root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2025-04-08 06:11:31 +00:00
parent dea672445c
commit 2551ad5119
56 changed files with 315 additions and 161 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
.gitlab/issue_templates/GLAS Engine Limitation.md Normal file
View File

@ -0,0 +1,29 @@
<!---
This template facilitates communication between VR and SAST team regarding GLAS engine improvements.
Use this to raise cases where the GLAS engine's behavior does not align with the SAST rule.
--->
### Problem
<!-- Describe the limitation in the GLAS engine:
- What capability is missing
- Security impact (false positives/negatives) -->
### Steps to reproduce
<!-- Provide:
1. Code example that demonstrates the limitation
1. Rule that exposes the limitation (ID/pattern)
1. Expected vs actual behavior
1. Semgrep playground link (if applicable) -->
### Other references
<!-- Include relevant links such as:
- Rule MR with failing test
- GLAS pipeline with failing job
- GLAS results JSON file -->
### SAST Reaction rotation engineer todo
@gitlab-org/secure/static-analysis/reaction-rotation
See [SAST Reaction rotation GLAS limitations](https://handbook.gitlab.com/handbook/engineering/development/sec/secure/static-analysis/reaction_rotation/#glas-limitations-issues) to traige this issue.
/label ~"section::sec" ~"devops::application security testing" ~"group::static analysis" ~"Category:SAST" ~"GLAS::VR-Reported" ~"GLAS::EngineLimitation"

3
.rubocop_todo/gitlab/bounded_contexts.yml
View File

@ -3236,7 +3236,6 @@ Gitlab/BoundedContexts:
- 'ee/app/services/groups/enterprise_users/base_service.rb'
- 'ee/app/services/groups/enterprise_users/disassociate_service.rb'
- 'ee/app/services/groups/epics_count_service.rb'
- 'ee/app/services/groups/restore_service.rb'
- 'ee/app/services/groups/schedule_bulk_repository_shard_moves_service.rb'
- 'ee/app/services/groups/seat_usage_export_service.rb'
- 'ee/app/services/groups/ssh_certificates/find_service.rb'
@ -3399,8 +3398,6 @@ Gitlab/BoundedContexts:
- 'ee/app/validators/user_existence_validator.rb'
- 'ee/app/validators/user_id_existence_validator.rb'
- 'ee/app/workers/active_user_count_threshold_worker.rb'
- 'ee/app/workers/adjourned_group_deletion_worker.rb'
- 'ee/app/workers/adjourned_projects_deletion_cron_worker.rb'
- 'ee/app/workers/admin_emails_worker.rb'
- 'ee/app/workers/app_sec/container_scanning/scan_image_worker.rb'
- 'ee/app/workers/app_sec/dast/profile_schedule_worker.rb'

3
.rubocop_todo/gitlab/feature_flag_without_actor.yml
View File

@ -11,7 +11,6 @@ Gitlab/FeatureFlagWithoutActor:
- 'app/finders/abuse_reports_finder.rb'
- 'app/finders/merge_requests_finder.rb'
- 'app/finders/notes_finder.rb'
- 'app/finders/projects_finder.rb'
- 'app/finders/snippets_finder.rb'
- 'app/graphql/mutations/issues/bulk_update.rb'
- 'app/graphql/types/namespace_type.rb'
@ -36,7 +35,6 @@ Gitlab/FeatureFlagWithoutActor:
- 'app/models/repository.rb'
- 'app/models/snippet.rb'
- 'app/models/user.rb'
- 'app/policies/project_policy.rb'
- 'app/serializers/admin/abuse_report_entity.rb'
- 'app/serializers/web_ide_terminal_entity.rb'
- 'app/services/ci/job_artifacts/update_unknown_locked_status_service.rb'
@ -147,7 +145,6 @@ Gitlab/FeatureFlagWithoutActor:
- 'lib/gitlab/experiment_feature_rollout.rb'
- 'lib/gitlab/git/diff.rb'
- 'lib/gitlab/git/repository.rb'
- 'lib/gitlab/git/user.rb'
- 'lib/gitlab/internal_events.rb'
- 'lib/gitlab/lograge/custom_options.rb'
- 'lib/gitlab/memory/reports/heap_dump.rb'

2
.rubocop_todo/gitlab/hard_delete_calls.yml
View File

@ -7,8 +7,6 @@ Gitlab/HardDeleteCalls:
- 'app/controllers/groups_controller.rb'
- 'app/controllers/organizations/groups_controller.rb'
- 'app/controllers/projects_controller.rb'
- 'app/services/groups/mark_for_deletion_service.rb'
- 'app/services/projects/mark_for_deletion_service.rb'
- 'app/services/projects/overwrite_project_service.rb'
- 'app/services/users/destroy_service.rb'
- 'app/workers/projects/inactive_projects_deletion_cron_worker.rb'

2
.rubocop_todo/gitlab/namespaced_class.yml
View File

@ -981,8 +981,6 @@ Gitlab/NamespacedClass:
- 'ee/app/services/timebox_report_service.rb'
- 'ee/app/validators/ldap_filter_validator.rb'
- 'ee/app/workers/active_user_count_threshold_worker.rb'
- 'ee/app/workers/adjourned_group_deletion_worker.rb'
- 'ee/app/workers/adjourned_projects_deletion_cron_worker.rb'
- 'ee/app/workers/admin_emails_worker.rb'
- 'ee/app/workers/create_github_webhook_worker.rb'
- 'ee/app/workers/elastic_association_indexer_worker.rb'

1
.rubocop_todo/gitlab/no_find_in_workers.yml
View File

@ -67,7 +67,6 @@ Gitlab/NoFindInWorkers:
- 'ee/app/workers/admin_emails_worker.rb'
- 'ee/app/workers/analytics/devops_adoption/create_snapshot_worker.rb'
- 'ee/app/workers/approval_rules/external_approval_rule_payload_worker.rb'
- 'ee/app/workers/audit_events/audit_event_streaming_worker.rb'
- 'ee/app/workers/ci/runners/export_usage_csv_worker.rb'
- 'ee/app/workers/compliance_management/chain_of_custody_report_worker.rb'
- 'ee/app/workers/compliance_management/framework_export_mailer_worker.rb'

1
.rubocop_todo/gitlab/strong_memoize_attr.yml
View File

@ -315,7 +315,6 @@ Gitlab/StrongMemoizeAttr:
- 'ee/app/services/incident_management/pending_escalations/process_service.rb'
- 'ee/app/services/iterations/create_service.rb'
- 'ee/app/services/merge_requests/update_blocks_service.rb'
- 'ee/app/services/projects/restore_service.rb'
- 'ee/app/services/protected_environments/base_service.rb'
- 'ee/app/services/security/ingestion/tasks/ingest_vulnerabilities/mark_resolved_as_detected.rb'
- 'ee/app/services/security/report_summary_service.rb'

1
.rubocop_todo/layout/empty_line_after_magic_comment.yml
View File

@ -450,7 +450,6 @@ Layout/EmptyLineAfterMagicComment:
- 'spec/lib/gitlab/x509/tag_spec.rb'
- 'spec/lib/security/report_schema_version_matcher_spec.rb'
- 'spec/models/analytics/cycle_analytics/aggregation_spec.rb'
- 'spec/models/concerns/loose_index_scan_spec.rb'
- 'spec/models/dependency_proxy/blob_spec.rb'
- 'spec/models/dependency_proxy/manifest_spec.rb'
- 'spec/models/dependency_proxy/registry_spec.rb'

4
.rubocop_todo/layout/line_length.yml
View File

@ -1794,7 +1794,6 @@ Layout/LineLength:
- 'ee/spec/support/shared_examples/lib/gitlab/git_access_shared_examples.rb'
- 'ee/spec/support/shared_examples/models/concerns/blob_replicator_strategy_shared_examples.rb'
- 'ee/spec/support/shared_examples/models/concerns/issuable_links_shared_examples.rb'
- 'ee/spec/support/shared_examples/models/concerns/repository_replicator_strategy_shared_examples.rb'
- 'ee/spec/support/shared_examples/models/concerns/verifiable_replicator_shared_examples.rb'
- 'ee/spec/support/shared_examples/models/geo_verifiable_registry_shared_examples.rb'
- 'ee/spec/support/shared_examples/models/member_shared_examples.rb'
@ -1827,7 +1826,6 @@ Layout/LineLength:
- 'ee/spec/views/shared/credentials_inventory/personal_access_tokens/_personal_access_token.html.haml_spec.rb'
- 'ee/spec/views/shared/promotions/_promotion_link_project.html.haml_spec.rb'
- 'ee/spec/workers/active_user_count_threshold_worker_spec.rb'
- 'ee/spec/workers/adjourned_projects_deletion_cron_worker_spec.rb'
- 'ee/spec/workers/analytics/cycle_analytics/consistency_worker_spec.rb'
- 'ee/spec/workers/analytics/devops_adoption/create_all_snapshots_worker_spec.rb'
- 'ee/spec/workers/analytics/devops_adoption/create_snapshot_worker_spec.rb'
@ -3003,7 +3001,6 @@ Layout/LineLength:
- 'spec/lib/gitlab/ci/ansi2json_spec.rb'
- 'spec/lib/gitlab/ci/badge/coverage/report_spec.rb'
- 'spec/lib/gitlab/ci/build/releaser_spec.rb'
- 'spec/lib/gitlab/ci/build/step_spec.rb'
- 'spec/lib/gitlab/ci/config/entry/environment_spec.rb'
- 'spec/lib/gitlab/ci/config/entry/reports_spec.rb'
- 'spec/lib/gitlab/ci/config/entry/root_spec.rb'
@ -3052,7 +3049,6 @@ Layout/LineLength:
- 'spec/lib/gitlab/conflict/file_spec.rb'
- 'spec/lib/gitlab/consul/internal_spec.rb'
- 'spec/lib/gitlab/content_security_policy/config_loader_spec.rb'
- 'spec/lib/gitlab/crypto_helper_spec.rb'
- 'spec/lib/gitlab/current_settings_spec.rb'
- 'spec/lib/gitlab/data_builder/alert_spec.rb'
- 'spec/lib/gitlab/data_builder/build_spec.rb'

1
.rubocop_todo/lint/symbol_conversion.yml
View File

@ -10,7 +10,6 @@ Lint/SymbolConversion:
- 'app/graphql/mutations/snippets/base.rb'
- 'app/graphql/resolvers/award_emoji/base_votes_count_resolver.rb'
- 'app/graphql/resolvers/environments/last_deployment_resolver.rb'
- 'app/graphql/resolvers/user_discussions_count_resolver.rb'
- 'app/graphql/resolvers/user_notes_count_resolver.rb'
- 'app/helpers/notifications_helper.rb'
- 'app/helpers/projects_helper.rb'

1
.rubocop_todo/lint/unused_method_argument.yml
View File

@ -27,7 +27,6 @@ Lint/UnusedMethodArgument:
- 'app/graphql/resolvers/clusters/agent_activity_events_resolver.rb'
- 'app/graphql/resolvers/concerns/caching_array_resolver.rb'
- 'app/graphql/resolvers/error_tracking/sentry_error_collection_resolver.rb'
- 'app/graphql/resolvers/last_commit_resolver.rb'
- 'app/graphql/resolvers/merge_request_resolver.rb'
- 'app/graphql/resolvers/project_resolver.rb'
- 'app/graphql/resolvers/projects/branch_rules_resolver.rb'

1
.rubocop_todo/rails/date.yml
View File

@ -87,7 +87,6 @@ Rails/Date:
- 'ee/spec/requests/custom_roles/manage_group_access_tokens/request_spec.rb'
- 'ee/spec/requests/custom_roles/manage_project_access_tokens/request_spec.rb'
- 'ee/spec/requests/git_http_spec.rb'
- 'ee/spec/requests/gitlab_subscriptions/api/internal/namespaces_spec.rb'
- 'ee/spec/requests/gitlab_subscriptions/api/internal/upcoming_reconciliations_spec.rb'
- 'ee/spec/requests/gitlab_subscriptions/api/internal/users_spec.rb'
- 'ee/spec/requests/groups/settings/access_tokens_controller_spec.rb'

3
.rubocop_todo/rspec/be_eq.yml
View File

@ -367,7 +367,6 @@ RSpec/BeEq:
- 'ee/spec/requests/ee/projects/service_desk_controller_spec.rb'
- 'ee/spec/requests/ee/registrations_controller_spec.rb'
- 'ee/spec/requests/gitlab_subscriptions/api/internal/helpers_spec.rb'
- 'ee/spec/requests/gitlab_subscriptions/api/internal/namespaces_spec.rb'
- 'ee/spec/requests/groups/analytics/dashboards_controller_spec.rb'
- 'ee/spec/requests/groups/dependencies_controller_spec.rb'
- 'ee/spec/requests/groups/group_members_controller_spec.rb'
@ -461,7 +460,6 @@ RSpec/BeEq:
- 'ee/spec/services/projects/create_from_template_service_spec.rb'
- 'ee/spec/services/projects/disable_legacy_inactive_projects_service_spec.rb'
- 'ee/spec/services/projects/protect_default_branch_service_spec.rb'
- 'ee/spec/services/projects/restore_service_spec.rb'
- 'ee/spec/services/projects/update_service_spec.rb'
- 'ee/spec/services/quick_actions/interpret_service_spec.rb'
- 'ee/spec/services/search/project_service_spec.rb'
@ -1003,7 +1001,6 @@ RSpec/BeEq:
- 'spec/lib/sidebars/projects/menus/snippets_menu_spec.rb'
- 'spec/lib/sidebars/projects/menus/work_items_menu_spec.rb'
- 'spec/lib/sidebars/search/panel_spec.rb'
- 'spec/lib/sidebars/your_work/menus/merge_requests_menu_spec.rb'
- 'spec/lib/sidebars/your_work/menus/organizations_menu_spec.rb'
- 'spec/lib/system_check/app/authorized_keys_permission_check_spec.rb'
- 'spec/lib/system_check/app/gitlab_cable_config_exists_check_spec.rb'

1
.rubocop_todo/rspec/before_all_role_assignment.yml
View File

@ -267,7 +267,6 @@ RSpec/BeforeAllRoleAssignment:
- 'ee/spec/lib/ee/gitlab/import_export/project/tree_saver_spec.rb'
- 'ee/spec/lib/elastic/latest/user_instance_proxy_spec.rb'
- 'ee/spec/lib/gitlab/code_owners/loader_spec.rb'
- 'ee/spec/lib/gitlab/code_owners/validator_spec.rb'
- 'ee/spec/lib/gitlab/git_access_spec.rb'
- 'ee/spec/lib/gitlab/git_access_wiki_spec.rb'
- 'ee/spec/lib/gitlab/llm/chain/tools/gitlab_documentation/executor_spec.rb'

1
.rubocop_todo/rspec/contain_exactly.yml
View File

@ -94,7 +94,6 @@ RSpec/ContainExactly:
- 'spec/graphql/resolvers/namespace_projects_resolver_spec.rb'
- 'spec/graphql/resolvers/repository_branch_names_resolver_spec.rb'
- 'spec/graphql/types/ci/analytics_job_status_enum_spec.rb'
- 'spec/graphql/types/ci/catalog/resources/components/input_type_enum_spec.rb'
- 'spec/graphql/types/ci/freeze_period_status_enum_spec.rb'
- 'spec/graphql/types/ci/job_artifact_file_type_enum_spec.rb'
- 'spec/graphql/types/ci/job_status_enum_spec.rb'

3
.rubocop_todo/rspec/context_wording.yml
View File

@ -660,7 +660,6 @@ RSpec/ContextWording:
- 'ee/spec/services/gitlab_subscriptions/create_service_spec.rb'
- 'ee/spec/services/gitlab_subscriptions/preview_billable_user_change_service_spec.rb'
- 'ee/spec/services/groups/destroy_service_spec.rb'
- 'ee/spec/services/groups/restore_service_spec.rb'
- 'ee/spec/services/groups/update_service_spec.rb'
- 'ee/spec/services/historical_user_data/csv_service_spec.rb'
- 'ee/spec/services/ide/schemas_config_service_spec.rb'
@ -698,7 +697,6 @@ RSpec/ContextWording:
- 'ee/spec/services/projects/import_export/export_service_spec.rb'
- 'ee/spec/services/projects/operations/update_service_spec.rb'
- 'ee/spec/services/projects/protect_default_branch_service_spec.rb'
- 'ee/spec/services/projects/restore_service_spec.rb'
- 'ee/spec/services/projects/transfer_service_spec.rb'
- 'ee/spec/services/projects/update_mirror_service_spec.rb'
- 'ee/spec/services/projects/update_service_spec.rb'
@ -786,7 +784,6 @@ RSpec/ContextWording:
- 'ee/spec/views/shared/credentials_inventory/ssh_keys/_ssh_key.html.haml_spec.rb'
- 'ee/spec/views/shared/issuable/_sidebar.html.haml_spec.rb'
- 'ee/spec/workers/active_user_count_threshold_worker_spec.rb'
- 'ee/spec/workers/adjourned_projects_deletion_cron_worker_spec.rb'
- 'ee/spec/workers/admin_emails_worker_spec.rb'
- 'ee/spec/workers/audit_events/audit_event_streaming_worker_spec.rb'
- 'ee/spec/workers/ci/minutes/refresh_cached_data_worker_spec.rb'

1
.rubocop_todo/rspec/example_without_description.yml
View File

@ -3,7 +3,6 @@ RSpec/ExampleWithoutDescription:
Exclude:
- 'ee/spec/bin/custom_ability_spec.rb'
- 'ee/spec/components/gitlab_subscriptions/discover_duo_pro_component_spec.rb'
- 'ee/spec/controllers/ee/dashboard/projects_controller_spec.rb'
- 'ee/spec/controllers/ee/search_controller_spec.rb'
- 'ee/spec/controllers/groups/analytics/ci_cd_analytics_controller_spec.rb'
- 'ee/spec/controllers/projects_controller_spec.rb'

1
.rubocop_todo/rspec/expect_in_hook.yml
View File

@ -24,7 +24,6 @@ RSpec/ExpectInHook:
- 'ee/spec/lib/gitlab/auth/smartcard/certificate_spec.rb'
- 'ee/spec/lib/gitlab/checks/diff_check_spec.rb'
- 'ee/spec/lib/gitlab/ci/minutes/cost_factor_spec.rb'
- 'ee/spec/lib/gitlab/code_owners/validator_spec.rb'
- 'ee/spec/lib/gitlab/code_owners_spec.rb'
- 'ee/spec/lib/gitlab/geo_spec.rb'
- 'ee/spec/lib/gitlab/graphql/aggregations/epics/lazy_epic_aggregate_spec.rb'

13
.rubocop_todo/rspec/feature_category.yml
View File

@ -9,7 +9,6 @@ RSpec/FeatureCategory:
- 'ee/spec/controllers/users_controller_spec.rb'
- 'ee/spec/db/production/license_spec.rb'
- 'ee/spec/features/admin/admin_emails_spec.rb'
- 'ee/spec/features/admin/admin_settings_spec.rb'
- 'ee/spec/features/promotion_spec.rb'
- 'ee/spec/finders/analytics/cycle_analytics/stage_finder_spec.rb'
- 'ee/spec/finders/analytics/devops_adoption/enabled_namespaces_finder_spec.rb'
@ -347,7 +346,6 @@ RSpec/FeatureCategory:
- 'ee/spec/helpers/ee/admin/identities_helper_spec.rb'
- 'ee/spec/helpers/ee/auth_helper_spec.rb'
- 'ee/spec/helpers/ee/ci/pipeline_editor_helper_spec.rb'
- 'ee/spec/helpers/ee/dashboard_helper_spec.rb'
- 'ee/spec/helpers/ee/events_helper_spec.rb'
- 'ee/spec/helpers/ee/export_helper_spec.rb'
- 'ee/spec/helpers/ee/feature_flags_helper_spec.rb'
@ -441,7 +439,6 @@ RSpec/FeatureCategory:
- 'ee/spec/lib/ee/gitlab/alert_management/payload/generic_spec.rb'
- 'ee/spec/lib/ee/gitlab/analytics/cycle_analytics/base_query_builder_spec.rb'
- 'ee/spec/lib/ee/gitlab/application_context_spec.rb'
- 'ee/spec/lib/ee/gitlab/application_rate_limiter_spec.rb'
- 'ee/spec/lib/ee/gitlab/auth/ldap/access_levels_spec.rb'
- 'ee/spec/lib/ee/gitlab/auth/ldap/config_spec.rb'
- 'ee/spec/lib/ee/gitlab/auth/ldap/group_spec.rb'
@ -762,7 +759,6 @@ RSpec/FeatureCategory:
- 'ee/spec/models/elastic/index_setting_spec.rb'
- 'ee/spec/models/gitlab/seat_link_data_spec.rb'
- 'ee/spec/models/gitlab_subscriptions/upcoming_reconciliation_spec.rb'
- 'ee/spec/models/group_deletion_schedule_spec.rb'
- 'ee/spec/models/group_merge_request_approval_setting_spec.rb'
- 'ee/spec/models/group_wiki_repository_spec.rb'
- 'ee/spec/models/historical_data_spec.rb'
@ -781,7 +777,6 @@ RSpec/FeatureCategory:
- 'ee/spec/models/ip_restriction_spec.rb'
- 'ee/spec/models/issuable_sla_spec.rb'
- 'ee/spec/models/issuables_analytics_spec.rb'
- 'ee/spec/models/iteration_note_spec.rb'
- 'ee/spec/models/label_note_spec.rb'
- 'ee/spec/models/ldap_group_link_spec.rb'
- 'ee/spec/models/merge_request/blocking_spec.rb'
@ -984,7 +979,6 @@ RSpec/FeatureCategory:
- 'ee/spec/services/projects/open_issues_count_service_spec.rb'
- 'ee/spec/services/projects/operations/update_service_spec.rb'
- 'ee/spec/services/projects/protect_default_branch_service_spec.rb'
- 'ee/spec/services/projects/restore_service_spec.rb'
- 'ee/spec/services/projects/setup_ci_cd_spec.rb'
- 'ee/spec/services/protected_environments/base_service_spec.rb'
- 'ee/spec/services/protected_environments/search_service_spec.rb'
@ -1002,7 +996,6 @@ RSpec/FeatureCategory:
- 'ee/spec/views/admin/application_settings/_deletion_protection_settings.html.haml_spec.rb'
- 'ee/spec/views/admin/application_settings/_git_abuse_rate_limit.html.haml_spec.rb'
- 'ee/spec/views/admin/application_settings/general.html.haml_spec.rb'
- 'ee/spec/views/admin/dashboard/index.html.haml_spec.rb'
- 'ee/spec/views/admin/dev_ops_report/show.html.haml_spec.rb'
- 'ee/spec/views/admin/groups/_form.html.haml_spec.rb'
- 'ee/spec/views/admin/identities/index.html.haml_spec.rb'
@ -1713,7 +1706,6 @@ RSpec/FeatureCategory:
- 'spec/helpers/components_helper_spec.rb'
- 'spec/helpers/container_expiration_policies_helper_spec.rb'
- 'spec/helpers/cookies_helper_spec.rb'
- 'spec/helpers/dashboard_helper_spec.rb'
- 'spec/helpers/dev_ops_report_helper_spec.rb'
- 'spec/helpers/emoji_helper_spec.rb'
- 'spec/helpers/enable_search_settings_helper_spec.rb'
@ -2087,7 +2079,6 @@ RSpec/FeatureCategory:
- 'spec/lib/gitlab/ci/parsers/instrumentation_spec.rb'
- 'spec/lib/gitlab/ci/parsers/security/sast_spec.rb'
- 'spec/lib/gitlab/ci/parsers/security/secret_detection_spec.rb'
- 'spec/lib/gitlab/ci/parsers/terraform/tfplan_spec.rb'
- 'spec/lib/gitlab/ci/parsers/test/junit_spec.rb'
- 'spec/lib/gitlab/ci/parsers_spec.rb'
- 'spec/lib/gitlab/ci/pipeline/chain/build_spec.rb'
@ -2258,7 +2249,6 @@ RSpec/FeatureCategory:
- 'spec/lib/gitlab/cross_project_access/check_info_spec.rb'
- 'spec/lib/gitlab/cross_project_access/class_methods_spec.rb'
- 'spec/lib/gitlab/cross_project_access_spec.rb'
- 'spec/lib/gitlab/crypto_helper_spec.rb'
- 'spec/lib/gitlab/cycle_analytics/permissions_spec.rb'
- 'spec/lib/gitlab/cycle_analytics/summary/value_spec.rb'
- 'spec/lib/gitlab/cycle_analytics/updater_spec.rb'
@ -2953,7 +2943,6 @@ RSpec/FeatureCategory:
- 'spec/lib/gitlab/usage_data_non_sql_metrics_spec.rb'
- 'spec/lib/gitlab/usage_data_queries_spec.rb'
- 'spec/lib/gitlab/user_access_snippet_spec.rb'
- 'spec/lib/gitlab/utils/batch_loader_spec.rb'
- 'spec/lib/gitlab/utils/deep_size_spec.rb'
- 'spec/lib/gitlab/utils/delegator_override/error_spec.rb'
- 'spec/lib/gitlab/utils/delegator_override/validator_spec.rb'
@ -3289,7 +3278,6 @@ RSpec/FeatureCategory:
- 'spec/models/operations/feature_flags/user_list_spec.rb'
- 'spec/models/operations/feature_flags_client_spec.rb'
- 'spec/models/packages/cleanup/policy_spec.rb'
- 'spec/models/packages/conan/file_metadatum_spec.rb'
- 'spec/models/packages/debian/file_entry_spec.rb'
- 'spec/models/packages/debian/group_architecture_spec.rb'
- 'spec/models/packages/debian/group_distribution_key_spec.rb'
@ -3856,7 +3844,6 @@ RSpec/FeatureCategory:
- 'spec/views/admin/application_settings/ci_cd.html.haml_spec.rb'
- 'spec/views/admin/application_settings/general.html.haml_spec.rb'
- 'spec/views/admin/application_settings/repository.html.haml_spec.rb'
- 'spec/views/admin/dashboard/index.html.haml_spec.rb'
- 'spec/views/admin/identities/index.html.haml_spec.rb'
- 'spec/views/admin/sessions/new.html.haml_spec.rb'
- 'spec/views/ci/status/_icon.html.haml_spec.rb'

6
.rubocop_todo/rspec/named_subject.yml
View File

@ -10,7 +10,6 @@ RSpec/NamedSubject:
- 'ee/spec/controllers/admin/users_controller_spec.rb'
- 'ee/spec/controllers/autocomplete_controller_spec.rb'
- 'ee/spec/controllers/concerns/ee/routable_actions/sso_enforcement_redirect_spec.rb'
- 'ee/spec/controllers/ee/dashboard/projects_controller_spec.rb'
- 'ee/spec/controllers/ee/groups/settings/ci_cd_controller_spec.rb'
- 'ee/spec/controllers/ee/groups/variables_controller_spec.rb'
- 'ee/spec/controllers/ee/groups_controller_spec.rb'
@ -350,7 +349,6 @@ RSpec/NamedSubject:
- 'ee/spec/lib/gitlab/ci/reports/security/vulnerability_reports_comparer_spec.rb'
- 'ee/spec/lib/gitlab/code_owners/file_spec.rb'
- 'ee/spec/lib/gitlab/code_owners/loader_spec.rb'
- 'ee/spec/lib/gitlab/code_owners/validator_spec.rb'
- 'ee/spec/lib/gitlab/code_owners_spec.rb'
- 'ee/spec/lib/gitlab/elastic/group_search_results_spec.rb'
- 'ee/spec/lib/gitlab/expiring_subscription_message_spec.rb'
@ -481,7 +479,6 @@ RSpec/NamedSubject:
- 'ee/spec/models/ci/minutes/quota_spec.rb'
- 'ee/spec/models/ci/pipeline_spec.rb'
- 'ee/spec/models/compliance_management/compliance_framework/project_settings_spec.rb'
- 'ee/spec/models/compliance_management/compliance_framework/security_policy_spec.rb'
- 'ee/spec/models/compliance_management/framework_spec.rb'
- 'ee/spec/models/concerns/approval_rule_like_spec.rb'
- 'ee/spec/models/concerns/ee/packages/downloadable_spec.rb'
@ -569,7 +566,6 @@ RSpec/NamedSubject:
- 'ee/spec/models/ip_restriction_spec.rb'
- 'ee/spec/models/issuable_metric_image_spec.rb'
- 'ee/spec/models/issue_spec.rb'
- 'ee/spec/models/iteration_note_spec.rb'
- 'ee/spec/models/iteration_spec.rb'
- 'ee/spec/models/label_note_spec.rb'
- 'ee/spec/models/license_spec.rb'
@ -917,7 +913,6 @@ RSpec/NamedSubject:
- 'ee/spec/services/groups/compliance_report_csv_service_spec.rb'
- 'ee/spec/services/groups/destroy_service_spec.rb'
- 'ee/spec/services/groups/epics_count_service_spec.rb'
- 'ee/spec/services/groups/restore_service_spec.rb'
- 'ee/spec/services/groups/transfer_service_spec.rb'
- 'ee/spec/services/groups/update_repository_storage_service_spec.rb'
- 'ee/spec/services/groups/update_service_spec.rb'
@ -961,7 +956,6 @@ RSpec/NamedSubject:
- 'ee/spec/services/projects/group_links/destroy_service_spec.rb'
- 'ee/spec/services/projects/import_export/export_service_spec.rb'
- 'ee/spec/services/projects/import_service_spec.rb'
- 'ee/spec/services/projects/restore_service_spec.rb'
- 'ee/spec/services/projects/setup_ci_cd_spec.rb'
- 'ee/spec/services/projects/transfer_service_spec.rb'
- 'ee/spec/services/projects/update_mirror_service_spec.rb'

1
.rubocop_todo/rspec/pending_without_reason.yml
View File

@ -16,7 +16,6 @@ RSpec/PendingWithoutReason:
- 'spec/features/boards/multi_select_spec.rb'
- 'spec/features/issues/create_issue_for_single_discussion_in_merge_request_spec.rb'
- 'spec/features/merge_request/user_merges_merge_request_spec.rb'
- 'spec/features/merge_request/user_posts_notes_spec.rb'
- 'spec/features/merge_request/user_resolves_conflicts_spec.rb'
- 'spec/features/merge_request/user_sees_mini_pipeline_graph_spec.rb'
- 'spec/features/users/terms_spec.rb'

2
.rubocop_todo/rspec/receive_messages.yml
View File

@ -139,7 +139,6 @@ RSpec/ReceiveMessages:
- 'ee/spec/services/ee/ci/job_token_scope/remove_group_service_spec.rb'
- 'ee/spec/services/ee/ci/job_token_scope/remove_project_service_spec.rb'
- 'ee/spec/services/ee/issues/move_service_spec.rb'
- 'ee/spec/services/ee/merge_requests/after_create_service_spec.rb'
- 'ee/spec/services/ee/post_receive_service_spec.rb'
- 'ee/spec/services/ee/spam/spam_verdict_service_spec.rb'
- 'ee/spec/services/ee/work_items/related_work_item_links/create_service_spec.rb'
@ -365,7 +364,6 @@ RSpec/ReceiveMessages:
- 'spec/lib/sidebars/menu_spec.rb'
- 'spec/lib/sidebars/panel_spec.rb'
- 'spec/lib/sidebars/projects/super_sidebar_panel_spec.rb'
- 'spec/lib/sidebars/your_work/menus/merge_requests_menu_spec.rb'
- 'spec/mailers/emails/service_desk_spec.rb'
- 'spec/migrations/20240510113339_finalize_backfill_epic_basic_fields_to_work_item_record_spec.rb'
- 'spec/migrations/20240618093306_queue_fix_synced_epic_work_item_parent_links_spec.rb'

5
.rubocop_todo/sidekiq_load_balancing/worker_data_consistency.yml
View File

@ -75,7 +75,6 @@ SidekiqLoadBalancing/WorkerDataConsistency:
- 'app/workers/expire_build_artifacts_worker.rb'
- 'app/workers/export_csv_worker.rb'
- 'app/workers/file_hook_worker.rb'
- 'app/workers/flush_counter_increments_worker.rb'
- 'app/workers/gitlab/github_gists_import/finish_import_worker.rb'
- 'app/workers/gitlab/github_gists_import/import_gist_worker.rb'
- 'app/workers/gitlab/github_gists_import/start_import_worker.rb'
@ -99,7 +98,6 @@ SidekiqLoadBalancing/WorkerDataConsistency:
- 'app/workers/gitlab/jira_import/import_issue_worker.rb'
- 'app/workers/gitlab/jira_import/stage/start_import_worker.rb'
- 'app/workers/gitlab_performance_bar_stats_worker.rb'
- 'app/workers/gitlab_service_ping_worker.rb'
- 'app/workers/google_cloud/create_cloudsql_instance_worker.rb'
- 'app/workers/group_destroy_worker.rb'
- 'app/workers/group_export_worker.rb'
@ -238,13 +236,10 @@ SidekiqLoadBalancing/WorkerDataConsistency:
- 'app/workers/users/unconfirmed_secondary_emails_deletion_cron_worker.rb'
- 'app/workers/wait_for_cluster_creation_worker.rb'
- 'app/workers/web_hooks/log_destroy_worker.rb'
- 'app/workers/web_hooks/log_execution_worker.rb'
- 'app/workers/work_items/import_work_items_csv_worker.rb'
- 'app/workers/x509_certificate_revoke_worker.rb'
- 'app/workers/x509_issuer_crl_check_worker.rb'
- 'ee/app/workers/active_user_count_threshold_worker.rb'
- 'ee/app/workers/adjourned_group_deletion_worker.rb'
- 'ee/app/workers/adjourned_projects_deletion_cron_worker.rb'
- 'ee/app/workers/admin_emails_worker.rb'
- 'ee/app/workers/analytics/code_review_metrics_worker.rb'
- 'ee/app/workers/analytics/cycle_analytics/consistency_worker.rb'

1
.rubocop_todo/style/guard_clause.yml
View File

@ -35,7 +35,6 @@ Style/GuardClause:
- 'app/finders/snippets_finder.rb'
- 'app/graphql/mutations/design_management/delete.rb'
- 'app/graphql/mutations/notes/create/note.rb'
- 'app/graphql/mutations/notes/reposition_image_diff_note.rb'
- 'app/graphql/mutations/packages/destroy_files.rb'
- 'app/graphql/resolvers/board_list_issues_resolver.rb'
- 'app/graphql/resolvers/projects/jira_projects_resolver.rb'

6
.rubocop_todo/style/inline_disable_annotation.yml
View File

@ -162,7 +162,6 @@ Style/InlineDisableAnnotation:
- 'app/graphql/resolvers/group_packages_resolver.rb'
- 'app/graphql/resolvers/issues/base_resolver.rb'
- 'app/graphql/resolvers/merge_request_pipelines_resolver.rb'
- 'app/graphql/resolvers/nested_groups_resolver.rb'
- 'app/graphql/resolvers/project_packages_resolver.rb'
- 'app/graphql/types/access_level_type.rb'
- 'app/graphql/types/admin/sidekiq_queues/delete_jobs_response_type.rb'
@ -1294,8 +1293,6 @@ Style/InlineDisableAnnotation:
- 'ee/app/validators/user_existence_validator.rb'
- 'ee/app/validators/user_id_existence_validator.rb'
- 'ee/app/workers/active_user_count_threshold_worker.rb'
- 'ee/app/workers/adjourned_group_deletion_worker.rb'
- 'ee/app/workers/adjourned_projects_deletion_cron_worker.rb'
- 'ee/app/workers/admin_emails_worker.rb'
- 'ee/app/workers/analytics/devops_adoption/create_all_snapshots_worker.rb'
- 'ee/app/workers/analytics/devops_adoption/create_snapshot_worker.rb'
@ -1479,7 +1476,6 @@ Style/InlineDisableAnnotation:
- 'ee/lib/gitlab/auth/saml/membership_updater.rb'
- 'ee/lib/gitlab/ci/minutes/pipeline_consumption.rb'
- 'ee/lib/gitlab/ci/reports/security/vulnerability_reports_comparer.rb'
- 'ee/lib/gitlab/code_owners/section_parser.rb'
- 'ee/lib/gitlab/com.rb'
- 'ee/lib/gitlab/compliance_management/violations/approved_by_committer.rb'
- 'ee/lib/gitlab/contribution_analytics/data_formatter.rb'
@ -1601,8 +1597,6 @@ Style/InlineDisableAnnotation:
- 'ee/spec/spec_helper.rb'
- 'ee/spec/support/helpers/duo_chat_fixture_helpers.rb'
- 'ee/spec/support/shared_contexts/graphql/geo/registries_shared_context.rb'
- 'ee/spec/support/shared_contexts/saas_registration_settings_context.rb'
- 'ee/spec/support/shared_contexts/saas_trial_settings_context.rb'
- 'ee/spec/support/shared_contexts/user_contribution_events_shared_context.rb'
- 'ee/spec/support/shared_examples/auth/access_protocol_examples.rb'
- 'ee/spec/support/shared_examples/features/protected_branches_access_control_shared_examples.rb'

1
.rubocop_todo/style/string_concatenation.yml
View File

@ -105,7 +105,6 @@ Style/StringConcatenation:
- 'qa/qa/tools/generate_perf_testdata.rb'
- 'scripts/perf/gc/print_gc_stats.rb'
- 'scripts/perf/query_limiting_report.rb'
- 'spec/config/settings_spec.rb'
- 'spec/controllers/concerns/redirects_for_missing_path_on_tree_spec.rb'
- 'spec/controllers/groups/uploads_controller_spec.rb'
- 'spec/controllers/projects/labels_controller_spec.rb'

2
GITALY_SERVER_VERSION
View File

@ -1 +1 @@
14cc6838b1a5bf20345484f5cb1171a0aa8d1f49
bde1da2a11f978f937589b277c2b5bd5711036ed

2
app/assets/javascripts/diffs/components/file_browser_toggle.vue
View File

@ -59,6 +59,6 @@ export default {
:selected="fileBrowserVisible"
@click="toggleFileBrowserVisibility"
>
<gl-animated-sidebar-icon :is-on="fileBrowserVisible" />
<gl-animated-sidebar-icon :is-on="fileBrowserVisible" class="gl-button-icon" />
</gl-button>
</template>

2
app/assets/javascripts/emoji/components/picker.vue
View File

@ -168,7 +168,7 @@ export default {
@focusout="onButtonFocusLeave"
>
<slot name="button-content">
<gl-animated-smile-icon :is-on="smileIcon" />
<gl-animated-smile-icon :is-on="smileIcon" class="gl-button-icon" />
</slot>
</gl-button>
</template>

2
app/assets/javascripts/sidebar/components/subscriptions/sidebar_subscriptions_widget.vue
View File

@ -233,6 +233,7 @@ export default {
<gl-animated-notification-icon
:is-on="!subscribed"
:class="{ '!gl-text-status-info': subscribed }"
class="gl-button-icon"
/>
</gl-button>
<gl-button
@ -248,6 +249,7 @@ export default {
<gl-animated-notification-icon
:is-on="!subscribed"
:class="{ '!gl-text-status-info': subscribed }"
class="gl-button-icon"
/>
</gl-button>
</div>

12
app/assets/javascripts/sidebar/components/todo_toggle/sidebar_todo_widget.vue
View File

@ -212,7 +212,11 @@ export default {
class="hide-collapsed"
@click.stop.prevent="toggleTodo"
>
<gl-animated-todo-icon :is-on="hasTodo" :class="{ '!gl-text-status-info': hasTodo }" />
<gl-animated-todo-icon
:is-on="hasTodo"
:class="{ '!gl-text-status-info': hasTodo }"
class="gl-button-icon"
/>
</todo-button>
<todo-button
v-else
@ -234,7 +238,11 @@ export default {
class="sidebar-collapsed-icon sidebar-collapsed-container !gl-rounded-none !gl-shadow-none"
@click.stop.prevent="toggleTodo"
>
<gl-animated-todo-icon :is-on="hasTodo" :class="{ '!gl-text-status-info': hasTodo }" />
<gl-animated-todo-icon
:is-on="hasTodo"
:class="{ '!gl-text-status-info': hasTodo }"
class="gl-button-icon"
/>
</gl-button>
</div>
</template>

1
app/assets/javascripts/work_items/components/shared/todos_toggle.vue
View File

@ -152,6 +152,7 @@ export default {
<gl-animated-todo-icon
:is-on="pendingTodo"
:class="{ '!gl-text-status-info': pendingTodo }"
class="gl-button-icon"
:name="buttonIcon"
/>
</gl-button>

12
app/helpers/groups_helper.rb
View File

@ -88,15 +88,13 @@ module GroupsHelper
# Overridden in EE
def remove_group_message(group, permanently_remove)
content_tag :div do
content = ''.html_safe
content << content_tag(:span, _("You are about to delete the group %{group_name}.") % { group_name: group.name })
content = ''.html_safe
content << content_tag(:span, format(_("You are about to delete the group %{group_name}."), group_name: group.name))
additional_content = additional_removed_items(group)
content << additional_content if additional_content.present?
additional_content = additional_removed_items(group)
content << additional_content if additional_content.present?
content << remove_group_warning
end
content << remove_group_warning
end
def additional_removed_items(group)

4
app/models/project.rb
View File

@ -2105,6 +2105,10 @@ class Project < ApplicationRecord
forked_from_project || fork_network&.root_project
end
def valid_lfs_oids(oids_to_check)
lfs_objects.where(oid: oids_to_check).pluck(:oid)
end
def lfs_objects_for_repository_types(*types)
LfsObject
.joins(:lfs_objects_projects)

12
app/services/merge_requests/link_lfs_objects_service.rb
View File

@ -2,17 +2,21 @@
module MergeRequests
class LinkLfsObjectsService < ::BaseProjectService
BATCH_SIZE = 100
def execute(merge_request, oldrev: merge_request.diff_base_sha, newrev: merge_request.diff_head_sha)
return if merge_request.source_project == project
return if no_changes?(oldrev, newrev)
new_lfs_oids = lfs_oids(merge_request.source_project.repository, oldrev, newrev)
return if new_lfs_oids.empty?
valid_lfs_oids = filter_valid_lfs_oids(merge_request.source_project, new_lfs_oids)
return if valid_lfs_oids.empty?
Projects::LfsPointers::LfsLinkService
.new(project)
.execute(new_lfs_oids)
.execute(valid_lfs_oids)
end
private
@ -27,5 +31,9 @@ module MergeRequests
.new_pointers(not_in: [oldrev])
.map(&:lfs_oid)
end
def filter_valid_lfs_oids(source_project, new_lfs_oids)
new_lfs_oids.each_slice(BATCH_SIZE).flat_map { |g| source_project.valid_lfs_oids(g) }.uniq
end
end
end

8
app/services/snippets/repository_validation_service.rb
View File

@ -3,6 +3,7 @@
module Snippets
class RepositoryValidationService
INVALID_REPOSITORY = :invalid_snippet_repository
SNIPPET_NOT_FOUND = :snippet_not_found
attr_reader :current_user, :snippet, :repository
@ -11,13 +12,12 @@ module Snippets
def initialize(user, snippet)
@current_user = user
@snippet = snippet
@repository = snippet.repository
@repository = snippet&.repository
end
def execute
if snippet.nil?
return service_response_error('No snippet found.', 404)
end
return ServiceResponse.error(message: 'No snippet found.', reason: SNIPPET_NOT_FOUND) unless snippet
check_branch_count!
check_branch_name_default!

2
app/views/admin/background_migrations/index.html.haml
View File

@ -34,7 +34,7 @@
%th.border-bottom{ role: 'cell' }= _('Migration')
%th.border-bottom{ role: 'cell' }= _('Progress')
%th.border-bottom{ role: 'cell' }= _('Status')
%th.border-bottom{ role: 'cell' }
%th.border-bottom{ role: 'cell' }= _('Actions')
%tbody
= render partial: 'migration', collection: @migrations
= paginate_collection @migrations

2
app/views/admin/projects/_projects.html.haml
View File

@ -18,7 +18,7 @@
- if project.description.present?
.description
= markdown_field(project, :description)
= render_if_exists 'shared/projects/badges', project: project, css_class: 'gl-mr-3'
= render 'shared/projects/badges', project: project, css_class: 'gl-mr-3'
.stats.gl-text-subtle.gl-shrink-0.gl-hidden.sm:gl-flex
= gl_badge_tag storage_counter(project.statistics&.storage_size)

2
app/views/groups/_home_panel.html.haml
View File

@ -11,7 +11,7 @@
%span.visibility-icon.gl-text-subtle.has-tooltip{ data: { container: 'body' }, title: visibility_icon_description(@group) }
= visibility_level_icon(@group.visibility_level, options: { class: 'icon' })
= render_if_exists 'shared/tier_badge', source: @group
= render_if_exists 'shared/groups/badges', group: @group
= render 'shared/groups/badges', group: @group
- if current_user
.home-panel-buttons.gl-flex.md:gl-justify-end.gl-items-center.gl-flex-wrap.gl-gap-3{ data: { testid: 'group-buttons' } }

2
app/views/layouts/_page.html.haml
View File

@ -24,7 +24,7 @@
= dispensable_render_if_exists "layouts/header/licensed_user_count_threshold_block_seat_overages"
-# This is needed by [GitLab JH](https://gitlab.com/gitlab-jh/jh-team/gitlab/-/issues/13)
= dispensable_render_if_exists "layouts/header/account_notification"
= dispensable_render_if_exists "shared/groups_projects/self_or_ancestor_marked_for_deletion_notice", context: context
= dispensable_render "shared/groups_projects/self_or_ancestor_marked_for_deletion_notice", context: context
= dispensable_render "shared/projects/inactive_project_deletion_alert"
= dispensable_render "shared/projects/archived_alert"
= dispensable_render "layouts/header/read_only_banner"

3
app/views/shared/groups/_badges.html.haml Normal file
View File

@ -0,0 +1,3 @@
- return unless group.self_or_ancestor_marked_for_deletion
= render Pajamas::BadgeComponent.new(_('Pending deletion'), variant: 'warning')

20
app/views/shared/groups_projects/_self_or_ancestor_marked_for_deletion_notice.html.haml Normal file
View File

@ -0,0 +1,20 @@
- return unless context.is_a?(Group) || context.is_a?(Project)
- return unless (context_pending_deletion = context&.self_or_ancestor_marked_for_deletion)
-# FIXME: Replace `context_pending_deletion.marked_for_deletion_on` with `context_pending_deletion` after https://gitlab.com/gitlab-org/gitlab/-/work_items/527085
- date = permanent_deletion_date_formatted(context_pending_deletion.marked_for_deletion_on)
- context_name = context.is_a?(Group) ? _('group') : _('project')
- group_marked_for_deletion = _("This group and its subgroups and projects are pending deletion, and will be deleted on %{date}.") % { date: date }
- project_marked_for_deletion = _("This project is pending deletion, and will be deleted on %{date}. Repository and other project resources are read-only.") % { date: date }
- self_marked_for_deletion = context.is_a?(Group) ? group_marked_for_deletion : project_marked_for_deletion
- ancestor_marked_for_deletion = _("The parent group of this %{context} is pending deletion, so this %{context} will also be deleted on %{date}.") % { date: date, context: context_name }
- marked_for_deletion_message = context.marked_for_deletion? ? self_marked_for_deletion : ancestor_marked_for_deletion
= render Pajamas::AlertComponent.new(variant: :warning,
dismissible: false) do |c|
= c.with_body do
= marked_for_deletion_message

4
app/views/shared/projects/_badges.html.haml
View File

@ -1,4 +1,6 @@
- css_class = local_assigns.fetch(:css_class, '')
- if project.archived
- if project.self_or_ancestor_marked_for_deletion
= render Pajamas::BadgeComponent.new(_('Pending deletion'), variant: 'warning', class: css_class)
- elsif project.archived
= render Pajamas::BadgeComponent.new(_('Archived'), variant: 'info', class: css_class)

4
app/views/shared/projects/_project.html.haml
View File

@ -81,7 +81,7 @@
%span.icon-wrapper.pipeline-status
= render 'ci/status/icon', status: last_pipeline.detailed_status(current_user), tooltip_placement: 'top', path: pipeline_path
= render_if_exists 'shared/projects/badges', project: project
= render 'shared/projects/badges', project: project
- if stars
= link_to project_starrers_path(project), class: "#{css_metadata_classes} stars", title: _('Stars'), data: { container: 'body', placement: 'top' } do
= sprite_icon('star-o', size: 14, css_class: 'gl-mr-2')
@ -99,7 +99,7 @@
%span.icon-wrapper.pipeline-status
= render 'ci/status/icon', status: last_pipeline.detailed_status(current_user), tooltip_placement: 'top', path: pipeline_path
= render_if_exists 'shared/projects/badges', project: project
= render 'shared/projects/badges', project: project
- if stars
= link_to project_starrers_path(project), class: "#{css_metadata_classes} stars", title: _('Stars'), data: { container: 'body', placement: 'top' }, aria: { label: format(n_('%{project} has %{number} star', '%{project} has %{number} stars', project.star_count), number: project.star_count, project: project.name) } do
= sprite_icon('star-o', size: 14, css_class: 'gl-mr-2')

2
app/views/shared/projects/_project_card.html.haml
View File

@ -83,7 +83,7 @@
%span.icon-wrapper.pipeline-status
= render 'ci/status/icon', status: last_pipeline.detailed_status(current_user), tooltip_placement: 'top', path: pipeline_path
= render_if_exists 'shared/projects/badges', project: project
= render 'shared/projects/badges', project: project
.updated-note.gl-text-sm.gl-whitespace-nowrap.gl-justify-start.gl-text-subtle
%span
= _('Updated')

4
data/deprecations/17-11-compliance-standards-adherence-dashboard.yml
View File

@ -1,4 +1,4 @@
- title: 'Remove compliance standards adherence dashboard'
- title: 'Replace compliance standards adherence dashboard with compliance status dashboard'
removal_milestone: '18.6'
announcement_milestone: '17.11'
breaking_change: true
@ -17,4 +17,4 @@
These features give all of the same functionality as the compliance standards adherence dashboard, but you can
configure the adherence that you require.
In GitLab 18.6, we'll remove the compliance standards adherence dashboard.
In GitLab 18.6, we'll replace the compliance standards adherence dashboard with the compliance status dashboard for more accurate reporting on requirements and controls.

4
doc/update/deprecations.md
View File

@ -741,7 +741,7 @@ In GitLab 18.6, we'll remove the `user_profile_visiblity_updated` event type.
<div class="deprecation breaking-change" data-milestone="18.6">
### Remove compliance standards adherence dashboard
### Replace compliance standards adherence dashboard with compliance status dashboard
<div class="deprecation-notes">
@ -759,7 +759,7 @@ In GitLab 17.11, we released:
These features give all of the same functionality as the compliance standards adherence dashboard, but you can
configure the adherence that you require.
In GitLab 18.6, we'll remove the compliance standards adherence dashboard.
In GitLab 18.6, we'll replace the compliance standards adherence dashboard with the compliance status dashboard for more accurate reporting on requirements and controls.
</div>
</div>

72
doc/user/application_security/dependency_scanning/dependency_scanning_sbom/_index.md
View File

@ -205,6 +205,13 @@ go:build:
#### Gradle
For Gradle projects use either of the following methods to create a dependency graph.
- Nebula Gradle Dependency Lock Plugin
- Gradle's HtmlDependencyReportTask
##### Dependency Lock Plugin
To enable the CI/CD component on a Gradle project:
1. Edit the `build.gradle` or `build.gradle.kts` to use the
@ -247,6 +254,71 @@ build:
```
##### HtmlDependencyReportTask
The [HtmlDependencyReportTask](https://docs.gradle.org/current/dsl/org.gradle.api.reporting.dependencies.HtmlDependencyReportTask.html)
is an alternative way to get the list of dependencies for a Gradle project (tested with `gradle`
versions 4 through 8). This method gives information about dependencies which are both transitive
and direct. To enable use of this method with dependency scanning the artifact from running the
`gradle htmlDependencyReport` task needs to be available.
```yaml
stages:
- build
- test
# Define the image that contains Java and Gradle
image: gradle:8.0-jdk11
include:
- component: $CI_SERVER_FQDN/components/dependency-scanning/main@0
build:
stage: build
script:
- gradle --init-script report.gradle htmlDependencyReport
# The gradle task writes the dependency report as a javascript file under
# build/reports/project/dependencies. Because the file has an un-standardized
# name, the after_script finds and renames the file to
# `gradle-html-dependency-report.js` copying it to the same directory as
# `build.gradle`
after_script:
- |
reports_dir=build/reports/project/dependencies
while IFS= read -r -d '' src; do
dest="${src%%/$reports_dir/*}/gradle-html-dependency-report.js"
cp $src $dest
done < <(find . -type f -path "*/${reports_dir}/*.js" -not -path "*/${reports_dir}/js/*" -print0)
# Pass html report artifact to subsequent dependency scanning stage.
artifacts:
paths:
- "**/gradle-html-dependency-report.js"
```
The command above uses the `report.gradle` file and can be supplied through `--init-script` or its contents can be added to `build.gradle` directly:
```kotlin
allprojects {
apply plugin: 'project-report'
}
```
{{< alert type="note" >}}
The dependency report may indicate that dependencies for some configurations `FAILED` to be
resolved. In this case dependency scanning logs a warning but does not fail the job. If you prefer
to have the pipeline fail if resolution failures are reported, add the following extra steps to the
`build` example above.
{{< /alert >}}
```shell
while IFS= read -r -d '' file; do
grep --quiet -E '"resolvable":\s*"FAILED' $file && echo "Dependency report has dependencies with FAILED resolution status" && exit 1
done < <(find . -type f -path "*/gradle-html-dependency-report.js -print0)
```
#### Maven
The following example `.gitlab-ci.yml` demonstrates how to enable the CI/CD

10
doc/user/group/import/direct_transfer_migrations.md
View File

@ -67,10 +67,12 @@ GitLab 16.8.
have the `api` scope.
- For GitLab 15.0 and earlier source instances, the personal access token must
have both the `api` and `read_repository` scopes.
- You must have the Owner role on the source group to migrate from.
- You must have a role in the destination namespace that enables you to
[create a subgroup](../subgroups/_index.md#create-a-subgroup) in that
namespace.
- You must have the required permissions on the source and destination instances. For:
- Most users, you need:
- The Owner role on the source group to migrate from.
- A role in the destination namespace that allows you to [create a subgroup](../subgroups/_index.md#create-a-subgroup) in that namespace.
- Administrators of both instances without the required roles, you can instead start the import by using
[the API](../../../api/bulk_imports.md#start-a-new-group-or-project-migration).
- To import project snippets, ensure snippets are
[enabled in the source project](../../snippets.md#change-default-visibility-of-snippets).
- To import items stored in object storage, you must either:

2
doc/user/project/merge_requests/duo_in_merge_requests.md
View File

@ -147,7 +147,7 @@ Provide feedback on this experimental feature in [issue 408991](https://gitlab.c
- Tier: Ultimate
- Add-on: GitLab Duo Enterprise
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
- LLM: Anthropic [Claude 3.5 Sonnet](https://console.cloud.google.com/vertex-ai/publishers/anthropic/model-garden/claude-3-5-sonnet)
- LLM: Anthropic [Claude 3.7 Sonnet](https://console.cloud.google.com/vertex-ai/publishers/anthropic/model-garden/claude-3-7-sonnet)
{{< /details >}}

6
locale/gitlab.pot
View File

@ -67908,6 +67908,9 @@ msgstr ""
msgid "WorkItem|No child items are currently open."
msgstr ""
msgid "WorkItem|No custom fields have been archived. Archive custom fields to remove them from active work items while preserving their data."
msgstr ""
msgid "WorkItem|No items"
msgstr ""
@ -68196,6 +68199,9 @@ msgstr ""
msgid "WorkItem|This %{workItemType} will be closed when the following is merged."
msgstr ""
msgid "WorkItem|This group has no active custom fields. Create a custom field to track data that matters to your team."
msgstr ""
msgid "WorkItem|This work item is not available. It either doesn't exist or you don't have permission to view it."
msgstr ""

2
package.json
View File

@ -66,7 +66,7 @@
"@gitlab/fonts": "^1.3.0",
"@gitlab/query-language-rust": "0.5.2",
"@gitlab/svgs": "3.126.0",
"@gitlab/ui": "112.2.0",
"@gitlab/ui": "112.2.1",
"@gitlab/vue-router-vue3": "npm:vue-router@4.5.0",
"@gitlab/vuex-vue3": "npm:vuex@4.1.0",
"@gitlab/web-ide": "^0.0.1-dev-20250401183248",

16
spec/models/project_spec.rb
View File

@ -9957,4 +9957,20 @@ RSpec.describe Project, factory_default: :keep, feature_category: :groups_and_pr
let_it_be(:model) { create(:project, pool_repository: parent) }
end
end
describe '#valid_lfs_oids' do
let_it_be(:project) { create(:project) }
let_it_be(:lfs_object) { create(:lfs_object) }
let_it_be(:another_lfs_object) { create(:lfs_object) }
let(:oids) { [lfs_object.oid, another_lfs_object.oid] }
before do
create(:lfs_objects_project, lfs_object: lfs_object, project: project)
end
it 'returns only the OIDs of LFS objects owned by the project' do
expect(project.valid_lfs_oids(oids)).to eq([lfs_object.oid])
end
end
end

36
spec/services/merge_requests/link_lfs_objects_service_spec.rb
View File

@ -61,6 +61,42 @@ RSpec.describe MergeRequests::LinkLfsObjectsService, :sidekiq_inline, feature_ca
execute
end
context 'when there are an LFS object that does not belong to the source project' do
before do
allow_next_instance_of(Gitlab::Git::LfsChanges) do |instance|
allow(instance).to receive(:new_pointers)
.and_return([
instance_double(Gitlab::Git::Blob, lfs_oid: "8b12507783d5becacbf2ebe5b01a60024d8728a8f86dcc818bce699e8b3320bc"),
instance_double(Gitlab::Git::Blob, lfs_oid: "94a72c074cfe574742c9e99e863322f73feff82981d065ff65a0308f44f19f62"),
instance_double(Gitlab::Git::Blob, lfs_oid: "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") # this LFS object doesn't belong to the source project
])
end
end
it 'only links LFS objects that belong to the source project' do
expect_next_instance_of(Projects::LfsPointers::LfsLinkService) do |service|
expect(service).to receive(:execute).with(
%w[
8b12507783d5becacbf2ebe5b01a60024d8728a8f86dcc818bce699e8b3320bc
94a72c074cfe574742c9e99e863322f73feff82981d065ff65a0308f44f19f62
])
end
execute
end
it 'calls valid_lfs_oids method two times when BATCH_SIZE is 2' do
stub_const("#{described_class}::BATCH_SIZE", 2)
expect(source_project)
.to receive(:valid_lfs_oids)
.twice
.and_call_original
execute
end
end
end
context 'but there are no LFS objects added' do

124
spec/services/snippets/repository_validation_service_spec.rb
View File

@ -12,66 +12,78 @@ RSpec.describe Snippets::RepositoryValidationService, feature_category: :source_
subject { service.execute }
before do
allow(repository).to receive(:branch_count).and_return(1)
allow(repository).to receive(:ls_files).and_return(['foo'])
allow(repository).to receive(:branch_names).and_return(['master'])
end
it 'returns error when the repository has more than one branch' do
allow(repository).to receive(:branch_count).and_return(2)
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository has more than one branch/)
end
it 'returns error when existing branch name is not the default one' do
allow(repository).to receive(:branch_names).and_return(['foo'])
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository has an invalid default branch name/)
end
it 'returns error when the repository has tags' do
allow(repository).to receive(:tag_count).and_return(1)
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository has tags/)
end
it 'returns error when the repository has more file than the limit' do
limit = Snippet.max_file_limit + 1
files = Array.new(limit) { FFaker::Filesystem.file_name }
allow(repository).to receive(:ls_files).and_return(files)
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository files count over the limit/)
end
it 'returns error when the repository has no files' do
allow(repository).to receive(:ls_files).and_return([])
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository must contain at least 1 file/)
end
it 'returns error when the repository size is over the limit' do
expect_next_instance_of(Gitlab::RepositorySizeChecker) do |checker|
expect(checker).to receive(:above_size_limit?).and_return(true)
context 'when snippet is present' do
before do
allow(repository).to receive(:branch_count).and_return(1)
allow(repository).to receive(:ls_files).and_return(['foo'])
allow(repository).to receive(:branch_names).and_return(['master'])
end
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository size is above the limit/)
it 'returns error when the repository has more than one branch' do
allow(repository).to receive(:branch_count).and_return(2)
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository has more than one branch/)
end
it 'returns error when existing branch name is not the default one' do
allow(repository).to receive(:branch_names).and_return(['foo'])
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository has an invalid default branch name/)
end
it 'returns error when the repository has tags' do
allow(repository).to receive(:tag_count).and_return(1)
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository has tags/)
end
it 'returns error when the repository has more file than the limit' do
limit = Snippet.max_file_limit + 1
files = Array.new(limit) { FFaker::Filesystem.file_name }
allow(repository).to receive(:ls_files).and_return(files)
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository files count over the limit/)
end
it 'returns error when the repository has no files' do
allow(repository).to receive(:ls_files).and_return([])
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository must contain at least 1 file/)
end
it 'returns error when the repository size is over the limit' do
expect_next_instance_of(Gitlab::RepositorySizeChecker) do |checker|
expect(checker).to receive(:above_size_limit?).and_return(true)
end
expect(subject).to be_error
expect(subject.reason).to eq(described_class::INVALID_REPOSITORY)
expect(subject.message).to match(/Repository size is above the limit/)
end
it 'returns success when no validation errors are raised' do
expect(subject).to be_success
end
end
it 'returns success when no validation errors are raised' do
expect(subject).to be_success
context 'when snippet does not exist' do
let_it_be(:snippet) { nil }
it 'returns error' do
expect(subject).to be_error
expect(subject.message).to match(/No snippet found/)
expect(subject.reason).to eq(described_class::SNIPPET_NOT_FOUND)
end
end
end
end

8
yarn.lock
View File

@ -1441,10 +1441,10 @@
resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-3.126.0.tgz#1c0bb95c11de808b78afd05dc95aca258c3b39f0"
integrity sha512-7X8uzitNn7NDcVy+FVCw8npMNEUpLGHTO5Z+BJZqVILj/FD+0WveYdPxAEVa9hXYQn5qXWM0ZAknzB9LM6Id8w==
"@gitlab/ui@112.2.0":
version "112.2.0"
resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-112.2.0.tgz#e60d175811f17873e70d066e9595077d83f77b58"
integrity sha512-391UvEnhOwIGNTGUoxV86dsP8c/LH5+hhTAYMnl2y4U5CceW8Zeex4wmCVTejDfcxR+KubS7xrhzwsq8y2pvPg==
"@gitlab/ui@112.2.1":
version "112.2.1"
resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-112.2.1.tgz#be5fa326f300dc61a48d1369c816f6797096b5ee"
integrity sha512-n4NGntUoiTMK0e51bLq5HzRT5Ncad8PtDujT9nb5n2ptNPVnzl94yJrH8e8X6SXbNDfJd827NtmdPNfZbJPgsQ==
dependencies:
"@floating-ui/dom" "1.4.3"
echarts "^5.3.2"