Add latest changes from gitlab-org/gitlab@master

.gitlab/CODEOWNERS

@@ -461,7 +461,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/api/deploy_tokens.md @rdickenson
 /doc/api/deployments.md @rdickenson
 /doc/api/discussions.md @aqualls
-/doc/api/dora/ @fneill
+/doc/api/dora/ @lciutacu
 /doc/api/environments.md @rdickenson
 /doc/api/epic_issues.md @msedlakjakubowski
 /doc/api/epic_links.md @msedlakjakubowski
@@ -484,8 +484,8 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/api/graphql/sample_issue_boards.md @msedlakjakubowski
 /doc/api/graphql/users_example.md @jglassman1
 /doc/api/group_access_tokens.md @jglassman1
-/doc/api/group_activity_analytics.md @fneill
+/doc/api/group_activity_analytics.md @lciutacu
-/doc/api/group_badges.md @fneill
+/doc/api/group_badges.md @lciutacu
 /doc/api/group_boards.md @msedlakjakubowski
 /doc/api/group_clusters.md @phillipwells
 /doc/api/group_import_export.md @eread
@@ -498,7 +498,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/api/group_releases.md @rdickenson
 /doc/api/group_repository_storage_moves.md @ashrafkhamis
 /doc/api/group_wikis.md @ashrafkhamis
-/doc/api/groups.md @fneill
+/doc/api/groups.md @lciutacu
 /doc/api/import.md @eread
 /doc/api/index.md @ashrafkhamis
 /doc/api/instance_clusters.md @phillipwells
@@ -588,7 +588,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/api/templates/gitlab_ci_ymls.md @marcel.amirault
 /doc/api/templates/licenses.md @rdickenson
 /doc/api/todos.md @msedlakjakubowski
-/doc/api/topics.md @fneill
+/doc/api/topics.md @lciutacu
 /doc/api/usage_data.md @claytoncornell
 /doc/api/users.md @jglassman1
 /doc/api/version.md @phillipwells
@@ -718,7 +718,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/development/permissions.md @jglassman1
 /doc/development/policies.md @jglassman1
 /doc/development/product_qualified_lead_guide/ @phillipwells
-/doc/development/project_templates.md @fneill
+/doc/development/project_templates.md @lciutacu
 /doc/development/prometheus_metrics.md @msedlakjakubowski
 /doc/development/real_time.md @msedlakjakubowski
 /doc/development/sec/ @rdickenson
@@ -730,8 +730,8 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/development/testing_guide/ @sselhorn
 /doc/development/testing_guide/contract/ @sselhorn
 /doc/development/testing_guide/end_to_end/ @sselhorn
-/doc/development/value_stream_analytics.md @fneill
+/doc/development/value_stream_analytics.md @lciutacu
-/doc/development/value_stream_analytics/ @fneill
+/doc/development/value_stream_analytics/ @lciutacu
 /doc/development/wikis.md @ashrafkhamis
 /doc/development/work_items.md @msedlakjakubowski
 /doc/development/work_items_widgets.md @msedlakjakubowski
@@ -798,7 +798,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/update/mysql_to_postgresql.md @aqualls
 /doc/update/package/ @axil
 /doc/update/upgrading_postgresql_using_slony.md @aqualls
-/doc/user/admin_area/analytics/ @fneill
+/doc/user/admin_area/analytics/ @lciutacu
 /doc/user/admin_area/broadcast_messages.md @phillipwells
 /doc/user/admin_area/credentials_inventory.md @jglassman1
 /doc/user/admin_area/custom_project_templates.md @eread
@@ -833,10 +833,10 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/user/admin_area/settings/rate_limit_on_notes_creation.md @msedlakjakubowski
 /doc/user/admin_area/settings/rate_limit_on_pipelines_creation.md @marcel.amirault
 /doc/user/admin_area/settings/rate_limit_on_users_api.md @jglassman1
-/doc/user/admin_area/settings/third_party_offers.md @fneill
+/doc/user/admin_area/settings/third_party_offers.md @lciutacu
 /doc/user/admin_area/settings/usage_statistics.md @claytoncornell
 /doc/user/admin_area/settings/visibility_and_access_controls.md @aqualls
-/doc/user/analytics/ @fneill
+/doc/user/analytics/ @lciutacu
 /doc/user/analytics/ci_cd_analytics.md @rdickenson
 /doc/user/application_security/api_fuzzing/ @rdickenson
 /doc/user/application_security/configuration/ @rdickenson
@@ -873,14 +873,14 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/user/discussions/ @aqualls
 /doc/user/feature_flags.md @sselhorn
 /doc/user/free_user_limit.md @phillipwells
-/doc/user/group/ @fneill
+/doc/user/group/ @lciutacu
 /doc/user/group/clusters/ @phillipwells
-/doc/user/group/contribution_analytics/ @fneill
+/doc/user/group/contribution_analytics/ @lciutacu
 /doc/user/group/custom_project_templates.md @eread
-/doc/user/group/devops_adoption/ @fneill
+/doc/user/group/devops_adoption/ @lciutacu
 /doc/user/group/epics/ @msedlakjakubowski
 /doc/user/group/import/ @eread
-/doc/user/group/insights/ @fneill
+/doc/user/group/insights/ @lciutacu
 /doc/user/group/issues_analytics/ @msedlakjakubowski
 /doc/user/group/iterations/ @msedlakjakubowski
 /doc/user/group/planning_hierarchy/ @msedlakjakubowski
@@ -889,8 +889,8 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/user/group/saml_sso/ @jglassman1
 /doc/user/group/settings/group_access_tokens.md @jglassman1
 /doc/user/group/settings/import_export.md @eread
-/doc/user/group/subgroups/ @fneill
+/doc/user/group/subgroups/ @lciutacu
-/doc/user/group/value_stream_analytics/ @fneill
+/doc/user/group/value_stream_analytics/ @lciutacu
 /doc/user/infrastructure/ @phillipwells
 /doc/user/infrastructure/clusters/ @phillipwells
 /doc/user/infrastructure/clusters/connect/ @phillipwells
@@ -900,7 +900,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/user/infrastructure/clusters/manage/management_project_applications/runner.md @sselhorn
 /doc/user/infrastructure/iac/ @phillipwells
 /doc/user/markdown.md @aqualls
-/doc/user/namespace/ @fneill
+/doc/user/namespace/ @lciutacu
 /doc/user/packages/ @claytoncornell
 /doc/user/packages/composer_repository/ @claytoncornell
 /doc/user/packages/conan_repository/ @claytoncornell
@@ -933,8 +933,8 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/user/project/description_templates.md @msedlakjakubowski
 /doc/user/project/import/ @eread
 /doc/user/project/import/jira.md @msedlakjakubowski
-/doc/user/project/index.md @fneill
+/doc/user/project/index.md @lciutacu
-/doc/user/project/insights/ @fneill
+/doc/user/project/insights/ @lciutacu
 /doc/user/project/integrations/ @ashrafkhamis
 /doc/user/project/integrations/prometheus.md @msedlakjakubowski
 /doc/user/project/integrations/prometheus_library/ @msedlakjakubowski
@@ -942,7 +942,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/user/project/issues/ @msedlakjakubowski
 /doc/user/project/issues/csv_import.md @eread
 /doc/user/project/labels.md @msedlakjakubowski
-/doc/user/project/members/ @fneill
+/doc/user/project/members/ @lciutacu
 /doc/user/project/merge_requests/ @aqualls
 /doc/user/project/merge_requests/approvals/ @aqualls
 /doc/user/project/merge_requests/csv_export.md @eread
@@ -969,14 +969,14 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/user/project/requirements/ @msedlakjakubowski
 /doc/user/project/service_desk.md @msedlakjakubowski
 /doc/user/project/settings/import_export.md @eread
-/doc/user/project/settings/index.md @fneill
+/doc/user/project/settings/index.md @lciutacu
 /doc/user/project/settings/project_access_tokens.md @jglassman1
 /doc/user/project/time_tracking.md @msedlakjakubowski
 /doc/user/project/web_ide/ @ashrafkhamis
 /doc/user/project/wiki/ @ashrafkhamis
-/doc/user/project/working_with_projects.md @fneill
+/doc/user/project/working_with_projects.md @lciutacu
-/doc/user/public_access.md @fneill
+/doc/user/public_access.md @lciutacu
-/doc/user/reserved_names.md @fneill
+/doc/user/reserved_names.md @lciutacu
 /doc/user/search/ @ashrafkhamis
 /doc/user/search/global_search/ @ashrafkhamis
 /doc/user/shortcuts.md @ashrafkhamis
@@ -985,7 +985,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab
 /doc/user/tasks.md @msedlakjakubowski
 /doc/user/todos.md @msedlakjakubowski
 /doc/user/usage_quotas.md @fneill
-/doc/user/workspace/ @fneill
+/doc/user/workspace/ @lciutacu
 
 [Authentication and Authorization]
 /app/assets/javascripts/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers

app/controllers/projects/starrers_controller.rb

@@ -11,14 +11,8 @@ class Projects::StarrersController < Projects::ApplicationController
     @starrers = UsersStarProjectsFinder.new(@project, params, current_user: @current_user).execute
     @sort = params[:sort].presence || sort_value_name
     @starrers = @starrers.preload_users.sort_by_attribute(@sort).page(params[:page])
-    @public_count = @project.starrers.with_public_profile.size
+    @public_count = @project.starrers.active.with_public_profile.size
-    @total_count = @project.starrers.size
+    @total_count = @project.starrers.active.size
     @private_count = @total_count - @public_count
   end
-
-  private
-
-  def has_starred_project?(starrers)
-    starrers.first { |starrer| starrer.user_id == current_user.id }
-  end
 end

app/finders/users_star_projects_finder.rb

@@ -12,7 +12,7 @@ class UsersStarProjectsFinder
   end
 
   def execute
-    stars = UsersStarProject.all
+    stars = UsersStarProject.with_active_user
     stars = by_project(stars)
     stars = by_search(stars)
     filter_visible_profiles(stars)

app/models/users_star_project.rb

@@ -12,6 +12,7 @@ class UsersStarProject < ApplicationRecord
 
   alias_attribute :starred_since, :created_at
 
+  scope :with_active_user, -> { joins(:user).merge(User.active) }
   scope :order_user_name_asc, -> { joins(:user).merge(User.order_name_asc) }
   scope :order_user_name_desc, -> { joins(:user).merge(User.order_name_desc) }
   scope :by_project, -> (project) { where(project_id: project.id) }

config/metrics/counts_28d/20220222215951_xmau_plan.yml

@@ -22,6 +22,7 @@ options:
     - users_updating_work_item_dates
     - users_updating_work_item_labels
     - users_updating_work_item_iteration
+    - users_updating_weight_estimate
 data_category: optional
 distribution:
 - ce

config/metrics/counts_28d/20220222215952_xmau_project_management.yml

@@ -22,6 +22,7 @@ options:
     - users_updating_work_item_dates
     - users_updating_work_item_labels
     - users_updating_work_item_iteration
+    - users_updating_weight_estimate
 data_category: optional
 distribution:
 - ce

config/metrics/counts_28d/20220222215955_users_work_items.yml

@@ -22,6 +22,7 @@ options:
     - users_updating_work_item_dates
     - users_updating_work_item_labels
     - users_updating_work_item_iteration
+    - users_updating_weight_estimate
 data_category: optional
 distribution:
 - ce

config/metrics/counts_28d/20220707022802_users_updating_weight_estimate_monthly.yml

@@ -0,0 +1,26 @@
+---
+key_path: redis_hll_counters.work_items.users_updating_weight_estimate_monthly
+name: users_updating_weight_estimate_monthly
+description: Unique users updating a work item's weight estimate
+product_category: team_planning
+product_section: dev
+product_stage: plan
+product_group: project_management
+value_type: number
+status: active
+milestone: "15.2"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91957
+time_frame: 28d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+options:
+  events:
+    - users_updating_weight_estimate
+distribution:
+- ce
+- ee
+tier:
+- premium
+- ultimate

config/metrics/counts_7d/20220222215851_xmau_plan.yml

@@ -22,6 +22,7 @@ options:
     - users_updating_work_item_dates
     - users_updating_work_item_labels
     - users_updating_work_item_iteration
+    - users_updating_weight_estimate
 data_category: optional
 distribution:
 - ce

config/metrics/counts_7d/20220222215852_xmau_project_management.yml

@@ -22,6 +22,7 @@ options:
     - users_updating_work_item_dates
     - users_updating_work_item_labels
     - users_updating_work_item_iteration
+    - users_updating_weight_estimate
 data_category: optional
 distribution:
 - ce

config/metrics/counts_7d/20220222215855_users_work_items.yml

@@ -22,6 +22,7 @@ options:
     - users_updating_work_item_dates
     - users_updating_work_item_labels
     - users_updating_work_item_iteration
+    - users_updating_weight_estimate
 data_category: optional
 distribution:
 - ce

config/metrics/counts_7d/20220707022758_users_updating_weight_estimate_weekly.yml

@@ -0,0 +1,26 @@
+---
+key_path: redis_hll_counters.work_items.users_updating_weight_estimate_weekly
+name: users_updating_weight_estimate_weekly
+description: Unique users updating a work item's weight estimate
+product_category: team_planning
+product_section: dev
+product_stage: plan
+product_group: project_management
+value_type: number
+status: active
+milestone: "15.2"
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91957
+time_frame: 7d
+data_source: redis_hll
+data_category: optional
+instrumentation_class: RedisHLLMetric
+performance_indicator_type: []
+options:
+  events:
+    - users_updating_weight_estimate
+distribution:
+- ce
+- ee
+tier:
+- premium
+- ultimate

doc/development/documentation/styleguide/index.md

@@ -823,7 +823,7 @@ To open either project or group settings:
 
 ```markdown
 1. On the top bar, select **Main menu**, and:
-   - For a project, select ***Projects** and find your project.
+   - For a project, select **Projects** and find your project.
    - For a group, select **Groups** and find your group.
 1. On the left sidebar, select **Settings > CI/CD**.
 1. Expand **General pipelines**.

doc/user/admin_area/settings/continuous_integration.md

@@ -71,7 +71,7 @@ runner settings:
 To view the rendered details:
 
 1. On the top bar, select **Main menu**, and:
-   - For a project, select ***Projects** and find your project.
+   - For a project, select **Projects** and find your project.
    - For a group, select **Groups** and find your group.
 1. On the left sidebar, select **Settings > CI/CD**.
 1. Expand **Runners**.

doc/user/admin_area/settings/deprecated_api_rate_limits.md

@@ -40,10 +40,10 @@ To override the general user and IP rate limits for requests to deprecated API e
 1. Select the checkboxes for the types of rate limits you want to enable:
    - **Unauthenticated API request rate limit**
    - **Authenticated API request rate limit**
-1. _If you enabled unauthenticated API request rate limits:_
+1. If you selected **unauthenticated**:
    1. Select the **Maximum unauthenticated API requests per period per IP**.
    1. Select the **Unauthenticated API rate limit period in seconds**.
-1. _If you enabled authenticated API request rate limits:_
+1. If you selected **authenticated**:
    1. Select the **Maximum authenticated API requests per period per user**.
    1. Select the **Authenticated API rate limit period in seconds**.
 

doc/user/admin_area/settings/files_api_rate_limits.md

@@ -36,10 +36,10 @@ To override the general user and IP rate limits for requests to the Repository f
 1. Select the checkboxes for the types of rate limits you want to enable:
    - **Unauthenticated API request rate limit**
    - **Authenticated API request rate limit**
-1. _If you enabled unauthenticated API request rate limits:_
+1. If you selected **unauthenticated**:
    1. Select the **Max unauthenticated API requests per period per IP**.
    1. Select the **Unauthenticated API rate limit period in seconds**.
-1. _If you enabled authenticated API request rate limits:_
+1. If you selected **authenticated**:
    1. Select the **Max authenticated API requests per period per user**.
    1. Select the **Authenticated API rate limit period in seconds**.
 

doc/user/application_security/dependency_scanning/index.md

@@ -525,7 +525,7 @@ The [Security Scanner Integration](../../../development/integrations/secure.md)
 
 To enable dependency scanning for GitLab 11.9 and later, you must
 [include](../../../ci/yaml/index.md#includetemplate) the
-[`Dependency-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml)
+[`Dependency-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml)
 that is provided as a part of your GitLab installation.
 For GitLab versions earlier than 11.9, you can copy and use the job as defined
 that template.
@@ -534,7 +534,7 @@ Add the following to your `.gitlab-ci.yml` file:
 
 ```yaml
 include:
-  - template: Security/Dependency-Scanning.gitlab-ci.yml
+  - template: Jobs/Dependency-Scanning.gitlab-ci.yml
 ```
 
 The included template creates dependency scanning jobs in your CI/CD

doc/user/application_security/sast/index.md

@@ -207,14 +207,14 @@ To configure SAST for a project you can:
 ### Configure SAST manually
 
 To enable SAST you must [include](../../../ci/yaml/index.md#includetemplate)
-the [`SAST.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml)
+the [`SAST.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/SAST.gitlab-ci.yml)
 provided as a part of your GitLab installation.
 
 Add the following to your `.gitlab-ci.yml` file:
 
 ```yaml
 include:
-  - template: Security/SAST.gitlab-ci.yml
+  - template: Jobs/SAST.gitlab-ci.yml
 ```
 
 The included template creates SAST jobs in your CI/CD pipeline and scans

doc/user/application_security/secret_detection/index.md

@@ -15,18 +15,18 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 >   `secret_detection_default_branch` and `secret_detection` were consolidated into one job,
 >   `secret_detection`.
 
-People may accidentally commit secrets to
+People may accidentally commit secrets (such as keys, passwords, and API tokens) to remote Git repositories.
-remote Git repositories. Secrets include keys, passwords, API tokens, and other sensitive
-information. Anyone with access to the repository could use the secrets for malicious purposes.
-Exposed secrets are compromised and must be replaced, which can be costly.
 
-To help prevent secrets from being committed to a Git repository, you can use Secret Detection
+Anyone with access to the repository could use the secrets for malicious purposes. Exposed secrets
-to scan your repository for secrets. Scanning is language
+must be considered compromised and be replaced, which can be costly.
-and framework agnostic, but does not support scanning binary files.
 
-Secret Detection uses a specific analyzer containing the
+To help prevent secrets from being committed to a Git repository, you can use Secret Detection to
-[Gitleaks](https://github.com/zricethezav/gitleaks) tool to scan the repository for secrets, in a
+scan your repository for secrets. Scanning is language and framework agnostic, but does not support
-`secret-detection` job. The results are saved as a
+scanning binary files.
+
+Secret Detection uses an analyzer containing the [Gitleaks](https://github.com/zricethezav/gitleaks)
+tool to scan the repository for secrets. Detection occurs in the `secret-detection` job. The results
+are saved as a
 [Secret Detection report artifact](../../../ci/yaml/artifacts_reports.md#artifactsreportssecret_detection)
 that you can later download and analyze. Due to implementation limitations, we always take the
 latest Secret Detection artifact available.
@@ -88,13 +88,13 @@ To enable Secret Detection, either:
 
 ### Enable Secret Detection by including the template
 
-We recommend this method if you have an existing GitLab CI/CD configuration file.
+You should use this method if you have an existing GitLab CI/CD configuration file.
 
 Add the following extract to your `.gitlab-ci.yml` file:
 
 ```yaml
 include:
-  - template: Security/Secret-Detection.gitlab-ci.yml
+  - template: Jobs/Secret-Detection.gitlab-ci.yml
 ```
 
 Pipelines now include a Secret Detection job, and the results are included in the merge request
@@ -122,7 +122,7 @@ widget.
 
 ## Responding to a leaked secret
 
-If the scanner detects a secret we recommend you rotate it immediately. [Purging a file from the repository's history](../../project/repository/reducing_the_repo_size_using_git.md#purge-files-from-repository-history) may not be effective in removing all references to the file. Also, the secret remains in any forks of the repository.
+If the scanner detects a secret you should rotate it immediately. [Purging a file from the repository's history](../../project/repository/reducing_the_repo_size_using_git.md#purge-files-from-repository-history) may not be effective in removing all references to the file. Also, the secret remains in any forks of the repository.
 
 ## Configure scan settings
 
@@ -154,11 +154,13 @@ secret_detection:
     SECRET_DETECTION_HISTORIC_SCAN: "true"
 ```
 
-### Ignoring Secrets
+### Ignore secrets
 
-You might want to add a fake secret to your code base. For instance, you can use a fake secret as an example in your documentation or test suite.
+In some instances, you might want to ignore a secret. For example, you may have a fake secret in an
+example or a test suite. In these instances, you want to ignore the secret, instead of having it
+reported as a vulnerability.
 
-In these cases, Secret Detection can ignore the fake secret and not report it as a vulnerability. To ignore a secret, add `gitleaks:allow` as a comment to the line that contains the secret.
+To ignore a secret, add `gitleaks:allow` as a comment to the line that contains the secret.
 
 For example:
 
@@ -172,7 +174,7 @@ Secret Detection can be customized by defining available CI/CD variables:
 
 | CI/CD variable                    | Default value | Description |
 |-----------------------------------|---------------|-------------|
-| `SECRET_DETECTION_EXCLUDED_PATHS` | ""            | Exclude vulnerabilities from output based on the paths. This is a comma-separated list of patterns. Patterns can be globs (see [`doublestar.Match`](https://pkg.go.dev/github.com/bmatcuk/doublestar/v4@v4.0.2#Match) for supported patterns), or file or folder paths (for example, `doc,spec` ). Parent directories also match patterns. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/225273) in GitLab 13.3. |
+| `SECRET_DETECTION_EXCLUDED_PATHS` | ""            | Exclude vulnerabilities from output based on the paths. The paths are a comma-separated list of patterns. Patterns can be globs (see [`doublestar.Match`](https://pkg.go.dev/github.com/bmatcuk/doublestar/v4@v4.0.2#Match) for supported patterns), or file or folder paths (for example, `doc,spec` ). Parent directories also match patterns. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/225273) in GitLab 13.3. |
 | `SECRET_DETECTION_HISTORIC_SCAN`  | false         | Flag to enable a historic Gitleaks scan. |
 | `SECRET_DETECTION_IMAGE_SUFFIX`   | "" | Suffix added to the image name. If set to `-fips`, `FIPS-enabled` images are used for scan. See [Use FIPS-enabled images](#use-fips-enabled-images) for more details. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/355519) in GitLab 14.10. |
 | `SECRET_DETECTION_LOG_OPTIONS`  | ""         | [`git log`](https://git-scm.com/docs/git-log) options used to define commit ranges. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/350660) in GitLab 15.1.|
@@ -214,7 +216,7 @@ By default, Secret Detection scans only the current state of the Git repository.
 contained in the repository's history are not detected. To address this, Secret Detection can
 scan the Git repository's full history.
 
-We recommend you do a full history scan only once, after enabling Secret Detection. A full history
+You should do a full history scan only once, after enabling Secret Detection. A full history
 can take a long time, especially for larger repositories with lengthy Git histories. After
 completing an initial full history scan, use only standard Secret Detection as part of your
 pipeline.
@@ -349,15 +351,15 @@ In the `secret-detection-ruleset.toml` file, do one of the following:
 
 ## Running Secret Detection in an offline environment **(PREMIUM SELF)**
 
-For self-managed GitLab instances in an environment with limited, restricted, or intermittent access
+An offline environment has limited, restricted, or intermittent access to external resources through
-to external resources through the internet, some configuration changes are required for the Secret
+the internet. For self-managed GitLab instances in such an environment, Secret Detection requires
-Detection job to run successfully. The instructions in this section must be completed together with
+some configuration changes. The instructions in this section must be completed together with the
-the instructions detailed in [offline environments](../offline_deployments/index.md).
+instructions detailed in [offline environments](../offline_deployments/index.md).
 
 ### Configure GitLab Runner
 
 By default, a runner tries to pull Docker images from the GitLab container registry even if a local
-copy is available. We recommend using this default setting, to ensure Docker images remain current.
+copy is available. You should use this default setting, to ensure Docker images remain current.
 However, if no network connectivity is available, you must change the default GitLab Runner
 `pull_policy` variable.
 
@@ -383,7 +385,7 @@ Prerequisites:
    ```
 
    The Secret Detection analyzer's image is [periodically updated](../index.md#vulnerability-scanner-maintenance)
-   so you may need to periodically update the local copy.
+   so you should periodically update the local copy.
 
 1. Set the CI/CD variable `SECURE_ANALYZERS_PREFIX` to the local Docker container registry.
 
@@ -454,14 +456,14 @@ secrets. If the number of commits in a merge request is greater than the value o
 [`GIT_DEPTH` CI/CD variable](../../../ci/runners/configure_runners.md#shallow-cloning), Secret
 Detection [fails to detect secrets](#error-couldnt-run-the-gitleaks-command-exit-status-2).
 
-For example, if a pipeline is triggered from a merge request containing 60 commits and the
+For example, you could have a pipeline triggered from a merge request containing 60 commits and the
-`GIT_DEPTH` variable's value is less than 60, the Secret Detection job fails as the clone is not
+`GIT_DEPTH` variable set to less than 60. In that case the Secret Detection job fails because the
-deep enough to contain all of the relevant commits. To veridy the current value, see
+clone is not deep enough to contain all of the relevant commits. To verify the current value, see
 [pipeline configuration](../../../ci/pipelines/settings.md#limit-the-number-of-changes-fetched-during-clone).
 
-To confirm this as the cause of the error, set the [logging level](#set-the-logging-level) to `debug`, then
+To confirm this as the cause of the error, set the [logging level](#set-the-logging-level) to
-rerun the pipeline. The logs should look similar to the following example. The text "object not
+`debug`, then rerun the pipeline. The logs should look similar to the following example. The text
-found" is a symptom of this error.
+"object not found" is a symptom of this error.
 
 ```plaintext
 ERRO[2020-11-18T18:05:52Z] object not found

lib/gitlab/ci/templates/Bash.gitlab-ci.yml

@@ -41,3 +41,4 @@ deploy1:
   stage: deploy
   script:
     - echo "Do your deploy here"
+  environment: production

lib/gitlab/ci/templates/ThemeKit.gitlab-ci.yml

@@ -8,6 +8,7 @@ stages:
   - deploy:production
 
 staging:
+  environment: staging
   image: python:2
   stage: deploy:staging
   script:
@@ -18,6 +19,7 @@ staging:
       - $CI_DEFAULT_BRANCH == $CI_COMMIT_BRANCH
 
 production:
+  environment: production
   image: python:2
   stage: deploy:production
   script:

lib/gitlab/ci/templates/dotNET.gitlab-ci.yml

@@ -89,3 +89,4 @@ deploy_job:
   dependencies:
     - build_job
     - test_job
+  environment: production

lib/gitlab/usage_data_counters/known_events/work_items.yml

@@ -27,3 +27,11 @@
   redis_slot: users
   aggregation: weekly
   feature_flag: track_work_items_activity
+- name: users_updating_weight_estimate
+  # The event tracks an EE feature.
+  # It's added here so it can be aggregated into the CE/EE 'OR' aggregate metrics.
+  # It will report 0 for CE instances and should not be used with 'AND' aggregators.
+  category: work_items
+  redis_slot: users
+  aggregation: weekly
+  feature_flag: track_work_items_activity

lib/tasks/gitlab/openapi.rake

@@ -9,6 +9,13 @@ end
 
 namespace :gitlab do
   namespace :openapi do
+    task :validate do
+      raise 'This task can only be run in the development environment' unless Rails.env.development?
+
+      success = system('yarn swagger:validate doc/api/openapi/openapi_v2.yaml')
+      abort('Validation of swagger document failed') unless success
+    end
+
     task :generate do
       raise 'This task can only be run in the development environment' unless Rails.env.development?
 
@@ -19,5 +26,7 @@ namespace :gitlab do
 
       File.write("doc/api/openapi/openapi_v2.yaml", yaml_content)
     end
+
+    task generate_and_check: [:generate, :validate]
   end
 end

package.json

@@ -40,6 +40,7 @@
     "storybook:install": "yarn --cwd ./storybook install",
     "storybook:build": "yarn --cwd ./storybook build",
     "storybook:start": "./scripts/frontend/start_storybook.sh",
+    "swagger:validate": "swagger-cli validate",
     "webpack": "NODE_OPTIONS=\"--max-old-space-size=3584\" webpack --config config/webpack.config.js",
     "webpack-vendor": "NODE_OPTIONS=\"--max-old-space-size=3584\" webpack --config config/webpack.vendor.config.js",
     "webpack-prod": "NODE_OPTIONS=\"--max-old-space-size=3584\" NODE_ENV=production webpack --config config/webpack.config.js"
@@ -59,7 +60,7 @@
     "@rails/actioncable": "6.1.4-7",
     "@rails/ujs": "6.1.4-7",
     "@sentry/browser": "5.30.0",
-    "@sourcegraph/code-host-integration": "0.0.60",
+    "@sourcegraph/code-host-integration": "0.0.84",
     "@tiptap/core": "^2.0.0-beta.182",
     "@tiptap/extension-blockquote": "^2.0.0-beta.29",
     "@tiptap/extension-bold": "^2.0.0-beta.28",
@@ -251,6 +252,7 @@
     "purgecss-from-html": "^4.0.3",
     "sass": "^1.49.9",
     "stylelint": "^14.9.1",
+    "swagger-cli": "^4.0.4",
     "timezone-mock": "^1.0.8",
     "webpack-dev-server": "4.11.1",
     "xhr-mock": "^2.5.1",

qa/qa/specs/features/api/1_manage/group_access_token_spec.rb

@@ -2,7 +2,7 @@
 
 module QA
   RSpec.describe 'Manage' do
-    describe 'Group access token' do
+    describe 'Group access token', product_group: :authentication_and_authorization do
       let(:group_access_token) { QA::Resource::GroupAccessToken.fabricate_via_api! }
       let(:api_client) { Runtime::API::Client.new(:gitlab, personal_access_token: group_access_token.token) }
       let(:project) do

qa/qa/specs/features/api/1_manage/project_access_token_spec.rb

@@ -2,7 +2,7 @@
 
 module QA
   RSpec.describe 'Manage' do
-    describe 'Project access token' do
+    describe 'Project access token', product_group: :authentication_and_authorization do
       before(:all) do
         @project_access_token = QA::Resource::ProjectAccessToken.fabricate_via_api! do |pat|
           pat.project = Resource::ReusableProject.fabricate_via_api!

qa/qa/specs/features/api/1_manage/user_access_termination_spec.rb

@@ -2,7 +2,7 @@
 
 module QA
   RSpec.describe 'Manage' do
-    describe 'User', :requires_admin, :reliable do
+    describe 'User', :requires_admin, :reliable, product_group: :authentication_and_authorization do
       before(:all) do
         admin_api_client = Runtime::API::Client.as_admin
 

qa/qa/specs/features/browser_ui/1_manage/group/group_access_token_spec.rb

@@ -2,7 +2,7 @@
 
 module QA
   RSpec.describe 'Manage' do
-    describe 'Group access tokens' do
+    describe 'Group access tokens', product_group: :authentication_and_authorization do
       let(:group_access_token) { QA::Resource::GroupAccessToken.fabricate_via_browser_ui! }
 
       it(

qa/qa/specs/features/browser_ui/1_manage/login/2fa_recovery_spec.rb

@@ -2,7 +2,7 @@
 
 module QA
   RSpec.describe 'Manage', :requires_admin, :skip_live_env, :reliable do
-    describe '2FA' do
+    describe '2FA', product_group: :authentication_and_authorization do
       let(:owner_user) do
         Resource::User.fabricate_via_api! do |usr|
           usr.api_client = admin_api_client

qa/qa/specs/features/browser_ui/1_manage/login/2fa_ssh_recovery_spec.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module QA
-  context 'Manage', :reliable, :requires_admin, :skip_live_env do
+  context 'Manage', :reliable, :requires_admin, :skip_live_env, product_group: :authentication_and_authorization do
     describe '2FA' do
       let!(:user) { Resource::User.fabricate_via_api! }
       let!(:user_api_client) { Runtime::API::Client.new(:gitlab, user: user) }

qa/qa/specs/features/browser_ui/1_manage/login/log_in_spec.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module QA
-  RSpec.describe 'Manage', :smoke, :mobile do
+  RSpec.describe 'Manage', :smoke, :mobile, product_group: :authentication_and_authorization do
     describe 'basic user login' do
       it 'user logs in using basic credentials and logs out', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347880' do
         Flow::Login.sign_in

qa/qa/specs/features/browser_ui/1_manage/login/log_in_with_2fa_spec.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module QA
-  RSpec.describe 'Manage', :requires_admin, :skip_live_env do
+  RSpec.describe 'Manage', :requires_admin, :skip_live_env, product_group: :authentication_and_authorization do
     describe '2FA' do
       let(:admin_api_client) { Runtime::API::Client.as_admin }
       let(:owner_api_client) { Runtime::API::Client.new(:gitlab, user: owner_user) }

qa/qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module QA
-  RSpec.describe 'Manage', :orchestrated, :ldap_no_tls, :ldap_tls do
+  RSpec.describe 'Manage', :orchestrated, :ldap_no_tls, :ldap_tls, product_group: :authentication_and_authorization do
     describe 'LDAP login' do
       it 'user logs into GitLab using LDAP credentials', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347892' do
         Flow::Login.sign_in

qa/qa/specs/features/browser_ui/1_manage/login/log_into_mattermost_via_gitlab_spec.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module QA
-  RSpec.describe 'Manage', :orchestrated, :mattermost do
+  RSpec.describe 'Manage', :orchestrated, :mattermost, product_group: :authentication_and_authorization do
     describe 'Mattermost login' do
       it 'user logs into Mattermost using GitLab OAuth', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347891' do
         Flow::Login.sign_in

qa/qa/specs/features/browser_ui/1_manage/login/login_via_instance_wide_saml_sso_spec.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module QA
-  RSpec.describe 'Manage', :orchestrated, :instance_saml do
+  RSpec.describe 'Manage', :orchestrated, :instance_saml, product_group: :authentication_and_authorization do
     describe 'Instance wide SAML SSO' do
       it(
         'user logs in to gitlab with SAML SSO',

qa/qa/specs/features/browser_ui/1_manage/login/maintain_log_in_mixed_env_spec.rb

@@ -2,7 +2,7 @@
 
 module QA
   RSpec.describe 'Manage', only: { subdomain: %i[staging staging-canary] }, quarantine: { issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/344213', type: :stale } do
-    describe 'basic user' do
+    describe 'basic user', product_group: :authentication_and_authorization do
       it 'remains logged in when redirected from canary to non-canary node', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347626' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
 

qa/qa/specs/features/browser_ui/1_manage/login/register_spec.rb

@@ -13,7 +13,7 @@ module QA
     end
   end
 
-  RSpec.describe 'Manage', :skip_signup_disabled, :requires_admin do
+  RSpec.describe 'Manage', :skip_signup_disabled, :requires_admin, product_group: :authentication_and_authorization do
     describe 'while LDAP is enabled', :orchestrated, :ldap_no_tls, testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347934' do
       before do
         # When LDAP is enabled, a previous test might have created a token for the LDAP 'tanuki' user who is not an admin

qa/qa/specs/features/browser_ui/1_manage/project/project_access_token_spec.rb

@@ -2,7 +2,7 @@
 
 module QA
   RSpec.describe 'Manage' do
-    describe 'Project access tokens', :reliable do
+    describe 'Project access tokens', :reliable, product_group: :authentication_and_authorization do
       let(:project_access_token) { QA::Resource::ProjectAccessToken.fabricate_via_browser_ui! }
 
       it(

qa/qa/specs/features/browser_ui/1_manage/user/impersonation_token_spec.rb

@@ -2,7 +2,7 @@
 
 module QA
   RSpec.describe 'Manage' do
-    describe 'Impersonation tokens', :requires_admin do
+    describe 'Impersonation tokens', :requires_admin, product_group: :authentication_and_authorization do
       let(:admin_api_client) { Runtime::API::Client.as_admin }
 
       let!(:user) do

spec/controllers/projects/starrers_controller_spec.rb

@@ -6,6 +6,7 @@ RSpec.describe Projects::StarrersController do
   let(:user_1) { create(:user, name: 'John') }
   let(:user_2) { create(:user, name: 'Michael') }
   let(:private_user) { create(:user, name: 'Michael Douglas', private_profile: true) }
+  let(:blocked_user) { create(:user, state: 'blocked') }
   let(:admin) { create(:user, admin: true) }
   let(:project) { create(:project, :public) }
 
@@ -13,6 +14,7 @@ RSpec.describe Projects::StarrersController do
     user_1.toggle_star(project)
     user_2.toggle_star(project)
     private_user.toggle_star(project)
+    blocked_user.toggle_star(project)
   end
 
   describe 'GET index' do
@@ -61,6 +63,10 @@ RSpec.describe Projects::StarrersController do
             expect(user_ids).to contain_exactly(user_1.id, user_2.id)
           end
 
+          it 'non-active users are not visible' do
+            expect(user_ids).not_to include(blocked_user.id)
+          end
+
           include_examples 'starrers counts'
         end
 

spec/finders/users_star_projects_finder_spec.rb

@@ -8,10 +8,12 @@ RSpec.describe UsersStarProjectsFinder do
   let(:user) { create(:user) }
   let(:private_user) { create(:user, private_profile: true) }
   let(:other_user) { create(:user) }
+  let(:blocked_user) { create(:user, state: 'blocked') }
 
   before do
     user.toggle_star(project)
     private_user.toggle_star(project)
+    blocked_user.toggle_star(project)
   end
 
   describe '#execute' do
@@ -38,5 +40,13 @@ RSpec.describe UsersStarProjectsFinder do
 
       it { is_expected.to match_array(public_stars) }
     end
+
+    describe 'with active users only' do
+      let(:current_user) { private_user }
+
+      it 'ignores stars of non-active users' do
+        is_expected.not_to include(*blocked_user.users_star_projects)
+      end
+    end
   end
 end

spec/lib/gitlab/usage/metrics/instrumentations/work_items_activity_aggregated_metric_spec.rb

@@ -44,16 +44,25 @@ RSpec.describe Gitlab::Usage::Metrics::Instrumentations::WorkItemsActivityAggreg
 
     describe '#value', :clean_gitlab_redis_shared_state do
       let(:counter) { Gitlab::UsageDataCounters::HLLRedisCounter }
+      let(:author1_id) { 1 }
+      let(:author2_id) { 2 }
+      let(:event_time) { 1.week.ago }
 
       before do
-        counter.track_event(:users_creating_work_items, values: 1, time: 1.week.ago)
+        counter.track_event(:users_creating_work_items, values: author1_id, time: event_time)
-        counter.track_event(:users_updating_work_item_title, values: 1, time: 1.week.ago)
-        counter.track_event(:users_updating_work_item_dates, values: 2, time: 1.week.ago)
-        counter.track_event(:users_updating_work_item_iteration, values: 2, time: 1.week.ago)
       end
 
-      it 'has correct value' do
+      it 'has correct value after events are tracked', :aggregate_failures do
-        expect(described_class.new(metric_definition).value).to eq 2
+        expect do
+          counter.track_event(:users_updating_work_item_title, values: author1_id, time: event_time)
+          counter.track_event(:users_updating_work_item_dates, values: author1_id, time: event_time)
+          counter.track_event(:users_updating_work_item_labels, values: author1_id, time: event_time)
+        end.to not_change { described_class.new(metric_definition).value }
+
+        expect do
+          counter.track_event(:users_updating_work_item_iteration, values: author2_id, time: event_time)
+          counter.track_event(:users_updating_weight_estimate, values: author1_id, time: event_time)
+        end.to change { described_class.new(metric_definition).value }.from(1).to(2)
       end
     end
   end

spec/models/users_star_project_spec.rb

@@ -4,4 +4,50 @@ require 'spec_helper'
 
 RSpec.describe UsersStarProject, type: :model do
   it { is_expected.to belong_to(:project).touch(false) }
+
+  describe 'scopes' do
+    let_it_be(:project1) { create(:project) }
+    let_it_be(:project2) { create(:project) }
+    let_it_be(:user_active) { create(:user, state: 'active', name: 'user2', private_profile: true) }
+    let_it_be(:user_blocked) { create(:user, state: 'blocked', name: 'user1') }
+
+    let_it_be(:users_star_project1) { create(:users_star_project, project: project1, user: user_active) }
+    let_it_be(:users_star_project2) { create(:users_star_project, project: project2, user: user_blocked) }
+
+    describe '.all' do
+      it 'returns all records' do
+        expect(described_class.all).to contain_exactly(users_star_project1, users_star_project2)
+      end
+    end
+
+    describe '.with_active_user' do
+      it 'returns only records of active users' do
+        expect(described_class.with_active_user).to contain_exactly(users_star_project1)
+      end
+    end
+
+    describe '.order_user_name_asc' do
+      it 'sorts records by ascending user name' do
+        expect(described_class.order_user_name_asc).to eq([users_star_project2, users_star_project1])
+      end
+    end
+
+    describe '.order_user_name_desc' do
+      it 'sorts records by descending user name' do
+        expect(described_class.order_user_name_desc).to eq([users_star_project1, users_star_project2])
+      end
+    end
+
+    describe '.by_project' do
+      it 'returns only records of given project' do
+        expect(described_class.by_project(project2)).to contain_exactly(users_star_project2)
+      end
+    end
+
+    describe '.with_public_profile' do
+      it 'returns only records of users with public profile' do
+        expect(described_class.with_public_profile).to contain_exactly(users_star_project2)
+      end
+    end
+  end
 end

yarn.lock

@@ -20,6 +20,48 @@
   dependencies:
     "@jridgewell/trace-mapping" "^0.3.0"
 
+"@apidevtools/json-schema-ref-parser@9.0.6":
+  version "9.0.6"
+  resolved "https://registry.yarnpkg.com/@apidevtools/json-schema-ref-parser/-/json-schema-ref-parser-9.0.6.tgz#5d9000a3ac1fd25404da886da6b266adcd99cf1c"
+  integrity sha512-M3YgsLjI0lZxvrpeGVk9Ap032W6TPQkH6pRAZz81Ac3WUNF79VQooAFnp8umjvVzUmD93NkogxEwbSce7qMsUg==
+  dependencies:
+    "@jsdevtools/ono" "^7.1.3"
+    call-me-maybe "^1.0.1"
+    js-yaml "^3.13.1"
+
+"@apidevtools/openapi-schemas@^2.1.0":
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/@apidevtools/openapi-schemas/-/openapi-schemas-2.1.0.tgz#9fa08017fb59d80538812f03fc7cac5992caaa17"
+  integrity sha512-Zc1AlqrJlX3SlpupFGpiLi2EbteyP7fXmUOGup6/DnkRgjP9bgMM/ag+n91rsv0U1Gpz0H3VILA/o3bW7Ua6BQ==
+
+"@apidevtools/swagger-cli@4.0.4":
+  version "4.0.4"
+  resolved "https://registry.yarnpkg.com/@apidevtools/swagger-cli/-/swagger-cli-4.0.4.tgz#c645c291f56e4add583111aca9edeee23d60fa10"
+  integrity sha512-hdDT3B6GLVovCsRZYDi3+wMcB1HfetTU20l2DC8zD3iFRNMC6QNAZG5fo/6PYeHWBEv7ri4MvnlKodhNB0nt7g==
+  dependencies:
+    "@apidevtools/swagger-parser" "^10.0.1"
+    chalk "^4.1.0"
+    js-yaml "^3.14.0"
+    yargs "^15.4.1"
+
+"@apidevtools/swagger-methods@^3.0.2":
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/@apidevtools/swagger-methods/-/swagger-methods-3.0.2.tgz#b789a362e055b0340d04712eafe7027ddc1ac267"
+  integrity sha512-QAkD5kK2b1WfjDS/UQn/qQkbwF31uqRjPTrsCs5ZG9BQGAkjwvqGFjjPqAuzac/IYzpPtRzjCP1WrTuAIjMrXg==
+
+"@apidevtools/swagger-parser@^10.0.1":
+  version "10.1.0"
+  resolved "https://registry.yarnpkg.com/@apidevtools/swagger-parser/-/swagger-parser-10.1.0.tgz#a987d71e5be61feb623203be0c96e5985b192ab6"
+  integrity sha512-9Kt7EuS/7WbMAUv2gSziqjvxwDbFSg3Xeyfuj5laUODX8o/k/CpsAKiQ8W7/R88eXFTMbJYg6+7uAmOWNKmwnw==
+  dependencies:
+    "@apidevtools/json-schema-ref-parser" "9.0.6"
+    "@apidevtools/openapi-schemas" "^2.1.0"
+    "@apidevtools/swagger-methods" "^3.0.2"
+    "@jsdevtools/ono" "^7.1.3"
+    ajv "^8.6.3"
+    ajv-draft-04 "^1.0.0"
+    call-me-maybe "^1.0.1"
+
 "@apollo/client@^3.5.10":
   version "3.5.10"
   resolved "https://registry.yarnpkg.com/@apollo/client/-/client-3.5.10.tgz#43463108a6e07ae602cca0afc420805a19339a71"
@@ -1522,6 +1564,11 @@
     "@jridgewell/resolve-uri" "^3.0.3"
     "@jridgewell/sourcemap-codec" "^1.4.10"
 
+"@jsdevtools/ono@^7.1.3":
+  version "7.1.3"
+  resolved "https://registry.yarnpkg.com/@jsdevtools/ono/-/ono-7.1.3.tgz#9df03bbd7c696a5c58885c34aa06da41c8543796"
+  integrity sha512-4JQNk+3mVzK3xh2rqd6RB4J46qUR19azEHBneZyTZM+c456qOrbbM/5xcR8huNCCcbVt7+UmizG6GuUvPvKUYg==
+
 "@leichtgewicht/ip-codec@^2.0.1":
   version "2.0.3"
   resolved "https://registry.yarnpkg.com/@leichtgewicht/ip-codec/-/ip-codec-2.0.3.tgz#0300943770e04231041a51bd39f0439b5c7ab4f0"
@@ -1660,10 +1707,10 @@
   dependencies:
     "@sinonjs/commons" "^1.7.0"
 
-"@sourcegraph/code-host-integration@0.0.60":
+"@sourcegraph/code-host-integration@0.0.84":
-  version "0.0.60"
+  version "0.0.84"
-  resolved "https://registry.yarnpkg.com/@sourcegraph/code-host-integration/-/code-host-integration-0.0.60.tgz#2043877fabb7eb986fcb61b67ee480afbb29f4f0"
+  resolved "https://registry.yarnpkg.com/@sourcegraph/code-host-integration/-/code-host-integration-0.0.84.tgz#680f5eadde4d05c1dfccb32e14b0a7e58365ebad"
-  integrity sha512-T+MvM8SUF7daA279hyQgwmva3J5LvPqwgQ/mWwxdVshehOQIPLUd310I0c6x6nZ0F/x4UjDWgRWzAqy6NLwV1w==
+  integrity sha512-xHaplY49vBHeXggcc0K3LNQ0VebKy3BwCSokXGxqHDaRJ8JmUwp/DyZX1RFp0Rx/UR6OPXQXKyfVqFcz/UlkUw==
 
 "@testing-library/dom@^7.16.2":
   version "7.24.5"
@@ -2598,6 +2645,11 @@ aggregate-error@^3.0.0:
     clean-stack "^2.0.0"
     indent-string "^4.0.0"
 
+ajv-draft-04@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/ajv-draft-04/-/ajv-draft-04-1.0.0.tgz#3b64761b268ba0b9e668f0b41ba53fce0ad77fc8"
+  integrity sha512-mv00Te6nmYbRp5DCwclxtt7yV/joXJPGS7nM+97GdxvuttCOfgI3K4U25zboyeX0O+myI8ERluxQe5wljMmVIw==
+
 ajv-errors@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/ajv-errors/-/ajv-errors-1.0.0.tgz#ecf021fa108fd17dfb5e6b383f2dd233e31ffc59"
@@ -2632,10 +2684,10 @@ ajv@^6.1.0, ajv@^6.10.0, ajv@^6.10.2, ajv@^6.12.4, ajv@^6.12.5:
     json-schema-traverse "^0.4.1"
     uri-js "^4.2.2"
 
-ajv@^8.0.0, ajv@^8.0.1, ajv@^8.10.0, ajv@^8.8.0:
+ajv@^8.0.0, ajv@^8.0.1, ajv@^8.10.0, ajv@^8.6.3, ajv@^8.8.0:
-  version "8.10.0"
+  version "8.11.0"
-  resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.10.0.tgz#e573f719bd3af069017e3b66538ab968d040e54d"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.11.0.tgz#977e91dd96ca669f54a11e23e378e33b884a565f"
-  integrity sha512-bzqAEZOjkrUMl2afH8dknrq5KEk2SrwdBROR+vH1EKVQTqaUbJVPdc/gEdggTMM0Se+s+Ja4ju4TlNcStKl2Hw==
+  integrity sha512-wGgprdCvMalC0BztXvitD2hC04YffAvtsUn93JbGXYLAtCUO4xd17mCCZQxUOItiBwZvJScWo8NIvQMQ71rdpg==
   dependencies:
     fast-deep-equal "^3.1.1"
     json-schema-traverse "^1.0.0"
@@ -3336,6 +3388,11 @@ call-bind@^1.0.0, call-bind@^1.0.2:
     function-bind "^1.1.1"
     get-intrinsic "^1.0.2"
 
+call-me-maybe@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/call-me-maybe/-/call-me-maybe-1.0.1.tgz#26d208ea89e37b5cbde60250a15f031c16a4d66b"
+  integrity sha512-wCyFsDQkKPwwF8BDwOiWNx/9K45L/hvggQiDbve+viMNMQnWhrlYIuBk09offfwCRtCO9P6XwUttufzU11WCVw==
+
 callsites@^3.0.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/callsites/-/callsites-3.1.0.tgz#b3630abd8943432f54b3f0519238e33cd7df2f73"
@@ -3350,7 +3407,7 @@ camelcase-keys@^6.2.2:
     map-obj "^4.0.0"
     quick-lru "^4.0.1"
 
-camelcase@^5.2.0, camelcase@^5.3.1:
+camelcase@^5.0.0, camelcase@^5.2.0, camelcase@^5.3.1:
   version "5.3.1"
   resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.3.1.tgz#e3c9b31569e106811df242f715725a1f4c494320"
   integrity sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==
@@ -3521,6 +3578,15 @@ clipboard@^2.0.8:
     select "^1.1.2"
     tiny-emitter "^2.0.0"
 
+cliui@^6.0.0:
+  version "6.0.0"
+  resolved "https://registry.yarnpkg.com/cliui/-/cliui-6.0.0.tgz#511d702c0c4e41ca156d7d0e96021f23e13225b1"
+  integrity sha512-t6wbgtoCXvAzst7QgXxJYqPt0usEfbgQdftEPbLL/cvv6HPE5VgvqCuAIDR0NgU52ds6rFwqrgakNLrHEjCbrQ==
+  dependencies:
+    string-width "^4.2.0"
+    strip-ansi "^6.0.0"
+    wrap-ansi "^6.2.0"
+
 cliui@^7.0.2:
   version "7.0.4"
   resolved "https://registry.yarnpkg.com/cliui/-/cliui-7.0.4.tgz#a0265ee655476fc807aea9df3df8df7783808b4f"
@@ -6092,7 +6158,7 @@ gensync@^1.0.0-beta.2:
   resolved "https://registry.yarnpkg.com/gensync/-/gensync-1.0.0-beta.2.tgz#32a6ee76c3d7f52d46b2b1ae5d93fea8580a25e0"
   integrity sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==
 
-get-caller-file@^2.0.5:
+get-caller-file@^2.0.1, get-caller-file@^2.0.5:
   version "2.0.5"
   resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e"
   integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==
@@ -7713,7 +7779,7 @@ js-sdsl@^4.1.4:
   resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499"
   integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==
 
-js-yaml@^3.13.1:
+js-yaml@^3.13.1, js-yaml@^3.14.0:
   version "3.14.1"
   resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.1.tgz#dae812fdb3825fa306609a8717383c50c36a0537"
   integrity sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==
@@ -10491,6 +10557,11 @@ require-from-string@^2.0.2:
   resolved "https://registry.yarnpkg.com/require-from-string/-/require-from-string-2.0.2.tgz#89a7fdd938261267318eafe14f9c32e598c36909"
   integrity sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==
 
+require-main-filename@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/require-main-filename/-/require-main-filename-2.0.0.tgz#d0b329ecc7cc0f61649f62215be69af54aa8989b"
+  integrity sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==
+
 require-package-name@^2.0.1:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/require-package-name/-/require-package-name-2.0.1.tgz#c11e97276b65b8e2923f75dabf5fb2ef0c3841b9"
@@ -10825,6 +10896,11 @@ serve-static@1.14.2:
     parseurl "~1.3.3"
     send "0.17.2"
 
+set-blocking@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7"
+  integrity sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==
+
 set-value@^2.0.0, set-value@^2.0.1:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/set-value/-/set-value-2.0.1.tgz#a18d40530e6f07de4228c7defe4227af8cad005b"
@@ -11418,6 +11494,13 @@ svg-tags@^1.0.0:
   resolved "https://registry.yarnpkg.com/svg-tags/-/svg-tags-1.0.0.tgz#58f71cee3bd519b59d4b2a843b6c7de64ac04764"
   integrity sha1-WPcc7jvVGbWdSyqEO2x95krAR2Q=
 
+swagger-cli@^4.0.4:
+  version "4.0.4"
+  resolved "https://registry.yarnpkg.com/swagger-cli/-/swagger-cli-4.0.4.tgz#c3f0b94277073c776b9bcc3ae7507b372f3ff414"
+  integrity sha512-Cp8YYuLny3RJFQ4CvOBTaqmOOgYsem52dPx1xM5S4EUWFblIh2Q8atppMZvXKUr1e9xH5RwipYpmdUzdPcxWcA==
+  dependencies:
+    "@apidevtools/swagger-cli" "4.0.4"
+
 swagger-ui-dist@4.12.0:
   version "4.12.0"
   resolved "https://registry.yarnpkg.com/swagger-ui-dist/-/swagger-ui-dist-4.12.0.tgz#986d90f05e81fb9db3ca40372278a5d8ce71db3a"
@@ -12570,6 +12653,11 @@ which-boxed-primitive@^1.0.2:
     is-string "^1.0.5"
     is-symbol "^1.0.3"
 
+which-module@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/which-module/-/which-module-2.0.0.tgz#d9ef07dce77b9902b8a3a8fa4b31c3e3f7e6e87a"
+  integrity sha512-B+enWhmw6cjfVC7kS8Pj9pCrKSc5txArRyaYGe088shv/FGWH+0Rjx/xPgtsWfsUtS27FkP697E4DDhgrgoc0Q==
+
 which@^1.2.9, which@^1.3.1:
   version "1.3.1"
   resolved "https://registry.yarnpkg.com/which/-/which-1.3.1.tgz#a45043d54f5805316da8d62f9f50918d3da70b0a"
@@ -12609,6 +12697,15 @@ worker-loader@^2.0.0:
     loader-utils "^1.0.0"
     schema-utils "^0.4.0"
 
+wrap-ansi@^6.2.0:
+  version "6.2.0"
+  resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-6.2.0.tgz#e9393ba07102e6c91a3b221478f0257cd2856e53"
+  integrity sha512-r6lPcBGxZXlIcymEu7InxDMhdW0KDxpLgoFLcguasxCaJ/SOIZwINatK9KY/tf+ZrlywOKU0UDj3ATXUBfxJXA==
+  dependencies:
+    ansi-styles "^4.0.0"
+    string-width "^4.1.0"
+    strip-ansi "^6.0.0"
+
 wrap-ansi@^7.0.0:
   version "7.0.0"
   resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43"
@@ -12724,11 +12821,36 @@ yaml@^2.0.0, yaml@^2.0.0-10:
   resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.1.1.tgz#1e06fb4ca46e60d9da07e4f786ea370ed3c3cfec"
   integrity sha512-o96x3OPo8GjWeSLF+wOAbrPfhFOGY0W00GNaxCDv+9hkcDJEnev1yh8S7pgHF0ik6zc8sQLuL8hjHjJULZp8bw==
 
+yargs-parser@^18.1.2:
+  version "18.1.3"
+  resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-18.1.3.tgz#be68c4975c6b2abf469236b0c870362fab09a7b0"
+  integrity sha512-o50j0JeToy/4K6OZcaQmW6lyXXKhq7csREXcDwk2omFPJEwUNOVtJKvmDr9EI1fAJZUyZcRF7kxGBWmRXudrCQ==
+  dependencies:
+    camelcase "^5.0.0"
+    decamelize "^1.2.0"
+
 yargs-parser@^20.2.2, yargs-parser@^20.2.3:
   version "20.2.9"
   resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.9.tgz#2eb7dc3b0289718fc295f362753845c41a0c94ee"
   integrity sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==
 
+yargs@^15.4.1:
+  version "15.4.1"
+  resolved "https://registry.yarnpkg.com/yargs/-/yargs-15.4.1.tgz#0d87a16de01aee9d8bec2bfbf74f67851730f4f8"
+  integrity sha512-aePbxDmcYW++PaqBsJ+HYUFwCdv4LVvdnhBy78E57PIor8/OVvhMrADFFEDh8DHDFRv/O9i3lPhsENjO7QX0+A==
+  dependencies:
+    cliui "^6.0.0"
+    decamelize "^1.2.0"
+    find-up "^4.1.0"
+    get-caller-file "^2.0.1"
+    require-directory "^2.1.1"
+    require-main-filename "^2.0.0"
+    set-blocking "^2.0.0"
+    string-width "^4.2.0"
+    which-module "^2.0.0"
+    y18n "^4.0.0"
+    yargs-parser "^18.1.2"
+
 yargs@^16.2.0:
   version "16.2.0"
   resolved "https://registry.yarnpkg.com/yargs/-/yargs-16.2.0.tgz#1c82bf0f6b6a66eafce7ef30e376f49a12477f66"