> 0.3.6) + rbtrace (~> 0.4) rdoc (~> 6.0) re2 (~> 1.1.1) recaptcha (~> 3.0) @@ -1140,11 +1109,12 @@ DEPENDENCIES rouge (~> 3.1) rqrcode-rails3 (~> 0.1.7) rspec-parameterized - rspec-rails (~> 3.6.0) + rspec-rails (~> 3.7.0) rspec-retry (~> 0.4.5) rspec-set (~> 0.1.3) + rspec_junit_formatter rspec_profiling (~> 0.0.5) - rubocop (~> 0.52.1) + rubocop (~> 0.54.0) rubocop-rspec (~> 1.22.1) ruby-fogbugz (~> 0.2.1) ruby-prof (~> 0.17.0) @@ -1152,7 +1122,7 @@ DEPENDENCIES ruby_parser (~> 3.8) rufus-scheduler (~> 3.4) rugged (~> 0.27) - sanitize (~> 2.0) + sanitize (~> 4.6) sass-rails (~> 5.0.6) scss_lint (~> 0.56.0) seed-fu (~> 2.3.7) @@ -1162,9 +1132,8 @@ DEPENDENCIES settingslogic (~> 2.0.9) sham_rack (~> 1.3.6) shoulda-matchers (~> 3.1.2) - sidekiq (~> 5.1) + sidekiq (~> 5.2.1) sidekiq-cron (~> 0.6.0) - sidekiq-limit_fetch (~> 3.4) simple_po_parser (~> 1.1.2) simplecov (~> 0.14.0) slack-notifier (~> 1.5.1) @@ -1194,4 +1163,4 @@ DEPENDENCIES wikicloth (= 0.8.1) BUNDLED WITH - 1.16.2 + 1.16.6 diff --git a/LICENSE b/LICENSE index a76372fad2cf52132f679d5ef0f8c7a5a5768f41..a90ea939517d05f44eb4196dcdaba0f57aab15f2 100644 --- a/LICENSE +++ b/LICENSE @@ -1,7 +1,19 @@ Copyright GitLab B.V. -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. \ No newline at end of file +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/PROCESS.md b/PROCESS.md index 7438df8014bb005b399189af6220b90c8a16ae68..5fc2c4cf1dfb296e6ac64b323c0b6793b33c7c5e 100644 --- a/PROCESS.md +++ b/PROCESS.md @@ -15,6 +15,9 @@ - [Between the 1st and the 7th](#between-the-1st-and-the-7th) - [On the 7th](#on-the-7th) - [After the 7th](#after-the-7th) +- [Bugs](#bugs) + - [Regressions](#regressions) + - [Managing bugs](#managing-bugs) - [Release retrospective and kickoff](#release-retrospective-and-kickoff) - [Retrospective](#retrospective) - [Kickoff](#kickoff) @@ -71,14 +74,31 @@ star, smile, etc.). Some good tips about code reviews can be found in our ## Feature freeze on the 7th for the release on the 22nd -After 7th at 23:59 (Pacific Time Zone) of each month, RC1 of the upcoming release (to be shipped on the 22nd) is created and deployed to GitLab.com and the stable branch for this release is frozen, which means master is no longer merged into it. -Merge requests may still be merged into master during this period, -but they will go into the _next_ release, unless they are manually cherry-picked into the stable branch. +After 7th at 23:59 (Pacific Time Zone) of each month, RC1 of the upcoming +release (to be shipped on the 22nd) is created and deployed to GitLab.com and +the stable branch for this release is frozen, which means master is no longer +merged into it. Merge requests may still be merged into master during this +period, but they will go into the _next_ release, unless they are manually +cherry-picked into the stable branch. -By freezing the stable branches 2 weeks prior to a release, we reduce the risk of a last minute merge request potentially breaking things. +By freezing the stable branches 2 weeks prior to a release, we reduce the risk +of a last minute merge request potentially breaking things. -Any release candidate that gets created after this date can become a final release, -hence the name release candidate. +Any release candidate that gets created after this date can become a final +release, hence the name release candidate. + +### Feature flags + +Merge requests that make changes hidden behind a feature flag, or remove an +existing feature flag because a feature is deemed stable, may be merged (and +picked into the stable branches) up to the 19th of the month. Such merge +requests should have the ~"feature flag" label assigned, and don't require a +corresponding exception request to be created. + +While rare, release managers may decide to reject picking a change into a stable +branch, even when feature flags are used. This might be necessary if the changes +are deemed problematic, too invasive, or there simply isn't enough time to +properly test how the changes behave on GitLab.com. ### Between the 1st and the 7th @@ -113,6 +133,11 @@ target. However, if one does and falls into either of the above categories, it's the reviewer's responsibility to manage the above communication and assignment on behalf of the community member. +Every new feature or change should be shipped with its corresponding documentation +in accordance with the +[documentation process](https://docs.gitlab.com/ee/development/documentation/workflow.html) +and [structure](https://docs.gitlab.com/ee/development/documentation/structure.html). + #### What happens if these deadlines are missed? If a small or large feature is _not_ with a maintainer or reviewer by the @@ -138,14 +163,9 @@ and to prevent any last minute surprises. ### On the 7th -Merge requests should still be complete, following the -[definition of done][done]. The single exception is documentation, and this can -only be left until after the freeze if: +Merge requests should still be complete, following the [definition of done][done]. -* There is a follow-up issue to add documentation. -* It is assigned to the person writing documentation for this feature, and they - are aware of it. -* It is in the correct milestone, with the ~Deliverable label. +#### Feature merge requests If a merge request is not ready, but the developers and Product Manager responsible for the feature think it is essential that it is in the release, @@ -161,15 +181,34 @@ information, see [Automatic CE->EE merge][automatic_ce_ee_merge] and [Guidelines for implementing Enterprise Edition features][ee_features]. +#### Documentation merge requests + +Documentation is part of the product and must be shipped with the feature. + +The single exception for the feature freeze is documentation, and it can +be left to be **merged up to the 14th** if: + +* There is a follow-up issue to add documentation. +* It is assigned to the developer writing documentation for this feature, and they + are aware of it. +* It is in the correct milestone, with the labels ~Documentation, ~Deliverable, +~missed-deliverable, and "pick into X.Y" applied. +* It must be reviewed and approved by a technical writer. + +For more information read the process for +[documentation shipped late](https://docs.gitlab.com/ee/development/documentation/workflow.html#documentation-shipped-late). + ### After the 7th Once the stable branch is frozen, the only MRs that can be cherry-picked into the stable branch are: -* Fixes for [regressions](#regressions) +* Fixes for [regressions](#regressions) where the affected version `xx.x` in `regression:xx.x` is the current release. See [Managing bugs](#managing-bugs) section. * Fixes for security issues * Fixes or improvements to automated QA scenarios +* [Documentation updates](https://docs.gitlab.com/ee/development/documentation/workflow.html#documentation-shipped-late) for changes in the same release * New or updated translations (as long as they do not touch application code) +* Changes that are behind a feature flag and have the ~"feature flag" label During the feature freeze all merge requests that are meant to go into the upcoming release should have the correct milestone assigned _and_ the @@ -185,11 +224,7 @@ next patch release. If a merge request is to be picked into more than one release it will need one `Pick into X.Y` label per release where the merge request should be back-ported -to. - -For example, if the current patch release is `10.1.1` and a regression fix needs -to be backported down to the `9.5` release, you will need to assign it the -`10.1` milestone and the following labels: +to. For example: - `Pick into 10.1` - `Pick into 10.0` @@ -200,47 +235,61 @@ to be backported down to the `9.5` release, you will need to assign it the If you think a merge request should go into an RC or patch even though it does not meet these requirements, you can ask for an exception to be made. -Go to [Release tasks issue tracker](https://gitlab.com/gitlab-org/release/tasks/issues/new) and create an issue -using the `Exception-request` issue template. - -**Do not** set the relevant `Pick into X.Y` label (see above) before request an -exception; this should be done after the exception is approved. +Check [this guide](https://gitlab.com/gitlab-org/release/docs/blob/master/general/exception-request/process.md) about how to open an exception request before opening one. -You can find who is who on the [team page](https://about.gitlab.com/team/). +## Bugs -Whether an exception is made is determined by weighing the benefit and urgency of the change -(how important it is to the company that this is released _right now_ instead of in a month) -against the potential negative impact -(things breaking without enough time to comfortably find and fix them before the release on the 22nd). -When in doubt, we err on the side of _not_ cherry-picking. +A ~bug is a defect, error, failure which causes the system to behave incorrectly or prevents it from fulfilling the product requirements. -For example, it is likely that an exception will be made for a trivial 1-5 line performance improvement -(e.g. adding a database index or adding `includes` to a query), but not for a new feature, no matter how relatively small or thoroughly tested. +The level of impact of a ~bug can vary from blocking a whole functionality +or a feature usability bug. A bug should always be linked to a severity level. +Refer to our [severity levels](../CONTRIBUTING.md#severity-labels) -All MRs which have had exceptions granted must be merged by the 15th. +Whether the bug is also a regression or not, the triage process should start as soon as possible. +Ensure that the Engineering Manager and/or the Product Manager for the relative area is involved to prioritize the work as needed. ### Regressions -A regression for a particular monthly release is a bug that exists in that -release, but wasn't present in the release before. This includes bugs in -features that were only added in that monthly release. Every regression **must** -have the milestone of the release it was introduced in - if a regression doesn't -have a milestone, it might be 'just' a bug! - -For instance, if 10.5.0 adds a feature, and that feature doesn't work correctly, -then this is a regression in 10.5. If 10.5.1 then fixes that, but 10.5.3 somehow -reintroduces the bug, then this bug is still a regression in 10.5. - -Because GitLab.com runs release candidates of new releases, a regression can be -reported in a release before its 'official' release date on the 22nd of the -month. When we say 'the most recent monthly release', this can refer to either -the version currently running on GitLab.com, or the most recent version -available in the package repositories. - -A regression issue should be labeled with the appropriate [subject label](../CONTRIBUTING.md#subject-labels-wiki-container-registry-ldap-api-etc) -and [team label](../CONTRIBUTING.md#team-labels-ci-discussion-edge-platform-etc), -just like any other issue, to help GitLab team members focus on issues that are -relevant to [their area of responsibility](https://about.gitlab.com/handbook/engineering/workflow/#choosing-something-to-work-on). +A ~regression implies that a previously **verified working functionality** no longer works. +Regressions are a subset of bugs. We use the ~regression label to imply that the defect caused the functionality to regress. +The label tells us that something worked before and it needs extra attention from Engineering and Product Managers to schedule/reschedule. + +The regression label does not apply to ~bugs for new features for which functionality was **never verified as working**. +These, by definition, are not regressions. + +A regression should always have the `regression:xx.x` label on it to designate when it was introduced. + +Regressions should be considered high priority issues that should be solved as soon as possible, especially if they have severe impact on users. + +### Managing bugs + +**Prioritization:** We give higher priority to regressions on features that worked in the last recent monthly release and the current release candidates. +The two scenarios below can [bypass the exception request in the release process](https://gitlab.com/gitlab-org/release/docs/blob/master/general/exception-request/process.md#after-the-7th), where the affected regression version matches the current monthly release version. +* A regression which worked in the **Last monthly release** + * **Example:** In 11.0 we released a new `feature X` that is verified as working. Then in release 11.1 the feature no longer works, this is regression for 11.1. The issue should have the `regression:11.1` label. + * *Note:* When we say `the last recent monthly release`, this can refer to either the version currently running on GitLab.com, or the most recent version available in the package repositories. +* A regression which worked in the **Current release candidates** + * **Example:** In 11.1-RC3 we shipped a new feature which has been verified as working. Then in 11.1-RC5 the feature no longer works, this is regression for 11.1. The issue should have the `regression:11.1` label. + * *Note:* Because GitLab.com runs release candidates of new releases, a regression can be reported in a release before its 'official' release date on the 22nd of the month. + +When a bug is found: +1. Create an issue describing the problem in the most detailed way possible. +1. If possible, provide links to real examples and how to reproduce the problem. +1. Label the issue properly, using the [team label](../CONTRIBUTING.md#team-labels), + the [subject label](../CONTRIBUTING.md#subject-labels) + and any other label that may apply in the specific case +1. Notify the respective Engineering Manager to evaluate and apply the [Severity label](../CONTRIBUTING.md#bug-severity-labels) and [Priority label](../CONTRIBUTING.md#bug-priority-labels). +The counterpart Product Manager is included to weigh-in on prioritization as needed. +1. If the ~bug is **NOT** a regression: + 1. The Engineering Manager decides which milestone the bug will be fixed. The appropriate milestone is applied. +1. If the bug is a ~regression: + 1. Determine the release that the regression affects and add the corresponding `regression:xx.x` label. + 1. If the affected release version can't be determined, add the generic ~regression label for the time being. + 1. If the affected version `xx.x` in `regression:xx.x` is the **current release**, it's recommended to schedule the fix for the current milestone. + 1. This falls under regressions which worked in the last release and the current RCs. More detailed explanations in the **Prioritization** section above. + 1. If the affected version `xx.x` in `regression:xx.x` is older than the **current release** + 1. If the regression is an ~S1 severity, it's recommended to schedule the fix for the current milestone. We would like to fix the highest severity regression as soon as we can. + 1. If the regression is an ~S2, ~S3 or ~S4 severity, the regression may be scheduled for later milestones at the discretion of the Engineering Manager and Product Manager. ## Release retrospective and kickoff diff --git a/README.md b/README.md index 8bd667b3dac30f08f2a1619444c45b27db760673..133c15a83a7506e0f19159994afaf316e748721f 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,5 @@ # GitLab -[![Build status](https://gitlab.com/gitlab-org/gitlab-ce/badges/master/build.svg)](https://gitlab.com/gitlab-org/gitlab-ce/commits/master) -[![Overall test coverage](https://gitlab.com/gitlab-org/gitlab-ce/badges/master/coverage.svg)](https://gitlab.com/gitlab-org/gitlab-ce/pipelines) -[![Code Climate](https://codeclimate.com/github/gitlabhq/gitlabhq.svg)](https://codeclimate.com/github/gitlabhq/gitlabhq) -[![Core Infrastructure Initiative Best Practices](https://bestpractices.coreinfrastructure.org/projects/42/badge)](https://bestpractices.coreinfrastructure.org/projects/42) -[![Gitter](https://badges.gitter.im/gitlabhq/gitlabhq.svg)](https://gitter.im/gitlabhq/gitlabhq?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge) - ## Test coverage - [![Ruby coverage](https://gitlab.com/gitlab-org/gitlab-ce/badges/master/coverage.svg?job=coverage)](https://gitlab-org.gitlab.io/gitlab-ce/coverage-ruby) Ruby @@ -35,7 +29,7 @@ We're hiring developers, support people, and production engineers all the time, There are two editions of GitLab: - GitLab Community Edition (CE) is available freely under the MIT Expat license. -- GitLab Enterprise Edition (EE) includes [extra features](https://about.gitlab.com/products/#compare-options) that are more useful for organizations with more than 100 users. To use EE and get official support please [become a subscriber](https://about.gitlab.com/products/). +- GitLab Enterprise Edition (EE) includes [extra features](https://about.gitlab.com/pricing/#compare-options) that are more useful for organizations with more than 100 users. To use EE and get official support please [become a subscriber](https://about.gitlab.com/pricing/). ## Website @@ -64,7 +58,7 @@ You can access a new installation with the login **`root`** and password **`5ive ## Contributing -GitLab is an open source project and we are very happy to accept community contributions. Please refer to [CONTRIBUTING.md](/CONTRIBUTING.md) for details. +GitLab is an open source project and we are very happy to accept community contributions. Please refer to [Contributing to GitLab page](https://about.gitlab.com/contributing/) for more details. ## Licensing @@ -72,7 +66,7 @@ GitLab Community Edition (CE) is available freely under the MIT Expat license. All third party components incorporated into the GitLab Software are licensed under the original license provided by the owner of the applicable component. -All Documentation content that resides under the doc/ directory of this repository is licensed under Creative Commons: CC BY-SA 4.0. +All Documentation content that resides under the `doc/` directory of this repository is licensed under Creative Commons: CC BY-SA 4.0. ## Install a development environment @@ -89,7 +83,7 @@ Instructions on how to start GitLab and how to run the tests can be found in the GitLab is a Ruby on Rails application that runs on the following software: - Ubuntu/Debian/CentOS/RHEL/OpenSUSE -- Ruby (MRI) 2.3 +- Ruby (MRI) 2.4 - Git 2.8.4+ - Redis 2.8+ - PostgreSQL (preferred) or MySQL @@ -120,6 +114,10 @@ All documentation can be found on [docs.gitlab.com/ce/](https://docs.gitlab.com/ Please see [Getting help for GitLab](https://about.gitlab.com/getting-help/) on our website for the many options to get help. +## Why? + +[Read here](https://about.gitlab.com/why/) + ## Is it any good? [Yes](https://news.ycombinator.com/item?id=3067434) diff --git a/Rakefile b/Rakefile index 85fff2d51eb015ead78cd9428747ce6768eeebe1..de0d6695c7bae68a6518d317847f277c9ba95257 100755 --- a/Rakefile +++ b/Rakefile @@ -2,9 +2,9 @@ # Add your own tasks in files placed in lib/tasks ending in .rake, # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake. -require File.expand_path('../config/application', __FILE__) +require File.expand_path('config/application', __dir__) -relative_url_conf = File.expand_path('../config/initializers/relative_url', __FILE__) +relative_url_conf = File.expand_path('config/initializers/relative_url', __dir__) require relative_url_conf if File.exist?("#{relative_url_conf}.rb") Gitlab::Application.load_tasks diff --git a/VERSION b/VERSION index 8ca9077d87b4ff5fd45d9a1be080f972c5982592..d6ed538af36091d5ef85edeeaa6dd4137b567a40 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -11.0.0-pre +11.5.0-pre diff --git a/app/assets/images/auth_buttons/auth0_64.png b/app/assets/images/auth_buttons/auth0_64.png new file mode 100644 index 0000000000000000000000000000000000000000..5ad596593801bffdc9f11c70f4021ffb17ac8341 Binary files /dev/null and b/app/assets/images/auth_buttons/auth0_64.png differ diff --git a/app/assets/images/auth_buttons/azure_64.png b/app/assets/images/auth_buttons/azure_64.png index 85de7793440c2226bf5af311488d5f7c755ae2e0..168a9c81395d5ab507ff3ec1ecfbceccfd8b89dc 100644 Binary files a/app/assets/images/auth_buttons/azure_64.png and b/app/assets/images/auth_buttons/azure_64.png differ diff --git a/app/assets/images/auth_buttons/bitbucket_64.png b/app/assets/images/auth_buttons/bitbucket_64.png index b3d022a5a7019f199eaab18992c4bb5926824abe..0edf7f52a117173c41cfcbb212ba37141aae30ee 100644 Binary files a/app/assets/images/auth_buttons/bitbucket_64.png and b/app/assets/images/auth_buttons/bitbucket_64.png differ diff --git a/app/assets/images/auth_buttons/google_64.png b/app/assets/images/auth_buttons/google_64.png index 720824230a50490f008d5e0c1c1d167e6923d900..389c1cd54ca90f24fe3643ca864f8ff005fd5cd1 100644 Binary files a/app/assets/images/auth_buttons/google_64.png and b/app/assets/images/auth_buttons/google_64.png differ diff --git a/app/assets/images/auth_buttons/jwt_64.png b/app/assets/images/auth_buttons/jwt_64.png new file mode 100644 index 0000000000000000000000000000000000000000..ca97ae47002c1a96da1fa969b3c10e7b2e25d6bc Binary files /dev/null and b/app/assets/images/auth_buttons/jwt_64.png differ diff --git a/app/assets/images/auth_buttons/shibboleth_64.png b/app/assets/images/auth_buttons/shibboleth_64.png new file mode 100644 index 0000000000000000000000000000000000000000..d4c752f9400a48d6ce7f534149556c1543d24598 Binary files /dev/null and b/app/assets/images/auth_buttons/shibboleth_64.png differ diff --git a/app/assets/images/ci_favicons/canary/favicon_status_scheduled.ico b/app/assets/images/ci_favicons/canary/favicon_status_scheduled.ico new file mode 100644 index 0000000000000000000000000000000000000000..5444b8e41dce57740b6c3d90a4b7aa9495e9933e Binary files /dev/null and b/app/assets/images/ci_favicons/canary/favicon_status_scheduled.ico differ diff --git a/app/assets/images/ci_favicons/favicon_status_scheduled.png b/app/assets/images/ci_favicons/favicon_status_scheduled.png new file mode 100644 index 0000000000000000000000000000000000000000..d198c255fddc10600c27c9f0010b1371b0af19af Binary files /dev/null and b/app/assets/images/ci_favicons/favicon_status_scheduled.png differ diff --git a/app/assets/images/cluster_app_logos/elasticsearch.png b/app/assets/images/cluster_app_logos/elasticsearch.png new file mode 100644 index 0000000000000000000000000000000000000000..96e9e0ff934c47e360770436ef5b83dfe6691f86 Binary files /dev/null and b/app/assets/images/cluster_app_logos/elasticsearch.png differ diff --git a/app/assets/images/cluster_app_logos/gitlab.png b/app/assets/images/cluster_app_logos/gitlab.png new file mode 100644 index 0000000000000000000000000000000000000000..cb2195fc6a2e8cef12f124232a22ebe084fb7b53 Binary files /dev/null and b/app/assets/images/cluster_app_logos/gitlab.png differ diff --git a/app/assets/images/cluster_app_logos/helm.png b/app/assets/images/cluster_app_logos/helm.png new file mode 100644 index 0000000000000000000000000000000000000000..2989cae7b9344431c164411ac9906606d283f6eb Binary files /dev/null and b/app/assets/images/cluster_app_logos/helm.png differ diff --git a/app/assets/images/cluster_app_logos/jeager.png b/app/assets/images/cluster_app_logos/jeager.png new file mode 100644 index 0000000000000000000000000000000000000000..be5bf2a0c9cc12721512eea869872a0a56304bdf Binary files /dev/null and b/app/assets/images/cluster_app_logos/jeager.png differ diff --git a/app/assets/images/cluster_app_logos/jupyterhub.png b/app/assets/images/cluster_app_logos/jupyterhub.png new file mode 100644 index 0000000000000000000000000000000000000000..80c7343067fa66169f95cbc0106f22d6672cadfc Binary files /dev/null and b/app/assets/images/cluster_app_logos/jupyterhub.png differ diff --git a/app/assets/images/cluster_app_logos/kubernetes.png b/app/assets/images/cluster_app_logos/kubernetes.png new file mode 100644 index 0000000000000000000000000000000000000000..4d774909c103340c030f082fdb0d3942a4d8a2e9 Binary files /dev/null and b/app/assets/images/cluster_app_logos/kubernetes.png differ diff --git a/app/assets/images/cluster_app_logos/meltano.png b/app/assets/images/cluster_app_logos/meltano.png new file mode 100644 index 0000000000000000000000000000000000000000..7a2d82fbe27801d64d1e59bb53da057218573680 Binary files /dev/null and b/app/assets/images/cluster_app_logos/meltano.png differ diff --git a/app/assets/images/cluster_app_logos/prometheus.png b/app/assets/images/cluster_app_logos/prometheus.png new file mode 100644 index 0000000000000000000000000000000000000000..a8663449b884885c3e1afbcabb85dffe4f1bd429 Binary files /dev/null and b/app/assets/images/cluster_app_logos/prometheus.png differ diff --git a/app/assets/images/favicon-blue.ico b/app/assets/images/favicon-blue.ico deleted file mode 100644 index 156fcf075881c121ea364095cef181e5cc7fd285..0000000000000000000000000000000000000000 Binary files a/app/assets/images/favicon-blue.ico and /dev/null differ diff --git a/app/assets/images/koding-logo.svg b/app/assets/images/koding-logo.svg deleted file mode 100644 index ad89d684d94d63c7e0091b6c4ee215cf3e511bf1..0000000000000000000000000000000000000000 --- a/app/assets/images/koding-logo.svg +++ /dev/null @@ -1,8 +0,0 @@ - - - - - - - - \ No newline at end of file diff --git a/app/assets/javascripts/activities.js b/app/assets/javascripts/activities.js index c117d080bda7f597ce1d811e301f744ccedd4a30..de4566bb119a8ba3a017d62db06944a428f52e24 100644 --- a/app/assets/javascripts/activities.js +++ b/app/assets/javascripts/activities.js @@ -1,4 +1,4 @@ -/* eslint-disable no-param-reassign, class-methods-use-this */ +/* eslint-disable class-methods-use-this */ import $ from 'jquery'; import Cookies from 'js-cookie'; diff --git a/app/assets/javascripts/ajax_loading_spinner.js b/app/assets/javascripts/ajax_loading_spinner.js index bd08308904ca8d4ee6a015aab74461e94fdaa9cd..54e86f329e4b57b6dd6b415bc0fc221227e51d2d 100644 --- a/app/assets/javascripts/ajax_loading_spinner.js +++ b/app/assets/javascripts/ajax_loading_spinner.js @@ -26,7 +26,7 @@ export default class AjaxLoadingSpinner { } static toggleLoadingIcon(iconElement) { - const classList = iconElement.classList; + const { classList } = iconElement; classList.toggle(iconElement.dataset.icon); classList.toggle('fa-spinner'); classList.toggle('fa-spin'); diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js index 000938e475f616660574948d59854adc30b74883..3f7a1ef1bfcbee15a3335a77a231532fe4bcd130 100644 --- a/app/assets/javascripts/api.js +++ b/app/assets/javascripts/api.js @@ -15,12 +15,11 @@ const Api = { mergeRequestChangesPath: '/api/:version/projects/:id/merge_requests/:mrid/changes', mergeRequestVersionsPath: '/api/:version/projects/:id/merge_requests/:mrid/versions', groupLabelsPath: '/groups/:namespace_path/-/labels', - licensePath: '/api/:version/templates/licenses/:key', - gitignorePath: '/api/:version/templates/gitignores/:key', - gitlabCiYmlPath: '/api/:version/templates/gitlab_ci_ymls/:key', - dockerfilePath: '/api/:version/templates/dockerfiles/:key', issuableTemplatePath: '/:namespace_path/:project_path/templates/:type/:key', + projectTemplatePath: '/api/:version/projects/:id/templates/:type/:key', + projectTemplatesPath: '/api/:version/projects/:id/templates/:type', usersPath: '/api/:version/users.json', + userStatusPath: '/api/:version/user/status', commitPath: '/api/:version/projects/:id/repository/commits', commitPipelinesPath: '/:project_id/commit/:sha/pipelines', branchSinglePath: '/api/:version/projects/:id/repository/branches/:branch', @@ -100,12 +99,12 @@ const Api = { }, // Return Merge Request for project - mergeRequest(projectPath, mergeRequestId) { + mergeRequest(projectPath, mergeRequestId, params = {}) { const url = Api.buildUrl(Api.mergeRequestPath) .replace(':id', encodeURIComponent(projectPath)) .replace(':mrid', mergeRequestId); - return axios.get(url); + return axios.get(url, { params }); }, mergeRequests(params = {}) { @@ -150,14 +149,15 @@ const Api = { }, // Return group projects list. Filtered by query - groupProjects(groupId, query, callback) { + groupProjects(groupId, query, options, callback) { const url = Api.buildUrl(Api.groupProjectsPath).replace(':id', groupId); + const defaults = { + search: query, + per_page: 20, + }; return axios .get(url, { - params: { - search: query, - per_page: 20, - }, + params: Object.assign({}, defaults, options), }) .then(({ data }) => callback(data)); }, @@ -193,29 +193,29 @@ const Api = { return axios.get(url); }, - // Return text for a specific license - licenseText(key, data, callback) { - const url = Api.buildUrl(Api.licensePath).replace(':key', key); - return axios - .get(url, { - params: data, - }) - .then(res => callback(res.data)); - }, + projectTemplate(id, type, key, options, callback) { + const url = Api.buildUrl(this.projectTemplatePath) + .replace(':id', encodeURIComponent(id)) + .replace(':type', type) + .replace(':key', encodeURIComponent(key)); - gitignoreText(key, callback) { - const url = Api.buildUrl(Api.gitignorePath).replace(':key', key); - return axios.get(url).then(({ data }) => callback(data)); - }, + return axios.get(url, { params: options }).then(res => { + if (callback) callback(res.data); - gitlabCiYml(key, callback) { - const url = Api.buildUrl(Api.gitlabCiYmlPath).replace(':key', key); - return axios.get(url).then(({ data }) => callback(data)); + return res; + }); }, - dockerfileYml(key, callback) { - const url = Api.buildUrl(Api.dockerfilePath).replace(':key', key); - return axios.get(url).then(({ data }) => callback(data)); + projectTemplates(id, type, params = {}, callback) { + const url = Api.buildUrl(this.projectTemplatesPath) + .replace(':id', encodeURIComponent(id)) + .replace(':type', type); + + return axios.get(url, { params }).then(res => { + if (callback) callback(res.data); + + return res; + }); }, issueTemplate(namespacePath, projectPath, key, type, callback) { @@ -243,6 +243,36 @@ const Api = { }); }, + branches(id, query = '', options = {}) { + const url = Api.buildUrl(this.createBranchPath).replace(':id', encodeURIComponent(id)); + + return axios.get(url, { + params: { + search: query, + per_page: 20, + ...options, + }, + }); + }, + + createBranch(id, { ref, branch }) { + const url = Api.buildUrl(this.createBranchPath).replace(':id', encodeURIComponent(id)); + + return axios.post(url, { + ref, + branch, + }); + }, + + postUserStatus({ emoji, message }) { + const url = Api.buildUrl(this.userStatusPath); + + return axios.put(url, { + emoji, + message, + }); + }, + buildUrl(url) { let urlRoot = ''; if (gon.relative_url_root != null) { diff --git a/app/assets/javascripts/autosave.js b/app/assets/javascripts/autosave.js index 0da872db7e5f7efca2e78acb9064bc99086eb76c..e8c59fab6095318160f50bc4852d9e59199ec02e 100644 --- a/app/assets/javascripts/autosave.js +++ b/app/assets/javascripts/autosave.js @@ -1,4 +1,4 @@ -/* eslint-disable no-param-reassign, prefer-template, no-var, no-void, consistent-return */ +/* eslint-disable no-param-reassign, prefer-template, no-void, consistent-return */ import AccessorUtilities from './lib/utils/accessor'; @@ -31,7 +31,9 @@ export default class Autosave { // https://github.com/vuejs/vue/issues/2804#issuecomment-216968137 const event = new Event('change', { bubbles: true, cancelable: false }); const field = this.field.get(0); - field.dispatchEvent(event); + if (field) { + field.dispatchEvent(event); + } } save() { @@ -51,4 +53,8 @@ export default class Autosave { return window.localStorage.removeItem(this.key); } + + dispose() { + this.field.off('input'); + } } diff --git a/app/assets/javascripts/awards_handler.js b/app/assets/javascripts/awards_handler.js index eb0f06efab4f011afbd730c0856e46bafa5a3dd1..cace8bb9dba60b34fe08f326a5039e175002a2ec 100644 --- a/app/assets/javascripts/awards_handler.js +++ b/app/assets/javascripts/awards_handler.js @@ -11,7 +11,8 @@ import axios from './lib/utils/axios_utils'; const animationEndEventString = 'animationend webkitAnimationEnd MSAnimationEnd oAnimationEnd'; const transitionEndEventString = 'transitionend webkitTransitionEnd oTransitionEnd MSTransitionEnd'; -const requestAnimationFrame = window.requestAnimationFrame || +const requestAnimationFrame = + window.requestAnimationFrame || window.webkitRequestAnimationFrame || window.mozRequestAnimationFrame || window.setTimeout; @@ -32,41 +33,58 @@ const categoryLabelMap = { const IS_VISIBLE = 'is-visible'; const IS_RENDERED = 'is-rendered'; -class AwardsHandler { +export class AwardsHandler { constructor(emoji) { this.emoji = emoji; this.eventListeners = []; + this.toggleButtonSelector = '.js-add-award'; + this.menuClass = 'js-award-emoji-menu'; + } + + bindEvents() { + const $parentEl = this.targetContainerEl ? $(this.targetContainerEl) : $(document); // If the user shows intent let's pre-build the menu - this.registerEventListener('one', $(document), 'mouseenter focus', '.js-add-award', 'mouseenter focus', () => { - const $menu = $('.emoji-menu'); - if ($menu.length === 0) { - requestAnimationFrame(() => { - this.createEmojiMenu(); - }); - } - }); - this.registerEventListener('on', $(document), 'click', '.js-add-award', (e) => { + this.registerEventListener( + 'one', + $parentEl, + 'mouseenter focus', + this.toggleButtonSelector, + 'mouseenter focus', + () => { + const $menu = $(`.${this.menuClass}`); + if ($menu.length === 0) { + requestAnimationFrame(() => { + this.createEmojiMenu(); + }); + } + }, + ); + this.registerEventListener('on', $parentEl, 'click', this.toggleButtonSelector, e => { e.stopPropagation(); e.preventDefault(); this.showEmojiMenu($(e.currentTarget)); }); - this.registerEventListener('on', $('html'), 'click', (e) => { + this.registerEventListener('on', $('html'), 'click', e => { const $target = $(e.target); - if (!$target.closest('.emoji-menu').length) { + if (!$target.closest(`.${this.menuClass}`).length) { $('.js-awards-block.current').removeClass('current'); - if ($('.emoji-menu').is(':visible')) { - $('.js-add-award.is-active').removeClass('is-active'); - this.hideMenuElement($('.emoji-menu')); + if ($(`.${this.menuClass}`).is(':visible')) { + $(`${this.toggleButtonSelector}.is-active`).removeClass('is-active'); + this.hideMenuElement($(`.${this.menuClass}`)); } } }); - this.registerEventListener('on', $(document), 'click', '.js-emoji-btn', (e) => { + + const emojiButtonSelector = `.js-awards-block .js-emoji-btn, .${this.menuClass} .js-emoji-btn`; + this.registerEventListener('on', $parentEl, 'click', emojiButtonSelector, e => { e.preventDefault(); const $target = $(e.currentTarget); const $glEmojiElement = $target.find('gl-emoji'); const $spriteIconElement = $target.find('.icon'); - const emojiName = ($glEmojiElement.length ? $glEmojiElement : $spriteIconElement).data('name'); + const emojiName = ($glEmojiElement.length ? $glEmojiElement : $spriteIconElement).data( + 'name', + ); $target.closest('.js-awards-block').addClass('current'); this.addAward(this.getVotesBlock(), this.getAwardUrl(), emojiName); @@ -83,14 +101,15 @@ class AwardsHandler { showEmojiMenu($addBtn) { if ($addBtn.hasClass('js-note-emoji')) { - $addBtn.closest('.note').find('.js-awards-block').addClass('current'); + $addBtn + .closest('.note') + .find('.js-awards-block') + .addClass('current'); } else { $addBtn.closest('.js-awards-block').addClass('current'); } - const $menu = $('.emoji-menu'); - const $thumbsBtn = $menu.find('[data-name="thumbsup"], [data-name="thumbsdown"]').parent(); - const $userAuthored = this.isUserAuthored($addBtn); + const $menu = $(`.${this.menuClass}`); if ($menu.length) { if ($menu.is('.is-visible')) { $addBtn.removeClass('is-active'); @@ -105,7 +124,7 @@ class AwardsHandler { } else { $addBtn.addClass('is-loading is-active'); this.createEmojiMenu(() => { - const $createdMenu = $('.emoji-menu'); + const $createdMenu = $(`.${this.menuClass}`); $addBtn.removeClass('is-loading'); this.positionMenu($createdMenu, $addBtn); return setTimeout(() => { @@ -114,9 +133,6 @@ class AwardsHandler { }, 200); }); } - - $thumbsBtn.toggleClass('disabled', $userAuthored); - $thumbsBtn.prop('disabled', $userAuthored); } // Create the emoji menu with the first category of emojis. @@ -143,7 +159,7 @@ class AwardsHandler { } const emojiMenuMarkup = ` -
+
@@ -153,7 +169,8 @@ class AwardsHandler {
`; - document.body.insertAdjacentHTML('beforeend', emojiMenuMarkup); + const targetEl = this.targetContainerEl ? this.targetContainerEl : document.body; + targetEl.insertAdjacentHTML('beforeend', emojiMenuMarkup); this.addRemainingEmojiMenuCategories(); this.setupSearch(); @@ -172,37 +189,43 @@ class AwardsHandler { // Avoid the jank and render the remaining categories separately // This will take more time, but makes UI more responsive - const menu = document.querySelector('.emoji-menu'); + const menu = document.querySelector(`.${this.menuClass}`); const emojiContentElement = menu.querySelector('.emoji-menu-content'); const remainingCategories = Object.keys(categoryMap).slice(1); const allCategoriesAddedPromise = remainingCategories.reduce( (promiseChain, categoryNameKey) => - promiseChain.then(() => - new Promise((resolve) => { - const emojisInCategory = categoryMap[categoryNameKey]; - const categoryMarkup = this.renderCategory( - categoryLabelMap[categoryNameKey], - emojisInCategory, - ); - requestAnimationFrame(() => { - emojiContentElement.insertAdjacentHTML('beforeend', categoryMarkup); - resolve(); - }); - }), - ), + promiseChain.then( + () => + new Promise(resolve => { + const emojisInCategory = categoryMap[categoryNameKey]; + const categoryMarkup = this.renderCategory( + categoryLabelMap[categoryNameKey], + emojisInCategory, + ); + requestAnimationFrame(() => { + emojiContentElement.insertAdjacentHTML('beforeend', categoryMarkup); + resolve(); + }); + }), + ), Promise.resolve(), ); - allCategoriesAddedPromise.then(() => { - // Used for tests - // We check for the menu in case it was destroyed in the meantime - if (menu) { - menu.dispatchEvent(new CustomEvent('build-emoji-menu-finish')); - } - }).catch((err) => { - emojiContentElement.insertAdjacentHTML('beforeend', '

We encountered an error while adding the remaining categories

'); - throw new Error(`Error occurred in addRemainingEmojiMenuCategories: ${err.message}`); - }); + allCategoriesAddedPromise + .then(() => { + // Used for tests + // We check for the menu in case it was destroyed in the meantime + if (menu) { + menu.dispatchEvent(new CustomEvent('build-emoji-menu-finish')); + } + }) + .catch(err => { + emojiContentElement.insertAdjacentHTML( + 'beforeend', + '

We encountered an error while adding the remaining categories

', + ); + throw new Error(`Error occurred in addRemainingEmojiMenuCategories: ${err.message}`); + }); } renderCategory(name, emojiList, opts = {}) { @@ -211,7 +234,9 @@ class AwardsHandler { ${name}
    - ${emojiList.map(emojiName => ` + ${emojiList + .map( + emojiName => `
  • - `).join('\n')} + `, + ) + .join('\n')}
`; } positionMenu($menu, $addBtn) { + if (this.targetContainerEl) { + return $menu.css({ + top: `${$addBtn.outerHeight()}px`, + }); + } + const position = $addBtn.data('position'); // The menu could potentially be off-screen or in a hidden overflow element // So we position the element absolute in the body @@ -232,7 +265,7 @@ class AwardsHandler { top: `${$addBtn.offset().top + $addBtn.outerHeight()}px`, }; if (position === 'right') { - css.left = `${($addBtn.offset().left - $menu.outerWidth()) + 20}px`; + css.left = `${$addBtn.offset().left - $menu.outerWidth() + 20}px`; $menu.addClass('is-aligned-right'); } else { css.left = `${$addBtn.offset().left}px`; @@ -247,9 +280,9 @@ class AwardsHandler { if (isInVueNoteablePage() && !isMainAwardsBlock) { const id = votesBlock.attr('id').replace('note_', ''); - this.hideMenuElement($('.emoji-menu')); + this.hideMenuElement($(`.${this.menuClass}`)); - $('.js-add-award.is-active').removeClass('is-active'); + $(`${this.toggleButtonSelector}.is-active`).removeClass('is-active'); const toggleAwardEvent = new CustomEvent('toggleAward', { detail: { awardName: emoji, @@ -268,9 +301,9 @@ class AwardsHandler { return typeof callback === 'function' ? callback() : undefined; }); - this.hideMenuElement($('.emoji-menu')); + this.hideMenuElement($(`.${this.menuClass}`)); - return $('.js-add-award.is-active').removeClass('is-active'); + return $(`${this.toggleButtonSelector}.is-active`).removeClass('is-active'); } addAwardToEmojiBar(votesBlock, emoji, checkForMutuality) { @@ -298,7 +331,7 @@ class AwardsHandler { getVotesBlock() { if (isInVueNoteablePage()) { - const $el = $('.js-add-award.is-active').closest('.note.timeline-entry'); + const $el = $(`${this.toggleButtonSelector}.is-active`).closest('.note.timeline-entry'); if ($el.length) { return $el; @@ -334,10 +367,6 @@ class AwardsHandler { return $emojiButton.hasClass('active'); } - isUserAuthored($button) { - return $button.hasClass('js-user-authored'); - } - decrementCounter($emojiButton, emoji) { const counter = $('.js-counter', $emojiButton); const counterNumber = parseInt(counter.text(), 10); @@ -403,9 +432,7 @@ class AwardsHandler { users = origTitle.trim().split(FROM_SENTENCE_REGEX); } users.unshift('You'); - return awardBlock - .attr('title', this.toSentence(users)) - .tooltip('_fixTitle'); + return awardBlock.attr('title', this.toSentence(users)).tooltip('_fixTitle'); } createAwardButtonForVotesBlock(votesBlock, emojiName) { @@ -416,7 +443,10 @@ class AwardsHandler { `; const $emojiButton = $(buttonHtml); - $emojiButton.insertBefore(votesBlock.find('.js-award-holder')).find('.emoji-icon').data('name', emojiName); + $emojiButton + .insertBefore(votesBlock.find('.js-award-holder')) + .find('.emoji-icon') + .data('name', emojiName); this.animateEmoji($emojiButton); $('.award-control').tooltip(); votesBlock.removeClass('current'); @@ -426,13 +456,13 @@ class AwardsHandler { const className = 'pulse animated once short'; $emoji.addClass(className); - this.registerEventListener('on', $emoji, animationEndEventString, (e) => { + this.registerEventListener('on', $emoji, animationEndEventString, e => { $(e.currentTarget).removeClass(className); }); } createEmoji(votesBlock, emoji) { - if ($('.emoji-menu').length) { + if ($(`.${this.menuClass}`).length) { this.createAwardButtonForVotesBlock(votesBlock, emoji); } this.createEmojiMenu(() => { @@ -441,10 +471,8 @@ class AwardsHandler { } postEmoji($emojiButton, awardUrl, emoji, callback) { - if (this.isUserAuthored($emojiButton)) { - this.userAuthored($emojiButton); - } else { - axios.post(awardUrl, { + axios + .post(awardUrl, { name: emoji, }) .then(({ data }) => { @@ -453,7 +481,6 @@ class AwardsHandler { } }) .catch(() => flash(__('Something went wrong on our end.'))); - } } findEmojiIcon(votesBlock, emoji) { @@ -486,26 +513,33 @@ class AwardsHandler { } getFrequentlyUsedEmojis() { - return this.frequentlyUsedEmojis || (() => { - const frequentlyUsedEmojis = _.uniq((Cookies.get('frequently_used_emojis') || '').split(',')); - this.frequentlyUsedEmojis = frequentlyUsedEmojis.filter( - inputName => this.emoji.isEmojiNameValid(inputName), - ); - - return this.frequentlyUsedEmojis; - })(); + return ( + this.frequentlyUsedEmojis || + (() => { + const frequentlyUsedEmojis = _.uniq( + (Cookies.get('frequently_used_emojis') || '').split(','), + ); + this.frequentlyUsedEmojis = frequentlyUsedEmojis.filter(inputName => + this.emoji.isEmojiNameValid(inputName), + ); + + return this.frequentlyUsedEmojis; + })() + ); } setupSearch() { const $search = $('.js-emoji-menu-search'); - this.registerEventListener('on', $search, 'input', (e) => { - const term = $(e.target).val().trim(); + this.registerEventListener('on', $search, 'input', e => { + const term = $(e.target) + .val() + .trim(); this.searchEmojis(term); }); - const $menu = $('.emoji-menu'); - this.registerEventListener('on', $menu, transitionEndEventString, (e) => { + const $menu = $(`.${this.menuClass}`); + this.registerEventListener('on', $menu, transitionEndEventString, e => { if (e.target === e.currentTarget) { // Clear the search this.searchEmojis(''); @@ -523,19 +557,26 @@ class AwardsHandler { // Generate a search result block const h5 = $('
').text('Search results'); const foundEmojis = this.findMatchingEmojiElements(term).show(); - const ul = $('
    ').addClass('emoji-menu-list emoji-menu-search').append(foundEmojis); + const ul = $('
      ') + .addClass('emoji-menu-list emoji-menu-search') + .append(foundEmojis); $('.emoji-menu-content ul, .emoji-menu-content h5').hide(); - $('.emoji-menu-content').append(h5).append(ul); + $('.emoji-menu-content') + .append(h5) + .append(ul); } else { - $('.emoji-menu-content').children().show(); + $('.emoji-menu-content') + .children() + .show(); } } findMatchingEmojiElements(query) { const emojiMatches = this.emoji.filterEmojiNamesByAlias(query); const $emojiElements = $('.emoji-menu-list:not(.frequent-emojis) [data-name]'); - const $matchingElements = $emojiElements - .filter((i, elm) => emojiMatches.indexOf(elm.dataset.name) >= 0); + const $matchingElements = $emojiElements.filter( + (i, elm) => emojiMatches.indexOf(elm.dataset.name) >= 0, + ); return $matchingElements.closest('li').clone(); } @@ -550,16 +591,13 @@ class AwardsHandler { $emojiMenu.addClass(IS_RENDERED); // enqueues animation as a microtask, so it begins ASAP once IS_RENDERED added - return Promise.resolve() - .then(() => $emojiMenu.addClass(IS_VISIBLE)); + return Promise.resolve().then(() => $emojiMenu.addClass(IS_VISIBLE)); } hideMenuElement($emojiMenu) { - $emojiMenu.on(transitionEndEventString, (e) => { + $emojiMenu.on(transitionEndEventString, e => { if (e.currentTarget === e.target) { - $emojiMenu - .removeClass(IS_RENDERED) - .off(transitionEndEventString); + $emojiMenu.removeClass(IS_RENDERED).off(transitionEndEventString); } }); @@ -567,18 +605,21 @@ class AwardsHandler { } destroy() { - this.eventListeners.forEach((entry) => { + this.eventListeners.forEach(entry => { entry.element.off.call(entry.element, ...entry.args); }); - $('.emoji-menu').remove(); + $(`.${this.menuClass}`).remove(); } } let awardsHandlerPromise = null; export default function loadAwardsHandler(reload = false) { if (!awardsHandlerPromise || reload) { - awardsHandlerPromise = import(/* webpackChunkName: 'emoji' */ './emoji') - .then(Emoji => new AwardsHandler(Emoji)); + awardsHandlerPromise = import(/* webpackChunkName: 'emoji' */ './emoji').then(Emoji => { + const awardsHandler = new AwardsHandler(Emoji); + awardsHandler.bindEvents(); + return awardsHandler; + }); } return awardsHandlerPromise; } diff --git a/app/assets/javascripts/badges/components/badge.vue b/app/assets/javascripts/badges/components/badge.vue index d0f60e1d4cba3400f274247c6476abaa3caf8cf6..97232d7f783685158c74ef6156e4ea23f311592d 100644 --- a/app/assets/javascripts/badges/components/badge.vue +++ b/app/assets/javascripts/badges/components/badge.vue @@ -1,13 +1,11 @@ diff --git a/app/assets/javascripts/badges/components/badge_list.vue b/app/assets/javascripts/badges/components/badge_list.vue index 268968b63b3be4628acde0a3c556553cf99ce6ff..359d3e10380e01e431c58bf64a5439e2d5035822 100644 --- a/app/assets/javascripts/badges/components/badge_list.vue +++ b/app/assets/javascripts/badges/components/badge_list.vue @@ -1,6 +1,5 @@