root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2023-05-09 06:10:32 +00:00
parent f119af78ab
commit e168d3919a
24 changed files with 420 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/assets/javascripts/admin/abuse_report/components/reported_content.vue
View File

@ -4,6 +4,7 @@ import { __ } from '~/locale';
import SafeHtml from '~/vue_shared/directives/safe_html';
import { renderGFM } from '~/behaviors/markdown/render_gfm';
import TimeAgoTooltip from '~/vue_shared/components/time_ago_tooltip.vue';
import TruncatedText from '~/vue_shared/components/truncated_text/truncated_text.vue';
import { REPORTED_CONTENT_I18N } from '../constants';
export default {
@ -15,6 +16,7 @@ export default {
GlLink,
GlAvatar,
TimeAgoTooltip,
TruncatedText,
},
modalId: 'abuse-report-screenshot-modal',
directives: {
@ -107,11 +109,13 @@ export default {
footer-class="gl-bg-white js-test-card-footer"
>
<template v-if="report.content" #header>
<div
ref="gfmContent"
v-safe-html:[$options.safeHtmlConfig]="report.content"
class="md"
></div>
<truncated-text>
<div
ref="gfmContent"
v-safe-html:[$options.safeHtmlConfig]="report.content"
class="md"
></div>
</truncated-text>
</template>
{{ $options.i18n.reportedBy }}
<template #footer>

9
app/assets/javascripts/vue_shared/components/truncated_text/constants.js Normal file
View File

@ -0,0 +1,9 @@
import { __ } from '~/locale';
export const SHOW_MORE = __('Show more');
export const SHOW_LESS = __('Show less');
export const STATES = {
INITIAL: 'initial',
TRUNCATED: 'truncated',
EXTENDED: 'extended',
};

26
app/assets/javascripts/vue_shared/components/truncated_text/truncated_text.stories.js Normal file
View File

@ -0,0 +1,26 @@
import { escape } from 'lodash';
import TruncatedText from './truncated_text.vue';
export default {
component: TruncatedText,
title: 'vue_shared/truncated_text',
};
const Template = (args, { argTypes }) => ({
components: { TruncatedText },
props: Object.keys(argTypes),
template: `
<truncated-text v-bind="$props">
<template v-if="${'default' in args}" v-slot>
<span style="white-space: pre-line;">${escape(args.default)}</span>
</template>
</truncated-text>
`,
});
export const Default = Template.bind({});
Default.args = {
lines: 3,
mobileLines: 10,
default: [...Array(15)].map((_, i) => `line ${i + 1}`).join('\n'),
};

81
app/assets/javascripts/vue_shared/components/truncated_text/truncated_text.vue Normal file
View File

@ -0,0 +1,81 @@
<script>
import { GlResizeObserverDirective, GlButton } from '@gitlab/ui';
import { STATES, SHOW_MORE, SHOW_LESS } from './constants';
export default {
name: 'TruncatedText',
components: {
GlButton,
},
directives: {
GlResizeObserver: GlResizeObserverDirective,
},
props: {
lines: {
type: Number,
required: false,
default: 3,
},
mobileLines: {
type: Number,
required: false,
default: 10,
},
},
data() {
return {
state: STATES.INITIAL,
};
},
computed: {
showTruncationToggle() {
return this.state !== STATES.INITIAL;
},
truncationToggleText() {
if (this.state === STATES.TRUNCATED) {
return SHOW_MORE;
}
return SHOW_LESS;
},
styleObject() {
// eslint-disable-next-line @gitlab/require-i18n-strings
return { '--lines': this.lines, '--mobile-lines': this.mobileLines };
},
isTruncated() {
return this.state === STATES.EXTENDED ? null : 'gl-truncate-text-by-line gl-overflow-hidden';
},
},
methods: {
onResize({ target }) {
if (target.scrollHeight > target.offsetHeight) {
this.state = STATES.TRUNCATED;
} else if (this.state === STATES.TRUNCATED) {
this.state = STATES.INITIAL;
}
},
toggleTruncation() {
if (this.state === STATES.TRUNCATED) {
this.state = STATES.EXTENDED;
} else if (this.state === STATES.EXTENDED) {
this.state = STATES.TRUNCATED;
}
},
},
};
</script>
<template>
<section>
<article
ref="content"
v-gl-resize-observer="onResize"
:class="isTruncated"
:style="styleObject"
>
<slot></slot>
</article>
<gl-button v-if="showTruncationToggle" variant="link" @click="toggleTruncation">{{
truncationToggleText
}}</gl-button>
</section>
</template>

18
app/assets/stylesheets/utilities.scss
View File

@ -153,3 +153,21 @@
.gl-fill-red-500 {
fill: $red-500;
}
/**
Note: used by app/assets/javascripts/vue_shared/components/truncated_text/truncated_text.vue
Will be moved to @gitlab/ui by https://gitlab.com/gitlab-org/gitlab/-/issues/408643
Although this solution uses vendor-prefixes, it is supported by all browsers and it is
currently the only way to truncate text by lines. See https://caniuse.com/css-line-clamp
**/
.gl-truncate-text-by-line {
// stylelint-disable-next-line value-no-vendor-prefix
display: -webkit-box;
-webkit-line-clamp: var(--lines);
-webkit-box-orient: vertical;
@include gl-media-breakpoint-down(sm) {
-webkit-line-clamp: var(--mobile-lines);
}
}

1
app/helpers/application_settings_helper.rb
View File

@ -349,6 +349,7 @@ module ApplicationSettingsHelper
:repository_storages_weighted,
:require_admin_approval_after_user_signup,
:require_two_factor_authentication,
:remember_me_enabled,
:restricted_visibility_levels,
:rsa_key_restriction,
:session_expire_delay,

5
app/views/admin/application_settings/_account_and_limit.html.haml
View File

@ -30,6 +30,11 @@
= f.label :session_expire_delay, _('Session duration (minutes)'), class: 'label-light'
= f.number_field :session_expire_delay, class: 'form-control gl-form-input', title: _('Maximum duration of a session.'), data: { toggle: 'tooltip', container: 'body' }
%span.form-text.text-muted#session_expire_delay_help_block= _('Restart GitLab to apply changes.')
.form-group
= f.label :remember_me_enabled, _('Remember me'), class: 'label-light'
- remember_me_help_link = help_page_path('user/profile/index.md', anchor: 'stay-signed-in-for-two-weeks')
- remember_me_help_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: remember_me_help_link }
= f.gitlab_ui_checkbox_component :remember_me_enabled, _('Allow users to extend their session'), help_text: _("Users can select 'Remember me' on sign-in to keep their session active beyond the session duration. %{link_start}Learn more.%{link_end}").html_safe % { link_start: remember_me_help_link_start, link_end: '</a>'.html_safe }
= render_if_exists 'admin/application_settings/git_two_factor_session_expiry', form: f
= render_if_exists 'admin/application_settings/personal_access_token_expiration_policy', form: f

4
config/gitlab_loose_foreign_keys.yml
View File

@ -184,10 +184,6 @@ ci_variables:
- table: projects
column: project_id
on_delete: async_delete
clusters_applications_runners:
- table: ci_runners
column: runner_id
on_delete: async_nullify
dast_pre_scan_verifications:
- table: ci_pipelines
column: ci_pipeline_id

29
data/deprecations/15-9-sast-analyzer-consolidation.yml
View File

@ -11,26 +11,25 @@
We're reducing the number of supported analyzers used by default in GitLab SAST.
This is part of our long-term strategy to deliver a faster, more consistent user experience across different programming languages.
Starting in GitLab 16.0, the GitLab SAST CI/CD template will no longer use the following analyzers, and they will enter End of Support status:
Starting in GitLab 16.0, the GitLab SAST CI/CD template will no longer use the [Security Code Scan](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan)-based analyzer for .NET, and it will enter End of Support status.
We'll remove this analyzer from the [SAST CI/CD template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml) and replace it with GitLab-supported detection rules for C# in the [Semgrep-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep).
- [Security Code Scan](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan) (.NET)
- [PHPCS Security Audit](https://gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit) (PHP)
Effective immediately, this analyzer will receive only security updates; other routine improvements or updates are not guaranteed.
After this analyzer reaches End of Support in GitLab 16.0, no further updates will be provided.
However, we won't delete container images previously published for this analyzer or remove the ability to run it by using a custom CI/CD pipeline job.
We'll remove these analyzers from the [SAST CI/CD template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml) and replace them with GitLab-supported detection rules and the [Semgrep-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep).
Effective immediately, these analyzers will receive only security updates; other routine improvements or updates are not guaranteed.
After these analyzers reach End of Support, no further updates will be provided.
However, we won't delete container images previously published for these analyzers or remove the ability to run them by using a custom CI/CD pipeline job.
We will also remove Scala from the scope of the [SpotBugs-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs) and replace it with the [Semgrep-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep).
This change will make it simpler to scan Scala code; compilation will no longer be required.
This change will be reflected in the automatic language detection portion of the [GitLab-managed SAST CI/CD template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml).
Note that the SpotBugs-based analyzer will continue to cover Groovy and Kotlin.
If you've already dismissed a vulnerability finding from one of the deprecated analyzers, the replacement attempts to respect your previous dismissal. The system behavior depends on:
If you've already dismissed a vulnerability finding from the deprecated analyzer, the replacement attempts to respect your previous dismissal. The system behavior depends on:
- whether you've excluded the Semgrep-based analyzer from running in the past.
- which analyzer first discovered the vulnerabilities shown in the project's Vulnerability Report.
See [Vulnerability translation documentation](https://docs.gitlab.com/ee/user/application_security/sast/analyzers.html#vulnerability-translation) for further details.
If you applied customizations to any of the affected analyzers or if you currently disable the Semgrep analyzer in your pipelines, you must take action as detailed in the [deprecation issue for this change](https://gitlab.com/gitlab-org/gitlab/-/issues/390416#breaking-change).
If you applied customizations to the affected analyzer, or if you currently disable the Semgrep-based analyzer in your pipelines, you must take action as detailed in the [deprecation issue for this change](https://gitlab.com/gitlab-org/gitlab/-/issues/390416#breaking-change).
**Update:** We've reduced the scope of this change. We will no longer make the following changes in GitLab 16.0:
1. Remove support for the analyzer based on [PHPCS Security Audit](https://gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit) and replace it with GitLab-managed detection rules in the [Semgrep-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep).
1. Remove Scala from the scope of the [SpotBugs-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs) and replace it with GitLab-managed detection rules in the [Semgrep-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep).
Work to replace the PHPCS Security Audit-based analyzer is tracked in [issue 364060](https://gitlab.com/gitlab-org/gitlab/-/issues/364060) and work to migrate Scala scanning to the Semgrep-based analyzer is tracked in [issue 362958](https://gitlab.com/gitlab-org/gitlab/-/issues/362958).

2
db/docs/clusters_applications_runners.yml → db/docs/deleted_tables/clusters_applications_runners.yml
View File

@ -6,3 +6,5 @@ description: "(Deprecated) A GitLab managed Runner installation in a Kubernetes
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/commit/c607008ee55e35465e04a938a341f2f24cb6761f
milestone: '10.6'
gitlab_schema: gitlab_main
removed_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/119540
removed_in_milestone: '16.0'

29
db/post_migrate/20230503175406_drop_clusters_applications_runners.rb Normal file
View File

@ -0,0 +1,29 @@
# frozen_string_literal: true
# See https://docs.gitlab.com/ee/development/migration_style_guide.html
# for more information on how to write migrations for GitLab.
class DropClustersApplicationsRunners < Gitlab::Database::Migration[2.1]
def up
drop_table :clusters_applications_runners
end
# Based on init schema:
# https://gitlab.com/gitlab-org/gitlab/-/blob/b237f836df215a4ada92b9406733e6cd2483ca2d/db/migrate/20181228175414_init_schema.rb#L752-L763
# rubocop:disable Migration/SchemaAdditionMethodsNoPost
def down
create_table "clusters_applications_runners", id: :serial, force: :cascade do |t|
t.integer "cluster_id", null: false
t.integer "runner_id"
t.integer "status", null: false
t.datetime_with_timezone "created_at", null: false
t.datetime_with_timezone "updated_at", null: false
t.string "version", null: false
t.text "status_reason"
t.boolean "privileged", default: true, null: false
t.index ["cluster_id"], name: "index_clusters_applications_runners_on_cluster_id", unique: true
t.index ["runner_id"], name: "index_clusters_applications_runners_on_runner_id"
end
end
# rubocop:enable Migration/SchemaAdditionMethodsNoPost
end

1
db/schema_migrations/20230503175406 Normal file
View File

@ -0,0 +1 @@
f239e2946d97b25d7f365d0cdf439be300f4b1bbc39e089abc8e8342a32679ed

30
db/structure.sql
View File

@ -14387,27 +14387,6 @@ CREATE TABLE clusters (
helm_major_version integer DEFAULT 3 NOT NULL
);
CREATE TABLE clusters_applications_runners (
id integer NOT NULL,
cluster_id integer NOT NULL,
runner_id integer,
status integer NOT NULL,
created_at timestamp with time zone NOT NULL,
updated_at timestamp with time zone NOT NULL,
version character varying NOT NULL,
status_reason text,
privileged boolean DEFAULT true NOT NULL
);
CREATE SEQUENCE clusters_applications_runners_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER SEQUENCE clusters_applications_runners_id_seq OWNED BY clusters_applications_runners.id;
CREATE SEQUENCE clusters_id_seq
START WITH 1
INCREMENT BY 1
@ -25009,8 +24988,6 @@ ALTER TABLE ONLY cluster_providers_gcp ALTER COLUMN id SET DEFAULT nextval('clus
ALTER TABLE ONLY clusters ALTER COLUMN id SET DEFAULT nextval('clusters_id_seq'::regclass);
ALTER TABLE ONLY clusters_applications_runners ALTER COLUMN id SET DEFAULT nextval('clusters_applications_runners_id_seq'::regclass);
ALTER TABLE ONLY clusters_kubernetes_namespaces ALTER COLUMN id SET DEFAULT nextval('clusters_kubernetes_namespaces_id_seq'::regclass);
ALTER TABLE ONLY commit_user_mentions ALTER COLUMN id SET DEFAULT nextval('commit_user_mentions_id_seq'::regclass);
@ -26910,9 +26887,6 @@ ALTER TABLE ONLY cluster_providers_aws
ALTER TABLE ONLY cluster_providers_gcp
ADD CONSTRAINT cluster_providers_gcp_pkey PRIMARY KEY (id);
ALTER TABLE ONLY clusters_applications_runners
ADD CONSTRAINT clusters_applications_runners_pkey PRIMARY KEY (id);
ALTER TABLE ONLY clusters_integration_prometheus
ADD CONSTRAINT clusters_integration_prometheus_pkey PRIMARY KEY (cluster_id);
@ -30368,10 +30342,6 @@ CREATE INDEX index_cluster_providers_gcp_on_cloud_run ON cluster_providers_gcp U
CREATE UNIQUE INDEX index_cluster_providers_gcp_on_cluster_id ON cluster_providers_gcp USING btree (cluster_id);
CREATE UNIQUE INDEX index_clusters_applications_runners_on_cluster_id ON clusters_applications_runners USING btree (cluster_id);
CREATE INDEX index_clusters_applications_runners_on_runner_id ON clusters_applications_runners USING btree (runner_id);
CREATE INDEX index_clusters_integration_prometheus_enabled ON clusters_integration_prometheus USING btree (enabled, created_at, cluster_id);
CREATE INDEX index_clusters_kubernetes_namespaces_on_cluster_project_id ON clusters_kubernetes_namespaces USING btree (cluster_project_id);

29
doc/update/deprecations.md
View File

@ -1654,29 +1654,28 @@ GitLab SAST uses various [analyzers](https://docs.gitlab.com/ee/user/application
We're reducing the number of supported analyzers used by default in GitLab SAST.
This is part of our long-term strategy to deliver a faster, more consistent user experience across different programming languages.
Starting in GitLab 16.0, the GitLab SAST CI/CD template will no longer use the following analyzers, and they will enter End of Support status:
Starting in GitLab 16.0, the GitLab SAST CI/CD template will no longer use the [Security Code Scan](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan)-based analyzer for .NET, and it will enter End of Support status.
We'll remove this analyzer from the [SAST CI/CD template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml) and replace it with GitLab-supported detection rules for C# in the [Semgrep-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep).
- [Security Code Scan](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan) (.NET)
- [PHPCS Security Audit](https://gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit) (PHP)
Effective immediately, this analyzer will receive only security updates; other routine improvements or updates are not guaranteed.
After this analyzer reaches End of Support in GitLab 16.0, no further updates will be provided.
However, we won't delete container images previously published for this analyzer or remove the ability to run it by using a custom CI/CD pipeline job.
We'll remove these analyzers from the [SAST CI/CD template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml) and replace them with GitLab-supported detection rules and the [Semgrep-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep).
Effective immediately, these analyzers will receive only security updates; other routine improvements or updates are not guaranteed.
After these analyzers reach End of Support, no further updates will be provided.
However, we won't delete container images previously published for these analyzers or remove the ability to run them by using a custom CI/CD pipeline job.
We will also remove Scala from the scope of the [SpotBugs-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs) and replace it with the [Semgrep-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep).
This change will make it simpler to scan Scala code; compilation will no longer be required.
This change will be reflected in the automatic language detection portion of the [GitLab-managed SAST CI/CD template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml).
Note that the SpotBugs-based analyzer will continue to cover Groovy and Kotlin.
If you've already dismissed a vulnerability finding from one of the deprecated analyzers, the replacement attempts to respect your previous dismissal. The system behavior depends on:
If you've already dismissed a vulnerability finding from the deprecated analyzer, the replacement attempts to respect your previous dismissal. The system behavior depends on:
- whether you've excluded the Semgrep-based analyzer from running in the past.
- which analyzer first discovered the vulnerabilities shown in the project's Vulnerability Report.
See [Vulnerability translation documentation](https://docs.gitlab.com/ee/user/application_security/sast/analyzers.html#vulnerability-translation) for further details.
If you applied customizations to any of the affected analyzers or if you currently disable the Semgrep analyzer in your pipelines, you must take action as detailed in the [deprecation issue for this change](https://gitlab.com/gitlab-org/gitlab/-/issues/390416#breaking-change).
If you applied customizations to the affected analyzer, or if you currently disable the Semgrep-based analyzer in your pipelines, you must take action as detailed in the [deprecation issue for this change](https://gitlab.com/gitlab-org/gitlab/-/issues/390416#breaking-change).
**Update:** We've reduced the scope of this change. We will no longer make the following changes in GitLab 16.0:
1. Remove support for the analyzer based on [PHPCS Security Audit](https://gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit) and replace it with GitLab-managed detection rules in the [Semgrep-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep).
1. Remove Scala from the scope of the [SpotBugs-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs) and replace it with GitLab-managed detection rules in the [Semgrep-based analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep).
Work to replace the PHPCS Security Audit-based analyzer is tracked in [issue 364060](https://gitlab.com/gitlab-org/gitlab/-/issues/364060) and work to migrate Scala scanning to the Semgrep-based analyzer is tracked in [issue 362958](https://gitlab.com/gitlab-org/gitlab/-/issues/362958).
</div>

21
doc/user/admin_area/settings/account_and_limit_settings.md
View File

@ -176,17 +176,32 @@ wiki, packages, or snippets. The repository size limit applies to both private a
For details on manually purging files, see [reducing the repository size using Git](../../project/repository/reducing_the_repo_size_using_git.md).
## Customize the default session duration
## Session duration
You can change how long users can remain signed in.
### Customize the default session duration
You can change how long users can remain signed in without activity.
1. On the top bar, select **Main menu > Admin**.
1. On the left sidebar, select **Settings > General**.
1. Expand **Account and limit**. The set duration is in **Session duration (minutes)**.
If [Remember me](#turn-remember-me-on-or-off) is enabled, users' sessions can remain active for an indefinite period of time.
For details, see [cookies used for sign-in](../../profile/index.md#cookies-used-for-sign-in).
## Customize session duration for Git Operations when 2FA is enabled **(PREMIUM SELF)**
### Turn **Remember me** on or off
> Ability to turn the **Remember me** setting on and off [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/369133) in GitLab 16.0.
Users can select the **Remember me** checkbox on sign-in, and their session will remain active for an indefinite period of time when accessed from that specific browser. You can turn off this setting if you need sessions to expire for security or compliance purposes. Turning off this setting will ensure users' sessions expire after the number of minutes of inactivity set when you [customize your session duration](#customize-the-default-session-duration).
1. On the top bar, select **Main menu > Admin**.
1. On the left sidebar, select **Settings > General**.
1. Expand **Account and limit**.
1. Select or clear the **Remember me** checkbox to turn this setting on or off.
### Customize session duration for Git Operations when 2FA is enabled **(PREMIUM SELF)**
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/296669) in GitLab 13.9.
> - It's deployed behind a feature flag, disabled by default.

24
doc/user/profile/index.md
View File

@ -318,25 +318,27 @@ To view a summary of your activity, or the activity of other users:
1. In the GitLab menu, select **Activity**.
1. Select the **Followed users** tab.
## Stay signed in for two weeks
## Session duration
### Stay signed in for two weeks
By default, you are signed out of GitLab after seven days (10080 minutes) of inactivity or until you close your browser
window, whichever comes first.
By default, you are signed out of GitLab every seven days, or 10080 minutes.
GitLab administrators can
[change this default](../admin_area/settings/account_and_limit_settings.md#customize-the-default-session-duration).
To extend the duration to two weeks:
### Stay signed in indefinitely
- On the GitLab sign-in page, select the **Remember me** checkbox.
> Ability to turn the **Remember me** setting on and off [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/369133) in GitLab 16.0.
## Stay signed in indefinitely
To remain signed in indefinitely, select the **Remember me** checkbox on the GitLab sign-in page.
To remain signed in indefinitely:
You remain signed in because, although the server sets a session time of one week, your browser stores a secure token
that enables automatic reauthentication.
1. On the GitLab sign-in page, select the **Remember me** checkbox.
1. Access GitLab at least once every two weeks, and leave your browser open.
You remain signed in because, although the server sets a time-to-live (TTL) of one week on your browser session,
the server continues to reset the TTL, regardless of whether 2FA is installed.
GitLab administrators can [turn off the **Remember me** setting](../admin_area/settings/account_and_limit_settings.md) for environments
that require sessions to expire periodically for security or compliance purposes.
### Cookies used for sign-in

14
lib/gitlab/gitaly_client/commit_service.rb
View File

@ -441,14 +441,14 @@ module Gitlab
# revision exists, or `false` otherwise. This function accepts all revisions as specified by
# gitrevisions(1).
def object_existence_map(revisions, gitaly_repo: @gitaly_repo)
enum = Enumerator.new do |y|
# This is a bug in Gitaly: revisions of the initial request are ignored. This will be fixed in v15.0 via
# https://gitlab.com/gitlab-org/gitaly/-/merge_requests/4510, so we can merge initial request and the initial
# set of revisions starting with v15.1.
y.yield Gitaly::CheckObjectsExistRequest.new(repository: gitaly_repo)
return {} unless revisions.present?
revisions.each_slice(100) do |revisions_subset|
y.yield Gitaly::CheckObjectsExistRequest.new(revisions: revisions_subset)
enum = Enumerator.new do |y|
revisions.each_slice(100).with_index do |revisions_subset, i|
params = { revisions: revisions_subset }
params[:repository] = gitaly_repo if i == 0
y.yield Gitaly::CheckObjectsExistRequest.new(**params)
end
end

6
locale/gitlab.pot
View File

@ -4532,6 +4532,9 @@ msgstr ""
msgid "Allow use of licensed EE features"
msgstr ""
msgid "Allow users to extend their session"
msgstr ""
msgid "Allow users to register any application to use GitLab as an OAuth provider"
msgstr ""
@ -48772,6 +48775,9 @@ msgstr ""
msgid "Users can request access (if visibility is public or internal)"
msgstr ""
msgid "Users can select 'Remember me' on sign-in to keep their session active beyond the session duration. %{link_start}Learn more.%{link_end}"
msgstr ""
msgid "Users cannot be added to projects in this group"
msgstr ""

11
spec/controllers/admin/application_settings_controller_spec.rb
View File

@ -205,7 +205,7 @@ RSpec.describe Admin::ApplicationSettingsController, :do_not_mock_admin_mode_set
end
context 'boolean attributes' do
shared_examples_for 'updates booolean attribute' do |attribute|
shared_examples_for 'updates boolean attribute' do |attribute|
specify do
existing_value = ApplicationSetting.current.public_send(attribute)
new_value = !existing_value
@ -217,10 +217,11 @@ RSpec.describe Admin::ApplicationSettingsController, :do_not_mock_admin_mode_set
end
end
it_behaves_like 'updates booolean attribute', :user_defaults_to_private_profile
it_behaves_like 'updates booolean attribute', :can_create_group
it_behaves_like 'updates booolean attribute', :admin_mode
it_behaves_like 'updates booolean attribute', :require_admin_approval_after_user_signup
it_behaves_like 'updates boolean attribute', :user_defaults_to_private_profile
it_behaves_like 'updates boolean attribute', :can_create_group
it_behaves_like 'updates boolean attribute', :admin_mode
it_behaves_like 'updates boolean attribute', :require_admin_approval_after_user_signup
it_behaves_like 'updates boolean attribute', :remember_me_enabled
end
context "personal access token prefix settings" do

1
spec/db/schema_spec.rb
View File

@ -23,7 +23,6 @@ RSpec.describe 'Database schema', feature_category: :database do
# See: https://docs.gitlab.com/ee/development/migration_style_guide.html#dropping-a-database-table
REMOVED_FKS = {
# example_table: %w[example_column]
clusters_applications_runners: %w[cluster_id]
}.with_indifferent_access.freeze
# List of columns historically missing a FK, don't add more columns

7
spec/frontend/admin/abuse_report/components/reported_content_spec.js
View File

@ -3,6 +3,7 @@ import { shallowMountExtended } from 'helpers/vue_test_utils_helper';
import { sprintf } from '~/locale';
import { renderGFM } from '~/behaviors/markdown/render_gfm';
import ReportedContent from '~/admin/abuse_report/components/reported_content.vue';
import TruncatedText from '~/vue_shared/components/truncated_text/truncated_text.vue';
import TimeAgoTooltip from '~/vue_shared/components/time_ago_tooltip.vue';
import { REPORTED_CONTENT_I18N } from '~/admin/abuse_report/constants';
import { mockAbuseReport } from '../mock_data';
@ -21,6 +22,7 @@ describe('ReportedContent', () => {
const findModal = () => wrapper.findComponent(GlModal);
const findCard = () => wrapper.findComponent(GlCard);
const findCardHeader = () => findCard().find('.js-test-card-header');
const findTruncatedText = () => findCardHeader().findComponent(TruncatedText);
const findCardBody = () => findCard().find('.js-test-card-body');
const findCardFooter = () => findCard().find('.js-test-card-footer');
const findAvatar = () => findCardFooter().findComponent(GlAvatar);
@ -38,6 +40,7 @@ describe('ReportedContent', () => {
GlSprintf,
GlButton,
GlCard,
TruncatedText,
},
});
};
@ -136,7 +139,9 @@ describe('ReportedContent', () => {
describe('rendering the card header', () => {
describe('when the report contains the reported content', () => {
it('renders the content', () => {
expect(findCardHeader().text()).toBe(report.content.replace(/<\/?[^>]+>/g, ''));
const dummyElement = document.createElement('div');
dummyElement.innerHTML = report.content;
expect(findTruncatedText().text()).toBe(dummyElement.textContent);
});
it('renders gfm', () => {

113
spec/frontend/vue_shared/components/truncated_text/truncated_text_spec.js Normal file
View File

@ -0,0 +1,113 @@
import { GlButton } from '@gitlab/ui';
import { shallowMount } from '@vue/test-utils';
import { __ } from '~/locale';
import TruncatedText from '~/vue_shared/components/truncated_text/truncated_text.vue';
import { createMockDirective, getBinding } from 'helpers/vue_mock_directive';
describe('TruncatedText', () => {
let wrapper;
const findContent = () => wrapper.findComponent({ ref: 'content' }).element;
const findButton = () => wrapper.findComponent(GlButton);
const createComponent = (propsData = {}) => {
wrapper = shallowMount(TruncatedText, {
propsData,
directives: {
GlResizeObserver: createMockDirective('gl-resize-observer'),
},
stubs: {
GlButton,
},
});
};
beforeEach(() => {
createComponent();
});
describe('when mounted', () => {
it('the content has class `gl-truncate-text-by-line`', () => {
expect(findContent().classList).toContain('gl-truncate-text-by-line');
});
it('the content has style variables for `lines` and `mobile-lines` with the correct values', () => {
const { style } = findContent();
expect(style).toContain('--lines');
expect(style.getPropertyValue('--lines')).toBe('3');
expect(style).toContain('--mobile-lines');
expect(style.getPropertyValue('--mobile-lines')).toBe('10');
});
it('the button is not visible', () => {
expect(findButton().exists()).toBe(false);
});
});
describe('when mounted with a value for the lines property', () => {
const lines = 4;
beforeEach(() => {
createComponent({ lines });
});
it('the lines variable has the value of the passed property', () => {
expect(findContent().style.getPropertyValue('--lines')).toBe(lines.toString());
});
});
describe('when mounted with a value for the mobileLines property', () => {
const mobileLines = 4;
beforeEach(() => {
createComponent({ mobileLines });
});
it('the lines variable has the value of the passed property', () => {
expect(findContent().style.getPropertyValue('--mobile-lines')).toBe(mobileLines.toString());
});
});
describe('when resizing and the scroll height is smaller than the offset height', () => {
beforeEach(() => {
getBinding(findContent(), 'gl-resize-observer').value({
target: { scrollHeight: 10, offsetHeight: 20 },
});
});
it('the button remains invisible', () => {
expect(findButton().exists()).toBe(false);
});
});
describe('when resizing and the scroll height is greater than the offset height', () => {
beforeEach(() => {
getBinding(findContent(), 'gl-resize-observer').value({
target: { scrollHeight: 20, offsetHeight: 10 },
});
});
it('the button becomes visible', () => {
expect(findButton().exists()).toBe(true);
});
it('the button text says "show more"', () => {
expect(findButton().text()).toBe(__('Show more'));
});
describe('clicking the button', () => {
beforeEach(() => {
findButton().trigger('click');
});
it('removes the `gl-truncate-text-by-line` class on the content', () => {
expect(findContent().classList).not.toContain('gl-truncate-text-by-line');
});
it('toggles the button text to "Show less"', () => {
expect(findButton().text()).toBe(__('Show less'));
});
});
});
});

52
spec/lib/gitlab/gitaly_client/commit_service_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
RSpec.describe Gitlab::GitalyClient::CommitService do
RSpec.describe Gitlab::GitalyClient::CommitService, feature_category: :gitaly do
let_it_be(:project) { create(:project, :repository) }
let(:storage_name) { project.repository_storage }
@ -406,6 +406,18 @@ RSpec.describe Gitlab::GitalyClient::CommitService do
end
shared_examples 'a #list_all_commits message' do
let(:objects_exist_repo) do
# The object directory of the repository must not be set so that we
# don't use the quarantine directory.
repository.gitaly_repository.dup.tap do |repo|
repo.git_object_directory = ''
end
end
let(:expected_object_exist_requests) do
[gitaly_request_with_params(repository: objects_exist_repo, revisions: gitaly_commits.map(&:id))]
end
it 'sends a list_all_commits message' do
expected_repository = repository.gitaly_repository.dup
expected_repository.git_alternate_object_directories = Google::Protobuf::RepeatedField.new(:string)
@ -415,24 +427,12 @@ RSpec.describe Gitlab::GitalyClient::CommitService do
.with(gitaly_request_with_params(repository: expected_repository), kind_of(Hash))
.and_return([Gitaly::ListAllCommitsResponse.new(commits: gitaly_commits)])
# The object directory of the repository must not be set so that we
# don't use the quarantine directory.
objects_exist_repo = repository.gitaly_repository.dup
objects_exist_repo.git_object_directory = ""
# The first request contains the repository, the second request the
# commit IDs we want to check for existence.
objects_exist_request = [
gitaly_request_with_params(repository: objects_exist_repo),
gitaly_request_with_params(revisions: gitaly_commits.map(&:id))
]
objects_exist_response = Gitaly::CheckObjectsExistResponse.new(revisions: revision_existence.map do
|rev, exists| Gitaly::CheckObjectsExistResponse::RevisionExistence.new(name: rev, exists: exists)
end)
expect(service).to receive(:check_objects_exist)
.with(objects_exist_request, kind_of(Hash))
.with(expected_object_exist_requests, kind_of(Hash))
.and_return([objects_exist_response])
end
@ -495,6 +495,20 @@ RSpec.describe Gitlab::GitalyClient::CommitService do
it_behaves_like 'a #list_all_commits message'
end
context 'with more than 100 commits' do
let(:gitaly_commits) { build_list(:gitaly_commit, 101) }
let(:revision_existence) { gitaly_commits.to_h { |c| [c.id, false] } }
it_behaves_like 'a #list_all_commits message' do
let(:expected_object_exist_requests) do
[
gitaly_request_with_params(repository: objects_exist_repo, revisions: gitaly_commits[0...100].map(&:id)),
gitaly_request_with_params(revisions: gitaly_commits[100..].map(&:id))
]
end
end
end
end
context 'without hook environment' do
@ -588,9 +602,7 @@ RSpec.describe Gitlab::GitalyClient::CommitService do
it 'returns expected results' do
expect_next_instance_of(Gitaly::CommitService::Stub) do |service|
expect(service)
.to receive(:check_objects_exist)
.and_call_original
expect(service).to receive(:check_objects_exist).and_call_original
end
expect(client.object_existence_map(revisions.keys)).to eq(revisions)
@ -600,7 +612,11 @@ RSpec.describe Gitlab::GitalyClient::CommitService do
context 'with empty request' do
let(:revisions) { {} }
it_behaves_like 'a CheckObjectsExistRequest'
it 'doesnt call for Gitaly' do
expect(Gitaly::CommitService::Stub).not_to receive(:new)
expect(client.object_existence_map(revisions.keys)).to eq(revisions)
end
end
context 'when revision exists' do

8
vendor/gems/bundler-checksum/.gitlab-ci.yml vendored
View File

@ -26,3 +26,11 @@ test-2.7:
test-3.0:
image: "ruby:3.0"
extends: .test
rspec-3.1:
image: "ruby:3.1"
extends: .test
rspec-3.2:
image: "ruby:3.2"
extends: .test