diff --git a/.gitlab/ci/openapi.gitlab-ci.yml b/.gitlab/ci/openapi.gitlab-ci.yml
index 36dc32ac134..06628733bb1 100644
--- a/.gitlab/ci/openapi.gitlab-ci.yml
+++ b/.gitlab/ci/openapi.gitlab-ci.yml
@@ -9,4 +9,4 @@ openapi-doc-check:
stage: lint
needs: []
script:
- - bundle exec rake gitlab:openapi:check_docs
+ - bundle exec rake gitlab:openapi:check_docs OPENAPI_CHECK_DEBUG=true
diff --git a/doc/administration/geo/_index.md b/doc/administration/geo/_index.md
index cd1c1412b24..484f9a316ba 100644
--- a/doc/administration/geo/_index.md
+++ b/doc/administration/geo/_index.md
@@ -124,7 +124,7 @@ the difference between Geo and Gitaly Cluster, see [Comparison to Geo](../gitaly
## How it works
-This is a brief summary of how Geo works in your GitLab environment. For a more detailed information, see the [Geo Development page](../../development/geo.md).
+This is a brief summary of how Geo works in your GitLab environment. For more details, see the Geo development documentation.
Your Geo instance can be used for cloning and fetching projects, in addition to reading any data. This makes working with large repositories over large distances much faster.
diff --git a/doc/administration/geo/replication/datatypes.md b/doc/administration/geo/replication/datatypes.md
index e9db252e0b6..2a58ced4cf6 100644
--- a/doc/administration/geo/replication/datatypes.md
+++ b/doc/administration/geo/replication/datatypes.md
@@ -94,7 +94,7 @@ on a machine:
GitLab does not require a special file system and can work with a mounted Storage Appliance. However, there can be
performance limitations and consistency issues when using a remote file system.
-Geo triggers garbage collection in Gitaly to [deduplicate forked repositories](../../../development/git_object_deduplication.md#git-object-deduplication-and-gitlab-geo) on Geo secondary sites.
+Geo triggers garbage collection in Gitaly to deduplicate forked repositories on Geo secondary sites.
The Gitaly gRPC API does the communication, with three possible ways of synchronization:
@@ -203,8 +203,8 @@ successfully, you must replicate their data using some other means.
| Feature | Replicated (added in GitLab version) | Verified (added in GitLab version) | GitLab-managed object storage replication (added in GitLab version) | GitLab-managed object storage verification (added in GitLab version) | Notes |
|:----------------------------------------------------------------------------------------------------------------------|:------------------------------------------------------------------------------|:------------------------------------------------------------------------------|:--------------------------------------------------------------------------------|:--------------------------------------------------------------------------------|:------|
| [Application data in PostgreSQL](../../postgresql/_index.md) | **Yes** (10.2) | **Yes** (10.2) | Not applicable | Not applicable | |
-| [Project repository](../../../user/project/repository/_index.md) | **Yes** (10.2) | **Yes** (10.7) | Not applicable | Not applicable | Migrated to [self-service framework](../../../development/geo/framework.md) in 16.2. See GitLab issue [#367925](https://gitlab.com/gitlab-org/gitlab/-/issues/367925) for more details.
Behind feature flag `geo_project_repository_replication`, enabled by default in (16.3).
All projects, including [archived projects](../../../user/project/working_with_projects.md#archive-a-project), are replicated. |
-| [Project wiki repository](../../../user/project/wiki/_index.md) | **Yes** (10.2)2 | **Yes** (10.7)2 | Not applicable | Not applicable | Migrated to [self-service framework](../../../development/geo/framework.md) in 15.11. See GitLab issue [#367925](https://gitlab.com/gitlab-org/gitlab/-/issues/367925) for more details.
Behind feature flag `geo_project_wiki_repository_replication`, enabled by default in (15.11). |
+| [Project repository](../../../user/project/repository/_index.md) | **Yes** (10.2) | **Yes** (10.7) | Not applicable | Not applicable | Migrated to self-service framework in 16.2. See GitLab issue [#367925](https://gitlab.com/gitlab-org/gitlab/-/issues/367925) for more details.
Behind feature flag `geo_project_repository_replication`, enabled by default in (16.3).
All projects, including [archived projects](../../../user/project/working_with_projects.md#archive-a-project), are replicated. |
+| [Project wiki repository](../../../user/project/wiki/_index.md) | **Yes** (10.2)2 | **Yes** (10.7)2 | Not applicable | Not applicable | Migrated to self-service framework in 15.11. See GitLab issue [#367925](https://gitlab.com/gitlab-org/gitlab/-/issues/367925) for more details.
Behind feature flag `geo_project_wiki_repository_replication`, enabled by default in (15.11). |
| [Group wiki repository](../../../user/project/wiki/group.md) | [**Yes** (13.10)](https://gitlab.com/gitlab-org/gitlab/-/issues/208147) | [**Yes** (16.3)](https://gitlab.com/gitlab-org/gitlab/-/issues/323897) | Not applicable | Not applicable | Behind feature flag `geo_group_wiki_repository_replication`, enabled by default. |
| [Uploads](../../uploads.md) | **Yes** (10.2) | **Yes** (14.6) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)3](https://gitlab.com/groups/gitlab-org/-/epics/8056) | Replication is behind the feature flag `geo_upload_replication`, enabled by default. Verification was behind the feature flag `geo_upload_verification`, removed in 14.8. |
| [LFS objects](../../lfs/_index.md) | **Yes** (10.2) | **Yes** (14.6) | [**Yes** (15.1)](https://gitlab.com/groups/gitlab-org/-/epics/5551) | [**Yes** (16.4)3](https://gitlab.com/groups/gitlab-org/-/epics/8056) | GitLab versions 11.11.x and 12.0.x are affected by [a bug that prevents any new LFS objects from replicating](https://gitlab.com/gitlab-org/gitlab/-/issues/32696).
Replication is behind the feature flag `geo_lfs_object_replication`, enabled by default. Verification was behind the feature flag `geo_lfs_object_verification`, removed in 14.7. |
@@ -232,6 +232,6 @@ successfully, you must replicate their data using some other means.
**Footnotes:**
-1. Migrated to [self-service framework](../../../development/geo/framework.md) in 15.5. See GitLab issue [#337436](https://gitlab.com/gitlab-org/gitlab/-/issues/337436) for more details.
-1. Migrated to [self-service framework](../../../development/geo/framework.md) in 15.11. Behind feature flag `geo_project_wiki_repository_replication`, enabled by default. See GitLab issue [#367925](https://gitlab.com/gitlab-org/gitlab/-/issues/367925) for more details.
+1. Migrated to self-service framework in 15.5. See GitLab issue [#337436](https://gitlab.com/gitlab-org/gitlab/-/issues/337436) for more details.
+1. Migrated to self-service framework in 15.11. Behind feature flag `geo_project_wiki_repository_replication`, enabled by default. See GitLab issue [#367925](https://gitlab.com/gitlab-org/gitlab/-/issues/367925) for more details.
1. Verification of files stored in object storage was [introduced](https://gitlab.com/groups/gitlab-org/-/epics/8056) in GitLab 16.4 [with a feature flag](../../feature_flags.md) named `geo_object_storage_verification`, enabled by default.
diff --git a/doc/administration/geo/replication/troubleshooting/synchronization_verification.md b/doc/administration/geo/replication/troubleshooting/synchronization_verification.md
index 86afe73a543..b903d97c074 100644
--- a/doc/administration/geo/replication/troubleshooting/synchronization_verification.md
+++ b/doc/administration/geo/replication/troubleshooting/synchronization_verification.md
@@ -30,7 +30,7 @@ secondary Geo site, you can:
[You can force a resync and reverify individual items](https://gitlab.com/gitlab-org/gitlab/-/issues/364727)
for all component types managed by the
-[self-service framework](../../../../development/geo/framework.md) using the UI. On the secondary
+self-service framework using the UI. On the secondary
site, visit **Admin > Geo > Replication**.
However, if this doesn't work, you can perform the same action using the Rails console. The
@@ -469,7 +469,6 @@ destroy_artifacts_not_checksummable
The `last_sync_failure` error
`Error syncing repository: 13:fatal: could not read Username for 'https://gitlab.example.com': terminal prompts disabled`
indicates that JWT authentication is failing during a Geo clone or fetch request.
-See [Geo (development) > Authentication](../../../../development/geo.md#authentication) for more context.
First, check that system clocks are synced. Run the [Health check Rake task](common.md#health-check-rake-task), or
manually check that `date`, on all Sidekiq nodes on the secondary site and all Puma nodes on the primary site, are the
diff --git a/doc/administration/get_started.md b/doc/administration/get_started.md
index 38fc110dca1..d98238b807b 100644
--- a/doc/administration/get_started.md
+++ b/doc/administration/get_started.md
@@ -105,7 +105,6 @@ Unlike other monitoring solutions (for example, Zabbix or New Relic), Prometheus
[these GitLab metrics](monitoring/prometheus/gitlab_metrics.md#metrics-available).
- Learn more about GitLab [bundled software metrics](monitoring/prometheus/_index.md#bundled-software-metrics).
- Prometheus and its exporters are on by default. However, you need to [configure the service](monitoring/prometheus/_index.md#configuring-prometheus).
-- Learn more about [GitLab architecture](../development/architecture.md).
- Find out why [application performance metrics](https://about.gitlab.com/blog/2020/05/07/working-with-performance-metrics/) matter.
- Integrate Grafana to [build visual dashboards](https://youtu.be/f4R7s0An1qE) based on performance metrics.
diff --git a/doc/administration/maintenance_mode/_index.md b/doc/administration/maintenance_mode/_index.md
index 75c29c5a785..faeebedd5f0 100644
--- a/doc/administration/maintenance_mode/_index.md
+++ b/doc/administration/maintenance_mode/_index.md
@@ -113,7 +113,7 @@ For most JSON requests, `POST`, `PUT`, `PATCH`, and `DELETE` are blocked, and th
| `POST` | `/admin/session`, `/admin/session/destroy` | To allow [Admin Mode for GitLab administrators](https://gitlab.com/groups/gitlab-org/-/epics/2158) |
| `POST` | Paths ending with `/compare`| Git revision routes. |
| `POST` | `.git/git-upload-pack` | To allow Git pull/clone. |
-| `POST` | `/api/v4/internal` | [internal API routes](../../development/internal_api/_index.md) |
+| `POST` | `/api/v4/internal` | internal API routes |
| `POST` | `/admin/sidekiq` | To allow management of background jobs in the **Admin** area |
| `POST` | `/admin/geo` | To allow updating Geo Nodes in the administrator UI |
| `POST` | `/api/v4/geo_replication`| To allow certain Geo-specific administrator UI actions on secondary sites |
@@ -190,7 +190,7 @@ To monitor queues and disable jobs:
### Feature flags
-- [Development feature flags](../../development/feature_flags/_index.md) cannot be turned on or off through the API, but can be toggled through the Rails console.
+- Development feature flags cannot be turned on or off through the API, but can be toggled through the Rails console.
- [The feature flag service](../../operations/feature_flags.md) responds to feature flag checks but feature flags cannot be toggled
### Geo secondaries
diff --git a/doc/administration/silent_mode/_index.md b/doc/administration/silent_mode/_index.md
index 97d9bffad2e..b8c00063dfe 100644
--- a/doc/administration/silent_mode/_index.md
+++ b/doc/administration/silent_mode/_index.md
@@ -126,6 +126,6 @@ Outbound communications from the following features are not silenced by Silent M
| [File hooks](../file_hooks.md) | |
| [Server hooks](../server_hooks.md) | |
| [Advanced search](../../integration/advanced_search/elasticsearch.md) | If two GitLab instances are using the same Advanced Search instance, then they can both modify Search data. This is a split-brain scenario which can occur for example after promoting a secondary Geo site while the primary Geo site is live. |
-| [Snowplow](../../development/internal_analytics/product_analytics.md) | There is [a proposal to silence these requests](https://gitlab.com/gitlab-org/gitlab/-/issues/409661). |
+| Snowplow | There is [a proposal to silence these requests](https://gitlab.com/gitlab-org/gitlab/-/issues/409661). |
| [Deprecated Kubernetes Connections](../../user/clusters/agent/_index.md) | There is [a proposal to silence these requests](https://gitlab.com/gitlab-org/gitlab/-/issues/396470). |
| [Container registry webhooks](../packages/container_registry.md#configure-container-registry-notifications) | There is [a proposal to silence these requests](https://gitlab.com/gitlab-org/gitlab/-/issues/409682). |
diff --git a/doc/api/openapi/openapi_v2.yaml b/doc/api/openapi/openapi_v2.yaml
index fa4add30c6c..58b976ad067 100644
--- a/doc/api/openapi/openapi_v2.yaml
+++ b/doc/api/openapi/openapi_v2.yaml
@@ -43577,6 +43577,9 @@ definitions:
username:
type: string
example: admin
+ public_email:
+ type: string
+ example: john@example.com
name:
type: string
example: Administrator
@@ -43661,6 +43664,9 @@ definitions:
username:
type: string
example: admin
+ public_email:
+ type: string
+ example: john@example.com
name:
type: string
example: Administrator
@@ -45209,6 +45215,9 @@ definitions:
username:
type: string
example: admin
+ public_email:
+ type: string
+ example: john@example.com
name:
type: string
example: Administrator
@@ -45236,8 +45245,6 @@ definitions:
type: string
location:
type: string
- public_email:
- type: string
skype:
type: string
linkedin:
@@ -48228,6 +48235,9 @@ definitions:
username:
type: string
example: admin
+ public_email:
+ type: string
+ example: john@example.com
name:
type: string
example: Administrator
@@ -48241,6 +48251,9 @@ definitions:
username:
type: string
example: admin
+ public_email:
+ type: string
+ example: john@example.com
name:
type: string
example: Administrator
@@ -49570,6 +49583,9 @@ definitions:
username:
type: string
example: admin
+ public_email:
+ type: string
+ example: john@example.com
name:
type: string
example: Administrator
@@ -49597,8 +49613,6 @@ definitions:
type: string
location:
type: string
- public_email:
- type: string
skype:
type: string
linkedin:
@@ -64688,6 +64702,9 @@ definitions:
username:
type: string
example: admin
+ public_email:
+ type: string
+ example: john@example.com
name:
type: string
example: Administrator
@@ -64715,8 +64732,6 @@ definitions:
type: string
location:
type: string
- public_email:
- type: string
skype:
type: string
linkedin:
diff --git a/doc/ci/components/_index.md b/doc/ci/components/_index.md
index b6b70f2c6a4..637558f87d5 100644
--- a/doc/ci/components/_index.md
+++ b/doc/ci/components/_index.md
@@ -144,6 +144,12 @@ For example:
## Use a component
+Prerequisites:
+
+If you are a member of a parent group that contains the current group or project:
+
+- You must have the minimum role set by the visibility level of the project's parent group. For example, you must have at least the Reporter role if a parent project is set to **Private**.
+
To add a component to a project's CI/CD configuration, use the [`include: component`](../yaml/_index.md#includecomponent)
keyword. The component reference is formatted as `//@`,
for example:
@@ -612,7 +618,7 @@ in your project, you can select **CI/CD Catalog**.
Visibility of components in the CI/CD catalog follows the component source project's
[visibility setting](../../user/public_access.md). Components with source projects set to:
-- Private are visible only to users assigned at least the Guest role for the source component project.
+- Private are visible only to users assigned at least the Guest role for the source component project. To use a component, you must have at least the Reporter role.
- Internal are visible only to users logged into the GitLab instance.
- Public are visible to anyone with access to the GitLab instance.
diff --git a/doc/cloud_seed/_index.md b/doc/cloud_seed/_index.md
index 3023436f398..87806ab2c65 100644
--- a/doc/cloud_seed/_index.md
+++ b/doc/cloud_seed/_index.md
@@ -1,7 +1,7 @@
---
stage: none
group: unassigned
-info: This is a GitLab Incubation Engineering program. No technical writer assigned to this group.
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
title: Cloud Seed
---
@@ -20,7 +20,7 @@ title: Cloud Seed
{{< /history >}}
Cloud Seed is an open-source program led
-by [GitLab Incubation Engineering](https://handbook.gitlab.com/handbook/engineering/development/incubation/) in collaboration with
+by GitLab in collaboration with
[Google Cloud](https://cloud.google.com/).
Cloud Seed combines Heroku-like ease-of-use with hyper-cloud flexibility. We do this by using OAuth 2 to provision
@@ -170,7 +170,7 @@ There are several ways you can contribute to Cloud Seed:
- Use Cloud Seed and [share feedback](https://gitlab.com/gitlab-org/incubation-engineering/five-minute-production/feedback/-/issues/new?template=general_feedback).
- If you are familiar with Ruby on Rails or Vue.js,
- consider [contributing to GitLab](../development/contributing/_index.md) as a developer.
+ consider contributing to GitLab as a developer.
- Much of Cloud Seed is an internal module in the GitLab codebase.
- If you are familiar with GitLab pipelines, consider contributing to
the [Cloud Seed Library](https://gitlab.com/gitlab-org/incubation-engineering/five-minute-production/library) project.
diff --git a/doc/solutions/integrations/aws_googlecloud_ollama.md b/doc/solutions/integrations/aws_googlecloud_ollama.md
index 26509592673..2b58201d494 100644
--- a/doc/solutions/integrations/aws_googlecloud_ollama.md
+++ b/doc/solutions/integrations/aws_googlecloud_ollama.md
@@ -156,7 +156,6 @@ Key Highlights:
Designed for simplicity and performance, Ollama empowers users to harness the power of LLMs without the complexity of traditional AI infrastructure. Further details on setup and supported models will be covered later in the documentation.
-- [Ollama Installation](../../development/ai_features/local_models.md)
- [Ollama Model Support](https://ollama.com/search)
## Installation
diff --git a/doc/tutorials/more_tutorials.md b/doc/tutorials/more_tutorials.md
index d6d6d5eb398..e6875a61b7f 100644
--- a/doc/tutorials/more_tutorials.md
+++ b/doc/tutorials/more_tutorials.md
@@ -15,4 +15,4 @@ If you're learning about GitLab, to find more tutorial content:
to find video tutorials.
If you find an article, video, or other resource that would be a
-great addition to the tutorial pages, add it in a [merge request](../development/documentation/_index.md).
+great addition to the tutorial pages, add it in a merge request.
diff --git a/doc/user/application_security/detect/_index.md b/doc/user/application_security/detect/_index.md
index acc1d2be9ae..d24b5e6aa96 100644
--- a/doc/user/application_security/detect/_index.md
+++ b/doc/user/application_security/detect/_index.md
@@ -5,8 +5,18 @@ info: To determine the technical writer assigned to the Stage/Group associated w
title: Detect
---
-Detect vulnerabilities in your project's repository and your application's behavior. Enable GitLab
-security tools for your project's entire lifecycle, starting before the first commit.
+Detect vulnerabilities in your project's repository and your application's behavior throughout the
+software development lifecycle. During development, automated scanning provides immediate contextual
+feedback, enabling developers to address potential vulnerabilities early. After development, you can
+schedule or run security scanning manually, to identify new risks. A vulnerability report collates
+all relevant details, enabling efficient vulnerability management.
+
+To get the best from GitLab vulnerability detection it's important to understand:
+
+- What aspects of your application or repository are scanned.
+- What determines which scanners run.
+- When vulnerability detection occurs.
+- How to evaluate the results of vulnerability detection.
## Detection coverage
@@ -42,43 +52,38 @@ Behavioral testing tools include:
- API security testing: Test your application's API for known attacks and vulnerabilities to input.
- Coverage-guided fuzz testing: Test your application for unexpected behavior.
-## Early detection
+## Scanner selection
-Enable GitLab application security scanning tools from before the first commit. Early detection
-provides benefits such as easier, quicker, and cheaper remediation, compared to detection later in
-the software development lifecycle. GitLab provides developers immediate feedback of security
-scanning, enabling them to address vulnerabilities early.
+Security scanners are enabled for a project by either:
-Security scans:
+- Adding the scanner's CI/CD template to the `.gitlab-ci.yml` file, either directly or by using
+ AutoDevOps.
+- Enforcing the scanner by using a scan execution policy, pipeline execution policy, or
+ compliance framework. This enforcement can be applied directly to the project or inherited from
+ the project's parent group.
-- Run automatically in the CI/CD pipeline when developers commit changes. Vulnerabilities detected
- in a feature branch are listed, enabling you to investigate and address them before they're merged
- into the default branch. For more details, see
- [Security scan results](security_scan_results.md).
-- Can be scheduled or run manually to detect vulnerabilities. When a project is idle and no changes
- are being made, security scans configured to run in a CI/CD pipeline are not run. Risks such as
- newly-discovered vulnerabilities can go undetected in this situation. Running security scans
- outside a CI/CD pipeline helps address this risk. For more details, see
- [Scan execution policies](../policies/scan_execution_policies.md).
+## Vulnerability detection
-## Prevention
+Vulnerability detection runs in a CI/CD pipeline when:
-Security scanning in the pipeline can help minimize the risk of vulnerabilities in the default
-branch:
+- Code changes are committed and pushed to the repository.
+- A pipeline is run manually.
+- Started manually, for example, a DAST on-demand scan.
+- Scheduled by a scan execution policy.
-- Extra approval can be enforced on merge requests according to the results of pipeline
- security scanning. For example, you can require that a member of the security team **also**
- approve a merge request if one or more critical vulnerabilities are detected in the code
- changes. For more details, see
- [Merge request approval policies](../policies/merge_request_approval_policies.md).
-- Secret push protection can prevent commits being pushed to GitLab if they contain secret
- information - for example, a GitLab personal access token.
+Vulnerability detection runs by default in branch pipelines, and in merge request pipelines if it's
+enabled in the CI/CD template.
-## Vulnerability management workflow
+- On branch pipelines:
-Vulnerabilities detected in the default branch are listed in the vulnerability report. To address
-these vulnerabilities, follow the vulnerability management workflow:
+ - Detect vulnerabilities on feature branches before you merge them into the default branch.
+ - Investigate and respond to new vulnerabilities in your long-lived branches.
+ - Run periodic, scheduled scans of your projects to identify new vulnerabilities, even if development has stopped.
-- Triage: Evaluate vulnerabilities to identify those that need immediate attention.
-- Analyze: Examine details of a vulnerability to determine if it can and should be remediated.
-- Remediate: Resolve the root cause of the vulnerability, reduce the associated risks, or both.
+- On merge request pipelines:
+
+ - Enforce additional approval requirements to manage the risk of new vulnerabilities.
+ - Keep your project open to contributions while securing it against adversarial changes.
+
+View the results of security scanning in either the branch pipeline or the merge request.
+Vulnerabilities detected in the default branch are listed in the vulnerability report.
diff --git a/doc/user/application_security/get-started-security.md b/doc/user/application_security/get-started-security.md
index 3ed747778b3..0dd193ba014 100644
--- a/doc/user/application_security/get-started-security.md
+++ b/doc/user/application_security/get-started-security.md
@@ -1,6 +1,6 @@
---
-stage: DevSecOps
-group: Technical writing
+stage: Application Security Testing
+group: Secret Detection
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
title: Get started securing your application
---
@@ -146,4 +146,4 @@ For more information, see:
- [DAST](dast/_index.md)
- [Fuzz testing](coverage_fuzzing/_index.md)
- [Web API fuzzing](api_fuzzing/_index.md)
-- [Review apps](../../development/testing_guide/review_apps.md)
+- [Review apps](../../ci/review_apps/_index.md)
diff --git a/doc/user/application_security/policies/scheduled_pipeline_execution_policies.md b/doc/user/application_security/policies/scheduled_pipeline_execution_policies.md
index d3e544e7338..90c506c22f4 100644
--- a/doc/user/application_security/policies/scheduled_pipeline_execution_policies.md
+++ b/doc/user/application_security/policies/scheduled_pipeline_execution_policies.md
@@ -2,22 +2,30 @@
stage: Security Risk Management
group: Security Policies
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
-title: Scheduled pipeline execution policies (Experimental)
+title: Scheduled pipeline execution policies
---
{{< details >}}
- Tier: Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
+- Status: Experiment
{{< /details >}}
{{< history >}}
-- [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/14147) as an experiment in GitLab 18.0 with an experimental flag named `scheduled_pipeline_execution_policy_type` defined in the `policy.yml` file.
+- [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/14147) as an experiment in GitLab 18.0 with a flag named `scheduled_pipeline_execution_policy_type` defined in the `policy.yml` file.
{{< /history >}}
+{{< alert type="flag" >}}
+
+The availability of this feature is controlled by a feature flag.
+For more information, see the history. This feature is available for testing, but not ready for production use.
+
+{{< /alert >}}
+
Pipeline execution policies enforce custom CI/CD jobs in your projects' pipelines. With scheduled pipeline execution policies, you can extend this enforcement to run the CI/CD job on a regular cadence (daily, weekly, or monthly), ensuring that compliance scripts, security scans, or other custom CI/CD job are executed even when there are no new commits.
## Scheduling your pipeline execution policies
diff --git a/doc/user/gitlab_com/_index.md b/doc/user/gitlab_com/_index.md
index 5c06e0dbcef..43203f3148b 100644
--- a/doc/user/gitlab_com/_index.md
+++ b/doc/user/gitlab_com/_index.md
@@ -373,7 +373,7 @@ For more information, see the history.
{{< /alert >}}
-GitLab limits each merge request to 1,000,000 (one million) [diff commits](../../development/merge_request_concepts/diffs/development.md#mergerequestdiffcommit).
+GitLab limits each merge request to 1,000,000 (one million) diff commits.
Merge requests that reach this limit cannot be updated further. Instead,
close the affected merge request and create a new merge request.
diff --git a/doc/user/organization/_index.md b/doc/user/organization/_index.md
index afa78221a1f..40d524b6f02 100644
--- a/doc/user/organization/_index.md
+++ b/doc/user/organization/_index.md
@@ -155,5 +155,4 @@ The Organization description field supports a limited subset of [GitLab Flavored
## Related topics
-- [Organization developer documentation](../../development/organization/_index.md)
- [Organization design document](https://handbook.gitlab.com/handbook/engineering/architecture/design-documents/organization/)
diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index a6339c007d1..809ab50e7fd 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -230,47 +230,52 @@ Project permissions for monitoring including [error tracking](../operations/erro
Project permissions for [issues](project/issues/_index.md):
-| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
-| --------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
-| View issues | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Create issues | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [confidential issues](project/issues/confidential_issues.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+|-----------------------------------------------------------------------|:-----:|:-------:|:--------:|:---------:|:----------:|:-----:|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| View issues | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| [Search](search/_index.md) issues and comments | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Create issues | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [confidential issues](project/issues/confidential_issues.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| [Search](search/_index.md) confidential issues and comments | | | ✓ | ✓ | ✓ | ✓ | |
| Edit issues, including metadata, item locking, and resolving threads | | ✓ | ✓ | ✓ | ✓ | ✓ | Metadata includes labels, assignees, milestones, epics, weight, confidentiality, time tracking, and more.
Guest users can only set metadata when creating an issue. They cannot change the metadata on existing issues. Guest users can modify the title and description of issues that they authored or are assigned to. |
-| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Close and reopen issues | | ✓ | ✓ | ✓ | ✓ | ✓ | Guest users can close and reopen issues that they authored or are assigned to. |
-| Manage [design management](project/issues/design_management.md) files | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Manage [issue boards](project/issue_board.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Manage [milestones](project/milestones/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Archive or reopen [requirements](project/requirements/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | Guest users can archive and reopen issues that they authored or are assigned to. |
-| Create or edit [requirements](project/requirements/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | Guest users can modify the title and description that they authored or are assigned to. |
-| Import or export [requirements](project/requirements/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Archive [test cases](../ci/test_cases/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Create [test cases](../ci/test_cases/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Move [test cases](../ci/test_cases/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Reopen [test cases](../ci/test_cases/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| [Import](project/issues/csv_import.md) issues from a CSV file | | ✓ | | ✓ | ✓ | ✓ | |
-| [Export](project/issues/csv_export.md) issues to a CSV file | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Delete issues | | ✓ | | | | ✓ | |
-| Manage [Feature flags](../operations/feature_flags.md) | | | | ✓ | ✓ | ✓ | |
+| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Close and reopen issues | | ✓ | ✓ | ✓ | ✓ | ✓ | Guest users can close and reopen issues that they authored or are assigned to. |
+| Manage [design management](project/issues/design_management.md) files | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Manage [issue boards](project/issue_board.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Manage [milestones](project/milestones/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| [Search](search/_index.md) milestones | | | ✓ | ✓ | ✓ | ✓ | |
+| Archive or reopen [requirements](project/requirements/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | Guest users can archive and reopen issues that they authored or are assigned to. |
+| Create or edit [requirements](project/requirements/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | Guest users can modify the title and description that they authored or are assigned to. |
+| Import or export [requirements](project/requirements/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Archive [test cases](../ci/test_cases/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Create [test cases](../ci/test_cases/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Move [test cases](../ci/test_cases/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Reopen [test cases](../ci/test_cases/_index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| [Import](project/issues/csv_import.md) issues from a CSV file | | ✓ | | ✓ | ✓ | ✓ | |
+| [Export](project/issues/csv_export.md) issues to a CSV file | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Delete issues | | ✓ | | | | ✓ | |
+| Manage [Feature flags](../operations/feature_flags.md) | | | | ✓ | ✓ | ✓ | |
Project permissions for [tasks](tasks.md):
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
| ------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
| View tasks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| [Search](search/_index.md) tasks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Create tasks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Edit tasks, including metadata, item locking, and resolving threads | | ✓ | ✓ | ✓ | ✓ | ✓ | Guest users can modify the title and description that they authored or are assigned to. |
-| Add a linked item | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Convert to another item type | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Remove from issue | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Delete tasks | | ✓ | | | | ✓ | Users who don't have the Planner or Owner role can delete the tasks they authored. |
+| Add a linked item | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Convert to another item type | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Remove from issue | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Delete tasks | | ✓ | | | | ✓ | Users who don't have the Planner or Owner role can delete the tasks they authored. |
Project permissions for [OKRs](okrs.md):
| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
| ------------------------------------------------------------------ | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
| View OKRs | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| [Search](search/_index.md) OKRs | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Create OKRs | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Edit OKRs, including metadata, item locking, and resolving threads | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Add a child OKR | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
@@ -282,12 +287,13 @@ Project permissions for [OKRs](okrs.md):
Project permissions for [wikis](project/wiki/_index.md):
-| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
-| ----------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
-| View wiki | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Create wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
-| Edit wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
-| Delete wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+|----------------------------------|:-----:|:-------:|:--------:|:---------:|:----------:|:-----:|-------|
+| View wiki | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| [Search](search/_index.md) wikis | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Create wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
+| Edit wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
+| Delete wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
### Packages and registry
@@ -313,38 +319,39 @@ Project permissions for [package registry](packages/_index.md):
Project permissions for [project features](project/organize_work_with_projects.md):
-| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
-| ------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
-| Download project | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
-| Leave comments | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Reposition comments on images (posted by any user) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Applies only to comments on [Design Management](project/issues/design_management.md) designs. |
-| View [Insights](project/insights/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [Requirements](project/requirements/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [time tracking](project/time_tracking.md) reports | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
-| View [snippets](snippets.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [project traffic statistics](../api/project_statistics.md) | | | ✓ | ✓ | ✓ | ✓ | |
-| Create [snippets](snippets.md) | | | ✓ | ✓ | ✓ | ✓ | |
-| View [releases](project/releases/_index.md) | | ✓ | | ✓ | ✓ | ✓ | Guest users can access GitLab [**Releases**](project/releases/_index.md) for downloading assets but are not allowed to download the source code nor see [repository information like commits and release evidence](project/releases/_index.md#view-a-release-and-download-assets). |
-| Manage [releases](project/releases/_index.md) | | | | | ✓ | ✓ | If the [tag is protected](project/protected_tags.md), this depends on the access given to Developers and Maintainers. |
-| Configure [webhooks](project/integrations/webhooks.md) | | | | | ✓ | ✓ | |
-| Manage [project access tokens](project/settings/project_access_tokens.md) | | | | | ✓ | ✓ | For GitLab Self-Managed, project access tokens are available in all tiers. For GitLab.com, project access tokens are supported in the Premium and Ultimate tier (excluding [trial licenses](https://about.gitlab.com/free-trial/)). |
-| [Export project](project/settings/import_export.md) | | | | | ✓ | ✓ | |
-| Rename project | | | | | ✓ | ✓ | |
-| Edit project badges | | | | | ✓ | ✓ | |
-| Edit project settings | | | | | ✓ | ✓ | |
-| Change [project features visibility](public_access.md) level | | | | | ✓ | ✓ | A Maintainer or Owner can't change project features visibility level if [project visibility](public_access.md) is set to private. |
-| Change custom settings for [project integrations](project/integrations/_index.md) | | | | | ✓ | ✓ | |
-| Edit comments (posted by any user) | | | | | ✓ | ✓ | |
-| Add [deploy keys](project/deploy_keys/_index.md) | | | | | ✓ | ✓ | |
-| Manage [Project Operations](../operations/_index.md) | | | | | ✓ | ✓ | |
-| View [Usage Quotas](storage_usage_quotas.md) page | | | | | ✓ | ✓ | |
-| Globally delete [snippets](snippets.md) | | | | | ✓ | ✓ | |
-| Globally edit [snippets](snippets.md) | | | | | ✓ | ✓ | |
-| Archive project | | | | | | ✓ | |
-| Change project visibility level | | | | | | ✓ | |
-| Delete project | | | | | | ✓ | |
-| Disable notification emails | | | | | | ✓ | |
-| Transfer project | | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+|--------------------------------------------------------------------------------------|:-----:|:-------:|:--------:|:---------:|:----------:|:-----:|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Download project | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
+| Leave comments | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Reposition comments on images (posted by any user) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Applies only to comments on [Design Management](project/issues/design_management.md) designs. |
+| View [Insights](project/insights/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [Requirements](project/requirements/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [time tracking](project/time_tracking.md) reports | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
+| View [snippets](snippets.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| [Search](search/_index.md) [snippets](snippets.md) and comments | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [project traffic statistics](../api/project_statistics.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| Create [snippets](snippets.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| View [releases](project/releases/_index.md) | | ✓ | | ✓ | ✓ | ✓ | Guest users can access GitLab [**Releases**](project/releases/_index.md) for downloading assets but are not allowed to download the source code nor see [repository information like commits and release evidence](project/releases/_index.md#view-a-release-and-download-assets). |
+| Manage [releases](project/releases/_index.md) | | | | | ✓ | ✓ | If the [tag is protected](project/protected_tags.md), this depends on the access given to Developers and Maintainers. |
+| Configure [webhooks](project/integrations/webhooks.md) | | | | | ✓ | ✓ | |
+| Manage [project access tokens](project/settings/project_access_tokens.md) | | | | | ✓ | ✓ | For GitLab Self-Managed, project access tokens are available in all tiers. For GitLab.com, project access tokens are supported in the Premium and Ultimate tier (excluding [trial licenses](https://about.gitlab.com/free-trial/)). |
+| [Export project](project/settings/import_export.md) | | | | | ✓ | ✓ | |
+| Rename project | | | | | ✓ | ✓ | |
+| Edit project badges | | | | | ✓ | ✓ | |
+| Edit project settings | | | | | ✓ | ✓ | |
+| Change [project features visibility](public_access.md) level | | | | | ✓ | ✓ | A Maintainer or Owner can't change project features visibility level if [project visibility](public_access.md) is set to private. |
+| Change custom settings for [project integrations](project/integrations/_index.md) | | | | | ✓ | ✓ | |
+| Edit comments (posted by any user) | | | | | ✓ | ✓ | |
+| Add [deploy keys](project/deploy_keys/_index.md) | | | | | ✓ | ✓ | |
+| Manage [Project Operations](../operations/_index.md) | | | | | ✓ | ✓ | |
+| View [Usage Quotas](storage_usage_quotas.md) page | | | | | ✓ | ✓ | |
+| Globally delete [snippets](snippets.md) | | | | | ✓ | ✓ | |
+| Globally edit [snippets](snippets.md) | | | | | ✓ | ✓ | |
+| Archive project | | | | | | ✓ | |
+| Change project visibility level | | | | | | ✓ | |
+| Delete project | | | | | | ✓ | |
+| Disable notification emails | | | | | | ✓ | |
+| Transfer project | | | | | | ✓ | |
Project permissions for [GitLab Pages](project/pages/_index.md):
@@ -359,42 +366,45 @@ Project permissions for [GitLab Pages](project/pages/_index.md):
Project permissions for [repository](project/repository/_index.md) features including source code, branches, push rules, and more:
-| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
-| --------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+|-----------------------------------------------------------------------|:-----:|:-------:|:--------:|:---------:|:----------:|:-----:|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| View project code | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. In GitLab 15.9 and later, users with the Guest role and an Ultimate license can view private repository content if an administrator (on GitLab Self-Managed or GitLab Dedicated) or group owner (on GitLab.com) gives those users permission. The administrator or group owner can create a [custom role](custom_roles/_index.md) through the API or UI and assign that role to the users. |
-| Pull project code | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
-| View commit status | | | ✓ | ✓ | ✓ | ✓ | |
-| Create commit status | | | | ✓ | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
-| Update commit status | | | | ✓ | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
-| Create [Git tags](project/repository/tags/_index.md) | | | | ✓ | ✓ | ✓ | |
-| Delete [Git tags](project/repository/tags/_index.md) | | | | ✓ | ✓ | ✓ | |
-| Create new [branches](project/repository/branches/_index.md) | | | | ✓ | ✓ | ✓ | |
-| Delete non-protected branches | | | | ✓ | ✓ | ✓ | |
-| Force push to non-protected branches | | | | ✓ | ✓ | ✓ | |
-| Push to non-protected branches | | | | ✓ | ✓ | ✓ | |
-| Manage [protected branches](project/repository/branches/protected.md) | | | | | ✓ | ✓ | |
-| Delete protected branches | | | | | ✓ | ✓ | |
-| Push to protected branches | | | | | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
-| Manage [protected tags](project/protected_tags.md) | | | | | ✓ | ✓ | |
-| Manage [push rules](project/repository/push_rules.md) | | | | | ✓ | ✓ | |
-| Remove fork relationship | | | | | | ✓ | |
-| Force push to protected branches | | | | | | | Not allowed for Guest, Reporter, Developer, Maintainer, or Owner. See [protected branches](project/repository/branches/protected.md#allow-force-push-on-a-protected-branch). |
+| [Search](search/_index.md) project code | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. In GitLab 15.9 and later, users with the Guest role and an Ultimate license can search private repository content if an administrator (on GitLab Self-Managed or GitLab Dedicated) or group owner (on GitLab.com) gives those users permission. The administrator or group owner can create a [custom role](custom_roles/_index.md) through the API or UI and assign that role to the users. |
+| Pull project code | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
+| View commit status | | | ✓ | ✓ | ✓ | ✓ | |
+| Create commit status | | | | ✓ | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
+| Update commit status | | | | ✓ | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
+| [Search](search/_index.md) commits and comments | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. In GitLab 15.9 and later, users with the Guest role and an Ultimate license can view private repository content if an administrator (on GitLab Self-Managed or GitLab Dedicated) or group owner (on GitLab.com) gives those users permission. The administrator or group owner can create a [custom role](custom_roles/_index.md) through the API or UI and assign that role to the users. |
+| Create [Git tags](project/repository/tags/_index.md) | | | | ✓ | ✓ | ✓ | |
+| Delete [Git tags](project/repository/tags/_index.md) | | | | ✓ | ✓ | ✓ | |
+| Create new [branches](project/repository/branches/_index.md) | | | | ✓ | ✓ | ✓ | |
+| Delete non-protected branches | | | | ✓ | ✓ | ✓ | |
+| Force push to non-protected branches | | | | ✓ | ✓ | ✓ | |
+| Push to non-protected branches | | | | ✓ | ✓ | ✓ | |
+| Manage [protected branches](project/repository/branches/protected.md) | | | | | ✓ | ✓ | |
+| Delete protected branches | | | | | ✓ | ✓ | |
+| Push to protected branches | | | | | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
+| Manage [protected tags](project/protected_tags.md) | | | | | ✓ | ✓ | |
+| Manage [push rules](project/repository/push_rules.md) | | | | | ✓ | ✓ | |
+| Remove fork relationship | | | | | | ✓ | |
+| Force push to protected branches | | | | | | | Not allowed for Guest, Reporter, Developer, Maintainer, or Owner. See [protected branches](project/repository/branches/protected.md#allow-force-push-on-a-protected-branch). |
### Merge requests
Project permissions for [merge requests](project/merge_requests/_index.md):
-| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
-| ---------------------------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
-| [View](project/merge_requests/_index.md#view-merge-requests) a merge request | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
-| Create [snippets](snippets.md) | | | ✓ | ✓ | ✓ | ✓ | |
-| Create [merge request](project/merge_requests/creating_merge_requests.md) | | | | ✓ | ✓ | ✓ | In projects that accept contributions from external members, users can create, edit, and close their own merge requests. For **private** projects, this excludes the Guest role as those users [cannot clone private projects](public_access.md#private-projects-and-groups). For **internal** projects, includes users with read-only access to the project, as [they can clone internal projects](public_access.md#internal-projects-and-groups). |
-| Comment and add suggestions to a merge request | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Update merge request including assign, review, approve, labels, lock threads, and resolve threads | | | | ✓ | ✓ | ✓ | For information on eligible approvers for merge requests, see [Eligible approvers](project/merge_requests/approvals/rules.md#eligible-approvers). |
-| Manage [merge request settings](project/merge_requests/approvals/settings.md) | | | | | ✓ | ✓ | |
-| Manage [merge request approval rules](project/merge_requests/approvals/rules.md) | | | | | ✓ | ✓ | |
-| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Delete merge request | | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+|---------------------------------------------------------------------------------------------------|:-----:|:-------:|:--------:|:---------:|:----------:|:-----:|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| [View](project/merge_requests/_index.md#view-merge-requests) a merge request | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
+| [Search](search/_index.md) merge requests and comments | ✓ | | ✓ | ✓ | ✓ | ✓ | On GitLab Self-Managed, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
+| Create [snippets](snippets.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| Create [merge request](project/merge_requests/creating_merge_requests.md) | | | | ✓ | ✓ | ✓ | In projects that accept contributions from external members, users can create, edit, and close their own merge requests. For **private** projects, this excludes the Guest role as those users [cannot clone private projects](public_access.md#private-projects-and-groups). For **internal** projects, includes users with read-only access to the project, as [they can clone internal projects](public_access.md#internal-projects-and-groups). |
+| Comment and add suggestions to a merge request | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Update merge request including assign, review, approve, labels, lock threads, and resolve threads | | | | ✓ | ✓ | ✓ | For information on eligible approvers for merge requests, see [Eligible approvers](project/merge_requests/approvals/rules.md#eligible-approvers). |
+| Manage [merge request settings](project/merge_requests/approvals/settings.md) | | | | | ✓ | ✓ | |
+| Manage [merge request approval rules](project/merge_requests/approvals/rules.md) | | | | | ✓ | ✓ | |
+| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Delete merge request | | | | | | ✓ | |
### User management
@@ -491,26 +501,27 @@ Group permissions for [GitLab Duo](gitlab_duo/_index.md):
Group permissions for [group features](group/_index.md):
-| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
-| ------------------------------------------------------------------------------------------ | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
-| Browse group | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View group [audit events](compliance/audit_events.md) | | | | ✓ | ✓ | ✓ | Developers and Maintainers can only view events based on their individual actions. For more details, see the [prerequisites](compliance/audit_events.md#prerequisites). |
-| Create project in group | | | | ✓ | ✓ | ✓ | Developers, Maintainers and Owners: Only if the project creation role is set [for the instance](../administration/settings/visibility_and_access_controls.md#define-which-roles-can-create-projects) or [for the group](group/_index.md#specify-who-can-add-projects-to-a-group).
Developers: Developers can push commits to the default branch of a new project only if the [default branch protection](group/manage.md#change-the-default-branch-protection-of-a-group) is set to "Partially protected" or "Not protected". |
-| Create subgroup | | | | | ✓ | ✓ | Maintainers: Only if users with the Maintainer role [can create subgroups](group/subgroups/_index.md#change-who-can-create-subgroups). |
-| Change custom settings for [project integrations](project/integrations/_index.md) | | | | | | ✓ | |
-| Edit [epic](group/epics/_index.md) comments (posted by any user) | | ✓ | | | ✓ | ✓ | |
-| Fork project into a group | | | | | ✓ | ✓ | |
-| View [Billing](../subscriptions/gitlab_com/_index.md#view-gitlabcom-subscription) | | | | | | ✓ | Does not apply to subgroups |
-| View group [Usage Quotas](storage_usage_quotas.md) page | | | | | | ✓ | Does not apply to subgroups |
-| [Migrate group](group/import/_index.md) | | | | | | ✓ | |
-| Delete group | | | | | | ✓ | |
-| Manage [subscriptions, storage, and compute minutes](../subscriptions/gitlab_com/_index.md) | | | | | | ✓ | |
-| Manage [group access tokens](group/settings/group_access_tokens.md) | | | | | | ✓ | |
-| Change group visibility level | | | | | | ✓ | |
-| Edit group settings | | | | | | ✓ | |
-| Configure project templates | | | | | | ✓ | |
-| Configure [SAML SSO](group/saml_sso/_index.md) | | | | | | ✓ | Does not apply to subgroups |
-| Disable notification emails | | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+|---------------------------------------------------------------------------------------------|:-----:|:-------:|:--------:|:---------:|:----------:|:-----:|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Browse group | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| [Search](search/_index.md) projects in group | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View group [audit events](compliance/audit_events.md) | | | | ✓ | ✓ | ✓ | Developers and Maintainers can only view events based on their individual actions. For more details, see the [prerequisites](compliance/audit_events.md#prerequisites). |
+| Create project in group | | | | ✓ | ✓ | ✓ | Developers, Maintainers and Owners: Only if the project creation role is set [for the instance](../administration/settings/visibility_and_access_controls.md#define-which-roles-can-create-projects) or [for the group](group/_index.md#specify-who-can-add-projects-to-a-group).
Developers: Developers can push commits to the default branch of a new project only if the [default branch protection](group/manage.md#change-the-default-branch-protection-of-a-group) is set to "Partially protected" or "Not protected". |
+| Create subgroup | | | | | ✓ | ✓ | Maintainers: Only if users with the Maintainer role [can create subgroups](group/subgroups/_index.md#change-who-can-create-subgroups). |
+| Change custom settings for [project integrations](project/integrations/_index.md) | | | | | | ✓ | |
+| Edit [epic](group/epics/_index.md) comments (posted by any user) | | ✓ | | | ✓ | ✓ | |
+| Fork project into a group | | | | | ✓ | ✓ | |
+| View [Billing](../subscriptions/gitlab_com/_index.md#view-gitlabcom-subscription) | | | | | | ✓ | Does not apply to subgroups |
+| View group [Usage Quotas](storage_usage_quotas.md) page | | | | | | ✓ | Does not apply to subgroups |
+| [Migrate group](group/import/_index.md) | | | | | | ✓ | |
+| Delete group | | | | | | ✓ | |
+| Manage [subscriptions, storage, and compute minutes](../subscriptions/gitlab_com/_index.md) | | | | | | ✓ | |
+| Manage [group access tokens](group/settings/group_access_tokens.md) | | | | | | ✓ | |
+| Change group visibility level | | | | | | ✓ | |
+| Edit group settings | | | | | | ✓ | |
+| Configure project templates | | | | | | ✓ | |
+| Configure [SAML SSO](group/saml_sso/_index.md) | | | | | | ✓ | Does not apply to subgroups |
+| Disable notification emails | | | | | | ✓ | |
### Project planning group permissions
@@ -524,25 +535,27 @@ Group permissions for project planning features including iterations, milestones
Group permissions for [epics](group/epics/_index.md):
-| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
-| ----------------------------------------------------------------------------- | ----- | ------- | -------- | --------- | ---------- | ----- | ----- |
-| View epic | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Create epic | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Edit epic, including metadata, item locking, and resolving threads | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Delete epic | | ✓ | | | | ✓ | |
-| Manage [epic boards](group/epics/epic_boards.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Add issue to an [epic](group/epics/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | You must have permission to [view the epic](group/epics/manage_epics.md#who-can-view-an-epic) and edit the issue. |
-| Add/remove [child epics](group/epics/manage_epics.md#multi-level-child-epics) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | You must have permission to [view](group/epics/manage_epics.md#who-can-view-an-epic) the parent and child epics. |
-| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+|-------------------------------------------------------------------------------|:-----:|:-------:|:--------:|:---------:|:----------:|:-----:|-------------------------------------------------------------------------------------------------------------------|
+| View epic | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| [Search](search/_index.md) epics | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | You must have permission to [view the epic](group/epics/manage_epics.md#who-can-view-an-epic). |
+| Create epic | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Edit epic, including metadata, item locking, and resolving threads | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Delete epic | | ✓ | | | | ✓ | |
+| Manage [epic boards](group/epics/epic_boards.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Add issue to an [epic](group/epics/_index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | You must have permission to [view the epic](group/epics/manage_epics.md#who-can-view-an-epic) and edit the issue. |
+| Add/remove [child epics](group/epics/manage_epics.md#multi-level-child-epics) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | You must have permission to [view](group/epics/manage_epics.md#who-can-view-an-epic) the parent and child epics. |
+| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
Group permissions for [wikis](project/wiki/group.md):
-| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
-| ----------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
-| View group wiki | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Guests: In addition, if your group is public or internal, all users who can see the group can also see group wiki pages. |
-| Create group wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
-| Edit group wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
-| Delete group wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+|----------------------------------------|:-----:|:-------:|:--------:|:---------:|:----------:|:-----:|-----------------------------------------------------------------------------------------------------------------------------|
+| View group wiki | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Guests: In addition, if your group is public or internal, all users who can see the group can also see group wiki pages. |
+| [Search](search/_index.md) group wikis | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Guests: In addition, if your group is public or internal, all users who can see the group can also search group wiki pages. |
+| Create group wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
+| Edit group wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
+| Delete group wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
### Packages and registries group permissions
diff --git a/doc/user/profile/preferences.md b/doc/user/profile/preferences.md
index 1fa2f0a9d29..5a7036462ba 100644
--- a/doc/user/profile/preferences.md
+++ b/doc/user/profile/preferences.md
@@ -294,7 +294,7 @@ Change localization settings such as your language, calendar start day, and time
### Change your display language on the GitLab UI
-GitLab supports multiple languages on the UI. To help improve translations or request support for an unlisted language, view [Translating GitLab](../../development/i18n/translation.md).
+GitLab supports multiple languages on the UI.
To choose a language for the GitLab UI:
diff --git a/doc/user/project/_index.md b/doc/user/project/_index.md
index fe01e720057..f5979960883 100644
--- a/doc/user/project/_index.md
+++ b/doc/user/project/_index.md
@@ -40,7 +40,7 @@ To create a blank project:
Built-in templates populate a new project with files to help you get started.
These templates are sourced from the [`project-templates`](https://gitlab.com/gitlab-org/project-templates)
and [`pages`](https://gitlab.com/pages) groups.
-Anyone can [contribute to built-in project templates](../../development/project_templates/add_new_template.md).
+Anyone can contribute to built-in project templates.
To create a project from a built-in template:
diff --git a/doc/user/project/import/_index.md b/doc/user/project/import/_index.md
index 4d7e3572aeb..a9fad863d46 100644
--- a/doc/user/project/import/_index.md
+++ b/doc/user/project/import/_index.md
@@ -276,6 +276,15 @@ Placeholder users are created per [import source](#supported-import-sources) and
- If you import the same project twice, but to a different top-level group on the destination instance, the second import
creates new placeholder users under that top-level group.
+{{< alert type="note" >}}
+
+Placeholder users are associated only with the top-level group.
+When you delete a subgroup or project, their placeholder users
+no longer reference any contributions in the top-level group.
+For testing, you should use a designated top-level group.
+
+{{< /alert >}}
+
When a user [accepts the reassignment](#accept-contribution-reassignment),
subsequent imports from the same source instance to the same top-level group or
subgroup on the destination instance do not create placeholder users.
diff --git a/doc/user/project/integrations/apple_app_store.md b/doc/user/project/integrations/apple_app_store.md
index d388ff2c02c..19139bf2428 100644
--- a/doc/user/project/integrations/apple_app_store.md
+++ b/doc/user/project/integrations/apple_app_store.md
@@ -1,7 +1,7 @@
---
stage: none
group: unassigned
-info: This is a GitLab Incubation Engineering program. No technical writer assigned to this group.
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
title: Apple App Store Connect
---
@@ -19,7 +19,7 @@ title: Apple App Store Connect
{{< /history >}}
-This feature is part of [Mobile DevOps](../../../ci/mobile_devops/_index.md) developed by [GitLab Incubation Engineering](https://handbook.gitlab.com/handbook/engineering/development/incubation/).
+This feature is part of [Mobile DevOps](../../../ci/mobile_devops/_index.md) developed by GitLab.
The feature is still in development, but you can:
- [Request a feature](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/feedback/-/issues/new?issuable_template=feature_request).
diff --git a/doc/user/project/integrations/google_play.md b/doc/user/project/integrations/google_play.md
index a975b7b3c0f..65767a39ae0 100644
--- a/doc/user/project/integrations/google_play.md
+++ b/doc/user/project/integrations/google_play.md
@@ -1,7 +1,7 @@
---
stage: none
group: unassigned
-info: This is a GitLab Incubation Engineering program. No technical writer assigned to this group.
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
title: Google Play
---
@@ -19,7 +19,7 @@ title: Google Play
{{< /history >}}
-This feature is part of [Mobile DevOps](../../../ci/mobile_devops/_index.md) developed by [GitLab Incubation Engineering](https://handbook.gitlab.com/handbook/engineering/development/incubation/).
+This feature is part of [Mobile DevOps](../../../ci/mobile_devops/_index.md) developed by GitLab.
The feature is still in development, but you can:
- [Request a feature](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/feedback/-/issues/new?issuable_template=feature_request).
diff --git a/doc/user/project/use_project_as_go_package.md b/doc/user/project/use_project_as_go_package.md
index 9b75b570234..40e09c97b17 100644
--- a/doc/user/project/use_project_as_go_package.md
+++ b/doc/user/project/use_project_as_go_package.md
@@ -78,8 +78,8 @@ Configure Git to either:
## Disable Go module fetching for private projects
-To [fetch modules or packages](../../development/go_guide/dependencies.md#fetching), Go uses
-the [environment variables](../../development/go_guide/dependencies.md#proxies):
+To fetch modules or packages, Go uses
+the environment variables:
- `GOPRIVATE`
- `GONOPROXY`
diff --git a/doc/user/search/_index.md b/doc/user/search/_index.md
index fd16de7977e..ab8efb82517 100644
--- a/doc/user/search/_index.md
+++ b/doc/user/search/_index.md
@@ -25,6 +25,17 @@ For code search, GitLab uses these types in this order:
or when you search against a non-default branch.
This type does not support group or global search.
+## Available scopes
+
+Scopes describe the type of data you're searching.
+The following scopes are available for basic search:
+
+| Search level | Code | Comments | Commits | Epics | Issues | Merge requests | Milestones | Projects | Users | Wikis | Notes |
+|--------------|:----:|:--------:|:-------:|:-----:|:------:|:--------------:|:----------:|:--------:|:-----:|:-----:|----------------------------------------------------|
+| Global | | | | | ✓ | ✓ | ✓ | ✓ | ✓ | | An administrator can [disable global search scopes](#disable-global-search-scopes). |
+| Group | | | | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | | |
+| Project | ✓ | ✓ | ✓ | | ✓ | ✓ | ✓ | | ✓ | ✓ | |
+
## Specify a search type
{{< history >}}
diff --git a/doc/user/search/advanced_search.md b/doc/user/search/advanced_search.md
index 521ff213944..d8b9101a4b8 100644
--- a/doc/user/search/advanced_search.md
+++ b/doc/user/search/advanced_search.md
@@ -38,6 +38,17 @@ users, epics, code, comments, commits, and wikis.
- For [GitLab Self-Managed](../../subscriptions/self_managed/_index.md), an administrator must
[enable advanced search](../../integration/advanced_search/elasticsearch.md#enable-advanced-search).
+## Available scopes
+
+Scopes describe the type of data you're searching.
+The following scopes are available for advanced search:
+
+| Search level | Code | Comments | Commits | Epics | Issues | Merge requests | Milestones | Projects | Users | Wikis | Notes |
+|--------------|:----:|:--------:|:-------:|:-----:|:------:|:--------------:|:----------:|:--------:|:-----:|:-----:|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Global | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | An administrator can [disable global search scopes](_index.md#disable-global-search-scopes). On GitLab Self-Managed, global search is not available when limited indexing is enabled by default. An administrator can [enable global search for limited indexing](../../integration/advanced_search/elasticsearch.md#indexed-namespaces). |
+| Group | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Project | ✓ | ✓ | ✓ | | ✓ | ✓ | ✓ | | ✓ | ✓ | |
+
## Syntax
diff --git a/doc/user/search/exact_code_search.md b/doc/user/search/exact_code_search.md
index 95f279a15a2..9bd6c988efa 100644
--- a/doc/user/search/exact_code_search.md
+++ b/doc/user/search/exact_code_search.md
@@ -47,6 +47,17 @@ and is used by default in groups where the feature is enabled.
In user preferences, you can [disable exact code search](../profile/preferences.md#disable-exact-code-search)
to use [advanced search](advanced_search.md) instead.
+## Available scopes
+
+Scopes describe the type of data you're searching.
+The following scopes are available for exact code search:
+
+| Search level | Code | Notes |
+|--------------|:----:|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Global | | An administrator can [disable global search scopes](_index.md#disable-global-search-scopes). On GitLab Self-Managed, an administrator can enable global search with the [`zoekt_cross_namespace_search`](exact_code_search.md#global-code-search) feature flag. |
+| Group | ✓ | |
+| Project | ✓ | |
+
## Zoekt search API
{{< history >}}
diff --git a/lib/api/entities/user.rb b/lib/api/entities/user.rb
index fda43d1155d..9e925e5ee19 100644
--- a/lib/api/entities/user.rb
+++ b/lib/api/entities/user.rb
@@ -8,7 +8,7 @@ module API
include Gitlab::Utils::StrongMemoize
expose :created_at, if: ->(user, opts) { Ability.allowed?(opts[:current_user], :read_user_profile, user) }
- expose :bio, :location, :public_email, :skype, :linkedin, :twitter, :discord, :website_url, :organization, :job_title, :pronouns
+ expose :bio, :location, :skype, :linkedin, :twitter, :discord, :website_url, :organization, :job_title, :pronouns
expose :bot?, as: :bot
expose :work_information do |user|
work_information(user)
diff --git a/lib/api/entities/user_safe.rb b/lib/api/entities/user_safe.rb
index 0fbb10307cf..a8bbbe289bf 100644
--- a/lib/api/entities/user_safe.rb
+++ b/lib/api/entities/user_safe.rb
@@ -7,6 +7,7 @@ module API
expose :id, documentation: { type: 'integer', example: 1 }
expose :username, documentation: { type: 'string', example: 'admin' }
+ expose :public_email, documentation: { type: 'string', example: 'john@example.com' }
expose :name, documentation: { type: 'string', example: 'Administrator' } do |user|
current_user = request.respond_to?(:current_user) ? request.current_user : options.fetch(:current_user, nil)
diff --git a/lib/tasks/gitlab/openapi.rake b/lib/tasks/gitlab/openapi.rake
index 81f7164ad0f..e54d0d99e7c 100644
--- a/lib/tasks/gitlab/openapi.rake
+++ b/lib/tasks/gitlab/openapi.rake
@@ -48,6 +48,12 @@ namespace :gitlab do
puts '#'
puts heading
+ if ENV['OPENAPI_CHECK_DEBUG'] == 'true'
+ yaml_content = Gitlab::Json.parse(File.read('tmp/openapi_swagger_doc.json')).to_yaml
+ File.write("doc/api/openapi/openapi_v2.yaml.generated", yaml_content)
+ sh 'diff -u doc/api/openapi/openapi_v2.yaml doc/api/openapi/openapi_v2.yaml.generated'
+ end
+
abort
end
end
diff --git a/spec/fixtures/api/schemas/entities/user.json b/spec/fixtures/api/schemas/entities/user.json
index ca2ad201d66..f22457b739f 100644
--- a/spec/fixtures/api/schemas/entities/user.json
+++ b/spec/fixtures/api/schemas/entities/user.json
@@ -38,6 +38,9 @@
"username": {
"type": "string"
},
+ "public_email": {
+ "type": ["string", "null"]
+ },
"status_tooltip_html": {
"$ref": "../types/nullable_string.json"
}
diff --git a/spec/fixtures/api/schemas/pipeline_schedule.json b/spec/fixtures/api/schemas/pipeline_schedule.json
index a63e3538a43..1a05770aacd 100644
--- a/spec/fixtures/api/schemas/pipeline_schedule.json
+++ b/spec/fixtures/api/schemas/pipeline_schedule.json
@@ -95,6 +95,9 @@
"username": {
"type": "string"
},
+ "public_email": {
+ "type": ["string", "null"]
+ },
"id": {
"type": "integer"
},
diff --git a/spec/fixtures/api/schemas/public_api/v4/issue.json b/spec/fixtures/api/schemas/public_api/v4/issue.json
index dbec110bccf..cda22956569 100644
--- a/spec/fixtures/api/schemas/public_api/v4/issue.json
+++ b/spec/fixtures/api/schemas/public_api/v4/issue.json
@@ -144,6 +144,9 @@
"username": {
"type": "string"
},
+ "public_email": {
+ "type": ["string", "null"]
+ },
"id": {
"type": "integer"
},
@@ -177,6 +180,12 @@
"username": {
"type": "string"
},
+ "public_email": {
+ "type": [
+ "string",
+ "null"
+ ]
+ },
"id": {
"type": "integer"
},
@@ -206,6 +215,12 @@
"username": {
"type": "string"
},
+ "public_email": {
+ "type": [
+ "string",
+ "null"
+ ]
+ },
"id": {
"type": "integer"
},
diff --git a/spec/lib/api/entities/markdown_upload_admin_spec.rb b/spec/lib/api/entities/markdown_upload_admin_spec.rb
index 8c0fac547b3..75ad153667e 100644
--- a/spec/lib/api/entities/markdown_upload_admin_spec.rb
+++ b/spec/lib/api/entities/markdown_upload_admin_spec.rb
@@ -18,7 +18,8 @@ RSpec.describe API::Entities::MarkdownUploadAdmin, feature_category: :team_plann
uploaded_by: {
id: user.id,
name: user.name,
- username: user.username
+ username: user.username,
+ public_email: nil
}
)
end
diff --git a/spec/tasks/gitlab/openapi_rake_spec.rb b/spec/tasks/gitlab/openapi_rake_spec.rb
index df6050f829a..1fb9c213f3c 100644
--- a/spec/tasks/gitlab/openapi_rake_spec.rb
+++ b/spec/tasks/gitlab/openapi_rake_spec.rb
@@ -37,5 +37,30 @@ RSpec.describe 'gitlab:openapi namespace rake tasks', :silence_stdout, feature_c
.and raise_error(SystemExit)
end
end
+
+ context 'when debug is enabled' do
+ let(:documentation) { { 'outdated' => true } }
+ let(:verbose) { Rake::FileUtilsExt.verbose }
+ let(:nowrite) { Rake::FileUtilsExt.nowrite }
+
+ before do
+ stub_env('OPENAPI_CHECK_DEBUG', 'true')
+
+ Rake::FileUtilsExt.verbose(false)
+ Rake::FileUtilsExt.nowrite(true)
+ end
+
+ after do
+ Rake::FileUtilsExt.verbose(verbose)
+ Rake::FileUtilsExt.nowrite(nowrite)
+ end
+
+ it 'outputs a diff' do
+ expected_command = 'diff -u doc/api/openapi/openapi_v2.yaml doc/api/openapi/openapi_v2.yaml.generated'
+
+ expect(main_object).to receive(:sh).with(expected_command).and_return(true)
+ expect { run_rake_task('gitlab:openapi:check_docs') }.to raise_error(SystemExit)
+ end
+ end
end
end