root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2024-03-06 03:14:01 +00:00
parent ab9bbe6307
commit e8060c9b5c
20 changed files with 49 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/user/application_security/dependency_scanning/index.md
View File

@ -840,7 +840,7 @@ The following variables configure the behavior of specific dependency scanning a
| `GEMNASIUM_DB_REF_NAME` | `gemnasium` | `master` | Branch name for remote repository database. `GEMNASIUM_DB_REMOTE_URL` is required. |
| `DS_REMEDIATE` | `gemnasium` | `"true"`, `"false"` in FIPS mode | Enable automatic remediation of vulnerable dependencies. Not supported in FIPS mode. |
| `DS_REMEDIATE_TIMEOUT` | `gemnasium` | `5m` | Timeout for auto-remediation. |
| `GEMNASIUM_LIBRARY_SCAN_ENABLED` | `gemnasium` | `"true"` | Enable detecting vulnerabilities in vendored JavaScript libraries. For now, `gemnasium` leverages [`Retire.js`](https://github.com/RetireJS/retire.js) to do this job. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/350512) in GitLab 14.8. |
| `GEMNASIUM_LIBRARY_SCAN_ENABLED` | `gemnasium` | `"true"` | Enable detecting vulnerabilities in vendored JavaScript libraries (libraries which are not managed by a package manager). This functionality requires a JavaScript lockfile to be present in a commit, otherwise Dependency Scanning is not executed and vendored files are not scanned.<br>Dependency scanning uses the [Retire.js](https://github.com/RetireJS/retire.js) scanner to detect a limited set of vulnerabilities. For details of which vulnerabilities are detected, see the [Retire.js repository](https://github.com/RetireJS/retire.js/blob/master/repository/jsrepository.json). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/350512) in GitLab 14.8. |
| `DS_INCLUDE_DEV_DEPENDENCIES` | `gemnasium` | `"true"` | When set to `"false"`, development dependencies and their vulnerabilities are not reported. Only projects using Composer, npm, pnpm, Pipenv or Poetry are supported. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/227861) in GitLab 15.1. |
| `GOOS` | `gemnasium` | `"linux"` | The operating system for which to compile Go code. |
| `GOARCH` | `gemnasium` | `"amd64"` | The architecture of the processor for which to compile Go code. |

25
doc/user/application_security/sast/troubleshooting.md
View File

@ -123,7 +123,30 @@ If, on the other hand, the class being analyzed is part of your project, conside
## Flawfinder encoding error
This occurs when Flawfinder encounters an invalid UTF-8 character. To fix this, convert all source code in your project to UTF-8 character encoding. This can be done with [`cvt2utf`](https://github.com/x1angli/cvt2utf) or [`iconv`](https://www.gnu.org/software/libiconv/documentation/libiconv-1.13/iconv.1.html) either over the entire project or per job using the [`before_script`](../../../ci/yaml/index.md#before_script) feature.
This occurs when Flawfinder encounters an invalid UTF-8 character. To fix this, apply [their documented advice](https://github.com/david-a-wheeler/flawfinder#character-encoding-errors) to your entire repository, or only per job using the [`before_script`](../../../ci/yaml/index.md#before_script) feature.
You can configure the `before_script` section in each `.gitlab-ci.yml` file, or use a [pipeline execution policy action](../policies/scan-execution-policies.md#pipeline-execution-policy-action) to install the encoder and run the converter command. For example, you can add a `before_script` section to the `flawfinder-sast-0` job generated from the execution policy to convert all files with a `.cpp` extension.
### Example pipeline execution policy YAML
```yaml
---
scan_execution_policy:
- name: SAST
description: 'Run SAST on C++ application'
enabled: true
rules:
- type: pipeline
branch_type: all
actions:
- scan: sast
- scan: custom
ci_configuration: |-
flawfinder-sast-0:
before_script:
- pip install cvt2utf
- cvt2utf convert "$PWD" -i cpp
```
## Semgrep slowness, unexpected results, or other errors

3
doc/user/group/compliance_frameworks.md
View File

@ -19,6 +19,9 @@ requirements or needs additional oversight. The label can optionally enforce
Compliance frameworks are created on top-level groups. Group owners can create, edit, and delete compliance frameworks.
NOTE:
If a project is moved outside of its existing top-level group, its framework is removed.
## Create, edit, or delete a compliance framework
### From compliance frameworks report

2
doc/user/project/integrations/hangouts_chat.md
View File

@ -33,7 +33,7 @@ To configure the integration in Google Chat:
1. Next to the webhook URL, select the vertical ellipsis (**{ellipsis_v}**) > **Copy link**.
For more information about webhooks, see the
[Google Chat documentation](https://developers.google.com/chat/how-tos/webhooks).
[Google Chat documentation](https://developers.google.com/workspace/chat/quickstart/webhooks).
### In GitLab

2
doc/user/project/integrations/pumble.md
View File

@ -19,7 +19,7 @@ You can configure GitLab to send notifications to a Pumble channel:
## Create a webhook for your Pumble channel
1. Follow the steps in [Incoming Webhooks for Pumble](https://pumble.com/help/integrations/custom-apps/incoming-webhooks-for-pumble/) in the Pumble documentation.
1. Follow the steps in [Incoming Webhooks for Pumble](https://pumble.com/help/integrations/add-pumble-apps/incoming-webhooks-for-pumble/) in the Pumble documentation.
1. Copy the webhook URL.
## Configure settings in GitLab

2
doc/user/project/integrations/squash_tm.md
View File

@ -12,7 +12,7 @@ DETAILS:
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/337855) in GitLab 15.10.
When [Squash TM](https://www.squashtest.com/squash-gitlab-integration?lang=en) (Test Management)
When [Squash TM](https://www.squashtest.com/squash-gitlab-platform?lang=en) (Test Management)
integration is enabled and configured in GitLab, issues (typically user stories) created in GitLab
are synchronized as requirements in Squash TM and test progress is reported in GitLab issues.

2
doc/user/project/issues/crosslinking_issues.md
View File

@ -52,7 +52,7 @@ git commit -m "this is my commit message. Related to https://gitlab.com/<usernam
Of course, you can replace `gitlab.com` with the URL of your own GitLab instance.
Linking your first commit to your issue is relevant
for tracking your process with [GitLab Value Stream Analytics](https://about.gitlab.com/stages-devops-lifecycle/value-stream-analytics/).
for tracking your process with [GitLab Value Stream Analytics](https://about.gitlab.com/solutions/value-stream-management/).
It measures the time taken for planning the implementation of that issue,
which is the time between creating an issue and making the first commit.

2
doc/user/project/issues/design_management.md
View File

@ -282,7 +282,7 @@ and [project](../working_with_projects.md#view-project-activity) activity pages.
You can use the GitLab-Figma plugin to upload your designs from Figma directly to your issues
in GitLab.
To use the plugin in Figma, install it from the [Figma Directory](https://www.figma.com/community/plugin/860845891704482356)
To use the plugin in Figma, install it from the [Figma Directory](https://www.figma.com/community/plugin/860845891704482356/gitlab)
and connect to GitLab through a personal access token.
For more information, see the [plugin documentation](https://gitlab.com/gitlab-org/gitlab-figma-plugin/-/wikis/home).

4
doc/user/project/merge_requests/widgets.md
View File

@ -26,7 +26,7 @@ of the **Overview** tab:
If an application is successfully deployed to an
[environment](../../../ci/environments/index.md), the deployed environment and the link to the
[review app](https://about.gitlab.com/stages-devops-lifecycle/review-apps/) are both shown.
[review app](../../../ci/review_apps/index.md) are both shown.
NOTE:
When the pipeline fails in a merge request but it can still be merged,
@ -55,7 +55,7 @@ Set a merge request that looks ready to merge to
## Live preview with Review Apps
If you configured [Review Apps](https://about.gitlab.com/stages-devops-lifecycle/review-apps/) for your project,
If you configured [Review Apps](../../../ci/review_apps/index.md) for your project,
you can preview the changes submitted to a feature branch through a merge request
on a per-branch basis. You don't need to check out the branch, install, and preview locally.
All your changes are available to preview by anyone with the Review Apps link.

2
doc/user/project/pages/custom_domains_ssl_tls_certification/dns_concepts.md
View File

@ -43,7 +43,7 @@ for the most popular hosting services:
- [Go Daddy](https://www.godaddy.com/help/add-an-a-record-19238)
- [Hostgator](https://www.hostgator.com/help/article/changing-dns-records)
- [Inmotion hosting](https://www.inmotionhosting.com/support/edu/cpanel/how-do-i-make-custom-dns-records/)
- [Media Temple](https://mediatemple.zendesk.com/hc/en-us/articles/204403794-how-can-i-change-the-dns-records-for-my-domain)
- [Media Temple](https://mediatemple.zendesk.com/hc/en-us/articles/204403794-How-can-I-change-the-DNS-records-for-my-domain)
- [Microsoft](https://learn.microsoft.com/en-us/windows-server/networking/dns/manage-resource-records?tabs=powershell)
- [Namecheap](https://www.namecheap.com/support/knowledgebase/subcategory/2237/host-records-setup/)

4
doc/user/project/pages/custom_domains_ssl_tls_certification/ssl_tls_concepts.md
View File

@ -58,7 +58,7 @@ reiterating the importance of HTTPS.
## Issuing Certificates
GitLab Pages accepts certificates provided in the [PEM](https://knowledge.digicert.com/quovadis.html) format, issued by
GitLab Pages accepts certificates provided in the [PEM](https://knowledge.digicert.com/quovadis) format, issued by
[Certificate Authorities](https://en.wikipedia.org/wiki/Certificate_authority) or as
[self-signed certificates](https://en.wikipedia.org/wiki/Self-signed_certificate). [Self-signed certificates are typically not used](https://www.mcafee.com/blogs/other-blogs/mcafee-labs/self-signed-certificates-secure-so-why-ban/)
for public websites for security reasons and to ensure that browsers trust your site's certificate.
@ -74,7 +74,7 @@ to everyone. The most popular is [Let's Encrypt](https://letsencrypt.org/),
which issues certificates trusted by most of browsers, it's open
source, and free to use. See [GitLab Pages integration with Let's Encrypt](../custom_domains_ssl_tls_certification/lets_encrypt_integration.md) to enable HTTPS on your custom domain.
Similarly popular are [certificates issued by Cloudflare](https://www.cloudflare.com/ssl/),
Similarly popular are [certificates issued by Cloudflare](https://www.cloudflare.com/application-services/products/ssl/),
which also offers a [free CDN service](https://blog.cloudflare.com/cloudflares-free-cdn-and-you/).
Their certs are valid up to 15 years. See the tutorial on
[how to add a Cloudflare Certificate to your GitLab Pages website](https://about.gitlab.com/blog/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/).

2
doc/user/project/pages/getting_started/pages_ui.md
View File

@ -29,7 +29,7 @@ a pipeline deploys your Pages website.
- Generates static sites or a client-rendered single-page application (SPA),
like [Eleventy](https://www.11ty.dev), [Astro](https://astro.build), or [Jekyll](https://jekyllrb.com).
- Contains a framework configured for static output, such as [Next.js](https://nextjs.org),
[Nuxt.js](https://nuxtjs.org), or [SvelteKit](https://kit.svelte.dev).
[Nuxt](https://nuxt.com), or [SvelteKit](https://kit.svelte.dev).
- GitLab Pages must be enabled for the project. (To enable, go to **Settings > General**,
expand **Visibility, project features, permissions**, and turn on the **Pages** toggle.)

4
doc/user/project/pages/public_folder.md
View File

@ -93,7 +93,7 @@ export default {
NOTE:
GitLab Pages supports only static sites. For Next.js, you can use
Next's [Static HTML export functionality](https://nextjs.org/docs/advanced-features/static-html-export).
Next's [Static HTML export functionality](https://nextjs.org/docs/pages/building-your-application/deploying/static-exports).
With the release of [Next.js 13](https://nextjs.org/blog/next-13) a lot has changed on how Next.js works.
It is recommended to use the following `next.config.js` so all static assets can be exported properly:
@ -157,7 +157,7 @@ Pages, rename the `public` folder to a collision-free alternative first:
```
1. Configure your Nuxt.js application for
[Static Site Generation](https://nuxtjs.org/docs/features/deployment-targets/#static-hosting).
[Static Site Generation](https://nuxt.com/docs/getting-started/deployment#static-hosting).
## Vite

3
doc/user/project/repository/code_suggestions/supported_extensions.md
View File

@ -22,7 +22,7 @@ To use Code Suggestions, use one of these editor extensions:
| VSCode | [VS Code GitLab Workflow extension](https://marketplace.visualstudio.com/items?itemName=GitLab.gitlab-workflow)|
| [GitLab WebIDE (VS Code in the Cloud)](../../../project/web_ide/index.md) | No configuration required. |
| Microsoft Visual Studio | [Visual Studio GitLab extension](https://marketplace.visualstudio.com/items?itemName=GitLab.GitLabExtensionForVisualStudio) |
| JetBrains IDEs | [GitLab Duo Plugin for JetBrains](https://plugins.jetbrains.com/plugin/22325-gitlab) |
| JetBrains IDEs | [GitLab Duo Plugin for JetBrains](https://plugins.jetbrains.com/plugin/22325-gitlab-duo) |
| Neovim | [`gitlab.vim` plugin](https://gitlab.com/gitlab-org/editor-extensions/gitlab.vim) |
A [GitLab Language Server](https://gitlab.com/gitlab-org/editor-extensions/gitlab-lsp) is used in VS Code, Visual Studio, and Neovim. The Language Server supports faster iteration across more platforms. You can also configure it to support Code Suggestions in IDEs where GitLab doesn't provide official support.
@ -37,6 +37,7 @@ The following languages are supported:
| Language | VS Code | JetBrains IDEs | Visual Studio | Neovim |
|------------------|------------------------|------------------------|------------------------|--------|
| C | **{check-circle}** Yes | **{dotted-circle}** No | **{check-circle}** Yes | **{check-circle}** Yes |
| C++ | **{check-circle}** Yes | **{check-circle}** Yes | **{check-circle}** Yes | **{check-circle}** Yes |
| C# | **{check-circle}** Yes | **{check-circle}** Yes | **{check-circle}** Yes | **{check-circle}** Yes |
| CSS | **{dotted-circle}** No | **{check-circle}** Yes | **{dotted-circle}** No | **{dotted-circle}** No |

4
doc/user/project/repository/mirror/push.md
View File

@ -85,9 +85,9 @@ through the [remote mirrors API](../../../../api/remote_mirrors.md).
To configure a mirror from GitLab to GitHub:
1. Create a [GitHub fine-grained personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens)
with at least read and write permissions on the [repository contents](https://docs.github.com/en/rest/overview/permissions-required-for-fine-grained-personal-access-tokens#repository-permissions-for-contents). If your
with at least read and write permissions on the [repository contents](https://docs.github.com/en/rest/authentication/permissions-required-for-fine-grained-personal-access-tokens?apiVersion=2022-11-28#repository-permissions-for-contents). If your
repository contains a `.github/workflows` directory, you must also grant
read and write access for the [Workflows](https://docs.github.com/en/rest/overview/permissions-required-for-fine-grained-personal-access-tokens#repository-permissions-for-workflows).
read and write access for the [Workflows](https://docs.github.com/en/rest/authentication/permissions-required-for-fine-grained-personal-access-tokens?apiVersion=2022-11-28#repository-permissions-for-workflows).
For a more fine-grained access, you can configure your token to only apply
to the specific repository.
1. Enter a **Git repository URL** with this format, changing the variables as needed:

2
doc/user/project/repository/mirror/troubleshooting.md
View File

@ -34,7 +34,7 @@ One of these issues might be occurring:
setting.
1. Your repository exceeds GitHub's file size limit of 100 MB. To fix this problem,
check the file size limit configured for on GitHub, and consider using
[Git Large File Storage](https://git-lfs.github.com) to manage large files.
[Git Large File Storage](https://git-lfs.com/) to manage large files.
## Deadline Exceeded

2
doc/user/project/repository/signed_commits/x509.md
View File

@ -26,7 +26,7 @@ The main difference is the way GitLab determines whether or not the developer's
to their account.
GitLab uses its own certificate store and therefore defines the
[trust chain](https://www.ssl.com/faqs/what-is-a-certificate-authority/).
[trust chain](https://www.ssl.com/article/what-is-a-certificate-authority-ca/).
For a commit or tag to be *verified* by GitLab:
- The signing certificate email must match a verified email address in GitLab.

1
doc/user/project/time_tracking.md
View File

@ -229,7 +229,6 @@ With this option enabled, `75h` is displayed instead of `1w 4d 3h`.
## Related topics
- [Time tracking solutions page](https://about.gitlab.com/solutions/time-tracking/)
- Time tracking GraphQL references:
- [Connection](../../api/graphql/reference/index.md#timelogconnection)
- [Edge](../../api/graphql/reference/index.md#timelogedge)

2
doc/user/ssh.md
View File

@ -484,7 +484,7 @@ You can set up two-factor authentication (2FA) for
## Use EGit on Eclipse
If you are using [EGit](https://www.eclipse.org/egit/), you can [add your SSH key to Eclipse](https://wiki.eclipse.org/EGit/User_Guide#Eclipse_SSH_Configuration).
If you are using [EGit](https://eclipse.dev/egit/), you can [add your SSH key to Eclipse](https://wiki.eclipse.org/EGit/User_Guide#Eclipse_SSH_Configuration).
## Use SSH on Microsoft Windows

2
doc/user/storage_management_automation.md
View File

@ -1199,5 +1199,5 @@ Use the following projects to test storage usage with [cost factors for forks](u
The following resources are not officially supported. Ensure to test scripts and tutorials before running destructive cleanup commands that may not be reverted.
- Forum topic: [Storage management automation resources](https://forum.gitlab.com/t/storage-management-automation-resources/)
- Forum topic: [Storage management automation resources](https://forum.gitlab.com/t/storage-management-automation-resources/91184)
- Script: [GitLab Storage Analyzer](https://gitlab.com/gitlab-de/use-cases/gitlab-api/gitlab-storage-analyzer), unofficial project by the [GitLab Developer Evangelism team](https://gitlab.com/gitlab-de/). You find similar code examples in this documentation how-to here.