root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2025-06-27 18:07:48 +00:00
parent 5419da39b9
commit 1cfe6678a3
46 changed files with 416 additions and 222 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitlab/ci/rules.gitlab-ci.yml
View File

@ -1036,7 +1036,7 @@
.db:rules:invalidate-old-pipeline-results:
rules:
- <<: *if-not-canonical-namespace
- if: '$GITLABCOM_DATABASE_TESTING_TRIGGER_TOKEN == null'
when: never
- <<: *if-merge-request
changes: *db-patterns
@ -1220,6 +1220,9 @@
- <<: *if-schedule-maintenance
- <<: *if-dot-com-gitlab-org-default-branch
changes: *assets-compilation-patterns
# push assets for stable branches (canonical & security)
- <<: *if-sync-changes-on-stable-branches
changes: *assets-compilation-patterns
- <<: *if-dot-com-gitlab-org-merge-request
changes:
- ".gitlab/ci/caching.gitlab-ci.yml"

1
.rubocop_todo/gitlab/rspec/misplaced_ee_spec_file.yml
View File

@ -279,7 +279,6 @@ Gitlab/RSpec/MisplacedEeSpecFile:
- 'ee/spec/services/ide/schemas_config_service_spec.rb'
- 'ee/spec/services/issues/build_service_spec.rb'
- 'ee/spec/services/issues/export_csv_service_spec.rb'
- 'ee/spec/services/keys/create_service_spec.rb'
- 'ee/spec/services/lfs/lock_file_service_spec.rb'
- 'ee/spec/services/lfs/unlock_file_service_spec.rb'
- 'ee/spec/services/merge_requests/approval_service_spec.rb'

1
.rubocop_todo/rspec/named_subject.yml
View File

@ -910,7 +910,6 @@ RSpec/NamedSubject:
- 'ee/spec/services/iterations/update_service_spec.rb'
- 'ee/spec/services/jira/jql_builder_service_spec.rb'
- 'ee/spec/services/jira/requests/issues/list_service_spec.rb'
- 'ee/spec/services/keys/create_service_spec.rb'
- 'ee/spec/services/lfs/lock_file_service_spec.rb'
- 'ee/spec/services/lfs/unlock_file_service_spec.rb'
- 'ee/spec/services/llm/chat_service_spec.rb'

10
app/assets/javascripts/issues/list/issue_client.js
View File

@ -14,8 +14,12 @@ async function getIssuesClient() {
}
export async function getApolloProvider() {
const client = ['projects:issues:index', 'groups:issues'].includes(document.body.dataset.page)
? await getIssuesClient()
: defaultClient;
// for now, we only enabled caching for legacy issues list so we use defaultClient for work items list
// when we add caching to work items list, we can remove the query selector check
const client =
['projects:issues:index', 'groups:issues'].includes(document.body.dataset.page) &&
!document.querySelector('#js-work-items, [data-testid="work-item-router-view"]')
? await getIssuesClient()
: defaultClient;
return new VueApollo({ defaultClient: client });
}

33
app/assets/javascripts/pages/projects/blob/show/index.js
View File

@ -17,14 +17,10 @@ import CommitPipelineStatus from '~/projects/tree/components/commit_pipeline_sta
import BlobContentViewer from '~/repository/components/blob_content_viewer.vue';
import '~/sourcegraph/load';
import createStore from '~/code_navigation/store';
import { generateRefDestinationPath } from '~/repository/utils/ref_switcher_utils';
import { generateHistoryUrl } from '~/repository/utils/url_utility';
import RefSelector from '~/ref/components/ref_selector.vue';
import { joinPaths, visitUrl } from '~/lib/utils/url_utility';
import { parseBoolean } from '~/lib/utils/common_utils';
import HighlightWorker from '~/vue_shared/components/source_viewer/workers/highlight_worker?worker';
import initAmbiguousRefModal from '~/ref/init_ambiguous_ref_modal';
import { InternalEvents } from '~/tracking';
import { HISTORY_BUTTON_CLICK } from '~/tracking/constants';
import { initFindFileShortcut } from '~/projects/behaviors';
import initHeaderApp from '~/repository/init_header_app';
@ -51,34 +47,6 @@ const apolloProvider = new VueApollo({
const viewBlobEl = document.querySelector('#js-view-blob-app');
const initRefSwitcher = () => {
const refSwitcherEl = document.getElementById('js-tree-ref-switcher');
if (!refSwitcherEl) return false;
const { projectId, projectRootPath, ref, refType } = refSwitcherEl.dataset;
return new Vue({
el: refSwitcherEl,
render(createElement) {
return createElement(RefSelector, {
props: {
projectId,
value: refType ? joinPaths('refs', refType, ref) : ref,
useSymbolicRefNames: true,
queryParams: { sort: 'updated_desc' },
},
on: {
input(selectedRef) {
InternalEvents.trackEvent('click_ref_selector_on_blob_page');
visitUrl(generateRefDestinationPath(projectRootPath, ref, selectedRef));
},
},
});
},
});
};
const initLastCommitApp = (router) => {
const lastCommitEl = document.getElementById('js-last-commit');
if (!lastCommitEl) return null;
@ -104,7 +72,6 @@ const initLastCommitApp = (router) => {
});
};
initRefSwitcher();
initAmbiguousRefModal();
initFindFileShortcut();

48
app/assets/javascripts/repository/index.js
View File

@ -2,11 +2,9 @@ import Vue from 'vue';
// eslint-disable-next-line no-restricted-imports
import Vuex from 'vuex';
import { parseBoolean } from '~/lib/utils/common_utils';
import { joinPaths, visitUrl } from '~/lib/utils/url_utility';
import initWebIdeLink from '~/pages/projects/shared/web_ide_link';
import PerformancePlugin from '~/performance/vue_performance_plugin';
import createStore from '~/code_navigation/store';
import RefSelector from '~/ref/components/ref_selector.vue';
import HighlightWorker from '~/vue_shared/components/source_viewer/workers/highlight_worker?worker';
import CodeDropdown from '~/vue_shared/components/code_dropdown/code_dropdown.vue';
import CompactCodeDropdown from 'ee_else_ce/repository/components/code_dropdown/compact_code_dropdown.vue';
@ -15,7 +13,6 @@ import App from './components/app.vue';
import Breadcrumbs from './components/header_area/breadcrumbs.vue';
import ForkInfo from './components/fork_info.vue';
import LastCommit from './components/last_commit.vue';
import BlobControls from './components/header_area/blob_controls.vue';
import apolloProvider from './graphql';
import commitsQuery from './queries/commits.query.graphql';
import projectPathQuery from './queries/project_path.query.graphql';
@ -24,7 +21,6 @@ import refsQuery from './queries/ref.query.graphql';
import createRouter from './router';
import { updateFormAction } from './utils/dom';
import { generateHistoryUrl } from './utils/url_utility';
import { generateRefDestinationPath } from './utils/ref_switcher_utils';
import initHeaderApp from './init_header_app';
Vue.use(Vuex);
@ -140,48 +136,6 @@ export default function setupVueRepositoryList() {
},
});
const initBlobControlsApp = () =>
new Vue({
el: document.getElementById('js-blob-controls'),
router,
apolloProvider,
render(h) {
return h(BlobControls, {
props: {
projectPath,
refType: this.$route.meta.refType || this.$route.query.ref_type,
},
});
},
});
const initRefSwitcher = () => {
const refSwitcherEl = document.getElementById('js-tree-ref-switcher');
if (!refSwitcherEl) return false;
const { projectId, projectRootPath, refType: switcherRefType } = refSwitcherEl.dataset;
return new Vue({
el: refSwitcherEl,
render(createElement) {
return createElement(RefSelector, {
props: {
projectId,
value: switcherRefType ? joinPaths('refs', switcherRefType, ref) : ref,
useSymbolicRefNames: true,
queryParams: { sort: 'updated_desc' },
},
on: {
input(selectedRef) {
visitUrl(generateRefDestinationPath(projectRootPath, ref, selectedRef));
},
},
});
},
});
};
const initCodeDropdown = () => {
const codeDropdownEl = document.getElementById('js-code-dropdown');
@ -226,8 +180,6 @@ export default function setupVueRepositoryList() {
initHeaderApp({ router });
initCodeDropdown();
initLastCommitApp();
initBlobControlsApp();
initRefSwitcher();
initForkInfo();
const breadcrumbEl = document.getElementById('js-repo-breadcrumb');

3
app/controllers/projects/settings/merge_requests_controller.rb
View File

@ -56,7 +56,8 @@ module Projects
:merge_commit_template_or_default,
:squash_commit_template_or_default,
:suggestion_commit_message,
:merge_request_title_regex
:merge_request_title_regex,
:merge_request_title_regex_description
] + [project_setting_attributes: project_setting_attributes]
end
end

2
app/controllers/projects_controller.rb
View File

@ -496,6 +496,7 @@ class ProjectsController < Projects::ApplicationController
warn_about_potentially_unwanted_characters
enforce_auth_checks_on_uploads
merge_request_title_regex
merge_request_title_regex_description
emails_enabled
]
@ -545,6 +546,7 @@ class ProjectsController < Projects::ApplicationController
:merge_commit_template_or_default,
:squash_commit_template_or_default,
:merge_request_title_regex,
:merge_request_title_regex_description,
{ project_setting_attributes: project_setting_attributes,
project_feature_attributes: project_feature_attributes }
]

4
app/graphql/types/project_type.rb
View File

@ -687,6 +687,10 @@ module Types
null: true,
description: 'Regex used to validate the title of merge requests.'
field :merge_request_title_regex_description, GraphQL::Types::String,
null: true,
description: 'Description of the regex used to validate the title of merge requests.'
field :labels, Types::LabelType.connection_type,
null: true,
description: 'Labels available on this project.',

2
app/models/project.rb
View File

@ -88,6 +88,7 @@ class Project < ApplicationRecord
MAX_SUGGESTIONS_TEMPLATE_LENGTH = 255
MAX_COMMIT_TEMPLATE_LENGTH = 500
MAX_MERGE_REQUEST_TITLE_REGEX = 255
MAX_MERGE_REQUEST_TITLE_REGEX_DESCRIPTION = 255
INSTANCE_RUNNER_RUNNING_JOBS_MAX_BUCKET = 5
@ -599,6 +600,7 @@ class Project < ApplicationRecord
delegate :duo_features_enabled, :duo_features_enabled=
delegate :model_prompt_cache_enabled, :model_prompt_cache_enabled=
delegate :merge_request_title_regex, :merge_request_title_regex=
delegate :merge_request_title_regex_description, :merge_request_title_regex_description=
delegate :web_based_commit_signing_enabled, :web_based_commit_signing_enabled=
end
end

12
app/models/project_setting.rb
View File

@ -44,6 +44,8 @@ class ProjectSetting < ApplicationRecord
validates :issue_branch_template, length: { maximum: Issue::MAX_BRANCH_TEMPLATE }
validates :target_platforms, inclusion: { in: ALLOWED_TARGET_PLATFORMS }
validates :suggested_reviewers_enabled, inclusion: { in: [true, false] }
validates :merge_request_title_regex_description, length: { maximum:
Project::MAX_MERGE_REQUEST_TITLE_REGEX_DESCRIPTION }
validates :merge_request_title_regex, untrusted_regexp: true,
length: { maximum: Project::MAX_MERGE_REQUEST_TITLE_REGEX }
@ -52,6 +54,8 @@ class ProjectSetting < ApplicationRecord
presence: { if: :require_unique_domain? }
validate :validates_mr_default_target_self
validate :presence_of_merge_request_title_regex_settings,
if: -> { Feature.enabled?(:merge_request_title_regex, project) }
validate :pages_unique_domain_availability, if: :pages_unique_domain_changed?
@ -99,6 +103,14 @@ class ProjectSetting < ApplicationRecord
private
def presence_of_merge_request_title_regex_settings
# Either both are present, or neither
if merge_request_title_regex.present? != merge_request_title_regex_description.present?
errors.add :merge_request_title_regex, _('and regex description must be either both set, or neither.')
errors.add :merge_request_title_regex_description, _('and regex must be either both set, or neither.')
end
end
def validates_mr_default_target_self
if mr_default_target_self_changed? && !project.forked?
errors.add :mr_default_target_self, _('This setting is allowed for forked projects only')

2
app/views/projects/blob/_breadcrumb.html.haml
View File

@ -1,8 +1,6 @@
- blame = local_assigns.fetch(:blame, false)
.nav-block
.tree-ref-container
.tree-ref-holder.gl-max-w-26
#js-tree-ref-switcher{ data: { project_id: @project.id, project_root_path: project_path(@project), ref: current_ref, ref_type: @ref_type.to_s } }
%ul.breadcrumb.repo-breadcrumb
%li.breadcrumb-item

16
app/workers/concerns/security/orchestration_configuration_bot_management_for_namespaces.rb
View File

@ -19,14 +19,14 @@ module Security
return unless User.id_exists?(current_user_id)
project_ids = namespace.security_orchestration_policy_configuration.all_project_ids
worker.bulk_perform_in_with_contexts(
PROJECTS_BATCH_SYNC_DELAY,
project_ids,
arguments_proc: ->(project_id) { [project_id, current_user_id] },
context_proc: ->(namespace) { { namespace: namespace } }
)
namespace.security_orchestration_policy_configuration.all_project_ids do |project_ids|
worker.bulk_perform_in_with_contexts(
PROJECTS_BATCH_SYNC_DELAY,
project_ids,
arguments_proc: ->(project_id) { [project_id, current_user_id] },
context_proc: ->(namespace) { { namespace: namespace } }
)
end
after_perform(namespace, current_user_id)
end

2
config/sidekiq_queues.yml
View File

@ -29,6 +29,8 @@
- 1
- - admin_emails
- 1
- - ai_active_context_code_saas_initial_indexing_event
- 1
- - ai_knowledge_graph_indexing_task
- 1
- - ai_repository_xray_scan_dependencies

12
db/docs/packages_composer_metadata.yml
View File

@ -8,14 +8,6 @@ description: Composer package metadata
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/30448
milestone: '13.1'
gitlab_schema: gitlab_main_cell
desired_sharding_key:
project_id:
references: projects
backfill_via:
parent:
foreign_key: package_id
table: packages_packages
sharding_key: project_id
belongs_to: package
desired_sharding_key_migration_job_name: BackfillPackagesComposerMetadataProjectId
sharding_key:
project_id: projects
table_size: small

11
db/migrate/20250618125349_add_merge_request_title_regex_description_to_project_settings.rb Normal file
View File

@ -0,0 +1,11 @@
# frozen_string_literal: true
class AddMergeRequestTitleRegexDescriptionToProjectSettings < Gitlab::Database::Migration[2.3]
milestone '18.2'
def change
# rubocop:disable Migration/AddLimitToTextColumns -- Limit is added in db/migrate/20250618125512_add_text_limit_to_merge_request_title_regex_description.rb
add_column :project_settings, :merge_request_title_regex_description, :text, null: true
# rubocop:enable Migration/AddLimitToTextColumns
end
end

14
db/migrate/20250618125512_add_text_limit_to_merge_request_title_regex_description.rb Normal file
View File

@ -0,0 +1,14 @@
# frozen_string_literal: true
class AddTextLimitToMergeRequestTitleRegexDescription < Gitlab::Database::Migration[2.3]
milestone '18.2'
disable_ddl_transaction!
def up
add_text_limit :project_settings, :merge_request_title_regex_description, 255
end
def down
remove_text_limit :project_settings, :merge_request_title_regex_description
end
end

14
db/post_migrate/20250624162336_add_packages_composer_metadata_project_id_not_null.rb Normal file
View File

@ -0,0 +1,14 @@
# frozen_string_literal: true
class AddPackagesComposerMetadataProjectIdNotNull < Gitlab::Database::Migration[2.3]
milestone '18.2'
disable_ddl_transaction!
def up
add_not_null_constraint :packages_composer_metadata, :project_id
end
def down
remove_not_null_constraint :packages_composer_metadata, :project_id
end
end

1
db/schema_migrations/20250618125349 Normal file
View File

@ -0,0 +1 @@
b584d83a36c5f0bcd1456ca5f9528246d384d9a3d941f20c164519a7ffcf5cde

1
db/schema_migrations/20250618125512 Normal file
View File

@ -0,0 +1 @@
c0217acbf4d711f2d94852958e4e871a636a8e9b865c9f8b771db0f4dd19119e

1
db/schema_migrations/20250624162336 Normal file
View File

@ -0,0 +1 @@
5cefea580c8ad338f3489271d37c6d37df7ba4d11515afaa9556325f24737d1a

5
db/structure.sql
View File

@ -19291,7 +19291,8 @@ CREATE TABLE packages_composer_metadata (
target_sha bytea NOT NULL,
composer_json jsonb DEFAULT '{}'::jsonb NOT NULL,
version_cache_sha bytea,
project_id bigint
project_id bigint,
CONSTRAINT check_250f62a87a CHECK ((project_id IS NOT NULL))
);
CREATE TABLE packages_packages (
@ -21799,7 +21800,9 @@ CREATE TABLE project_settings (
model_prompt_cache_enabled boolean,
web_based_commit_signing_enabled boolean DEFAULT false NOT NULL,
duo_context_exclusion_settings jsonb DEFAULT '{}'::jsonb NOT NULL,
merge_request_title_regex_description text,
CONSTRAINT check_1a30456322 CHECK ((char_length(pages_unique_domain) <= 63)),
CONSTRAINT check_237486989c CHECK ((char_length(merge_request_title_regex_description) <= 255)),
CONSTRAINT check_3a03e7557a CHECK ((char_length(previous_default_branch) <= 4096)),
CONSTRAINT check_3ca5cbffe6 CHECK ((char_length(issue_branch_template) <= 255)),
CONSTRAINT check_4b142e71f3 CHECK ((char_length(product_analytics_data_collector_host) <= 255)),

3
doc/api/graphql/reference/_index.md
View File

@ -9813,6 +9813,7 @@ Input type: `ProjectSettingsUpdateInput`
| <a id="mutationprojectsettingsupdateduocontextexclusionsettings"></a>`duoContextExclusionSettings` | [`DuoContextExclusionSettingsInput`](#duocontextexclusionsettingsinput) | Settings for excluding files from Duo context. |
| <a id="mutationprojectsettingsupdateduofeaturesenabled"></a>`duoFeaturesEnabled` | [`Boolean`](#boolean) | Indicates whether GitLab Duo features are enabled for the project. |
| <a id="mutationprojectsettingsupdatefullpath"></a>`fullPath` | [`ID!`](#id) | Full Path of the project the settings belong to. |
| <a id="mutationprojectsettingsupdatewebbasedcommitsigningenabled"></a>`webBasedCommitSigningEnabled` | [`Boolean`](#boolean) | Indicates whether web-based commit signing is enabled for the project. |
#### Fields
@ -36133,6 +36134,7 @@ Project-level settings for product analytics provider.
| <a id="projectmaxaccesslevel"></a>`maxAccessLevel` | [`AccessLevel!`](#accesslevel) | Maximum access level of the current user in the project. |
| <a id="projectmergecommittemplate"></a>`mergeCommitTemplate` | [`String`](#string) | Template used to create merge commit message in merge requests. |
| <a id="projectmergerequesttitleregex"></a>`mergeRequestTitleRegex` | [`String`](#string) | Regex used to validate the title of merge requests. |
| <a id="projectmergerequesttitleregexdescription"></a>`mergeRequestTitleRegexDescription` | [`String`](#string) | Description of the regex used to validate the title of merge requests. |
| <a id="projectmergerequestsaccesslevel"></a>`mergeRequestsAccessLevel` | [`ProjectFeatureAccess`](#projectfeatureaccess) | Access level required for merge requests access. |
| <a id="projectmergerequestsdisablecommittersapproval"></a>`mergeRequestsDisableCommittersApproval` | [`Boolean!`](#boolean) | Indicates that committers of the given merge request cannot approve. |
| <a id="projectmergerequestsenabled"></a>`mergeRequestsEnabled` | [`Boolean`](#boolean) | Indicates if Merge requests are enabled for the current user. |
@ -38857,6 +38859,7 @@ Represents the source of a security policy belonging to a project.
| <a id="projectsettingduocontextexclusionsettings"></a>`duoContextExclusionSettings` | [`DuoContextExclusionSettings`](#duocontextexclusionsettings) | Settings for excluding files from Duo context. |
| <a id="projectsettingduofeaturesenabled"></a>`duoFeaturesEnabled` | [`Boolean`](#boolean) | Indicates whether GitLab Duo features are enabled for the project. |
| <a id="projectsettingproject"></a>`project` | [`Project`](#project) | Project the settings belong to. |
| <a id="projectsettingwebbasedcommitsigningenabled"></a>`webBasedCommitSigningEnabled` | [`Boolean!`](#boolean) | Indicates whether web-based commit signing is enabled for the project. |
### `ProjectStatistics`

30
doc/api/openapi/openapi_v2.yaml
View File

@ -29712,6 +29712,11 @@ paths:
description: The regex the Merge Request must adhere to
type: string
required: false
- in: formData
name: override_params[merge_request_title_regex_description]
description: The description for the regex the Merge Request must adhere to
type: string
required: false
- in: formData
name: override_params[only_allow_merge_if_all_status_checks_passed]
description: Blocks merge requests from merging unless all status checks have
@ -30367,6 +30372,11 @@ paths:
description: The regex the Merge Request must adhere to
type: string
required: false
- in: formData
name: override_params[merge_request_title_regex_description]
description: The description for the regex the Merge Request must adhere to
type: string
required: false
- in: formData
name: override_params[only_allow_merge_if_all_status_checks_passed]
description: Blocks merge requests from merging unless all status checks have
@ -31101,6 +31111,11 @@ paths:
description: The regex the Merge Request must adhere to
type: string
required: false
- in: formData
name: override_params[merge_request_title_regex_description]
description: The description for the regex the Merge Request must adhere to
type: string
required: false
- in: formData
name: override_params[only_allow_merge_if_all_status_checks_passed]
description: Blocks merge requests from merging unless all status checks have
@ -45428,6 +45443,9 @@ definitions:
merge_request_title_regex:
type: string
example: "/Title of merge request/"
merge_request_title_regex_description:
type: string
example: This requires the title to include a Jira label
squash_option:
type: string
example: default_off
@ -60301,6 +60319,9 @@ definitions:
merge_request_title_regex:
type: string
description: The regex the Merge Request must adhere to
merge_request_title_regex_description:
type: string
description: The description for the regex the Merge Request must adhere to
only_allow_merge_if_all_status_checks_passed:
type: boolean
description: Blocks merge requests from merging unless all status checks have
@ -60710,6 +60731,9 @@ definitions:
merge_request_title_regex:
type: string
description: The regex the Merge Request must adhere to
merge_request_title_regex_description:
type: string
description: The description for the regex the Merge Request must adhere to
only_allow_merge_if_all_status_checks_passed:
type: boolean
description: Blocks merge requests from merging unless all status checks have
@ -61097,6 +61121,9 @@ definitions:
merge_request_title_regex:
type: string
example: "/Title of merge request/"
merge_request_title_regex_description:
type: string
example: This requires the title to include a Jira label
squash_option:
type: string
example: default_off
@ -61583,6 +61610,9 @@ definitions:
merge_request_title_regex:
type: string
description: The regex the Merge Request must adhere to
merge_request_title_regex_description:
type: string
description: The description for the regex the Merge Request must adhere to
only_allow_merge_if_all_status_checks_passed:
type: boolean
description: Blocks merge requests from merging unless all status checks have

1
doc/api/settings.md
View File

@ -548,6 +548,7 @@ to configure other related settings. These requirements are
| `elasticsearch_url` | string | no | The URL to use for connecting to Elasticsearch. Use a comma-separated list to support cluster (for example, `http://localhost:9200, http://localhost:9201"`). Premium and Ultimate only. |
| `elasticsearch_username` | string | no | The `username` of your Elasticsearch instance. Premium and Ultimate only. |
| `elasticsearch_password` | string | no | The password of your Elasticsearch instance. Premium and Ultimate only. |
| `elasticsearch_prefix` | string | no | Custom prefix for Elasticsearch index names. Defaults to `gitlab`. Must be 1-100 characters, contain only lowercase alphanumeric characters, hyphens, and underscores, and cannot start or end with a hyphen or underscore. Premium and Ultimate only. |
| `elasticsearch_retry_on_failure` | integer | no | Maximum number of possible retries for Elasticsearch search requests. Premium and Ultimate only. |
| `email_additional_text` | string | no | Additional text added to the bottom of every email for legal/auditing/compliance reasons. Premium and Ultimate only. |
| `email_author_in_body` | boolean | no | Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead. |

50
doc/ci/jobs/job_control.md
View File

@ -391,6 +391,56 @@ The jobs have three paths of execution:
`mac:build: [vultr, data]` jobs finish, without waiting for `linux:build` to finish.
- The `production` job runs as soon as all previous jobs finish.
## Specify needs between parallelized jobs
You can further define the order of each parallel matrix job using [`needs:parallel:matrix`](../yaml/_index.md#needsparallelmatrix).
For example:
```yaml
build_job:
stage: build
script:
# ensure that other parallel job other than build_job [1, A] runs longer
- '[[ "$VERSION" == "1" && "$MODE" == "A" ]] || sleep 30'
- echo build $VERSION $MODE
parallel:
matrix:
- VERSION: [1,2]
MODE: [A, B]
deploy_job:
stage: deploy
script: echo deploy $VERSION $MODE
parallel:
matrix:
- VERSION: [3,4]
MODE: [C, D]
'deploy_job: [3, D]':
stage: deploy
script: echo something
needs:
- 'build_job: [1, A]'
```
This example generates several jobs. The parallel jobs each have different values
for `VERSION` and `MODE`.
- 4 parallel `build_job` jobs:
- `build_job: [1, A]`
- `build_job: [1, B]`
- `build_job: [2, A]`
- `build_job: [2, B]`
- 4 parallel `deploy_job` jobs:
- `deploy_job: [3, C]`
- `deploy_job: [3, D]`
- `deploy_job: [4, C]`
- `deploy_job: [4, D]`
The `deploy_job: [3, D]` job runs as soon as `build_job: [1, A]` job finishes,
without waiting for the other `build_job` jobs to finish.
## Troubleshooting
### Inconsistent user assignment when running manual jobs

1
doc/integration/advanced_search/elasticsearch.md
View File

@ -555,6 +555,7 @@ The following Elasticsearch settings are available:
| `Client request timeout` | Elasticsearch HTTP client request timeout value in seconds. `0` means using the system default timeout value, which depends on the libraries that GitLab application is built upon. |
| `Code indexing concurrency` | Maximum number of Elasticsearch code indexing background jobs allowed to run concurrently. This only applies to repository indexing operations. |
| `Retry on failure` | Maximum number of possible retries for Elasticsearch search requests. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/486935) in GitLab 17.6. |
| `Index prefix` | Custom prefix for Elasticsearch index names. Defaults to `gitlab`. When changed, all indices will use this prefix instead of `gitlab` (for example, `custom-production-issues` instead of `gitlab-production-issues`). Must be 1-100 characters, contain only lowercase alphanumeric characters, hyphens, and underscores, and cannot start or end with a hyphen or underscore. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3421) in GitLab 18.2. |
{{< alert type="warning" >}}

1
doc/user/compliance/audit_event_types.md
View File

@ -682,6 +682,7 @@ Audit event types belong to the following product categories.
| Type name | Event triggered when | Saved to database | Introduced in | Scope |
|:----------|:---------------------|:------------------|:--------------|:------|
| [`add_ssh_key`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/195379) | An SSH key is added to a user's profile. Group scope is only available for enterprise users. | {{< icon name="check-circle" >}} Yes | GitLab [18.2](https://gitlab.com/gitlab-org/gitlab/-/issues/361778) | User, Group |
| [`email_confirmation_sent`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129261) | Users add or change an email address and it must be confirmed | {{< icon name="dotted-circle" >}} No | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/377625) | User |
| [`remove_ssh_key`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65615) | An SSH key is removed from a user's profile. Group scope was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/195390) for enterprise users in GitLab 18.2. | {{< icon name="check-circle" >}} Yes | GitLab [14.1](https://gitlab.com/gitlab-org/gitlab/-/issues/220127) | User, Group |
| [`user_admin_status_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65168) | A user is either made an administrator or removed as an administrator | {{< icon name="check-circle" >}} Yes | GitLab [14.1](https://gitlab.com/gitlab-org/gitlab/-/issues/323905) | User |

19
doc/user/compliance/compliance_frameworks/compliance_standards.md
View File

@ -238,7 +238,7 @@ the requirements.
| 03.04.05 Access Restrictions for Change | a) Define, document, approve, and enforce physical and logical access restrictions associated with changes to the system. | <ul><li>Default branch protected</li></ul> |
| 03.04.10 System Component Inventory | a) Develop and document an inventory of system components. b) Review and update the system component inventory. c) Update the system component inventory as part of installations, removals, and system updates. | <ul><li>License compliance running</li></ul> |
| 03.05.07 Password Management | <!-- List intentionally starts at b) --> b) Verify that passwords are not found on the list of commonly used, expected, or compromised passwords when users create or update passwords. c) Transmit passwords only over cryptographically protected channels. d) Store passwords in a cryptographically protected form. | <ul><li>Secret detection running</li></ul> |
| 03.11.02 Vulnerability Monitoring and Scanning | a) Monitor and scan the system for vulnerabilities and when new vulnerabilities affecting the system are identified. c) Update system vulnerabilities to be scanned and when new vulnerabilities are identified and reported. | <ul><li>Dependency scanning running</li><li>Container scanning running</li><li>SAST running</li><li>DAST running</li><li>API security running</li><li>Fuzz testing running</li></ul> |
| 03.11.02 Vulnerability Monitoring and Scanning | a) Monitor and scan the system for vulnerabilities and when new vulnerabilities affecting the system are identified. <!-- List intentionally omits at b) --> c) Update system vulnerabilities to be scanned and when new vulnerabilities are identified and reported. | <ul><li>Dependency scanning running</li><li>Container scanning running</li><li>SAST running</li><li>DAST running</li><li>API security running</li><li>Fuzz testing running</li></ul> |
### NIST CSF 2.0 compliance requirements
@ -264,6 +264,23 @@ The following table lists the requirements supported by GitLab for NIST SP 800-2
| PW.8 Test Executable Code to Identify Vulnerabilities and Verify Compliance with Security Requirements | PW.8.2: Scope the testing, design the tests, perform the testing, and document the results, including recording and triaging all discovered issues and recommended remediations in the development team's workflow or issue tracking system. | <ul><li>DAST running</li><li>API security running</li><li>Fuzz testing running</li></ul> |
| RV.1 Identify and Confirm Vulnerabilities on an Ongoing Basis | RV.1.1: Gather information from software acquirers, users, and public sources on potential vulnerabilities in the software and third-party components that the software uses, and investigate all credible reports. | <ul><li>Dependency scanning running</li><li>Container scanning running</li></ul> |
## SOC 2 compliance requirements
SOC is the System and Organization Controls.
The following table lists the requirements supported by GitLab for SOC 2 and the controls for the requirements.
| SOC 2 requirement | Description | Supported controls |
|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------|
| CC3.2 - COSO Principle 7: The entity identifies risks to the achievement of its objectives across the entity and analyzes risks as a basis for determining how the risks should be managed. | POF 7: Identifies Vulnerability of System Components - The entity identifies the vulnerabilities of system components, including system processes, infrastructure, software, and other information assets. | <ul><li>Dependency scanning running</li><li>Container scanning running</li><li>DAST running</li><li>API security running</li><li>Fuzz testing running</li></ul> |
| CC3.4 - COSO Principle 9: The entity identifies and assesses changes that could significantly impact the system of internal control. | POF 4: Assesses Changes in Systems and Technology - The risk identification process considers changes arising from changes in the entity's systems and changes in the technology environment. POF 6: Assesses Changes in Threats and Vulnerabilities - The risk identification process assesses changes in (1) internal and external threats to and vulnerabilities of the components of the entity's systems and (2) the likelihood and magnitude of the resultant risks to the achievement of the entity's objectives. | <ul><li>Dependency scanning running</li><li>Container scanning running</li><li>DAST running</li><li>API security running</li><li>Fuzz testing running</li><li>Default branch protected</li></ul> |
| CC5.1 - COSO Principle 10: The entity selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to acceptable levels. | POF 6: Addresses Segregation of Duties - Management segregates incompatible duties and, where such segregation is not practical, management selects and develops alternative control activities. | <ul><li>At least two approvals</li><li>Author approved merge request is forbidden</li><li>Committers approved merge request is forbidden</li><li>Merge requests approval rules prevent editing</li></ul> |
| CC6.6 - The entity implements logical access security measures to protect against threats from sources outside its system boundaries. | POF 2: Protects Identification and Authentication Credentials - Identification and authentication credentials are protected during transmission outside its system boundaries. | <ul><li>Secret detection running</li></ul> |
| CC6.8 - The entity implements controls to prevent or detect and act upon the introduction of unauthorized or malicious software to meet the entity's objectives. | POF 2: Detects Unauthorized Changes to Software and Configuration Parameters - Processes are in place to detect changes to software and configuration parameters that may be indicative of unauthorized or malicious software. | <ul><li>Default branch protected</li></ul> |
| CC7.1 - To meet its objectives, the entity uses detection and monitoring procedures to identify (1) changes to configurations that result in the introduction of new vulnerabilities, and (2) susceptibilities to newly discovered vulnerabilities. | POF 5: Conducts Vulnerability Scans - The entity conducts infrastructure and software vulnerability scans designed to identify potential vulnerabilities or misconfigurations on a periodic basis and after significant changes are made to the environment. Action is taken to remediate identified deficiencies in a timely manner to support the achievement of the entity's objectives. | <ul><li>Dependency scanning running</li><li>Container scanning running</li><li>SAST running</li><li>DAST running</li><li>API security running</li><li>Fuzz testing running</li></ul> |
| CC7.2 - The entity monitors system components and the operation of those components for anomalies that are indicative of malicious acts, natural disasters, and errors affecting the entity's ability to meet its objectives; anomalies are analyzed to determine whether they represent security events. | POF 1: Implements Detection Policies, Procedures, and Tools - Detection policies, procedures, and tools are defined and implemented on infrastructure and software to identify potential intrusions, inappropriate access, and anomalies in the operation of or unusual activity on systems. Procedures may include (1) a defined governance process for security event detection and management; (2) use of intelligence sources to identify newly discovered threats and vulnerabilities; and (3) logging of unusual system activities. | <ul><li>Secret detection running</li></ul> |
| CC8.1 - The entity authorizes, designs, develops or acquires, configures, documents, tests, approves, and implements changes to infrastructure, data, software, and procedures to meet its objectives. | POF 2: Authorizes Changes - A process is in place to authorize system and architecture changes prior to design, development, or acquisition and configuration. POF 7: Tests System Changes - A process is in place to test internally developed and acquired system changes prior to implementation into the production environment. Examples of testing may include unit, integration, regression, static and dynamic application source code, quality assurance, or automated testing (whether point in time or continuous). POF 8: Approves System Changes - A process is in place to approve system changes prior to implementation. POF 16: Protects Confidential Information - The entity protects confidential information during system design, development, testing, implementation, and change processes to support the achievement of the entity's objectives related to confidentiality. | <ul><li>SAST running</li><li>DAST running</li><li>Secret detection running</li><li>Default branch protected</li><li>At least two approvals</li></ul> |
## TISAX compliance requirements
TISAX is the Trusted Information Security Assessment Exchange.

2
doc/user/gitlab_duo/turn_on_off.md
View File

@ -16,7 +16,7 @@ Depending on your add-on, you can turn GitLab Duo on and off for a group, projec
{{< history >}}
- [Introduced](https://link-to-issue) in GitLab 18.0.
- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/538857) in GitLab 18.0.
{{< /history >}}

191
doc/user/permissions.md
View File

@ -70,15 +70,15 @@ Group permission for [analytics](analytics/_index.md) features including value s
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ------------------------------------------------------------------ | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| View [Insights](project/insights/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [Insights](project/insights/_index.md) charts | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [Issue analytics](group/issues_analytics/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View Contribution analytics | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [insights](project/insights/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [insights](project/insights/_index.md) charts | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [issue analytics](group/issues_analytics/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View contribution analytics | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View value stream analytics | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [Productivity analytics](analytics/productivity_analytics.md) | | | ✓ | ✓ | ✓ | ✓ |
| View [Group DevOps Adoption](group/devops_adoption/_index.md) | | | ✓ | ✓ | ✓ | ✓ |
| View [productivity analytics](analytics/productivity_analytics.md) | | | ✓ | ✓ | ✓ | ✓ |
| View [group DevOps adoption](group/devops_adoption/_index.md) | | | ✓ | ✓ | ✓ | ✓ |
| View metrics dashboard annotations | | | ✓ | ✓ | ✓ | ✓ |
| Create/edit/delete metrics dashboard annotations | | | | ✓ | ✓ | ✓ |
| Manage metrics dashboard annotations | | | | ✓ | ✓ | ✓ |
### Application security group permissions
@ -111,8 +111,8 @@ Group permissions for [compliance](compliance/_index.md) features including comp
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| -------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| View [audit events](compliance/audit_events.md) <sup>1</sup> | | | | ✓ | ✓ | ✓ |
| View licenses in the [dependency list](application_security/dependency_list/_index.md) | | | | ✓ | ✓ | ✓ |
| View the [compliance center](compliance/compliance_center/_index.md) | | | | | | ✓ |
| View licenses in [dependency list](application_security/dependency_list/_index.md) | | | | ✓ | ✓ | ✓ |
| View [compliance center](compliance/compliance_center/_index.md) | | | | | | ✓ |
| Manage [compliance frameworks](compliance/compliance_frameworks/_index.md) | | | | | | ✓ |
| Assign [compliance frameworks](compliance/compliance_frameworks/_index.md) to projects | | | | | | ✓ |
| Manage [audit streams](compliance/audit_event_streaming.md) | | | | | | ✓ |
@ -125,18 +125,18 @@ Group permissions for [compliance](compliance/_index.md) features including comp
Group permissions for [GitLab Duo](gitlab_duo/_index.md):
| Action | Non-member | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| --------------------------------------------------------------------------------------------------------- | :--------: | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| Use Duo features <sup>1</sup> | | | | ✓ | ✓ | ✓ | ✓ |
| Configure [Duo feature availability](gitlab_duo/turn_on_off.md#for-a-group-or-subgroup) | | | | | | ✓ | ✓ |
| Configure [GitLab Duo Self Hosted](../administration/gitlab_duo_self_hosted/configure_duo_features.md) | | | | | | | ✓ |
| Enable [beta and experimental features](gitlab_duo/turn_on_off.md#turn-on-beta-and-experimental-features) | | | | | | | ✓ |
| Purchase [Duo seats](../subscriptions/subscription-add-ons.md#purchase-additional-gitlab-duo-seats) | | | | | | | ✓ |
| Action | Non-member | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ---------------------------------------------------------------------------------------------------------- | :--------: | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| Use GitLab Duo features <sup>1</sup> | | | | ✓ | ✓ | ✓ | ✓ |
| Configure [GitLab Duo feature availability](gitlab_duo/turn_on_off.md#for-a-group-or-subgroup) | | | | | | ✓ | ✓ |
| Configure [GitLab Duo Self Hosted](../administration/gitlab_duo_self_hosted/configure_duo_features.md) | | | | | | | ✓ |
| Enable [beta and experimental features](gitlab_duo/turn_on_off.md#turn-on-beta-and-experimental-features) | | | | | | | ✓ |
| Purchase [GitLab Duo seats](../subscriptions/subscription-add-ons.md#purchase-additional-gitlab-duo-seats) | | | | | | | ✓ |
**Footnotes**
1. If the user has GitLab Duo Pro or Enterprise, the
[user must be assigned a seat to gain access to that Duo add-on](../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats).
[user must be assigned a seat to gain access to that GitLab Duo add-on](../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats).
If the user has GitLab Duo Core, there are no other requirements.
### Groups group permissions
@ -181,17 +181,17 @@ Group permissions for [group features](group/_index.md):
### Project planning group permissions
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ------------------------------------------------------------------------------------------ | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| View epic | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Search](search/_index.md) epics <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Create epic | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Edit epic, including metadata, item locking, and resolving threads | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Delete epic | | ✓ | | | | ✓ |
| Manage [epic boards](group/epics/epic_boards.md) | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Add issue to an [epic](group/epics/_index.md) <sup>2</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Add/remove [child epics](group/epics/manage_epics.md#multi-level-child-epics) <sup>3</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ----------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| View epic | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Search](search/_index.md) epics <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Add issues to an [epic](group/epics/_index.md) <sup>2</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Add [child epics](group/epics/manage_epics.md#multi-level-child-epics) <sup>3</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Add internal notes | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Create epics | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Update epic details | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Manage [epic boards](group/epics/epic_boards.md) | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Delete epics | | ✓ | | | | ✓ |
**Footnotes**
@ -214,15 +214,15 @@ Group permissions for [wikis](project/wiki/group.md):
1. Guests: In addition, if your group is public or internal, all users who can see the group can also see group wiki pages.
1. Guests: In addition, if your group is public or internal, all users who can see the group can also search group wiki pages.
#### Packages and registries group permissions
### Packages and registries group permissions
Group permissions for [container registry](packages/_index.md):
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| Pull a container registry image <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Pull a container image using the dependency proxy | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Delete a container registry image | | | | ✓ | ✓ | ✓ |
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ----------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| Pull container registry images <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Pull container images with the dependency proxy | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Delete container registry images | | | | ✓ | ✓ | ✓ |
**Footnotes**
@ -239,7 +239,7 @@ Group permissions for [package registry](packages/_index.md):
| Manage dependency proxy cleanup policies | | | | | | ✓ |
| Enable dependency proxy | | | | | | ✓ |
| Disable dependency proxy | | | | | | ✓ |
| Purge the dependency proxy for a group | | | | | | ✓ |
| Purge the group dependency proxy | | | | | | ✓ |
| Enable package request forwarding | | | | | | ✓ |
| Disable package request forwarding | | | | | | ✓ |
@ -260,10 +260,10 @@ Group permissions for user management:
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| View 2FA status of members | | | | | | ✓ |
| Filter members by 2FA status | | | | | | ✓ |
| Manage group members | | | | | | ✓ |
| Manage group-level custom roles | | | | | | ✓ |
| Share (invite) groups to groups | | | | | | ✓ |
| Filter members by 2FA status | | | | | | ✓ |
### Workspace group permissions
@ -326,7 +326,8 @@ Project permissions for [application security](application_security/secure_your_
| Delete [individual security policies](application_security/policies/_index.md) | | | | ✓ | ✓ | ✓ |
| Create [CVE ID request](application_security/cve_id_request.md) | | | | | ✓ | ✓ |
| Change vulnerability status <sup>1</sup> | | | | | ✓ | ✓ |
| Create or assign [security policy project](application_security/policies/_index.md) | | | | | | ✓ |
| Create [security policy project](application_security/policies/_index.md) | | | | | | ✓ |
| Assign [security policy project](application_security/policies/_index.md) | | | | | | ✓ |
| Manage [security configurations](application_security/detect/security_configuration.md) | | | | | | ✓ |
**Footnotes**
@ -449,6 +450,19 @@ Project permissions for [compliance](compliance/_index.md) features including co
visibility is not available.
1. Users can only view events based on their individual actions. For more details, see the [prerequisites](compliance/audit_events.md#prerequisites).
### GitLab Duo
Project permissions for [GitLab Duo](gitlab_duo/_index.md):
| Action | Non-member | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ------------------------------------------------------------------------------------ | :--------: | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| Use GitLab Duo features <sup>1</sup> | | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Configure [GitLab Duo feature availability](gitlab_duo/turn_on_off.md#for-a-project) | | | | | | ✓ | ✓ |
**Footnotes**
1. Code Suggestions requires a [user being assigned a seat to gain access to a GitLab Duo add-on](../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats).
### Machine learning model registry and experiment
Project permissions for [model registry](project/ml/model_registry/_index.md) and [model experiments](project/ml/experiment_tracking/_index.md).
@ -458,9 +472,11 @@ Project permissions for [model registry](project/ml/model_registry/_index.md) an
| View [models and versions](project/ml/model_registry/_index.md) <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [model experiments](project/ml/experiment_tracking/_index.md) <sup>2</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Create models, versions, and artifacts <sup>3</sup> | | | | ✓ | ✓ | ✓ |
| Edit & delete models, versions, and artifacts | | | | ✓ | ✓ | ✓ |
| Edit models, versions, and artifacts | | | | ✓ | ✓ | ✓ |
| Delete models, versions, and artifacts | | | | ✓ | ✓ | ✓ |
| Create experiments and candidates | | | | ✓ | ✓ | ✓ |
| Edit & delete experiments and candidates | | | | ✓ | ✓ | ✓ |
| Edit experiments and candidates | | | | ✓ | ✓ | ✓ |
| Delete experiments and candidates | | | | ✓ | ✓ | ✓ |
**Footnotes**
@ -505,7 +521,7 @@ Project permissions for [issues](project/issues/_index.md):
| View [confidential issues](project/issues/confidential_issues.md) | | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Search](search/_index.md) confidential issues and comments | | | ✓ | ✓ | ✓ | ✓ |
| Edit issues, including metadata, item locking, and resolving threads <sup>1</sup> | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Add internal notes | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Close and reopen issues <sup>2</sup> | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Manage [design management](project/issues/design_management.md) files | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Manage [issue boards](project/issue_board.md) | | ✓ | ✓ | ✓ | ✓ | ✓ |
@ -581,14 +597,14 @@ Project permissions for [wikis](project/wiki/_index.md):
Project permissions for [container registry](packages/_index.md):
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ----------------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| Pull an image from the container registry <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Push an image to the container registry | | | | ✓ | ✓ | ✓ |
| Delete a container registry image | | | | ✓ | ✓ | ✓ |
| Manage cleanup policies | | | | | ✓ | ✓ |
| Create [tag protection](packages/container_registry/protected_container_tags.md) rule | | | | | ✓ | ✓ |
| Create [immutable tag protection](packages/container_registry/immutable_container_tags.md) rule | | | | | | ✓ |
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ------------------------------------------------------------------------------------------------ | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| Pull container registry images <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Push container registry images | | | | ✓ | ✓ | ✓ |
| Delete container registry images | | | | ✓ | ✓ | ✓ |
| Manage cleanup policies | | | | | ✓ | ✓ |
| Create [tag protection](packages/container_registry/protected_container_tags.md) rules | | | | | ✓ | ✓ |
| Create [immutable tag protection](packages/container_registry/immutable_container_tags.md) rules | | | | | | ✓ |
**Footnotes**:
@ -598,10 +614,10 @@ Project permissions for [package registry](packages/_index.md):
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| --------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| Pull a package <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Publish a package | | | | ✓ | ✓ | ✓ |
| Delete a package | | | | | ✓ | ✓ |
| Delete a file associated with a package | | | | | ✓ | ✓ |
| Pull packages <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Publish packages | | | | ✓ | ✓ | ✓ |
| Delete packages | | | | | ✓ | ✓ |
| Delete files associated with a package | | | | | ✓ | ✓ |
**Footnotes**
@ -620,8 +636,8 @@ Project permissions for [project features](project/organize_work_with_projects.m
| Download project <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Leave comments | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Reposition comments on images (posted by any user) <sup>2</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [Insights](project/insights/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [Requirements](project/requirements/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [insights](project/insights/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [requirements](project/requirements/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [time tracking](project/time_tracking.md) reports <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View [snippets](snippets.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Search](search/_index.md) [snippets](snippets.md) and comments | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
@ -637,9 +653,9 @@ Project permissions for [project features](project/organize_work_with_projects.m
| Edit project settings | | | | | ✓ | ✓ |
| Change [project features visibility](public_access.md) level <sup>6</sup> | | | | | ✓ | ✓ |
| Change custom settings for [project integrations](project/integrations/_index.md) | | | | | ✓ | ✓ |
| Edit comments (posted by any user) | | | | | ✓ | ✓ |
| Edit comments posted by other users | | | | | ✓ | ✓ |
| Add [deploy keys](project/deploy_keys/_index.md) | | | | | ✓ | ✓ |
| Manage [Project Operations](../operations/_index.md) | | | | | ✓ | ✓ |
| Manage [project operations](../operations/_index.md) | | | | | ✓ | ✓ |
| View [Usage Quotas](storage_usage_quotas.md) page | | | | | ✓ | ✓ |
| Globally delete [snippets](snippets.md) | | | | | ✓ | ✓ |
| Globally edit [snippets](snippets.md) | | | | | ✓ | ✓ |
@ -689,20 +705,20 @@ Project permissions for [repository](project/repository/_index.md) features incl
| --------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| View project code <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Search](search/_index.md) project code <sup>2</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Pull project code <sup>3</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Search](search/_index.md) commits and comments <sup>3</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Pull project code <sup>4</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| View commit status | | | ✓ | ✓ | ✓ | ✓ |
| Create commit status <sup>4</sup> | | | | ✓ | ✓ | ✓ |
| Update commit status <sup>4</sup> | | | | ✓ | ✓ | ✓ |
| [Search](search/_index.md) commits and comments <sup>5</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Create commit status <sup>5</sup> | | | | ✓ | ✓ | ✓ |
| Update commit status <sup>5</sup> | | | | ✓ | ✓ | ✓ |
| Create [Git tags](project/repository/tags/_index.md) | | | | ✓ | ✓ | ✓ |
| Delete [Git tags](project/repository/tags/_index.md) | | | | ✓ | ✓ | ✓ |
| Create new [branches](project/repository/branches/_index.md) | | | | ✓ | ✓ | ✓ |
| Delete non-protected branches | | | | ✓ | ✓ | ✓ |
| Force push to non-protected branches | | | | ✓ | ✓ | ✓ |
| Push to non-protected branches | | | | ✓ | ✓ | ✓ |
| Force push to non-protected branches | | | | ✓ | ✓ | ✓ |
| Delete non-protected branches | | | | ✓ | ✓ | ✓ |
| Manage [protected branches](project/repository/branches/protected.md) | | | | | ✓ | ✓ |
| Push to protected branches <sup>5</sup> | | | | | ✓ | ✓ |
| Delete protected branches | | | | | ✓ | ✓ |
| Push to protected branches <sup>4</sup> | | | | | ✓ | ✓ |
| Manage [protected tags](project/protected_tags.md) | | | | | ✓ | ✓ |
| Manage [push rules](project/repository/push_rules.md) | | | | | ✓ | ✓ |
| Remove fork relationship | | | | | | ✓ |
@ -755,18 +771,18 @@ Project permissions for [repository](project/repository/_index.md) features incl
Project permissions for [merge requests](project/merge_requests/_index.md):
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| -------------------------------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| [View](project/merge_requests/_index.md#view-merge-requests) a merge request <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Search](search/_index.md) merge requests and comments <sup>1</sup> | ✓ | | ✓ | ✓ | ✓ | ✓ |
| Create [snippets](snippets.md) | | | ✓ | ✓ | ✓ | ✓ |
| Create [merge request](project/merge_requests/creating_merge_requests.md) <sup>2</sup> | | | | ✓ | ✓ | ✓ |
| Comment and add suggestions to a merge request | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Update merge request including assign, review, approve, labels, lock threads, and resolve threads <sup>3</sup> | | | | ✓ | ✓ | ✓ |
| Manage [merge request settings](project/merge_requests/approvals/settings.md) | | | | | ✓ | ✓ |
| Manage [merge request approval rules](project/merge_requests/approvals/rules.md) | | | | | ✓ | ✓ |
| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Delete merge request | | | | | | ✓ |
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ----------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| [View](project/merge_requests/_index.md#view-merge-requests) a merge request <sup>1</sup> | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Search](search/_index.md) merge requests and comments <sup>1</sup> | ✓ | | ✓ | ✓ | ✓ | ✓ |
| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Comment and add suggestions | | ✓ | ✓ | ✓ | ✓ | ✓ |
| Create [snippets](snippets.md) | | | ✓ | ✓ | ✓ | ✓ |
| Create [merge request](project/merge_requests/creating_merge_requests.md) <sup>2</sup> | | | | ✓ | ✓ | ✓ |
| Update merge request details <sup>3</sup> | | | | ✓ | ✓ | ✓ |
| Manage [merge request settings](project/merge_requests/approvals/settings.md) | | | | | ✓ | ✓ |
| Manage [merge request approval rules](project/merge_requests/approvals/rules.md) | | | | | ✓ | ✓ |
| Delete merge request | | | | | | ✓ |
**Footnotes**
@ -780,17 +796,17 @@ Project permissions for [merge requests](project/merge_requests/_index.md):
[cannot clone private projects](public_access.md#private-projects-and-groups). For **internal**
projects, includes users with read-only access to the project, as
[they can clone internal projects](public_access.md#internal-projects-and-groups).
1. For information on eligible approvers for merge requests, see [Eligible approvers](project/merge_requests/approvals/rules.md#eligible-approvers).
1. For information on eligible approvers for merge requests, see [eligible approvers](project/merge_requests/approvals/rules.md#eligible-approvers).
### User management
Project permissions for [user management](project/members/_index.md).
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| Manage [team members](project/members/_index.md) <sup>1</sup> | | | | | ✓ | ✓ |
| Share (invite) projects with groups <sup>2</sup> | | | | | ✓ | ✓ |
| View 2FA status of members | | | | | ✓ | ✓ |
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| ---------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: |
| View 2FA status of members | | | | | ✓ | ✓ |
| Manage [project members](project/members/_index.md) <sup>1</sup> | | | | | ✓ | ✓ |
| Share (invite) projects with groups <sup>2</sup> | | | | | ✓ | ✓ |
**Footnotes**
@ -799,19 +815,6 @@ Project permissions for [user management](project/members/_index.md).
1. When [Share Group Lock](project/members/sharing_projects_groups.md#prevent-a-project-from-being-shared-with-groups)
is enabled the project can't be shared with other groups. It does not affect group with group sharing.
### GitLab Duo
Project permissions for [GitLab Duo](gitlab_duo/_index.md):
| Action | Non-member | Guest | Planner | Reporter | Developer | Maintainer | Owner |
| -------------------------------------------------------------------------------------- | ---------- | ----- | ------- | -------- | --------- | ---------- | ----- |
| Use Duo features <sup>1</sup> | | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Configure [Duo feature availability](gitlab_duo/turn_on_off.md#for-a-project) | | | | | | ✓ | ✓ |
**Footnotes**
1. Code Suggestions requires a [user being assigned a seat to gain access to a Duo add-on](../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats).
## Subgroup permissions
When you add a member to a subgroup, they inherit the membership and

1
lib/api/entities/project.rb
View File

@ -162,6 +162,7 @@ module API
expose :printing_merge_request_link_enabled, documentation: { type: 'boolean' }
expose :merge_method, documentation: { type: 'string', example: 'merge' }
expose :merge_request_title_regex, documentation: { type: 'string', example: '/Title of merge request/' }
expose :merge_request_title_regex_description, documentation: { type: 'string', example: 'This requires the title to include a Jira label' }
expose :squash_option, documentation: { type: 'string', example: 'default_off' }
expose :enforce_auth_checks_on_uploads, documentation: { type: 'boolean' }
expose :suggestion_commit_message, documentation: { type: 'string', example: 'Suggestion message' }

2
lib/api/helpers/projects_helpers.rb
View File

@ -82,6 +82,7 @@ module API
optional :mr_default_target_self, type: Boolean, desc: 'Merge requests of this forked project targets itself by default'
optional :warn_about_potentially_unwanted_characters, type: Boolean, desc: 'Warn about potentially unwanted characters'
optional :merge_request_title_regex, type: String, desc: 'The regex the Merge Request must adhere to'
optional :merge_request_title_regex_description, type: String, desc: 'The description for the regex the Merge Request must adhere to'
end
params :optional_project_params_ee do
@ -178,6 +179,7 @@ module API
:merge_trains_enabled,
:merge_method,
:merge_request_title_regex,
:merge_request_title_regex_description,
:name,
:only_allow_merge_if_all_discussions_are_resolved,
:only_allow_merge_if_pipeline_succeeds,

15
locale/gitlab.pot
View File

@ -16893,6 +16893,9 @@ msgstr ""
msgid "ComplianceViolations|Your Compliance Violations CSV export for the group %{group_link} has been attached to this email."
msgstr ""
msgid "ComplianceViolation|Audit event captured"
msgstr ""
msgid "ComplianceViolation|Detected"
msgstr ""
@ -16902,6 +16905,9 @@ msgstr ""
msgid "ComplianceViolation|In review"
msgstr ""
msgid "ComplianceViolation|Registered event IP"
msgstr ""
msgid "ComplianceViolation|Resolved"
msgstr ""
@ -23410,6 +23416,9 @@ msgstr ""
msgid "DuoAgentsPlatform|Convert Jenkins to CI"
msgstr ""
msgid "DuoAgentsPlatform|Could not display logs. Please try again"
msgstr ""
msgid "DuoAgentsPlatform|Enter the path to your Jenkinsfile."
msgstr ""
@ -72854,6 +72863,12 @@ msgstr ""
msgid "and"
msgstr ""
msgid "and regex description must be either both set, or neither."
msgstr ""
msgid "and regex must be either both set, or neither."
msgstr ""
msgid "any-approver for the group already exists"
msgstr ""

4
spec/controllers/projects_controller_spec.rb
View File

@ -1038,7 +1038,8 @@ RSpec.describe ProjectsController, feature_category: :groups_and_projects do
id: project.path,
project: {
project_setting_attributes: {
merge_request_title_regex: 'aaa'
merge_request_title_regex: 'aaa',
merge_request_title_regex_description: 'Test description'
}
}
}
@ -1046,6 +1047,7 @@ RSpec.describe ProjectsController, feature_category: :groups_and_projects do
project.reload
expect(project.merge_request_title_regex).to eq('aaa')
expect(project.merge_request_title_regex_description).to eq('Test description')
end
end

2
spec/features/projects/compare_spec.rb
View File

@ -85,7 +85,7 @@ RSpec.describe "Compare", :js, feature_category: :source_code_management do
)
end
it 'compares branches' do
it 'compares branches', quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/547867' do
visit project_compare_index_path(project)
select_using_dropdown('from', 'master')

1
spec/frontend/ci/pipelines_page/components/failure_widget/failed_job_details_spec.js
View File

@ -29,6 +29,7 @@ describe('FailedJobDetails component', () => {
const defaultProps = {
job,
canTroubleshootJob: true,
};
const createComponent = ({ props = {} } = {}) => {

2
spec/graphql/types/project_type_spec.rb
View File

@ -50,7 +50,7 @@ RSpec.describe GitlabSchema.types['Project'], feature_category: :groups_and_proj
protectable_branches available_deploy_keys explore_catalog_path
container_protection_tag_rules pages_force_https pages_use_unique_domain ci_pipeline_creation_request
ci_pipeline_creation_inputs marked_for_deletion_on permanent_deletion_date
merge_request_title_regex
merge_request_title_regex merge_request_title_regex_description
]
expect(described_class).to include_graphql_fields(*expected_fields)

1
spec/lib/gitlab/import_export/safe_model_attributes.yml
View File

@ -693,6 +693,7 @@ Project:
- squash_commit_template
- issue_branch_template
- merge_request_title_regex
- merge_request_title_regex_description
Author:
- name
ProjectFeature:

87
spec/models/project_setting_spec.rb
View File

@ -26,6 +26,85 @@ RSpec.describe ProjectSetting, type: :model, feature_category: :groups_and_proje
it { is_expected.to allow_value([]).for(:target_platforms) }
it { is_expected.to validate_length_of(:issue_branch_template).is_at_most(255) }
it 'validates the length of merge_request_title_regex_description' do
is_expected.to validate_length_of(:merge_request_title_regex_description)
.is_at_most(Project::MAX_MERGE_REQUEST_TITLE_REGEX_DESCRIPTION)
end
it 'validates the length of merge_request_title_regex' do
is_expected.to validate_length_of(:merge_request_title_regex)
.is_at_most(Project::MAX_MERGE_REQUEST_TITLE_REGEX)
end
describe '#presence_of_merge_request_title_regex_settings' do
subject(:project_setting) do
build(:project_setting, merge_request_title_regex: regex,
merge_request_title_regex_description: description)
end
let(:regex) { '/aaa/' }
let(:description) { 'Must be aaa' }
context 'when only the regex is set' do
let(:description) { nil }
it 'is not valid' do
expect(project_setting).not_to be_valid
expect(project_setting.errors[:merge_request_title_regex])
.to include("and regex description must be either both set, or neither.")
expect(project_setting.errors[:merge_request_title_regex_description])
.to include("and regex must be either both set, or neither.")
end
context 'when is off' do
before do
stub_feature_flags(merge_request_title_regex: false)
end
it 'is valid' do
expect(project_setting).to be_valid
end
end
end
context 'when only the description is set' do
let(:regex) { nil }
it 'is not valid' do
expect(project_setting).not_to be_valid
expect(project_setting.errors[:merge_request_title_regex])
.to include("and regex description must be either both set, or neither.")
expect(project_setting.errors[:merge_request_title_regex_description])
.to include("and regex must be either both set, or neither.")
end
context 'when is off' do
before do
stub_feature_flags(merge_request_title_regex: false)
end
it 'is valid' do
expect(project_setting).to be_valid
end
end
end
context 'when neither are set' do
let(:regex) { nil }
let(:description) { nil }
it 'is valid' do
expect(project_setting).to be_valid
end
end
context 'when both are set' do
it 'is valid' do
expect(project_setting).to be_valid
end
end
end
it 'allows any combination of the allowed target platforms' do
valid_target_platform_combinations.each do |target_platforms|
expect(subject).to allow_value(target_platforms).for(:target_platforms)
@ -118,15 +197,15 @@ RSpec.describe ProjectSetting, type: :model, feature_category: :groups_and_proje
it 'enqueues a auto merge process worker' do
expect(AutoMergeProcessWorker).to receive(:perform_async).with({ 'project_id' => project_1.id })
project_setting.update!(merge_request_title_regex: '/asa/')
project_setting.update!(merge_request_title_regex_description: '1', merge_request_title_regex: '/asa/')
end
context 'when regex is updated with the same value' do
it 'enqueues a auto merge process worker only one' do
expect(AutoMergeProcessWorker).to receive(:perform_async).with({ 'project_id' => project_1.id }).once
project_setting.update!(merge_request_title_regex: '/asa/')
project_setting.update!(merge_request_title_regex: '/asa/')
project_setting.update!(merge_request_title_regex_description: '1', merge_request_title_regex: '/asa/')
project_setting.update!(merge_request_title_regex_description: '1', merge_request_title_regex: '/asa/')
end
end
@ -138,7 +217,7 @@ RSpec.describe ProjectSetting, type: :model, feature_category: :groups_and_proje
it 'does not enqueue the worker' do
expect(AutoMergeProcessWorker).not_to receive(:perform_async)
project_setting.update!(merge_request_title_regex: '/asa/')
project_setting.update!(merge_request_title_regex_description: '1', merge_request_title_regex: '/asa/')
end
end
end

2
spec/models/project_spec.rb
View File

@ -1558,6 +1558,7 @@ RSpec.describe Project, factory_default: :keep, feature_category: :groups_and_pr
enforce_auth_checks_on_uploads
enforce_auth_checks_on_uploads?
merge_request_title_regex
merge_request_title_regex_description
web_based_commit_signing_enabled
].each do |method|
it { is_expected.to delegate_method(method).to(:project_setting).allow_nil }
@ -1570,6 +1571,7 @@ RSpec.describe Project, factory_default: :keep, feature_category: :groups_and_pr
warn_about_potentially_unwanted_characters=
enforce_auth_checks_on_uploads=
merge_request_title_regex=
merge_request_title_regex_description=
web_based_commit_signing_enabled=
].each do |method|
it { is_expected.to delegate_method(method).to(:project_setting).with_arguments(:args).allow_nil }

11
spec/requests/api/projects_spec.rb
View File

@ -4823,18 +4823,19 @@ RSpec.describe API::Projects, :aggregate_failures, feature_category: :groups_and
expect(json_response['topics']).to eq(%w[topic2])
end
it 'updates the merge_request_title_regex' do
it 'updates the merge_request_title_regex and description' do
project3.update!(merge_request_title_regex: nil)
project_param = { merge_request_title_regex: '/aaa/' }
project_param = { merge_request_title_regex: '/aaa/', merge_request_title_regex_description: 'Description of regex' }
expect { put api("/projects/#{project3.id}", user), params: project_param }
.to change { project3.reload.merge_request_title_regex }
.from(nil)
.to(/aaa/)
.to change { [project3.reload.merge_request_title_regex, project3.merge_request_title_regex_description] }
.from([nil, nil])
.to([/aaa/, "Description of regex"])
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['merge_request_title_regex']).to eq("/aaa/")
expect(json_response['merge_request_title_regex_description']).to eq("Description of regex")
end
it 'updates enforce_auth_checks_on_uploads' do

4
spec/services/merge_requests/update_service_spec.rb
View File

@ -1120,10 +1120,11 @@ RSpec.describe MergeRequests::UpdateService, :mailer, feature_category: :code_re
describe 'AutoMerge::TitleDescriptionUpdateEvent' do
let(:auto_merge_enabled) { true }
let(:title_regex) { 'test' }
let(:description) { 'description' }
before do
merge_request.update!(auto_merge_enabled: true, merge_user: user) if auto_merge_enabled
project.update!(merge_request_title_regex: title_regex)
project.update!(merge_request_title_regex_description: description, merge_request_title_regex: title_regex)
end
context 'when the title changes' do
@ -1151,6 +1152,7 @@ RSpec.describe MergeRequests::UpdateService, :mailer, feature_category: :code_re
context 'when project has no required regex' do
let(:title_regex) { nil }
let(:description) { nil }
it_behaves_like 'it does not publish the AutoMerge::TitleDescriptionUpdateEvent'
end

2
spec/support/rspec_order_todo.yml
View File

@ -1955,6 +1955,7 @@
- './ee/spec/services/ee/issues/after_create_service_spec.rb'
- './ee/spec/services/ee/issues/create_service_spec.rb'
- './ee/spec/services/ee/issues/update_service_spec.rb'
- './ee/spec/services/ee/keys/create_service_spec.rb'
- './ee/spec/services/ee/keys/destroy_service_spec.rb'
- './ee/spec/services/ee/labels/promote_service_spec.rb'
- './ee/spec/services/ee/members/create_service_spec.rb'
@ -2096,7 +2097,6 @@
- './ee/spec/services/iterations/update_service_spec.rb'
- './ee/spec/services/jira/jql_builder_service_spec.rb'
- './ee/spec/services/jira/requests/issues/list_service_spec.rb'
- './ee/spec/services/keys/create_service_spec.rb'
- './ee/spec/services/keys/last_used_service_spec.rb'
- './ee/spec/services/ldap_group_reset_service_spec.rb'
- './ee/spec/services/lfs/lock_file_service_spec.rb'

2
workhorse/go.mod
View File

@ -5,7 +5,7 @@ go 1.23.0
toolchain go1.23.2
require (
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.9.0
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.6.1
github.com/BurntSushi/toml v1.4.0
github.com/alecthomas/chroma/v2 v2.18.0

4
workhorse/go.sum
View File

@ -72,8 +72,8 @@ dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U=
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM=
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.9.0 h1:OVoM452qUFBrX+URdH3VpR299ma4kfom0yB0URYky9g=
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.9.0/go.mod h1:kUjrAo8bgEwLeZ/CmHqNl3Z/kPm7y6FKfxxK0izYUg4=
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 h1:B+blDbyVIG3WaikNxPnhPiJ1MThR03b3vKGtER95TP4=
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1/go.mod h1:JdM5psgjfBf5fo2uWOZhflPWyDBZ/O/CNAH9CtsuZE4=
github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2 h1:yz1bePFlP5Vws5+8ez6T3HWXPmwOK7Yvq8QxDBD3SKY=
github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2/go.mod h1:Pa9ZNPuoNu/GztvBSKk9J1cDJW6vk/n0zLtV4mgd8N8=
github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4=