root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2024-11-11 12:13:10 +00:00
parent 4f58fd4dd8
commit 0d8f91280e
71 changed files with 277 additions and 286 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
.rubocop_todo/gitlab/bounded_contexts.yml
View File

@ -3620,31 +3620,7 @@ Gitlab/BoundedContexts:
- 'ee/lib/arkose/data_exchange_payload.rb'
- 'ee/lib/arkose/logger.rb'
- 'ee/lib/arkose/verify_response.rb'
- 'ee/lib/audit/application_setting_changes_auditor.rb'
- 'ee/lib/audit/base_changes_auditor.rb'
- 'ee/lib/audit/changes.rb'
- 'ee/lib/audit/ci/artifact_download_auditor.rb'
- 'ee/lib/audit/compliance_framework_changes_auditor.rb'
- 'ee/lib/audit/details.rb'
- 'ee/lib/audit/external_status_check_changes_auditor.rb'
- 'ee/lib/audit/group_changes_auditor.rb'
- 'ee/lib/audit/group_merge_request_approval_setting_changes_auditor.rb'
- 'ee/lib/audit/merge_request_before_destroy_auditor.rb'
- 'ee/lib/audit/merge_request_destroy_auditor.rb'
- 'ee/lib/audit/namespace_setting_changes_auditor.rb'
- 'ee/lib/audit/project_changes_auditor.rb'
- 'ee/lib/audit/project_ci_cd_setting_changes_auditor.rb'
- 'ee/lib/audit/project_feature_changes_auditor.rb'
- 'ee/lib/audit/project_security_setting_changes_auditor.rb'
- 'ee/lib/audit/project_setting_changes_auditor.rb'
- 'ee/lib/audit/protected_branches_changes_auditor.rb'
- 'ee/lib/audit/protected_environment_authorization_rule_changes_auditor.rb'
- 'ee/lib/audit/push_rules/base_push_rules_changes_auditor.rb'
- 'ee/lib/audit/push_rules/group_push_rules_changes_auditor.rb'
- 'ee/lib/audit/push_rules/project_push_rules_changes_auditor.rb'
- 'ee/lib/audit/unauthenticated_security_event_auditor.rb'
- 'ee/lib/audit/user_password_reset_auditor.rb'
- 'ee/lib/audit/user_setting_changes_auditor.rb'
- 'ee/lib/bulk_imports/epic_object_creator.rb'
- 'ee/lib/bulk_imports/groups/graphql/get_iterations_query.rb'
- 'ee/lib/bulk_imports/groups/pipelines/epics_pipeline.rb'

1
.rubocop_todo/layout/line_continuation_spacing.yml
View File

@ -58,7 +58,6 @@ Layout/LineContinuationSpacing:
- 'ee/spec/graphql/mutations/requirements_management/export_requirements_spec.rb'
- 'ee/spec/helpers/ee/labels_helper_spec.rb'
- 'ee/spec/helpers/push_rules_helper_spec.rb'
- 'ee/spec/lib/audit/group_merge_request_approval_setting_changes_auditor_spec.rb'
- 'ee/spec/lib/ee/gitlab/ci/pipeline/quota/size_spec.rb'
- 'ee/spec/lib/gitlab/ci/pipeline/chain/limit/size_spec.rb'
- 'ee/spec/lib/gitlab/git_access_spec.rb'

6
.rubocop_todo/layout/line_end_string_concatenation_indentation.yml
View File

@ -172,8 +172,6 @@ Layout/LineEndStringConcatenationIndentation:
- 'ee/lib/api/iterations.rb'
- 'ee/lib/api/protected_environments.rb'
- 'ee/lib/api/vulnerability_findings.rb'
- 'ee/lib/audit/merge_request_before_destroy_auditor.rb'
- 'ee/lib/audit/protected_environment_authorization_rule_changes_auditor.rb'
- 'ee/lib/ee/api/features.rb'
- 'ee/lib/ee/api/helpers/groups_helpers.rb'
- 'ee/lib/ee/gitlab/auth/ldap/access.rb'
@ -225,14 +223,12 @@ Layout/LineEndStringConcatenationIndentation:
- 'ee/spec/helpers/ee/profiles_helper_spec.rb'
- 'ee/spec/helpers/routing/pseudonymization_helper_spec.rb'
- 'ee/spec/helpers/users/identity_verification_helper_spec.rb'
- 'ee/spec/lib/audit/merge_request_before_destroy_auditor_spec.rb'
- 'ee/spec/lib/audit/merge_request_destroy_auditor_spec.rb'
- 'ee/spec/lib/audit/protected_environment_authorization_rule_changes_auditor_spec.rb'
- 'ee/spec/lib/banzai/filter/issuable_reference_expansion_filter_spec.rb'
- 'ee/spec/lib/ee/gitlab/ci/parsers/security/validators/schema_validator_spec.rb'
- 'ee/spec/lib/ee/gitlab/ci/pipeline/quota/size_spec.rb'
- 'ee/spec/lib/ee/gitlab/ci/status/build/manual_spec.rb'
- 'ee/spec/lib/ee/gitlab/namespace_storage_size_error_message_spec.rb'
- 'ee/spec/lib/environments/protected_environment_authorization_rule_changes_auditor_spec.rb'
- 'ee/spec/lib/gitlab/ci/config/entry/secret_spec.rb'
- 'ee/spec/lib/gitlab/ci/pipeline/chain/limit/size_spec.rb'
- 'ee/spec/lib/gitlab/ci/yaml_processor_spec.rb'

2
.rubocop_todo/rspec/before_all_role_assignment.yml
View File

@ -262,7 +262,6 @@ RSpec/BeforeAllRoleAssignment:
- 'ee/spec/helpers/tree_helper_spec.rb'
- 'ee/spec/helpers/vulnerabilities_helper_spec.rb'
- 'ee/spec/lib/analytics/group_activity_calculator_spec.rb'
- 'ee/spec/lib/audit/project_feature_changes_auditor_spec.rb'
- 'ee/spec/lib/bulk_imports/common/pipelines/boards_pipeline_spec.rb'
- 'ee/spec/lib/bulk_imports/groups/pipelines/epics_pipeline_spec.rb'
- 'ee/spec/lib/bulk_imports/groups/pipelines/iterations_pipeline_spec.rb'
@ -281,6 +280,7 @@ RSpec/BeforeAllRoleAssignment:
- 'ee/spec/lib/gitlab/llm/chain/tools/gitlab_documentation/executor_spec.rb'
- 'ee/spec/lib/gitlab/quick_actions/users_extractor_spec.rb'
- 'ee/spec/lib/gitlab/reference_extractor_spec.rb'
- 'ee/spec/lib/projects/project_feature_changes_auditor_spec.rb'
- 'ee/spec/models/analytics/cycle_analytics/group_level_spec.rb'
- 'ee/spec/models/dast/profile_schedule_spec.rb'
- 'ee/spec/models/ee/award_emoji_spec.rb'

3
.rubocop_todo/rspec/change_by_zero.yml
View File

@ -1,13 +1,12 @@
---
# Cop supports --autocorrect.
RSpec/ChangeByZero:
Details: grace period
Exclude:
- 'ee/spec/controllers/groups/todos_controller_spec.rb'
- 'ee/spec/lib/audit/external_status_check_changes_auditor_spec.rb'
- 'ee/spec/lib/ee/gitlab/background_migration/migrate_vulnerabilities_feedback_to_vulnerabilities_state_transition_spec.rb'
- 'ee/spec/lib/ee/gitlab/scim/group/deprovisioning_service_spec.rb'
- 'ee/spec/lib/gitlab/background_migration/create_vulnerability_links_spec.rb'
- 'ee/spec/lib/merge_requests/external_status_check_changes_auditor_spec.rb'
- 'ee/spec/models/ee/project_member_spec.rb'
- 'ee/spec/models/search/zoekt/repository_spec.rb'
- 'ee/spec/requests/api/admin/search/zoekt_spec.rb'

11
.rubocop_todo/rspec/expect_change.yml
View File

@ -4,13 +4,6 @@ RSpec/ExpectChange:
Exclude:
- 'ee/spec/graphql/mutations/boards/update_spec.rb'
- 'ee/spec/graphql/mutations/incident_management/issuable_resource_link/create_spec.rb'
- 'ee/spec/lib/audit/compliance_framework_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/group_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/project_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/project_ci_cd_setting_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/project_feature_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/project_setting_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/protected_branches_changes_auditor_spec.rb'
- 'ee/spec/lib/bulk_imports/common/pipelines/boards_pipeline_spec.rb'
- 'ee/spec/lib/bulk_imports/groups/pipelines/iterations_cadences_pipeline_spec.rb'
- 'ee/spec/lib/bulk_imports/groups/pipelines/iterations_pipeline_spec.rb'
@ -22,7 +15,11 @@ RSpec/ExpectChange:
- 'ee/spec/lib/gitlab/compliance_management/violations/approved_by_merge_request_author_spec.rb'
- 'ee/spec/lib/gitlab/instrumentation/elasticsearch_transport_spec.rb'
- 'ee/spec/lib/gitlab/legacy_github_import/project_creator_spec.rb'
- 'ee/spec/lib/projects/project_changes_auditor_spec.rb'
- 'ee/spec/lib/projects/project_feature_changes_auditor_spec.rb'
- 'ee/spec/lib/projects/project_setting_changes_auditor_spec.rb'
- 'ee/spec/lib/quality/seeders/vulnerabilities_spec.rb'
- 'ee/spec/lib/repositories/protected_branches_changes_auditor_spec.rb'
- 'ee/spec/mailers/license_mailer_spec.rb'
- 'ee/spec/models/ee/ci/pending_build_spec.rb'
- 'ee/spec/models/ee/group_spec.rb'

4
.rubocop_todo/rspec/feature_category.yml
View File

@ -420,10 +420,6 @@ RSpec/FeatureCategory:
- 'ee/spec/lib/api/entities/protected_environments/approval_rule_for_summary_spec.rb'
- 'ee/spec/lib/api/entities/protected_environments/approval_rule_spec.rb'
- 'ee/spec/lib/api/entities/protected_environments/deploy_access_level_spec.rb'
- 'ee/spec/lib/audit/base_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/compliance_framework_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/external_status_check_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/group_changes_auditor_spec.rb'
- 'ee/spec/lib/banzai/filter/cross_project_issuable_information_filter_spec.rb'
- 'ee/spec/lib/banzai/filter/jira_private_image_link_filter_spec.rb'
- 'ee/spec/lib/banzai/filter/references/iteration_reference_filter_spec.rb'

16
.rubocop_todo/rspec/named_subject.yml
View File

@ -226,15 +226,7 @@ RSpec/NamedSubject:
- 'ee/spec/lib/api/entities/protected_environments/approval_rule_for_summary_spec.rb'
- 'ee/spec/lib/api/entities/protected_environments/approval_rule_spec.rb'
- 'ee/spec/lib/api/entities/protected_environments/deploy_access_level_spec.rb'
- 'ee/spec/lib/audit/base_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/compliance_framework_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/group_merge_request_approval_setting_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/merge_request_before_destroy_auditor_spec.rb'
- 'ee/spec/lib/audit/merge_request_destroy_auditor_spec.rb'
- 'ee/spec/lib/audit/project_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/protected_environment_authorization_rule_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/push_rules/group_push_rules_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/push_rules/project_push_rules_changes_auditor_spec.rb'
- 'ee/spec/lib/audit_events/base_changes_auditor_spec.rb'
- 'ee/spec/lib/audit_events/external_destination_streamer_spec.rb'
- 'ee/spec/lib/audit_events/strategies/amazon_s3_destination_strategy_spec.rb'
- 'ee/spec/lib/audit_events/strategies/external_destination_strategy_spec.rb'
@ -317,6 +309,7 @@ RSpec/NamedSubject:
- 'ee/spec/lib/elastic/latest/wiki_instance_proxy_spec.rb'
- 'ee/spec/lib/elastic/multi_version_class_proxy_spec.rb'
- 'ee/spec/lib/elastic/multi_version_instance_proxy_spec.rb'
- 'ee/spec/lib/environments/protected_environment_authorization_rule_changes_auditor_spec.rb'
- 'ee/spec/lib/gitlab/analytics/cycle_analytics/distinct_stage_loader_spec.rb'
- 'ee/spec/lib/gitlab/analytics/cycle_analytics/request_params_spec.rb'
- 'ee/spec/lib/gitlab/analytics/cycle_analytics/summary/change_failure_rate_spec.rb'
@ -458,8 +451,13 @@ RSpec/NamedSubject:
- 'ee/spec/lib/gitlab/usage_data_metrics_spec.rb'
- 'ee/spec/lib/gitlab/vulnerability_scanning/track_cvs_service_spec.rb'
- 'ee/spec/lib/gitlab_subscriptions/upcoming_reconciliation_entity_spec.rb'
- 'ee/spec/lib/merge_requests/group_merge_request_approval_setting_changes_auditor_spec.rb'
- 'ee/spec/lib/merge_requests/merge_request_before_destroy_auditor_spec.rb'
- 'ee/spec/lib/merge_requests/merge_request_destroy_auditor_spec.rb'
- 'ee/spec/lib/omni_auth/strategies/kerberos_spec.rb'
- 'ee/spec/lib/product_analytics/settings_spec.rb'
- 'ee/spec/lib/projects/project_changes_auditor_spec.rb'
- 'ee/spec/lib/repositories/project_push_rules_changes_auditor_spec.rb'
- 'ee/spec/lib/sidebars/groups/menus/epics_menu_spec.rb'
- 'ee/spec/lib/sidebars/groups/menus/security_compliance_menu_spec.rb'
- 'ee/spec/lib/sidebars/projects/menus/learn_gitlab_menu_spec.rb'

2
.rubocop_todo/rspec/scattered_let.yml
View File

@ -8,7 +8,6 @@ RSpec/ScatteredLet:
- 'ee/spec/graphql/types/vulnerability_request_type_spec.rb'
- 'ee/spec/graphql/types/vulnerability_response_type_spec.rb'
- 'ee/spec/helpers/ee/subscribable_banner_helper_spec.rb'
- 'ee/spec/lib/audit/external_status_check_changes_auditor_spec.rb'
- 'ee/spec/lib/ee/api/helpers/members_helpers_spec.rb'
- 'ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb'
- 'ee/spec/lib/gitlab/code_owners/loader_spec.rb'
@ -17,6 +16,7 @@ RSpec/ScatteredLet:
- 'ee/spec/lib/gitlab/insights/reducers/label_count_per_period_reducer_spec.rb'
- 'ee/spec/lib/gitlab/usage/metrics/instrumentations/approval_project_rules_with_user_metric_spec.rb'
- 'ee/spec/lib/gitlab/usage_data_metrics_spec.rb'
- 'ee/spec/lib/merge_requests/external_status_check_changes_auditor_spec.rb'
- 'ee/spec/models/approval_wrapped_any_approver_rule_spec.rb'
- 'ee/spec/models/dast_site_validation_spec.rb'
- 'ee/spec/models/ee/ci/build_dependencies_spec.rb'

6
.rubocop_todo/rspec/subject_declaration.yml
View File

@ -1,18 +1,16 @@
---
RSpec/SubjectDeclaration:
Details: grace period
Exclude:
- 'ee/spec/finders/app_sec/fuzzing/coverage/corpuses_finder_spec.rb'
- 'ee/spec/helpers/ee/lock_helper_spec.rb'
- 'ee/spec/helpers/nav/new_dropdown_helper_spec.rb'
- 'ee/spec/helpers/users/group_callouts_helper_spec.rb'
- 'ee/spec/lib/audit/compliance_framework_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/external_status_check_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/group_merge_request_approval_setting_changes_auditor_spec.rb'
- 'ee/spec/lib/ee/api/helpers/notes_helpers_spec.rb'
- 'ee/spec/lib/gitlab/expiring_subscription_message_spec.rb'
- 'ee/spec/lib/gitlab/geo/geo_node_status_check_spec.rb'
- 'ee/spec/lib/gitlab/llm/concerns/exponential_backoff_spec.rb'
- 'ee/spec/lib/merge_requests/external_status_check_changes_auditor_spec.rb'
- 'ee/spec/lib/merge_requests/group_merge_request_approval_setting_changes_auditor_spec.rb'
- 'ee/spec/models/ee/event_collection_spec.rb'
- 'ee/spec/models/ee/group_spec.rb'
- 'ee/spec/models/integrations/github/status_message_spec.rb'

6
.rubocop_todo/style/inline_disable_annotation.yml
View File

@ -1492,7 +1492,7 @@ Style/InlineDisableAnnotation:
- 'ee/lib/api/ldap_group_links.rb'
- 'ee/lib/api/license.rb'
- 'ee/lib/api/saml_group_links.rb'
- 'ee/lib/audit/changes.rb'
- 'ee/lib/audit_events/changes.rb'
- 'ee/lib/banzai/filter/references/iteration_reference_filter.rb'
- 'ee/lib/ee/api/entities/experiment.rb'
- 'ee/lib/ee/api/group_boards.rb'
@ -1603,8 +1603,6 @@ Style/InlineDisableAnnotation:
- 'ee/spec/helpers/analytics/analytics_dashboards_helper_spec.rb'
- 'ee/spec/helpers/ee/dashboard_helper_spec.rb'
- 'ee/spec/initializers/fog_google_https_private_urls_spec.rb'
- 'ee/spec/lib/audit/push_rules/group_push_rules_changes_auditor_spec.rb'
- 'ee/spec/lib/audit/push_rules/project_push_rules_changes_auditor_spec.rb'
- 'ee/spec/lib/ee/gitlab/background_migration/backfill_iteration_cadence_id_for_boards_spec.rb'
- 'ee/spec/lib/ee/gitlab/background_migration/delete_invalid_epic_issues_spec.rb'
- 'ee/spec/lib/ee/gitlab/background_migration/migrate_approver_to_approval_rules_in_batch_spec.rb'
@ -1629,6 +1627,8 @@ Style/InlineDisableAnnotation:
- 'ee/spec/lib/gitlab/usage/metrics/instrumentations/count_secure_pipelines_metric_spec.rb'
- 'ee/spec/lib/gitlab/usage/metrics/instrumentations/count_security_scans_metric_spec.rb'
- 'ee/spec/lib/gitlab/usage/metrics/instrumentations/protected_environment_approval_rules_required_approvals_average_metric_spec.rb'
- 'ee/spec/lib/repositories/group_push_rules_changes_auditor_spec.rb'
- 'ee/spec/lib/repositories/project_push_rules_changes_auditor_spec.rb'
- 'ee/spec/mailers/emails/enterprise_users_spec.rb'
- 'ee/spec/mailers/emails/merge_requests_spec.rb'
- 'ee/spec/mailers/emails/okr_spec.rb'

28
Gemfile.checksum
View File

@ -389,7 +389,7 @@
{"name":"mini_histogram","version":"0.3.1","platform":"ruby","checksum":"6a114b504e4618b0e076cc672996036870f7cc6f16b8e5c25c0c637726d2dd94"},
{"name":"mini_magick","version":"4.12.0","platform":"ruby","checksum":"67302fa84e63f1002b71416a8466968ed0f33d22f5d42962a0c09a9f1c3a906a"},
{"name":"mini_mime","version":"1.1.2","platform":"ruby","checksum":"a54aec0cc7438a03a850adb00daca2bdb60747f839e28186994df057cea87151"},
{"name":"mini_portile2","version":"2.8.5","platform":"ruby","checksum":"7a37db8ae758086c3c3ac3a59c036704d331e965d5e106635e4a42d6e66089ce"},
{"name":"mini_portile2","version":"2.8.7","platform":"ruby","checksum":"13eef5ab459bbfd33d61e539564ec25a9c2cf593b0a5ea6d4d7ef8c19b162ee0"},
{"name":"minitest","version":"5.11.3","platform":"ruby","checksum":"78e18aa2c49c58e9bc53c54a0b900e87ad0a96394e92fbbfa58d3ff860a68f45"},
{"name":"mixlib-cli","version":"2.1.8","platform":"ruby","checksum":"e6f27be34d580f6ed71731ca46b967e57793a627131c1f6e1ed2dad39ea3bdf9"},
{"name":"mixlib-config","version":"3.0.27","platform":"ruby","checksum":"d7748b1898e4f16502afec1de00b5ad65c6de405114b1b0c65ec61b1a9100148"},
@ -423,17 +423,17 @@
{"name":"nio4r","version":"2.7.0","platform":"java","checksum":"3f2e515e928ceeef7668e1f64fc3bfef1417a5ec0908d8e69f2c6d486284e04d"},
{"name":"nio4r","version":"2.7.0","platform":"ruby","checksum":"9586a685eca8246d6406e712a525e705d15bb88f709d78fc3f141e864df97276"},
{"name":"no_proxy_fix","version":"0.1.2","platform":"ruby","checksum":"4e9b4c31bb146de7fcf347dc1087bb13ac2039b56d50aa019e61036256abcd00"},
{"name":"nokogiri","version":"1.16.0","platform":"aarch64-linux","checksum":"8cd981dfd4bea4f519ceebb885cf3b422b71c059d841c039d327e73b19247f53"},
{"name":"nokogiri","version":"1.16.0","platform":"arm-linux","checksum":"c68d861155c40777eee3eb4efbb375d665c8c889cebd5cd1ba32f30a8aac6c21"},
{"name":"nokogiri","version":"1.16.0","platform":"arm64-darwin","checksum":"10c08f246085709790ea628b5fa031cf23dadd843e173711b335ba6287b59d0a"},
{"name":"nokogiri","version":"1.16.0","platform":"java","checksum":"f76f2dc353993862d07eccfc5561e373e8058d62e265bae9bcf4f4793c35c9e2"},
{"name":"nokogiri","version":"1.16.0","platform":"ruby","checksum":"341388184e975d091e6e38ce3f3b3388bfb7e4ac3d790efd8e39124844040bd1"},
{"name":"nokogiri","version":"1.16.0","platform":"x64-mingw-ucrt","checksum":"5c59792f7f5f8a76e17a87b89b9057544853a6f713b692a75b7f8895a854b74f"},
{"name":"nokogiri","version":"1.16.0","platform":"x64-mingw32","checksum":"286950458a58bdf09bb3a800ac16f0aa361aa9a6c9a63bcd71e98e3c34d314a8"},
{"name":"nokogiri","version":"1.16.0","platform":"x86-linux","checksum":"159107da8a35f1fc22ee5b78d70da9bda4098a3771a29beac3f727cafd5041cb"},
{"name":"nokogiri","version":"1.16.0","platform":"x86-mingw32","checksum":"27d3d96f53b3fa1da9c4d9d69fffadc34abf7350a8e22be61a7483f15f065438"},
{"name":"nokogiri","version":"1.16.0","platform":"x86_64-darwin","checksum":"237aa89b9ef6b8e014f197167677926ebc4bdb9cafb2b101399d8001fda4fa43"},
{"name":"nokogiri","version":"1.16.0","platform":"x86_64-linux","checksum":"6f55093bb47e75d412138f4b9462f960d3aad96cb6b43dbe9a3de62c2d31a742"},
{"name":"nokogiri","version":"1.16.7","platform":"aarch64-linux","checksum":"78778d35f165b59513be31c0fe232c63a82cf97626ffba695b5f822e5da1d74b"},
{"name":"nokogiri","version":"1.16.7","platform":"arm-linux","checksum":"c84cdb9e3aa44c35bbb981b20175838c4b2066c26c5cb118f31f177168a42fc3"},
{"name":"nokogiri","version":"1.16.7","platform":"arm64-darwin","checksum":"276dcea1b988a5b22b5acc1ba901d24b8e908c40b71dccd5d54a2ae279480dad"},
{"name":"nokogiri","version":"1.16.7","platform":"java","checksum":"044c45ca46abc2b6135a85ab39a546ff2f0434d43142bc59b83e5b1068876a42"},
{"name":"nokogiri","version":"1.16.7","platform":"ruby","checksum":"f819cbfdfb0a7b19c9c52c6f2ca63df0e58a6125f4f139707b586b9511d7fe95"},
{"name":"nokogiri","version":"1.16.7","platform":"x64-mingw-ucrt","checksum":"01ed785392f9cbdfd45e0e5ef6ad6d2c80a6128672589448f18952168bd68e56"},
{"name":"nokogiri","version":"1.16.7","platform":"x64-mingw32","checksum":"d8fd5c675743b85354c9098117bfa9e703c7cacab8c33e5190104ea8218ad1ec"},
{"name":"nokogiri","version":"1.16.7","platform":"x86-linux","checksum":"dddbf1c1ef99ce9fab98302b14f8bacb703e6f16e89b99f05ecee8a1fca23664"},
{"name":"nokogiri","version":"1.16.7","platform":"x86-mingw32","checksum":"b6517d995b024739cbb81251a26866d40e1ccb151936b5bb0977e7487f4e617c"},
{"name":"nokogiri","version":"1.16.7","platform":"x86_64-darwin","checksum":"630732b80fc572690eab50c73a1f18988f3ac401ed0b67ca9956ba2b1e2c3faa"},
{"name":"nokogiri","version":"1.16.7","platform":"x86_64-linux","checksum":"9e1e428641d5942af877c60b418c71163560e9feb4a5c4015f3230a8b86a40f6"},
{"name":"notiffany","version":"0.1.3","platform":"ruby","checksum":"d37669605b7f8dcb04e004e6373e2a780b98c776f8eb503ac9578557d7808738"},
{"name":"numerizer","version":"0.2.0","platform":"ruby","checksum":"e58076d5ee5370417b7e52d9cb25836d62acd1b8d9a194c308707986c1705d7b"},
{"name":"oauth","version":"0.5.6","platform":"ruby","checksum":"4085fe28e0c5e2434135e00a6555294fd2a4ff96a98d1bdecdcd619fc6368dff"},
@ -527,8 +527,8 @@
{"name":"puma","version":"6.4.3","platform":"ruby","checksum":"24a4645c006811d83f2480057d1f54a96e7627b6b90e1c99b260b9dc630eb43e"},
{"name":"pyu-ruby-sasl","version":"0.0.3.3","platform":"ruby","checksum":"5683a6bc5738db5a1bf5ceddeaf545405fb241b4184dd4f2587e679a7e9497e5"},
{"name":"raabro","version":"1.4.0","platform":"ruby","checksum":"d4fa9ff5172391edb92b242eed8be802d1934b1464061ae5e70d80962c5da882"},
{"name":"racc","version":"1.6.2","platform":"java","checksum":"0880781e7dfde09e665d0b6160b583e01ed52fcc2955d7891447d33c2d1d2cf1"},
{"name":"racc","version":"1.6.2","platform":"ruby","checksum":"58d26b3666382396fea84d33dc0639b7ee8d704156a52f8f22681f07b2f94f26"},
{"name":"racc","version":"1.8.1","platform":"java","checksum":"54f2e6d1e1b91c154013277d986f52a90e5ececbe91465d29172e49342732b98"},
{"name":"racc","version":"1.8.1","platform":"ruby","checksum":"4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f"},
{"name":"rack","version":"2.2.10","platform":"ruby","checksum":"e4a5ee3f8f2ba45614a4498114d6dc7da1c51a0f0dd810d891906ea71d3aa72b"},
{"name":"rack-accept","version":"0.4.5","platform":"ruby","checksum":"66247b5449db64ebb93ae2ec4af4764b87d1ae8a7463c7c68893ac13fa8d4da2"},
{"name":"rack-attack","version":"6.7.0","platform":"ruby","checksum":"3ca47e8f66cd33b2c96af53ea4754525cd928ed3fa8da10ee6dad0277791d77c"},

6
Gemfile.lock
View File

@ -1143,7 +1143,7 @@ GEM
mini_histogram (0.3.1)
mini_magick (4.12.0)
mini_mime (1.1.2)
mini_portile2 (2.8.5)
mini_portile2 (2.8.7)
minitest (5.11.3)
mixlib-cli (2.1.8)
mixlib-config (3.0.27)
@ -1186,7 +1186,7 @@ GEM
netrc (0.11.0)
nio4r (2.7.0)
no_proxy_fix (0.1.2)
nokogiri (1.16.0)
nokogiri (1.16.7)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
notiffany (0.1.3)
@ -1453,7 +1453,7 @@ GEM
nio4r (~> 2.0)
pyu-ruby-sasl (0.0.3.3)
raabro (1.4.0)
racc (1.6.2)
racc (1.8.1)
rack (2.2.10)
rack-accept (0.4.5)
rack (>= 0.4)

28
Gemfile.next.checksum
View File

@ -393,7 +393,7 @@
{"name":"mini_histogram","version":"0.3.1","platform":"ruby","checksum":"6a114b504e4618b0e076cc672996036870f7cc6f16b8e5c25c0c637726d2dd94"},
{"name":"mini_magick","version":"4.12.0","platform":"ruby","checksum":"67302fa84e63f1002b71416a8466968ed0f33d22f5d42962a0c09a9f1c3a906a"},
{"name":"mini_mime","version":"1.1.2","platform":"ruby","checksum":"a54aec0cc7438a03a850adb00daca2bdb60747f839e28186994df057cea87151"},
{"name":"mini_portile2","version":"2.8.5","platform":"ruby","checksum":"7a37db8ae758086c3c3ac3a59c036704d331e965d5e106635e4a42d6e66089ce"},
{"name":"mini_portile2","version":"2.8.7","platform":"ruby","checksum":"13eef5ab459bbfd33d61e539564ec25a9c2cf593b0a5ea6d4d7ef8c19b162ee0"},
{"name":"minitest","version":"5.11.3","platform":"ruby","checksum":"78e18aa2c49c58e9bc53c54a0b900e87ad0a96394e92fbbfa58d3ff860a68f45"},
{"name":"mixlib-cli","version":"2.1.8","platform":"ruby","checksum":"e6f27be34d580f6ed71731ca46b967e57793a627131c1f6e1ed2dad39ea3bdf9"},
{"name":"mixlib-config","version":"3.0.27","platform":"ruby","checksum":"d7748b1898e4f16502afec1de00b5ad65c6de405114b1b0c65ec61b1a9100148"},
@ -428,17 +428,17 @@
{"name":"nio4r","version":"2.7.0","platform":"java","checksum":"3f2e515e928ceeef7668e1f64fc3bfef1417a5ec0908d8e69f2c6d486284e04d"},
{"name":"nio4r","version":"2.7.0","platform":"ruby","checksum":"9586a685eca8246d6406e712a525e705d15bb88f709d78fc3f141e864df97276"},
{"name":"no_proxy_fix","version":"0.1.2","platform":"ruby","checksum":"4e9b4c31bb146de7fcf347dc1087bb13ac2039b56d50aa019e61036256abcd00"},
{"name":"nokogiri","version":"1.16.0","platform":"aarch64-linux","checksum":"8cd981dfd4bea4f519ceebb885cf3b422b71c059d841c039d327e73b19247f53"},
{"name":"nokogiri","version":"1.16.0","platform":"arm-linux","checksum":"c68d861155c40777eee3eb4efbb375d665c8c889cebd5cd1ba32f30a8aac6c21"},
{"name":"nokogiri","version":"1.16.0","platform":"arm64-darwin","checksum":"10c08f246085709790ea628b5fa031cf23dadd843e173711b335ba6287b59d0a"},
{"name":"nokogiri","version":"1.16.0","platform":"java","checksum":"f76f2dc353993862d07eccfc5561e373e8058d62e265bae9bcf4f4793c35c9e2"},
{"name":"nokogiri","version":"1.16.0","platform":"ruby","checksum":"341388184e975d091e6e38ce3f3b3388bfb7e4ac3d790efd8e39124844040bd1"},
{"name":"nokogiri","version":"1.16.0","platform":"x64-mingw-ucrt","checksum":"5c59792f7f5f8a76e17a87b89b9057544853a6f713b692a75b7f8895a854b74f"},
{"name":"nokogiri","version":"1.16.0","platform":"x64-mingw32","checksum":"286950458a58bdf09bb3a800ac16f0aa361aa9a6c9a63bcd71e98e3c34d314a8"},
{"name":"nokogiri","version":"1.16.0","platform":"x86-linux","checksum":"159107da8a35f1fc22ee5b78d70da9bda4098a3771a29beac3f727cafd5041cb"},
{"name":"nokogiri","version":"1.16.0","platform":"x86-mingw32","checksum":"27d3d96f53b3fa1da9c4d9d69fffadc34abf7350a8e22be61a7483f15f065438"},
{"name":"nokogiri","version":"1.16.0","platform":"x86_64-darwin","checksum":"237aa89b9ef6b8e014f197167677926ebc4bdb9cafb2b101399d8001fda4fa43"},
{"name":"nokogiri","version":"1.16.0","platform":"x86_64-linux","checksum":"6f55093bb47e75d412138f4b9462f960d3aad96cb6b43dbe9a3de62c2d31a742"},
{"name":"nokogiri","version":"1.16.7","platform":"aarch64-linux","checksum":"78778d35f165b59513be31c0fe232c63a82cf97626ffba695b5f822e5da1d74b"},
{"name":"nokogiri","version":"1.16.7","platform":"arm-linux","checksum":"c84cdb9e3aa44c35bbb981b20175838c4b2066c26c5cb118f31f177168a42fc3"},
{"name":"nokogiri","version":"1.16.7","platform":"arm64-darwin","checksum":"276dcea1b988a5b22b5acc1ba901d24b8e908c40b71dccd5d54a2ae279480dad"},
{"name":"nokogiri","version":"1.16.7","platform":"java","checksum":"044c45ca46abc2b6135a85ab39a546ff2f0434d43142bc59b83e5b1068876a42"},
{"name":"nokogiri","version":"1.16.7","platform":"ruby","checksum":"f819cbfdfb0a7b19c9c52c6f2ca63df0e58a6125f4f139707b586b9511d7fe95"},
{"name":"nokogiri","version":"1.16.7","platform":"x64-mingw-ucrt","checksum":"01ed785392f9cbdfd45e0e5ef6ad6d2c80a6128672589448f18952168bd68e56"},
{"name":"nokogiri","version":"1.16.7","platform":"x64-mingw32","checksum":"d8fd5c675743b85354c9098117bfa9e703c7cacab8c33e5190104ea8218ad1ec"},
{"name":"nokogiri","version":"1.16.7","platform":"x86-linux","checksum":"dddbf1c1ef99ce9fab98302b14f8bacb703e6f16e89b99f05ecee8a1fca23664"},
{"name":"nokogiri","version":"1.16.7","platform":"x86-mingw32","checksum":"b6517d995b024739cbb81251a26866d40e1ccb151936b5bb0977e7487f4e617c"},
{"name":"nokogiri","version":"1.16.7","platform":"x86_64-darwin","checksum":"630732b80fc572690eab50c73a1f18988f3ac401ed0b67ca9956ba2b1e2c3faa"},
{"name":"nokogiri","version":"1.16.7","platform":"x86_64-linux","checksum":"9e1e428641d5942af877c60b418c71163560e9feb4a5c4015f3230a8b86a40f6"},
{"name":"notiffany","version":"0.1.3","platform":"ruby","checksum":"d37669605b7f8dcb04e004e6373e2a780b98c776f8eb503ac9578557d7808738"},
{"name":"numerizer","version":"0.2.0","platform":"ruby","checksum":"e58076d5ee5370417b7e52d9cb25836d62acd1b8d9a194c308707986c1705d7b"},
{"name":"oauth","version":"0.5.6","platform":"ruby","checksum":"4085fe28e0c5e2434135e00a6555294fd2a4ff96a98d1bdecdcd619fc6368dff"},
@ -537,8 +537,8 @@
{"name":"puma","version":"6.4.3","platform":"ruby","checksum":"24a4645c006811d83f2480057d1f54a96e7627b6b90e1c99b260b9dc630eb43e"},
{"name":"pyu-ruby-sasl","version":"0.0.3.3","platform":"ruby","checksum":"5683a6bc5738db5a1bf5ceddeaf545405fb241b4184dd4f2587e679a7e9497e5"},
{"name":"raabro","version":"1.4.0","platform":"ruby","checksum":"d4fa9ff5172391edb92b242eed8be802d1934b1464061ae5e70d80962c5da882"},
{"name":"racc","version":"1.6.2","platform":"java","checksum":"0880781e7dfde09e665d0b6160b583e01ed52fcc2955d7891447d33c2d1d2cf1"},
{"name":"racc","version":"1.6.2","platform":"ruby","checksum":"58d26b3666382396fea84d33dc0639b7ee8d704156a52f8f22681f07b2f94f26"},
{"name":"racc","version":"1.8.1","platform":"java","checksum":"54f2e6d1e1b91c154013277d986f52a90e5ececbe91465d29172e49342732b98"},
{"name":"racc","version":"1.8.1","platform":"ruby","checksum":"4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f"},
{"name":"rack","version":"2.2.10","platform":"ruby","checksum":"e4a5ee3f8f2ba45614a4498114d6dc7da1c51a0f0dd810d891906ea71d3aa72b"},
{"name":"rack-accept","version":"0.4.5","platform":"ruby","checksum":"66247b5449db64ebb93ae2ec4af4764b87d1ae8a7463c7c68893ac13fa8d4da2"},
{"name":"rack-attack","version":"6.7.0","platform":"ruby","checksum":"3ca47e8f66cd33b2c96af53ea4754525cd928ed3fa8da10ee6dad0277791d77c"},

6
Gemfile.next.lock
View File

@ -1157,7 +1157,7 @@ GEM
mini_histogram (0.3.1)
mini_magick (4.12.0)
mini_mime (1.1.2)
mini_portile2 (2.8.5)
mini_portile2 (2.8.7)
minitest (5.11.3)
mixlib-cli (2.1.8)
mixlib-config (3.0.27)
@ -1201,7 +1201,7 @@ GEM
netrc (0.11.0)
nio4r (2.7.0)
no_proxy_fix (0.1.2)
nokogiri (1.16.0)
nokogiri (1.16.7)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
notiffany (0.1.3)
@ -1470,7 +1470,7 @@ GEM
nio4r (~> 2.0)
pyu-ruby-sasl (0.0.3.3)
raabro (1.4.0)
racc (1.6.2)
racc (1.8.1)
rack (2.2.10)
rack-accept (0.4.5)
rack (>= 0.4)

24
app/assets/javascripts/vue_shared/components/metric_images/metric_images_table.vue
View File

@ -83,14 +83,6 @@ export default {
arrowIconName() {
return this.isCollapsed ? 'chevron-right' : 'chevron-down';
},
bodyClass() {
return [
'gl-border-1',
'gl-border-t-solid',
'gl-border-gray-100',
{ 'gl-hidden': this.isCollapsed },
];
},
},
methods: {
...mapActions(['deleteImage']),
@ -112,9 +104,9 @@ export default {
<template>
<gl-card
class="collapsible-card border gl-mb-5 gl-p-0"
header-class="gl-flex gl-items-center gl-border-b-0 gl-py-3"
:body-class="bodyClass"
class="gl-mb-5"
:header-class="['gl-flex', 'gl-items-center', { 'gl-border-b-0 gl-rounded-base': isCollapsed }]"
:body-class="{ 'gl-hidden': isCollapsed }"
>
<gl-modal
body-class="!gl-pb-0 !gl-min-h-6"
@ -150,17 +142,15 @@ export default {
<template #header>
<div class="gl-flex gl-w-full gl-flex-row gl-justify-between">
<div class="gl-flex gl-w-full gl-flex-row gl-items-center">
<div class="gl-flex gl-w-full gl-flex-row gl-items-center gl-gap-2">
<gl-button
class="collapsible-card-btn gl-flex !gl-text-inherit gl-no-underline !gl-shadow-none hover:!gl-text-blue-800"
:aria-label="filename"
variant="link"
category="tertiary"
:icon="arrowIconName"
size="small"
data-testid="collapse-button"
@click="toggleCollapsed"
>
<gl-icon class="gl-mr-2" :name="arrowIconName" />
</gl-button>
/>
<gl-link v-if="url" :href="url" target="_blank" data-testid="metric-image-label-span">
{{ urlText == null || urlText == '' ? filename : urlText }}
<gl-icon name="external-link" class="gl-align-middle" />

1
app/assets/stylesheets/components/_index.scss
View File

@ -1,6 +1,5 @@
@import './avatar';
@import './action_card_component';
@import './collapsible_card';
@import './content_editor';
@import './deployment_instance';
@import './detail_page';

9
app/assets/stylesheets/components/collapsible_card.scss
View File

@ -1,9 +0,0 @@
.collapsible-card {
.collapsible-card-btn {
color: $gl-text-color;
&:hover {
color: $blue-600;
}
}
}

21
app/models/member.rb
View File

@ -69,10 +69,7 @@ class Member < ApplicationRecord
end
scope :in_hierarchy, ->(source) do
for_self_and_descendants(source.root_ancestor)
end
scope :for_self_and_descendants, ->(source) do
source = source.root_ancestor
groups = source.self_and_descendants
group_members = Member.default_scoped.where(source: groups).select(*Member.cached_column_list)
@ -82,6 +79,18 @@ class Member < ApplicationRecord
Member.default_scoped.from_union([group_members, project_members]).merge(self)
end
scope :for_self_and_descendants, ->(group, columns = Member.cached_column_list) do
return self if group.blank?
group_members = where(source_id: group.self_and_descendant_ids, source_type: GroupMember::SOURCE_TYPE)
project_members = where(source_id: group.all_project_ids, source_type: ProjectMember::SOURCE_TYPE)
Member.unscoped.from_union([
group_members.select(*columns),
project_members.select(*columns)
], remove_duplicates: false)
end
scope :including_user_ids, ->(user_ids) do
where(user_id: user_ids)
end
@ -90,6 +99,10 @@ class Member < ApplicationRecord
where.not(user_id: user_ids)
end
scope :count_by_access_level, ->(column_name = nil) do
group(:access_level).count(column_name)
end
# This scope encapsulates (most of) the conditions a row in the member table
# must satisfy if it is a valid permission. Of particular note:
#

4
app/services/ci/expire_pipeline_cache_service.rb
View File

@ -84,7 +84,7 @@ module Ci
graphql_project_on_demand_scan_counts_path(project)
]
etag_paths << commit_pipelines_path(project, pipeline.commit) unless pipeline.commit.nil?
etag_paths << commit_pipelines_path(project, pipeline.commit) if pipeline.sha && pipeline.commit.present?
each_pipelines_merge_request_path(pipeline) do |path|
etag_paths << path
@ -93,7 +93,7 @@ module Ci
pipeline.upstream_and_all_downstreams.includes(project: [:route, { namespace: :route }]).each do |relative_pipeline| # rubocop: disable CodeReuse/ActiveRecord
etag_paths << project_pipeline_path(relative_pipeline.project, relative_pipeline)
etag_paths << graphql_pipeline_path(relative_pipeline)
etag_paths << graphql_pipeline_sha_path(relative_pipeline.sha)
etag_paths << graphql_pipeline_sha_path(relative_pipeline.sha) if relative_pipeline.sha
end
store.touch(*etag_paths)

12
app/views/projects/_sidebar.html.haml
View File

@ -5,8 +5,8 @@
- statistics_buttons = @project.statistics_buttons(show_auto_devops_callout: show_auto_devops_callout)
%aside.project-page-sidebar{ data: { testid: 'project-page-sidebar' } }
.project-page-sidebar-block.home-panel-home-desc.gl-py-4.gl-border-b.gl-border-gray-50{ class: '!gl-pt-2' }
%h2.gl-text-base.gl-font-bold.gl-leading-reset.gl-text-gray-900.gl-m-0.gl-mb-1= s_('ProjectPage|Project information')
.project-page-sidebar-block.home-panel-home-desc.gl-py-4.gl-border-b.gl-border-b-subtle{ class: '!gl-pt-2' }
%h2.gl-text-base.gl-font-bold.gl-leading-reset.gl-text-strong.gl-m-0.gl-mb-1= s_('ProjectPage|Project information')
-# Project description
- if @project.description.present?
.home-panel-description.gl-break-words
@ -43,18 +43,18 @@
-# Invite members
- if @project.empty_repo? && can_admin_project_member?(@project)
.project-page-sidebar-block.gl-py-4.gl-border-b.gl-border-gray-50
.project-page-sidebar-block.gl-py-4.gl-border-b.gl-border-b-subtle
= render "invite_members_empty_project"
-# Buttons
- if can?(current_user, :read_code, @project) && !@project.empty_repo? && anchor_buttons.any?
.project-page-sidebar-block.gl-py-4.gl-border-b.gl-border-gray-50
.project-page-sidebar-block.gl-py-4.gl-border-b.gl-border-b-subtle
%nav.project-stats
= render 'stat_anchor_list', anchors: anchor_buttons
-# Buttons
- if can?(current_user, :read_code, @project) && has_project_shortcut_buttons && (@project.empty_repo? ? statistics_empty_buttons.any? : statistics_buttons.any?)
.project-page-sidebar-block.gl-py-4.gl-border-b.gl-border-gray-50
.project-page-sidebar-block.gl-py-4.gl-border-b.gl-border-b-subtle
.project-buttons.gl-mb-2.js-show-on-project-root{ data: { testid: 'project-buttons' } }
- if @project.empty_repo?
= render 'stat_anchor_list', anchors: statistics_empty_buttons, project_buttons: true
@ -66,5 +66,5 @@
-# Project created
.project-page-sidebar-block.gl-py-4
%p.gl-font-bold.gl-text-gray-900.gl-m-0.gl-mb-1= s_('ProjectPage|Created on')
%p.gl-font-bold.gl-text-strong.gl-m-0.gl-mb-1= s_('ProjectPage|Created on')
%span= @project.created_at.to_date.to_fs(:long)

9
db/migrate/20241104090601_add_is_known_exploit_to_pm_cve_enrichment.rb Normal file
View File

@ -0,0 +1,9 @@
# frozen_string_literal: true
class AddIsKnownExploitToPmCveEnrichment < Gitlab::Database::Migration[2.2]
milestone '17.6'
def change
add_column :pm_cve_enrichment, :is_known_exploit, :boolean, default: false, null: false
end
end

17
db/post_migrate/20241104212609_add_index_on_members_source_access_level_member_role.rb Normal file
View File

@ -0,0 +1,17 @@
# frozen_string_literal: true
class AddIndexOnMembersSourceAccessLevelMemberRole < Gitlab::Database::Migration[2.2]
disable_ddl_transaction!
milestone '17.6'
INDEX_NAME = "index_members_on_source_and_access_level_and_member_role"
def up
columns = [:source_id, :source_type, :access_level]
add_concurrent_index(:members, columns, name: INDEX_NAME, where: 'member_role_id IS NULL')
end
def down
remove_concurrent_index_by_name :members, INDEX_NAME
end
end

1
db/schema_migrations/20241104090601 Normal file
View File

@ -0,0 +1 @@
6867b1ad0163f9de7e1d94aefe28626c182f41ab5262e3023b5da72247ad74f4

1
db/schema_migrations/20241104212609 Normal file
View File

@ -0,0 +1 @@
b71c65841b6fc8c3f3bc285e5d9d0b5a5d04abadf61517443457a03ef231b694

3
db/structure.sql
View File

@ -16922,6 +16922,7 @@ CREATE TABLE pm_cve_enrichment (
created_at timestamp with time zone NOT NULL,
updated_at timestamp with time zone NOT NULL,
cve text NOT NULL,
is_known_exploit boolean DEFAULT false NOT NULL,
CONSTRAINT check_16651e3ffb CHECK ((char_length(cve) <= 24))
);
@ -30518,6 +30519,8 @@ CREATE INDEX index_members_on_member_role_id ON members USING btree (member_role
CREATE INDEX index_members_on_requested_at ON members USING btree (requested_at);
CREATE INDEX index_members_on_source_and_access_level_and_member_role ON members USING btree (source_id, source_type, access_level) WHERE (member_role_id IS NULL);
CREATE INDEX index_members_on_source_and_type_and_access_level ON members USING btree (source_id, source_type, type, access_level);
CREATE INDEX index_members_on_source_and_type_and_id ON members USING btree (source_id, source_type, type, id) WHERE (invite_token IS NULL);

7
doc/administration/auth/crowd.md
View File

@ -4,15 +4,12 @@ group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Use Atlassian Crowd as an authentication provider (deprecated)
# Use Atlassian Crowd as an authentication provider
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed
WARNING:
This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/369117) in GitLab 15.3 and is [planned for removal in 18.0](https://gitlab.com/gitlab-org/gitlab/-/issues/457241).
Authenticate to GitLab using the Atlassian Crowd OmniAuth provider. Enabling
this provider also allows Crowd authentication for Git-over-https requests.
@ -54,7 +51,6 @@ this provider also allows Crowd authentication for Git-over-https requests.
gitlab_rails['omniauth_providers'] = [
{
name: "crowd",
# label: "Provider name", # optional label for login button, defaults to "Crowd"
args: {
crowd_server_url: "CROWD_SERVER_URL",
application_name: "YOUR_APP_NAME",
@ -68,7 +64,6 @@ this provider also allows Crowd authentication for Git-over-https requests.
```yaml
- { name: 'crowd',
# label: 'Provider name', # optional label for login button, defaults to "Crowd"
args: {
crowd_server_url: 'CROWD_SERVER_URL',
application_name: 'YOUR_APP_NAME',

2
doc/administration/moderate_users.md
View File

@ -77,7 +77,7 @@ Rejecting a user:
## View users pending role promotion
When [user promotion management](../administration/settings/sign_up_restrictions.md#enable-role-promotion-approval) is enabled, any user added or promoted to a billable role will be pending administrator approval.
If [administrator approval for role promotions](../administration/settings/sign_up_restrictions.md#turn-on-administrator-approval-for-role-promotions) is turned on, membership requests that promote existing users into a billable role require administrator approval.
To view users pending role promotion:

9
doc/administration/reply_by_email.md
View File

@ -45,14 +45,7 @@ When you reply to the notification email, your email client:
### GitLab receives your reply to the notification email
When GitLab receives your reply, it looks for the "reply key" in the
following headers, in this order:
1. `To` header
1. `References` header
1. `Delivered-To` header
1. `Envelope-To` header
1. `X-Envelope-To` header
1. `Received` header
[list of accepted headers](incoming_email.md#accepted-headers).
If it finds a reply key, it leaves your reply as a comment on
the entity the notification was about (issue, merge request, commit...).

45
doc/administration/self_hosted_models/configure_duo_features.md
View File

@ -62,23 +62,30 @@ Prerequisites:
To configure a self-hosted model:
1. On the left sidebar, at the bottom, select **Admin**.
1. Select **AI-powered features**.
- If the **AI-powered features** menu item is not available, synchronize your
1. Select **Self-hosted models**.
- If the **Self-hosted models** menu item is not available, synchronize your
subscription after purchase:
1. On the left sidebar, select **Subscription**.
1. In **Subscription details**, to the right of **Last sync**, select
synchronize subscription (**{retry}**).
1. Select **Models**.
1. Select **New self-hosted model**.
1. Select **Add self-hosted model**.
1. Complete the fields:
- Enter the model name, for example, `Mistral`.
- From the **Model family** dropdown list, select the model. Only GitLab-approved models
- **Deployment name**: Enter a name to uniquely identify the model deployment, for example, `Mixtral-8x7B-it-v0.1 on GCP`.
- **Model family**: Select the model family the deployment belongs to. Only GitLab-approved models
are in this list.
- For **Endpoint**, select the self-hosted model endpoint. For example, the
server hosting the model.
- Optional. For **API token**, add an API key if you need one to access the model.
- Optional. For **Model identifier**, enter the cloud provider where the model is hosted, and the name the cloud provider uses for that model (for example: `anthropic/claude-3-5-sonnet-20240620`).
1. Select **Create model**.
- **Endpoint**: Enter the URL where the model is hosted.
- For models hosted through vLLM, it is essential to suffix the URL with `/v1`.
- **API key**: Optional. Add an API key if you need one to access the model.
- **Model identifier (optional)**: Optional. The model identifier is based on your deployment method:
| Deployment method | Format | Example |
|-------------|---------|---------|
| vLLM | `custom_openai/<name of the model served through vLLM>` | `custom_openai/Mixtral-8x7B-Instruct-v0.1` |
| Bedrock | `bedrock/<model ID of the model>` | `bedrock/mistral.mixtral-8x7b-instruct-v0:1` |
| Azure | `azure/<model ID of the model>` | `azure/gpt-35-turbo` |
| Others | The field is optional | |
1. Select **Create self-hosted model**.
## Configure GitLab Duo features to use self-hosted models
@ -89,21 +96,19 @@ Prerequisites:
### View configured features
1. On the left sidebar, at the bottom, select **Admin**.
1. Select **AI-powered features**.
- If the **AI-powered features** menu item is not available, synchronize your
1. Select **Self-hosted models**.
- If the **Self-hosted models** menu item is not available, synchronize your
subscription after purchase:
1. On the left sidebar, select **Subscription**.
1. In **Subscription details**, to the right of **Last sync**, select
synchronize subscription (**{retry}**).
1. Select **Features**.
1. Select the **AI-powered features** tab.
### Configure the feature to use a self-hosted model
Configure the GitLab Duo feature to send queries to the configured self-hosted model:
1. In **Features**, for the feature you want to set, select **Edit**.
For example, **Code Generation**.
1. Select the model provider for the feature:
- From the list, select **Self-Hosted Model**.
- Choose the self-hosted model you want to use, for example, `Mistral`.
1. Select **Save Changes**.
1. On the left sidebar, at the bottom, select **Admin**.
1. Select **Self-hosted models**.
1. Select the **AI-powered features** tab.
1. For the feature you want to configure, from the dropdown list, choose the self-hosted model you want to use. For example, `Mistral`.

28
doc/administration/settings/sign_up_restrictions.md
View File

@ -251,7 +251,7 @@ You can limit GitLab access to a subset of the LDAP users on your LDAP server.
See the [documentation on setting up an LDAP user filter](../auth/ldap/index.md#set-up-ldap-user-filter) for more information.
## Enable role promotion approval
## Turn on administrator approval for role promotions
DETAILS:
**Tier:** Ultimate
@ -264,16 +264,26 @@ DETAILS:
FLAG:
The availability of this feature is controlled by a feature flag.
In the **Ultimate** tier, [non billable roles](../../subscriptions/gitlab_com/index.md#billable-users), can be promoted to a billable role in any Project or Group, resulting in the increase of billable seats, without admins having any control on this promotion.
To prevent existing users of the subscription from being promoted to a billable role, you can enable role promotion approval.
To prevent existing users from being promoted into a billable role in a project or group,
turn on administrator approval for role promotions. You can then approve or reject promotion requests
that are [pending administrator approval](../moderate_users.md#view-users-pending-role-promotion).
When this setting is enabled, any existing user of the subscription when added to a [group](../../user/group/index.md#add-users-to-a-group) or [project](../../user/project/members/index.md#add-users-to-a-project) on a [billable role](../../subscriptions/gitlab_com/index.md#billable-users) will be [pending administrator approval](../moderate_users.md#view-users-pending-role-promotion).
- If an administrator adds a user to a group or project:
- If the new user role is [billable](../../subscriptions/self_managed/index.md#billable-users),
all other membership requests for that user are automatically approved.
- If the new user role is not billable, other requests for that user remain pending until administrator
approval.
Promotions or updates of user roles for users that already occupy a billable seat do not require administrator approval.
- If a user who isn't an administrator adds a user to a group or project:
- If the user does not have any billable role in any group or project, and is added or promoted to a billable role,
their request remains [pending until administrator approval(../moderate_users.md#view-users-pending-role-promotion).
- If the user already has a billable role, administrator approval is not required.
If the user is added to a group or project by an administrator, any membership requests for this user to any other group or project will be approved automatically.
Prerequisites:
To enable role promotion approval:
- You must be an administrator.
To turn on approvals for role promotions:
1. On the left sidebar, at the bottom, select **Admin**.
1. Select **Settings > General**.
@ -282,7 +292,9 @@ To enable role promotion approval:
### Known issues
When you turn on role promotion approval, the billable count can still increase if a user [requests access to a group](../../user/group/index.md) and is approved by the group Owner on a [billable role](../../subscriptions/gitlab_com/index.md#billable-users).
When a user [requests access to a group](../../user/group/index.md), the initial role assigned is Developer.
If this access is approved by a user with the Owner role for the group and the user becomes a member of the group, the billable count
increases if this user did not have a billable role previously.
<!-- ## Troubleshooting

2
doc/api/invitations.md
View File

@ -74,7 +74,7 @@ When there was any error sending the email:
```
NOTE:
When the setting **[Manage non-billable promotions](../administration/settings/sign_up_restrictions.md#enable-role-promotion-approval)** is enabled, new invited members with billable roles must be approved by an administrator.
If [administrator approval for role promotions](../administration/settings/sign_up_restrictions.md#turn-on-administrator-approval-for-role-promotions) is turned on, membership requests that promote existing users into a billable role require administrator approval.
To enable **Manage non-billable promotions**,
you must first enable the `enable_member_promotion_management` application setting.

4
doc/api/members.md
View File

@ -627,7 +627,7 @@ Example response:
```
NOTE:
When the setting **[Manage non-billable promotions](../administration/settings/sign_up_restrictions.md#enable-role-promotion-approval)** is enabled, new invited members with billable roles must be approved by an administrator.
If [administrator approval for role promotions](../administration/settings/sign_up_restrictions.md#turn-on-administrator-approval-for-role-promotions) is turned on, membership requests that promote existing users into a billable role require administrator approval.
To enable **Manage Non-Billable Promotions**,
you must first enable the `enable_member_promotion_management` application setting.
@ -717,7 +717,7 @@ Example response:
```
NOTE:
When the setting **[Manage non-billable promotions](../administration/settings/sign_up_restrictions.md#enable-role-promotion-approval)** is enabled, new invited users with billable roles must be approved by an administrator.
If [administrator approval for role promotions](../administration/settings/sign_up_restrictions.md#turn-on-administrator-approval-for-role-promotions) is turned on, membership requests that promote existing users into a billable role require administrator approval.
To enable **Manage non-billable promotions**,
you must first enable the `enable_member_promotion_management` application setting.

2
doc/api/project_job_token_scopes.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments"
---

2
doc/api/secure_files.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/cloud_services/aws/index.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/cloud_services/azure/index.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/cloud_services/google_cloud/index.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/cloud_services/index.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

10
doc/ci/jobs/ci_job_token.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
@ -17,7 +17,7 @@ is revoked and you cannot use the token anymore.
Use a CI/CD job token to authenticate with certain GitLab features from running jobs.
The token receives the same access level as the user that triggered the pipeline,
but has access to fewer resources than a personal access token. A user can cause a job to run
but has [access to fewer resources](#job-token-feature-access) than a personal access token. A user can cause a job to run
with an action like pushing a commit, triggering a manual job, or being the owner of a scheduled pipeline.
This user must have a [role that has the required privileges](../../user/permissions.md#cicd)
to access the resources.
@ -29,6 +29,10 @@ If a project is public or internal, you can access some features without being o
For example, you can fetch artifacts from the project's public pipelines.
This access can also [be restricted](#limit-job-token-scope-for-public-or-internal-projects).
## Job token feature access
The CI/CD job token can only access the following features and API endpoints:
| Feature | Additional details |
|-------------------------------------------------------------------------------------------------------|--------------------|
| [Container registry API](../../api/container_registry.md) | The token is scoped to the container registry of the job's project only. |
@ -40,7 +44,7 @@ This access can also [be restricted](#limit-job-token-scope-for-public-or-intern
| [Package registry](../../user/packages/package_registry/index.md#to-build-packages) | |
| [Packages API](../../api/packages.md) | `GET` requests are public by default. |
| [Pipeline triggers](../../api/pipeline_triggers.md) | Used with the `token=` parameter to [trigger a multi-project pipeline](../pipelines/downstream_pipelines.md#trigger-a-multi-project-pipeline-by-using-the-api). |
| [Update pipeline metadata API endpoint](../../api/pipelines.md#update-pipeline-metadata) | To update pipeline metadata. |
| [Update pipeline metadata API endpoint](../../api/pipelines.md#update-pipeline-metadata) | To update pipeline metadata. |
| [Release links API](../../api/releases/links.md) | |
| [Releases API](../../api/releases/index.md) | `GET` requests are public by default. |
| [Secure files](../secure_files/index.md#use-secure-files-in-cicd-jobs) | The `download-secure-files` tool authenticates with a CI/CD job token by default. |

2
doc/ci/jobs/ssh_keys.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/pipelines/pipeline_security.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/secrets/akeyless.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
ignore_in_report: true

2
doc/ci/secrets/azure_key_vault.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/secrets/convert-to-id-tokens.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/secrets/fortanix_dsm_integration.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
type: concepts, howto

2
doc/ci/secrets/gcp_secret_manager.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/secrets/hashicorp_vault.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/secrets/id_token_authentication.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/secrets/index.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/secure_files/index.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

2
doc/ci/yaml/signing_examples.md
View File

@ -1,5 +1,5 @@
---
stage: Govern
stage: Software Supply Chain Security
group: Pipeline Security
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---

13
doc/development/ai_features/index.md
View File

@ -546,6 +546,19 @@ class AiFeaturesCatalogue
}.freeze
```
## Reuse the existing AI components for multiple models
We thrive optimizing AI components, such as prompt, input/output parser, tools/function-calling, for each LLM,
however, diverging the components for each model could increase the maintenance overhead.
Hence, it's generally advised to reuse the existing components for multiple models as long as it doesn't degrade a feature quality.
Here are the rules of thumbs:
1. Iterate on the existing prompt template for multiple models. Do _NOT_ introduce a new one unless it causes a quality degredation for a particular model.
1. Iterate on the existing input/output parsers and tools/functions-calling for multiple models. Do _NOT_ introduce a new one unless it causes a quality degredation for a particular model.
1. If a quality degredation is detected for a particular model, the shared component should be diverged for the particular model.
An [example](https://gitlab.com/gitlab-org/modelops/applied-ml/code-suggestions/ai-assist/-/issues/713) of this case is that we can apply Claude specific CoT optimization to the other models such as Mixtral as long as it doesn't cause a quality degredation.
## How to migrate an existing action to the AI Gateway
AI actions were initially implemented inside the GitLab monolith. As part of our

4
doc/user/group/index.md
View File

@ -393,7 +393,7 @@ Prerequisites:
- You must have the Owner role for the group.
- If [sign-up is disabled](../../administration/settings/sign_up_restrictions.md#disable-new-sign-ups), an administrator must add the user by email first.
- If [promotion management](../../administration/settings/sign_up_restrictions.md#enable-role-promotion-approval) is enabled, an administrator must approve the invite.
- If [administrator for role promotions](../../administration/settings/sign_up_restrictions.md#turn-on-administrator-approval-for-role-promotions) is turned on, an administrator must approve the invite.
1. On the left sidebar, select **Search or go to** and find your group.
1. Select **Manage > Members**.
@ -431,7 +431,7 @@ This tab includes users who:
### View users pending promotion
When [promotion management](../../administration/settings/sign_up_restrictions.md#enable-role-promotion-approval) is enabled, an administrator must approve the membership requests of users who would become billable users in the subscription.
If [administrator approval for role promotions](../../administration/settings/sign_up_restrictions.md#turn-on-administrator-approval-for-role-promotions) is turned on, membership requests that promote existing users into a billable role require administrator approval.
To view users pending promotion:

17
doc/user/group/settings/group_access_tokens.md
View File

@ -122,8 +122,6 @@ If you are an administrator, you can create group access tokens in the Rails con
> - Ability to view revoked tokens [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/462217) in GitLab 17.3 [with a flag](../../../administration/feature_flags.md) named `retain_resource_access_token_user_after_revoke`. Disabled by default.
You can use either the UI or the Rails console to revoke a group access token.
In GitLab 17.3 and later, if you enable the `retain_resource_access_token_user_after_revoke`
feature flag, you can view both active and inactive revoked group access tokens
on the access tokens page. If you do not enable the feature flag, you can only view
@ -147,21 +145,6 @@ To revoke a group access token:
1. Select **Settings > Access tokens**.
1. Next to the group access token to revoke, select **Revoke** (**{remove}**).
### Use the Rails console
Prerequisites:
- You must be an administrator.
To revoke a group access token, run the following command in a
[Rails console](../../../administration/operations/rails_console.md):
```ruby
bot = User.find_by(username: 'group_109_bot') # the owner of the token you want to revoke
token = bot.personal_access_tokens.last # the token you want to revoke
token.revoke!
```
## Scopes for a group access token
> - `k8s_proxy` [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/422408) in GitLab 16.4 [with a flag](../../../administration/feature_flags.md) named `k8s_proxy_pat`. Enabled by default.

4
doc/user/project/members/index.md
View File

@ -82,7 +82,7 @@ Prerequisites:
- You must have the Owner or Maintainer role.
- [Group membership lock](../../group/access_and_permissions.md#prevent-members-from-being-added-to-projects-in-a-group) must be disabled.
- If [sign-up is disabled](../../../administration/settings/sign_up_restrictions.md#disable-new-sign-ups), an administrator must add the user by email first.
- If [promotion management](../../../administration/settings/sign_up_restrictions.md#enable-role-promotion-approval) is enabled, an administrator must approve the invite.
- If [approval for role promotion](../../../administration/settings/sign_up_restrictions.md#turn-on-administrator-approval-for-role-promotions) is enabled, an administrator must approve the invite.
To add a user to a project:
@ -125,7 +125,7 @@ The Owner [role](../../permissions.md#project-members-permissions) can be added
### View users pending promotion
When [promotion management](../../../administration/settings/sign_up_restrictions.md#enable-role-promotion-approval) is enabled, an administrator must approve the membership requests of users who would become billable users in the subscription.
If [administrator approval for role promotions](../../../administration/settings/sign_up_restrictions.md#turn-on-administrator-approval-for-role-promotions) is turned on, membership requests that promote existing users into a billable role require administrator approval.
To view users pending promotion:

2
doc/user/project/service_desk/configure.md
View File

@ -1044,7 +1044,7 @@ or completely separately.
::EndTabs
1. [Deprecated in GitLab 16.0 and planned for removal in 17.0)](../../../update/deprecations.md#sidekiq-delivery-method-for-incoming_email-and-service_desk_email-is-deprecated):
1. [Deprecated in GitLab 16.0 and planned for removal in 18.0)](../../../update/deprecations.md#sidekiq-delivery-method-for-incoming_email-and-service_desk_email-is-deprecated):
If you experience issues with the `webhook` setup, use `sidekiq` to deliver the email payload directly to GitLab Sidekiq using Redis.
::Tabs

6
gems/gitlab-database-load_balancing/Gemfile.lock
View File

@ -140,7 +140,7 @@ GEM
marcel (1.0.2)
method_source (1.0.0)
mini_mime (1.1.5)
mini_portile2 (2.8.5)
mini_portile2 (2.8.7)
minitest (5.17.0)
net-imap (0.4.4)
date
@ -152,7 +152,7 @@ GEM
net-smtp (0.4.0)
net-protocol
nio4r (2.5.9)
nokogiri (1.15.4)
nokogiri (1.16.7)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
parallel (1.22.1)
@ -168,7 +168,7 @@ GEM
coderay (~> 1.1)
method_source (~> 1.0)
public_suffix (5.0.3)
racc (1.6.2)
racc (1.8.1)
rack (2.2.10)
rack-test (2.1.0)
rack (>= 1.3)

4
gems/gitlab-http/Gemfile.lock
View File

@ -93,7 +93,7 @@ GEM
multi_xml (0.6.0)
net-http (0.4.1)
uri
nokogiri (1.15.4)
nokogiri (1.16.7)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
parallel (1.26.3)
@ -105,7 +105,7 @@ GEM
rouge
unparser
public_suffix (5.0.1)
racc (1.7.1)
racc (1.8.1)
rack (2.2.10)
rack-test (2.1.0)
rack (>= 1.3)

6
gems/gitlab-rspec/Gemfile.lock
View File

@ -63,9 +63,9 @@ GEM
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
method_source (1.0.0)
mini_portile2 (2.8.2)
mini_portile2 (2.8.7)
minitest (5.18.0)
nokogiri (1.15.2)
nokogiri (1.16.7)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
parallel (1.23.0)
@ -75,7 +75,7 @@ GEM
coderay
parser
unparser
racc (1.6.2)
racc (1.8.1)
rack (2.2.10)
rack-test (2.1.0)
rack (>= 1.3)

6
gems/gitlab-utils/Gemfile.lock
View File

@ -74,9 +74,9 @@ GEM
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
method_source (1.0.0)
mini_portile2 (2.8.2)
mini_portile2 (2.8.7)
minitest (5.18.1)
nokogiri (1.16.0)
nokogiri (1.16.7)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
parallel (1.23.0)
@ -88,7 +88,7 @@ GEM
parser
unparser
public_suffix (5.0.0)
racc (1.7.1)
racc (1.8.1)
rack (2.2.10)
rack-test (2.1.0)
rack (>= 1.3)

2
locale/gitlab.pot
View File

@ -49872,7 +49872,7 @@ msgstr ""
msgid "SecurityOrchestration|For large groups, there may be a significant delay in applying policy changes to pre-existing merge requests. Policy changes typically apply almost immediately for newly created merge requests."
msgstr ""
msgid "SecurityOrchestration|Group with id: %{id}"
msgid "SecurityOrchestration|Group ID: %{id}"
msgstr ""
msgid "SecurityOrchestration|Groups"

2
qa/Gemfile.lock
View File

@ -241,7 +241,7 @@ GEM
byebug (~> 11.0)
pry (>= 0.13, < 0.15)
public_suffix (6.0.0)
racc (1.8.0)
racc (1.8.1)
rack (2.2.10)
rack-test (1.1.0)
rack (>= 1.0, < 3)

6
spec/frontend/vue_shared/components/metric_images/__snapshots__/metric_images_table_spec.js.snap
View File

@ -2,10 +2,10 @@
exports[`Metrics upload item render the metrics image component 1`] = `
<gl-card-stub
bodyclass="gl-border-1,gl-border-t-solid,gl-border-gray-100,[object Object]"
class="border collapsible-card gl-mb-5 gl-p-0"
bodyclass="[object Object]"
class="gl-mb-5"
footerclass=""
headerclass="gl-flex gl-items-center gl-border-b-0 gl-py-3"
headerclass="gl-flex,gl-items-center,[object Object]"
>
<gl-modal-stub
actioncancel="[object Object]"

1
spec/models/member_spec.rb
View File

@ -297,7 +297,6 @@ RSpec.describe Member, feature_category: :groups_and_projects do
describe '.for_self_and_descendants' do
let(:expected_members) do
[
project_member,
subgroup_member,
subgroup_project_member
]

24
spec/services/ci/expire_pipeline_cache_service_spec.rb
View File

@ -122,6 +122,30 @@ RSpec.describe Ci::ExpirePipelineCacheService, feature_category: :continuous_int
end
end
context 'when pipeline does not have sha' do
let(:pipeline_without_sha) { create(:ci_pipeline, project: project) }
before do
pipeline_without_sha.update_column(:sha, nil)
end
it 'does not raise an error' do
expect { subject.execute(pipeline_without_sha) }.not_to raise_error
end
end
context 'when pipeline does not have commit' do
let(:pipeline_without_commit) { create(:ci_pipeline, project: project) }
before do
allow(pipeline_without_commit).to receive(:commit).and_return(nil)
end
it 'does not raise an error' do
expect { subject.execute(pipeline_without_commit) }.not_to raise_error
end
end
def expect_touched_etag_caching_paths(*paths)
expect_next_instance_of(Gitlab::EtagCaching::Store) do |store|
expect(store).to receive(:touch).and_wrap_original do |m, *args|

13
spec/services/work_items/data_sync/clone_service_spec.rb
View File

@ -6,13 +6,11 @@ RSpec.describe WorkItems::DataSync::CloneService, feature_category: :team_planni
let_it_be(:group) { create(:group) }
let_it_be(:project) { create(:project, group: group) }
let_it_be(:target_project) { create(:project, group: group) }
let_it_be_with_reload(:issue_work_item) { create(:work_item, :opened, project: project) }
let_it_be(:task_work_item) { create(:work_item, :task, project: project) }
let_it_be_with_reload(:original_work_item) { create(:work_item, :opened, project: project) }
let_it_be(:source_project_member) { create(:user, reporter_of: project) }
let_it_be(:target_project_member) { create(:user, reporter_of: target_project) }
let_it_be(:projects_member) { create(:user, reporter_of: [project, target_project]) }
let(:original_work_item) { issue_work_item }
let(:target_namespace) { target_project.project_namespace.reload }
let(:service) do
@ -99,7 +97,7 @@ RSpec.describe WorkItems::DataSync::CloneService, feature_category: :team_planni
end
context 'when cloning unsupported work item type' do
let(:original_work_item) { task_work_item }
let_it_be(:original_work_item) { create(:work_item, :task, project: project) }
it 'does not raise error' do
expect { service.execute }.not_to raise_error
@ -170,12 +168,7 @@ RSpec.describe WorkItems::DataSync::CloneService, feature_category: :team_planni
end
it_behaves_like 'cloneable and moveable work item'
context 'with specific widgets' do
let!(:assignees) { [source_project_member, target_project_member, projects_member] }
it_behaves_like 'cloneable and moveable widget data'
end
it_behaves_like 'cloneable and moveable widget data'
end
end
end

13
spec/services/work_items/data_sync/move_service_spec.rb
View File

@ -6,13 +6,11 @@ RSpec.describe WorkItems::DataSync::MoveService, feature_category: :team_plannin
let_it_be(:group) { create(:group) }
let_it_be(:project) { create(:project) }
let_it_be(:target_project) { create(:project, group: group) }
let_it_be_with_reload(:issue_work_item) { create(:work_item, :opened, project: project) }
let_it_be(:task_work_item) { create(:work_item, :task, project: project) }
let_it_be_with_reload(:original_work_item) { create(:work_item, :opened, project: project) }
let_it_be(:source_project_member) { create(:user, reporter_of: project) }
let_it_be(:target_project_member) { create(:user, reporter_of: target_project) }
let_it_be(:projects_member) { create(:user, reporter_of: [project, target_project]) }
let(:original_work_item) { issue_work_item }
let(:target_namespace) { target_project.project_namespace.reload }
let(:service) do
@ -99,7 +97,7 @@ RSpec.describe WorkItems::DataSync::MoveService, feature_category: :team_plannin
end
context 'when moving unsupported work item type' do
let(:original_work_item) { task_work_item }
let_it_be_with_reload(:original_work_item) { create(:work_item, :task, project: project) }
it 'does not raise error' do
expect { service.execute }.not_to raise_error
@ -170,12 +168,7 @@ RSpec.describe WorkItems::DataSync::MoveService, feature_category: :team_plannin
end
it_behaves_like 'cloneable and moveable work item'
context 'with specific widgets' do
let!(:assignees) { [source_project_member, target_project_member, projects_member] }
it_behaves_like 'cloneable and moveable widget data'
end
it_behaves_like 'cloneable and moveable widget data'
end
end
end

4
spec/spec_helper.rb
View File

@ -347,10 +347,6 @@ RSpec.configure do |config|
# See https://gitlab.com/gitlab-org/gitlab/-/issues/457283
stub_feature_flags(duo_chat_requires_licensed_seat_sm: false)
# This flag is for [Selectively disable by actor](https://docs.gitlab.com/ee/development/feature_flags/controls.html#selectively-disable-by-actor).
# Hence, it should not enable by default in test.
stub_feature_flags(v2_chat_agent_integration_override: false) if Gitlab.ee?
# Experimental merge request dashboard
stub_feature_flags(merge_request_dashboard: false)

2
spec/support/rspec_order_todo.yml
View File

@ -745,7 +745,7 @@
- './ee/spec/lib/arkose/verify_response_spec.rb'
- './ee/spec/lib/audit/changes_spec.rb'
- './ee/spec/lib/audit/details_spec.rb'
- './ee/spec/lib/audit/external_status_check_changes_auditor_spec.rb'
- './ee/spec/lib/merge_requests/external_status_check_changes_auditor_spec.rb'
- './ee/spec/lib/audit/group_merge_request_approval_setting_changes_auditor_spec.rb'
- './ee/spec/lib/banzai/filter/cross_project_issuable_information_filter_spec.rb'
- './ee/spec/lib/banzai/filter/issuable_reference_expansion_filter_spec.rb'

40
spec/support/shared_examples/services/work_items/data_sync/cloneable_and_moveable_data_stared_examples.rb
View File

@ -50,38 +50,36 @@ end
RSpec.shared_examples 'cloneable and moveable widget data' do
using RSpec::Parameterized::TableSyntax
def set_assignees
original_work_item.assignee_ids = assignees.map(&:id)
end
def work_item_assignees(work_item)
work_item.reload.assignees
end
def work_item_award_emoji(work_item)
work_item.reload.award_emoji.order(user_id: :asc, name: :asc).pluck(:user_id, :name)
work_item.reload.award_emoji.pluck(:user_id, :name)
end
where(:widget_name, :eval_value, :before_lambda, :expected_data, :operations) do
:assignees | :work_item_assignees | -> { set_assignees } | ref(:assignees) | [ref(:move), ref(:clone)]
:award_emoji | :work_item_award_emoji | -> {} | ref(:award_emojis) | [ref(:move)]
where(:widget_name, :eval_value, :expected_data, :operations) do
:assignees | :work_item_assignees | ref(:assignees) | [ref(:move), ref(:clone)]
:award_emoji | :work_item_award_emoji | ref(:award_emojis) | [ref(:move)]
end
let(:move) { WorkItems::DataSync::MoveService }
let(:clone) { WorkItems::DataSync::CloneService }
let_it_be(:users) { create_list(:user, 3) }
let_it_be(:milestone) { create(:milestone) }
let_it_be(:thumbs_ups) { create_list(:award_emoji, 2, name: 'thumbsup', awardable: original_work_item) }
let_it_be(:thumbs_downs) { create_list(:award_emoji, 2, name: 'thumbsdown', awardable: original_work_item) }
let_it_be(:award_emojis) { original_work_item.reload.award_emoji.pluck(:user_id, :name) }
let_it_be(:assignees) do
original_work_item.assignee_ids = users.map(&:id)
# set assignees and return assigned users as `expected_data` for later comparison.
users
end
with_them do
context "with widget" do
let(:move) { WorkItems::DataSync::MoveService }
let(:clone) { WorkItems::DataSync::CloneService }
let!(:thumbs_ups) { create_list(:award_emoji, 2, name: 'thumbsup', awardable: original_work_item) }
let!(:thumbs_downs) { create_list(:award_emoji, 2, name: 'thumbsdown', awardable: original_work_item) }
let!(:award_emojis) do
original_work_item.reload.award_emoji.order(user_id: :asc, name: :asc).pluck(:user_id, :name)
end
before do
instance_exec(&before_lambda)
end
it 'clones and moves widget data' do
new_work_item = service.execute[:work_item]
widget_value = send(eval_value, new_work_item)