root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2025-02-03 21:09:43 +00:00
parent b335b9cc0f
commit 9251853fdd
164 changed files with 1176 additions and 781 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitlab/ci/frontend.gitlab-ci.yml
View File

@ -443,19 +443,19 @@ jest vue3 check quarantined predictive:
- "detect-tests"
script:
- if [[ -s "$RSPEC_CHANGED_FILES_PATH" ]] || [[ -s "$RSPEC_MATCHING_JS_FILES_PATH" ]]; then run_timed_command "./scripts/frontend/check_jest_vue3_quarantine.js"; fi
parallel: 1
parallel: 4
artifacts:
name: quarantined_tests_output
expire_in: 31d
when: always
paths:
- tmp/tests/frontend/jest_stdout
- tmp/tests/frontend/jest_stderr
- tmp/tests/frontend/jest_results.json
jest-with-fixtures vue3 check quarantined predictive:
extends:
- jest vue3 check quarantined predictive
parallel: 1
variables:
JEST_FIXTURE_JOBS_ONLY: 1

1
.rubocop_todo/gettext/static_identifier.yml
View File

@ -2,7 +2,6 @@
Gettext/StaticIdentifier:
Exclude:
- 'app/graphql/types/project_type.rb'
- 'app/models/integrations/confluence.rb'
- 'app/services/import/fogbugz_service.rb'
- 'app/services/issues/set_crm_contacts_service.rb'
- 'app/services/projects/create_from_template_service.rb'

3
.rubocop_todo/gitlab/bounded_contexts.yml
View File

@ -3081,9 +3081,6 @@ Gitlab/BoundedContexts:
- 'ee/app/services/dashboard/projects/create_service.rb'
- 'ee/app/services/dashboard/projects/list_service.rb'
- 'ee/app/services/dependencies/create_export_service.rb'
- 'ee/app/services/dependencies/export_serializers/group_dependencies_service.rb'
- 'ee/app/services/dependencies/export_serializers/organization_dependencies_service.rb'
- 'ee/app/services/dependencies/export_serializers/project_dependencies_service.rb'
- 'ee/app/services/dependencies/export_serializers/sbom/pipeline_service.rb'
- 'ee/app/services/dependencies/export_service.rb'
- 'ee/app/services/deployments/approval_service.rb'

1
.rubocop_todo/layout/line_length.yml
View File

@ -125,7 +125,6 @@ Layout/LineLength:
- 'app/models/integrations/chat_message/note_message.rb'
- 'app/models/integrations/chat_message/pipeline_message.rb'
- 'app/models/integrations/chat_message/wiki_page_message.rb'
- 'app/models/integrations/confluence.rb'
- 'app/models/integrations/datadog.rb'
- 'app/models/integrations/discord.rb'
- 'app/models/integrations/drone_ci.rb'

2
GITLAB_KAS_VERSION
View File

@ -1 +1 @@
bb5dd9c7ced8de9cf7f5405a34836e6fb7f8e8a4
c7429ee9944f2d6eaa868a67209049abe04252e2

2
Gemfile
View File

@ -182,7 +182,7 @@ gem 'gitlab-duo-workflow-service-client', '~> 0.1',
feature_category: :duo_workflow
# Generate Fake data
gem 'ffaker', '~> 2.23', feature_category: :shared
gem 'ffaker', '~> 2.24', feature_category: :shared
gem 'hashie', '~> 5.0.0', feature_category: :shared

4
Gemfile.checksum
View File

@ -175,7 +175,7 @@
{"name":"fast_blank","version":"1.0.1","platform":"java","checksum":"90d82106b0e4aa19ac24ba1604c79a0c5a4c471601e800c9b2b072938a6d9a92"},
{"name":"fast_blank","version":"1.0.1","platform":"ruby","checksum":"269fc30414fed4e6403bc4a49081e1ea539f8b9226e59276ed1efaefabaa17ea"},
{"name":"fast_gettext","version":"2.3.0","platform":"ruby","checksum":"0253e26423ccab68061c42387827e3b99243a1b15ad614df1c800ba870d64f84"},
{"name":"ffaker","version":"2.23.0","platform":"ruby","checksum":"9d2dfb5cc284a92c8571bddcbe0c573127a2f3238f4b0aa56e08ccf3e4858498"},
{"name":"ffaker","version":"2.24.0","platform":"ruby","checksum":"43e3f8c12d602fbc70398be8bd1ac841a031eabdc12af01507e76a8d675a5d52"},
{"name":"ffi","version":"1.17.1","platform":"aarch64-linux-gnu","checksum":"c5d22cb545a3a691d46060f1343c461d1a8d38c3fd71b96b4cbbe6906bf1fd38"},
{"name":"ffi","version":"1.17.1","platform":"aarch64-linux-musl","checksum":"88b9d6ae905d21142df27c94bb300042c1aae41b67291885f600eaad16326b1d"},
{"name":"ffi","version":"1.17.1","platform":"arm-linux-gnu","checksum":"fe14f5ece94082f3b0e651a09008113281f2764e7ea95f522b64e2fe32e11504"},
@ -536,7 +536,7 @@
{"name":"pry","version":"0.14.2","platform":"java","checksum":"fd780670977ba04ff7ee32dabd4d02fe4bf02e977afe8809832d5dca1412862e"},
{"name":"pry","version":"0.14.2","platform":"ruby","checksum":"c4fe54efedaca1d351280b45b8849af363184696fcac1c72e0415f9bdac4334d"},
{"name":"pry-byebug","version":"3.10.1","platform":"ruby","checksum":"c8f975c32255bfdb29e151f5532130be64ff3d0042dc858d0907e849125581f8"},
{"name":"pry-rails","version":"0.3.9","platform":"ruby","checksum":"468662575abb6b67f4a9831219f99290d5eae7bf186e64dd810d0a3e4a8cc4b1"},
{"name":"pry-rails","version":"0.3.11","platform":"ruby","checksum":"a69e28e24a34d75d1f60bcf241192a54253f8f7ef8a62cba1e75750a9653593d"},
{"name":"pry-shell","version":"0.6.4","platform":"ruby","checksum":"ad024882d29912b071a7de65ebea538b242d2dc1498c60c7c2352ef94769f208"},
{"name":"public_suffix","version":"6.0.1","platform":"ruby","checksum":"61d44e1cab5cbbbe5b31068481cf16976dd0dc1b6b07bd95617ef8c5e3e00c6f"},
{"name":"puma","version":"6.5.0","platform":"java","checksum":"a58eea585d291aa33796add9884208bc1591da5d8e61886f8ac74d080b298c40"},

8
Gemfile.lock
View File

@ -628,7 +628,7 @@ GEM
faraday (>= 2.0, < 3)
fast_blank (1.0.1)
fast_gettext (2.3.0)
ffaker (2.23.0)
ffaker (2.24.0)
ffi (1.17.1)
ffi-compiler (1.0.1)
ffi (>= 1.0.0)
@ -1469,8 +1469,8 @@ GEM
pry-byebug (3.10.1)
byebug (~> 11.0)
pry (>= 0.13, < 0.15)
pry-rails (0.3.9)
pry (>= 0.10.4)
pry-rails (0.3.11)
pry (>= 0.13.0)
pry-shell (0.6.4)
pry (>= 0.13.0)
tty-markdown
@ -2070,7 +2070,7 @@ DEPENDENCIES
faraday-typhoeus (~> 1.1)
faraday_middleware-aws-sigv4 (~> 1.0.1)
fast_blank (~> 1.0.1)
ffaker (~> 2.23)
ffaker (~> 2.24)
ffi (~> 1.17)
flipper (~> 0.26.2)
flipper-active_record (~> 0.26.2)

4
Gemfile.next.checksum
View File

@ -175,7 +175,7 @@
{"name":"fast_blank","version":"1.0.1","platform":"java","checksum":"90d82106b0e4aa19ac24ba1604c79a0c5a4c471601e800c9b2b072938a6d9a92"},
{"name":"fast_blank","version":"1.0.1","platform":"ruby","checksum":"269fc30414fed4e6403bc4a49081e1ea539f8b9226e59276ed1efaefabaa17ea"},
{"name":"fast_gettext","version":"2.3.0","platform":"ruby","checksum":"0253e26423ccab68061c42387827e3b99243a1b15ad614df1c800ba870d64f84"},
{"name":"ffaker","version":"2.23.0","platform":"ruby","checksum":"9d2dfb5cc284a92c8571bddcbe0c573127a2f3238f4b0aa56e08ccf3e4858498"},
{"name":"ffaker","version":"2.24.0","platform":"ruby","checksum":"43e3f8c12d602fbc70398be8bd1ac841a031eabdc12af01507e76a8d675a5d52"},
{"name":"ffi","version":"1.17.1","platform":"aarch64-linux-gnu","checksum":"c5d22cb545a3a691d46060f1343c461d1a8d38c3fd71b96b4cbbe6906bf1fd38"},
{"name":"ffi","version":"1.17.1","platform":"aarch64-linux-musl","checksum":"88b9d6ae905d21142df27c94bb300042c1aae41b67291885f600eaad16326b1d"},
{"name":"ffi","version":"1.17.1","platform":"arm-linux-gnu","checksum":"fe14f5ece94082f3b0e651a09008113281f2764e7ea95f522b64e2fe32e11504"},
@ -541,7 +541,7 @@
{"name":"pry","version":"0.14.2","platform":"java","checksum":"fd780670977ba04ff7ee32dabd4d02fe4bf02e977afe8809832d5dca1412862e"},
{"name":"pry","version":"0.14.2","platform":"ruby","checksum":"c4fe54efedaca1d351280b45b8849af363184696fcac1c72e0415f9bdac4334d"},
{"name":"pry-byebug","version":"3.10.1","platform":"ruby","checksum":"c8f975c32255bfdb29e151f5532130be64ff3d0042dc858d0907e849125581f8"},
{"name":"pry-rails","version":"0.3.9","platform":"ruby","checksum":"468662575abb6b67f4a9831219f99290d5eae7bf186e64dd810d0a3e4a8cc4b1"},
{"name":"pry-rails","version":"0.3.11","platform":"ruby","checksum":"a69e28e24a34d75d1f60bcf241192a54253f8f7ef8a62cba1e75750a9653593d"},
{"name":"pry-shell","version":"0.6.4","platform":"ruby","checksum":"ad024882d29912b071a7de65ebea538b242d2dc1498c60c7c2352ef94769f208"},
{"name":"psych","version":"5.2.3","platform":"java","checksum":"3e5425b9e8a2f41cc2707d5ef14fdc1ae908abbafb12fe45727bd63900056585"},
{"name":"psych","version":"5.2.3","platform":"ruby","checksum":"84a54bb952d14604fea22d99938348814678782f58b12648fcdfa4d2fce859ee"},

8
Gemfile.next.lock
View File

@ -640,7 +640,7 @@ GEM
faraday (>= 2.0, < 3)
fast_blank (1.0.1)
fast_gettext (2.3.0)
ffaker (2.23.0)
ffaker (2.24.0)
ffi (1.17.1)
ffi-compiler (1.0.1)
ffi (>= 1.0.0)
@ -1489,8 +1489,8 @@ GEM
pry-byebug (3.10.1)
byebug (~> 11.0)
pry (>= 0.13, < 0.15)
pry-rails (0.3.9)
pry (>= 0.10.4)
pry-rails (0.3.11)
pry (>= 0.13.0)
pry-shell (0.6.4)
pry (>= 0.13.0)
tty-markdown
@ -2105,7 +2105,7 @@ DEPENDENCIES
faraday-typhoeus (~> 1.1)
faraday_middleware-aws-sigv4 (~> 1.0.1)
fast_blank (~> 1.0.1)
ffaker (~> 2.23)
ffaker (~> 2.24)
ffi (~> 1.17)
flipper (~> 0.26.2)
flipper-active_record (~> 0.26.2)

4
app/assets/javascripts/graphql_shared/possible_types.json
View File

@ -28,8 +28,8 @@
"Note"
],
"CiJobTokenScopeTarget": [
"Group",
"Project"
"CiJobTokenAccessibleProject",
"Group"
],
"CiRunnerCloudProvisioning": [
"CiRunnerGkeProvisioning",

58
app/assets/javascripts/projects/new_v2/components/app.vue
View File

@ -1,6 +1,6 @@
<script>
import { GlButton, GlButtonGroup, GlFormGroup, GlIcon } from '@gitlab/ui';
import { s__ } from '~/locale';
import { GlButton, GlButtonGroup, GlFormGroup, GlIcon, GlAlert } from '@gitlab/ui';
import { s__, sprintf } from '~/locale';
import SafeHtml from '~/vue_shared/directives/safe_html';
import MultiStepFormTemplate from '~/vue_shared/components/multi_step_form_template.vue';
import SingleChoiceSelector from '~/vue_shared/components/single_choice_selector.vue';
@ -63,6 +63,7 @@ export default {
GlButtonGroup,
GlFormGroup,
GlIcon,
GlAlert,
MultiStepFormTemplate,
SingleChoiceSelector,
SingleChoiceSelectorItem,
@ -72,6 +73,7 @@ export default {
directives: {
SafeHtml,
},
inject: ['userNamespaceId', 'canCreateProject'],
props: {
rootPath: {
type: String,
@ -106,12 +108,17 @@ export default {
canImportProjects: {
type: Boolean,
required: false,
default: true,
default: false,
},
importSourcesEnabled: {
type: Boolean,
required: false,
default: true,
default: false,
},
canSelectNamespace: {
type: Boolean,
required: false,
default: false,
},
namespaceFullPath: {
type: String,
@ -123,16 +130,15 @@ export default {
required: false,
default: null,
},
userNamespaceId: {
type: String,
required: false,
default: null,
},
trackLabel: {
type: String,
required: false,
default: null,
},
userProjectLimit: {
type: Number,
required: true,
},
newProjectGuidelines: {
type: String,
required: false,
@ -141,7 +147,8 @@ export default {
},
data() {
return {
selectedNamespace: this.namespaceId ? this.namespaceId : this.userNamespaceId,
selectedNamespace:
this.namespaceId && this.canSelectNamespace ? this.namespaceId : this.userNamespaceId,
rootUrl: this.rootPath,
};
},
@ -149,6 +156,25 @@ export default {
isPersonalProject() {
return this.selectedNamespace === this.userNamespaceId;
},
canChooseOption() {
if (!this.isPersonalProject) return true;
return this.canCreateProject && this.userProjectLimit > 0;
},
errorMessage() {
if (this.userProjectLimit === 0) {
return s__(
'ProjectsNew|You cannot create projects in your personal namespace. Contact your GitLab administrator.',
);
}
return sprintf(
s__(
"ProjectsNew|You've reached your limit of %{limit} projects created. Contact your GitLab administrator.",
),
{
limit: this.userProjectLimit,
},
);
},
},
methods: {
choosePersonalNamespace() {
@ -165,7 +191,10 @@ export default {
<template>
<multi-step-form-template :title="__('Create new project')" :current-step="1">
<template #form>
<gl-form-group :label="s__('ProjectNew|What do you want to create?')">
<gl-form-group
v-if="canSelectNamespace"
:label="s__('ProjectNew|What do you want to create?')"
>
<gl-button-group class="gl-w-full">
<gl-button
category="primary"
@ -196,14 +225,14 @@ export default {
<new-project-destination-select
:namespace-full-path="namespaceFullPath"
:namespace-id="namespaceId"
:user-namespace-id="userNamespaceId"
:track-label="trackLabel"
:root-url="rootUrl"
:groups-only="true"
data-testid="group-selector"
/>
</gl-form-group>
<single-choice-selector checked="blank_project">
<single-choice-selector v-if="canChooseOption" checked="blank_project">
<single-choice-selector-item v-bind="$options.OPTIONS.blank" />
<single-choice-selector-item v-bind="$options.OPTIONS.template" />
<single-choice-selector-item
@ -221,6 +250,9 @@ export default {
</single-choice-selector-item>
<single-choice-selector-item v-bind="$options.OPTIONS.transfer" :disabled="true" />
</single-choice-selector>
<gl-alert v-else variant="danger" :dismissible="false">
{{ errorMessage }}
</gl-alert>
</template>
<template #footer>
<div v-if="newProjectGuidelines" v-safe-html="newProjectGuidelines" class="gl-mb-6"></div>

15
app/assets/javascripts/projects/new_v2/components/project_destination_select.vue
View File

@ -32,6 +32,7 @@ export default {
debounce: DEBOUNCE_DELAY,
},
},
inject: ['userNamespaceId', 'canCreateProject'],
props: {
namespaceFullPath: {
type: String,
@ -43,16 +44,16 @@ export default {
required: false,
default: '',
},
userNamespaceId: {
type: String,
required: false,
default: '',
},
trackLabel: {
type: String,
required: false,
default: '',
},
groupsOnly: {
type: Boolean,
required: false,
default: false,
},
},
data() {
return {
@ -91,7 +92,9 @@ export default {
);
},
items() {
return this.namespaceItems.concat(this.groupsItems);
if (this.groupsOnly) return this.groupsItems;
if (this.canCreateProject) return this.namespaceItems.concat(this.groupsItems);
return this.groupsItems;
},
groupsItems() {
if (this.hasGroupMatches) {

8
app/assets/javascripts/projects/new_v2/index.js
View File

@ -26,6 +26,9 @@ export function initNewProjectForm() {
namespaceId,
userNamespaceId,
trackLabel,
canSelectNamespace,
canCreateProject,
userProjectLimit,
newProjectGuidelines,
} = el.dataset;
@ -40,12 +43,15 @@ export function initNewProjectForm() {
importSourcesEnabled: parseBoolean(importSourcesEnabled),
namespaceFullPath,
namespaceId,
userNamespaceId,
trackLabel,
canSelectNamespace: parseBoolean(canSelectNamespace),
userProjectLimit: parseInt(userProjectLimit, 10),
newProjectGuidelines,
};
const provide = {
userNamespaceId,
canCreateProject: parseBoolean(canCreateProject),
projectHelpPath,
pushToCreateProjectCommand,
};

11
app/assets/javascripts/repository/components/blob_content_viewer.vue
View File

@ -86,7 +86,7 @@ export default {
const urlHash = getLocationHash(); // If there is a code line hash in the URL we render with the simple viewer
const useSimpleViewer = usePlain || urlHash?.startsWith('L') || !this.hasRichViewer;
if (this.isTooLarge) return;
if (this.isUnsupportedLanguage(this.blobInfo.language) && this.isTooLarge) return;
this.initHighlightWorker(this.blobInfo, this.isUsingLfs);
this.switchViewer(useSimpleViewer ? SIMPLE_BLOB_VIEWER : RICH_BLOB_VIEWER); // By default, if present, use the rich viewer to render
},
@ -161,8 +161,13 @@ export default {
return Boolean(this.viewer.renderError);
},
isTooLarge() {
const { tooLarge, renderError } = this.viewer || {};
return tooLarge || renderError === 'collapsed';
if (this.isUnsupportedLanguage(this.blobInfo.language)) {
// If the languages is not supported by HLJS then check if the backend indicated the file is too large
const { tooLarge, renderError } = this.viewer || {};
return tooLarge || renderError === 'collapsed';
}
return this.blobInfo.size >= this.$options.HLJS_MAX_SIZE;
},
blobViewer() {
const { fileType } = this.viewer;

1
app/assets/javascripts/repository/mixins/highlight_mixin.js
View File

@ -15,6 +15,7 @@ import { TEXT_FILE_TYPE } from '../constants';
* This mixin is intended to be used as an interface between our highlight worker and Vue components
*/
export default {
HLJS_MAX_SIZE: 2000000, // 2MB
mixins: [Tracking.mixin()],
inject: {
highlightWorker: { default: null },

4
app/assets/javascripts/super_sidebar/components/global_search/command_palette/constants.js
View File

@ -6,6 +6,10 @@ export const PROJECT_HANDLE = ':';
export const ISSUE_HANDLE = '#';
export const PATH_HANDLE = '~';
export const COMMANDS_TOGGLE_KEYBINDING = 'mod+k';
export const COMMANDS_SKIP_NEXT_KEYBINDING = ['ctrl+n', 'command+n', 'alt+mod+n'];
export const COMMANDS_SKIP_PREV_KEYBINDING = ['ctrl+p', 'command+p', 'alt+mod+p'];
export const TRACKING_ACTIVATE_COMMAND_PALETTE = 'activate_command_palette';
export const TRACKING_CLICK_COMMAND_PALETTE_ITEM = 'click_command_palette_item';
export const TRACKING_HANDLE_LABEL_MAP = {

75
app/assets/javascripts/super_sidebar/components/global_search/components/global_search.vue
View File

@ -4,6 +4,7 @@ import { GlSearchBoxByType, GlModal } from '@gitlab/ui';
import { mapState, mapActions, mapGetters } from 'vuex';
import { debounce, clamp } from 'lodash';
import { InternalEvents } from '~/tracking';
import { Mousetrap, addStopCallback } from '~/lib/mousetrap';
import { visitUrl } from '~/lib/utils/url_utility';
import { DEFAULT_DEBOUNCE_AND_THROTTLE_MS } from '~/lib/utils/constants';
import { s__, sprintf } from '~/locale';
@ -44,7 +45,6 @@ import {
SEARCH_RESULTS_DESCRIPTION,
SEARCH_SHORTCUTS_MIN_CHARACTERS,
SEARCH_MODAL_ID,
KEY_K,
KEY_N,
KEY_P,
SEARCH_INPUT_SELECTOR,
@ -62,6 +62,7 @@ import {
MODAL_CLOSE_ESC,
MODAL_CLOSE_BACKGROUND,
MODAL_CLOSE_HEADERCLOSE,
COMMANDS_TOGGLE_KEYBINDING,
} from '../command_palette/constants';
import CommandPaletteLottery from '../command_palette/command_palette_lottery.vue';
import CommandsOverviewDropdown from '../command_palette/command_overview_dropdown.vue';
@ -170,6 +171,9 @@ export default {
this.highlightFirstCommand();
},
},
created() {
addStopCallback(this.allowMousetrapBindingOnSearchInput);
},
methods: {
...mapActions(['setSearch', 'setCommand', 'fetchAutocompleteOptions', 'clearAutocomplete']),
getAutocompleteOptions: debounce(function debouncedSearch(searchTerm) {
@ -205,11 +209,12 @@ export default {
}
},
onKeydown(event) {
const { code, target } = event;
const { code, ctrlKey, target } = event;
let stop = true;
const isSearchInput = target && target?.matches(SEARCH_INPUT_SELECTOR);
const elements = this.getFocusableOptions();
this.getListItemsAndFocusIndex();
switch (code) {
case ENTER_KEY:
@ -250,6 +255,26 @@ export default {
this.focusNextItem(event, elements, 1);
break;
case KEY_P:
if (!ctrlKey) {
return;
}
this.focusIndex =
this.focusIndex > 0 ? this.focusIndex - 1 : this.childListItems.length - 1;
this.childListItems[this.focusIndex]?.focus();
break;
case KEY_N:
if (!ctrlKey) {
return;
}
this.focusIndex =
this.focusIndex < this.childListItems.length - 1 ? this.focusIndex + 1 : 0;
this.childListItems[this.focusIndex]?.focus();
break;
case ESC_KEY:
this.$refs.modal.close();
break;
@ -263,38 +288,36 @@ export default {
event.preventDefault();
}
},
onKeyComboDown(event) {
const { code, metaKey, ctrlKey } = event;
this.getListItemsAndFocusIndex();
if (code === KEY_P && ctrlKey) {
this.focusIndex =
this.focusIndex > 0 ? this.focusIndex - 1 : this.childListItems.length - 1;
this.childListItems[this.focusIndex]?.focus();
onKeyComboToggleDropdown(event) {
if (event.preventDefault) {
event.preventDefault();
}
if (code === KEY_N && ctrlKey) {
this.focusIndex =
this.focusIndex < this.childListItems.length - 1 ? this.focusIndex + 1 : 0;
this.childListItems[this.focusIndex]?.focus();
if (!this.commandPaletteDropdownOpen) {
this.$refs.commandDropdown.open();
this.commandPaletteDropdownOpen = true;
} else {
this.$refs.commandDropdown.close();
this.commandPaletteDropdownOpen = false;
}
},
allowMousetrapBindingOnSearchInput(event, element, combo) {
if (combo !== COMMANDS_TOGGLE_KEYBINDING) {
return undefined;
}
if (code === KEY_K && metaKey) {
if (!this.commandPaletteDropdownOpen) {
this.$refs.commandDropdown.open();
this.commandPaletteDropdownOpen = true;
} else {
this.$refs.commandDropdown.close();
this.commandPaletteDropdownOpen = false;
}
const search = this.$refs.searchInput.$el;
if (search?.contains(element)) {
return false;
}
return undefined;
},
handleClosing() {
this.commandPaletteDropdownOpen = false;
},
focusSearchInput() {
this.$refs.searchInput.$el.querySelector('input')?.focus();
this.$refs?.searchInput?.$el?.querySelector('input')?.focus();
},
focusNextItem(event, elements, offset) {
const { target } = event;
@ -324,13 +347,13 @@ export default {
onSearchModalShown() {
this.$emit('shown');
window.addEventListener('keydown', this.onKeyComboDown);
Mousetrap.bind(COMMANDS_TOGGLE_KEYBINDING, this.onKeyComboToggleDropdown);
},
onSearchModalHidden({ trigger } = {}) {
this.searchText = '';
this.$emit('hidden');
window.removeEventListener('keydown', this.onKeyComboDown);
Mousetrap.unbind(COMMANDS_TOGGLE_KEYBINDING);
switch (trigger) {
case this.$options.MODAL_CLOSE_ESC:

2
app/assets/javascripts/todos/components/todo_item.vue
View File

@ -113,7 +113,7 @@ export default {
<template>
<li
class="gl-border-t gl-border-b gl-relative -gl-mt-px gl-flex gl-gap-3 gl-px-5 gl-py-3 hover:gl-z-1 hover:gl-border-blue-200 hover:gl-bg-blue-50"
class="gl-border-t gl-border-b gl-relative -gl-mt-px gl-flex gl-gap-3 gl-px-5 gl-py-3 hover:gl-z-1 has-[>a:hover]:gl-border-blue-200 has-[>a:hover]:gl-bg-blue-50"
:data-testid="`todo-item-${todo.id}`"
:class="{ 'gl-bg-subtle': isDone }"
>

2
app/assets/javascripts/todos/components/todos_app.vue
View File

@ -332,7 +332,7 @@ export default {
name="todos"
tag="ol"
data-testid="todo-item-list"
class="gl-m-0 gl-border-collapse gl-list-none gl-p-0"
class="gl-m-0 gl-list-none gl-p-0"
>
<todo-item
v-for="todo in todos"

4
app/assets/javascripts/todos/components/todos_pagination.vue
View File

@ -95,12 +95,12 @@ export default {
</script>
<template>
<div class="gl-relative gl-mt-6 gl-flex gl-justify-between md:!gl-justify-center">
<div class="gl-relative gl-mt-6 gl-flex gl-justify-between md:gl-justify-center">
<gl-keyset-pagination v-bind="$props" @prev="prevPage" @next="nextPage" />
<page-size-selector
:value="pageSize"
class="gl-relative gl-right-0 md:gl-absolute"
class="gl-right-0 md:gl-absolute"
@input="handlePageSizeChange"
/>
</div>

2
app/assets/javascripts/token_access/graphql/fragments/allowlist_entry.fragment.graphql
View File

@ -10,7 +10,7 @@ fragment AllowlistEntry on CiJobTokenScopeAllowlistEntry {
avatarUrl
webUrl
}
... on Project {
... on CiJobTokenAccessibleProject {
id
name
fullPath

21
app/controllers/application_controller.rb
View File

@ -188,27 +188,6 @@ class ApplicationController < BaseActionController
end
strong_memoize_attr :auth_user
# Devise defines current_user to be:
#
# def current_user
# @current_user ||= warden.authenticate(scope: mapping)
# end
#
# That means whenever current_user is called and `@current_user` is
# nil, Warden will attempt to authenticate a user. To avoid
# reauthenticating anonymous users, we may need to invalidate
# the user.
def reset_auth_user!
return if strong_memoized?(:auth_user) && auth_user
# Controllers usually call auth_user first, but for some controllers
# authenticate_sessionless_user! is called after that. If we relied
# on the memoized auth_user, the value would always be nil for
# sessionless users.
clear_memoization(:auth_user)
auth_user
end
def log_exception(exception)
# At this point, the controller already exits set_current_context around
# block. To maintain the context while handling error exception, we need to

31
app/controllers/concerns/sessionless_authentication.rb
View File

@ -16,33 +16,22 @@ module SessionlessAuthentication
end
def sessionless_user?
if Feature.enabled?(:fix_graphql_csrf, Feature.current_request)
current_user && @sessionless_sign_in # rubocop:disable Gitlab/ModuleWithInstanceVariables -- This is only used within this module
else
current_user && !session.key?('warden.user.user.key')
end
current_user && @sessionless_sign_in # rubocop:disable Gitlab/ModuleWithInstanceVariables -- This is only used within this module
end
def sessionless_sign_in(user)
@sessionless_sign_in = true # rubocop:disable Gitlab/ModuleWithInstanceVariables -- This is only used within this module
signed_in_user =
if user.can_log_in_with_non_expired_password?
# Notice we are passing store false, so the user is not
# actually stored in the session and a token is needed
# for every request. If you want the token to work as a
# sign in token, you can simply remove store: false.
sign_in(user, store: false, message: :sessionless_sign_in)
elsif request_authenticator.can_sign_in_bot?(user)
# we suppress callbacks to avoid redirecting the bot
sign_in(user, store: false, message: :sessionless_sign_in, run_callbacks: false)
end
if respond_to?(:reset_auth_user!, true) && Feature.disabled?(:fix_graphql_csrf, Feature.current_request)
reset_auth_user!
if user.can_log_in_with_non_expired_password?
# Notice we are passing store false, so the user is not
# actually stored in the session and a token is needed
# for every request. If you want the token to work as a
# sign in token, you can simply remove store: false.
sign_in(user, store: false, message: :sessionless_sign_in)
elsif request_authenticator.can_sign_in_bot?(user)
# we suppress callbacks to avoid redirecting the bot
sign_in(user, store: false, message: :sessionless_sign_in, run_callbacks: false)
end
signed_in_user
end
def sessionless_bypass_admin_mode!(&block)

34
app/controllers/graphql_controller.rb
View File

@ -11,12 +11,9 @@ class GraphqlController < ApplicationController
# Also, we allow anonymous users to access the API without a CSRF token so that it is easier for users
# to get started with our GraphQL API.
skip_before_action :verify_authenticity_token, if: -> {
Feature.enabled?(:fix_graphql_csrf, Feature.current_request) &&
(current_user.nil? || sessionless_user? || !any_mutating_query?)
}
skip_before_action :check_two_factor_requirement, if: -> {
Feature.enabled?(:fix_graphql_csrf, Feature.current_request) && sessionless_user?
current_user.nil? || sessionless_user? || !any_mutating_query?
}
skip_before_action :check_two_factor_requirement, if: -> { sessionless_user? }
# Header can be passed by tests to disable SQL query limits.
DISABLE_SQL_QUERY_LIMIT_HEADER = 'HTTP_X_GITLAB_DISABLE_SQL_QUERY_LIMIT'
@ -28,33 +25,8 @@ class GraphqlController < ApplicationController
CACHED_INTROSPECTION_QUERY_STRING = CachedIntrospectionQuery.query_string
INTROSPECTION_QUERY_OPERATION_NAME = 'IntrospectionQuery'
# If a user is using their session to access GraphQL, we need to have session
# storage, since the admin-mode check is session wide.
# We can't enable this for anonymous users because that would cause users using
# enforced SSO from using an auth token to access the API.
skip_around_action :set_session_storage, if: -> {
Feature.disabled?(:fix_graphql_csrf, Feature.current_request) && current_user.nil?
}
# Allow missing CSRF tokens, this would mean that if a CSRF is invalid or missing,
# the user won't be authenticated but can proceed as an anonymous user.
#
# If a CSRF is valid, the user is authenticated. This makes it easier to play
# around in GraphiQL.
prepend_before_action do
if Feature.disabled?(:fix_graphql_csrf, Feature.current_request)
self.forgery_protection_strategy = ProtectionMethods::NullSession
end
end
# must come first: current_user is set up here
prepend_before_action(if: -> {
Feature.enabled?(:fix_graphql_csrf, Feature.current_request)
}) { authenticate_sessionless_user!(:graphql_api) }
before_action(if: -> {
Feature.disabled?(:fix_graphql_csrf, Feature.current_request)
}) { authenticate_sessionless_user!(:graphql_api) }
prepend_before_action { authenticate_sessionless_user!(:graphql_api) }
before_action :authorize_access_api!
before_action :set_user_last_activity

41
app/graphql/types/ci/job_token_accessible_project_type.rb Normal file
View File

@ -0,0 +1,41 @@
# frozen_string_literal: true
module Types
# rubocop: disable Graphql/AuthorizeTypes -- this type does not need authorization
module Ci
class JobTokenAccessibleProjectType < BaseObject
graphql_name 'CiJobTokenAccessibleProject'
description 'Project that can access the current project by authenticating with a CI/CD job token.'
field :id, GraphQL::Types::ID,
null: false,
description: 'ID of the project.'
field :name, GraphQL::Types::String,
null: false,
description: 'Name of the project (without namespace).'
field :path, GraphQL::Types::String,
null: false,
description: 'Path of the project.'
field :full_path, GraphQL::Types::ID,
null: false,
description: 'Full path of the project.'
field :web_url, GraphQL::Types::String,
null: true,
description: 'Web URL of the project.'
field :avatar_url, GraphQL::Types::String,
null: true,
calls_gitaly: true,
description: 'URL to avatar image file of the project.'
def avatar_url
object.avatar_url(only_path: false)
end
end
end
# rubocop: enable Graphql/AuthorizeTypes
end

2
app/graphql/types/ci/job_token_auth_log_type.rb
View File

@ -7,7 +7,7 @@ module Types
graphql_name 'CiJobTokenAuthLog'
connection_type_class Types::CountableConnectionType
field :origin_project, Types::ProjectType,
field :origin_project, Types::Ci::JobTokenAccessibleProjectType,
null: false,
experiment: { milestone: '17.6' },
description: 'Origin project.'

4
app/graphql/types/ci/job_token_scope/target_type.rb
View File

@ -7,12 +7,12 @@ module Types
graphql_name 'CiJobTokenScopeTarget'
description 'Represents an object that is the target of a CI_JOB_TOKEN allowlist entry'
possible_types Types::ProjectType, Types::GroupType
possible_types Types::Ci::JobTokenAccessibleProjectType, Types::GroupType
def self.resolve_type(object, _context)
case object
when Project
Types::ProjectType
Types::Ci::JobTokenAccessibleProjectType
when Group
Types::GroupType
else

2
app/graphql/types/ci/job_token_scope_type.rb
View File

@ -25,7 +25,7 @@ module Types
method: :outbound_projects
field :inbound_allowlist,
Types::ProjectType.connection_type,
Types::Ci::JobTokenAccessibleProjectType.connection_type,
null: false,
description: "Allowlist of projects that can access the current project " \
"by authenticating with a CI/CD job token.",

89
app/models/concerns/integrations/base/confluence.rb Normal file
View File

@ -0,0 +1,89 @@
# frozen_string_literal: true
module Integrations
module Base
module Confluence
extend ActiveSupport::Concern
include Base::ThirdPartyWiki
VALID_SCHEME_MATCH = Gitlab::UntrustedRegexp.new('^https?$')
VALID_HOST_MATCH = Gitlab::UntrustedRegexp.new('^.+\\.atlassian\\.net$')
VALID_PATH_MATCH = Gitlab::UntrustedRegexp.new('^/wiki(/|$)')
class_methods do
def to_param
'confluence'
end
def title
s_('ConfluenceService|Confluence Workspace')
end
def description
s_('ConfluenceService|Link to a Confluence Workspace from the sidebar.')
end
end
included do
validates :confluence_url, presence: true, if: :activated?
validate :validate_confluence_url_is_cloud, if: :activated?
field :confluence_url,
title: -> { _('Confluence Workspace URL') },
description: -> { _("URL of the Confluence Workspace hosted on `atlassian.net`.") },
placeholder: 'https://example.atlassian.net/wiki',
required: true
end
def avatar_url
ActionController::Base.helpers.image_path('confluence.svg')
end
def help
return unless project&.wiki_enabled?
if activated?
wiki_url = project.wiki.web_url
docs_link = ActionController::Base.helpers.link_to('', wiki_url, target: '_blank', rel: 'noopener noreferrer')
tag_pair_docs_link = tag_pair(docs_link, :link_start, :link_end)
safe_format(
s_("'ConfluenceService|Your GitLab wiki is still available at %{link_start}%{wiki_url}%{link_end}. " \
"To re-enable the link to the GitLab wiki, disable this integration."), tag_pair_docs_link, wiki_url:)
else
s_('ConfluenceService|Link to a Confluence Workspace from the sidebar. Enabling this integration replaces ' \
'the "Wiki" sidebar link with a link to the Confluence Workspace. The GitLab wiki is still available at ' \
'the original URL.')
end
end
def testable?
false
end
private
def validate_confluence_url_is_cloud
return if confluence_uri_valid?
errors.add(:confluence_url, 'URL must be to a Confluence Cloud Workspace hosted on atlassian.net')
end
def confluence_uri_valid?
return false unless confluence_url
uri = URI.parse(confluence_url)
(
VALID_SCHEME_MATCH.match?(uri.scheme) &&
VALID_HOST_MATCH.match?(uri.host) &&
VALID_PATH_MATCH.match?(uri.path)
).present?
rescue URI::InvalidURIError
false
end
end
end
end

71
app/models/integrations/confluence.rb
View File

@ -2,75 +2,6 @@
module Integrations
class Confluence < Integration
include Base::ThirdPartyWiki
VALID_SCHEME_MATCH = %r{\Ahttps?\Z}
VALID_HOST_MATCH = %r{\A.+\.atlassian\.net\Z}
VALID_PATH_MATCH = %r{\A/wiki(/|\Z)}
validates :confluence_url, presence: true, if: :activated?
validate :validate_confluence_url_is_cloud, if: :activated?
field :confluence_url,
title: -> { _('Confluence Workspace URL') },
description: -> { _("URL of the Confluence Workspace hosted on `atlassian.net`.") },
placeholder: 'https://example.atlassian.net/wiki',
required: true
def avatar_url
ActionController::Base.helpers.image_path('confluence.svg')
end
def self.to_param
'confluence'
end
def self.title
s_('ConfluenceService|Confluence Workspace')
end
def self.description
s_('ConfluenceService|Link to a Confluence Workspace from the sidebar.')
end
def help
return unless project&.wiki_enabled?
if activated?
wiki_url = project.wiki.web_url
docs_link = ActionController::Base.helpers.link_to('', wiki_url, target: '_blank', rel: 'noopener noreferrer')
tag_pair_docs_link = tag_pair(docs_link, :link_start, :link_end)
safe_format(s_("'ConfluenceService|Your GitLab wiki is still available at %{link_start}#{wiki_url}%{link_end}. To re-enable the link to the GitLab wiki, disable this integration."), tag_pair_docs_link)
else
s_('ConfluenceService|Link to a Confluence Workspace from the sidebar. Enabling this integration replaces the "Wiki" sidebar link with a link to the Confluence Workspace. The GitLab wiki is still available at the original URL.')
end
end
def testable?
false
end
private
def validate_confluence_url_is_cloud
unless confluence_uri_valid?
errors.add(:confluence_url, 'URL must be to a Confluence Cloud Workspace hosted on atlassian.net')
end
end
def confluence_uri_valid?
return false unless confluence_url
uri = URI.parse(confluence_url)
(uri.scheme&.match(VALID_SCHEME_MATCH) &&
uri.host&.match(VALID_HOST_MATCH) &&
uri.path&.match(VALID_PATH_MATCH)).present?
rescue URI::InvalidURIError
false
end
include Integrations::Base::Confluence
end
end

2
app/models/integrations/instance/confluence.rb
View File

@ -3,7 +3,7 @@
module Integrations
module Instance
class Confluence < Integration
# To be updated as part of https://gitlab.com/gitlab-org/gitlab/-/issues/474809
include Integrations::Base::Confluence
end
end
end

4
app/validators/json_schema_validator.rb
View File

@ -84,10 +84,6 @@ class JsonSchemaValidator < ActiveModel::EachValidator
"#{options[:filename]}.json"
end
def draft_version
options[:draft] || JSON_VALIDATOR_MAX_DRAFT_VERSION
end
def error_message
options[:message] || _('must be a valid json schema')
end

5
app/views/projects/new.html.haml
View File

@ -21,7 +21,10 @@
is_ci_cd_available: remote_mirror_setting_enabled?.to_s,
can_import_projects: params[:namespace_id].presence ? current_user.can?(:import_projects, @namespace).to_s : 'true',
import_sources_enabled: import_sources_enabled?.to_s,
track_label: local_assigns.fetch(:track_label, 'blank_project') } }
track_label: local_assigns.fetch(:track_label, 'blank_project'),
can_select_namespace: current_user.can_select_namespace?.to_s,
can_create_project: current_user.can_create_project?.to_s,
user_project_limit: current_user.projects_limit } }
- else
.project-edit-container
.project-edit-errors

12
config/feature_flags/gitlab_com_derisk/fix_graphql_csrf.yml → config/feature_flags/gitlab_com_derisk/ci_merge_request_variables_preload.yml
View File

@ -1,9 +1,9 @@
---
name: fix_graphql_csrf
feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/379326
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/173972
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/508617
milestone: '17.7'
group: group::project management
name: ci_merge_request_variables_preload
feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/515980
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/179811
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/515982
milestone: '17.9'
group: group::pipeline authoring
type: gitlab_com_derisk
default_enabled: false

9
config/feature_flags/ops/graphql_minimal_auth_methods.yml
View File

@ -1,9 +0,0 @@
---
name: graphql_minimal_auth_methods
feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/438462
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/150407
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/444929
milestone: '17.0'
group: group::authentication
type: ops
default_enabled: true

2
config/sidekiq_queues.yml
View File

@ -881,6 +881,8 @@
- 2
- - security_scans_purge_by_job_id
- 1
- - security_sync_pipeline_execution_policy_metadata
- 1
- - security_sync_policy
- 1
- - security_sync_policy_event

2
db/docs/batched_background_migrations/project_bot_user_details_bot_namespace_migration.yml
View File

@ -5,4 +5,4 @@ feature_category: system_access
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/171326
milestone: '17.6'
queued_migration_version: 20241031160728
finalized_by: # version of the migration that finalized this BBM
finalized_by: 20250121193138

6
db/docs/board_assignees.yml
View File

@ -8,6 +8,8 @@ description: Used by issue boards to filter issues by assignee as part of the de
scope
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/2912
milestone: '10.2'
gitlab_schema: gitlab_main
sharding_key_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/514603
gitlab_schema: gitlab_main_cell
sharding_key:
group_id: namespaces
project_id: projects
table_size: small

15
db/docs/requirements_management_test_reports.yml
View File

@ -8,6 +8,17 @@ description: Information related to Test Reports, which relate historical test o
to Requirements
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/31643
milestone: '13.0'
gitlab_schema: gitlab_main
sharding_key_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/465553
gitlab_schema: gitlab_main_cell
allow_cross_foreign_keys:
- gitlab_main_clusterwide
desired_sharding_key:
project_id:
references: projects
backfill_via:
parent:
foreign_key: issue_id
table: issues
sharding_key: project_id
belongs_to: requirement_issue
table_size: small

10
db/migrate/20250123194127_add_board_assignees_sharding_key.rb Normal file
View File

@ -0,0 +1,10 @@
# frozen_string_literal: true
class AddBoardAssigneesShardingKey < Gitlab::Database::Migration[2.2]
milestone '17.9'
def change
add_column :board_assignees, :group_id, :bigint
add_column :board_assignees, :project_id, :bigint
end
end

23
db/post_migrate/20250121193138_finalize_project_bot_user_details_bot_namespace_migration.rb Normal file
View File

@ -0,0 +1,23 @@
# frozen_string_literal: true
class FinalizeProjectBotUserDetailsBotNamespaceMigration < Gitlab::Database::Migration[2.2]
milestone '17.9'
disable_ddl_transaction!
restrict_gitlab_migration gitlab_schema: :gitlab_main_clusterwide
def up
ensure_batched_background_migration_is_finished(
job_class_name: "ProjectBotUserDetailsBotNamespaceMigration",
table_name: :users,
column_name: :id,
job_arguments: [],
finalize: true
)
end
def down
# no-op
end
end

33
db/post_migrate/20250123195300_backfill_sharding_key_on_board_assignees.rb Normal file
View File

@ -0,0 +1,33 @@
# frozen_string_literal: true
class BackfillShardingKeyOnBoardAssignees < Gitlab::Database::Migration[2.2]
BATCH_SIZE = 100
disable_ddl_transaction!
restrict_gitlab_migration gitlab_schema: :gitlab_main
milestone '17.9'
def up
each_batch(:board_assignees, of: BATCH_SIZE) do |batch|
connection.execute(
<<~SQL
UPDATE
"board_assignees"
SET
"group_id" = "boards"."group_id",
"project_id" = "boards"."project_id"
FROM
"boards"
WHERE
"board_assignees"."board_id" = "boards"."id"
AND "board_assignees"."id" IN (#{batch.select(:id).to_sql})
SQL
)
end
end
def down
# no-op
end
end

16
db/post_migrate/20250123195400_add_board_assignees_project_id_index.rb Normal file
View File

@ -0,0 +1,16 @@
# frozen_string_literal: true
class AddBoardAssigneesProjectIdIndex < Gitlab::Database::Migration[2.2]
INDEX_NAME = 'index_board_assignees_on_project_id'
disable_ddl_transaction!
milestone '17.9'
def up
add_concurrent_index :board_assignees, :project_id, name: INDEX_NAME
end
def down
remove_concurrent_index :board_assignees, :project_id, name: INDEX_NAME
end
end

16
db/post_migrate/20250123195500_add_board_assignees_group_id_index.rb Normal file
View File

@ -0,0 +1,16 @@
# frozen_string_literal: true
class AddBoardAssigneesGroupIdIndex < Gitlab::Database::Migration[2.2]
INDEX_NAME = 'index_board_assignees_on_group_id'
disable_ddl_transaction!
milestone '17.9'
def up
add_concurrent_index :board_assignees, :group_id, name: INDEX_NAME
end
def down
remove_concurrent_index :board_assignees, :group_id, name: INDEX_NAME
end
end

14
db/post_migrate/20250123201951_add_board_assignees_sharding_key_not_null_constraint.rb Normal file
View File

@ -0,0 +1,14 @@
# frozen_string_literal: true
class AddBoardAssigneesShardingKeyNotNullConstraint < Gitlab::Database::Migration[2.2]
disable_ddl_transaction!
milestone '17.9'
def up
add_multi_column_not_null_constraint(:board_assignees, :group_id, :project_id)
end
def down
remove_multi_column_not_null_constraint(:board_assignees, :group_id, :project_id)
end
end

20
db/post_migrate/20250123202635_add_board_assignees_group_id_fk.rb Normal file
View File

@ -0,0 +1,20 @@
# frozen_string_literal: true
class AddBoardAssigneesGroupIdFk < Gitlab::Database::Migration[2.2]
disable_ddl_transaction!
milestone '17.9'
def up
add_concurrent_foreign_key :board_assignees,
:namespaces,
column: :group_id,
target_column: :id,
reverse_lock_order: true
end
def down
with_lock_retries do
remove_foreign_key_if_exists :board_assignees, column: :group_id
end
end
end

20
db/post_migrate/20250123202841_add_board_assignees_project_id_fk.rb Normal file
View File

@ -0,0 +1,20 @@
# frozen_string_literal: true
class AddBoardAssigneesProjectIdFk < Gitlab::Database::Migration[2.2]
disable_ddl_transaction!
milestone '17.9'
def up
add_concurrent_foreign_key :board_assignees,
:projects,
column: :project_id,
target_column: :id,
reverse_lock_order: true
end
def down
with_lock_retries do
remove_foreign_key_if_exists :board_assignees, column: :project_id
end
end
end

1
db/schema_migrations/20250121193138 Normal file
View File

@ -0,0 +1 @@
3dda1880ee20b8d7c9a02db6c5fd1a34e70fa62e249aab236b1f2b11ead04282

1
db/schema_migrations/20250123194127 Normal file
View File

@ -0,0 +1 @@
dd61b7388f7b41ec30ae87eb30f900c717e440affbb0a843a817453759c893ff

1
db/schema_migrations/20250123195300 Normal file
View File

@ -0,0 +1 @@
19b415bfd61c7f2d64f71e129490c2283c93bac7d295879e7dc4b451b7a04ed0

1
db/schema_migrations/20250123195400 Normal file
View File

@ -0,0 +1 @@
bb55a393c82125013ebaaf13e91a51daaa4a4ff2aad015f97383d33fbe1db3a4

1
db/schema_migrations/20250123195500 Normal file
View File

@ -0,0 +1 @@
9820c0c7b88c3454ad3482f0af37f83c28e795618f0172cff6533c49ac17b7ee

1
db/schema_migrations/20250123201951 Normal file
View File

@ -0,0 +1 @@
13ac6fc0f2cbee82eb4fda9b27c9c92a47abde9fc8512b1d3a9ec2d8e2e813d7

1
db/schema_migrations/20250123202635 Normal file
View File

@ -0,0 +1 @@
8aa07ff2b7917401b35fe69967c19444e49f2858af9ea390e8b1475b426adb5c

1
db/schema_migrations/20250123202841 Normal file
View File

@ -0,0 +1 @@
1d22128d9daaf82a9ab7144e8a2b71724bc3c75bcbe5c46adce1b6373c561770

15
db/structure.sql
View File

@ -9037,7 +9037,10 @@ ALTER SEQUENCE batched_background_migrations_id_seq OWNED BY batched_background_
CREATE TABLE board_assignees (
id bigint NOT NULL,
board_id bigint NOT NULL,
assignee_id bigint NOT NULL
assignee_id bigint NOT NULL,
group_id bigint,
project_id bigint,
CONSTRAINT check_b56ef26337 CHECK ((num_nonnulls(group_id, project_id) = 1))
);
CREATE SEQUENCE board_assignees_id_seq
@ -31018,6 +31021,10 @@ CREATE INDEX index_board_assignees_on_assignee_id ON board_assignees USING btree
CREATE UNIQUE INDEX index_board_assignees_on_board_id_and_assignee_id ON board_assignees USING btree (board_id, assignee_id);
CREATE INDEX index_board_assignees_on_group_id ON board_assignees USING btree (group_id);
CREATE INDEX index_board_assignees_on_project_id ON board_assignees USING btree (project_id);
CREATE INDEX index_board_group_recent_visits_on_board_id ON board_group_recent_visits USING btree (board_id);
CREATE INDEX index_board_group_recent_visits_on_group_id ON board_group_recent_visits USING btree (group_id);
@ -37901,6 +37908,9 @@ ALTER TABLE ONLY deployment_approvals
ALTER TABLE ONLY project_pages_metadata
ADD CONSTRAINT fk_0fd5b22688 FOREIGN KEY (pages_deployment_id) REFERENCES pages_deployments(id) ON DELETE SET NULL;
ALTER TABLE ONLY board_assignees
ADD CONSTRAINT fk_105c1d6d08 FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE;
ALTER TABLE ONLY audit_events_streaming_event_type_filters
ADD CONSTRAINT fk_107946dffb FOREIGN KEY (group_id) REFERENCES namespaces(id) ON DELETE CASCADE;
@ -38354,6 +38364,9 @@ ALTER TABLE ONLY approval_group_rules_protected_branches
ALTER TABLE ONLY project_compliance_standards_adherence
ADD CONSTRAINT fk_4fd1d9d9b0 FOREIGN KEY (namespace_id) REFERENCES namespaces(id) ON DELETE SET NULL;
ALTER TABLE ONLY board_assignees
ADD CONSTRAINT fk_50159bc755 FOREIGN KEY (group_id) REFERENCES namespaces(id) ON DELETE CASCADE;
ALTER TABLE ONLY approval_group_rules_groups
ADD CONSTRAINT fk_50edc8134e FOREIGN KEY (group_id) REFERENCES namespaces(id) ON DELETE CASCADE;

4
doc/.vale/gitlab_base/Substitutions.yml
View File

@ -61,8 +61,8 @@ swap:
reporter permission: the Reporter role
reporter permissions: the Reporter role
rubocop: RuboCop
self hosted GitLab: GitLab self-managed # https://docs.gitlab.com/ee/development/documentation/styleguide/word_list.html#gitlab-self-managed
self-hosted GitLab: GitLab self-managed # https://docs.gitlab.com/ee/development/documentation/styleguide/word_list.html#gitlab-self-managed
self hosted GitLab: GitLab Self-Managed # https://docs.gitlab.com/ee/development/documentation/styleguide/word_list.html#gitlab-self-managed
self-hosted GitLab: GitLab Self-Managed # https://docs.gitlab.com/ee/development/documentation/styleguide/word_list.html#gitlab-self-managed
styleguide: style guide
the administrator access level: administrator access
to login: to log in

2
doc/administration/admin_area.md
View File

@ -167,7 +167,7 @@ DETAILS:
**Tier:** Premium, Ultimate
**Offering:** GitLab Self-Managed, GitLab Dedicated
An administrator can export user permissions for all users in the GitLab instance from the **Admin** area's Users page.
An administrator can export user permissions for all active users in the GitLab instance from the **Admin** area's Users page.
The export lists direct membership the users have in groups and projects.
The export process exports the first 100,000 users, and includes this data:

15
doc/administration/self_hosted_models/supported_llm_serving_platforms.md
View File

@ -31,18 +31,12 @@ For more information on:
- vLLM supported models, see the [vLLM Supported Models documentation](https://docs.vllm.ai/en/latest/models/supported_models.html).
- Available options when using vLLM to run a model, see the [vLLM documentation on engine arguments](https://docs.vllm.ai/en/stable/usage/engine_args.html).
- The hardware needed for the models, see the [Supported models and Hardware requirements documentation](supported_llm_serving_platforms.md).
Examples:
#### Mistral-7B-Instruct-v0.2
Mistral-7B-Instruct-v0.3 requires at least:
- 55GB of disk memory for storage
- 35 GB of GPU vRAM for serving.
With a `a2-highgpu-2g` machine on GCP or equivalent (2x Nvidia A100 40GB - 150 GB vRAM), the model is expected to infer requests at the rate of 250 tokens per second.
1. Download the model from HuggingFace:
```shell
@ -63,13 +57,6 @@ With a `a2-highgpu-2g` machine on GCP or equivalent (2x Nvidia A100 40GB - 150 G
#### Mixtral-8x7B-Instruct-v0.1
Mistral-7B-Instruct-v0.3 requires at least:
- 355 GB of disk memory for storage
- 210 GB of GPU vRAM for serving.
You should at least a `a2-highgpu-4g` machine on GCP or equivalent (4x Nvidia A100 40GB - 340 GB vRAM). With this configuration, the model is expected to infer requests at the rate of 25 tokens per second.
1. Download the model from HuggingFace:
```shell

55
doc/administration/self_hosted_models/supported_models_and_hardware_requirements.md
View File

@ -73,12 +73,55 @@ The following hardware specifications are the minimum requirements for running s
### GPU requirements by model size
| Model size | Minimum GPU configuration | Minimum VRAM required |
|------------|------------------------------|---------------------|
| 7B models<br>(for example, Mistral 7B) | 1x NVIDIA A100 (40GB) | 24 GB |
| 22B models<br>(for example, Codestral 22B) | 2x NVIDIA A100 (80GB) | 90 GB |
| Mixtral 8x7B | 2x NVIDIA A100 (80GB) | 100 GB |
| Mixtral 8x22B | 8x NVIDIA A100 (80GB) | 300 GB |
| Model size | Minimum GPU configuration | Minimum VRAM required |
|--------------------------------------------|---------------------------|-----------------------|
| 7B models<br>(for example, Mistral 7B) | 1x NVIDIA A100 (40GB) | 35 GB |
| 22B models<br>(for example, Codestral 22B) | 2x NVIDIA A100 (80GB) | 110 GB |
| Mixtral 8x7B | 2x NVIDIA A100 (80GB) | 220 GB |
| Mixtral 8x22B | 8x NVIDIA A100 (80GB) | 526 GB |
Use [Hugging Face's memory utility](https://huggingface.co/spaces/hf-accelerate/model-memory-usage) to verify memory requirements.
### Response time by model size and GPU
#### Small machine
With a `a2-highgpu-2g` (2x Nvidia A100 40 GB - 150 GB vRAM) or equivalent:
| Model name | Number of requests | Average time per request (sec) | Average tokens in response | Average tokens per second per request | Total time for requests | Total TPS |
|--------------------------|--------------------|------------------------------|----------------------------|---------------------------------------|-------------------------|-----------|
| Mistral-7B-Instruct-v0.3 | 1 | 7.09 | 717.0 | 101.19 | 7.09 | 101.17 |
| Mistral-7B-Instruct-v0.3 | 10 | 8.41 | 764.2 | 90.35 | 13.70 | 557.80 |
| Mistral-7B-Instruct-v0.3 | 100 | 13.97 | 693.23 | 49.17 | 20.81 | 3331.59 |
#### Medium machine
With a `a2-ultragpu-4g` (4x Nvidia A100 40 GB - 340 GB vRAM) machine on GCP or equivalent:
| Model name | Number of requests | Average time per request (sec) | Average tokens in response | Average tokens per second per request | Total time for requests | Total TPS |
|----------------------------|--------------------|------------------------------|----------------------------|---------------------------------------|-------------------------|-----------|
| Mistral-7B-Instruct-v0.3 | 1 | 3.80 | 499.0 | 131.25 | 3.80 | 131.23 |
| Mistral-7B-Instruct-v0.3 | 10 | 6.00 | 740.6 | 122.85 | 8.19 | 904.22 |
| Mistral-7B-Instruct-v0.3 | 100 | 11.71 | 695.71 | 59.06 | 15.54 | 4477.34 |
| Mixtral-8x7B-Instruct-v0.1 | 1 | 6.50 | 400.0 | 61.55 | 6.50 | 61.53 |
| Mixtral-8x7B-Instruct-v0.1 | 10 | 16.58 | 768.9 | 40.33 | 32.56 | 236.13 |
| Mixtral-8x7B-Instruct-v0.1 | 100 | 25.90 | 767.38 | 26.87 | 55.57 | 1380.68 |
#### Large machine
With a `a2-ultragpu-8g` (8 x NVIDIA A100 80 GB - 1360 GB vRAM) machine on GCP or equivalent:
| Model name | Number of requests | Average time per request (sec) | Average tokens in response | Average tokens per second per request | Total time for requests (sec) | Total TPS |
|-----------------------------|--------------------|------------------------------|----------------------------|---------------------------------------|-----------------------------|-----------|
| Mistral-7B-Instruct-v0.3 | 1 | 3.23 | 479.0 | 148.41 | 3.22 | 148.36 |
| Mistral-7B-Instruct-v0.3 | 10 | 4.95 | 678.3 | 135.98 | 6.85 | 989.11 |
| Mistral-7B-Instruct-v0.3 | 100 | 10.14 | 713.27 | 69.63 | 13.96 | 5108.75 |
| Mixtral-8x7B-Instruct-v0.1 | 1 | 6.08 | 709.0 | 116.69 | 6.07 | 116.64 |
| Mixtral-8x7B-Instruct-v0.1 | 10 | 9.95 | 645.0 | 63.68 | 13.40 | 481.06 |
| Mixtral-8x7B-Instruct-v0.1 | 100 | 13.83 | 585.01 | 41.80 | 20.38 | 2869.12 |
| Mixtral-8x22B-Instruct-v0.1 | 1 | 14.39 | 828.0 | 57.56 | 14.38 | 57.55 |
| Mixtral-8x22B-Instruct-v0.1 | 10 | 20.57 | 629.7 | 30.24 | 28.02 | 224.71 |
| Mixtral-8x22B-Instruct-v0.1 | 100 | 27.58 | 592.49 | 21.34 | 36.80 | 1609.85 |
### AI Gateway Hardware Requirements

2
doc/api/alert_management_alerts.md
View File

@ -11,7 +11,7 @@ DETAILS:
**Offering:** GitLab.com, GitLab Self-Managed, GitLab Dedicated
The Alert Management alerts API is limited to metric images. For more API endpoints, see the
[GraphQL API](graphql/reference/index.md#alertmanagementalert).
[GraphQL API](graphql/reference/_index.md#alertmanagementalert).
## Upload metric image

2
doc/api/dora/metrics.md
View File

@ -10,7 +10,7 @@ DETAILS:
**Tier:** Ultimate
**Offering:** GitLab.com, GitLab Self-Managed, GitLab Dedicated
You can also retrieve [DORA metrics](../../user/analytics/dora_metrics.md) with the [GraphQL API](../../api/graphql/reference/index.md).
You can also retrieve [DORA metrics](../../user/analytics/dora_metrics.md) with the [GraphQL API](../../api/graphql/reference/_index.md).
All methods require at least the Reporter role.

2
doc/api/get_started/get_started_extending.md
View File

@ -68,7 +68,7 @@ Then use the API to automate tasks, like creating projects and adding members to
For more information, see:
- [The REST API](../api_resources.md)
- [The GraphQL API](../graphql/reference/index.md)
- [The GraphQL API](../graphql/reference/_index.md)
## Step 4: Use the GitLab CLI

2
doc/api/graphql/assign_gitlab_duo_seats.md
View File

@ -89,5 +89,5 @@ You can use [GraphiQL](https://gitlab.com/-/graphql-explorer) to assign seats to
## Related topics
- [GraphQL API Resources](reference/index.md)
- [GraphQL API Resources](reference/_index.md)
- [GraphQL specific entities, like fragments and interfaces](https://graphql.org/learn/)

2
doc/api/graphql/audit_report.md
View File

@ -113,5 +113,5 @@ the output includes:
## Related topics
- [GraphQL API reference](reference/index.md)
- [GraphQL API reference](reference/_index.md)
- [GraphQL-specific entities, like fragments and interfaces](https://graphql.org/learn/)

2
doc/api/graphql/branch_rules.md
View File

@ -134,4 +134,4 @@ Instead of requesting access, it may be easier for you to run the query in the
## Related topics
- [GraphQL API reference](reference/index.md)
- [GraphQL API reference](reference/_index.md)

2
doc/api/graphql/custom_emoji.md
View File

@ -72,5 +72,5 @@ You can use GraphiQL to query the emoji for a group.
## Related topics
- [GraphQL API reference](reference/index.md)
- [GraphQL API reference](reference/_index.md)
- [GraphQL-specific entities, like fragments and interfaces](https://graphql.org/learn/)

8
doc/api/graphql/epic_work_items_api_migration_guide.md
View File

@ -12,7 +12,7 @@ DETAILS:
**Status:** Beta
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/9290) in GitLab 17.2 [with a flag](../../administration/feature_flags.md) named `work_item_epics`. Disabled by default. Your administrator must have [enabled the new look for epics](../../user/group/epics/epic_work_items.md). This feature is in [beta](../../policy/development_stages_support.md#beta).
> - Listing epics using the [GraphQL API](reference/index.md) [introduced](https://gitlab.com/groups/gitlab-org/-/epics/12852) in GitLab 17.4.
> - Listing epics using the [GraphQL API](reference/_index.md) [introduced](https://gitlab.com/groups/gitlab-org/-/epics/12852) in GitLab 17.4.
> - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/470685) in GitLab 17.6.
> - [Enabled by default on GitLab Self-Managed and GitLab Dedicated](https://gitlab.com/gitlab-org/gitlab/-/issues/468310) in GitLab 17.7.
@ -20,7 +20,7 @@ In GitLab 17.2, we introduced [epics as work items](../../user/group/epics/epic_
To ensure that your integrations continue working:
- If you use the [Epic GraphQL API](reference/index.md#epic), migrate to the Work Item API before GitLab 18.0, when the Epic GraphQL API is removed.
- If you use the [Epic GraphQL API](reference/_index.md#epic), migrate to the Work Item API before GitLab 18.0, when the Epic GraphQL API is removed.
- If you use the [REST API](../epics.md), you can continue using it, but you should migrate to future-proof your integrations.
- For new features (such as assignees, health status, linked items with other types), you must
use the `WorkItem` GraphQL API.
@ -45,7 +45,7 @@ The `WorkItem` GraphQL API:
- Will be [generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/500620) before GitLab 18.0
- Is planned to exit [experimental status](https://gitlab.com/gitlab-org/gitlab/-/issues/500620) before GitLab 18.0.
The [Epic GraphQL API](reference/index.md#epic) is planned for removal in GitLab 18.0.
The [Epic GraphQL API](reference/_index.md#epic) is planned for removal in GitLab 18.0.
## Migrate to the Work Item API
@ -277,7 +277,7 @@ The following example demonstrates how to query an epic's:
- Health status
- Start and due dates
For all available widgets, see [Work Item widget reference](reference/index.md#workitemwidget).
For all available widgets, see [Work Item widget reference](reference/_index.md#workitemwidget).
To query epics with widgets:

2
doc/api/graphql/getting_started.md
View File

@ -106,7 +106,7 @@ In the GitLab GraphQL API, `id` refers to a
which is an object identifier in the format of `"gid://gitlab/Issue/123"`.
For more information, see [Global IDs](index.md#global-ids).
[GitLab GraphQL Schema](reference/index.md) outlines which objects and fields are
[GitLab GraphQL Schema](reference/_index.md) outlines which objects and fields are
available for clients to query and their corresponding data types.
Example: Get only the names of all the projects the currently authenticated user can

11
doc/api/graphql/index.md
View File

@ -24,7 +24,7 @@ The GraphQL API is [versionless](https://graphql.org/learn/best-practices/#versi
If you're new to the GitLab GraphQL API, see [Get started with GitLab GraphQL API](getting_started.md).
You can view the available resources in the [GraphQL API reference](reference/index.md).
You can view the available resources in the [GraphQL API reference](reference/_index.md).
The GitLab GraphQL API endpoint is located at `/api/graphql`.
@ -66,9 +66,6 @@ If the authentication information is not valid, GitLab returns an error message
#### Token authentication
> - Authentication method restrictions [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/150407) in GitLab 17.0 [with a flag](../../administration/feature_flags.md) named `graphql_minimal_auth_methods` and backported to GitLab 17.0.3 and GitLab 16.11.5. Disabled by default in 17.0.
> - Flag enabled by default in 17.0.3 and 16.11.5, therefore restrictions are enforced in these versions and later.
Use any of the following tokens to authenticate with the GraphQL API:
- [OAuth 2.0 tokens](../../api/oauth2.md)
@ -190,7 +187,7 @@ You should not expect that a cached Global ID will be valid beyond the time of a
## Available top-level queries
The top-level entry points for all queries are defined in the [`Query` type](reference/index.md#query-type) in the
The top-level entry points for all queries are defined in the [`Query` type](reference/_index.md#query-type) in the
GraphQL reference.
### Multiplex queries
@ -218,7 +215,7 @@ For GitLab Self-Managed, [downgrading](../../downgrade_ee_to_ce/index.md) from a
### Breaking change exemptions
Schema items labeled as experiments in the [GraphQL API reference](reference/index.md)
Schema items labeled as experiments in the [GraphQL API reference](reference/_index.md)
are exempt from the deprecation process. These items can be removed or changed at any
time without notice.
@ -252,7 +249,7 @@ removed entirely during the next `XX.0` major release.
Items are marked as deprecated in:
- The [schema](https://spec.graphql.org/October2021/#sec--deprecated).
- The [GraphQL API reference](reference/index.md).
- The [GraphQL API reference](reference/_index.md).
- The [deprecation feature removal schedule](../../update/deprecations.md), which is linked from release posts.
- Introspection queries of the GraphQL API.

47
doc/api/graphql/reference/index.md → doc/api/graphql/reference/_index.md
View File

@ -2,6 +2,7 @@
stage: Foundations
group: Import and Integrate
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
title: GraphQL API resources
---
<!--
@ -14,8 +15,6 @@ info: To determine the technical writer assigned to the Stage/Group associated w
or check the `compile_docs` task in `lib/tasks/gitlab/graphql.rake`.
-->
# GraphQL API resources
This documentation is self-generated based on GitLab current GraphQL schema.
The API can be explored using the [interactive GraphQL explorer](../index.md#interactive-graphql-explorer). Developers can also [generate a machine-readable GraphQL schema in IDL and JSON formats](../../../development/rake_tasks.md#update-machine-readable-schema-files).
@ -13175,6 +13174,29 @@ The edge type for [`CiJob`](#cijob).
| <a id="cijobedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. |
| <a id="cijobedgenode"></a>`node` | [`CiJob`](#cijob) | The item at the end of the edge. |
#### `CiJobTokenAccessibleProjectConnection`
The connection type for [`CiJobTokenAccessibleProject`](#cijobtokenaccessibleproject).
##### Fields
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="cijobtokenaccessibleprojectconnectionedges"></a>`edges` | [`[CiJobTokenAccessibleProjectEdge]`](#cijobtokenaccessibleprojectedge) | A list of edges. |
| <a id="cijobtokenaccessibleprojectconnectionnodes"></a>`nodes` | [`[CiJobTokenAccessibleProject]`](#cijobtokenaccessibleproject) | A list of nodes. |
| <a id="cijobtokenaccessibleprojectconnectionpageinfo"></a>`pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. |
#### `CiJobTokenAccessibleProjectEdge`
The edge type for [`CiJobTokenAccessibleProject`](#cijobtokenaccessibleproject).
##### Fields
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="cijobtokenaccessibleprojectedgecursor"></a>`cursor` | [`String!`](#string) | A cursor for use in pagination. |
| <a id="cijobtokenaccessibleprojectedgenode"></a>`node` | [`CiJobTokenAccessibleProject`](#cijobtokenaccessibleproject) | The item at the end of the edge. |
#### `CiJobTokenAuthLogConnection`
The connection type for [`CiJobTokenAuthLog`](#cijobtokenauthlog).
@ -21236,6 +21258,21 @@ CI/CD variables for a GitLab instance.
| <a id="cijobartifactname"></a>`name` | [`String`](#string) | File name of the artifact. |
| <a id="cijobartifactsize"></a>`size` | [`BigInt!`](#bigint) | Size of the artifact in bytes. |
### `CiJobTokenAccessibleProject`
Project that can access the current project by authenticating with a CI/CD job token.
#### Fields
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="cijobtokenaccessibleprojectavatarurl"></a>`avatarUrl` | [`String`](#string) | URL to avatar image file of the project. |
| <a id="cijobtokenaccessibleprojectfullpath"></a>`fullPath` | [`ID!`](#id) | Full path of the project. |
| <a id="cijobtokenaccessibleprojectid"></a>`id` | [`ID!`](#id) | ID of the project. |
| <a id="cijobtokenaccessibleprojectname"></a>`name` | [`String!`](#string) | Name of the project (without namespace). |
| <a id="cijobtokenaccessibleprojectpath"></a>`path` | [`String!`](#string) | Path of the project. |
| <a id="cijobtokenaccessibleprojectweburl"></a>`webUrl` | [`String`](#string) | Web URL of the project. |
### `CiJobTokenAuthLog`
#### Fields
@ -21243,7 +21280,7 @@ CI/CD variables for a GitLab instance.
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="cijobtokenauthloglastauthorizedat"></a>`lastAuthorizedAt` **{warning-solid}** | [`Time!`](#time) | **Introduced** in GitLab 17.6. **Status**: Experiment. Last authorization date time. |
| <a id="cijobtokenauthlogoriginproject"></a>`originProject` **{warning-solid}** | [`Project!`](#project) | **Introduced** in GitLab 17.6. **Status**: Experiment. Origin project. |
| <a id="cijobtokenauthlogoriginproject"></a>`originProject` **{warning-solid}** | [`CiJobTokenAccessibleProject!`](#cijobtokenaccessibleproject) | **Introduced** in GitLab 17.6. **Status**: Experiment. Origin project. |
### `CiJobTokenScopeAllowlist`
@ -21280,7 +21317,7 @@ Represents an allowlist entry for the CI_JOB_TOKEN.
| <a id="cijobtokenscopetypegroupallowlistautopopulatedids"></a>`groupAllowlistAutopopulatedIds` | [`[GroupID!]!`](#groupid) | List of IDs of groups which have been created by the autopopulation process. |
| <a id="cijobtokenscopetypegroupsallowlist"></a>`groupsAllowlist` | [`GroupConnection!`](#groupconnection) | Allowlist of groups that can access the current project by authenticating with a CI/CD job token. (see [Connections](#connections)) |
| <a id="cijobtokenscopetypegroupsallowlistcount"></a>`groupsAllowlistCount` | [`Int!`](#int) | Count of groups that can access the current project by authenticating with a CI/CD job token. The count does not include subgroups. |
| <a id="cijobtokenscopetypeinboundallowlist"></a>`inboundAllowlist` | [`ProjectConnection!`](#projectconnection) | Allowlist of projects that can access the current project by authenticating with a CI/CD job token. (see [Connections](#connections)) |
| <a id="cijobtokenscopetypeinboundallowlist"></a>`inboundAllowlist` | [`CiJobTokenAccessibleProjectConnection!`](#cijobtokenaccessibleprojectconnection) | Allowlist of projects that can access the current project by authenticating with a CI/CD job token. (see [Connections](#connections)) |
| <a id="cijobtokenscopetypeinboundallowlistautopopulatedids"></a>`inboundAllowlistAutopopulatedIds` | [`[ProjectID!]!`](#projectid) | List of IDs of projects which have been created by the autopopulation process. |
| <a id="cijobtokenscopetypeinboundallowlistcount"></a>`inboundAllowlistCount` | [`Int!`](#int) | Count of projects that can access the current project by authenticating with a CI/CD job token. The count does not include nested projects. |
| <a id="cijobtokenscopetypeoutboundallowlist"></a>`outboundAllowlist` | [`ProjectConnection!`](#projectconnection) | Allow list of projects that are accessible using the current project's CI Job tokens. (see [Connections](#connections)) |
@ -44112,8 +44149,8 @@ Represents an object that is the target of a CI_JOB_TOKEN allowlist entry.
One of:
- [`CiJobTokenAccessibleProject`](#cijobtokenaccessibleproject)
- [`Group`](#group)
- [`Project`](#project)
#### `CiRunnerCloudProvisioning`

2
doc/api/graphql/sample_issue_boards.md
View File

@ -55,4 +55,4 @@ https://gitlab.com/gitlab-org/gitlab-docs/-/boards/105011
## Related topics
- [GraphQL API reference](reference/index.md)
- [GraphQL API reference](reference/_index.md)

2
doc/api/graphql/users_example.md
View File

@ -103,5 +103,5 @@ the output includes:
## Related topics
- [GraphQL API reference](reference/index.md)
- [GraphQL API reference](reference/_index.md)
- [GraphQL-specific entities, like fragments and interfaces](https://graphql.org/learn/)

2
doc/api/group_import_export.md
View File

@ -94,7 +94,7 @@ returns either:
## Import a file
The maximum import file size can be set by the Administrator on self-managed instances (default is `0` (unlimited)).
The maximum import file size can be set by the Administrator on GitLab Self-Managed (default is `0` (unlimited)).
As an administrator, you can modify the maximum import file size either:
- In the [**Admin** area](../administration/settings/import_and_export_settings.md).

2
doc/api/group_service_accounts.md
View File

@ -14,7 +14,7 @@ Use this API to interact with service accounts for your groups. For more informa
Prerequisites:
- You must have administrator access to the self-managed instance, or have the Owner role for the GitLab.com group.
- You must have administrator access to the instance, or have the Owner role for the GitLab.com group.
## List all service account users

12
doc/api/groups.md
View File

@ -1276,8 +1276,8 @@ Parameters:
| `two_factor_grace_period` | integer | no | Time before Two-factor authentication is enforced (in hours). |
| `visibility` | string | no | The group's visibility. Can be `private`, `internal`, or `public`. |
| `membership_lock` | boolean | no | Users cannot be added to projects in this group. Premium and Ultimate only. |
| `extra_shared_runners_minutes_limit` | integer | no | Can be set by administrators only. Additional compute minutes for this group. Self-managed, Premium and Ultimate only. |
| `shared_runners_minutes_limit` | integer | no | Can be set by administrators only. Maximum number of monthly compute minutes for this group. Can be `nil` (default; inherit system default), `0` (unlimited), or `> 0`. Self-managed, Premium and Ultimate only. |
| `extra_shared_runners_minutes_limit` | integer | no | Can be set by administrators only. Additional compute minutes for this group. GitLab Self-Managed, Premium and Ultimate only. |
| `shared_runners_minutes_limit` | integer | no | Can be set by administrators only. Maximum number of monthly compute minutes for this group. Can be `nil` (default; inherit system default), `0` (unlimited), or `> 0`. GitLab Self-Managed, Premium and Ultimate only. |
| `wiki_access_level` | string | no | The wiki access level. Can be `disabled`, `private`, or `enabled`. Premium and Ultimate only. |
| `duo_availability` | string | no | Duo availability setting. Valid values are: `default_on`, `default_off`, `never_on`. Note: In the UI, `never_on` is displayed as "Always Off". |
| `experiment_features_enabled` | boolean | no | Enable experiment features for this group. |
@ -1378,11 +1378,11 @@ PUT /groups/:id
| `subgroup_creation_level` | string | no | Allowed to [create subgroups](../user/group/subgroups/index.md#create-a-subgroup). Can be `owner` (Owners), or `maintainer` (users with the Maintainer role). |
| `two_factor_grace_period` | integer | no | Time before Two-factor authentication is enforced (in hours). |
| `visibility` | string | no | The visibility level of the group. Can be `private`, `internal`, or `public`. |
| `extra_shared_runners_minutes_limit` | integer | no | Can be set by administrators only. Additional compute minutes for this group. Self-managed, Premium and Ultimate only. |
| `extra_shared_runners_minutes_limit` | integer | no | Can be set by administrators only. Additional compute minutes for this group. GitLab Self-Managed, Premium and Ultimate only. |
| `file_template_project_id` | integer | no | The ID of a project to load custom file templates from. Premium and Ultimate only. |
| `membership_lock` | boolean | no | Users cannot be added to projects in this group. Premium and Ultimate only. |
| `prevent_forking_outside_group` | boolean | no | When enabled, users can **not** fork projects from this group to external namespaces. Premium and Ultimate only. |
| `shared_runners_minutes_limit` | integer | no | Can be set by administrators only. Maximum number of monthly compute minutes for this group. Can be `nil` (default; inherit system default), `0` (unlimited), or `> 0`. Self-managed, Premium and Ultimate only. |
| `shared_runners_minutes_limit` | integer | no | Can be set by administrators only. Maximum number of monthly compute minutes for this group. Can be `nil` (default; inherit system default), `0` (unlimited), or `> 0`. GitLab Self-Managed, Premium and Ultimate only. |
| `unique_project_download_limit` | integer | no | Maximum number of unique projects a user can download in the specified time period before they are banned. Available only on top-level groups. Default: 0, Maximum: 10,000. Ultimate only. |
| `unique_project_download_limit_interval_in_seconds` | integer | no | Time period during which a user can download a maximum amount of projects before they are banned. Available only on top-level groups. Default: 0, Maximum: 864,000 seconds (10 days). Ultimate only. |
| `unique_project_download_limit_allowlist` | array of strings | no | List of usernames excluded from the unique project download limit. Available only on top-level groups. Default: `[]`, Maximum: 100 usernames. Ultimate only. |
@ -1395,8 +1395,8 @@ PUT /groups/:id
| `experiment_features_enabled` | boolean | no | Enable experiment features for this group. |
| `math_rendering_limits_enabled` | boolean | no | Indicates if math rendering limits are used for this group. |
| `lock_math_rendering_limits_enabled` | boolean | no | Indicates if math rendering limits are locked for all descendent groups. |
| `duo_features_enabled` | boolean | no | Indicates whether GitLab Duo features are enabled for this group. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144931) in GitLab 16.10. Self-managed, Premium and Ultimate only. |
| `lock_duo_features_enabled` | boolean | no | Indicates whether the GitLab Duo features enabled setting is enforced for all subgroups. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144931) in GitLab 16.10. Self-managed, Premium and Ultimate only. |
| `duo_features_enabled` | boolean | no | Indicates whether GitLab Duo features are enabled for this group. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144931) in GitLab 16.10. GitLab Self-Managed, Premium and Ultimate only. |
| `lock_duo_features_enabled` | boolean | no | Indicates whether the GitLab Duo features enabled setting is enforced for all subgroups. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144931) in GitLab 16.10. GitLab Self-Managed, Premium and Ultimate only. |
| `max_artifacts_size` | integer | No | The maximum file size in megabytes for individual job artifacts. |
NOTE:

2
doc/api/member_roles.md
View File

@ -27,7 +27,7 @@ DETAILS:
> - Allow to create and remove an instance-wide custom role on GitLab Self-Managed [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/141562) in GitLab 16.9.
> - [Admin security testing introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/176628) in GitLab 17.9 [with a flag](../administration/feature_flags.md) named `custom_ability_admin_security_testing`. Disabled by default.
Use this API to interact with member roles for your GitLab.com groups or entire self-managed instance.
Use this API to interact with member roles for your GitLab.com groups or entire GitLab Self-Managed instance.
## Manage instance member roles

2
doc/api/merge_request_approvals.md
View File

@ -1391,7 +1391,7 @@ Supported attributes:
| Attribute | Type | Required | Description |
|---------------------|-------------------|----------|-------------|
| `id` | integer or string | Yes | The ID or [URL-encoded path of a project](rest/index.md#namespaced-paths). |
| `approval_password` | string | No | Current user's password. Required if [**Require user re-authentication to approve**](../user/project/merge_requests/approvals/settings.md#require-user-re-authentication-to-approve) is enabled in the project settings. Always fails if the group or self-managed instance is configured to force SAML authentication. |
| `approval_password` | string | No | Current user's password. Required if [**Require user re-authentication to approve**](../user/project/merge_requests/approvals/settings.md#require-user-re-authentication-to-approve) is enabled in the project settings. Always fails if the group or GitLab Self-Managed instance is configured to force SAML authentication. |
| `merge_request_iid` | integer | Yes | The IID of the merge request. |
| `sha` | string | No | The `HEAD` of the merge request. |

2
doc/api/project_vulnerabilities.md
View File

@ -20,7 +20,7 @@ WARNING:
This API is in the process of being deprecated and considered unstable.
The response payload may be subject to change or breakage
across GitLab releases. Use the
[GraphQL API](graphql/reference/index.md#queryvulnerabilities)
[GraphQL API](graphql/reference/_index.md#queryvulnerabilities)
instead.
Every API call to vulnerabilities must be [authenticated](rest/authentication.md).

2
doc/api/rest/authentication.md
View File

@ -23,7 +23,7 @@ You can authenticate with the GitLab REST API in several ways:
Project access tokens are supported by:
- Self-managed: Free, Premium, and Ultimate.
- GitLab Self-Managed: Free, Premium, and Ultimate.
- GitLab.com: Premium and Ultimate.
If you are an administrator, you or your application can authenticate as a specific user, using

2
doc/api/rest/index.md
View File

@ -292,7 +292,7 @@ curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab
```
NOTE:
There is a [max offset allowed limit](../../administration/instance_limits.md#max-offset-allowed-by-the-rest-api-for-offset-based-pagination) for offset pagination. You can change the limit in self-managed instances.
There is a [max offset allowed limit](../../administration/instance_limits.md#max-offset-allowed-by-the-rest-api-for-offset-based-pagination) for offset pagination. You can change the limit in GitLab Self-Managed instances.
#### Pagination `Link` header

16
doc/api/runners.md
View File

@ -90,7 +90,7 @@ The `ip_address` attribute in the response was deprecated
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
[`CiRunnerManager` type](graphql/reference/_index.md#cirunnermanager).
Example response:
@ -173,7 +173,7 @@ The `ip_address` attribute in the response was deprecated
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
[`CiRunnerManager` type](graphql/reference/_index.md#cirunnermanager).
Example response:
@ -269,7 +269,7 @@ The `ip_address` attribute in the response was deprecated
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
[`CiRunnerManager` type](graphql/reference/_index.md#cirunnermanager).
NOTE:
The `version`, `revision`, `platform`, and `architecture` attributes in the response were deprecated
@ -277,7 +277,7 @@ The `version`, `revision`, `platform`, and `architecture` attributes in the resp
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
These attributes will start returning an empty string in GitLab 18.0.
The same attributes can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
[`CiRunnerManager` type](graphql/reference/_index.md#cirunnermanager).
Example response:
@ -364,7 +364,7 @@ The `ip_address` attribute in the response was deprecated
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
[`CiRunnerManager` type](graphql/reference/_index.md#cirunnermanager).
Example response:
@ -630,7 +630,7 @@ The `ip_address` attribute in the response was deprecated
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
[`CiRunnerManager` type](graphql/reference/_index.md#cirunnermanager).
Example response:
@ -693,7 +693,7 @@ The `ip_address` attribute in the response was deprecated
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
[`CiRunnerManager` type](graphql/reference/_index.md#cirunnermanager).
Example response:
@ -779,7 +779,7 @@ The `ip_address` attribute in the response was deprecated
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
[`CiRunnerManager` type](graphql/reference/_index.md#cirunnermanager).
Example response:

36
doc/api/settings.md
View File

@ -459,9 +459,9 @@ to configure other related settings. These requirements are
| `default_projects_limit` | integer | no | Project limit per user. Default is `100000`. |
| `default_snippet_visibility` | string | no | What visibility level new snippets receive. Can take `private`, `internal` and `public` as a parameter. Default is `private`. |
| `default_syntax_highlighting_theme` | integer | no | Default syntax highlighting theme for users who are new or not signed in. See [IDs of available themes](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/themes.rb#L16). |
| `default_project_deletion_protection` | boolean | no | Enable default project deletion protection so only administrators can delete projects. Default is `false`. Self-managed, Premium and Ultimate only. |
| `delete_unconfirmed_users` | boolean | no | Specifies whether users who have not confirmed their email should be deleted. Default is `false`. When set to `true`, unconfirmed users are deleted after `unconfirmed_users_delete_after_days` days. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. Self-managed, Premium and Ultimate only. |
| `deletion_adjourned_period` | integer | no | Number of days to wait before deleting a project or group that is marked for deletion. Value must be between `1` and `90`. Defaults to `7`. Self-managed, Premium and Ultimate only. |
| `default_project_deletion_protection` | boolean | no | Enable default project deletion protection so only administrators can delete projects. Default is `false`. GitLab Self-Managed, Premium and Ultimate only. |
| `delete_unconfirmed_users` | boolean | no | Specifies whether users who have not confirmed their email should be deleted. Default is `false`. When set to `true`, unconfirmed users are deleted after `unconfirmed_users_delete_after_days` days. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. GitLab Self-Managed, Premium and Ultimate only. |
| `deletion_adjourned_period` | integer | no | Number of days to wait before deleting a project or group that is marked for deletion. Value must be between `1` and `90`. Defaults to `7`. GitLab Self-Managed, Premium and Ultimate only. |
| `diagramsnet_enabled` | boolean | no | (If enabled, requires `diagramsnet_url`) Enable [Diagrams.net integration](../administration/integration/diagrams_net.md). Default is `true`. |
| `diagramsnet_url` | string | required by: `diagramsnet_enabled` | The Diagrams.net instance URL for integration. |
| `diff_max_patch_bytes` | integer | no | Maximum [diff patch size](../administration/diff_limits.md), in bytes. |
@ -469,7 +469,7 @@ to configure other related settings. These requirements are
| `diff_max_lines` | integer | no | Maximum [lines in a diff](../administration/diff_limits.md). |
| `disable_admin_oauth_scopes` | boolean | no | Stops administrators from connecting their GitLab accounts to non-trusted OAuth 2.0 applications that have the `api`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, or `sudo` scopes. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375043) in GitLab 15.6. |
| `disable_feed_token` | boolean | no | Disable display of RSS/Atom and calendar feed tokens. |
| `disable_personal_access_tokens` | boolean | no | Disable personal access tokens. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384201) in GitLab 15.7. Self-managed, Premium and Ultimate only. There is no method available to enable a personal access token that's been disabled through the API. This is a [known issue](https://gitlab.com/gitlab-org/gitlab/-/issues/399233). For more information about available workarounds, see [Workaround](https://gitlab.com/gitlab-org/gitlab/-/issues/399233#workaround). |
| `disable_personal_access_tokens` | boolean | no | Disable personal access tokens. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384201) in GitLab 15.7. GitLab Self-Managed, Premium and Ultimate only. There is no method available to enable a personal access token that's been disabled through the API. This is a [known issue](https://gitlab.com/gitlab-org/gitlab/-/issues/399233). For more information about available workarounds, see [Workaround](https://gitlab.com/gitlab-org/gitlab/-/issues/399233#workaround). |
| `disabled_oauth_sign_in_sources` | array of strings | no | Disabled OAuth sign-in sources. |
| `dns_rebinding_protection_enabled` | boolean | no | Enforce DNS-rebinding attack protection. |
| `domain_denylist_enabled` | boolean | no | (**If enabled, requires:** `domain_denylist`) Allows blocking sign-ups from emails from specific domains. |
@ -528,8 +528,8 @@ to configure other related settings. These requirements are
| `file_template_project_id` | integer | no | The ID of a project to load custom file templates from. Premium and Ultimate only. |
| `first_day_of_week` | integer | no | Start day of the week for calendar views and date pickers. Valid values are `0` (default) for Sunday, `1` for Monday, and `6` for Saturday. |
| `globally_allowed_ips` | string | no | Comma-separated list of IP addresses and CIDRs always allowed for inbound traffic. For example, `1.1.1.1, 2.2.2.0/24`. |
| `geo_node_allowed_ips` | string | yes | Comma-separated list of IPs and CIDRs of allowed secondary nodes. For example, `1.1.1.1, 2.2.2.0/24`. Self-managed, Premium and Ultimate only. |
| `geo_status_timeout` | integer | no | The amount of seconds after which a request to get a secondary node status times out. Self-managed, Premium and Ultimate only. |
| `geo_node_allowed_ips` | string | yes | Comma-separated list of IPs and CIDRs of allowed secondary nodes. For example, `1.1.1.1, 2.2.2.0/24`. GitLab Self-Managed, Premium and Ultimate only. |
| `geo_status_timeout` | integer | no | The amount of seconds after which a request to get a secondary node status times out. GitLab Self-Managed, Premium and Ultimate only. |
| `git_two_factor_session_expiry` | integer | no | Maximum duration (in minutes) of a session for Git operations when 2FA is enabled. Premium and Ultimate only. |
| `gitaly_timeout_default` | integer | no | Default Gitaly timeout, in seconds. This timeout is not enforced for Git fetch/push operations or Sidekiq jobs. Set to `0` to disable timeouts. |
| `gitaly_timeout_fast` | integer | no | Gitaly fast operation timeout, in seconds. Some Gitaly operations are expected to be fast. If they exceed this threshold, there may be a problem with a storage shard and 'failing fast' can help maintain the stability of the GitLab instance. Set to `0` to disable timeouts. |
@ -540,7 +540,7 @@ to configure other related settings. These requirements are
| `grafana_enabled` | boolean | no | Enable Grafana. |
| `grafana_url` | string | no | Grafana URL. |
| `gravatar_enabled` | boolean | no | Enable Gravatar. |
| `group_owners_can_manage_default_branch_protection` | boolean | no | Prevent overrides of default branch protection. Self-managed, Premium and Ultimate only.|
| `group_owners_can_manage_default_branch_protection` | boolean | no | Prevent overrides of default branch protection. GitLab Self-Managed, Premium and Ultimate only.|
| `hashed_storage_enabled` | boolean | no | Create new projects using hashed storage paths: Enable immutable, hash-based paths and repository names to store repositories on disk. This prevents repositories from having to be moved or renamed when the Project URL changes and may improve disk I/O performance. (Always enabled in GitLab versions 13.0 and later, configuration is scheduled for removal in 14.0) |
| `help_page_hide_commercial_content` | boolean | no | Hide marketing-related entries from help. |
| `help_page_support_url` | string | no | Alternate support URL for help page and help dropdown list. |
@ -574,17 +574,17 @@ to configure other related settings. These requirements are
| `max_import_remote_file_size` | integer | no | Maximum remote file size for imports from external object storages. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384976) in GitLab 16.3. |
| `max_login_attempts` | integer | no | Maximum number of sign-in attempts before locking out the user. |
| `max_pages_size` | integer | no | Maximum size of pages repositories in MB. |
| `max_personal_access_token_lifetime` | integer | no | Maximum allowable lifetime for access tokens in days. When left blank, default value of 365 is applied. When set, value must be 365 or less. When changed, existing access tokens with an expiration date beyond the maximum allowable lifetime are revoked. Self-managed, Ultimate only. In GitLab 17.6 or later, the maximum lifetime limit can be [extended to 400 days](https://gitlab.com/gitlab-org/gitlab/-/issues/461901) by enabling a [feature flag](../administration/feature_flags.md) named `buffered_token_expiration_limit`.|
| `max_ssh_key_lifetime` | integer | no | Maximum allowable lifetime for SSH keys in days. Self-managed, Ultimate only. In GitLab 17.6 or later, the maximum lifetime limit can be [extended to 400 days](https://gitlab.com/gitlab-org/gitlab/-/issues/461901) by enabling a [feature flag](../administration/feature_flags.md) named `buffered_token_expiration_limit`.|
| `max_personal_access_token_lifetime` | integer | no | Maximum allowable lifetime for access tokens in days. When left blank, default value of 365 is applied. When set, value must be 365 or less. When changed, existing access tokens with an expiration date beyond the maximum allowable lifetime are revoked. GitLab Self-Managed, Ultimate only. In GitLab 17.6 or later, the maximum lifetime limit can be [extended to 400 days](https://gitlab.com/gitlab-org/gitlab/-/issues/461901) by enabling a [feature flag](../administration/feature_flags.md) named `buffered_token_expiration_limit`.|
| `max_ssh_key_lifetime` | integer | no | Maximum allowable lifetime for SSH keys in days. GitLab Self-Managed, Ultimate only. In GitLab 17.6 or later, the maximum lifetime limit can be [extended to 400 days](https://gitlab.com/gitlab-org/gitlab/-/issues/461901) by enabling a [feature flag](../administration/feature_flags.md) named `buffered_token_expiration_limit`.|
| `max_terraform_state_size_bytes` | integer | no | Maximum size in bytes of the [Terraform state](../administration/terraform_state.md) files. Set this to 0 for unlimited file size. |
| `metrics_method_call_threshold` | integer | no | A method call is only tracked when it takes longer than the given amount of milliseconds. |
| `max_number_of_repository_downloads` | integer | no | Maximum number of unique repositories a user can download in the specified time period before they are banned. Default: 0, Maximum: 10,000 repositories. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. Self-managed, Ultimate only. |
| `max_number_of_repository_downloads_within_time_period` | integer | no | Reporting time period (in seconds). Default: 0, Maximum: 864000 seconds (10 days). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. Self-managed, Ultimate only. |
| `max_number_of_repository_downloads` | integer | no | Maximum number of unique repositories a user can download in the specified time period before they are banned. Default: 0, Maximum: 10,000 repositories. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. GitLab Self-Managed, Ultimate only. |
| `max_number_of_repository_downloads_within_time_period` | integer | no | Reporting time period (in seconds). Default: 0, Maximum: 864000 seconds (10 days). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. GitLab Self-Managed, Ultimate only. |
| `max_yaml_depth` | integer | no | The maximum depth of nested CI/CD configuration added with the [`include` keyword](../ci/yaml/index.md#include). Default: `100`. |
| `max_yaml_size_bytes` | integer | no | The maximum size in bytes of a single CI/CD configuration file. Default: `2097152`. |
| `git_rate_limit_users_allowlist` | array of strings | no | List of usernames excluded from Git anti-abuse rate limits. Default: `[]`, Maximum: 100 usernames. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90815) in GitLab 15.2. Self-managed, Ultimate only. |
| `git_rate_limit_users_alertlist` | array of integers | no | List of user IDs that are emailed when the Git abuse rate limit is exceeded. Default: `[]`, Maximum: 100 user IDs. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110201) in GitLab 15.9. Self-managed, Ultimate only. |
| `auto_ban_user_on_excessive_projects_download` | boolean | no | When enabled, users will get automatically banned from the application when they download more than the maximum number of unique projects in the time period specified by `max_number_of_repository_downloads` and `max_number_of_repository_downloads_within_time_period` respectively. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/94153) in GitLab 15.4. Self-managed, Ultimate only. |
| `git_rate_limit_users_allowlist` | array of strings | no | List of usernames excluded from Git anti-abuse rate limits. Default: `[]`, Maximum: 100 usernames. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90815) in GitLab 15.2. GitLab Self-Managed, Ultimate only. |
| `git_rate_limit_users_alertlist` | array of integers | no | List of user IDs that are emailed when the Git abuse rate limit is exceeded. Default: `[]`, Maximum: 100 user IDs. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110201) in GitLab 15.9. GitLab Self-Managed, Ultimate only. |
| `auto_ban_user_on_excessive_projects_download` | boolean | no | When enabled, users will get automatically banned from the application when they download more than the maximum number of unique projects in the time period specified by `max_number_of_repository_downloads` and `max_number_of_repository_downloads_within_time_period` respectively. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/94153) in GitLab 15.4. GitLab Self-Managed, Ultimate only. |
| `mirror_available` | boolean | no | Allow repository mirroring to configured by project Maintainers. If disabled, only Administrators can configure repository mirroring. |
| `mirror_capacity_threshold` | integer | no | Minimum capacity to be available before scheduling more mirrors preemptively. Premium and Ultimate only. |
| `mirror_max_capacity` | integer | no | Maximum number of mirrors that can be synchronizing at the same time. Premium and Ultimate only. |
@ -594,7 +594,7 @@ to configure other related settings. These requirements are
| `pypi_package_requests_forwarding` | boolean | no | Use pypi.org as a default remote repository when the package is not found in the GitLab Package Registry for PyPI. Premium and Ultimate only. |
| `outbound_local_requests_whitelist` | array of strings | no | Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for webhooks and integrations are disabled. |
| `package_registry_allow_anyone_to_pull_option` | boolean | no | Enable to [allow anyone to pull from Package Registry](../user/packages/package_registry/index.md#allow-anyone-to-pull-from-package-registry) visible and changeable. |
| `package_metadata_purl_types` | array of integers | no | List of [package registry metadata to sync](../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync). See [the list](https://gitlab.com/gitlab-org/gitlab/-/blob/ace16c20d5da7c4928dd03fb139692638b557fe3/app/models/concerns/enums/package_metadata.rb#L5) of the available values. Self-managed, Ultimate only. |
| `package_metadata_purl_types` | array of integers | no | List of [package registry metadata to sync](../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync). See [the list](https://gitlab.com/gitlab-org/gitlab/-/blob/ace16c20d5da7c4928dd03fb139692638b557fe3/app/models/concerns/enums/package_metadata.rb#L5) of the available values. GitLab Self-Managed, Ultimate only. |
| `pages_domain_verification_enabled` | boolean | no | Require users to prove ownership of custom domains. Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. |
| `password_authentication_enabled_for_git` | boolean | no | Enable authentication for Git over HTTP(S) via a GitLab account password. Default is `true`. |
| `password_authentication_enabled_for_web` | boolean | no | Enable authentication for the web interface via a GitLab account password. Default is `true`. |
@ -708,7 +708,7 @@ to configure other related settings. These requirements are
| `throttle_unauthenticated_web_requests_per_period` | integer | required by:<br>`throttle_unauthenticated_web_enabled` | Max requests per period per IP. |
| `time_tracking_limit_to_hours` | boolean | no | Limit display of time tracking units to hours. Default is `false`. |
| `two_factor_grace_period` | integer | required by: `require_two_factor_authentication` | Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication. |
| `unconfirmed_users_delete_after_days` | integer | no | Specifies how many days after sign-up to delete users who have not confirmed their email. Only applicable if `delete_unconfirmed_users` is set to `true`. Must be `1` or greater. Default is `7`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. Self-managed, Premium and Ultimate only. |
| `unconfirmed_users_delete_after_days` | integer | no | Specifies how many days after sign-up to delete users who have not confirmed their email. Only applicable if `delete_unconfirmed_users` is set to `true`. Must be `1` or greater. Default is `7`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. GitLab Self-Managed, Premium and Ultimate only. |
| `unique_ips_limit_enabled` | boolean | no | (**If enabled, requires:** `unique_ips_limit_per_user` and `unique_ips_limit_time_window`) Limit sign in from multiple IPs. |
| `unique_ips_limit_per_user` | integer | required by: `unique_ips_limit_enabled` | Maximum number of IPs per user. |
| `unique_ips_limit_time_window` | integer | required by: `unique_ips_limit_enabled` | How many seconds an IP is counted towards the limit. |
@ -729,8 +729,8 @@ to configure other related settings. These requirements are
| `bulk_import_concurrent_pipeline_batch_limit` | integer | no | Maximum simultaneous direct transfer batch exports to process. |
| `concurrent_relation_batch_export_limit` | integer | no | Maximum number of simultaneous batch export jobs to process. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169122) in GitLab 17.6. |
| `asciidoc_max_includes` | integer | no | Maximum limit of AsciiDoc include directives being processed in any one document. Default: 32. Maximum: 64. |
| `duo_features_enabled` | boolean | no | Indicates whether GitLab Duo features are enabled for this instance. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144931) in GitLab 16.10. Self-managed, Premium and Ultimate only. |
| `lock_duo_features_enabled` | boolean | no | Indicates whether the GitLab Duo features enabled setting is enforced for all subgroups. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144931) in GitLab 16.10. Self-managed, Premium and Ultimate only. |
| `duo_features_enabled` | boolean | no | Indicates whether GitLab Duo features are enabled for this instance. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144931) in GitLab 16.10. GitLab Self-Managed, Premium and Ultimate only. |
| `lock_duo_features_enabled` | boolean | no | Indicates whether the GitLab Duo features enabled setting is enforced for all subgroups. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144931) in GitLab 16.10. GitLab Self-Managed, Premium and Ultimate only. |
| `nuget_skip_metadata_url_validation` | boolean | no | Indicates whether to skip metadata URL validation for the NuGet package. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145887) in GitLab 17.0. |
| `require_admin_two_factor_authentication` | boolean | no | Allow administrators to require 2FA for all administrators on the instance. |
| `pre_receive_secret_detection_enabled` | boolean | no | Allow projects to enable secret push protection. This does not enable secret push protection. When you enable this feature, you accept the [GitLab Testing Agreement](https://handbook.gitlab.com/handbook/legal/testing-agreement/). Ultimate only. |

12
doc/api/vulnerabilities.md
View File

@ -26,7 +26,7 @@ WARNING:
This API is in the process of being deprecated and considered unstable.
The response payload may be subject to change or breakage
across GitLab releases. Use the
[GraphQL API](graphql/reference/index.md#queryvulnerabilities) instead. For more information, see [GraphQL examples](#replace-vulnerability-rest-api-with-graphql).
[GraphQL API](graphql/reference/_index.md#queryvulnerabilities) instead. For more information, see [GraphQL examples](#replace-vulnerability-rest-api-with-graphql).
Every API call to vulnerabilities must be [authenticated](rest/authentication.md).
@ -263,7 +263,7 @@ with the GraphQL API.
### GraphQL - Single vulnerability
Use [`Query.vulnerability`](graphql/reference/index.md#queryvulnerability).
Use [`Query.vulnerability`](graphql/reference/_index.md#queryvulnerability).
```graphql
{
@ -319,7 +319,7 @@ Example response:
### GraphQL - Confirm vulnerability
Use [`Mutation.vulnerabilityConfirm`](graphql/reference/index.md#mutationvulnerabilityconfirm).
Use [`Mutation.vulnerabilityConfirm`](graphql/reference/_index.md#mutationvulnerabilityconfirm).
```graphql
mutation {
@ -349,7 +349,7 @@ Example response:
### GraphQL - Resolve vulnerability
Use [`Mutation.vulnerabilityResolve`](graphql/reference/index.md#mutationvulnerabilityresolve).
Use [`Mutation.vulnerabilityResolve`](graphql/reference/_index.md#mutationvulnerabilityresolve).
```graphql
mutation {
@ -379,7 +379,7 @@ Example response:
### GraphQL - Dismiss vulnerability
Use [`Mutation.vulnerabilityDismiss`](graphql/reference/index.md#mutationvulnerabilitydismiss).
Use [`Mutation.vulnerabilityDismiss`](graphql/reference/_index.md#mutationvulnerabilitydismiss).
```graphql
mutation {
@ -409,7 +409,7 @@ Example response:
### GraphQL - Revert vulnerability to detected state
Use [`Mutation.vulnerabilityRevertToDetected`](graphql/reference/index.md#mutationvulnerabilityreverttodetected).
Use [`Mutation.vulnerabilityRevertToDetected`](graphql/reference/_index.md#mutationvulnerabilityreverttodetected).
```graphql
mutation {

6
doc/api/vulnerability_findings.md
View File

@ -26,7 +26,7 @@ WARNING:
This API is in the process of being deprecated and considered unstable.
The response payload may be subject to change or breakage
across GitLab releases. Use the
[GraphQL API](graphql/reference/index.md#queryvulnerabilities) instead. For more information, see [GraphQL examples](../api/vulnerabilities.md#replace-vulnerability-rest-api-with-graphql)
[GraphQL API](graphql/reference/_index.md#queryvulnerabilities) instead. For more information, see [GraphQL examples](../api/vulnerabilities.md#replace-vulnerability-rest-api-with-graphql)
## Vulnerability findings pagination
@ -139,7 +139,7 @@ with the GraphQL API.
### GraphQL - Project vulnerability findings
Use [`Pipeline.securityReportFindings`](graphql/reference/index.md#pipelinesecurityreportfindings).
Use [`Pipeline.securityReportFindings`](graphql/reference/_index.md#pipelinesecurityreportfindings).
```graphql
query VulnerabilityFindings {
@ -174,7 +174,7 @@ query VulnerabilityFindings {
vulnerableMethod
blobPath
}
... on VulnerabilityLocationContainerScanning {
dependency {
package {

2
doc/ci/components/index.md
View File

@ -611,7 +611,7 @@ To set the project as a catalog project:
The project only becomes findable in the catalog after you publish a new release.
To use automation to enable this setting, you can use the [`mutationcatalogresourcescreate`](../../api/graphql/reference/index.md#mutationcatalogresourcescreate)
To use automation to enable this setting, you can use the [`mutationcatalogresourcescreate`](../../api/graphql/reference/_index.md#mutationcatalogresourcescreate)
GraphQL endpoint. [Issue 463043](https://gitlab.com/gitlab-org/gitlab/-/issues/463043)
proposes to expose this in the REST API as well.

4
doc/ci/jobs/ci_job_token.md
View File

@ -128,7 +128,7 @@ To add a group or project to the allowlist:
1. Select **Add group or project**.
1. Input the path to the group or project to add to the allowlist, and select **Add**.
You can also add a group or project to the allowlist [with the API](../../api/graphql/reference/index.md#mutationcijobtokenscopeaddgrouporproject).
You can also add a group or project to the allowlist [with the API](../../api/graphql/reference/_index.md#mutationcijobtokenscopeaddgrouporproject).
### Limit job token scope for public or internal projects
@ -186,7 +186,7 @@ To disable the job token scope allowlist:
1. Toggle **Authorized groups and projects** to disabled.
Enabled by default in new projects.
You can also enable and disable the setting with the [GraphQL](../../api/graphql/reference/index.md#mutationprojectcicdsettingsupdate) (`inboundJobTokenScopeEnabled`) and [REST](../../api/project_job_token_scopes.md#patch-a-projects-cicd-job-token-access-settings) API.
You can also enable and disable the setting with the [GraphQL](../../api/graphql/reference/_index.md#mutationprojectcicdsettingsupdate) (`inboundJobTokenScopeEnabled`) and [REST](../../api/project_job_token_scopes.md#patch-a-projects-cicd-job-token-access-settings) API.
### Allow Git push requests to your project repository

4
doc/development/api_graphql_styleguide.md
View File

@ -1073,7 +1073,7 @@ field :closed_at, Types::TimeType, description: 'Timestamp of when the issue was
You can view descriptions of fields and arguments in:
- The [GraphiQL explorer](#graphiql).
- The [static GraphQL API reference](../api/graphql/reference/index.md).
- The [static GraphQL API reference](../api/graphql/reference/_index.md).
### Description style guide
@ -2554,7 +2554,7 @@ More about complexity:
## Documentation and schema
Our schema is located at `app/graphql/gitlab_schema.rb`.
See the [schema reference](../api/graphql/reference/index.md) for details.
See the [schema reference](../api/graphql/reference/_index.md) for details.
This generated GraphQL documentation needs to be updated when the schema changes.
For information on generating GraphQL documentation and schema files, see

2
doc/development/documentation/graphql_styleguide.md
View File

@ -8,7 +8,7 @@ description: "Writing styles, markup, formatting, and other standards for GraphQ
# Creating a GraphQL example page
GraphQL APIs are different from [RESTful APIs](restful_api_styleguide.md). Reference
information is generated in our [GraphQL API resources](../../api/graphql/reference/index.md) page.
information is generated in our [GraphQL API resources](../../api/graphql/reference/_index.md) page.
However, it's helpful to include examples for how to use GraphQL for different
use cases, with samples that readers can use directly in the GraphQL explorer, called

2
doc/development/documentation/site_architecture/automation.md
View File

@ -46,7 +46,7 @@ that are coded across multiple repositories.
| [GitLab Runner Kubernetes API settings](https://docs.gitlab.com/runner/executors/kubernetes/) | Generated with [mage](https://gitlab.com/gitlab-org/gitlab-runner/-/blob/main/.gitlab/ci/qa.gitlab-ci.yml#L133) | [Runner](https://handbook.gitlab.com/handbook/engineering/development/ops/verify/runner/) |
| [Deprecations and removals by version](../../../update/deprecations.md) | [Update the deprecations and removals documentation](../../deprecation_guidelines/index.md#update-the-deprecations-and-removals-documentation) | |
| [Breaking change windows](../../../update/breaking_windows.md) | [Update the breaking change windows documentation](../../deprecation_guidelines/index.md#update-the-breaking-change-windows-documentation) | |
| [GraphQL API resources](../../../api/graphql/reference/index.md) | [GraphQL API style guide](../../api_graphql_styleguide.md#documentation-and-schema) | [Import and Integrate](https://handbook.gitlab.com/handbook/engineering/development/dev/foundations/import-and-integrate/) |
| [GraphQL API resources](../../../api/graphql/reference/_index.md) | [GraphQL API style guide](../../api_graphql_styleguide.md#documentation-and-schema) | [Import and Integrate](https://handbook.gitlab.com/handbook/engineering/development/dev/foundations/import-and-integrate/) |
| [Audit event types](../../../user/compliance/audit_event_types.md) | [Audit event development guidelines](../../audit_event_guide/index.md) | [Compliance](https://handbook.gitlab.com/handbook/engineering/development/sec/govern/compliance/) |
| [Available custom role permissions](../../../user/custom_roles/abilities.md) | [Generated by Rake task](https://gitlab.com/gitlab-org/gitlab/-/blob/master/tooling/custom_roles/docs/templates/custom_abilities.md.erb) | [Authorization](https://handbook.gitlab.com/handbook/product/categories/#authorization-group)|
| [Application settings analysis](../../cells/application_settings_analysis.md) | [Generated by Ruby script](https://gitlab.com/gitlab-org/gitlab/-/blob/2bb2910c84fad965bde473aa2881d88358b6e96e/scripts/cells/application-settings-analysis.rb#L353) | |

2
doc/development/documentation/testing/index.md
View File

@ -29,7 +29,7 @@ Merge requests containing changes to Markdown (`.md`) files run these CI/CD jobs
A few files are generated from scripts. A CI/CD job fails when either the source code files
or the documentation files are updated without following the correct process:
- `graphql-verify`: Fails when `doc/api/graphql/reference/index.md` is not updated
- `graphql-verify`: Fails when `doc/api/graphql/reference/_index.md` is not updated
with the [update process](../../rake_tasks.md#update-graphql-documentation-and-schema-definitions).
- `docs-lint deprecations-and-removals`: Fails when `doc/update/deprecations.md` is
not updated with the [update process](../../deprecation_guidelines/index.md#update-the-deprecations-and-removals-documentation).

2
doc/development/fe_guide/graphql.md
View File

@ -80,7 +80,7 @@ the GraphQL extension, follow these steps:
Our GraphQL API can be explored via GraphiQL at your instance's
`/-/graphql-explorer` or at [GitLab.com](https://gitlab.com/-/graphql-explorer). Consult the
[GitLab GraphQL API Reference documentation](../../api/graphql/reference/index.md)
[GitLab GraphQL API Reference documentation](../../api/graphql/reference/_index.md)
where needed.
To check all existing queries and mutations, on the right side of GraphiQL, select **Documentation explorer**.

2
doc/development/graphql_guide/monitoring.md
View File

@ -56,7 +56,7 @@ Filter logs by queries that used a particular field:
1. Filter: `json.query_analysis.used_fields`
1. Operator: `is`
1. Value: `Type.myField`, where `Type.myField` is the type name and field name as it
appears in [our GraphQL API resources documentation](../../api/graphql/reference/index.md).
appears in [our GraphQL API resources documentation](../../api/graphql/reference/_index.md).
1. Select **Refresh**.
#### Queries that used a deprecated field

2
doc/development/rake_tasks.md
View File

@ -486,7 +486,7 @@ bundle exec rake gitlab:graphql:compile_docs
In its current state, the Rake task:
- Generates output for GraphQL objects.
- Places the output at `doc/api/graphql/reference/index.md`.
- Places the output at `doc/api/graphql/reference/_index.md`.
This uses some features from `graphql-docs` gem like its schema parser and helper methods.
The docs generator code comes from our side giving us more flexibility, like using Haml templates and generating Markdown files.

2
doc/development/work_items_widgets.md
View File

@ -173,7 +173,7 @@ Since create view is almost identical to detail view, and we wanted to store in
For example , when we initialise the create view , we have a function `setNewWorkItemCache` [in work items cache utils](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/assets/javascripts/work_items/graphql/cache_utils) which is called in both [create view work item modal](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/assets/javascripts/work_items/components/create_work_item_modal.vue) and also [create work item component](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/assets/javascripts/work_items/components/create_work_item.vue)
You can include the create work item view in any vue file depending on usage. If you pass the `workItemType` of the create view , it will only include the applicable work item widgets which are fetched from [work item types query](../api/graphql/reference/index.md#workitemtype) and only showing the ones in [widget definitions](../api/graphql/reference/index.md#workitemwidgetdefinition)
You can include the create work item view in any vue file depending on usage. If you pass the `workItemType` of the create view , it will only include the applicable work item widgets which are fetched from [work item types query](../api/graphql/reference/_index.md#workitemtype) and only showing the ones in [widget definitions](../api/graphql/reference/_index.md#workitemwidgetdefinition)
We have a [local mutation](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/assets/javascripts/work_items/graphql/update_new_work_item.mutation.graphql) to update the work item draft data in create view

2
doc/editor_extensions/jetbrains_ide/setup.md
View File

@ -52,7 +52,7 @@ After you configure the plugin in your IDE, connect it to your GitLab account:
1. On the left sidebar, expand **Tools**, then select **GitLab Duo**.
1. Select an authentication method:
- For GitLab.com, use `OAuth`.
- For self-managed and GitLab Dedicated, use `Personal access token`.
- For GitLab Self-Managed and GitLab Dedicated, use `Personal access token`.
1. Provide the **URL to GitLab instance**. For GitLab.com, use `https://gitlab.com`.
1. For **GitLab Personal Access Token**, paste in the personal access token you created.
The token is not displayed, nor is it accessible to others.

2
doc/editor_extensions/neovim/setup.md
View File

@ -9,7 +9,7 @@ description: "Connect and use GitLab Duo in Neovim."
Prerequisites:
- For both GitLab.com and self-managed, you have GitLab version 16.1 or later.
- For both GitLab.com and GitLab Self-Managed, you have GitLab version 16.1 or later.
While many extension features might work with earlier versions, they are unsupported.
- The GitLab Duo Code Suggestions feature requires GitLab version 16.8 or later.
- You have [Neovim](https://neovim.io/) version 0.9 or later.

2
doc/integration/arkose.md
View File

@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
WARNING:
Arkose Protect is used on GitLab.com and is not supported for GitLab Self-Managed
instances. The following documents the internal requirements for maintaining
Arkose Protect on GitLab.com. While this feature is theoretically usable in self-managed instances, it
Arkose Protect on GitLab.com. While this feature is theoretically usable in GitLab Self-Managed instances, it
is not recommended at the moment.
GitLab integrates [Arkose Protect](https://www.arkoselabs.com/arkose-bot-manager/) to guard against

2
doc/integration/clickhouse.md
View File

@ -25,7 +25,7 @@ To set up ClickHouse as the GitLab data storage:
The most straightforward way to run ClickHouse is with [ClickHouse Cloud](https://console.clickhouse.cloud/).
You can also [run ClickHouse on your own server](https://clickhouse.com/docs/en/install). Refer to the ClickHouse
documentation regarding [recommendations for self-managed instances](https://clickhouse.com/docs/en/install#recommendations-for-self-managed-clickhouse).
documentation regarding [recommendations for GitLab Self-Managed](https://clickhouse.com/docs/en/install#recommendations-for-self-managed-clickhouse).
When you run ClickHouse on a hosted server, various data points might impact the resource consumption, like the number
of builds that run on your instance each month, the selected hardware, the data center choice to host ClickHouse, and more.

Some files were not shown because too many files have changed in this diff Show More