Add two methods to the axios_utils Jest mock:
- `waitFor(url)`, which returns a Promise that resolves when the
next request to `url` finishes.
- `waitForAll()`, which returns a Promise that resolves when all
pending requests finish.
Call QuickActionsService on Note update
Add support for notes which just contain
commands after editing
Return http status gone (410) if note was deleted
Temporary frontend addition so it is not
failing when a note is deleted
Move specs to shared examples
Fix rubocop style issue
Deleting note on frontend when status is 410
Use guard clause for note which got deleted
Simplified condition for nil note
This method should no longer be called
with nil note
Refactoring of execute method to reduce
complexity
Move errors update to delete_note method
Note is now deleted visually when it only
contains commands after update
Add expectation
Fix style issues
Changing action to fix tests
Add tests for removeNote and update
deleteNote expectations
A nonce-based Content-Security-Policy thwarts XSS attacks by allowing
inline JavaScript to execute if the script nonce matches the header
value. Rails 5.2 supports nonce-based Content-Security-Policy headers,
so provide configuration to enable this and make it work.
To support this, we need to change all `:javascript` HAML filters to the
following form:
```
= javascript_tag nonce: true do
:plain
...
```
We use `%script` throughout our HAML to store JSON and other text, but
since this doesn't execute, browsers don't appear to block this content
from being used and require the nonce value to be present.
Unnecessary offences include false positives as well as flagged
errors which have follow up issues in order to be addressed.
Not all issues have been addressed before this being submitted
in the spirit of results and iteration.
- Added isSafeURL utility based on prior work in gitlab-ee
- Also added isAbsoluteOrRootRelative() and getBaseURL() utils,
needed by isSafeURL
- Removed URL() fallback because URL() is now polyfilled
- Updated specs
**Why?**
Previously we simply concatenated our paths, which led
to requesting `//api/v4/...` and obviously failed. The BE
supports a relative_url_root of `/`. It's a bug that the FE
does not.
- Compare versions header is full width except in the unified diff mode
with no tree sidebar
- Bar is always full width, but the content within stays centered when
unified and no tree sidebar
- File header is the same height as the "Compare versions header"
- aligns with the design system grid guidelines => 56px
- Diff file headers use a button group, switch icon order to open file
externally being the last option, all buttons will become icon buttons
(icon delivery by @dimitrieh)
- If a file header becomes sticky no rounded corner/double border
problem is visible anymore
This commit adds a resuable UI component that allows a user to search
for a project name, shows the search results, and allows the user to
select one or more projects. This component communicates with its
parent using props and events.
This component was originally created for use in the EE-specific
"Operations Dashboard" page, but it is applicable for CE use cases as
well, and so was added as a CE shared component.
In addition, some logic was extracted from the frequent_items_list_item
component into shared filters to avoid logic duplication.
GitLab Bot
Martin Hanzel
Patrick Derichs
Kushal Pandya
Paul Slaughter
minghuan lei
Simon Knox
Stan Hu
Mike Greiling
Ammar Alakkad
Martin Hanzel
Ezekiel Kigbo
Lukas Eipert
Luke Ward
Phil Hughes
Heinrich Lee Yu
Jon Kolb
Brandon Labuschagne
Simon Knox
Filipa Lacerda
Paul Gascou-Vaillancourt
Nathan Friend
Justin Boyson
Paul Gascou-Vaillancourt
Yoginth
Rajat Jain
Constance Okoghenun
Sam Bigelow
Sergiu Marton
mfluharty
Nathan Friend