Fix appearance in error pages
## What does this MR do?
The error pages under `app/views/errors/*` looks like the error page for 404 `public/404.html`
## Are there points in the code the reviewer needs to double check?
I restructured how the GitLab logo is shown in the `public/404.html` and all the pages under `app/views/errors/*`.
## Why was this MR needed?
#24363
## Screenshots (if relevant)
Before
After
## Does this MR meet the acceptance criteria?
- [X] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
- [ ] Added for this feature/bug
- [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [X] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
See merge request !7635
Create pipeline along with builds in the transation
## What does this MR do?
This MR makes it possible to create pipeline along with all associated builds in the transaction, to avoid having empty pipelines when asynchronous job gets terminated.
This will simplify implementation of `PipelineUnlockWorker` in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6988 and improve reliability of the CI as a whole.
## What are the relevant issue numbers?
Related to #24361
See merge request !7742
Rename `MergeRequest#pipeline` to `head_pipeline`
## What does this MR do?
This MR renames `MergeRequest#pipeline` to `MergeRequest#head_pipeline`
## Does this MR meet the acceptance criteria?
- [x] All builds are passing
## What are the relevant issue numbers?
Closes#24810
See merge request !7783
Alert user when logged in user email is not the same as the invitation
## What does this MR do?
Add a note to the invitation page when the logged in user email is not the same as the invitation.
## Why was this MR needed?
Help users to not accept invitations logged in with a wrong account.
## Screenshots (if relevant)
## Relevant issues
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/24955
See merge request !7803
CE-specific changes for gitlab-org/gitlab-ee#1137
## What does this MR do?
- gitlab-org/gitlab-ee#1137 is a `technical debt` issue to clean up the EE protected branch access levels (for users and groups) implementation.
- Some of this cleanup bleeds over to code shared by CE and EE, which is why this MR is required.
- An EE-specific MR has also been created: gitlab-org/gitlab-ee!927
See merge request !7821
Fix the width of project avatars in order to adjust alignment within their container element
## What does this MR do?
Adjusts the width of project avatars in order to fix their alignment within the container elements.
## Are there points in the code the reviewer needs to double check?
To make sure there are no unintentional styles changes on unrelated elements.
## Why was this MR needed?
To fix the issue seen below.
## Screenshots (if relevant)
Before: 
After: 
Affected pages: 
## What are the relevant issue numbers?
Closes#24999
See merge request !7772
Changes project dashboard tabs to sentence casing
Changes the nav tab titles on the project dashboard page (```https://gitlab.com/dashboard/projects```) from title casing to sentence casing.
Before: 
After: 
Closes#25002
See merge request !7774
Expose timestamps in build entity
## What does this MR do?
This MR exposes timestamps for build entity that is being used by serializers in `app/serializers`.
## Does this MR meet the acceptance criteria?
- Tests
- [x] Added for this feature/bug
- [ ] All builds are passing
## What are the relevant issue numbers?
See https://gitlab.com/gitlab-org/gitlab-ce/issues/24844#note_19145053
See merge request !7818
Change airbnb eslint config package to `eslint-config-airbnb-base` and update plugins.
Change `airbnb` to `airbnb-base` for .eslintrc `extends` value.
Added changelog entry
Made sure all plugins and envs are set
Corrected new failing specs
Homogenize sort and filter dropdown toggles
## What does this MR do?
Homogenizes the style of *filter* and *sort* dropdown toggles (aka buttons) related to:
- *issues* (index, new & edit views)
- *issue boards* (index);
- *merge requests* (index, new, edit);
- *projects* (index and "explore");
- *projects admin* (index);
- *groups* (show and "explore");
- *groups admin* (index);
- *users admin* (index);
- *todos* (index);
- *branches* (index);
- *commits* (index);
- *cycle analytics*;
- *network*;
- *forks*;
- *tags* (index);
- *global search*
Some other dropdowns are incidently concerned:
- project admin (show);
- assigne/due date/milestone/label dropdowns on the issue and board sidebars;
- stage dropdown on the build sidebar;
- merge request and comparison dropdowns for choosing forks and branches;
- ref switcher (e.g. in the blob (show) view or in the graphs view);
Dropdown toggles concerned by #24150 but not covered in this MR:
- Dropdowns for selection MR versions to be compared (in the "Changes" tab of an MR);
- Dropdowns that bring up a list of actions:
- "Settings" dropdowns (such as the one found on the upper-right corner of all project pages);
- The download/action/notifications buttons on the main project page;
- Dropdowns located inside of list items (on list of pipelines, users and groups, for instance);
- The "Options" button on the commit (show) view;
- The "+" button on the tree explorer (for creating files, branches, tags, ...)
### TODO
- [ ] Update ui.html if needed
## Are there points in the code the reviewer needs to double check?
Am I changing any other dropdown toggle than listed above?
## Why was this MR needed?
For #24150
## Screenshots (if relevant)
### Issue Index
**Before:**
**After:**
### Issue New
**Before:**
**After:**
### Merge Request Branch Selector
**Before:**
**After:**
### Global Search
### Cycle Analytics
## Does this MR meet the acceptance criteria?
- [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added
- ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~
- ~~API support added~~
- Tests
- ~~Added for this feature/bug~~
- [ ] All builds are passing
- ~~Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)~~
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
#24150
See merge request !7583
Hide project variables values by default
Add a button to reveal/hide the values to help prevent accidental disclosure of sensitive information from wandering on a page.
Closes#21358
See merge request !7731
Add diff hunks to notification emails
Add diff hunks to notification emails. Continued from https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5855 - thanks @hoopes!
This also fixes an issue where the + / - prefixes were missing from diffs in emails.
Screenshots (from my browser) of the HTML emails, along with text screenshots 😛
```
New comment for Merge Request !1 on app/views/admin/builds/index.html.haml:
http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1023
> Finished
This is a comment at the top of a match section.
```
```
New comment for Merge Request !1 on app/views/admin/builds/index.html.haml:
http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1022
> Finished
> %span.badge.js-running-count= @all_builds.finished.count(:id)
>
> - %li{class: ('active' if @scope == 'all')}
> - = link_to admin_builds_path(scope: :all) do
> - All
> - %span.badge.js-totalbuilds-count= @all_builds.count(:id)
> -
> .gray-content-block
> #{(@scope || 'running').capitalize} builds
>
This is a comment at the bottom of a match section.
```
```
New comment for Merge Request !1 on app/views/admin/builds/index.html.haml:
http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1024
> = link_to 'Cancel all', cancel_all_admin_builds_path, data: { confirm: 'Are you sure?' }, class: 'btn btn-danger', method: :post
>
> %ul.center-top-menu
> - %li{class: ('active' if @scope.nil?)}
> + %li{class: ('active' if @scope == 'all')}
> = link_to admin_builds_path do
> + All
This is a comment with some deleted and added lines above it.
```
Closes#21027, closes#24340.
See merge request !7660
Replace issue access checks with use of IssuableFinder
Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867
## Which fixes are in this MR?
⚠️ - Potentially untested
💣 - No test coverage
🚥 - Test coverage of some sort exists (a test failed when error raised)
🚦 - Test coverage of return value (a test failed when nil used)
✅ - Permissions check tested
### Issue lookup with access check
Using `visible_to_user` likely makes these security issues too. See [Code smells](#code-smells).
- [x] 🚦 app/finders/notes_finder.rb:15 [`visible_to_user`]
- [x] 🚥 app/views/layouts/nav/_project.html.haml:73 [`visible_to_user`] [`.count`]
- [x] ✅ app/services/merge_requests/build_service.rb:84 [`issue.try(:confidential?)`]
- [x] ✅ lib/api/issues.rb:112 [`visible_to_user`]
- CHANGELOG: Prevented API returning issues set to 'Only team members' to everyone
- [x] ✅ lib/api/helpers.rb:126 [`can?(current_user, :read_issue, issue)`] Maybe here too?
- [x] ✅ lib/gitlab/search_results.rb:53 [`visible_to_user`]
### Previous discussions
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b2ff264eddf9819d7693c14ae213d941494fe2b3_128_126
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#7b6375270d22f880bdcb085e47b519b426a5c6c7_87_87
See merge request !2031
Fix missing access checks on issue lookup using IssuableFinder
Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867⚠️ - Potentially untested
💣 - No test coverage
🚥 - Test coverage of some sort exists (a test failed when error raised)
🚦 - Test coverage of return value (a test failed when nil used)
✅ - Permissions check tested
- [x] ✅ app/controllers/projects/branches_controller.rb:39
- `before_action :authorize_push_code!` helpes limit/prevent exploitation. Always checks for reporter access so fine with
confidential issues, issues only visible to team, etc.
- [x] 🚥 app/models/cycle_analytics/summary.rb:9 [`.count`]
- [x] ✅ app/controllers/projects/todos_controller.rb:19
- [x] Potential double render in app/controllers/projects/todos_controller.rb
- https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#cedccb227af9bfdf88802767cb58d43c2b977439_24_24
See merge request !2030
Fatih Acet
Annabel Dunstone Gray
Filipa Lacerda
Rémy Coutable
Kamil Trzciński
Douwe Maan
Nur Rony
Semyon Pupkov
tauriedavis
Luis Alonso Chavez Armendariz
Alfredo Sumaran
Grzegorz Bizon
Luke "Jared" Bennett
Dimitrie Hoekstra
Douglas Barbosa Alexandre
Grzegorz Bizon
Timothy Andrew
Sean McGivern
James Lopez
Robert Speicher
Adam Niedzielski