root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2025-02-05 18:12:45 +00:00
parent 4ec95e2795
commit 200217febe
58 changed files with 737 additions and 165 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Gemfile
View File

@ -257,7 +257,7 @@ gem 'html-pipeline', '~> 2.14.3', feature_category: :markdown
gem 'deckar01-task_list', '2.3.4', feature_category: :markdown
gem 'gitlab-markup', '~> 1.9.0', require: 'github/markup', feature_category: :markdown
gem 'commonmarker', '~> 0.23.10', feature_category: :markdown
gem 'kramdown', '~> 2.4.0', feature_category: :markdown
gem 'kramdown', '~> 2.5.0', feature_category: :markdown
gem 'RedCloth', '~> 4.3.3', feature_category: :markdown
gem 'org-ruby', '~> 0.9.12', feature_category: :markdown
gem 'creole', '~> 0.5.0', feature_category: :markdown

2
Gemfile.checksum
View File

@ -363,7 +363,7 @@
{"name":"kaminari-activerecord","version":"1.2.2","platform":"ruby","checksum":"0dd3a67bab356a356f36b3b7236bcb81cef313095365befe8e98057dd2472430"},
{"name":"kaminari-core","version":"1.2.2","platform":"ruby","checksum":"3bd26fec7370645af40ca73b9426a448d09b8a8ba7afa9ba3c3e0d39cdbb83ff"},
{"name":"knapsack","version":"4.0.0","platform":"ruby","checksum":"a9422688751989d09a40b4bf7f959a71a3bfe7bc49d3cd610c2fcfb6e45482b8"},
{"name":"kramdown","version":"2.4.0","platform":"ruby","checksum":"b62e5bcbd6ea20c7a6730ebbb2a107237856e14f29cebf5b10c876cc1a2481c5"},
{"name":"kramdown","version":"2.5.0","platform":"ruby","checksum":"b2cc38ab61d3baa88756e320727180dc122921d862f28e1efab6fed68bde3de8"},
{"name":"kramdown-parser-gfm","version":"1.1.0","platform":"ruby","checksum":"fb39745516427d2988543bf01fc4cf0ab1149476382393e0e9c48592f6581729"},
{"name":"kubeclient","version":"4.11.0","platform":"ruby","checksum":"4985fcd749fb8c364a668a8350a49821647f03aa52d9ee6cbc582beb8e883fcc"},
{"name":"language_server-protocol","version":"3.17.0.3","platform":"ruby","checksum":"3d5c58c02f44a20d972957a9febe386d7e7468ab3900ce6bd2b563dd910c6b3f"},

6
Gemfile.lock
View File

@ -1076,8 +1076,8 @@ GEM
kaminari-core (1.2.2)
knapsack (4.0.0)
rake
kramdown (2.4.0)
rexml
kramdown (2.5.0)
rexml (>= 3.3.6)
kramdown-parser-gfm (1.1.0)
kramdown (~> 2.0)
kubeclient (4.11.0)
@ -2166,7 +2166,7 @@ DEPENDENCIES
jwt (~> 2.9.3)
kaminari (~> 1.2.2)
knapsack (~> 4.0.0)
kramdown (~> 2.4.0)
kramdown (~> 2.5.0)
kubeclient (~> 4.11.0)
lefthook (~> 1.7.0)
letter_opener_web (~> 3.0.0)

2
Gemfile.next.checksum
View File

@ -366,7 +366,7 @@
{"name":"kaminari-activerecord","version":"1.2.2","platform":"ruby","checksum":"0dd3a67bab356a356f36b3b7236bcb81cef313095365befe8e98057dd2472430"},
{"name":"kaminari-core","version":"1.2.2","platform":"ruby","checksum":"3bd26fec7370645af40ca73b9426a448d09b8a8ba7afa9ba3c3e0d39cdbb83ff"},
{"name":"knapsack","version":"4.0.0","platform":"ruby","checksum":"a9422688751989d09a40b4bf7f959a71a3bfe7bc49d3cd610c2fcfb6e45482b8"},
{"name":"kramdown","version":"2.4.0","platform":"ruby","checksum":"b62e5bcbd6ea20c7a6730ebbb2a107237856e14f29cebf5b10c876cc1a2481c5"},
{"name":"kramdown","version":"2.5.0","platform":"ruby","checksum":"b2cc38ab61d3baa88756e320727180dc122921d862f28e1efab6fed68bde3de8"},
{"name":"kramdown-parser-gfm","version":"1.1.0","platform":"ruby","checksum":"fb39745516427d2988543bf01fc4cf0ab1149476382393e0e9c48592f6581729"},
{"name":"kubeclient","version":"4.11.0","platform":"ruby","checksum":"4985fcd749fb8c364a668a8350a49821647f03aa52d9ee6cbc582beb8e883fcc"},
{"name":"language_server-protocol","version":"3.17.0.3","platform":"ruby","checksum":"3d5c58c02f44a20d972957a9febe386d7e7468ab3900ce6bd2b563dd910c6b3f"},

6
Gemfile.next.lock
View File

@ -1093,8 +1093,8 @@ GEM
kaminari-core (1.2.2)
knapsack (4.0.0)
rake
kramdown (2.4.0)
rexml
kramdown (2.5.0)
rexml (>= 3.3.6)
kramdown-parser-gfm (1.1.0)
kramdown (~> 2.0)
kubeclient (4.11.0)
@ -2201,7 +2201,7 @@ DEPENDENCIES
jwt (~> 2.9.3)
kaminari (~> 1.2.2)
knapsack (~> 4.0.0)
kramdown (~> 2.4.0)
kramdown (~> 2.5.0)
kubeclient (~> 4.11.0)
lefthook (~> 1.7.0)
letter_opener_web (~> 3.0.0)

484
app/workers/all_queues.yml
View File

File diff suppressed because it is too large Load Diff

4
config/feature_flags/wip/project_component_filter.yml → config/feature_flags/beta/project_component_filter.yml
View File

@ -5,5 +5,5 @@ introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/178208
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/513320
milestone: '17.9'
group: group::security insights
type: wip
default_enabled: false
type: beta
default_enabled: true

12
doc/administration/self_hosted_models/supported_models_and_hardware_requirements.md
View File

@ -19,9 +19,9 @@ DETAILS:
The following table shows the supported models along with their specific features and hardware requirements to help you select the model that best fits your infrastructure needs for optimal performance.
## Approved LLMs
## Supported LLMs
Install one of the following GitLab-approved large language models (LLMs):
Install one of the following GitLab-supported large language models (LLMs):
<!-- vale gitlab_base.Spelling = NO -->
@ -38,11 +38,11 @@ Install one of the following GitLab-approved large language models (LLMs):
Legend:
- 🟢 Green - Strongly recommended. The model can handle the feature without any loss of quality.
- 🟡 Amber - Recommended. The model supports the feature, but there might be minor compromises or limitations.
- 🔴 Red - Not recommended. The model is unsuitable for the feature, likely resulting in significant quality loss or performance issues.
- 🟢 Green - Fully compatible. The model can likely handle the feature without any loss of quality.
- 🟡 Amber - Largely compatible. The model supports the feature, but there might be compromises or limitations.
- 🔴 Red - Not compatible. The model is unsuitable for the feature, likely resulting in significant quality loss or performance issues.
The following models are under evaluation, and support is limited:
The following models are configurable for the functionalities marked below, but are currently in experimental or beta status, under evaluation, and are excluded from the "Customer Integrated Models" definition in the [AI Functionality Terms](https://handbook.gitlab.com/handbook/legal/ai-functionality-terms/):
| Model family | Model | Supported platforms | Status | Code completion | Code generation | GitLab Duo Chat |
|--------------- |-------|---------------------|--------|-----------------|-----------------|-----------------|

3
doc/administration/sidekiq/processing_specific_job_classes.md
View File

@ -130,6 +130,9 @@ based on a subset of worker attributes:
to load data in memory before saving it for export.
- `tags` - short-lived annotations for queues. These are expected to frequently
change from release to release, and may be removed entirely.
- `queue_namespace` - Some workers are grouped by a namespace, and
`name` is prefixed with `<queue_namespace>:`. For example, for a queue `name` of `cronjob:admin_email`,
`queue_namespace` is `cronjob`. Use this attribute to select a group of workers.
`has_external_dependencies` is a boolean attribute: only the exact
string `true` is considered true, and everything else is considered

1
doc/api/repositories.md
View File

@ -160,6 +160,7 @@ Supported attributes:
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/_index.md#namespaced-paths). |
| `path` | string | no | The subpath of the repository to download. If an empty string, defaults to the whole repository. |
| `sha` | string | no | The commit SHA to download. A tag, branch reference, or SHA can be used. If not specified, defaults to the tip of the default branch. |
| `include_lfs_blobs` | boolean | no | Determines whether LFS objects are included in the archive. Default is `true`. When set to `false`, LFS objects are excluded. |
Example request:

12
doc/policy/early_access_program/_index.md
View File

@ -9,15 +9,15 @@ title: GitLab Early Access Program
NOTE:
Last status update 2024-10-02.
These features may not be ready for production use and follow the [Experimental or Beta policy](../../policy/development_stages_support.md) of GitLab.
These features may not be ready for production use and follow the [Experimental or Beta policy](../development_stages_support.md) of GitLab.
## Features included in the GitLab Early Access Program
| Name | Status | Included date | Provide feedback |
|---------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------|---------------|------------------------------------------------------------------------|
| [GitLab Duo Vulnerability Resolution](../../user/application_security/vulnerabilities/index.md#vulnerability-resolution) | [Beta](../../policy/development_stages_support.md#beta) | 2024-10-02 | [feedback issue](https://gitlab.com/gitlab-org/gitlab/-/issues/476553) |
| [GitLab Duo Issue Description Generation](../../user/project/issues/managing_issues.md#populate-an-issue-with-issue-description-generation) | [Experiment](../../policy/development_stages_support.md#experiment) | 2024-10-02 | [feedback issue](https://gitlab.com/gitlab-org/gitlab/-/issues/409844) |
| [GitLab Duo Product Analytics](../../user/analytics/analytics_dashboards.md#generate-a-custom-visualization-with-gitlab-duo) | [Experiment](../../policy/development_stages_support.md#experiment) | 2024-10-02 | [feedback issue](https://gitlab.com/gitlab-org/gitlab/-/issues/455363) |
| Name | Status | Included date | Provide feedback |
|---------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------|---------------|------------------|
| [GitLab Duo Vulnerability Resolution](../../user/application_security/vulnerabilities/index.md#vulnerability-resolution) | [Beta](../development_stages_support.md#beta) | 2024-10-02 | [feedback issue](https://gitlab.com/gitlab-org/gitlab/-/issues/476553) |
| [GitLab Duo Issue Description Generation](../../user/project/issues/managing_issues.md#populate-an-issue-with-issue-description-generation) | [Experiment](../development_stages_support.md#experiment) | 2024-10-02 | [feedback issue](https://gitlab.com/gitlab-org/gitlab/-/issues/409844) |
| [GitLab Duo Product Analytics](../../user/analytics/analytics_dashboards.md#generate-a-custom-visualization-with-gitlab-duo) | [Experiment](../development_stages_support.md#experiment) | 2024-10-02 | [feedback issue](https://gitlab.com/gitlab-org/gitlab/-/issues/455363) |
Would you like to use a paid feature but don't have a subscription?
You are more than welcome to [request a free trial](https://about.gitlab.com/free-trial/).

2
doc/security/hardening_application_recommendations.md
View File

@ -117,7 +117,7 @@ to specifically allow only those addresses.
For more details on **Visibility and access control**, see [visibility and access controls](../administration/settings/visibility_and_access_controls.md).
For information on SSH settings, see
[SSH keys restrictions](../security/ssh_keys_restrictions.md).
[SSH keys restrictions](ssh_keys_restrictions.md).
### Account and limit

18
doc/security/responding_to_security_incidents.md
View File

@ -31,7 +31,7 @@ This scenario refers to security events where sensitive authentication or author
This scenario might also include the exposure of sensitive information about third-party credentials through GitLab services. The exposure could occur through, for example, accidental commits to public GitLab projects, or misconfiguration of CI/CD settings. For more information, see:
- [Overview of GitLab tokens](../security/tokens/_index.md)
- [Overview of GitLab tokens](tokens/_index.md)
- [GitLab CI/CD variable security](../ci/variables/index.md#cicd-variable-security)
#### Response
@ -66,9 +66,9 @@ Security incidents related to credentials exposure can vary in severity from low
If you suspect that a user account or bot account has been compromised, you should:
- [Block the user](../administration/moderate_users.md#block-a-user) to mitigate any current risk.
- Reset any credentials the user might have had access to. For example, users with at least the Maintainer role can view protected [CI/CD variables](../ci/variables/index.md) and [runner registration tokens](../security/tokens/_index.md#runner-registration-tokens-deprecated).
- [Reset user passwords](../security/reset_user_password.md).
- Get the user to [enable two factor authentication](../user/profile/account/two_factor_authentication.md) (2FA), and consider [enforcing 2FA for an instance or group](../security/two_factor_authentication.md).
- Reset any credentials the user might have had access to. For example, users with at least the Maintainer role can view protected [CI/CD variables](../ci/variables/index.md) and [runner registration tokens](tokens/_index.md#runner-registration-tokens-deprecated).
- [Reset user passwords](reset_user_password.md).
- Get the user to [enable two factor authentication](../user/profile/account/two_factor_authentication.md) (2FA), and consider [enforcing 2FA for an instance or group](two_factor_authentication.md).
- After completing an investigation and mitigating impacts, unblock the user.
#### Event types
@ -108,7 +108,7 @@ Under typical circumstances, the `CI_JOB_TOKEN` is not displayed in the job logs
In such instances, you should:
- Check if there are any recent modifications to the source code in the repository. You can check the commit history of the modified file to determine the actor who made the changes. If you suspect suspicious edits, investigate the user activity using the [suspected compromised user account guide](../security/responding_to_security_incidents.md#suspected-compromised-user-account).
- Check if there are any recent modifications to the source code in the repository. You can check the commit history of the modified file to determine the actor who made the changes. If you suspect suspicious edits, investigate the user activity using the [suspected compromised user account guide](responding_to_security_incidents.md#suspected-compromised-user-account).
- Any suspicious modification to any code that is called by that file can cause issues and should be investigated and may lead to exposed secrets.
- Consider rotating the exposed secrets after determining the production impact of revocation.
- Review [audit logs](../administration/audit_event_reports.md) available to you for any suspicious modifications to user and project settings.
@ -140,7 +140,7 @@ It is important to [regularly update GitLab](../policy/maintenance.md), update y
If you suspect that your GitLab instance has been compromised, you should:
- Review the [audit events](../administration/audit_event_reports.md) available to you for suspicious account behavior.
- Review [all users](../administration/moderate_users.md) (including the Administrative root user), and follow the steps in the [suspected compromised user account guide](../security/responding_to_security_incidents.md#suspected-compromised-user-account) if necessary.
- Review [all users](../administration/moderate_users.md) (including the Administrative root user), and follow the steps in the [suspected compromised user account guide](responding_to_security_incidents.md#suspected-compromised-user-account) if necessary.
- Review the Credentials Inventory, if available to you.
- Change any sensitive credentials, variables, tokens, and secrets. For example, those located in instance configuration, database, CI/CD pipelines, or elsewhere.
- Update to the latest version of GitLab and adopt a plan to update after every security patch release.
@ -173,7 +173,7 @@ Security incidents can occur as a result of improperly configured project or gro
If you suspect unauthorized modifications to project settings, consider taking the following steps:
- Begin by reviewing the available [audit events](../administration/audit_event_reports.md) to identify the user responsible for the action.
- If the user account appears suspicious, follow the steps outlined in the [suspected compromised user account guide](../security/responding_to_security_incidents.md#suspected-compromised-user-account).
- If the user account appears suspicious, follow the steps outlined in the [suspected compromised user account guide](responding_to_security_incidents.md#suspected-compromised-user-account).
- Consider reverting the settings to their original state by referring to the audit events and consulting the project owners and maintainers for guidance.
#### Event types
@ -187,11 +187,11 @@ Before you ask GitLab for help, search the [GitLab documentation](https://docs.g
### Security best practices
Review the [GitLab Security documentation](../security/_index.md) for what suggestions will work best for your environment and needs. For GitLab Self-Managed, consider reviewing our [diagram of GitLab components](../development/architecture.md#simplified-component-overview) to familiarize yourself with the various parts of a GitLab installation.
Review the [GitLab Security documentation](_index.md) for what suggestions will work best for your environment and needs. For GitLab Self-Managed, consider reviewing our [diagram of GitLab components](../development/architecture.md#simplified-component-overview) to familiarize yourself with the various parts of a GitLab installation.
#### Hardening Recommendations
For more information about improving the security posture of your GitLab environment, see the [hardening recommendations](../security/hardening.md).
For more information about improving the security posture of your GitLab environment, see the [hardening recommendations](hardening.md).
You can also consider implementing abuse rate limiting as detailed in [Git abuse rate limit](../user/group/reporting/git_abuse_rate_limit.md). Setting abuse rate limits may be helpful to automatically mitigate certain types of security incidents.

10
doc/subscriptions/self_managed/index.md
View File

@ -64,10 +64,10 @@ A user is not counted as a billable user if:
The amount of **Billable users** is reported once a day in the **Admin** area.
### Users in license
### Users in subscription
The number of users you've paid for in the current license loaded on the system.
The number does not change unless you add seats during your current subscription period.
The number of users in subscription represents the number of users included in your current license, based on what you've paid for.
This number remains the same throughout your subscription period unless you purchase more seats.
### Maximum users
@ -362,7 +362,7 @@ The **Subscription** page includes the following information:
- Licensee
- Plan
- When it was uploaded, started, and when it expires
- Number of [users in license](#users-in-license)
- Number of [users in subscription](#users-in-subscription)
- Number of [billable users](#billable-users)
- [Maximum users](#maximum-users)
- Number of [users over subscription](#users-over-subscription)
@ -376,7 +376,7 @@ Prerequisites:
You can export your license usage into a CSV file.
This file contains the information GitLab uses to manually process
[quarterly reconciliations](../../subscriptions/quarterly_reconciliation.md)
[quarterly reconciliations](../quarterly_reconciliation.md)
or [renewals](#renew-your-subscription). If your instance is firewalled or an
offline environment, you must provide GitLab with this information.

2
doc/topics/autodevops/stages.md
View File

@ -525,4 +525,4 @@ for updates.
This stage is enabled by default. You can disable it by adding the
`CODE_INTELLIGENCE_DISABLED` CI/CD variable. Read more about
[disabling Auto DevOps jobs](../../topics/autodevops/cicd_variables.md#job-skipping-variables).
[disabling Auto DevOps jobs](../autodevops/cicd_variables.md#job-skipping-variables).

2
doc/topics/git/file_management.md
View File

@ -208,7 +208,7 @@ It's a good option for:
Prerequisites:
- You must have [Git LFS installed](../../topics/git/lfs/index.md).
- You must have [Git LFS installed](../git/lfs/index.md).
- You must have the Maintainer role for the project.
### Configure file locks

4
doc/topics/git/lfs/index.md
View File

@ -101,7 +101,7 @@ To enable or disable Git LFS at the project level:
You can add large files to Git LFS. This helps you manage files in Git repositories.
When you track files with Git LFS, they are replaced with text pointers in Git,
and stored on a remote server. For more information, see [Git LFS](../../../topics/git/file_management.md#git-lfs).
and stored on a remote server. For more information, see [Git LFS](../../git/file_management.md#git-lfs).
## Clone a repository that uses Git LFS
@ -151,7 +151,7 @@ the total size of your repository, see
- Use Git LFS to set up [exclusive file locks](../file_management.md#configure-file-locks).
- Blog post: [Getting started with Git LFS](https://about.gitlab.com/blog/2017/01/30/getting-started-with-git-lfs-tutorial/)
- [Git LFS with Git](../../../topics/git/file_management.md#git-lfs)
- [Git LFS with Git](../../git/file_management.md#git-lfs)
- [Git LFS developer information](../../../development/lfs.md)
- [GitLab Git Large File Storage (LFS) Administration](../../../administration/lfs/index.md) for self-managed instances
- [Troubleshooting Git LFS](troubleshooting.md)

2
doc/tutorials/build_application.md
View File

@ -46,4 +46,4 @@ Use GitLab Pages to publish a static website directly from your project.
|-------|-------------|--------------------|
| [Create a Pages website from a CI/CD template](../user/project/pages/getting_started/pages_ci_cd_template.md) | Quickly generate a Pages website for your project using a CI/CD template for a popular Static Site Generator (SSG). | **{star}** |
| [Create a Pages website from scratch](../user/project/pages/getting_started/pages_from_scratch.md) | Create all the components of a Pages website from a blank project. | |
| [Build, test, and deploy your Hugo site with GitLab](../tutorials/hugo/index.md) | Generate your Hugo site using a CI/CD template and GitLab Pages. | **{star}** |
| [Build, test, and deploy your Hugo site with GitLab](hugo/index.md) | Generate your Hugo site using a CI/CD template and GitLab Pages. | **{star}** |

2
doc/tutorials/create_gitlab_pipeline_push_to_google_artifact_registry/index.md
View File

@ -95,7 +95,7 @@ autoscaling fleet of runners on Compute Engine, with a runner manager that
creates temporary runners to execute multiple jobs simultaneously.
To set up your autoscaling fleet of runners, follow the instructions in
[Set up GitLab Runner to execute your CI/CD jobs on Google Cloud](../../tutorials/set_up_gitlab_google_integration/index.md#set-up-gitlab-runner-to-execute-your-cicd-jobs-on-google-cloud).
[Set up GitLab Runner to execute your CI/CD jobs on Google Cloud](../set_up_gitlab_google_integration/index.md#set-up-gitlab-runner-to-execute-your-cicd-jobs-on-google-cloud).
Select Google Cloud as the environment where you want your runners to execute
your CI/CD jobs, and fill out the rest of the configuration details.

2
doc/update/patch_versions.md
View File

@ -165,4 +165,4 @@ If all items are green, then congratulations upgrade complete!
## Make sure background migrations are finished
[Check the status of background migrations](../update/background_migrations.md) and make sure they are finished.
[Check the status of background migrations](background_migrations.md) and make sure they are finished.

6
doc/update/versions/gitlab_16_changes.md
View File

@ -19,7 +19,7 @@ For more information about upgrading GitLab Helm Chart, see [the release notes f
## Issues to be aware of when upgrading from 15.11
- [PostgreSQL 12 is not supported starting from GitLab 16](../../update/deprecations.md#postgresql-12-deprecated). Upgrade PostgreSQL to at least version 13.6 before upgrading to GitLab 16.0 or later.
- [PostgreSQL 12 is not supported starting from GitLab 16](../deprecations.md#postgresql-12-deprecated). Upgrade PostgreSQL to at least version 13.6 before upgrading to GitLab 16.0 or later.
- If your GitLab instance upgraded first to 15.11.0, 15.11.1, or 15.11.2 the database schema is incorrect.
Perform the [workaround](#undefined-column-error-upgrading-to-162-or-later) before upgrading to 16.x.
- Starting with 16.0, GitLab Self-Managed installations now have two database connections by default, instead of one. This change doubles the number of PostgreSQL connections. It makes self-managed versions of GitLab behave similarly to GitLab.com, and is a step toward enabling a separate database for CI features for self-managed versions of GitLab. Before upgrading to 16.0, determine if you need to [increase max connections for PostgreSQL](https://docs.gitlab.com/omnibus/settings/database.html#configuring-multiple-database-connections).
@ -197,7 +197,7 @@ that enables [High Availability (HA)](../../administration/reference_architectur
(3k users or more), you're using
[PostgreSQL replication and failover for Linux package installations](../../administration/postgresql/replication_and_failover.md), which uses Patroni.
If this is your case, read [Multi-node upgrades with downtime](../../update/with_downtime.md) on how to upgrade your multi-node instance.
If this is your case, read [Multi-node upgrades with downtime](../with_downtime.md) on how to upgrade your multi-node instance.
For more information on the changes introduced between version 2.1.0 and version 3.0.1, see the [Patroni release notes](https://patroni.readthedocs.io/en/latest/releases.html).
@ -1262,7 +1262,7 @@ Before this automatic expiry date is applied, you should do the following to min
For more information, see the:
- [Deprecations and removals documentation](../../update/deprecations.md#non-expiring-access-tokens).
- [Deprecations and removals documentation](../deprecations.md#non-expiring-access-tokens).
- [Deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/369122).
### Geo installations

2
doc/update/versions/gitlab_17_changes.md
View File

@ -124,7 +124,7 @@ Before this automatic expiry date is applied, you should do the following to min
For more information, see the:
- [Deprecations and removals documentation](../../update/deprecations.md#non-expiring-access-tokens).
- [Deprecations and removals documentation](../deprecations.md#non-expiring-access-tokens).
- [Deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/369122).
## Issues to be aware of when upgrading from 17.1 and earlier

5
doc/user/analytics/ci_cd_analytics.md
View File

@ -47,7 +47,6 @@ Prerequisites:
DETAILS:
**Tier:** Ultimate
**Offering:** GitLab.com, GitLab Self-Managed, GitLab Dedicated
To view CI/CD analytics for a group:
@ -61,10 +60,6 @@ The page displays metrics and charts for:
### For a project
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** GitLab.com, GitLab Self-Managed, GitLab Dedicated
To view CI/CD analytics for a project:
1. On the left sidebar, select **Search or go to** and find your project.

8
doc/user/application_security/configuration/index.md
View File

@ -68,9 +68,9 @@ You can configure the following security controls:
- Select **Configure with a merge request** to create a merge request with the changes required to
enable Secret Detection. For more details, read [Use an automatically configured merge request](../secret_detection/pipeline/index.md#use-an-automatically-configured-merge-request).
- [API Fuzzing](../api_fuzzing/index.md)
- Select **Enable API Fuzzing** to use API Fuzzing for the current project. For more details, read [API Fuzzing](../../../user/application_security/api_fuzzing/configuration/enabling_the_analyzer.md).
- Select **Enable API Fuzzing** to use API Fuzzing for the current project. For more details, read [API Fuzzing](../api_fuzzing/configuration/enabling_the_analyzer.md).
- [Coverage Fuzzing](../coverage_fuzzing/index.md)
- Can be configured with `.gitlab-ci.yml`. For more details, read [Coverage Fuzzing](../../../user/application_security/coverage_fuzzing/index.md#enable-coverage-guided-fuzz-testing).
- Can be configured with `.gitlab-ci.yml`. For more details, read [Coverage Fuzzing](../coverage_fuzzing/index.md#enable-coverage-guided-fuzz-testing).
## Compliance
@ -80,5 +80,5 @@ DETAILS:
You can configure the following security controls:
- [Security Training](../../../user/application_security/vulnerabilities/index.md#enable-security-training-for-vulnerabilities)
- Enable **Security training** for the current project. For more details, read [security training](../../../user/application_security/vulnerabilities/index.md#enable-security-training-for-vulnerabilities).
- [Security Training](../vulnerabilities/index.md#enable-security-training-for-vulnerabilities)
- Enable **Security training** for the current project. For more details, read [security training](../vulnerabilities/index.md#enable-security-training-for-vulnerabilities).

2
doc/user/application_security/coverage_fuzzing/index.md
View File

@ -135,7 +135,7 @@ a large number of false positives.
| `COVFUZZ_URL_PREFIX` | Path to the `gitlab-cov-fuzz` repository cloned for use with an offline environment. You should only change this value when using an offline environment. Default: `https://gitlab.com/gitlab-org/security-products/analyzers/gitlab-cov-fuzz/-/raw`. |
| `COVFUZZ_USE_REGISTRY` | Set to `true` to have the corpus stored in the GitLab corpus registry. The variables `COVFUZZ_CORPUS_NAME` and `COVFUZZ_GITLAB_TOKEN` are required if this variable is set to `true`. Default: `false`. |
| `COVFUZZ_CORPUS_NAME` | Name of the corpus to be used in the job. |
| `COVFUZZ_GITLAB_TOKEN` | Environment variable configured with [personal access token](../../../user/profile/personal_access_tokens.md#create-a-personal-access-token) or [project access token](../../../user/project/settings/project_access_tokens.md#create-a-project-access-token) with API read/write access. |
| `COVFUZZ_GITLAB_TOKEN` | Environment variable configured with [personal access token](../../profile/personal_access_tokens.md#create-a-personal-access-token) or [project access token](../../project/settings/project_access_tokens.md#create-a-project-access-token) with API read/write access. |
#### Seed corpus

2
doc/user/application_security/cve_id_request.md
View File

@ -17,7 +17,7 @@ vulnerability. GitLab is a [CVE Numbering Authority](https://about.gitlab.com/se
([CNA](https://cve.mitre.org/cve/cna.html)).
Assigning a CVE ID to a vulnerability in your project helps your users stay secure and informed. For
example, [dependency scanning tools](../application_security/dependency_scanning/index.md) can
example, [dependency scanning tools](dependency_scanning/index.md) can
detect when vulnerable versions of your project are used as a dependency.
A common vulnerability workflow is:

6
doc/user/application_security/dependency_list/index.md
View File

@ -43,7 +43,7 @@ GitLab already generates this document when the following requirements are met:
supported by Gemnasium.
- A successful pipeline was run on the default branch.
You should not change the default behavior of allowing the
[application security jobs](../../application_security/detect/index.md) to fail.
[application security jobs](../detect/index.md) to fail.
## View project dependencies
@ -71,7 +71,7 @@ Details of each dependency are listed, sorted by decreasing severity of vulnerab
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/422356) dependency filtering for groups in GitLab 16.7 [with a flag](../../../administration/feature_flags.md) named `group_level_dependencies_filtering`. Disabled by default.
> - Dependency filtering for group [generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/422356) in GitLab 16.10. Feature flag `group_level_dependencies_filtering` removed.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/513320) dependency filtering for projects in GitLab 17.9 with a flag named [`project_component_filter`](../../../administration/feature_flags.md). Disabled by default.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/513320) dependency filtering for projects in GitLab 17.9 with a flag named [`project_component_filter`](../../../administration/feature_flags.md). Enabled by default.
You can filter the dependency list to focus on only a subset of dependencies. The dependency
list is available for groups and projects.
@ -140,7 +140,7 @@ Dependency paths are supported for the following package managers:
### Licenses
If the [Dependency Scanning](../../application_security/dependency_scanning/index.md) CI job is configured,
If the [Dependency Scanning](../dependency_scanning/index.md) CI job is configured,
[discovered licenses](../../compliance/license_scanning_of_cyclonedx_files/index.md) are displayed on this page.
## Download the dependency list

2
doc/user/application_security/dependency_scanning/experiment_libbehave_dependency.md
View File

@ -88,7 +88,7 @@ Prerequisites:
- Pipeline is part of an active [merge request pipeline](../../../ci/pipelines/merge_request_pipelines.md) that has a defined source and target Git branch.
- Project includes one of the [supported languages](#supported-languages-and-package-managers).
- Project is adding new dependencies to the source or feature branch.
- For merge request (MR) comments, ensure a Guest level [project access token](../../../user/project/settings/project_access_tokens.md),
- For merge request (MR) comments, ensure a Guest level [project access token](../../project/settings/project_access_tokens.md),
and the source branch is either a protected branch or the **Protect variable** CI/CD variable
[option is unchecked](../../../ci/variables/index.md#for-a-project).

6
doc/user/application_security/dependency_scanning/troubleshooting_dependency_scanning.md
View File

@ -15,7 +15,7 @@ When working with dependency scanning, you might encounter the following issues.
## Debug-level logging
Debug-level logging can help when troubleshooting. For details, see
[debug-level logging](../../application_security/troubleshooting_application_security.md#debug-level-logging).
[debug-level logging](../troubleshooting_application_security.md#debug-level-logging).
### Working around missing support for certain languages or package managers
@ -60,7 +60,7 @@ affected. Read more in
### Getting warning message `gl-dependency-scanning-report.json: no matching files`
For information on this, see the [general Application Security troubleshooting section](../../../user/application_security/troubleshooting_application_security.md#getting-warning-messages--reportjson-no-matching-files).
For information on this, see the [general Application Security troubleshooting section](../troubleshooting_application_security.md#getting-warning-messages--reportjson-no-matching-files).
## `Error response from daemon: error processing tar file: docker-tar: relocation error`
@ -79,7 +79,7 @@ scanning job might be triggered even if the scanner doesn't support your project
## Error: `dependency_scanning is used for configuration only, and its script should not be executed`
For information, see the [GitLab Secure troubleshooting section](../../application_security/troubleshooting_application_security.md#error-job-is-used-for-configuration-only-and-its-script-should-not-be-executed).
For information, see the [GitLab Secure troubleshooting section](../troubleshooting_application_security.md#error-job-is-used-for-configuration-only-and-its-script-should-not-be-executed).
## Import multiple certificates for Java-based projects

2
doc/user/application_security/get-started-security.md
View File

@ -109,7 +109,7 @@ For more information, see:
- [Scan execution policy](policies/scan_execution_policies.md)
- [Container scans](container_scanning/index.md)
- [Operational container scanning](../../user/clusters/agent/vulnerabilities.md)
- [Operational container scanning](../clusters/agent/vulnerabilities.md)
## Step 6: Limit new vulnerabilities

4
doc/user/application_security/index.md
View File

@ -220,9 +220,9 @@ Feedback is welcome on our vision for [unifying the user experience for these tw
## Custom security role
You can create a [custom role](../../user/custom_roles.md) for security team members who need access to application security features, such as vulnerability management, security policies, or dependencies. This approach allows organizations to follow the Principle of Least Privilege by providing security team members with the privileges they need without promoting them to Developer or Maintainer on a group or project.
You can create a [custom role](../custom_roles.md) for security team members who need access to application security features, such as vulnerability management, security policies, or dependencies. This approach allows organizations to follow the Principle of Least Privilege by providing security team members with the privileges they need without promoting them to Developer or Maintainer on a group or project.
For example, the custom security role may have the following [permissions](../../user/custom_roles/abilities.md):
For example, the custom security role may have the following [permissions](../custom_roles/abilities.md):
- Name: Custom Security Role
- Description: Manage vulnerabilities and link security policy projects.

8
doc/user/application_security/policies/index.md
View File

@ -230,7 +230,7 @@ Development teams:
To enforce a security policy project on a group, subgroup, or project, you must have either:
- The Owner role in that group, subgroup, or project.
- A [custom role](../../../user/custom_roles.md) in that group, subgroup, or project with the `manage_security_policy_link` permission.
- A [custom role](../../custom_roles.md) in that group, subgroup, or project with the `manage_security_policy_link` permission.
The Owner role and custom roles with the `manage_security_policy_link` permission follow the standard hierarchy rules across groups, subgroups, and projects:
@ -266,7 +266,7 @@ DETAILS:
Prerequisites:
- You must have the Owner role or [custom role](../../../user/custom_roles.md) with the
- You must have the Owner role or [custom role](../../custom_roles.md) with the
`manage_security_policy_link` permission to link to the security policy project. For more
information, see [separation of duties](#separation-of-duties).
@ -312,7 +312,7 @@ DETAILS:
Prerequisites:
- You must have the Owner role or [custom role](../../../user/custom_roles.md) with the
- You must have the Owner role or [custom role](../../custom_roles.md) with the
`manage_security_policy_link` permission to link to the security policy project. For more
information, see [separation of duties](#separation-of-duties).
- To support approval groups globally across your instance, enable
@ -365,7 +365,7 @@ granularly per policy, you can set a "policy scope" in each policy.
Prerequisites:
- You must have the Owner role or [custom role](../../../user/custom_roles.md) with the`manage_security_policy_link` permission to link to the security policy project. For more information, see [separation of duties](#separation-of-duties).
- You must have the Owner role or [custom role](../../custom_roles.md) with the`manage_security_policy_link` permission to link to the security policy project. For more information, see [separation of duties](#separation-of-duties).
To link a group, subgroup, or project to a security policy project:

4
doc/user/application_security/policies/merge_request_approval_policies.md
View File

@ -218,7 +218,7 @@ the defined policy.
| `user_approvers_ids` | `array` of `integer` | false | ID of one of more users | The IDs of users to consider as approvers. Users must have access to the project to be eligible to approve. |
| `group_approvers` | `array` of `string` | false | Path of one of more groups | The groups to consider as approvers. Users with [direct membership in the group](../../project/merge_requests/approvals/rules.md#group-approvers) are eligible to approve. |
| `group_approvers_ids` | `array` of `integer` | false | ID of one of more groups | The IDs of groups to consider as approvers. Users with [direct membership in the group](../../project/merge_requests/approvals/rules.md#group-approvers) are eligible to approve. |
| `role_approvers` | `array` of `string` | false | One or more [roles](../../../user/permissions.md#roles) (for example: `owner`, `maintainer`) | The roles to consider as approvers that are eligible to approve. |
| `role_approvers` | `array` of `string` | false | One or more [roles](../../permissions.md#roles) (for example: `owner`, `maintainer`) | The roles to consider as approvers that are eligible to approve. |
## `send_bot_message` action type
@ -268,7 +268,7 @@ The settings set in the policy overwrite settings in the project.
| Field | Type | Required | Possible values | Applicable rule type | Description |
|-------------------------------------|-----------------------|----------|---------------------------------------------------------------|----------------------|-------------|
| `block_branch_modification` | `boolean` | false | `true`, `false` | All | When enabled, prevents a user from removing a branch from the protected branches list, deleting a protected branch, or changing the default branch if that branch is included in the security policy. This ensures users cannot remove protection status from a branch to merge vulnerable code. Enforced based on `branches`, `branch_type` and `policy_scope` and regardless of detected vulnerabilities. |
| `block_group_branch_modification` | `boolean` or `object` | false | `true`, `false`, `{ enabled: boolean, exceptions: [{ id: Integer}] }` | All | When enabled, prevents a user from removing group-level protected branches on every group the policy applies to. If `block_branch_modification` is `true`, implicitly defaults to `true`. Add top-level groups that support [group-level protected branches](../../../user/project/repository/branches/protected.md#for-all-projects-in-a-group) as `exceptions` |
| `block_group_branch_modification` | `boolean` or `object` | false | `true`, `false`, `{ enabled: boolean, exceptions: [{ id: Integer}] }` | All | When enabled, prevents a user from removing group-level protected branches on every group the policy applies to. If `block_branch_modification` is `true`, implicitly defaults to `true`. Add top-level groups that support [group-level protected branches](../../project/repository/branches/protected.md#for-all-projects-in-a-group) as `exceptions` |
| `prevent_approval_by_author` | `boolean` | false | `true`, `false` | `Any merge request` | When enabled, merge request authors cannot approve their own MRs. This ensures code authors cannot introduce vulnerabilities and approve code to merge. |
| `prevent_approval_by_commit_author` | `boolean` | false | `true`, `false` | `Any merge request` | When enabled, users who have contributed code to the MR are ineligible for approval. This ensures code committers cannot introduce vulnerabilities and approve code to merge. |
| `remove_approvals_with_new_commit` | `boolean` | false | `true`, `false` | `Any merge request` | When enabled, if an MR receives all necessary approvals to merge, but then a new commit is added, new approvals are required. This ensures new commits that may include vulnerabilities cannot be introduced. |

2
doc/user/application_security/policies/scan_execution_policies.md
View File

@ -327,7 +327,7 @@ rule in the defined policy are met.
| `scan_settings` | `object` | | A set of scan settings, supplied as an array of `key: value` pairs, to apply and enforce for the selected scan. The `key` is the setting name, with its `value` provided as a boolean or string. This parameter supports the settings defined in [scan settings](#scan-settings). |
NOTE:
If you have Merge Request Pipelines enabled for your project, you must select `template: latest` in your policy for each enforced scan. Using the latest template is crucial for compatibility with Merge Request Pipelines and allows you to take full advantage of GitLab security features. For more information on using security scanning tools with Merge Request Pipelines, please refer to our [security scanning documentation](../../application_security/detect/roll_out_security_scanning.md#use-security-scanning-tools-with-merge-request-pipelines).
If you have Merge Request Pipelines enabled for your project, you must select `template: latest` in your policy for each enforced scan. Using the latest template is crucial for compatibility with Merge Request Pipelines and allows you to take full advantage of GitLab security features. For more information on using security scanning tools with Merge Request Pipelines, please refer to our [security scanning documentation](../detect/roll_out_security_scanning.md#use-security-scanning-tools-with-merge-request-pipelines).
### Scanner behavior

4
doc/user/application_security/sast/troubleshooting.md
View File

@ -17,7 +17,7 @@ experience a problem not addressed here, or the information here does not fix yo
## Debug-level logging
Debug-level logging can help when troubleshooting. For details, see
[debug-level logging](../../application_security/troubleshooting_application_security.md#debug-level-logging).
[debug-level logging](../troubleshooting_application_security.md#debug-level-logging).
## Changes in the CI/CD template
@ -83,7 +83,7 @@ For information on this, see the [general Application Security troubleshooting s
sast is used for configuration only, and its script should not be executed
```
For information on this, see the [GitLab Secure troubleshooting section](../../application_security/troubleshooting_application_security.md#error-job-is-used-for-configuration-only-and-its-script-should-not-be-executed).
For information on this, see the [GitLab Secure troubleshooting section](../troubleshooting_application_security.md#error-job-is-used-for-configuration-only-and-its-script-should-not-be-executed).
## SAST jobs run unexpectedly

6
doc/user/application_security/secret_detection/pipeline/index.md
View File

@ -420,7 +420,7 @@ The `SECRET_DETECTION_RULESET_GIT_REFERENCE` variable uses a format similar to [
<AUTH_USER>:<AUTH_PASSWORD>@<PROJECT_PATH>@<GIT_SHA>
```
If the configuration file is stored in a private project that requires authentication, you may use a [Group Access Token](../../../../user/group/settings/group_access_tokens.md) securely stored in a CI variable to load the remote ruleset:
If the configuration file is stored in a private project that requires authentication, you may use a [Group Access Token](../../../group/settings/group_access_tokens.md) securely stored in a CI variable to load the remote ruleset:
```yaml
include:
@ -430,9 +430,9 @@ variables:
SECRET_DETECTION_RULESET_GIT_REFERENCE: "group_2504721_bot_7c9311ffb83f2850e794d478ccee36f5:$GROUP_ACCESS_TOKEN@gitlab.com/example-group/remote-ruleset-project"
```
The group access token must have the `read_repository` scope and at least the Reporter role. For details, see [Repository permissions](../../../../user/permissions.md#repository).
The group access token must have the `read_repository` scope and at least the Reporter role. For details, see [Repository permissions](../../../permissions.md#repository).
See [bot users for groups](../../../../user/group/settings/group_access_tokens.md#bot-users-for-groups) to learn how to find the username associated with a group access token.
See [bot users for groups](../../../group/settings/group_access_tokens.md#bot-users-for-groups) to learn how to find the username associated with a group access token.
#### Replace the default ruleset

2
doc/user/application_security/security_dashboard/index.md
View File

@ -28,7 +28,7 @@ For an overview, see [Security Dashboard](https://www.youtube.com/watch?v=Uo-pDn
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/383697) in GitLab 16.0.
You can view vulnerability metrics also in the [Value Streams Dashboard](../../../user/analytics/value_streams_dashboard.md) comparison panel, which helps you understand security exposure in the context of your organization's software delivery workflows.
You can view vulnerability metrics also in the [Value Streams Dashboard](../../analytics/value_streams_dashboard.md) comparison panel, which helps you understand security exposure in the context of your organization's software delivery workflows.
## Prerequisites

4
doc/user/application_security/vulnerabilities/index.md
View File

@ -77,7 +77,7 @@ To explain the vulnerability:
- Select the text below the vulnerability description that reads _You can also use AI by asking GitLab Duo Chat to explain this vulnerability and a suggested fix._
- In the upper right, from the **Resolve with merge request** dropdown list, select **Explain vulnerability**, then select **Explain vulnerability**.
- Open GitLab Duo Chat and use the [explain a vulnerability](../../../user/gitlab_duo_chat/examples.md#explain-a-vulnerability) command by typing `/vulnerability_explain`.
- Open GitLab Duo Chat and use the [explain a vulnerability](../../gitlab_duo_chat/examples.md#explain-a-vulnerability) command by typing `/vulnerability_explain`.
The response is shown on the right side of the page.
@ -134,7 +134,7 @@ To resolve the vulnerability:
1. Select outside the filter field. The vulnerability severity totals and list of matching vulnerabilities are updated.
1. Select the SAST vulnerability you want resolved.
- A blue icon is shown next to vulnerabilities that support Vulnerability Resolution.
1. In the upper-right corner, select **Resolve with AI**. If this project is a public project be aware that creating an MR will publicly expose the vulnerability and offered resolution. To create the MR privately, please [create a private fork](../../../user/project/merge_requests/confidential.md), and repeat this process.
1. In the upper-right corner, select **Resolve with AI**. If this project is a public project be aware that creating an MR will publicly expose the vulnerability and offered resolution. To create the MR privately, please [create a private fork](../../project/merge_requests/confidential.md), and repeat this process.
1. Add an additional commit to the MR. This forces a new pipeline to run.
1. After the pipeline is complete, on the [pipeline security tab](../vulnerability_report/pipeline.md#view-vulnerabilities-in-a-pipeline), confirm that the vulnerability no longer appears.
1. On the vulnerability report, [manually update the vulnerability](../vulnerability_report/index.md#change-status-of-vulnerabilities).

4
doc/user/okrs.md
View File

@ -132,10 +132,6 @@ You can add [comments](discussions/index.md) and reply to threads in OKRs.
To show who is responsible for an OKR, you can assign users to it.
Users on GitLab Free can assign one user per OKR.
Users on GitLab Premium and Ultimate can assign multiple users to a single OKR.
See also [multiple assignees for issues](project/issues/multiple_assignees_for_issues.md).
Prerequisites:
- You must have at least the Planner role for the project.

2
doc/user/profile/personal_access_tokens.md
View File

@ -161,6 +161,8 @@ To disable the enterprise users' personal access tokens:
1. Under **Personal access tokens**, select **Disable personal access tokens**.
1. Select **Save changes**.
When you delete or block an enterprise user account, their personal access tokens are automatically revoked.
## View the time at and IPs where a token was last used
> - In GitLab 16.0 and earlier, token usage information is updated every 24 hours.

4
lib/api/repositories.rb
View File

@ -174,6 +174,8 @@ module API
optional :format, type: String, desc: 'The archive format', documentation: { example: 'tar.gz' }
optional :path, type: String,
desc: 'Subfolder of the repository to be downloaded', documentation: { example: 'files/archives' }
optional :include_lfs_blobs, type: Boolean, default: true,
desc: 'Used to exclude LFS objects from archive'
end
get ':id/repository/archive', requirements: { format: Gitlab::PathRegex.archive_formats_regex } do
check_archive_rate_limit!(current_user, user_project) do
@ -182,7 +184,7 @@ module API
not_acceptable! if Gitlab::HotlinkingDetector.intercept_hotlinking?(request)
send_git_archive user_project.repository, ref: params[:sha], format: params[:format], append_sha: true, path: params[:path]
send_git_archive user_project.repository, ref: params[:sha], format: params[:format], append_sha: true, path: params[:path], include_lfs_blobs: params[:include_lfs_blobs]
rescue StandardError
not_found!('File')
end

3
lib/gitlab/sidekiq_config/worker.rb
View File

@ -60,7 +60,8 @@ module Gitlab
resource_boundary: get_worker_resource_boundary,
weight: get_weight,
idempotent: idempotent?,
tags: get_tags
tags: get_tags,
queue_namespace: queue_namespace&.to_sym
}
end

3
lib/gitlab/sidekiq_config/worker_matcher.rb
View File

@ -16,7 +16,8 @@ module Gitlab
name: :to_s,
resource_boundary: :to_sym,
tags: :to_sym,
urgency: :to_sym
urgency: :to_sym,
queue_namespace: :to_sym
}.freeze
QueryError = Class.new(StandardError)

8
lib/gitlab/workhorse.rb
View File

@ -74,7 +74,7 @@ module Gitlab
]
end
def send_git_archive(repository, ref:, format:, append_sha:, path: nil)
def send_git_archive(repository, ref:, format:, append_sha:, path: nil, include_lfs_blobs: true)
format ||= 'tar.gz'
format = format.downcase
@ -88,7 +88,7 @@ module Gitlab
raise "Repository or ref not found" if metadata.empty?
params = send_git_archive_params(repository, metadata, path, archive_format(format))
params = send_git_archive_params(repository, metadata, path, archive_format(format), include_lfs_blobs)
# If present, DisableCache must be a Boolean. Otherwise
# workhorse ignores it.
@ -366,7 +366,7 @@ module Gitlab
end
end
def send_git_archive_params(repository, metadata, path, format)
def send_git_archive_params(repository, metadata, path, format, include_lfs_blobs)
{
'ArchivePath' => metadata['ArchivePath'],
'GetArchiveRequest' => encode_binary(
@ -376,7 +376,7 @@ module Gitlab
prefix: metadata['ArchivePrefix'],
format: format,
path: Gitlab::EncodingHelper.encode_binary(path.presence || ""),
include_lfs_blobs: true
include_lfs_blobs: include_lfs_blobs
).to_proto
)
}

4
package.json
View File

@ -61,7 +61,7 @@
"@gitlab/favicon-overlay": "2.0.0",
"@gitlab/fonts": "^1.3.0",
"@gitlab/query-language-rust": "0.3.2",
"@gitlab/svgs": "3.122.0",
"@gitlab/svgs": "3.123.0",
"@gitlab/ui": "107.7.1",
"@gitlab/vue-router-vue3": "npm:vue-router@4.1.6",
"@gitlab/vuex-vue3": "npm:vuex@4.0.0",
@ -128,6 +128,7 @@
"canvas-confetti": "^1.4.0",
"clipboard": "^2.0.8",
"colord": "^2.9.3",
"commander": "^13.1.0",
"compression-webpack-plugin": "^5.0.2",
"copy-webpack-plugin": "^6.4.1",
"core-js": "^3.40.0",
@ -267,7 +268,6 @@
"babel-jest": "^29.7.0",
"chalk": "^2.4.1",
"chokidar": "^3.5.3",
"commander": "^2.20.3",
"crypto": "^1.0.1",
"custom-jquery-matchers": "^2.1.0",
"eslint": "9.19.0",

2
public/-/error-illustrations/error-500-lg.svg
View File

File diff suppressed because one or more lines are too long
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 6.4 KiB

After

Width:  |  Height:  |  Size: 6.2 KiB

2
public/-/error-illustrations/error-502-lg.svg
View File

File diff suppressed because one or more lines are too long
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 8.0 KiB

After

Width:  |  Height:  |  Size: 7.8 KiB

2
public/-/error-illustrations/error-503-lg.svg
View File

File diff suppressed because one or more lines are too long
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 6.4 KiB

After

Width:  |  Height:  |  Size: 6.2 KiB

2
qa/gdk/Dockerfile.gdk
View File

@ -1,4 +1,4 @@
ARG GDK_SHA=53baf9d7be970535d97d5fc5ae264d8d6eabe221
ARG GDK_SHA=2273ae4bb64ce0ab0503e3c69fef7029dce133f2
# Use tag prefix when running on 'stable' branch to make sure 'protected' image is used which is not deleted by registry cleanup
ARG GDK_BASE_TAG_PREFIX

15
scripts/frontend/check_jest_vue3_quarantine.js
View File

@ -4,7 +4,7 @@ const { spawnSync } = require('node:child_process');
const { readFile, open, stat, mkdir } = require('node:fs/promises');
const { join, relative, dirname } = require('node:path');
const defaultChalk = require('chalk');
const program = require('commander');
const { program } = require('commander');
const IS_EE = require('../../config/helpers/is_ee_env');
const { getLocalQuarantinedFiles } = require('./jest_vue3_quarantine_utils');
@ -27,7 +27,6 @@ let filesThatChanged;
function parseArguments() {
program
.usage('[options] <SPEC ...>')
.description(
`
Checks whether Jest specs quarantined under Vue 3 should be unquarantined.
@ -68,17 +67,19 @@ Locally:
'--stdio',
`Let Jest write to stderr as normal. By default, it writes to ${JEST_STDERR}. Should not be used in CI, as it can exceed maximum job log size.`,
)
.argument('[spec...]', 'List of spec files to run (incompatible with --all)')
.parse(process.argv);
const options = program.opts();
let invalidArgumentsMessage;
if (!IS_CI) {
if (!program.all && program.args.length === 0) {
if (!options.all && program.args.length === 0) {
invalidArgumentsMessage =
'No spec files to check!\n\nWhen run locally, either add the --all option, or a list of spec files to check.';
}
if (program.all && program.args.length > 0) {
if (options.all && program.args.length > 0) {
invalidArgumentsMessage = `Do not pass arguments in addition to the --all option.`;
}
}
@ -204,7 +205,7 @@ function getTestArguments() {
'./scripts/frontend/check_jest_vue3_quarantine_sequencer.js',
];
if (program.all) {
if (program.opts().all) {
console.warn(
'Running in CI with --all. Checking all quarantined specs, subject to FixtureCISequencer sharding behavior.',
);
@ -218,7 +219,7 @@ function getTestArguments() {
return ciArguments(filesThatChanged);
}
if (program.all) {
if (program.opts().all) {
console.warn('Running locally with --all. Checking all quarantined specs.');
return ['--runTestsByPath', ...quarantinedFiles];
}
@ -244,7 +245,7 @@ function getTestArguments() {
}
async function getStdio() {
if (program.stdio) {
if (program.opts().stdio) {
return 'inherit';
}

8
scripts/frontend/extract_gettext_all.js
View File

@ -1,4 +1,4 @@
const argumentsParser = require('commander');
const { program } = require('commander');
const { GettextExtractor, JsExtractors } = require('gettext-extractor');
const {
@ -8,11 +8,13 @@ const {
const vue2TemplateCompiler = require('vue-template-compiler');
const ensureSingleLine = require('../../app/assets/javascripts/locale/ensure_single_line.cjs');
const args = argumentsParser
program
.option('-f, --file <file>', 'Extract message from one single file')
.option('-a, --all', 'Extract message from all js/vue files')
.parse(process.argv);
const args = program.opts();
const extractor = decorateExtractorWithHelpers(new GettextExtractor());
extractor.addMessageTransformFunction(ensureSingleLine);
@ -78,6 +80,6 @@ async function main() {
main().catch((error) => {
console.warn(error.message);
args.outputHelp();
program.outputHelp();
process.exit(1);
});

26
scripts/frontend/jest_ci.js
View File

@ -3,7 +3,7 @@
const { spawnSync } = require('node:child_process');
const { readFileSync } = require('node:fs');
const defaultChalk = require('chalk');
const program = require('commander');
const { program } = require('commander');
const IS_CI = Boolean(process.env.CI);
@ -27,7 +27,6 @@ function showVue3Help() {
function parseArgumentsAndEnvironment() {
program
.usage('[options]')
.description(`Runs Jest under CI.`)
.option(
'--vue3',
@ -50,21 +49,22 @@ function parseArgumentsAndEnvironment() {
"Tell Jest to generate coverage. If not specified, it's enabled only on non-FOSS branch or tag pipelines under Vue 2, non-predictive runs.",
)
.parse(process.argv);
const options = program.opts();
if (!IS_CI) {
console.warn('This script is intended to run in CI only.');
if (program.vue3) showVue3Help();
if (options.vue3) showVue3Help();
process.exit(1);
}
if (program.vue3 && process.env.VUE_VERSION !== '3') {
if (options.vue3 && process.env.VUE_VERSION !== '3') {
console.warn(
`Expected environment variable VUE_VERSION=3 given option '--vue3', got VUE_VERSION="${process.env.VUE_VERSION}".`,
);
process.exit(1);
}
if (!program.vue3 && ![undefined, '2'].includes(process.env.VUE_VERSION)) {
if (!options.vue3 && ![undefined, '2'].includes(process.env.VUE_VERSION)) {
console.warn(
`Expected unset environment variable VUE_VERSION, or VUE_VERSION=2, got VUE_VERSION="${process.env.VUE_VERSION}".`,
);
@ -72,7 +72,7 @@ function parseArgumentsAndEnvironment() {
}
const changedFiles = [];
if (program.predictive) {
if (options.predictive) {
const { RSPEC_MATCHING_JS_FILES_PATH, RSPEC_CHANGED_FILES_PATH } = process.env;
for (const [name, path] of Object.entries({
@ -97,17 +97,17 @@ function parseArgumentsAndEnvironment() {
}
const coverage =
program.coverage ||
options.coverage ||
(!process.env.CI_MERGE_REQUEST_IID &&
!/^as-if-foss\//.test(process.env.CI_COMMIT_BRANCH) &&
!program.vue3 &&
!program.predictive);
!options.vue3 &&
!options.predictive);
return {
vue3: program.vue3,
includeVue3Quarantined: program.includeVue3Quarantined,
predictive: program.predictive,
fixtures: program.fixtures,
vue3: options.vue3,
includeVue3Quarantined: options.includeVue3Quarantined,
predictive: options.predictive,
fixtures: options.fixtures,
coverage,
nodeIndex: process.env.CI_NODE_INDEX ?? '1',
nodeTotal: process.env.CI_NODE_TOTAL ?? '1',

8
scripts/frontend/po_to_json.js
View File

@ -172,16 +172,18 @@ async function convertPoFileForLocale({ locale, localeFile, resultDir }) {
*/
if (!process.env.JEST_WORKER_ID) {
// eslint-disable-next-line global-require
const argumentsParser = require('commander');
const { program } = require('commander');
const args = argumentsParser
program
.option('-l, --locale-root <locale_root>', 'Extract messages from subfolders in this directory')
.option('-o, --output-dir <output_dir>', 'Write app.js files into subfolders in this directory')
.parse(process.argv);
const args = program.opts();
main(args).catch((e) => {
console.warn(`Something went wrong: ${e.message}`);
console.warn(args.printHelp());
program.outputHelp();
process.exitCode = 1;
});
}

37
spec/lib/gitlab/sidekiq_config/worker_matcher_spec.rb
View File

@ -10,45 +10,50 @@ RSpec.describe Gitlab::SidekiqConfig::WorkerMatcher do
let(:worker_metadatas) do
[
{
name: 'a',
name: 'pipeline_processing:worker_a',
worker_name: 'WorkerA',
feature_category: :category_a,
has_external_dependencies: false,
urgency: :low,
resource_boundary: :cpu,
tags: [:no_disk_io, :git_access]
tags: [:no_disk_io, :git_access],
queue_namespace: :pipeline_processing
},
{
name: 'a:2',
name: 'pipeline_processing:worker_a2',
worker_name: 'WorkerA2',
feature_category: :category_a,
has_external_dependencies: false,
urgency: :high,
resource_boundary: :none,
tags: [:git_access]
tags: [:git_access],
queue_namespace: :pipeline_processing
},
{
name: 'b',
name: 'authorized_project_update:worker_b',
worker_name: 'WorkerB',
feature_category: :category_b,
has_external_dependencies: true,
urgency: :high,
resource_boundary: :memory,
tags: [:no_disk_io]
tags: [:no_disk_io],
queue_namespace: :authorized_project_update
},
{
name: 'c',
name: 'cronjob:worker_c',
worker_name: 'WorkerC',
feature_category: :category_c,
has_external_dependencies: false,
urgency: :throttled,
resource_boundary: :memory,
tags: []
tags: [],
queue_namespace: :cronjob
}
]
end
context 'with valid input' do
# rubocop:disable Layout/LineLength -- Easier to read when they are on one line
where(:query, :expected_metadatas) do
# worker_name
'worker_name=WorkerA' | %w[WorkerA]
@ -77,10 +82,10 @@ RSpec.describe Gitlab::SidekiqConfig::WorkerMatcher do
'urgency!=high' | %w[WorkerA WorkerC]
# name
'name=a' | %w[WorkerA]
'name=a,b' | %w[WorkerA WorkerB]
'name=a,a:2|name=b' | %w[WorkerA WorkerA2 WorkerB]
'name!=a,a:2' | %w[WorkerB WorkerC]
'name=pipeline_processing:worker_a' | %w[WorkerA]
'name=pipeline_processing:worker_a,authorized_project_update:worker_b' | %w[WorkerA WorkerB]
'name=pipeline_processing:worker_a,pipeline_processing:worker_a2|name=authorized_project_update:worker_b' | %w[WorkerA WorkerA2 WorkerB]
'name!=pipeline_processing:worker_a,pipeline_processing:worker_a2' | %w[WorkerB WorkerC]
# resource_boundary
'resource_boundary=memory' | %w[WorkerB WorkerC]
@ -100,6 +105,13 @@ RSpec.describe Gitlab::SidekiqConfig::WorkerMatcher do
'tags!=no_disk_io,git_access' | %w[WorkerC]
'tags!=unknown_tag' | %w[WorkerA WorkerA2 WorkerB WorkerC]
# queue_namespace
'queue_namespace=pipeline_processing' | %w[WorkerA WorkerA2]
'queue_namespace=pipeline_processing,authorized_project_update' | %w[WorkerA WorkerA2 WorkerB]
'queue_namespace=pipeline_processing|queue_namespace=authorized_project_update' | %w[WorkerA WorkerA2 WorkerB]
'queue_namespace=cronjob' | %w[WorkerC]
'queue_namespace!=cronjob' | %w[WorkerA WorkerA2 WorkerB]
# combinations
'feature_category=category_a&urgency=high' | %w[WorkerA2]
'feature_category=category_a&urgency=high|feature_category=category_c' | %w[WorkerA2 WorkerC]
@ -107,6 +119,7 @@ RSpec.describe Gitlab::SidekiqConfig::WorkerMatcher do
# Match all
'*' | %w[WorkerA WorkerA2 WorkerB WorkerC]
end
# rubocop:enable Layout/LineLength
with_them do
it do

26
spec/lib/gitlab/sidekiq_config/worker_spec.rb
View File

@ -4,7 +4,7 @@ require 'fast_spec_helper'
RSpec.describe Gitlab::SidekiqConfig::Worker do
def create_worker(queue:, **attributes)
namespace = queue.include?(':') && queue.split(':').first
namespace = queue.include?(':') ? queue.split(':').first : nil
inner_worker = double(
name: attributes[:worker_name] || 'Foo::BarWorker',
generated_queue_name: queue,
@ -102,7 +102,8 @@ RSpec.describe Gitlab::SidekiqConfig::Worker do
resource_boundary: :memory,
weight: 2,
idempotent: true,
tags: []
tags: [],
queue_namespace: nil
}
attributes_b = {
@ -113,7 +114,8 @@ RSpec.describe Gitlab::SidekiqConfig::Worker do
resource_boundary: :unknown,
weight: 3,
idempotent: false,
tags: [:no_disk_io]
tags: [:no_disk_io],
queue_namespace: nil
}
worker_a = create_worker(queue: 'a', **attributes_a)
@ -126,6 +128,24 @@ RSpec.describe Gitlab::SidekiqConfig::Worker do
.to eq(YAML.dump([attributes_a.reverse_merge(name: 'a'),
attributes_b.reverse_merge(name: 'b')]))
end
it 'encodes the queue_namespace' do
attributes_a = {
worker_name: 'WorkerA',
feature_category: :source_code_management,
has_external_dependencies: false,
urgency: :low,
resource_boundary: :memory,
weight: 2,
idempotent: true,
tags: []
}
worker_a = create_worker(queue: 'test:a', **attributes_a)
attributes = YAML.dump(worker_a)
expect(attributes).to include("queue_namespace: :test")
end
end
describe '#namespace_and_weight' do

37
spec/lib/gitlab/workhorse_spec.rb
View File

@ -25,17 +25,31 @@ RSpec.describe Gitlab::Workhorse, feature_category: :shared do
let(:format) { 'zip' }
let(:storage_path) { Gitlab.config.gitlab.repository_downloads_path }
let(:path) { 'some/path' }
let(:include_lfs_blobs) { true }
let(:metadata) { repository.archive_metadata(ref, storage_path, format, append_sha: nil, path: path) }
let(:cache_disabled) { false }
subject do
described_class.send_git_archive(repository, ref: ref, format: format, append_sha: nil, path: path)
described_class.send_git_archive(repository, ref: ref, format: format, append_sha: nil, path: path, include_lfs_blobs: include_lfs_blobs)
end
before do
allow(described_class).to receive(:git_archive_cache_disabled?).and_return(cache_disabled)
end
def expected_archive_request(repository, metadata, path, include_lfs_blobs)
Base64.encode64(
Gitaly::GetArchiveRequest.new(
repository: repository.gitaly_repository,
commit_id: metadata['CommitId'],
prefix: metadata['ArchivePrefix'],
format: Gitaly::GetArchiveRequest::Format::ZIP,
path: path,
include_lfs_blobs: include_lfs_blobs
).to_proto
)
end
it 'sets the header correctly' do
key, command, params = decode_workhorse_header(subject)
@ -48,19 +62,20 @@ RSpec.describe Gitlab::Workhorse, feature_category: :shared do
token: Gitlab::GitalyClient.token(project.repository_storage)
},
'ArchivePath' => metadata['ArchivePath'],
'GetArchiveRequest' => Base64.encode64(
Gitaly::GetArchiveRequest.new(
repository: repository.gitaly_repository,
commit_id: metadata['CommitId'],
prefix: metadata['ArchivePrefix'],
format: Gitaly::GetArchiveRequest::Format::ZIP,
path: path,
include_lfs_blobs: true
).to_proto
)
'GetArchiveRequest' => expected_archive_request(repository, metadata, path, include_lfs_blobs)
}.deep_stringify_keys)
end
context 'when include_lfs_blobs is disabled' do
let(:include_lfs_blobs) { false }
it 'sets the GetArchiveRequest header correctly' do
_, _, params = decode_workhorse_header(subject)
expect(params).to include({ 'GetArchiveRequest' => expected_archive_request(repository, metadata, path, include_lfs_blobs) })
end
end
context 'when archive caching is disabled' do
let(:cache_disabled) { true }

33
spec/requests/api/repositories_spec.rb
View File

@ -295,10 +295,28 @@ RSpec.describe API::Repositories, feature_category: :source_code_management do
let(:project_id) { CGI.escape(project.full_path) }
let(:route) { "/projects/#{project_id}/repository/archive" }
let(:storage_path) { Gitlab.config.gitlab.repository_downloads_path }
let(:format) { 'tar.gz' }
let(:path) { nil }
let(:metadata) { project.repository.archive_metadata(nil, storage_path, format, append_sha: nil, path: path) }
before do
allow(::Gitlab::ApplicationRateLimiter).to receive(:throttled?).and_return(false)
end
def expected_archive_request(repository, metadata, path, include_lfs_blobs)
Base64.encode64(
Gitaly::GetArchiveRequest.new(
repository: repository.gitaly_repository,
commit_id: metadata['CommitId'],
prefix: metadata['ArchivePrefix'],
format: Gitaly::GetArchiveRequest::Format::TAR_GZ,
path: path,
include_lfs_blobs: include_lfs_blobs
).to_proto
)
end
shared_examples_for 'repository archive' do
it 'returns the repository archive' do
get api(route, current_user)
@ -309,6 +327,7 @@ RSpec.describe API::Repositories, feature_category: :source_code_management do
expect(type).to eq('git-archive')
expect(params['ArchivePath']).to match(/#{project.path}-[^.]+\.tar.gz/)
expect(params['GetArchiveRequest']).to eq(expected_archive_request(project.repository, metadata, path, true))
expect(response.parsed_body).to be_empty
end
@ -341,6 +360,20 @@ RSpec.describe API::Repositories, feature_category: :source_code_management do
end
end
context 'when include_lfs_blobs is false' do
it 'returns the correct GetArchiveRequest' do
get api("#{route}?include_lfs_blobs=false", current_user)
expect(response).to have_gitlab_http_status(:ok)
type, params = workhorse_send_data
expect(type).to eq('git-archive')
expect(params['ArchivePath']).to match(/#{project.path}-[^.]+\.tar.gz/)
expect(params['GetArchiveRequest']).to eq(expected_archive_request(project.repository, metadata, path, false))
end
end
it 'returns only a part of the repository with path set' do
path = 'bar'
get api("#{route}?path=#{path}", current_user)

23
yarn.lock
View File

@ -1412,7 +1412,8 @@
resolved "https://registry.yarnpkg.com/@gitlab/fonts/-/fonts-1.3.0.tgz#df89c1bb6714e4a8a5d3272568aa4de7fb337267"
integrity sha512-DoMUIN3DqjEn7wvcxBg/b7Ite5fTdF5EmuOZoBRo2j0UBGweDXmNBi+9HrTZs4cBU660dOxcf1hATFcG3npbPg==
"@gitlab/noop@^1.0.0":
"@gitlab/noop@^1.0.0", jackspeak@^3.1.2, "jackspeak@npm:@gitlab/noop@1.0.0":
name jackspeak
version "1.0.0"
resolved "https://registry.yarnpkg.com/@gitlab/noop/-/noop-1.0.0.tgz#b1ecb8ae6b2abf9b2e28927e4fbb05b7a1b2704b"
integrity sha512-nOltttik5o2BjBo8LnyeTFzHoLpMY/XcCVOC+lm9ZwU+ivEam8wafacMF0KTbRn1KVrIoHYdo70QnqS+vJiOVw==
@ -1431,10 +1432,10 @@
stylelint-declaration-strict-value "1.10.4"
stylelint-scss "6.0.0"
"@gitlab/svgs@3.122.0":
version "3.122.0"
resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-3.122.0.tgz#f3d21ff18d60510c4b6983a211dfbc39304a517b"
integrity sha512-2ED6E6aYTpzOv4Tz2zFtPnBP/ZTSR1mNebHYkMfm+kx9u61ILwfVJjaQ3vu73BviToAs9+1bs7RIe3iAtzCB2g==
"@gitlab/svgs@3.123.0":
version "3.123.0"
resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-3.123.0.tgz#1fa3b1a709755ff7c8ef67e18c0442101655ebf0"
integrity sha512-yjVn+utOTIKk8d9JlvGo6EgJ4TQ+CKpe3RddflAqtsQqQuL/2MlVdtaUePybxYzWIaumFuh5LouQ6BrWyw1niQ==
"@gitlab/ui@107.7.1":
version "107.7.1"
@ -5358,7 +5359,7 @@ comma-separated-tokens@^2.0.0:
resolved "https://registry.yarnpkg.com/comma-separated-tokens/-/comma-separated-tokens-2.0.2.tgz#d4c25abb679b7751c880be623c1179780fe1dd98"
integrity sha512-G5yTt3KQN4Yn7Yk4ed73hlZ1evrFKXeUW3086p3PRFNp7m2vIjI6Pg+Kgb+oyzhd9F2qdcoj67+y3SdxL5XWsg==
commander@2, commander@^2.19.0, commander@^2.20.0, commander@^2.20.3:
commander@2, commander@^2.19.0, commander@^2.20.0:
version "2.20.3"
resolved "https://registry.yarnpkg.com/commander/-/commander-2.20.3.tgz#fd485e84c03eb4881c20722ba48035e8531aeb33"
integrity sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==
@ -5373,6 +5374,11 @@ commander@^10.0.0, commander@^10.0.1:
resolved "https://registry.yarnpkg.com/commander/-/commander-10.0.1.tgz#881ee46b4f77d1c1dccc5823433aa39b022cbe06"
integrity sha512-y4Mg2tXshplEbSGzx7amzPwKKOCGuoSRP/CjEdwwk0FOGlUbq6lKuoyDZTNZkmxHdJtp54hdfY/JUrdL7Xfdug==
commander@^13.1.0:
version "13.1.0"
resolved "https://registry.yarnpkg.com/commander/-/commander-13.1.0.tgz#776167db68c78f38dcce1f9b8d7b8b9a488abf46"
integrity sha512-/rFeCpNJQbhSZjGVwO9RFV3xPqbnERS8MmIQzCtD/zl6gpJuV/bMLuN92oG3F7d8oDEHHRrujSXNUr8fpjntKw==
commander@^4.0.0:
version "4.1.1"
resolved "https://registry.yarnpkg.com/commander/-/commander-4.1.1.tgz#9fd602bd936294e9e9ef46a3f4d6964044b18068"
@ -9328,11 +9334,6 @@ iterall@^1.2.1:
resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.3.0.tgz#afcb08492e2915cbd8a0884eb93a8c94d0d72fea"
integrity sha512-QZ9qOMdF+QLHxy1QIpUHUU1D5pS2CG2P69LF6L6CPjPYA/XMOmKV3PZpawHoAjHNyB0swdVTRxdYT4tbBbxqwg==
jackspeak@^3.1.2, "jackspeak@npm:@gitlab/noop@1.0.0":
version "1.0.0"
resolved "https://registry.yarnpkg.com/@gitlab/noop/-/noop-1.0.0.tgz#b1ecb8ae6b2abf9b2e28927e4fbb05b7a1b2704b"
integrity sha512-nOltttik5o2BjBo8LnyeTFzHoLpMY/XcCVOC+lm9ZwU+ivEam8wafacMF0KTbRn1KVrIoHYdo70QnqS+vJiOVw==
jed@^1.1.1:
version "1.1.1"
resolved "https://registry.yarnpkg.com/jed/-/jed-1.1.1.tgz#7a549bbd9ffe1585b0cd0a191e203055bee574b4"