Add latest changes from gitlab-org/gitlab@master

Gemfile

@@ -492,6 +492,7 @@ group :test do
   gem 'rspec_profiling', '~> 0.0.6', feature_category: :tooling
   gem 'rspec-benchmark', '~> 0.6.0', feature_category: :tooling
   gem 'rspec-parameterized', '~> 1.0', require: false, feature_category: :tooling
+  gem 'os', '~> 1.1', feature_category: :tooling
 
   gem 'capybara', '~> 3.39', '>= 3.39.2' # rubocop:todo Gemfile/MissingFeatureCategory
   gem 'capybara-screenshot', '~> 1.0.26' # rubocop:todo Gemfile/MissingFeatureCategory

Gemfile.lock

@@ -1997,6 +1997,7 @@ DEPENDENCIES
   openid_connect (= 1.3.0)
   openssl (~> 3.0)
   org-ruby (~> 0.9.12)
+  os (~> 1.1)
   pact (~> 1.63)
   parallel (~> 1.19)
   parser (~> 3.2, >= 3.2.2.4)

app/assets/javascripts/groups_projects/components/more_actions_dropdown.vue

@@ -123,7 +123,7 @@ export default {
     <template #toggle>
       <div class="gl-min-h-7">
         <gl-button
-          class="gl-md-display-none! gl-new-dropdown-toggle gl-absolute gl-top-0 gl-left-0 gl-w-full"
+          class="gl-md-display-none! gl-new-dropdown-toggle gl-absolute gl-top-0 gl-left-0 gl-w-full gl-sm-w-auto"
           button-text-classes="gl-w-full"
           category="secondary"
           :aria-label="$options.i18n.actionsLabel"

app/assets/javascripts/search/index.js

@@ -11,13 +11,36 @@ const sidebarInitState = () => {
   const el = document.getElementById('js-search-sidebar');
   if (!el) return {};
 
-  const { navigationJson, searchType, groupInitialJson, projectInitialJson } = el.dataset;
+  const {
+    navigationJson,
+    searchType,
+    searchLevel,
+    groupInitialJson,
+    projectInitialJson,
+  } = el.dataset;
 
   const navigationJsonParsed = JSON.parse(navigationJson);
   const groupInitialJsonParsed = JSON.parse(groupInitialJson);
   const projectInitialJsonParsed = JSON.parse(projectInitialJson);
 
-  return { navigationJsonParsed, searchType, groupInitialJsonParsed, projectInitialJsonParsed };
+  return {
+    navigationJsonParsed,
+    searchType,
+    searchLevel,
+    groupInitialJsonParsed,
+    projectInitialJsonParsed,
+  };
+};
+
+const topBarInitState = () => {
+  const el = document.getElementById('js-search-topbar');
+
+  if (!el) {
+    return false;
+  }
+
+  const { defaultBranchName } = el.dataset;
+  return { defaultBranchName };
 };
 
 export const initSearchApp = () => {
@@ -26,16 +49,21 @@ export const initSearchApp = () => {
   const {
     navigationJsonParsed: navigation,
     searchType,
+    searchLevel,
     groupInitialJsonParsed: groupInitialJson,
     projectInitialJsonParsed: projectInitialJson,
   } = sidebarInitState() || {};
 
+  const { defaultBranchName } = topBarInitState() || {};
+
   const store = createStore({
     query,
     navigation,
     searchType,
+    searchLevel,
     groupInitialJson,
     projectInitialJson,
+    defaultBranchName,
   });
 
   initTopbar(store);

app/assets/javascripts/search/store/constants.js

@@ -39,3 +39,7 @@ export const ICON_MAP = {
 export const ZOEKT_SEARCH_TYPE = 'zoekt';
 export const ADVANCED_SEARCH_TYPE = 'advanced';
 export const BASIC_SEARCH_TYPE = 'basic';
+
+export const SEARCH_LEVEL_GLOBAL = 'global';
+export const SEARCH_LEVEL_PROJECT = 'project';
+export const SEARCH_LEVEL_GROUP = 'group';

app/assets/javascripts/search/store/state.js

@@ -1,7 +1,15 @@
 import { cloneDeep } from 'lodash';
 import { GROUPS_LOCAL_STORAGE_KEY, PROJECTS_LOCAL_STORAGE_KEY } from './constants';
 
-const createState = ({ query, navigation, searchType, groupInitialJson, projectInitialJson }) => ({
+const createState = ({
+  query,
+  navigation,
+  searchType,
+  searchLevel,
+  groupInitialJson,
+  projectInitialJson,
+  defaultBranchName,
+}) => ({
   urlQuery: cloneDeep(query),
   query,
   groups: [],
@@ -21,8 +29,10 @@ const createState = ({ query, navigation, searchType, groupInitialJson, projectI
   },
   searchLabelString: '',
   searchType,
+  searchLevel,
   groupInitialJson,
   projectInitialJson,
+  defaultBranchName,
 });
 
 export default createState;

app/assets/javascripts/search/topbar/components/app.vue

@@ -23,15 +23,8 @@ export default {
     MarkdownDrawer,
     SearchTypeIndicator,
   },
-  props: {
-    defaultBranchName: {
-      type: String,
-      required: false,
-      default: '',
-    },
-  },
   computed: {
-    ...mapState(['query', 'searchType']),
+    ...mapState(['query', 'searchType', 'defaultBranchName']),
     search: {
       get() {
         return this.query ? this.query.search : '';

app/assets/javascripts/search/topbar/components/search_type_indicator.vue

@@ -8,6 +8,7 @@ import {
   ZOEKT_SEARCH_TYPE,
   ADVANCED_SEARCH_TYPE,
   BASIC_SEARCH_TYPE,
+  SEARCH_LEVEL_PROJECT,
 } from '~/search/store/constants';
 import {
   ZOEKT_HELP_PAGE,
@@ -30,7 +31,7 @@ export default {
     ),
     advanced_enabled: __('%{linkStart}Advanced search%{linkEnd} is enabled.'),
     advanced_disabled: __(
-      '%{linkStart}Exact code search (powered by Zoekt)%{linkEnd} is disabled since %{ref_elem} is not the default branch. %{docs_link}',
+      '%{linkStart}Advanced search%{linkEnd} is disabled since %{ref_elem} is not the default branch. %{docs_link}',
     ),
     more: __('Learn more.'),
   },
@@ -39,7 +40,7 @@ export default {
     GlLink,
   },
   computed: {
-    ...mapState(['searchType', 'defaultBranchName', 'query']),
+    ...mapState(['searchType', 'defaultBranchName', 'query', 'searchLevel']),
     zoektHelpUrl() {
       return helpPagePath(ZOEKT_HELP_PAGE);
     },
@@ -63,6 +64,10 @@ export default {
       return this.searchType === ADVANCED_SEARCH_TYPE;
     },
     isEnabled() {
+      if (this.searchLevel !== SEARCH_LEVEL_PROJECT) {
+        return true;
+      }
+
       return !this.query.repository_ref || this.query.repository_ref === this.defaultBranchName;
     },
     isBasicSearch() {

app/assets/javascripts/search/topbar/index.js

@@ -11,18 +11,12 @@ export const initTopbar = (store) => {
     return false;
   }
 
-  const { defaultBranchName } = el.dataset;
-
   return new Vue({
     el,
     name: 'GlobalSearchTopbar',
     store,
     render(createElement) {
-      return createElement(GlobalSearchTopbar, {
-        props: {
-          defaultBranchName,
-        },
-      });
+      return createElement(GlobalSearchTopbar);
     },
   });
 };

app/views/search/show.html.haml

@@ -18,6 +18,6 @@
 
 #js-search-topbar{ data: { "default-branch-name": @project&.default_branch } }
 .results.gl-lg-display-flex.gl-mt-0
-  #js-search-sidebar{ data: { navigation_json: search_navigation_json, search_type: search_service.search_type, group_initial_json: group_attributes.to_json, project_initial_json: project_attributes.to_json, } }
+  #js-search-sidebar{ data: { navigation_json: search_navigation_json, search_type: search_service.search_type, search_level: search_service.level, group_initial_json: group_attributes.to_json, project_initial_json: project_attributes.to_json, } }
   - if @search_term
     = render 'search/results'

config/feature_flags/development/custom_emoji.yml

@@ -5,4 +5,4 @@ rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/231317
 milestone: '13.6'
 type: development
 group: group::project management
-default_enabled: false
+default_enabled: true

doc/api/graphql/custom_emoji.md

@@ -8,10 +8,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37911) in GitLab 13.6 [with a flag](../../administration/feature_flags.md) named `custom_emoji`. Disabled by default.
 > - Enabled on GitLab.com in GitLab 14.0.
+> - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/138969) in GitLab 16.7.
 
 FLAG:
-On self-managed GitLab, by default this feature is not available. To make it available, an administrator can [enable the feature flag](../../administration/feature_flags.md) named `custom_emoji`.
-On GitLab.com, this feature is available.
+On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../../administration/feature_flags.md) named `custom_emoji`.
 This feature is ready for production use.
 
 To use [custom emoji](../../user/emoji_reactions.md) in comments and descriptions, you can add them to a top-level group using the GraphQL API.

doc/ci/variables/index.md

@@ -638,7 +638,7 @@ To disable variable expansion for the variable:
 
 ## CI/CD variable precedence
 
-> Scan Execution Policies variable precedence was [changed](https://gitlab.com/gitlab-org/gitlab/-/issues/424028) in GitLab 16.6 [with a flag](../../administration/feature_flags.md) named `security_policies_variables_precedence`. Disabled by default.
+> Scan Execution Policies variable precedence was [changed](https://gitlab.com/gitlab-org/gitlab/-/issues/424028) in GitLab 16.7 [with a flag](../../administration/feature_flags.md) named `security_policies_variables_precedence`. Enabled by default.
 
 You can use CI/CD variables with the same name in different places, but the values
 can overwrite each other. The type of variable and where they are defined determines

doc/ci/yaml/artifacts_reports.md

@@ -314,6 +314,8 @@ GitLab can display the results of one or more reports in the
 
 ## `artifacts:reports:repository_xray` **(ULTIMATE ALL)**
 
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/432235) in GitLab 16.7.
+
 The `repository_xray` report collects information about your repository for use by AI in code suggestions.
 
 ## `artifacts:reports:sast`

doc/user/ai_features.md

@@ -14,11 +14,12 @@ GitLab is creating AI-assisted features across our DevSecOps platform. These fea
 
 | Feature | Purpose | Large Language Model | Current availability | Maturity |
 |-|-|-|-|-|
-| [Suggested Reviewers](project/merge_requests/reviews/index.md#gitlab-duo-suggested-reviewers) | Assists in creating faster and higher-quality reviews by automatically suggesting reviewers for your merge request. <br><br><i class="fa fa-youtube-play youtube" aria-hidden="true"></i> [Watch overview](https://www.youtube.com/watch?v=ivwZQgh4Rxw) | GitLab creates a machine learning model for each project, which is used to generate reviewers <br><br> [View the issue](https://gitlab.com/gitlab-org/modelops/applied-ml/applied-ml-updates/-/issues/10) | SaaS only <br><br> Ultimate tier | [Generally Available (GA)](../policy/experiment-beta-support.md#generally-available-ga) |
-| [Code Suggestions](project/repository/code_suggestions/index.md) | Helps you write code more efficiently by viewing code suggestions as you type. <br><br><i class="fa fa-youtube-play youtube" aria-hidden="true"></i> [Watch overview](https://www.youtube.com/watch?v=hCAyCTacdAQ) | For Code Completion: Vertex AI Codey [`code-gecko`](https://cloud.google.com/vertex-ai/docs/generative-ai/model-reference/code-completion) <br><br> For Code Generation: Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model)| [SaaS: All tiers](project/repository/code_suggestions/saas.md) <br><br> [Self-managed: Premium and Ultimate with Cloud Licensing](project/repository/code_suggestions/self_managed.md) | [Beta](../policy/experiment-beta-support.md#beta) |
-| [Vulnerability summary](application_security/vulnerabilities/index.md#explaining-a-vulnerability) | Helps you remediate vulnerabilities more efficiently, boost your skills, and write more secure code. <br><br><i class="fa fa-youtube-play youtube" aria-hidden="true"></i> [Watch overview](https://www.youtube.com/watch?v=6sDf73QOav8) | Vertex AI Codey [`text-bison`](https://cloud.google.com/vertex-ai/docs/generative-ai/model-reference/text) <br><br> Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) if degraded performance | SaaS only <br><br> Ultimate tier | [Beta](../policy/experiment-beta-support.md#beta) |
-| [Code explanation](#explain-code-in-the-web-ui-with-code-explanation) | Helps you understand code by explaining it in English language. <br><br><i class="fa fa-youtube-play youtube" aria-hidden="true"></i> [Watch overview](https://www.youtube.com/watch?v=1izKaLmmaCA) | Vertex AI Codey [`codechat-bison`](https://cloud.google.com/vertex-ai/docs/generative-ai/model-reference/code-chat) | SaaS only <br><br> Ultimate tier | [Experiment](../policy/experiment-beta-support.md#experiment) |
-| [GitLab Duo Chat](gitlab_duo_chat.md) | Process and generate text and code in a conversational manner. Helps you quickly identify useful information in large volumes of text in issues, epics, code, and GitLab documentation. | Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) <br><br> Vertex AI Codey [`textembedding-gecko`](https://cloud.google.com/vertex-ai/docs/generative-ai/embeddings/get-text-embeddings) | SaaS only <br><br> Ultimate tier | [Beta](../policy/experiment-beta-support.md#beta) |
+| [Suggested Reviewers](project/merge_requests/reviews/index.md#gitlab-duo-suggested-reviewers) | Assists in creating faster and higher-quality reviews by automatically suggesting reviewers for your merge request. | GitLab creates a machine learning model for each project, which is used to generate reviewers <br><br> [View the issue](https://gitlab.com/gitlab-org/modelops/applied-ml/applied-ml-updates/-/issues/10) | SaaS only <br><br> Ultimate tier | [Generally Available (GA)](../policy/experiment-beta-support.md#generally-available-ga) |
+| [Code Suggestions](project/repository/code_suggestions/index.md) | Helps you write code more efficiently by viewing code suggestions as you type. | For Code Completion: Vertex AI Codey [`code-gecko`](https://cloud.google.com/vertex-ai/docs/generative-ai/model-reference/code-completion) <br><br> For Code Generation: Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model)| [SaaS: All tiers](project/repository/code_suggestions/saas.md) <br><br> [Self-managed: Premium and Ultimate with Cloud Licensing](project/repository/code_suggestions/self_managed.md) | [Beta](../policy/experiment-beta-support.md#beta) |
+| [Vulnerability summary](application_security/vulnerabilities/index.md#explaining-a-vulnerability) | Helps you remediate vulnerabilities more efficiently, boost your skills, and write more secure code. | Vertex AI Codey [`text-bison`](https://cloud.google.com/vertex-ai/docs/generative-ai/model-reference/text) <br><br> Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) if degraded performance | SaaS only <br><br> Ultimate tier | [Beta](../policy/experiment-beta-support.md#beta) |
+| [Vulnerability resolution](application_security/vulnerabilities/index.md#explaining-a-vulnerability) | Generates a merge request containing the changes required to mitigate a vulnerability. |  Vertex AI Codey [`code-bison`](https://cloud.google.com/vertex-ai/docs/generative-ai/model-reference/code-generation) | SaaS only <br><br> Ultimate tier | [Experiment](../policy/experiment-beta-support.md#experiment) |
+| [Code explanation](#explain-code-in-the-web-ui-with-code-explanation) | Helps you understand code by explaining it in English language. | Vertex AI Codey [`codechat-bison`](https://cloud.google.com/vertex-ai/docs/generative-ai/model-reference/code-chat) | SaaS only <br><br> Ultimate tier | [Experiment](../policy/experiment-beta-support.md#experiment) |
+| [GitLab Duo Chat](gitlab_duo_chat.md) | Process and generate text and code in a conversational manner. Helps you quickly identify useful information in large volumes of text in issues, epics, code, and GitLab documentation. | Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) <br><br> Vertext AI Codey [`textembedding-gecko`](https://cloud.google.com/vertex-ai/docs/generative-ai/embeddings/get-text-embeddings) | SaaS only <br><br> Ultimate tier | [Beta](../policy/experiment-beta-support.md#beta) |
 | [Value stream forecasting](#forecast-deployment-frequency-with-value-stream-forecasting) | Assists you with predicting productivity metrics and identifying anomalies across your software development lifecycle. | Statistical forecasting | SaaS only <br> Self-managed <br><br> Ultimate tier | [Experiment](../policy/experiment-beta-support.md#experiment) |
 | [Discussion summary](#summarize-issue-discussions-with-discussion-summary) | Assists with quickly getting everyone up to speed on lengthy conversations to help ensure you are all on the same page. | Vertex AI Codey [`text-bison`](https://cloud.google.com/vertex-ai/docs/generative-ai/model-reference/text) | SaaS only <br><br> Ultimate tier | [Experiment](../policy/experiment-beta-support.md#experiment) |
 | [Merge request summary](project/merge_requests/ai_in_merge_requests.md#summarize-merge-request-changes) | Efficiently communicate the impact of your merge request changes. | Vertex AI Codey [`text-bison`](https://cloud.google.com/vertex-ai/docs/generative-ai/model-reference/text) | SaaS only <br><br> Ultimate tier | [Experiment](../policy/experiment-beta-support.md#experiment) |

doc/user/application_security/policies/scan-execution-policies.md

@@ -201,7 +201,7 @@ The keys for a schedule rule are:
 
 ## `scan` action type
 
-> - Scan Execution Policies variable precedence was [changed](https://gitlab.com/gitlab-org/gitlab/-/issues/424028) in GitLab 16.6 [with a flag](../../../administration/feature_flags.md) named `security_policies_variables_precedence`. Disabled by default.
+> - Scan Execution Policies variable precedence was [changed](https://gitlab.com/gitlab-org/gitlab/-/issues/424028) in GitLab 16.7 [with a flag](../../../administration/feature_flags.md) named `security_policies_variables_precedence`. Enabled by default.
 > - The `custom` scan action type was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/126457) in GitLab 16.4 [with a flag](../../../administration/feature_flags.md) named `compliance_pipeline_in_policies`. On GitLab.com, this feature is not available. On self-managed GitLab, by default this feature is not available. To make it available, an administrator can [enable the feature flag](../../../administration/feature_flags.md) named `compliance_pipeline_in_policies`.
 
 This action executes the selected `scan` with additional parameters when conditions for at least one

doc/user/application_security/vulnerabilities/index.md

@@ -77,6 +77,47 @@ The following data is shared with third-party AI APIs:
   record).
 - Filename.
 
+## Vulnerability resolution **(ULTIMATE SAAS EXPERIMENT)**
+
+> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/10779) in GitLab 16.7 as an [Experiment](../../../policy/experiment-beta-support.md#experiment) on GitLab.com.
+
+Use GitLab Duo Vulnerability resolution to automatically create a merge request that
+resolves the vulnerability.
+
+On GitLab.com this feature is available. By default, it is powered by Google's `code-bison-001`
+model.
+
+We cannot guarantee that the large language model produces results that are correct. Use the
+explanation with caution.
+
+Prerequisites:
+
+- You must have the GitLab Ultimate subscription tier.
+- You must be a member of the project.
+- The vulnerability must be a SAST finding.
+
+Learn more about [how to enable all GitLab Duo features](../../ai_features.md#enable-aiml-features).
+
+To resolve the vulnerability:
+
+1. On the left sidebar, select **Search or go to** and find your project.
+1. Select **Security and Compliance > Vulnerability report**.
+1. In the **Tool** dropdown list, select **SAST**.
+1. Select the SAST vulnerability you want resolved.
+1. At the top of the vulnerability's page, from the **Resolve with merge request** dropdown list, select **Resolve with AI**.
+
+A merge request containing the AI remediation suggestions is opened. Review the suggested changes,
+then process the merge request according to your standard workflow.
+
+### Data shared with third-party AI APIs
+
+The following data is shared with third-party AI APIs:
+
+- Vulnerability title (which might contain the file name, depending on which scanner is used).
+- Vulnerability identifiers.
+- Code block.
+- File name.
+
 ## Vulnerability status values
 
 A vulnerability's status can be:

doc/user/compliance/license_scanning_of_cyclonedx_files/index.md

@@ -28,9 +28,15 @@ or [instance](../../../ci/variables/index.md#for-an-instance) level.
 To detect the licenses in use, License Compliance relies on running the
 [Dependency Scanning CI Jobs](../../application_security/dependency_scanning/index.md),
 and analyzing the [CycloneDX](https://cyclonedx.org/) Software Bill of Materials (SBOM) generated by those jobs.
-Other 3rd party scanners may also be used as long as they produce a CycloneDX file with a list of dependencies for [one of our supported languages](#supported-languages-and-package-managers).
-This method of scanning is also capable of parsing and identifying over 500 different types of licenses, as defined in [the SPDX list](https://spdx.org/licenses/).
-Licenses not in the SPDX list are reported as "Unknown".
+This method of scanning is capable of parsing and identifying over 500 different types of licenses, as defined in [the SPDX list](https://spdx.org/licenses/).
+Third-party scanners may be used to generate the list of dependencies, as long as they produce a CycloneDX report artifact for [one of our supported languages](#supported-languages-and-package-managers) and follow the [GitLab CycloneDX property taxonomy](../../../development/sec/cyclonedx_property_taxonomy.md). Note that it is not yet possible to use a CI report artifact as a source of data for license information, and licenses that are not in the SPDX list are reported as "Unknown".
+The ability to provide other licenses is tracked in [epic 10861](https://gitlab.com/groups/gitlab-org/-/epics/10861).
+
+NOTE:
+The License Scanning feature relies on publicly available package metadata collected in an
+external database and synced with the GitLab instance automatically. This database is a multi-region Google Cloud Storage bucket hosted in the United States.
+The scan is executed exclusively within the GitLab instance.
+No contextual information (for example, a list of project dependencies) is sent to the external service.
 
 ## Configuration
 
@@ -122,12 +128,8 @@ The supported files and versions are the ones supported by
 
 ## License expressions
 
-GitLab has limited support for [composite licenses](https://spdx.github.io/spdx-spec/v2-draft/SPDX-license-expressions/).
-License compliance can read multiple licenses, but always considers them combined using the `AND` operator. For example,
-if a dependency has two licenses, and one of them is allowed and the other is denied by the project [policy](../license_approval_policies.md),
-GitLab evaluates the composite license as _denied_, as this is the safer option.
-The ability to support other license expression operators (like `OR`, `WITH`) is tracked
-in [this epic](https://gitlab.com/groups/gitlab-org/-/epics/6571).
+The License Scanning of CycloneDX files does not support [composite licenses](https://spdx.github.io/spdx-spec/v2-draft/SPDX-license-expressions/).
+Adding this capability is tracked in issue [336878](https://gitlab.com/gitlab-org/gitlab/-/issues/336878).
 
 ## Blocking merge requests based on detected licenses
 

doc/user/emoji_reactions.md

@@ -48,8 +48,15 @@ To remove an emoji reaction, select the emoji again.
 > - [Introduced for GraphQL API](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37911) in GitLab 13.6 [with a flag](../administration/feature_flags.md) named `custom_emoji`. Disabled by default.
 > - Enabled on GitLab.com in GitLab 14.0.
 > - UI to add emoji [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/333095) in GitLab 16.2.
+> - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/138969) in GitLab 16.7.
+
+FLAG:
+On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](../administration/feature_flags.md) named `custom_emoji`.
+On GitLab.com, this feature is available.
+This feature is ready for production use.
 
 Custom emoji show in the emoji picker everywhere you can react with emoji.
+
 To add an emoji reaction to a comment or description:
 
 1. Select **Add reaction** (**{slight-smile}**).
@@ -66,3 +73,23 @@ For more information, see [Use custom emoji with GraphQL](../api/graphql/custom_
 
 For a list of custom emoji available for GitLab.com, see
 [the `custom_emoji` project](https://gitlab.com/custom_emoji/custom_emoji/-/tree/main/img).
+
+### Upload custom emoji to a group
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/128355) in GitLab 16.5.
+
+Upload your custom emoji to a group to use them in all its subgroups and projects.
+
+Prerequisites:
+
+- You must at least have the developer role for the group.
+
+To upload custom emoji:
+
+1. On a description or a comment, select **Add reaction** (**{slight-smile}**).
+1. At the bottom of the emoji picker, select **Create new emoji**.
+1. Enter a name and URL for the custom emoji.
+1. Select **Save**.
+
+You can also upload custom emoji to a GitLab instance with the GraphQL API.
+For more information, see [Use custom emoji with GraphQL](../api/graphql/custom_emoji.md).

lib/gitlab/database/postgres_index.rb

@@ -23,7 +23,7 @@ module Gitlab
 
       # Indexes with reindexing support
       scope :reindexing_support, -> do
-        where(partitioned: false, exclusion: false, expression: false, type: Gitlab::Database::Reindexing::SUPPORTED_TYPES)
+        where(exclusion: false, expression: false, type: Gitlab::Database::Reindexing::SUPPORTED_TYPES)
           .not_match("#{Gitlab::Database::Reindexing::ReindexConcurrently::TEMPORARY_INDEX_PATTERN}$")
       end
 

locale/gitlab.pot

@@ -923,10 +923,10 @@ msgstr ""
 msgid "%{linkStart}%{linkEnd} review summary"
 msgstr ""
 
-msgid "%{linkStart}Advanced search%{linkEnd} is enabled."
+msgid "%{linkStart}Advanced search%{linkEnd} is disabled since %{ref_elem} is not the default branch. %{docs_link}"
 msgstr ""
 
-msgid "%{linkStart}Exact code search (powered by Zoekt)%{linkEnd} is disabled since %{ref_elem} is not the default branch. %{docs_link}"
+msgid "%{linkStart}Advanced search%{linkEnd} is enabled."
 msgstr ""
 
 msgid "%{listToShow}, and %{awardsListLength} more"

qa/qa/specs/features/browser_ui/3_create/repository/push_over_ssh_spec.rb

@@ -27,8 +27,7 @@ module QA
       end
 
       it 'pushes code to the repository via SSH', :smoke, :skip_fips_env,
-        testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347825',
-        except: { job: 'review-qa-*' } do
+        testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347825' do
         Resource::Repository::ProjectPush.fabricate! do |push|
           push.project = project
           push.ssh_key = @key
@@ -44,8 +43,7 @@ module QA
       end
 
       it 'pushes multiple branches and tags together', :smoke, :skip_fips_env,
-        testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347826',
-        except: { job: 'review-qa-*' } do
+        testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347826' do
         branches = []
         tags = []
         Git::Repository.perform do |repository|

spec/frontend/search/topbar/components/app_spec.js

@@ -108,15 +108,15 @@ describe('GlobalSearchTopbar', () => {
     });
 
     describe.each`
-      state                                                              | defaultBranchName | hasSyntaxOptions
-      ${{ query: { repository_ref: '' }, searchType: 'basic' }}          | ${'master'}       | ${false}
-      ${{ query: { repository_ref: 'v0.1' }, searchType: 'basic' }}      | ${''}             | ${false}
-      ${{ query: { repository_ref: 'master' }, searchType: 'basic' }}    | ${'master'}       | ${false}
-      ${{ query: { repository_ref: 'master' }, searchType: 'advanced' }} | ${''}             | ${false}
-      ${{ query: { repository_ref: '' }, searchType: 'advanced' }}       | ${'master'}       | ${true}
-      ${{ query: { repository_ref: 'v0.1' }, searchType: 'advanced' }}   | ${''}             | ${false}
-      ${{ query: { repository_ref: 'master' }, searchType: 'advanced' }} | ${'master'}       | ${true}
-      ${{ query: { repository_ref: 'master' }, searchType: 'zoekt' }}    | ${'master'}       | ${true}
+      state                                                                                                                   | hasSyntaxOptions
+      ${{ query: { repository_ref: '' }, searchType: 'basic', searchLevel: 'project', defaultBranchName: 'master' }}          | ${false}
+      ${{ query: { repository_ref: 'v0.1' }, searchType: 'basic', searchLevel: 'project', defaultBranchName: '' }}            | ${false}
+      ${{ query: { repository_ref: 'master' }, searchType: 'basic', searchLevel: 'project', defaultBranchName: 'master' }}    | ${false}
+      ${{ query: { repository_ref: 'master' }, searchType: 'advanced', searchLevel: 'project', defaultBranchName: '' }}       | ${false}
+      ${{ query: { repository_ref: '' }, searchType: 'advanced', searchLevel: 'project', defaultBranchName: 'master' }}       | ${true}
+      ${{ query: { repository_ref: 'v0.1' }, searchType: 'advanced', searchLevel: 'project', defaultBranchName: '' }}         | ${false}
+      ${{ query: { repository_ref: 'master' }, searchType: 'advanced', searchLevel: 'project', defaultBranchName: 'master' }} | ${true}
+      ${{ query: { repository_ref: 'master' }, searchType: 'zoekt', searchLevel: 'project', defaultBranchName: 'master' }}    | ${true}
     `(
       `the syntax option based on component state`,
       ({ state, defaultBranchName, hasSyntaxOptions }) => {

spec/frontend/search/topbar/components/search_type_indicator_spec.js

@@ -17,7 +17,7 @@ describe('SearchTypeIndicator', () => {
     preloadStoredFrequentItems: jest.fn(),
   };
 
-  const createComponent = (initialState = {}, defaultBranchName = '') => {
+  const createComponent = (initialState = {}) => {
     const store = new Vuex.Store({
       state: {
         query: MOCK_QUERY,
@@ -28,7 +28,6 @@ describe('SearchTypeIndicator', () => {
 
     wrapper = shallowMountExtended(SearchTypeIndicator, {
       store,
-      propsData: { defaultBranchName },
       stubs: {
         GlSprintf,
       },
@@ -39,19 +38,26 @@ describe('SearchTypeIndicator', () => {
   const findDocsLink = () => wrapper.findComponentByTestId('docs-link');
   const findSyntaxDocsLink = () => wrapper.findComponentByTestId('syntax-docs-link');
 
+  // searchType and search level params cobination in this test reflects
+  // all possible combinations
+
   describe.each`
-    searchType    | repository  | showSearchTypeIndicator
-    ${'advanced'} | ${'master'} | ${'advanced-enabled'}
-    ${'advanced'} | ${'v0.1'}   | ${'advanced-disabled'}
-    ${'zoekt'}    | ${'master'} | ${'zoekt-enabled'}
-    ${'zoekt'}    | ${'v0.1'}   | ${'zoekt-disabled'}
+    searchType    | searchLevel  | repository  | showSearchTypeIndicator
+    ${'advanced'} | ${'project'} | ${'master'} | ${'advanced-enabled'}
+    ${'advanced'} | ${'project'} | ${'v0.1'}   | ${'advanced-disabled'}
+    ${'advanced'} | ${'group'}   | ${'master'} | ${'advanced-enabled'}
+    ${'advanced'} | ${'global'}  | ${'master'} | ${'advanced-enabled'}
+    ${'zoekt'}    | ${'project'} | ${'master'} | ${'zoekt-enabled'}
+    ${'zoekt'}    | ${'project'} | ${'v0.1'}   | ${'zoekt-disabled'}
+    ${'zoekt'}    | ${'group'}   | ${'master'} | ${'zoekt-enabled'}
   `(
-    'search type indicator for $searchType',
-    ({ searchType, repository, showSearchTypeIndicator }) => {
+    'search type indicator for $searchType $searchLevel',
+    ({ searchType, repository, showSearchTypeIndicator, searchLevel }) => {
       beforeEach(() => {
         createComponent({
           query: { repository_ref: repository },
           searchType,
+          searchLevel,
           defaultBranchName: 'master',
         });
       });
@@ -93,6 +99,7 @@ describe('SearchTypeIndicator', () => {
       createComponent({
         query: { repository_ref: 'master' },
         searchType,
+        searchLevel: 'project',
         defaultBranchName: 'master',
       });
     });
@@ -110,6 +117,7 @@ describe('SearchTypeIndicator', () => {
       createComponent({
         query: { repository_ref: '000' },
         searchType,
+        searchLevel: 'project',
         defaultBranchName: 'master',
       });
     });

spec/lib/gitlab/database/postgres_index_spec.rb

@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-RSpec.describe Gitlab::Database::PostgresIndex do
+RSpec.describe Gitlab::Database::PostgresIndex, feature_category: :database do
   let(:schema) { 'public' }
   let(:name) { 'foo_idx' }
   let(:identifier) { "#{schema}.#{name}" }
@@ -13,6 +13,9 @@ RSpec.describe Gitlab::Database::PostgresIndex do
       CREATE UNIQUE INDEX bar_key ON public.users (id);
 
       CREATE TABLE _test_gitlab_main_example_table (id serial primary key);
+
+      CREATE TABLE _test_partitioned (id bigserial primary key not null) PARTITION BY LIST (id);
+      CREATE TABLE _test_partitioned_1 PARTITION OF _test_partitioned FOR VALUES IN (1);
     SQL
   end
 
@@ -25,8 +28,8 @@ RSpec.describe Gitlab::Database::PostgresIndex do
   it { is_expected.to be_a Gitlab::Database::SharedModel }
 
   describe '.reindexing_support' do
-    it 'only non partitioned indexes' do
-      expect(described_class.reindexing_support).to all(have_attributes(partitioned: false))
+    it 'includes partitioned indexes' do
+      expect(described_class.reindexing_support.where("name = '_test_partitioned_1_pkey'")).not_to be_empty
     end
 
     it 'only indexes that dont serve an exclusion constraint' do

spec/support/rspec_run_time.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require 'os'
 require 'yaml'
 require 'rspec/core/formatters/base_formatter'
 require_relative '../../tooling/lib/tooling/helpers/duration_formatter'
@@ -84,11 +85,19 @@ module Support
 
         # skip the output unless the duration increased by at least 1 second
         unless @last_elapsed_seconds.nil? || elapsed_seconds - @last_elapsed_seconds < 1
-          output.puts "# [RSpecRunTime] RSpec elapsed time: #{readable_duration(elapsed_seconds)}.\n\n"
+          output.puts \
+            "# [RSpecRunTime] RSpec elapsed time: #{readable_duration(elapsed_seconds)}. " \
+            "#{current_rss_in_megabytes}\n\n"
         end
 
         @last_elapsed_seconds = elapsed_seconds
       end
+
+      def current_rss_in_megabytes
+        rss_in_megabytes = OS.rss_bytes / 1024 / 1024
+
+        "Current RSS: ~#{rss_in_megabytes.round}M"
+      end
     end
   end
 end