Add latest changes from gitlab-org/gitlab@master

2023-07-20 18:07:04 +00:00 · 2023-07-20 18:07:04 +00:00 · 3b7f1f7e09
parent 58af7e4529
commit 3b7f1f7e09
67 changed files with 1407 additions and 377 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-af0a9ba6158fbfb2e886cf60a217126fb6bfe744
+119bc72eed2618fa5fbd21f35c290c6106275301
--- a/app/assets/javascripts/batch_comments/components/submit_dropdown.vue
+++ b/app/assets/javascripts/batch_comments/components/submit_dropdown.vue
@ -1,5 +1,5 @@
 <script>
-import { GlDropdown, GlButton, GlIcon, GlForm, GlFormGroup, GlFormCheckbox } from '@gitlab/ui';
+import { GlDropdown, GlButton, GlIcon, GlForm, GlFormCheckbox } from '@gitlab/ui';
 import { mapGetters, mapActions, mapState } from 'vuex';
 import { __ } from '~/locale';
 import { createAlert } from '~/alert';
@ -16,12 +16,16 @@ export default {
    GlButton,
    GlIcon,
    GlForm,
-    GlFormGroup,
    GlFormCheckbox,
    MarkdownEditor,
    ApprovalPassword: () => import('ee_component/batch_comments/components/approval_password.vue'),
+    SummarizeMyReview: () =>
+      import('ee_component/batch_comments/components/summarize_my_review.vue'),
  },
  mixins: [glFeatureFlagsMixin()],
+  inject: {
+    canSummarize: { default: false },
+  },
  data() {
    return {
      isSubmitting: false,
@ -107,6 +111,9 @@ export default {

      this.isSubmitting = false;
    },
+    updateNote(note) {
+      this.noteData.note = note;
+    },
  },
  restrictedToolbarItems: ['full-screen'],
 };
@ -128,33 +135,39 @@ export default {
      <gl-icon class="dropdown-chevron" name="chevron-up" />
    </template>
    <gl-form data-testid="submit-gl-form" @submit.prevent="submitReview">
-      <gl-form-group label-for="review-note-body" label-class="gl-mb-2">
-        <template #label>
+      <div class="gl-display-flex gl-mb-4 gl-align-items-center">
+        <label for="review-note-body" class="gl-mb-0">
          {{ __('Summary comment (optional)') }}
-        </template>
-        <div class="common-note-form gfm-form">
-          <markdown-editor
-            ref="markdownEditor"
-            v-model="noteData.note"
-            :enable-content-editor="Boolean(glFeatures.contentEditorOnIssues)"
-            class="js-no-autosize"
-            :is-submitting="isSubmitting"
-            :render-markdown-path="getNoteableData.preview_note_path"
-            :markdown-docs-path="getNotesData.markdownDocsPath"
-            :form-field-props="formFieldProps"
-            enable-autocomplete
-            :autocomplete-data-sources="autocompleteDataSources"
-            :disabled="isSubmitting"
-            :restricted-tool-bar-items="$options.restrictedToolbarItems"
-            :force-autosize="false"
-            :autosave-key="autosaveKey"
-            supports-quick-actions
-            @input="$emit('input', $event)"
-            @keydown.meta.enter="submitReview"
-            @keydown.ctrl.enter="submitReview"
-          />
-        </div>
-      </gl-form-group>
+        </label>
+        <summarize-my-review
+          v-if="canSummarize"
+          :id="getNoteableData.id"
+          class="gl-ml-auto"
+          @input="updateNote"
+        />
+      </div>
+      <div class="common-note-form gfm-form">
+        <markdown-editor
+          ref="markdownEditor"
+          v-model="noteData.note"
+          :enable-content-editor="Boolean(glFeatures.contentEditorOnIssues)"
+          class="js-no-autosize"
+          :is-submitting="isSubmitting"
+          :render-markdown-path="getNoteableData.preview_note_path"
+          :markdown-docs-path="getNotesData.markdownDocsPath"
+          :form-field-props="formFieldProps"
+          enable-autocomplete
+          :autocomplete-data-sources="autocompleteDataSources"
+          :disabled="isSubmitting"
+          :restricted-tool-bar-items="$options.restrictedToolbarItems"
+          :force-autosize="false"
+          :autosave-key="autosaveKey"
+          supports-quick-actions
+          @input="$emit('input', $event)"
+          @keydown.meta.enter="submitReview"
+          @keydown.ctrl.enter="submitReview"
+        />
+      </div>
      <template v-if="getNoteableData.current_user.can_approve">
        <gl-form-checkbox v-model="noteData.approve" data-testid="approve_merge_request">
          {{ __('Approve merge request') }}
--- a/app/assets/javascripts/batch_comments/index.js
+++ b/app/assets/javascripts/batch_comments/index.js
@ -1,10 +1,11 @@
 import Vue from 'vue';
 import VueApollo from 'vue-apollo';
 import { mapActions, mapGetters } from 'vuex';
+import { parseBoolean } from '~/lib/utils/common_utils';
 import { apolloProvider } from '~/graphql_shared/issuable_client';
 import store from '~/mr_notes/stores';

-export const initReviewBar = ({ editorAiActions = [] } = {}) => {
+export const initReviewBar = () => {
  const el = document.getElementById('js-review-bar');

  if (!el) return;
@ -21,7 +22,7 @@ export const initReviewBar = ({ editorAiActions = [] } = {}) => {
    },
    provide: {
      newCommentTemplatePath: el.dataset.newCommentTemplatePath,
-      editorAiActions,
+      canSummarize: parseBoolean(el.dataset.canSummarize),
    },
    computed: {
      ...mapGetters('batchComments', ['draftsCount']),
--- a/app/assets/javascripts/diffs/components/diff_file.vue
+++ b/app/assets/javascripts/diffs/components/diff_file.vue
@ -226,6 +226,12 @@ export default {
    }

    this.manageViewedEffects();
+
+    if (this.viewDiffsFileByFile) {
+      requestIdleCallback(() => {
+        this.prefetchFileNeighbors();
+      });
+    }
  },
  beforeDestroy() {
    eventHub.$off(EVT_EXPAND_ALL_FILES, this.expandAllListener);
@ -234,6 +240,7 @@ export default {
    ...mapActions('diffs', [
      'loadCollapsedDiff',
      'assignDiscussionsToDiff',
+      'prefetchFileNeighbors',
      'setFileCollapsedByUser',
      'saveDiffDiscussion',
      'toggleFileCommentForm',
--- a/app/assets/javascripts/diffs/components/diff_line.vue
+++ b/app/assets/javascripts/diffs/components/diff_line.vue
@ -1,9 +1,9 @@
 <script>
-import DiffCodeQuality from './diff_code_quality.vue';
+import InlineFindings from './inline_findings.vue';

 export default {
  components: {
-    DiffCodeQuality,
+    InlineFindings,
  },
  props: {
    line: {
@ -26,9 +26,9 @@ export default {
    },
  },
  methods: {
-    hideCodeQualityFindings() {
+    hideInlineFindings() {
      this.$emit(
-        'hideCodeQualityFindings',
+        'hideInlineFindings',
        this.codeQualityLineNumber ? this.codeQualityLineNumber : this.sastLineNumber,
      );
    },
@ -37,9 +37,9 @@ export default {
 </script>

 <template>
-  <diff-code-quality
+  <inline-findings
    :code-quality="parsedCodeQuality"
    :sast="parsedSast"
-    @hideCodeQualityFindings="hideCodeQualityFindings"
+    @hideInlineFindings="hideInlineFindings"
  />
 </template>
--- a/app/assets/javascripts/diffs/components/diff_view.vue
+++ b/app/assets/javascripts/diffs/components/diff_view.vue
@ -100,7 +100,7 @@ export default {
      }
      this.idState.dragStart = line;
    },
-    hideCodeQualityFindings(line) {
+    hideInlineFindings(line) {
      const index = this.codeQualityExpandedLines.indexOf(line);
      if (index > -1) {
        this.codeQualityExpandedLines.splice(index, 1);
@ -110,7 +110,7 @@ export default {
      if (!this.codeQualityExpandedLines.includes(line)) {
        this.codeQualityExpandedLines.push(line);
      } else {
-        this.hideCodeQualityFindings(line);
+        this.hideInlineFindings(line);
      }
    },
    onDragOver(line) {
@ -274,7 +274,7 @@ export default {
        v-if="codeQualityExpandedLines.includes(getCodeQualityLine(line))"
        :key="line.line_code"
        :line="line"
-        @hideCodeQualityFindings="hideCodeQualityFindings"
+        @hideInlineFindings="hideInlineFindings"
      />
      <div
        v-if="line.renderCommentRow"
--- a/app/assets/javascripts/diffs/components/diff_code_quality.vue
+++ b/app/assets/javascripts/diffs/components/diff_code_quality.vue
@ -24,8 +24,8 @@ export default {

 <template>
  <div
-    data-testid="diff-codequality"
-    class="gl-relative codequality-findings-list gl-border-top-1 gl-border-bottom-1 gl-bg-gray-10 gl-text-black-normal gl-pl-5 gl-pt-4 gl-pb-4"
+    data-testid="inline-findings"
+    class="gl-relative inline-findings-list gl-border-top-1 gl-border-bottom-1 gl-bg-gray-10 gl-text-black-normal gl-pl-5 gl-pt-4 gl-pb-4"
  >
    <diff-inline-findings
      v-if="codeQuality.length"
@ -40,12 +40,12 @@ export default {
    />

    <gl-button
-      data-testid="diff-codequality-close"
+      data-testid="inline-findings-close"
      category="tertiary"
      size="small"
      icon="close"
      class="gl-absolute gl-right-2 gl-top-2"
-      @click="$emit('hideCodeQualityFindings')"
+      @click="$emit('hideInlineFindings')"
    />
  </div>
 </template>
--- a/app/assets/javascripts/diffs/store/actions.js
+++ b/app/assets/javascripts/diffs/store/actions.js
@ -113,6 +113,46 @@ export const setBaseConfig = ({ commit }, options) => {
  });
 };

+export const prefetchSingleFile = async ({ state, getters, commit }, treeEntry) => {
+  const versionPath = state.mergeRequestDiff?.version_path;
+
+  if (
+    treeEntry &&
+    !treeEntry.diffLoaded &&
+    !treeEntry.diffLoading &&
+    !getters.getDiffFileByHash(treeEntry.fileHash)
+  ) {
+    const urlParams = {
+      old_path: treeEntry.filePaths.old,
+      new_path: treeEntry.filePaths.new,
+      w: state.showWhitespace ? '0' : '1',
+      view: 'inline',
+      commit_id: getters.commitId,
+    };
+
+    if (versionPath) {
+      const { diffId, startSha } = getDerivedMergeRequestInformation({ endpoint: versionPath });
+
+      urlParams.diff_id = diffId;
+      urlParams.start_sha = startSha;
+    }
+
+    commit(types.TREE_ENTRY_DIFF_LOADING, { path: treeEntry.filePaths.new });
+
+    try {
+      const { data: diffData } = await axios.get(
+        mergeUrlParams({ ...urlParams }, state.endpointDiffForPath),
+      );
+
+      commit(types.SET_DIFF_DATA_BATCH, { diff_files: diffData.diff_files });
+
+      eventHub.$emit('diffFilesModified');
+    } catch (e) {
+      commit(types.TREE_ENTRY_DIFF_LOADING, { path: treeEntry.filePaths.new, loading: false });
+    }
+  }
+};
+
 export const fetchFileByFile = async ({ state, getters, commit }) => {
  const isNoteLink = isUrlHashNoteLink(window?.location?.hash);
  const id = parseUrlHashAsFileHash(window?.location?.hash, state.currentDiffFileId);
@ -304,6 +344,17 @@ export const fetchDiffFilesMeta = ({ commit, state }) => {
      }
    });
 };
+
+export function prefetchFileNeighbors({ getters, dispatch }) {
+  const { flatBlobsList: allBlobs, currentDiffIndex: currentIndex } = getters;
+
+  const previous = Math.max(currentIndex - 1, 0);
+  const next = Math.min(allBlobs.length - 1, currentIndex + 1);
+
+  dispatch('prefetchSingleFile', allBlobs[next]);
+  dispatch('prefetchSingleFile', allBlobs[previous]);
+}
+
 export const fetchCoverageFiles = ({ commit, state }) => {
  const coveragePoll = new Poll({
    resource: {
--- a/app/assets/javascripts/diffs/store/mutation_types.js
+++ b/app/assets/javascripts/diffs/store/mutation_types.js
@ -19,6 +19,7 @@ export const RENDER_FILE = 'RENDER_FILE';
 export const SET_LINE_DISCUSSIONS_FOR_FILE = 'SET_LINE_DISCUSSIONS_FOR_FILE';
 export const REMOVE_LINE_DISCUSSIONS_FOR_FILE = 'REMOVE_LINE_DISCUSSIONS_FOR_FILE';
 export const TOGGLE_FOLDER_OPEN = 'TOGGLE_FOLDER_OPEN';
+export const TREE_ENTRY_DIFF_LOADING = 'TREE_ENTRY_DIFF_LOADING';
 export const SET_SHOW_TREE_LIST = 'SET_SHOW_TREE_LIST';
 export const SET_CURRENT_DIFF_FILE = 'SET_CURRENT_DIFF_FILE';
 export const SET_DIFF_FILE_VIEWED = 'SET_DIFF_FILE_VIEWED';
--- a/app/assets/javascripts/diffs/store/mutations.js
+++ b/app/assets/javascripts/diffs/store/mutations.js
@ -266,6 +266,9 @@ export default {
  [types.TOGGLE_FOLDER_OPEN](state, path) {
    state.treeEntries[path].opened = !state.treeEntries[path].opened;
  },
+  [types.TREE_ENTRY_DIFF_LOADING](state, { path, loading = true }) {
+    state.treeEntries[path].diffLoading = loading;
+  },
  [types.SET_SHOW_TREE_LIST](state, showTreeList) {
    state.showTreeList = showTreeList;
  },
--- a/app/assets/javascripts/diffs/store/utils.js
+++ b/app/assets/javascripts/diffs/store/utils.js
@ -593,6 +593,7 @@ export function markTreeEntriesLoaded({ priorEntries, loadedFiles }) {

    if (entry) {
      entry.diffLoaded = true;
+      entry.diffLoading = false;
    }
  });

--- a/app/assets/javascripts/diffs/utils/tree_worker_utils.js
+++ b/app/assets/javascripts/diffs/utils/tree_worker_utils.js
@ -86,6 +86,7 @@ export const generateTreeList = (files) => {
            Object.assign(entry, {
              changed: true,
              diffLoaded: false,
+              diffLoading: false,
              filePaths: {
                old: file.old_path,
                new: file.new_path,
--- a/app/assets/javascripts/merge_request_tabs.js
+++ b/app/assets/javascripts/merge_request_tabs.js
@ -183,7 +183,7 @@ function getActionFromHref(href) {
 }

 const pageBundles = {
-  show: () => import(/* webpackPrefetch: true */ 'ee_else_ce/mr_notes/mount_app'),
+  show: () => import(/* webpackPrefetch: true */ '~/mr_notes/mount_app'),
  diffs: () => import(/* webpackPrefetch: true */ '~/diffs'),
 };

--- a/app/assets/javascripts/mr_notes/init_notes.js
+++ b/app/assets/javascripts/mr_notes/init_notes.js
@ -12,7 +12,7 @@ import NotesApp from '../notes/components/notes_app.vue';
 import { getNotesFilterData } from '../notes/utils/get_notes_filter_data';
 import initWidget from '../vue_merge_request_widget';

-export default ({ editorAiActions = [] } = {}) => {
+export default () => {
  requestIdleCallback(
    () => {
      renderGFM(document.getElementById('diff-notes-app'));
@ -42,7 +42,6 @@ export default ({ editorAiActions = [] } = {}) => {
    provide: {
      reportAbusePath: notesDataset.reportAbusePath,
      newCommentTemplatePath: notesDataset.newCommentTemplatePath,
-      editorAiActions,
      mrFilter: true,
    },
    data() {
--- a/app/assets/javascripts/pages/projects/merge_requests/show/index.js
+++ b/app/assets/javascripts/pages/projects/merge_requests/show/index.js
@ -1,4 +1,4 @@
-import mountNotesApp from 'ee_else_ce/mr_notes/mount_app';
+import mountNotesApp from '~/mr_notes/mount_app';
 import { initMrPage } from 'ee_else_ce/pages/projects/merge_requests/page';

 initMrPage();
--- a/app/assets/javascripts/users/profile/actions/components/user_actions_app.vue
+++ b/app/assets/javascripts/users/profile/actions/components/user_actions_app.vue
@ -11,13 +11,17 @@ export default {
      type: String,
      required: true,
    },
+    rssSubscriptionPath: {
+      type: String,
+      required: true,
+    },
  },
  data() {
    return {
-      // Only implement the copy function in MR for now
+      // Only implement the copy function and RSS subscription in MR for now
      // https://gitlab.com/gitlab-org/gitlab/-/merge_requests/122971
      // The rest will be implemented in the upcoming MR.
-      dropdownItems: [
+      defaultDropdownItems: [
        {
          action: this.onUserIdCopy,
          text: sprintf(this.$options.i18n.userId, { id: this.userId }),
@ -28,6 +32,23 @@ export default {
      ],
    };
  },
+  computed: {
+    dropdownItems() {
+      if (this.rssSubscriptionPath) {
+        return [
+          ...this.defaultDropdownItems,
+          {
+            href: this.rssSubscriptionPath,
+            text: this.$options.i18n.rssSubscribe,
+            extraAttrs: {
+              'data-testid': 'user-profile-rss-subscription-link',
+            },
+          },
+        ];
+      }
+      return this.defaultDropdownItems;
+    },
+  },
  methods: {
    onUserIdCopy() {
      this.$toast.show(this.$options.i18n.userIdCopied);
@ -36,6 +57,7 @@ export default {
  i18n: {
    userId: s__('UserProfile|Copy user ID: %{id}'),
    userIdCopied: s__('UserProfile|User ID copied to clipboard'),
+    rssSubscribe: s__('UserProfile|Subscribe'),
  },
 };
 </script>
--- a/app/assets/javascripts/users/profile/actions/index.js
+++ b/app/assets/javascripts/users/profile/actions/index.js
@ -7,7 +7,7 @@ export const initUserActionsApp = () => {

  if (!mountingEl) return false;

-  const { userId } = mountingEl.dataset;
+  const { userId, rssSubscriptionPath } = mountingEl.dataset;

  Vue.use(GlToast);

@ -18,6 +18,7 @@ export const initUserActionsApp = () => {
      return createElement(UserActionsApp, {
        props: {
          userId,
+          rssSubscriptionPath,
        },
      });
    },
--- a/app/controllers/repositories/lfs_api_controller.rb
+++ b/app/controllers/repositories/lfs_api_controller.rb
@ -64,11 +64,13 @@ module Repositories
        .for_oids(objects_oids)
        .index_by(&:oid)

+      guest_can_download = Guest.can?(:download_code, project)
+
      objects.each do |object|
        if lfs_object = existing_oids[object[:oid]]
          object[:actions] = download_actions(object, lfs_object)

-          if Guest.can?(:download_code, project)
+          if guest_can_download
            object[:authenticated] = true
          end
        else
--- a/app/graphql/types/merge_request_state_enum.rb
+++ b/app/graphql/types/merge_request_state_enum.rb
@ -5,6 +5,7 @@ module Types
    graphql_name 'MergeRequestState'
    description 'State of a GitLab merge request'

-    value 'merged', description: "Merge request has been merged."
+    value 'merged', description: 'Merge request has been merged.'
+    value 'opened', description: 'Opened merge request.'
  end
 end
--- a/app/graphql/types/todo_action_enum.rb
+++ b/app/graphql/types/todo_action_enum.rb
@ -12,5 +12,6 @@ module Types
    value 'merge_train_removed', value: 8, description: 'Merge request authored by the user was removed from the merge train.'
    value 'review_requested', value: 9, description: 'Review was requested from the user.'
    value 'member_access_requested', value: 10, description: 'Group or project access requested from the user.'
+    value 'review_submitted', value: 11, description: 'Merge request authored by the user received a review.'
  end
 end
--- a/app/helpers/markup_helper.rb
+++ b/app/helpers/markup_helper.rb
@ -110,8 +110,8 @@ module MarkupHelper
    prepare_asciidoc_context(file_name, context)

    html = Markup::RenderingService
-      .new(text, file_name: file_name, context: context, postprocess_context: postprocess_context)
-      .execute
+             .new(text, file_name: file_name, context: context, postprocess_context: postprocess_context)
+             .execute

    Hamlit::RailsHelpers.preserve(html)
  end
@ -124,8 +124,8 @@ module MarkupHelper
    prepare_asciidoc_context(wiki_page.path, context)

    html = Markup::RenderingService
-      .new(text, file_name: wiki_page.path, context: context, postprocess_context: postprocess_context)
-      .execute
+             .new(text, file_name: wiki_page.path, context: context, postprocess_context: postprocess_context)
+             .execute

    Hamlit::RailsHelpers.preserve(html)
  end
@ -192,15 +192,21 @@ module MarkupHelper

  def markdown_toolbar_button(options = {})
    data = options[:data].merge({ container: 'body' })
-    css_classes = %w[gl-button btn btn-default-tertiary btn-icon btn-sm js-md has-tooltip] << options[:css_class].to_s
-    content_tag :button,
-      type: 'button',
-      class: css_classes.join(' '),
-      data: data,
-      title: options[:title],
-      aria: { label: options[:title] } do
-      sprite_icon(options[:icon])
-    end
+    css_classes = %w[js-md has-tooltip] << options[:css_class].to_s
+
+    render Pajamas::ButtonComponent.new(
+      category: :tertiary,
+      size: :small,
+      icon: options[:icon],
+      button_options: {
+        class: css_classes.join(' '),
+        data: data,
+        title: options[:title],
+        aria: {
+          label: options[:title]
+        }
+      }
+    )
  end

  def render_markdown_field(object, field, context = {})
--- a/app/helpers/merge_requests_helper.rb
+++ b/app/helpers/merge_requests_helper.rb
@ -309,6 +309,10 @@ module MergeRequestsHelper
  def tab_count_display(merge_request, count)
    merge_request.preparing? ? "-" : count
  end
+
+  def review_bar_data(_merge_request, _user)
+    { new_comment_template_path: profile_comment_templates_path }
+  end
 end

 MergeRequestsHelper.prepend_mod_with('MergeRequestsHelper')
--- a/app/helpers/todos_helper.rb
+++ b/app/helpers/todos_helper.rb
@ -30,6 +30,7 @@ module TodosHelper
    when Todo::MEMBER_ACCESS_REQUESTED then format(
      s_("Todos|has requested access to %{what} %{which}"), what: _(todo.member_access_type), which: _(todo.target.name)
    )
+    when Todo::REVIEW_SUBMITTED then s_('Todos|reviewed your merge request')
    end
  end

--- a/app/models/todo.rb
+++ b/app/models/todo.rb
@ -24,6 +24,7 @@ class Todo < ApplicationRecord
  MERGE_TRAIN_REMOVED = 8 # This is an EE-only feature
  REVIEW_REQUESTED    = 9
  MEMBER_ACCESS_REQUESTED = 10
+  REVIEW_SUBMITTED = 11 # This is an EE-only feature

  ACTION_NAMES = {
    ASSIGNED => :assigned,
@ -35,7 +36,8 @@ class Todo < ApplicationRecord
    UNMERGEABLE => :unmergeable,
    DIRECTLY_ADDRESSED => :directly_addressed,
    MERGE_TRAIN_REMOVED => :merge_train_removed,
-    MEMBER_ACCESS_REQUESTED => :member_access_requested
+    MEMBER_ACCESS_REQUESTED => :member_access_requested,
+    REVIEW_SUBMITTED => :review_submitted
  }.freeze

  ACTIONS_MULTIPLE_ALLOWED = [Todo::MENTIONED, Todo::DIRECTLY_ADDRESSED, Todo::MEMBER_ACCESS_REQUESTED].freeze
--- a/app/views/projects/merge_requests/_page.html.haml
+++ b/app/views/projects/merge_requests/_page.html.haml
@ -106,7 +106,7 @@
 - if @merge_request.can_be_cherry_picked?
  = render "projects/commit/change", type: 'cherry-pick', commit: @merge_request.merge_commit

-#js-review-bar{ data: { new_comment_template_path: profile_comment_templates_path } }
+#js-review-bar{ data: review_bar_data(@merge_request, current_user) }

 - if current_user && Feature.enabled?(:mr_experience_survey, current_user)
  #js-mr-experience-survey{ data: { account_age: current_user.account_age_in_days } }
--- a/app/views/users/show.html.haml
+++ b/app/views/users/show.html.haml
@ -26,7 +26,7 @@
              = s_("UserProfile|Edit profile")
          = render 'users/view_gpg_keys'
          = render 'users/view_user_in_admin_area'
-          .js-user-profile-actions{ data: { user_id: @user.id } }
+          .js-user-profile-actions{ data: { user_id: @user.id, rss_subscription_path: can?(current_user, :read_user_profile, @user) ? user_path(@user, rss_url_options) : '' } }
      - else
        = render layout: 'users/cover_controls' do
          - if @user == current_user
--- a/doc/administration/geo/setup/external_database.md
+++ b/doc/administration/geo/setup/external_database.md
@ -189,6 +189,8 @@ potential replication issues. The Linux package automatically configures a track
 when `roles ['geo_secondary_role']` is set.
 If you want to run this database external to your Linux package installation, use the following instructions.

+#### Cloud-managed database services
+
 If you are using a cloud-managed service for the tracking database, you may need
 to grant additional roles to your tracking database user (by default, this is
 `gitlab_geo`):
@ -200,8 +202,6 @@ to grant additional roles to your tracking database user (by default, this is
 This is for the installation of extensions during installation and upgrades. As an alternative,
 [ensure the extensions are installed manually, and read about the problems that may arise during future GitLab upgrades](../../../install/postgresql_extensions.md).

-To setup an external tracking database, follow the instructions below:
-
 NOTE:
 If you want to use Amazon RDS as a tracking database, make sure it has access to
 the secondary database. Unfortunately, just assigning the same security group is not enough as
@ -209,6 +209,10 @@ outbound rules do not apply to RDS PostgreSQL databases. Therefore, you need to
 rule to the read-replica's security group allowing any TCP traffic from
 the tracking database on port 5432.

+#### Create the tracking database
+
+Create and configure the tracking database in your PostgreSQL instance:
+
 1. Set up PostgreSQL according to the
   [database requirements document](../../../install/requirements.md#database).
 1. Set up a `gitlab_geo` user with a password of your choice, create the `gitlabhq_geo_production` database, and make the user an owner of the database. You can see an example of this setup in the [installation from source documentation](../../../install/installation.md#7-database).
@ -226,6 +230,10 @@ the tracking database on port 5432.
   host    all         all               <trusted secondary IP>/32     md5
   ```

+#### Configure GitLab
+
+Configure GitLab to use this database. These steps are for Linux package and Docker deployments.
+
 1. SSH into a GitLab **secondary** server and login as root:

   ```shell
@ -246,14 +254,19 @@ the tracking database on port 5432.

 1. Save the file and [reconfigure GitLab](../../restart_gitlab.md#reconfigure-a-linux-package-installation)

-1. The reconfigure should automatically create the database. If needed, you can perform this task manually. This task (whether run by itself or during reconfigure) requires the database user to be a superuser.
+#### Set up the database schema
+
+The reconfigure in the [steps above](#configure-gitlab) for Linux package and Docker deployments should handle these steps automatically.
+
+1. This task creates the database schema. It requires the database user to be a superuser.

   ```shell
-   gitlab-rake db:create:geo
+   sudo gitlab-rake db:create:geo
   ```

-1. The reconfigure should automatically migrate the database. You can migrate the database manually if needed, for example if `geo_secondary['auto_migrate'] = false`:
+1. Applying Rails database migrations (schema and data updates) is also performed by reconfigure. If `geo_secondary['auto_migrate'] = false` is set, or
+   the schema was created manually, this step will be required:

   ```shell
-   gitlab-rake db:migrate:geo
+   sudo gitlab-rake db:migrate:geo
   ```
--- a/doc/administration/operations/gitlab_sshd.md
+++ b/doc/administration/operations/gitlab_sshd.md
@ -112,7 +112,7 @@ To enable the PROXY protocol:

   ```ruby
   gitlab_sshd['proxy_protocol'] = true
-   # # Proxy protocol policy ("use", "require", "reject", "ignore"), "use" is the default value
+   # Proxy protocol policy ("use", "require", "reject", "ignore"), "use" is the default value
   gitlab_sshd['proxy_policy'] = "use"
   ```

--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@ -13199,6 +13199,8 @@ Represents the total number of issues and their weights for a particular day.
 | <a id="cicatalogresourceid"></a>`id` **{warning-solid}** | [`ID!`](#id) | **Introduced** in 15.11. This feature is an Experiment. It can be changed or removed at any time. ID of the catalog resource. |
 | <a id="cicatalogresourcelatestversion"></a>`latestVersion` **{warning-solid}** | [`Release`](#release) | **Introduced** in 16.1. This feature is an Experiment. It can be changed or removed at any time. Latest version of the catalog resource. |
 | <a id="cicatalogresourcename"></a>`name` **{warning-solid}** | [`String`](#string) | **Introduced** in 15.11. This feature is an Experiment. It can be changed or removed at any time. Name of the catalog resource. |
+| <a id="cicatalogresourceopenissuescount"></a>`openIssuesCount` **{warning-solid}** | [`Int!`](#int) | **Introduced** in 16.3. This feature is an Experiment. It can be changed or removed at any time. Count of open issues that belong to the the catalog resource. |
+| <a id="cicatalogresourceopenmergerequestscount"></a>`openMergeRequestsCount` **{warning-solid}** | [`Int!`](#int) | **Introduced** in 16.3. This feature is an Experiment. It can be changed or removed at any time. Count of open merge requests that belong to the the catalog resource. |
 | <a id="cicatalogresourcereadmehtml"></a>`readmeHtml` **{warning-solid}** | [`String!`](#string) | **Introduced** in 16.1. This feature is an Experiment. It can be changed or removed at any time. GitLab Flavored Markdown rendering of `readme`. |
 | <a id="cicatalogresourcerootnamespace"></a>`rootNamespace` **{warning-solid}** | [`Namespace`](#namespace) | **Introduced** in 16.1. This feature is an Experiment. It can be changed or removed at any time. Root namespace of the catalog resource. |
 | <a id="cicatalogresourcestarcount"></a>`starCount` **{warning-solid}** | [`Int!`](#int) | **Introduced** in 16.1. This feature is an Experiment. It can be changed or removed at any time. Number of times the catalog resource has been starred. |
@ -26576,7 +26578,7 @@ State of a GitLab merge request.
 | <a id="mergerequeststateclosed"></a>`closed` | In closed state. |
 | <a id="mergerequeststatelocked"></a>`locked` | Discussion has been locked. |
 | <a id="mergerequeststatemerged"></a>`merged` | Merge request has been merged. |
-| <a id="mergerequeststateopened"></a>`opened` | In open state. |
+| <a id="mergerequeststateopened"></a>`opened` | Opened merge request. |

 ### `MergeStatus`

@ -27259,6 +27261,7 @@ Values for sorting timelogs.
 | <a id="todoactionenummentioned"></a>`mentioned` | User was mentioned. |
 | <a id="todoactionenummerge_train_removed"></a>`merge_train_removed` | Merge request authored by the user was removed from the merge train. |
 | <a id="todoactionenumreview_requested"></a>`review_requested` | Review was requested from the user. |
+| <a id="todoactionenumreview_submitted"></a>`review_submitted` | Merge request authored by the user received a review. |
 | <a id="todoactionenumunmergeable"></a>`unmergeable` | Merge request authored by the user could not be merged. |

 ### `TodoStateEnum`
--- a/doc/api/merge_request_approvals.md
+++ b/doc/api/merge_request_approvals.md
@ -89,7 +89,7 @@ Supported attributes:
 > - Pagination support [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/31011) in GitLab 15.3 [with a flag](../administration/feature_flags.md) named `approval_rules_pagination`. Enabled by default.
 > - `applies_to_all_protected_branches` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/335316) in GitLab 15.3.
 > - Pagination support [generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/366823) in GitLab 15.7. Feature flag `approval_rules_pagination` removed.
-> - `usernames` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/) in GitLab 15.8.
+> - `usernames` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/102446) in GitLab 15.8.

 You can request information about a project's approval rules using the following endpoint:

@ -193,7 +193,7 @@ Supported attributes:

 > - Introduced in GitLab 13.7.
 > - `applies_to_all_protected_branches` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/335316) in GitLab 15.3.
-> - `usernames` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/) in GitLab 1x.x.
+> - `usernames` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/102446) in GitLab 15.8.

 You can request information about a single project approval rules using the following endpoint:

@ -295,7 +295,7 @@ Supported attributes:
 > - Moved to GitLab Premium in 13.9.
 > - [Removed](https://gitlab.com/gitlab-org/gitlab/-/issues/357300) the Vulnerability-Check feature in GitLab 15.0.
 > - `applies_to_all_protected_branches` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/335316) in GitLab 15.3.
-> - `usernames` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/) in GitLab 1x.x.
+> - `usernames` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/102446) in GitLab 15.8.

 You can create project approval rules using the following endpoint:

@ -422,7 +422,7 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \
 > - Moved to GitLab Premium in 13.9.
 > - [Removed](https://gitlab.com/gitlab-org/gitlab/-/issues/357300) the Vulnerability-Check feature in GitLab 15.0.
 > - `applies_to_all_protected_branches` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/335316) in GitLab 15.3.
-> - `usernames` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/) in GitLab 1x.x.
+> - `usernames` property was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/102446) in GitLab 15.8.

 You can update project approval rules using the following endpoint:

--- a/doc/ci/environments/kubernetes_dashboard.md
+++ b/doc/ci/environments/kubernetes_dashboard.md
@ -20,6 +20,9 @@ For Flux users, the synchronization status of a given environment is not display

 ## Configure a dashboard

+> - Filtering resources by namespace [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/403618) in GitLab 16.2 [with a flag](../../administration/feature_flags.md) named `kubernetes_namespace_for_environment`. Disabled by default.
+> - Feature flag `kubernetes_namespace_for_environment` [enabled by default](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/127043) in GitLab 16.3.
+
 Configure a dashboard to use it for a given environment.
 You can configure dashboard for an environment that already exists, or
 add one when you create an environment.
@ -36,6 +39,7 @@ Prerequisites:
 1. Select the environment to be associated with the Kubernetes.
 1. Select **Edit**.
 1. Select a GitLab agent for Kubernetes.
+1. Optional. From the **Kubernetes namespace** dropdown list, select a namespace.
 1. Select **Save**.

 ### The environment doesn't exist
@ -45,6 +49,7 @@ Prerequisites:
 1. Select **New environment**.
 1. Complete the **Name** field.
 1. Select a GitLab agent for Kubernetes.
+1. Optional. From the **Kubernetes namespace** dropdown list, select a namespace.
 1. Select **Save**.

 ## View a dashboard
--- a/doc/development/database/database_migration_pipeline.md
+++ b/doc/development/database/database_migration_pipeline.md
@ -44,6 +44,13 @@ The next section of the comment contains detailed information for each migration
  calls, timings, and the number of the changed rows.
 - **Runtime histogram** - Indicates the distribution of query times for the migration.

+### Database size increase
+
+Occasionally, a migration shows a +8.00 KiB size increase, even if the migration was not
+expected to result in a size increase. Completing any migration adds a row to the
+`schema_migrations` table, which may require a new disk page to be created.
+If a new disk page is created, the size of the database will grow by exactly 8 KiB.
+
 ## Background migration details

 The next section of the comment contains detailed information about each batched background migration, including:
--- a/doc/tutorials/plan_and_track.md
+++ b/doc/tutorials/plan_and_track.md
@ -14,6 +14,7 @@ issues, epics, and more.
 | [GitLab Agile Project Management](https://levelup.gitlab.com/courses/gitlab-agile-project-management) | Learn how to use planning features to manage your projects in this self-paced course. | **{star}** |
 | [Create a project from a template](https://gitlab.com/projects/new#create_from_template) | Choose a project template and create a project with files to get you started. | |
 | [Migrate to GitLab](../user/project/import/index.md) | If you are coming to GitLab from another platform, you can import or convert your projects. | |
+| [Build a protected workflow for your project](protected_workflow/index.md) | Set up a workflow for your teams, and enforce protections with approval rules. | |
 | [Run an agile iteration](agile_sprint/index.md) | Use group, projects, and iterations to run an agile development iteration. |
 | [Set up issue boards for team hand-off](boards_for_teams/index.md) | Use issue boards and scoped labels to set up collaboration across many teams. | **{star}** |
 | <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> [Epics and Issue Boards](https://www.youtube.com/watch?v=I1bFIAQBHB8) | Find out how to use epics and issue boards for project management. | |
--- a/doc/update/index.md
+++ b/doc/update/index.md
@ -415,13 +415,13 @@ For more information, see [issue 415724](https://gitlab.com/gitlab-org/gitlab/-/
 ### 15.8.2

 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.

 ### 15.8.1

 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

@ -430,50 +430,50 @@ For more information, see [issue 415724](https://gitlab.com/gitlab-org/gitlab/-/
 - Git 2.38.0 and later is required by Gitaly. For installations from source, you should use the [Git version provided by Gitaly](../install/installation.md#git).
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.
 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.

 ### 15.7.6

 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

 ### 15.7.5

 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

 ### 15.7.4

 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

 ### 15.7.3

 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

 ### 15.7.2

- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the upgrades. Secondary sites may contain out of date container images after a failover as a consequence. This impacts versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
+- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the upgrades. Secondary sites may contain out of date container images after a failover as a consequence. This affects versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

 ### 15.7.1

- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This impacts versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
+- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This affects versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

@ -517,7 +517,7 @@ For more information, see [issue 415724](https://gitlab.com/gitlab-org/gitlab/-/

  Sites that have configured `max_concurrency` will not be affected by this change.
  [Read more about the Sidekiq concurrency setting](../administration/sidekiq/extra_sidekiq_processes.md#concurrency).
- GitLab Runner 15.7.0 introduced a breaking change that impacts CI/CD jobs: [Correctly handle expansion of job file variables](https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/3613).
+- GitLab Runner 15.7.0 introduced a breaking change that affects CI/CD jobs: [Correctly handle expansion of job file variables](https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/3613).
  Previously, job-defined variables that referred to
  [file type variables](../ci/variables/index.md#use-file-type-cicd-variables)
  were expanded to the value of the file variable (its content). This behavior did not
@ -525,64 +525,64 @@ For more information, see [issue 415724](https://gitlab.com/gitlab-org/gitlab/-/
  that secrets or sensitive information could leak if the file variable and its
  contents printed. For example, if they were printed in an echo output. For more information,
  see [Understanding the file type variable expansion change in GitLab 15.7](https://about.gitlab.com/blog/2023/02/13/impact-of-the-file-type-variable-change-15-7/).
- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This impacts versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
+- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This affects versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.
 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.

 ### 15.6.7

 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

 ### 15.6.6

- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This impacts versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
+- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This affects versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

 ### 15.6.5

- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This impacts versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
+- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This affects versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

 ### 15.6.4

- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This impacts versions 15.6.0 - 15.6.6, and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
+- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This affects versions 15.6.0 - 15.6.6, and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

 ### 15.6.3

- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This impacts versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
+- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This affects versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

 ### 15.6.2

- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This impacts versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
+- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This affects versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

 ### 15.6.1

- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This impacts versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
+- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This affects versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

@ -604,9 +604,9 @@ For more information, see [issue 415724](https://gitlab.com/gitlab-org/gitlab/-/
  This issue was [fixed in GitLab 15.7](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/105375) and backported
  to GitLab 15.6.2. The issue can also be worked around:
  [read about how to create these indexes](https://gitlab.com/gitlab-org/gitlab/-/issues/378343#note_1199863087).
- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This impacts versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
+- Geo: [Container registry push events are rejected](https://gitlab.com/gitlab-org/gitlab/-/issues/386389) by the `/api/v4/container_registry_event/events` endpoint resulting in Geo secondary sites not being aware of updates to container registry images and subsequently not replicating the updates. Secondary sites may contain out of date container images after a failover as a consequence. This affects versions 15.6.0 - 15.6.6 and 15.7.0 - 15.7.2. If you're using Geo with container repositories, you are advised to upgrade to GitLab 15.6.7, 15.7.3, or 15.8.0 which contain a fix for this issue and avoid potential data loss after a failover.
 - Geo: We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover.
-  - Impacted versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
+  - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2.
  - Versions containing fix: GitLab 15.8.3 and later.
 - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information.

@ -687,7 +687,7 @@ For more information, see [issue 415724](https://gitlab.com/gitlab-org/gitlab/-/

 - A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706) prevents some premium features of GitLab from working correctly if you add a new license. Workarounds for this issue:
  - Restart all Rails, Sidekiq and Gitaly nodes after applying a new license. This clears the relevant license caches and allows all premium features to operate correctly.
-  - Upgrade to a version that is not impacted by this issue. The following upgrade paths are available for impacted versions:
+  - Upgrade to a version that is not affected by this issue. The following upgrade paths are available for affected versions:
    - 15.2.5 --> 15.3.5
    - 15.3.0 - 15.3.4 --> 15.3.5
    - 15.4.1 --> 15.4.3
@ -697,7 +697,7 @@ For more information, see [issue 415724](https://gitlab.com/gitlab-org/gitlab/-/

 - A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706) prevents some premium features of GitLab from working correctly if you add a new license. Workarounds for this issue:
  - Restart all Rails, Sidekiq and Gitaly nodes after applying a new license. This clears the relevant license caches and allows all premium features to operate correctly.
-  - Upgrade to a version that is not impacted by this issue. The following upgrade paths are available for impacted versions:
+  - Upgrade to a version that is not affected by this issue. The following upgrade paths are available for affected versions:
    - 15.2.5 --> 15.3.5
    - 15.3.0 - 15.3.4 --> 15.3.5
    - 15.4.1 --> 15.4.3
@ -740,7 +740,7 @@ For more information, see [issue 415724](https://gitlab.com/gitlab-org/gitlab/-/
 A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706) prevents some premium features of GitLab from working correctly if you add a new license. Workarounds for this issue:

 - Restart all Rails, Sidekiq and Gitaly nodes after applying a new license. This clears the relevant license caches and allows all premium features to operate correctly.
- Upgrade to a version that is not impacted by this issue. The following upgrade paths are available for impacted versions:
+- Upgrade to a version that is not affected by this issue. The following upgrade paths are available for affected versions:
  - 15.2.5 --> 15.3.5
  - 15.3.0 - 15.3.4 --> 15.3.5
  - 15.4.1 --> 15.4.3
@ -752,7 +752,7 @@ A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706)
 - A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706) prevents some premium features of GitLab from working correctly if you add a new license. Workarounds for this issue:

  - Restart all Rails, Sidekiq and Gitaly nodes after applying a new license. This clears the relevant license caches and allows all premium features to operate correctly.
-  - Upgrade to a version that is not impacted by this issue. The following upgrade paths are available for impacted versions:
+  - Upgrade to a version that is not affected by this issue. The following upgrade paths are available for affected versions:
    - 15.2.5 --> 15.3.5
    - 15.3.0 - 15.3.4 --> 15.3.5
    - 15.4.1 --> 15.4.3
@ -762,7 +762,7 @@ A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706)
 A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706) prevents some premium features of GitLab from working correctly if you add a new license. Workarounds for this issue:

 - Restart all Rails, Sidekiq and Gitaly nodes after applying a new license. This clears the relevant license caches and allows all premium features to operate correctly.
- Upgrade to a version that is not impacted by this issue. The following upgrade paths are available for impacted versions:
+- Upgrade to a version that is not affected by this issue. The following upgrade paths are available for affected versions:
  - 15.2.5 --> 15.3.5
  - 15.3.0 - 15.3.4 --> 15.3.5
  - 15.4.1 --> 15.4.3
@ -772,7 +772,7 @@ A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706)
 A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706) prevents some premium features of GitLab from working correctly if you add a new license. Workarounds for this issue:

 - Restart all Rails, Sidekiq and Gitaly nodes after applying a new license. This clears the relevant license caches and allows all premium features to operate correctly.
- Upgrade to a version that is not impacted by this issue. The following upgrade paths are available for impacted versions:
+- Upgrade to a version that is not affected by this issue. The following upgrade paths are available for affected versions:
  - 15.2.5 --> 15.3.5
  - 15.3.0 - 15.3.4 --> 15.3.5
  - 15.4.1 --> 15.4.3
@ -786,7 +786,7 @@ A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706)
 - A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706) prevents some premium features of GitLab from working correctly if you add a new license. Workarounds for this issue:

  - Restart all Rails, Sidekiq and Gitaly nodes after applying a new license. This clears the relevant license caches and allows all premium features to operate correctly.
-  - Upgrade to a version that is not impacted by this issue. The following upgrade paths are available for impacted versions:
+  - Upgrade to a version that is not affected by this issue. The following upgrade paths are available for affected versions:
    - 15.2.5 --> 15.3.5
    - 15.3.0 - 15.3.4 --> 15.3.5
    - 15.4.1 --> 15.4.3
@ -796,7 +796,7 @@ A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706)
 A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706) prevents some premium features of GitLab from working correctly if you add a new license. Workarounds for this issue:

 - Restart all Rails, Sidekiq and Gitaly nodes after applying a new license. This clears the relevant license caches and allows all premium features to operate correctly.
- Upgrade to a version that is not impacted by this issue. The following upgrade paths are available for impacted versions:
+- Upgrade to a version that is not affected by this issue. The following upgrade paths are available for affected versions:
  - 15.2.5 --> 15.3.5
  - 15.3.0 - 15.3.4 --> 15.3.5
  - 15.4.1 --> 15.4.3
--- a/lib/gitlab/ci/reports/sbom/component.rb
+++ b/lib/gitlab/ci/reports/sbom/component.rb
@ -14,6 +14,10 @@ module Gitlab
            @version = version
          end

+          def <=>(other)
+            sort_by_attributes(self) <=> sort_by_attributes(other)
+          end
+
          def ingestible?
            supported_component_type? && supported_purl_type?
          end
@ -37,6 +41,23 @@ module Gitlab
            # however, if the purl type is provided, it _must be valid_
            ::Enums::Sbom.purl_types.include?(purl.type.to_sym)
          end
+
+          def sort_by_attributes(component)
+            [
+              component.name,
+              purl_type_int(component),
+              component_type_int(component),
+              component.version.to_s
+            ]
+          end
+
+          def component_type_int(component)
+            ::Enums::Sbom::COMPONENT_TYPES.fetch(component.component_type.to_sym)
+          end
+
+          def purl_type_int(component)
+            ::Enums::Sbom::PURL_TYPES.fetch(component.purl&.type&.to_sym, 0)
+          end
        end
      end
    end
--- a/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml
@ -10,6 +10,7 @@ code_quality:
    DOCKER_TLS_CERTDIR: ""
    CODE_QUALITY_IMAGE_TAG: "0.96.0"
    CODE_QUALITY_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/gitlab-org/ci-cd/codequality:$CODE_QUALITY_IMAGE_TAG"
+    DOCKER_SOCKET_PATH: /var/run/docker.sock
  needs: []
  script:
    - export SOURCE_CODE=$PWD
@ -46,9 +47,10 @@ code_quality:
          CODECLIMATE_PREFIX \
          CODECLIMATE_REGISTRY_USERNAME \
          CODECLIMATE_REGISTRY_PASSWORD \
+          DOCKER_SOCKET_PATH \
        ) \
        --volume "$PWD":/code \
-        --volume /var/run/docker.sock:/var/run/docker.sock \
+        --volume "$DOCKER_SOCKET_PATH":/var/run/docker.sock \
        "$CODE_QUALITY_IMAGE" /code
  artifacts:
    reports:
--- a/lib/gitlab/repository_size_error_message.rb
+++ b/lib/gitlab/repository_size_error_message.rb
@ -7,8 +7,7 @@ module Gitlab
    delegate :current_size, :limit, :exceeded_size, :additional_repo_storage_available?, to: :@checker

    # @param checker [RepositorySizeChecker]
-    def initialize(checker, message_params = {})
-      @message_params = message_params
+    def initialize(checker)
      @checker = checker
    end

@ -20,14 +19,6 @@ module Gitlab
      "This merge request cannot be merged, #{base_message}"
    end

-    def push_warning
-      _("##### WARNING ##### You have used %{usage_percentage} of the storage quota for %{namespace_name} " \
-        "(%{current_size} of %{size_limit}). If %{namespace_name} exceeds the storage quota, " \
-        "all projects in the namespace will be locked and actions will be restricted. " \
-        "To manage storage, or purchase additional storage, see %{manage_storage_url}. " \
-        "To learn more about restricted actions, see %{restricted_actions_url}") % push_message_params
-    end
-
    def push_error(change_size = 0)
      "Your push has been rejected, #{base_message(change_size)}. #{more_info_message}"
    end
@ -50,19 +41,6 @@ module Gitlab

    private

-    attr_reader :message_params
-
-    def push_message_params
-      {
-        namespace_name: message_params[:namespace_name],
-        manage_storage_url: help_page_url('user/usage_quotas', 'manage-your-storage-usage'),
-        restricted_actions_url: help_page_url('user/read_only_namespaces', 'restricted-actions'),
-        current_size: formatted(current_size),
-        size_limit: formatted(limit),
-        usage_percentage: usage_percentage
-      }
-    end
-
    def base_message(change_size = 0)
      "because this repository has exceeded its size limit of #{formatted(limit)} by #{formatted(exceeded_size(change_size))}"
    end
@ -70,13 +48,5 @@ module Gitlab
    def formatted(number)
      number_to_human_size(number, delimiter: ',', precision: 2)
    end
-
-    def usage_percentage
-      number_to_percentage(@checker.usage_ratio * 100, precision: 0)
-    end
-
-    def help_page_url(path, anchor = nil)
-      ::Gitlab::Routing.url_helpers.help_page_url(path, anchor: anchor)
-    end
  end
 end
--- a/lib/gitlab/usage_data_counters/ipynb_diff_activity_counter.rb
+++ b/lib/gitlab/usage_data_counters/ipynb_diff_activity_counter.rb
@ -1,6 +1,5 @@
 # frozen_string_literal: true

-# noinspection RubyConstantNamingConvention
 module Gitlab
  module UsageDataCounters
    module IpynbDiffActivityCounter
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@ -3584,6 +3584,9 @@ msgstr ""
 msgid "AdminSettings|Set a CI/CD template as the required pipeline configuration for all projects in the instance. Project CI/CD configuration merges into the required pipeline configuration when the pipeline runs. %{link_start}What is a required pipeline configuration?%{link_end}"
 msgstr ""

+msgid "AdminSettings|Set options for cost factors of forks"
+msgstr ""
+
 msgid "AdminSettings|Set the expiration time of authentication tokens of newly registered group runners."
 msgstr ""

@ -3632,6 +3635,9 @@ msgstr ""
 msgid "AdminSettings|There are Advanced Search migrations pending that require indexing to pause. Indexing must remain paused until GitLab completes the migrations."
 msgstr ""

+msgid "AdminSettings|This cost factor will be applied to the storage consumed by forks."
+msgstr ""
+
 msgid "AdminSettings|This limit cannot be disabled. Set to 0 to block all DAG dependencies."
 msgstr ""

@ -12961,6 +12967,12 @@ msgstr ""
 msgid "CorpusManagement|Total Size: %{totalSize}"
 msgstr ""

+msgid "Cost Factor Settings"
+msgstr ""
+
+msgid "Cost factor for forks of projects"
+msgstr ""
+
 msgid "Could not access the Wiki Repository at this time."
 msgstr ""

@ -13555,9 +13567,6 @@ msgstr ""
 msgid "Creates a summary of all comments"
 msgstr ""

-msgid "Creates a summary of all your draft code comments"
-msgstr ""
-
 msgid "Creates branch '%{branch_name}' and a merge request to resolve this issue."
 msgstr ""

@ -29962,6 +29971,9 @@ msgstr ""
 msgid "Namespace Limits"
 msgstr ""

+msgid "Namespace Storage"
+msgstr ""
+
 msgid "Namespace doesn't exist or you don't have permission."
 msgstr ""

@ -29977,7 +29989,7 @@ msgstr ""
 msgid "Namespace:"
 msgstr ""

-msgid "NamespaceLimits|%{linkStart}%{username}%{linkEnd} changed the limit to %{limit} at %{date}"
+msgid "NamespaceLimits|%{date} %{linkStart}%{username}%{linkEnd} changed the limit to %{limit}"
 msgstr ""

 msgid "NamespaceLimits|Add minimum free storage amount (in MiB) that will be used to enforce storage usage for namespaces on free plan. To remove the limit, set the value to 0 and click \"Update limit\" button."
@ -30037,6 +30049,9 @@ msgstr ""
 msgid "NamespaceLimits|Free Tier"
 msgstr ""

+msgid "NamespaceLimits|NONE"
+msgstr ""
+
 msgid "NamespaceLimits|Namespace limits could not be loaded. Reload the page to try again."
 msgstr ""

@ -45107,7 +45122,7 @@ msgstr ""
 msgid "Summarize comments"
 msgstr ""

-msgid "Summarize my code review"
+msgid "Summarize my pending comments"
 msgstr ""

 msgid "Summary"
@ -47018,6 +47033,9 @@ msgstr ""
 msgid "There was an error with the reCAPTCHA. Please solve the reCAPTCHA again."
 msgstr ""

+msgid "There was an summarizing your pending comments."
+msgstr ""
+
 msgid "These dates affect how your epics appear in the roadmap. Set a fixed date or one inherited from the milestones assigned to issues in this epic."
 msgstr ""

@ -48425,6 +48443,9 @@ msgstr ""
 msgid "Todos|requested a review"
 msgstr ""

+msgid "Todos|reviewed your merge request"
+msgstr ""
+
 msgid "Todos|set %{who} as an approver"
 msgstr ""

@ -51228,12 +51249,18 @@ msgstr ""
 msgid "Vulnerability|Crash address"
 msgstr ""

+msgid "Vulnerability|Crash address:"
+msgstr ""
+
 msgid "Vulnerability|Crash state"
 msgstr ""

 msgid "Vulnerability|Crash type"
 msgstr ""

+msgid "Vulnerability|Crash type:"
+msgstr ""
+
 msgid "Vulnerability|Description"
 msgstr ""

@ -51297,6 +51324,9 @@ msgstr ""
 msgid "Vulnerability|Image"
 msgstr ""

+msgid "Vulnerability|Image:"
+msgstr ""
+
 msgid "Vulnerability|Information related to how the vulnerability was discovered and its impact on the system."
 msgstr ""

@ -51312,6 +51342,9 @@ msgstr ""
 msgid "Vulnerability|Namespace"
 msgstr ""

+msgid "Vulnerability|Namespace:"
+msgstr ""
+
 msgid "Vulnerability|Project"
 msgstr ""

@ -51360,6 +51393,9 @@ msgstr ""
 msgid "Vulnerability|Show prompt"
 msgstr ""

+msgid "Vulnerability|Stacktrace snippet:"
+msgstr ""
+
 msgid "Vulnerability|Status"
 msgstr ""

@ -51402,6 +51438,12 @@ msgstr ""
 msgid "Vulnerability|View training"
 msgstr ""

+msgid "Vulnerability|Vulnerable class:"
+msgstr ""
+
+msgid "Vulnerability|Vulnerable method:"
+msgstr ""
+
 msgid "WARNING:"
 msgstr ""

--- a/scripts/lib/glfm/render_static_html.rb
+++ b/scripts/lib/glfm/render_static_html.rb
@ -29,7 +29,6 @@ RSpec.describe 'Render Static HTML', :api, type: :request do
  include Glfm::Constants
  include Glfm::Shared

-  # noinspection RailsParamDefResolve (RubyMine can't find the shared context from this file location)
  include_context 'with GLFM example snapshot fixtures'

  it do
@ -49,7 +48,6 @@ RSpec.describe 'Render Static HTML', :api, type: :request do
      api_url = metadata_hash.dig(name, :api_request_override_path) || (api "/markdown")

      post api_url, params: { text: markdown, gfm: true }
-      # noinspection RubyResolve
      expect(response).to be_successful

      returned_html_value =
--- a/scripts/lib/glfm/shared.rb
+++ b/scripts/lib/glfm/shared.rb
@ -29,7 +29,6 @@ module Glfm
    end

    def run_external_cmd(cmd)
-      # noinspection RubyMismatchedArgumentType
      rails_root = File.expand_path('../../../', __dir__)

      # See https://stackoverflow.com/a/20001569/25192
--- a/scripts/lib/glfm/update_example_snapshots.rb
+++ b/scripts/lib/glfm/update_example_snapshots.rb
@ -358,7 +358,6 @@ module Glfm
          glfm_examples_statuses[name][:already_printed] = true

          # Copy over the existing example only if it exists and preserve_existing is true, otherwise omit this example
-          # noinspection RubyScope
          hash[name] = existing_hash[name] if existing_hash[name]

          next
--- a/scripts/lib/glfm/update_specification.rb
+++ b/scripts/lib/glfm/update_specification.rb
@ -123,7 +123,6 @@ module Glfm
      validate_expected_spec_version!(ghfm_spec_lines[2])

      # Reset IO stream and re-read into a single string for easy writing
-      # noinspection RubyNilAnalysis
      ghfm_spec_txt_uri_io.seek(0)
      ghfm_spec_string = ghfm_spec_txt_uri_io.read
      raise "Unable to read string from #{GHFM_SPEC_TXT_URI}" unless ghfm_spec_string
@ -268,9 +267,7 @@ module Glfm
    end

    # NOTE: body, title, and version are used by the ERB binding.
-    # noinspection RubyUnusedLocalVariable
    def add_styling_to_specification_html(body:, title:, version:)
-      # noinspection RubyMismatchedArgumentType
      ERB.new(File.read(File.expand_path('specification_html_template.erb', __dir__))).result(binding)
    end

--- a/scripts/lib/glfm/verify_all_generated_files_are_up_to_date.rb
+++ b/scripts/lib/glfm/verify_all_generated_files_are_up_to_date.rb
@ -25,9 +25,7 @@ module Glfm
      output("Running `yarn install --frozen-lockfile` to ensure `yarn check-dependencies` doesn't fail...")
      run_external_cmd('yarn install --frozen-lockfile')

-      # noinspection RubyMismatchedArgumentType
      update_specification_script = File.expand_path('../../glfm/update-specification.rb', __dir__)
-      # noinspection RubyMismatchedArgumentType
      update_example_snapshots_script = File.expand_path('../../glfm/update-example-snapshots.rb', __dir__)

      output("Running `#{update_specification_script}`...")
--- a/spec/factories/todos.rb
+++ b/spec/factories/todos.rb
@ -45,6 +45,10 @@ FactoryBot.define do
      action { Todo::MEMBER_ACCESS_REQUESTED }
    end

+    trait :review_submitted do
+      action { Todo::REVIEW_SUBMITTED }
+    end
+
    trait :pending do
      state { :pending }
    end
--- a/spec/features/users/rss_spec.rb
+++ b/spec/features/users/rss_spec.rb
@ -6,28 +6,53 @@ RSpec.describe 'User RSS', feature_category: :user_profile do
  let(:user) { create(:user) }
  let(:path) { user_path(create(:user)) }

-  before do
-    stub_feature_flags(user_profile_overflow_menu_vue: false)
-  end
-
-  context 'when signed in' do
+  describe 'with "user_profile_overflow_menu_vue" feature flag off' do
    before do
-      sign_in(user)
-      visit path
+      stub_feature_flags(user_profile_overflow_menu_vue: false)
    end

-    it_behaves_like "it has an RSS button with current_user's feed token"
-  end
+    context 'when signed in' do
+      before do
+        sign_in(user)
+        visit path
+      end

-  context 'when signed out' do
-    before do
-      visit path
+      it_behaves_like "it has an RSS button with current_user's feed token"
    end

-    it_behaves_like "it has an RSS button without a feed token"
+    context 'when signed out' do
+      before do
+        visit path
+      end
+
+      it_behaves_like "it has an RSS button without a feed token"
+    end
  end

-  # TODO: implement tests before the FF "user_profile_overflow_menu_vue" is turned on
-  # See: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/122971
-  # Related Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/416974
+  describe 'with "user_profile_overflow_menu_vue" feature flag on', :js do
+    context 'when signed in' do
+      before do
+        sign_in(user)
+        visit path
+      end
+
+      it 'shows the RSS link with overflow menu' do
+        find('[data-testid="base-dropdown-toggle"').click
+
+        expect(page).to have_link 'Subscribe', href: /feed_token=glft-.*-#{user.id}/
+      end
+    end
+
+    context 'when signed out' do
+      before do
+        visit path
+      end
+
+      it 'has an RSS without a feed token' do
+        find('[data-testid="base-dropdown-toggle"').click
+
+        expect(page).not_to have_link 'Subscribe', href: /feed_token=glft-.*-#{user.id}/
+      end
+    end
+  end
 end
--- a/spec/frontend/content_editor/markdown_snapshot_spec.js
+++ b/spec/frontend/content_editor/markdown_snapshot_spec.js
@ -64,7 +64,6 @@ describe('markdown example snapshots in ContentEditor', () => {
        const expectedHtml = expectedHtmlExamples[name].wysiwyg;
        const { html: actualHtml } = actualHtmlAndJsonExamples[name];

-        // noinspection JSUnresolvedFunction (required to avoid RubyMine type inspection warning, because custom matchers auto-imported via Jest test setup are not automatically resolved - see https://youtrack.jetbrains.com/issue/WEB-42350/matcher-for-jest-is-not-recognized-but-it-is-runable)
        expect(actualHtml).toMatchExpectedForMarkdown(
          'HTML',
          name,
@ -82,7 +81,6 @@ describe('markdown example snapshots in ContentEditor', () => {
        const expectedJson = expectedProseMirrorJsonExamples[name];
        const { json: actualJson } = actualHtmlAndJsonExamples[name];

-        // noinspection JSUnresolvedFunction
        expect(actualJson).toMatchExpectedForMarkdown(
          'JSON',
          name,
--- a/spec/frontend/diffs/components/diff_file_spec.js
+++ b/spec/frontend/diffs/components/diff_file_spec.js
@ -42,6 +42,7 @@ jest.mock('~/notes/mixins/diff_line_note_form', () => ({
 Vue.use(Vuex);

 const saveDiffDiscussionMock = jest.fn();
+const prefetchFileNeighborsMock = jest.fn();

 function changeViewer(store, index, { automaticallyCollapsed, manuallyCollapsed, name }) {
  const file = store.state.diffs.diffFiles[index];
@ -91,6 +92,7 @@ function createComponent({ file, first = false, last = false, options = {}, prop
  const diffs = diffsModule();
  diffs.actions = {
    ...diffs.actions,
+    prefetchFileNeighbors: prefetchFileNeighborsMock,
    saveDiffDiscussion: saveDiffDiscussionMock,
  };

@ -155,19 +157,44 @@ const triggerSaveDraftNote = (wrapper, note, parent, error) =>
  findNoteForm(wrapper).vm.$emit('handleFormUpdateAddToReview', note, false, parent, error);

 describe('DiffFile', () => {
+  let readableFile;
  let wrapper;
  let store;
  let axiosMock;

  beforeEach(() => {
+    readableFile = getReadableFile();
    axiosMock = new MockAdapter(axios);
-    ({ wrapper, store } = createComponent({ file: getReadableFile() }));
+    ({ wrapper, store } = createComponent({ file: readableFile }));
  });

  afterEach(() => {
    axiosMock.restore();
  });

+  describe('mounted', () => {
+    beforeEach(() => {
+      jest.spyOn(window, 'requestIdleCallback').mockImplementation((fn) => fn());
+    });
+
+    it.each`
+      description                                        | fileByFile
+      ${'does not prefetch if not in file-by-file mode'} | ${false}
+      ${'prefetches when in file-by-file mode'}          | ${true}
+    `('$description', ({ fileByFile }) => {
+      createComponent({
+        props: { viewDiffsFileByFile: fileByFile },
+        file: readableFile,
+      });
+
+      if (fileByFile) {
+        expect(prefetchFileNeighborsMock).toHaveBeenCalled();
+      } else {
+        expect(prefetchFileNeighborsMock).not.toHaveBeenCalled();
+      }
+    });
+  });
+
  describe('bus events', () => {
    beforeEach(() => {
      jest.spyOn(eventHub, '$emit').mockImplementation(() => {});
--- a/spec/frontend/diffs/components/diff_inline_findings_item_spec.js
+++ b/spec/frontend/diffs/components/diff_inline_findings_item_spec.js
@ -2,7 +2,7 @@ import { GlIcon, GlLink } from '@gitlab/ui';
 import { shallowMountExtended } from 'helpers/vue_test_utils_helper';
 import DiffInlineFindingsItem from '~/diffs/components/diff_inline_findings_item.vue';
 import { SEVERITY_CLASSES, SEVERITY_ICONS } from '~/ci/reports/codequality_report/constants';
-import { multipleFindingsArrCodeQualityScale } from '../mock_data/diff_code_quality';
+import { multipleFindingsArrCodeQualityScale } from '../mock_data/inline_findings';

 let wrapper;

--- a/spec/frontend/diffs/components/diff_inline_findings_spec.js
+++ b/spec/frontend/diffs/components/diff_inline_findings_spec.js
@ -2,7 +2,7 @@ import { shallowMountExtended } from 'helpers/vue_test_utils_helper';
 import DiffInlineFindings from '~/diffs/components/diff_inline_findings.vue';
 import DiffInlineFindingsItem from '~/diffs/components/diff_inline_findings_item.vue';
 import { NEW_CODE_QUALITY_FINDINGS } from '~/diffs/i18n';
-import { multipleCodeQualityNoSast } from '../mock_data/diff_code_quality';
+import { multipleCodeQualityNoSast } from '../mock_data/inline_findings';

 let wrapper;
 const heading = () => wrapper.findByTestId('diff-inline-findings-heading');
--- a/spec/frontend/diffs/components/diff_line_spec.js
+++ b/spec/frontend/diffs/components/diff_line_spec.js
@ -1,6 +1,6 @@
 import { shallowMount } from '@vue/test-utils';
 import DiffLine from '~/diffs/components/diff_line.vue';
-import DiffCodeQuality from '~/diffs/components/diff_code_quality.vue';
+import InlineFindings from '~/diffs/components/inline_findings.vue';

 const EXAMPLE_LINE_NUMBER = 3;
 const EXAMPLE_DESCRIPTION = 'example description';
@ -55,26 +55,26 @@ describe('DiffLine', () => {
    return shallowMount(DiffLine, { propsData });
  };

-  it('should emit event when hideCodeQualityFindings is called', () => {
+  it('should emit event when hideInlineFindings is called', () => {
    const wrapper = createWrapper(right);

-    wrapper.findComponent(DiffCodeQuality).vm.$emit('hideCodeQualityFindings');
+    wrapper.findComponent(InlineFindings).vm.$emit('hideInlineFindings');
    expect(wrapper.emitted()).toEqual({
-      hideCodeQualityFindings: [[EXAMPLE_LINE_NUMBER]],
+      hideInlineFindings: [[EXAMPLE_LINE_NUMBER]],
    });
  });

  mockData.forEach((element) => {
-    it('should set correct props for DiffCodeQuality', () => {
+    it('should set correct props for InlineFindings', () => {
      const wrapper = createWrapper(element);
-      expect(wrapper.findComponent(DiffCodeQuality).props('codeQuality')).toEqual([
+      expect(wrapper.findComponent(InlineFindings).props('codeQuality')).toEqual([
        {
          line: EXAMPLE_LINE_NUMBER,
          description: EXAMPLE_DESCRIPTION,
          severity: EXAMPLE_SEVERITY,
        },
      ]);
-      expect(wrapper.findComponent(DiffCodeQuality).props('sast')).toEqual([
+      expect(wrapper.findComponent(InlineFindings).props('sast')).toEqual([
        {
          line: EXAMPLE_LINE_NUMBER,
          description: EXAMPLE_DESCRIPTION,
--- a/spec/frontend/diffs/components/diff_view_spec.js
+++ b/spec/frontend/diffs/components/diff_view_spec.js
@ -4,7 +4,7 @@ import Vuex from 'vuex';
 import { throttle } from 'lodash';
 import DiffView from '~/diffs/components/diff_view.vue';
 import DiffLine from '~/diffs/components/diff_line.vue';
-import { diffCodeQuality } from '../mock_data/diff_code_quality';
+import { diffCodeQuality } from '../mock_data/inline_findings';

 jest.mock('lodash/throttle', () => jest.fn((fn) => fn));
 const lodash = jest.requireActual('lodash');
--- a/spec/frontend/diffs/components/diff_code_quality_spec.js
+++ b/spec/frontend/diffs/components/diff_code_quality_spec.js
@ -1,20 +1,17 @@
 import { mountExtended } from 'helpers/vue_test_utils_helper';
-import DiffCodeQuality from '~/diffs/components/diff_code_quality.vue';
+import InlineFindings from '~/diffs/components/inline_findings.vue';
 import DiffInlineFindings from '~/diffs/components/diff_inline_findings.vue';
 import { NEW_CODE_QUALITY_FINDINGS, NEW_SAST_FINDINGS } from '~/diffs/i18n';
-import {
-  multipleCodeQualityNoSast,
-  multipleSastNoCodeQuality,
-} from '../mock_data/diff_code_quality';
+import { multipleCodeQualityNoSast, multipleSastNoCodeQuality } from '../mock_data/inline_findings';

 let wrapper;

 const diffInlineFindings = () => wrapper.findComponent(DiffInlineFindings);
 const allDiffInlineFindings = () => wrapper.findAllComponents(DiffInlineFindings);

-describe('DiffCodeQuality', () => {
+describe('InlineFindings', () => {
  const createWrapper = (findings) => {
-    return mountExtended(DiffCodeQuality, {
+    return mountExtended(InlineFindings, {
      propsData: {
        expandedLines: [],
        codeQuality: findings.codeQuality,
@ -23,12 +20,12 @@ describe('DiffCodeQuality', () => {
    });
  };

-  it('hides details and throws hideCodeQualityFindings event on close click', async () => {
+  it('hides details and throws hideInlineFindings event on close click', async () => {
    wrapper = createWrapper(multipleCodeQualityNoSast);
-    expect(wrapper.findByTestId('diff-codequality').exists()).toBe(true);
+    expect(wrapper.findByTestId('inline-findings').exists()).toBe(true);

-    await wrapper.findByTestId('diff-codequality-close').trigger('click');
-    expect(wrapper.emitted('hideCodeQualityFindings')).toHaveLength(1);
+    await wrapper.findByTestId('inline-findings-close').trigger('click');
+    expect(wrapper.emitted('hideInlineFindings')).toHaveLength(1);
  });

  it('renders diff inline findings component with correct props for codequality array', () => {
--- a/spec/frontend/diffs/mock_data/diff_code_quality.js
+++ b/spec/frontend/diffs/mock_data/diff_code_quality.js
--- a/spec/frontend/diffs/store/actions_spec.js
+++ b/spec/frontend/diffs/store/actions_spec.js
@ -147,6 +147,175 @@ describe('DiffsStoreActions', () => {
    });
  });

+  describe('prefetchSingleFile', () => {
+    beforeEach(() => {
+      window.location.hash = 'e334a2a10f036c00151a04cea7938a5d4213a818';
+    });
+
+    it('should do nothing if the tree entry is already loading', () => {
+      return testAction(diffActions.prefetchSingleFile, { diffLoading: true }, {}, [], []);
+    });
+
+    it('should do nothing if the tree entry has already been marked as loaded', () => {
+      return testAction(
+        diffActions.prefetchSingleFile,
+        { diffLoaded: true },
+        {
+          flatBlobsList: [
+            { fileHash: 'e334a2a10f036c00151a04cea7938a5d4213a818', diffLoaded: true },
+          ],
+        },
+        [],
+        [],
+      );
+    });
+
+    describe('when a tree entry exists for the file, but it has not been marked as loaded', () => {
+      let state;
+      let getters;
+      let commit;
+      let hubSpy;
+      const defaultParams = {
+        old_path: 'old/123',
+        new_path: 'new/123',
+        w: '1',
+        view: 'inline',
+      };
+      const endpointDiffForPath = '/diffs/set/endpoint/path';
+      const diffForPath = mergeUrlParams(defaultParams, endpointDiffForPath);
+      const treeEntry = {
+        fileHash: 'e334a2a10f036c00151a04cea7938a5d4213a818',
+        filePaths: { old: 'old/123', new: 'new/123' },
+      };
+      const fileResult = {
+        diff_files: [{ file_hash: 'e334a2a10f036c00151a04cea7938a5d4213a818' }],
+      };
+
+      beforeEach(() => {
+        commit = jest.fn();
+        state = {
+          endpointDiffForPath,
+          diffFiles: [],
+        };
+        getters = {
+          flatBlobsList: [treeEntry],
+          getDiffFileByHash(hash) {
+            return state.diffFiles?.find((entry) => entry.file_hash === hash);
+          },
+        };
+        hubSpy = jest.spyOn(diffsEventHub, '$emit');
+      });
+
+      it('does nothing if the file already exists in the loaded diff files', () => {
+        state.diffFiles = fileResult.diff_files;
+
+        return testAction(diffActions.prefetchSingleFile, treeEntry, getters, [], []);
+      });
+
+      it('does some standard work every time', async () => {
+        mock.onGet(diffForPath).reply(HTTP_STATUS_OK, fileResult);
+
+        await diffActions.prefetchSingleFile({ state, getters, commit }, treeEntry);
+
+        expect(commit).toHaveBeenCalledWith(types.TREE_ENTRY_DIFF_LOADING, {
+          path: treeEntry.filePaths.new,
+        });
+
+        // wait for the mocked network request to return
+        await waitForPromises();
+
+        expect(commit).toHaveBeenCalledWith(types.SET_DIFF_DATA_BATCH, fileResult);
+
+        expect(hubSpy).toHaveBeenCalledWith('diffFilesModified');
+      });
+
+      it('should fetch data without commit ID', async () => {
+        getters.commitId = null;
+        mock.onGet(diffForPath).reply(HTTP_STATUS_OK, fileResult);
+
+        await diffActions.prefetchSingleFile({ state, getters, commit }, treeEntry);
+
+        // wait for the mocked network request to return and start processing the .then
+        await waitForPromises();
+
+        // This tests that commit_id is NOT added, if there isn't one in the store
+        expect(mock.history.get[0].url).toEqual(diffForPath);
+      });
+
+      it('should fetch data with commit ID', async () => {
+        const finalPath = mergeUrlParams(
+          { ...defaultParams, commit_id: '123' },
+          endpointDiffForPath,
+        );
+
+        getters.commitId = '123';
+        mock.onGet(finalPath).reply(HTTP_STATUS_OK, fileResult);
+
+        await diffActions.prefetchSingleFile({ state, getters, commit }, treeEntry);
+
+        // wait for the mocked network request to return and start processing the .then
+        await waitForPromises();
+
+        expect(mock.history.get[0].url).toEqual(finalPath);
+      });
+
+      describe('version parameters', () => {
+        const diffId = '4';
+        const startSha = 'abc';
+        const pathRoot = 'a/a/-/merge_requests/1';
+
+        it('fetches the data when there is no mergeRequestDiff', async () => {
+          diffActions.prefetchSingleFile({ state, getters, commit }, treeEntry);
+
+          // wait for the mocked network request to return and start processing the .then
+          await waitForPromises();
+
+          expect(mock.history.get[0].url).toEqual(diffForPath);
+        });
+
+        it.each`
+          desc                                   | versionPath                                              | start_sha    | diff_id
+          ${'no additional version information'} | ${`${pathRoot}?search=terms`}                            | ${undefined} | ${undefined}
+          ${'the diff_id'}                       | ${`${pathRoot}?diff_id=${diffId}`}                       | ${undefined} | ${diffId}
+          ${'the start_sha'}                     | ${`${pathRoot}?start_sha=${startSha}`}                   | ${startSha}  | ${undefined}
+          ${'all available version information'} | ${`${pathRoot}?diff_id=${diffId}&start_sha=${startSha}`} | ${startSha}  | ${diffId}
+        `('fetches the data and includes $desc', async ({ versionPath, start_sha, diff_id }) => {
+          const finalPath = mergeUrlParams(
+            { ...defaultParams, diff_id, start_sha },
+            endpointDiffForPath,
+          );
+          state.mergeRequestDiff = { version_path: versionPath };
+          mock.onGet(finalPath).reply(HTTP_STATUS_OK, fileResult);
+
+          diffActions.prefetchSingleFile({ state, getters, commit }, treeEntry);
+
+          // wait for the mocked network request to return
+          await waitForPromises();
+
+          expect(mock.history.get[0].url).toEqual(finalPath);
+        });
+      });
+
+      describe('when the prefetch fails', () => {
+        beforeEach(() => {
+          mock.onGet(diffForPath).reply(HTTP_STATUS_INTERNAL_SERVER_ERROR);
+        });
+
+        it('should commit a mutation to set the tree entry diff loading to false', async () => {
+          diffActions.prefetchSingleFile({ state, getters, commit }, treeEntry);
+
+          // wait for the mocked network request to return
+          await waitForPromises();
+
+          expect(commit).toHaveBeenCalledWith(types.TREE_ENTRY_DIFF_LOADING, {
+            path: treeEntry.filePaths.new,
+            loading: false,
+          });
+        });
+      });
+    });
+  });
+
  describe('fetchFileByFile', () => {
    beforeEach(() => {
      window.location.hash = 'e334a2a10f036c00151a04cea7938a5d4213a818';
@ -460,6 +629,37 @@ describe('DiffsStoreActions', () => {
    });
  });

+  describe('prefetchFileNeighbors', () => {
+    it('dispatches two requests to prefetch the next/previous files', () => {
+      testAction(
+        diffActions.prefetchFileNeighbors,
+        {},
+        {
+          currentDiffIndex: 0,
+          flatBlobsList: [
+            {
+              type: 'blob',
+              fileHash: 'abc',
+            },
+            {
+              type: 'blob',
+              fileHash: 'def',
+            },
+            {
+              type: 'blob',
+              fileHash: 'ghi',
+            },
+          ],
+        },
+        [],
+        [
+          { type: 'prefetchSingleFile', payload: { type: 'blob', fileHash: 'def' } },
+          { type: 'prefetchSingleFile', payload: { type: 'blob', fileHash: 'abc' } },
+        ],
+      );
+    });
+  });
+
  describe('fetchCoverageFiles', () => {
    const endpointCoverage = '/fetch';

--- a/spec/frontend/diffs/store/mutations_spec.js
+++ b/spec/frontend/diffs/store/mutations_spec.js
@ -684,6 +684,36 @@ describe('DiffsStoreMutations', () => {
    });
  });

+  describe('TREE_ENTRY_DIFF_LOADING', () => {
+    it('sets the entry loading state to true by default', () => {
+      const state = {
+        treeEntries: {
+          path: {
+            diffLoading: false,
+          },
+        },
+      };
+
+      mutations[types.TREE_ENTRY_DIFF_LOADING](state, { path: 'path' });
+
+      expect(state.treeEntries.path.diffLoading).toBe(true);
+    });
+
+    it('sets the entry loading state to the provided value', () => {
+      const state = {
+        treeEntries: {
+          path: {
+            diffLoading: true,
+          },
+        },
+      };
+
+      mutations[types.TREE_ENTRY_DIFF_LOADING](state, { path: 'path', loading: false });
+
+      expect(state.treeEntries.path.diffLoading).toBe(false);
+    });
+  });
+
  describe('SET_SHOW_TREE_LIST', () => {
    it('sets showTreeList', () => {
      const state = createState();
--- a/spec/frontend/diffs/store/utils_spec.js
+++ b/spec/frontend/diffs/store/utils_spec.js
@ -948,9 +948,9 @@ describe('DiffsStoreUtils', () => {
  describe('markTreeEntriesLoaded', () => {
    it.each`
      desc                                                               | entries                                            | loaded                   | outcome
-      ${'marks an existing entry as loaded'}                             | ${{ abc: {} }}                                     | ${[{ new_path: 'abc' }]} | ${{ abc: { diffLoaded: true } }}
+      ${'marks an existing entry as loaded'}                             | ${{ abc: {} }}                                     | ${[{ new_path: 'abc' }]} | ${{ abc: { diffLoaded: true, diffLoading: false } }}
      ${'does nothing if the new file is not found in the tree entries'} | ${{ abc: {} }}                                     | ${[{ new_path: 'def' }]} | ${{ abc: {} }}
-      ${'leaves entries unmodified if they are not in the loaded files'} | ${{ abc: {}, def: { diffLoaded: true }, ghi: {} }} | ${[{ new_path: 'ghi' }]} | ${{ abc: {}, def: { diffLoaded: true }, ghi: { diffLoaded: true } }}
+      ${'leaves entries unmodified if they are not in the loaded files'} | ${{ abc: {}, def: { diffLoaded: true }, ghi: {} }} | ${[{ new_path: 'ghi' }]} | ${{ abc: {}, def: { diffLoaded: true }, ghi: { diffLoaded: true, diffLoading: false } }}
    `('$desc', ({ entries, loaded, outcome }) => {
      expect(utils.markTreeEntriesLoaded({ priorEntries: entries, loadedFiles: loaded })).toEqual(
        outcome,
--- a/spec/frontend/diffs/utils/tree_worker_utils_spec.js
+++ b/spec/frontend/diffs/utils/tree_worker_utils_spec.js
@ -76,6 +76,7 @@ describe('~/diffs/utils/tree_worker_utils', () => {
              addedLines: 0,
              changed: true,
              diffLoaded: false,
+              diffLoading: false,
              deleted: false,
              fileHash: 'test',
              filePaths: {
@ -103,6 +104,7 @@ describe('~/diffs/utils/tree_worker_utils', () => {
                  addedLines: 0,
                  changed: true,
                  diffLoaded: false,
+                  diffLoading: false,
                  deleted: false,
                  fileHash: 'test',
                  filePaths: {
@ -123,6 +125,7 @@ describe('~/diffs/utils/tree_worker_utils', () => {
                  addedLines: 0,
                  changed: true,
                  diffLoaded: false,
+                  diffLoading: false,
                  deleted: false,
                  fileHash: 'test',
                  filePaths: {
@ -154,6 +157,7 @@ describe('~/diffs/utils/tree_worker_utils', () => {
              addedLines: 42,
              changed: true,
              diffLoaded: false,
+              diffLoading: false,
              deleted: false,
              fileHash: 'test',
              filePaths: {
@ -181,6 +185,7 @@ describe('~/diffs/utils/tree_worker_utils', () => {
          type: 'blob',
          changed: true,
          diffLoaded: false,
+          diffLoading: false,
          tempFile: true,
          submodule: true,
          deleted: false,
@ -201,6 +206,7 @@ describe('~/diffs/utils/tree_worker_utils', () => {
          type: 'blob',
          changed: true,
          diffLoaded: false,
+          diffLoading: false,
          tempFile: false,
          submodule: undefined,
          deleted: true,
--- a/spec/frontend/users/profile/actions/components/user_actions_app_spec.js
+++ b/spec/frontend/users/profile/actions/components/user_actions_app_spec.js
@ -6,11 +6,13 @@ describe('User Actions App', () => {
  let wrapper;

  const USER_ID = 'test-id';
+  const DEFAULT_SUBSCRIPTION_PATH = '';

  const createWrapper = (propsData = {}) => {
    wrapper = mountExtended(UserActionsApp, {
      propsData: {
        userId: USER_ID,
+        rssSubscriptionPath: DEFAULT_SUBSCRIPTION_PATH,
        ...propsData,
      },
    });
@ -19,15 +21,25 @@ describe('User Actions App', () => {
  const findDropdown = () => wrapper.findComponent(GlDisclosureDropdown);
  const findActions = () => wrapper.findAllByTestId('disclosure-dropdown-item');
  const findAction = (position = 0) => findActions().at(position);
+  const findSubscriptionLink = () => wrapper.findByTestId('user-profile-rss-subscription-link');

  it('shows dropdown', () => {
    createWrapper();
    expect(findDropdown().exists()).toBe(true);
  });

-  it('shows actions correctly', () => {
-    createWrapper();
-    expect(findActions()).toHaveLength(1);
+  describe('shows user action items', () => {
+    it('should show items without RSS subscriptions', () => {
+      createWrapper();
+      expect(findActions()).toHaveLength(1);
+    });
+
+    it('should show items with RSS subscriptions', () => {
+      createWrapper({
+        rssSubscriptionPath: '/test/path',
+      });
+      expect(findActions()).toHaveLength(2);
+    });
  });

  it('shows copy user id action', () => {
@ -35,4 +47,17 @@ describe('User Actions App', () => {
    expect(findAction().text()).toBe(`Copy user ID: ${USER_ID}`);
    expect(findAction().findComponent('button').attributes('data-clipboard-text')).toBe(USER_ID);
  });
+
+  it('shows subscription link when subscription url was presented', () => {
+    const testSubscriptionPath = '/test/path';
+
+    createWrapper({
+      rssSubscriptionPath: testSubscriptionPath,
+    });
+
+    const rssLink = findSubscriptionLink();
+    expect(rssLink.exists()).toBe(true);
+    expect(rssLink.attributes('href')).toBe(testSubscriptionPath);
+    expect(rssLink.text()).toBe('Subscribe');
+  });
 });
--- a/spec/graphql/types/merge_request_state_enum_spec.rb
+++ b/spec/graphql/types/merge_request_state_enum_spec.rb
@ -8,6 +8,6 @@ RSpec.describe GitlabSchema.types['MergeRequestState'] do
  it_behaves_like 'issuable state'

  it 'exposes all the existing merge request states' do
-    expect(described_class.values.keys).to include('merged')
+    expect(described_class.values.keys).to include('merged', 'opened')
  end
 end
--- a/spec/helpers/todos_helper_spec.rb
+++ b/spec/helpers/todos_helper_spec.rb
@ -370,6 +370,7 @@ RSpec.describe TodosHelper do
      Todo::APPROVAL_REQUIRED   | false | format(s_("Todos|set %{who} as an approver"), who: _('you'))
      Todo::UNMERGEABLE         | true  | s_('Todos|Could not merge')
      Todo::MERGE_TRAIN_REMOVED | true  | s_("Todos|Removed from Merge Train")
+      Todo::REVIEW_SUBMITTED    | false | s_('Todos|reviewed your merge request')
    end

    with_them do
--- a/spec/lib/gitlab/ci/reports/sbom/component_spec.rb
+++ b/spec/lib/gitlab/ci/reports/sbom/component_spec.rb
@ -27,6 +27,132 @@ RSpec.describe Gitlab::Ci::Reports::Sbom::Component, feature_category: :dependen
    )
  end

+  describe '#<=>' do
+    where do
+      {
+        'equal' => {
+          a_name: 'component-a',
+          b_name: 'component-a',
+          a_type: 'library',
+          b_type: 'library',
+          a_purl: 'pkg:npm/component-a@1.0.0',
+          b_purl: 'pkg:npm/component-a@1.0.0',
+          a_version: '1.0.0',
+          b_version: '1.0.0',
+          expected: 0
+        },
+        'name lesser' => {
+          a_name: 'component-a',
+          b_name: 'component-b',
+          a_type: 'library',
+          b_type: 'library',
+          a_purl: 'pkg:npm/component-a@1.0.0',
+          b_purl: 'pkg:npm/component-a@1.0.0',
+          a_version: '1.0.0',
+          b_version: '1.0.0',
+          expected: -1
+        },
+        'name greater' => {
+          a_name: 'component-b',
+          b_name: 'component-a',
+          a_type: 'library',
+          b_type: 'library',
+          a_purl: 'pkg:npm/component-a@1.0.0',
+          b_purl: 'pkg:npm/component-a@1.0.0',
+          a_version: '1.0.0',
+          b_version: '1.0.0',
+          expected: 1
+        },
+        'purl type lesser' => {
+          a_name: 'component-a',
+          b_name: 'component-a',
+          a_type: 'library',
+          b_type: 'library',
+          a_purl: 'pkg:composer/component-a@1.0.0',
+          b_purl: 'pkg:npm/component-a@1.0.0',
+          a_version: '1.0.0',
+          b_version: '1.0.0',
+          expected: -1
+        },
+        'purl type greater' => {
+          a_name: 'component-a',
+          b_name: 'component-a',
+          a_type: 'library',
+          b_type: 'library',
+          a_purl: 'pkg:npm/component-a@1.0.0',
+          b_purl: 'pkg:composer/component-a@1.0.0',
+          a_version: '1.0.0',
+          b_version: '1.0.0',
+          expected: 1
+        },
+        'purl type nulls first' => {
+          a_name: 'component-a',
+          b_name: 'component-a',
+          a_type: 'library',
+          b_type: 'library',
+          a_purl: nil,
+          b_purl: 'pkg:npm/component-a@1.0.0',
+          a_version: '1.0.0',
+          b_version: '1.0.0',
+          expected: -1
+        },
+        'version lesser' => {
+          a_name: 'component-a',
+          b_name: 'component-a',
+          a_type: 'library',
+          b_type: 'library',
+          a_purl: 'pkg:npm/component-a@1.0.0',
+          b_purl: 'pkg:npm/component-a@1.0.0',
+          a_version: '1.0.0',
+          b_version: '2.0.0',
+          expected: -1
+        },
+        'version greater' => {
+          a_name: 'component-a',
+          b_name: 'component-a',
+          a_type: 'library',
+          b_type: 'library',
+          a_purl: 'pkg:npm/component-a@1.0.0',
+          b_purl: 'pkg:npm/component-a@1.0.0',
+          a_version: '2.0.0',
+          b_version: '1.0.0',
+          expected: 1
+        },
+        'version nulls first' => {
+          a_name: 'component-a',
+          b_name: 'component-a',
+          a_type: 'library',
+          b_type: 'library',
+          a_purl: 'pkg:npm/component-a@1.0.0',
+          b_purl: 'pkg:npm/component-a@1.0.0',
+          a_version: nil,
+          b_version: '1.0.0',
+          expected: -1
+        }
+      }
+    end
+
+    with_them do
+      specify do
+        a = described_class.new(
+          name: a_name,
+          type: a_type,
+          purl: a_purl,
+          version: a_version
+        )
+
+        b = described_class.new(
+          name: b_name,
+          type: b_type,
+          purl: b_purl,
+          version: b_version
+        )
+
+        expect(a <=> b).to eq(expected)
+      end
+    end
+  end
+
  describe '#ingestible?' do
    subject { component.ingestible? }

--- a/spec/support/helpers/kubernetes_helpers.rb
+++ b/spec/support/helpers/kubernetes_helpers.rb
@ -676,7 +676,6 @@ module KubernetesHelpers
    }
  end

-  # noinspection RubyStringKeysInHashInspection
  def knative_06_service(name: 'kubetest', namespace: 'default', domain: 'example.com', description: 'a knative service', environment: 'production', cluster_id: 9)
    { "apiVersion" => "serving.knative.dev/v1alpha1",
      "kind" => "Service",
@ -736,7 +735,6 @@ module KubernetesHelpers
      "podcount" => 0 }
  end

-  # noinspection RubyStringKeysInHashInspection
  def knative_07_service(name: 'kubetest', namespace: 'default', domain: 'example.com', description: 'a knative service', environment: 'production', cluster_id: 5)
    { "apiVersion" => "serving.knative.dev/v1alpha1",
      "kind" => "Service",
@ -788,7 +786,6 @@ module KubernetesHelpers
      "podcount" => 0 }
  end

-  # noinspection RubyStringKeysInHashInspection
  def knative_09_service(name: 'kubetest', namespace: 'default', domain: 'example.com', description: 'a knative service', environment: 'production', cluster_id: 5)
    { "apiVersion" => "serving.knative.dev/v1alpha1",
      "kind" => "Service",
@ -840,7 +837,6 @@ module KubernetesHelpers
      "podcount" => 0 }
  end

-  # noinspection RubyStringKeysInHashInspection
  def knative_05_service(name: 'kubetest', namespace: 'default', domain: 'example.com', description: 'a knative service', environment: 'production', cluster_id: 8)
    { "apiVersion" => "serving.knative.dev/v1alpha1",
      "kind" => "Service",
--- a/spec/support/shared_contexts/glfm/api_markdown_snapshot_shared_context.rb
+++ b/spec/support/shared_contexts/glfm/api_markdown_snapshot_shared_context.rb
@ -29,7 +29,6 @@ RSpec.shared_context 'with API::Markdown Snapshot shared context' do |ee_only: f
      let(:normalizations) { normalizations_by_example_name.dig(name, :html, :static, :snapshot) }

      it "verifies conversion of GLFM to HTML", :unlimited_max_formatted_output_length do
-        # noinspection RubyResolve
        normalized_html = normalize_html(html, normalizations)
        api_url = metadata_by_example_name&.dig(name, :api_request_override_path) || (api "/markdown")

--- a/spec/support/shared_examples/requests/api/graphql/remote_development_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/graphql/remote_development_shared_examples.rb
@ -10,9 +10,7 @@ RSpec.shared_examples 'workspaces query in licensed environment and with feature

    it_behaves_like 'a working graphql query'

-    # noinspection RubyResolve
    it { is_expected.to match_array(a_hash_including('name' => workspace.name)) }
-    # noinspection RubyResolve

    context 'when user is not authorized' do
      let(:current_user) { create(:user) }
--- a/workhorse/go.mod
+++ b/workhorse/go.mod
@ -7,7 +7,7 @@ require (
 	github.com/BurntSushi/toml v1.3.2
 	github.com/FZambia/sentinel v1.1.1
 	github.com/alecthomas/chroma/v2 v2.8.0
-	github.com/aws/aws-sdk-go v1.44.256
+	github.com/aws/aws-sdk-go v1.44.284
 	github.com/disintegration/imaging v1.6.2
 	github.com/getsentry/raven-go v0.2.0
 	github.com/golang-jwt/jwt/v5 v5.0.0
@ -28,33 +28,33 @@ require (
 	github.com/stretchr/testify v1.8.4
 	gitlab.com/gitlab-org/gitaly/v16 v16.1.2
 	gitlab.com/gitlab-org/labkit v1.19.0
-	gocloud.dev v0.29.0
+	gocloud.dev v0.30.0
 	golang.org/x/image v0.7.0
 	golang.org/x/lint v0.0.0-20210508222113-6edffad5e616
-	golang.org/x/net v0.10.0
-	golang.org/x/oauth2 v0.6.0
+	golang.org/x/net v0.11.0
+	golang.org/x/oauth2 v0.9.0
 	golang.org/x/tools v0.8.0
-	google.golang.org/grpc v1.55.0
+	google.golang.org/grpc v1.56.0
 	google.golang.org/protobuf v1.30.0
 	honnef.co/go/tools v0.4.3
 )

 require (
-	cloud.google.com/go v0.110.0 // indirect
-	cloud.google.com/go/compute v1.18.0 // indirect
+	cloud.google.com/go v0.110.2 // indirect
+	cloud.google.com/go/compute v1.20.0 // indirect
 	cloud.google.com/go/compute/metadata v0.2.3 // indirect
-	cloud.google.com/go/iam v0.12.0 // indirect
-	cloud.google.com/go/monitoring v1.12.0 // indirect
+	cloud.google.com/go/iam v1.1.0 // indirect
+	cloud.google.com/go/monitoring v1.15.0 // indirect
 	cloud.google.com/go/profiler v0.1.0 // indirect
-	cloud.google.com/go/storage v1.29.0 // indirect
-	cloud.google.com/go/trace v1.8.0 // indirect
+	cloud.google.com/go/storage v1.30.1 // indirect
+	cloud.google.com/go/trace v1.10.0 // indirect
 	contrib.go.opencensus.io/exporter/stackdriver v0.13.14 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.3.1 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.2.1 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/internal v1.1.2 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.1 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 // indirect
 	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
 	github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
-	github.com/AzureAD/microsoft-authentication-library-for-go v0.8.1 // indirect
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0 // indirect
 	github.com/DataDog/datadog-go v4.4.0+incompatible // indirect
 	github.com/DataDog/sketches-go v1.0.0 // indirect
 	github.com/Microsoft/go-winio v0.6.0 // indirect
@ -71,11 +71,12 @@ require (
 	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/google/go-cmp v0.5.9 // indirect
-	github.com/google/pprof v0.0.0-20230111200839-76d1ae5aea2b // indirect
+	github.com/google/pprof v0.0.0-20230406165453-00490a63f317 // indirect
+	github.com/google/s2a-go v0.1.4 // indirect
 	github.com/google/uuid v1.3.0 // indirect
 	github.com/google/wire v0.5.0 // indirect
-	github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect
-	github.com/googleapis/gax-go/v2 v2.7.0 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.2.5 // indirect
+	github.com/googleapis/gax-go/v2 v2.11.0 // indirect
 	github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 // indirect
 	github.com/hashicorp/yamux v0.1.1 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
@ -96,7 +97,7 @@ require (
 	github.com/prometheus/client_model v0.3.0 // indirect
 	github.com/prometheus/common v0.42.0 // indirect
 	github.com/prometheus/procfs v0.10.1 // indirect
-	github.com/prometheus/prometheus v0.42.0 // indirect
+	github.com/prometheus/prometheus v0.44.0 // indirect
 	github.com/ryszard/goskiplist v0.0.0-20150312221310-2dfbae5fcf46 // indirect
 	github.com/shabbyrobe/gocovmerge v0.0.0-20190829150210-3e036491d500 // indirect
 	github.com/shirou/gopsutil/v3 v3.21.12 // indirect
@ -108,7 +109,7 @@ require (
 	github.com/uber/jaeger-lib v2.4.1+incompatible // indirect
 	github.com/yusufpapurcu/wmi v1.2.2 // indirect
 	go.opencensus.io v0.24.0 // indirect
-	go.uber.org/atomic v1.10.0 // indirect
+	go.uber.org/atomic v1.11.0 // indirect
 	golang.org/x/crypto v0.10.0 // indirect
 	golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a // indirect
 	golang.org/x/mod v0.10.0 // indirect
@ -117,9 +118,11 @@ require (
 	golang.org/x/text v0.10.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
-	google.golang.org/api v0.110.0 // indirect
+	google.golang.org/api v0.128.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4 // indirect
+	google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc // indirect
 	gopkg.in/DataDog/dd-trace-go.v1 v1.32.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/workhorse/go.sum
+++ b/workhorse/go.sum