root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2023-03-10 03:08:23 +00:00
parent 77edae8f14
commit d5954a6879
14 changed files with 157 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app/assets/javascripts/batch_comments/components/draft_note.vue
View File

@ -1,5 +1,5 @@
<script>
import { GlBadge } from '@gitlab/ui';
import { GlBadge, GlTooltipDirective } from '@gitlab/ui';
import { mapActions, mapGetters, mapState } from 'vuex';
import SafeHtml from '~/vue_shared/directives/safe_html';
import NoteableNote from '~/notes/components/noteable_note.vue';
@ -11,6 +11,7 @@ export default {
},
directives: {
SafeHtml,
GlTooltip: GlTooltipDirective,
},
props: {
draft: {
@ -95,7 +96,14 @@ export default {
@mouseleave.native="handleMouseLeave(draft)"
>
<template #note-header-info>
<gl-badge variant="warning" class="gl-mr-2">{{ __('Pending') }}</gl-badge>
<gl-badge
v-gl-tooltip
variant="warning"
class="gl-mr-2"
:title="__('Pending comments are hidden until you submit your review.')"
>
{{ __('Pending') }}
</gl-badge>
</template>
<template v-if="!isEditingDraft" #after-note-body>
<div

1
app/policies/project_policy.rb
View File

@ -437,6 +437,7 @@ class ProjectPolicy < BasePolicy
rule { ~request_access_enabled }.prevent :request_access
rule { can?(:developer_access) & can?(:create_issue) }.enable :import_issues
rule { can?(:reporter_access) & can?(:create_work_item) }.enable :import_work_items
rule { can?(:developer_access) }.policy do
enable :create_package

2
app/services/work_items/import_csv_service.rb
View File

@ -26,7 +26,7 @@ module WorkItems
def execute
raise FeatureNotAvailableError if ::Feature.disabled?(:import_export_work_items_csv, project)
raise NotAuthorizedError unless Ability.allowed?(user, :create_work_item, project)
raise NotAuthorizedError unless Ability.allowed?(user, :import_work_items, project)
super
end

13
doc/development/integrations/secure.md
View File

@ -234,22 +234,13 @@ then `artifacts:reports:dependency_scanning` must be set to `depscan.json`.
### Exit code
Following the POSIX exit code standard, the scanner exits with 0 for success and any number from 1 to 255 for anything else.
Following the POSIX exit code standard, the scanner exits with either `0` for success or `1` for failure.
Success also includes the case when vulnerabilities are found.
When a CI job fails, security report results are not ingested by GitLab, even if the job
[allows failure](../../ci/yaml/index.md#allow_failure). The report artifacts are still uploaded to GitLab and available
[allows failure](../../ci/yaml/index.md#allow_failure). However, the report artifacts are still uploaded to GitLab and available
for [download in the pipeline security tab](../../user/application_security/vulnerability_report/pipeline.md#download-security-scan-outputs).
When executing a scanning job using the [Docker-in-Docker privileged mode](../../user/application_security/sast/index.md#requirements),
we reserve the following standard exit codes.
| Orchestrator Exit Code | Description |
|------------------------|----------------------------------|
| 3 | No match, no compatible analyzer |
| 4 | Project directory empty |
| 5 | No compatible Docker image |
### Logging
The scanner should log error messages and warnings so that users can easily investigate

14
doc/topics/git/unstage.md
View File

@ -5,15 +5,20 @@ info: To determine the technical writer assigned to the Stage/Group associated w
comments: false
---
# Unstage **(FREE)**
# Unstage a file in Git **(FREE)**
- To remove files from stage use reset HEAD where HEAD is the last commit of the current branch. This unstages the file but maintain the modifications.
When you _stage_ a file in Git, you instruct Git to track changes to the file in
preparation for a commit. To instruct Git to disregard changes to a file, and not
include it in your next commit, _unstage_ the file.
- To remove files from stage use `reset HEAD`, where HEAD is the last commit of
the current branch. This unstages the file but maintains the modifications.
```shell
git reset HEAD <file>
```
- To revert the file back to the state it was in before the changes we can use:
- To revert the file back to the state it was in before the changes:
```shell
git checkout -- <file>
@ -26,7 +31,8 @@ comments: false
git rm -r <dirname>
```
- If we want to remove a file from the repository but keep it on disk, say we forgot to add it to our `.gitignore` file then use `--cache`:
- To keep a file on disk but remove it from the repository (such as a file you want
to add to `.gitignore`), use the `rm` command with the `--cache` flag:
```shell
git rm <filename> --cache

32
lib/api/draft_notes.rb
View File

@ -35,6 +35,10 @@ module API
access_denied! unless can?(current_user, :create_note, merge_request(params: params))
end
def authorize_admin_draft!(draft_note)
access_denied! unless can?(current_user, :admin_note, draft_note)
end
def draft_note_params
{
note: params[:note],
@ -113,6 +117,34 @@ module API
end
end
desc "Modify an existing draft note" do
success Entities::DraftNote
failure [
{ code: 401, message: 'Unauthorized' },
{ code: 404, message: 'Not found' }
]
end
params do
requires :id, type: String, desc: "The ID of a project."
requires :merge_request_iid, type: Integer, desc: "The ID of a merge request."
requires :draft_note_id, type: Integer, desc: "The ID of a draft note"
optional :note, type: String, allow_blank: false, desc: 'The content of a note.'
end
put ":id/merge_requests/:merge_request_iid/draft_notes/:draft_note_id", feature_category: :code_review_workflow do
bad_request!('Missing params to modify') unless params[:note].present?
draft_note = get_draft_note(params: params)
if draft_note
authorize_admin_draft!(draft_note)
draft_note.update!(note: params[:note])
present draft_note, with: Entities::DraftNote
else
not_found!("Draft Note")
end
end
desc "Delete a draft note" do
success Entities::DraftNote
failure [

3
locale/gitlab.pot
View File

@ -31036,6 +31036,9 @@ msgstr ""
msgid "Pending comments"
msgstr ""
msgid "Pending comments are hidden until you submit your review."
msgstr ""
msgid "Pending deletion"
msgstr ""

2
qa/Gemfile
View File

@ -21,7 +21,7 @@ gem 'rotp', '~> 6.2.2'
gem 'parallel', '~> 1.22', '>= 1.22.1'
gem 'rainbow', '~> 3.1.1'
gem 'rspec-parameterized', '~> 1.0.0'
gem 'octokit', '~> 6.0.1'
gem 'octokit', '~> 6.1.0'
gem "faraday-retry", "~> 2.1"
gem 'webdrivers', '~> 5.2'
gem 'zeitwerk', '~> 2.6', '>= 2.6.7'

6
qa/Gemfile.lock
View File

@ -184,7 +184,7 @@ GEM
nokogiri (1.14.2)
mini_portile2 (~> 2.8.0)
racc (~> 1.4)
octokit (6.0.1)
octokit (6.1.0)
faraday (>= 1, < 3)
sawyer (~> 0.9)
oj (3.13.23)
@ -322,7 +322,7 @@ DEPENDENCIES
influxdb-client (~> 2.9)
knapsack (~> 4.0)
nokogiri (~> 1.14, >= 1.14.2)
octokit (~> 6.0.1)
octokit (~> 6.1.0)
parallel (~> 1.22, >= 1.22.1)
parallel_tests (~> 4.2)
pry-byebug (~> 3.10.1)
@ -343,4 +343,4 @@ DEPENDENCIES
zeitwerk (~> 2.6, >= 2.6.7)
BUNDLED WITH
2.4.7
2.4.8

30
spec/policies/project_policy_spec.rb
View File

@ -441,6 +441,36 @@ RSpec.describe ProjectPolicy, feature_category: :system_access do
end
end
context 'importing work items' do
%w(reporter developer maintainer owner).each do |role|
context "with #{role}" do
let(:current_user) { send(role) }
it { is_expected.to be_allowed(:import_work_items) }
end
end
%w(guest anonymous).each do |role|
context "with #{role}" do
let(:current_user) { send(role) }
it { is_expected.to be_disallowed(:import_work_items) }
end
end
context 'with an admin' do
let(:current_user) { admin }
context 'when admin mode is enabled', :enable_admin_mode do
it { expect_allowed(:import_work_items) }
end
context 'when admin mode is disabled' do
it { expect_disallowed(:import_work_items) }
end
end
end
context 'reading usage quotas' do
%w(maintainer owner).each do |role|
context "with #{role}" do

51
spec/requests/api/draft_notes_spec.rb
View File

@ -216,6 +216,57 @@ RSpec.describe API::DraftNotes, feature_category: :code_review_workflow do
end
end
def update_draft_note(params = {}, url = base_url)
put api("#{url}/#{draft_note_by_current_user.id}", user), params: params
end
describe "Update a draft note" do
let(:basic_update_params) do
{
note: "Example updated body string"
}
end
context "when updating an existing draft note" do
context "with required params" do
it "returns 200 Success status" do
update_draft_note(basic_update_params)
expect(response).to have_gitlab_http_status(:success)
end
it "updates draft note with the new content" do
update_draft_note(basic_update_params)
expect(json_response["note"]).to eq(basic_update_params[:note])
end
end
context "without including an update to the note body" do
it "returns the draft note with no changes" do
expect { update_draft_note({}) }
.not_to change { draft_note_by_current_user.note }
end
end
context "when updating a non-existent draft note" do
it "returns a 404 Not Found" do
put api("#{base_url}/#{non_existing_record_id}", user), params: basic_update_params
expect(response).to have_gitlab_http_status(:not_found)
end
end
context "when updating a draft note by a different user" do
it "returns a 404 Not Found" do
put api("#{base_url}/#{draft_note_by_random_user.id}", user), params: basic_update_params
expect(response).to have_gitlab_http_status(:not_found)
end
end
end
end
describe "Publishing a draft note" do
let(:publish_draft_note) do
put api(

4
spec/services/work_items/import_csv_service_spec.rb
View File

@ -110,6 +110,10 @@ RSpec.describe WorkItems::ImportCsvService, feature_category: :team_planning do
end
context 'when user does not have permission' do
before do
project.add_guest(user)
end
it 'raises an error' do
expect { subject }.to raise_error(/You do not have permission to import work items in this project/)
end

6
workhorse/go.mod
View File

@ -7,12 +7,12 @@ require (
github.com/BurntSushi/toml v1.2.1
github.com/FZambia/sentinel v1.1.1
github.com/alecthomas/chroma/v2 v2.5.0
github.com/aws/aws-sdk-go v1.44.212
github.com/aws/aws-sdk-go v1.44.213
github.com/disintegration/imaging v1.6.2
github.com/getsentry/raven-go v0.2.0
github.com/golang-jwt/jwt/v4 v4.5.0
github.com/golang/gddo v0.0.0-20210115222349-20d68f94ee1f
github.com/golang/protobuf v1.5.2
github.com/golang/protobuf v1.5.3
github.com/gomodule/redigo v2.0.0+incompatible
github.com/gorilla/websocket v1.5.0
github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
@ -26,7 +26,7 @@ require (
github.com/sirupsen/logrus v1.9.0
github.com/smartystreets/goconvey v1.7.2
github.com/stretchr/testify v1.8.2
gitlab.com/gitlab-org/gitaly/v15 v15.9.1
gitlab.com/gitlab-org/gitaly/v15 v15.9.2
gitlab.com/gitlab-org/golang-archive-zip v0.1.1
gitlab.com/gitlab-org/labkit v1.17.0
gocloud.dev v0.29.0

11
workhorse/go.sum
View File

@ -569,8 +569,8 @@ github.com/aws/aws-sdk-go v1.43.31/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4
github.com/aws/aws-sdk-go v1.44.156/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go v1.44.187/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go v1.44.200/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go v1.44.212 h1:IRstlErdeKeQ8qBsCwWt4MG2RihUOcUJVqYwbvqpE28=
github.com/aws/aws-sdk-go v1.44.212/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go v1.44.213 h1:WahquyWs7cQdz0vpDVWyWETEemgSoORx0PbWL9oz2WA=
github.com/aws/aws-sdk-go v1.44.213/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go-v2 v1.9.1/go.mod h1:cK/D0BBs0b/oWPIcX/Z/obahJK1TT7IPVjy53i/mX/4=
github.com/aws/aws-sdk-go-v2 v1.17.4 h1:wyC6p9Yfq6V2y98wfDsj6OnNQa4w2BLGCLIxzNhwOGY=
github.com/aws/aws-sdk-go-v2 v1.17.4/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
@ -1097,8 +1097,9 @@ github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM=
github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
github.com/golang/snappy v0.0.0-20170215233205-553a64147049/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
@ -1915,8 +1916,8 @@ github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX
github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA=
github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg=
github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
gitlab.com/gitlab-org/gitaly/v15 v15.9.1 h1:GcrMrvlVd9QCxZuthr4dR74bFQaykN5W1iPt4CjkNqs=
gitlab.com/gitlab-org/gitaly/v15 v15.9.1/go.mod h1:MLAmjPsXan0TixWBOnF2GUTjHcNLoAiYv1x1LRx7gHQ=
gitlab.com/gitlab-org/gitaly/v15 v15.9.2 h1:qYVmONm8RBXXtmAHFVdaIvwzEBHgzJR6ePagkTNNyuA=
gitlab.com/gitlab-org/gitaly/v15 v15.9.2/go.mod h1:MLAmjPsXan0TixWBOnF2GUTjHcNLoAiYv1x1LRx7gHQ=
gitlab.com/gitlab-org/golang-archive-zip v0.1.1 h1:35k9giivbxwF03+8A05Cm8YoxoakU8FBCj5gysjCTCE=
gitlab.com/gitlab-org/golang-archive-zip v0.1.1/go.mod h1:ZDtqpWPGPB9qBuZnZDrKQjIdJtkN7ZAoVwhT6H2o2kE=
gitlab.com/gitlab-org/labkit v1.17.0 h1:mEkoLzXorLNdt8NkfgYS5xMDhdqCsIJaeEVtSf7d8cU=