Gem version updates

### Bump rails, jquery-rails, sprockets, sass-rails versions

Addresses security advisories:

- https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY
- https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc

---

### Bump coveralls version

Addresses security issues in its rest-client dependencies:

- https://github.com/rest-client/rest-client/issues/369
- http://www.osvdb.org/show/osvdb/117461

Closes #214

See merge request !194

Addresses security issues in its rest-client dependencies:

- https://github.com/rest-client/rest-client/issues/369
- http://www.osvdb.org/show/osvdb/117461

Addresses security advisories:

- https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY
- https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc

Make configurable builds_path in application.yml

We have a new option in `application.yml`:
```
gitlab_ci:
  builds_path: builds/
```

/cc @marin @vsizov

See merge request !193

Added random salt and hashing to oauth state parameter

This ensures signs state parameter. The generated state is built like this:
```
salt = random_hex(16bytes)
secret = sha256_hex(gitlab_ci_secret + salt + return_to)
state = "salt:secret:return_to"
```

This prevents from faking the state and forcing redirect to provided URL. However this doesn't prevent replay attacks if you know the valid `state` parameter for specific `return_to`. Should we be concerned about it?

/cc @vsizov @jacobvosmaer

See merge request !192

Allow to define per-job allow_failure parameter

It allows to ignore status of specific build when computing status for commit

YAML syntax:
```yaml
rspec:
  script: aa
  allow_failure: true
```

![Screen_Shot_2015-07-08_at_11.28.53](https://gitlab.com/gitlab-org/gitlab-ci/uploads/0af264f026cac18921aef339bcf41fe2/Screen_Shot_2015-07-08_at_11.28.53.png)

/cc @vsizov @sytses

See merge request !191

Build trace in file

https://dev.gitlab.org/gitlab/gitlab-ci/issues/272

See merge request !167

This ensures that content of state is generated by CI, but doesn't prevent replay attacks on state parameter.

It allows to ignore status of specific job when computed for commit

Transparent favicon

Fixes #292 

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

See merge request !164

Added documentation about the use of Dpl

Please review.

1. Is that clear how to use Dpl?
2. Where the examples should be stored?
3. What should be else added? Maybe example for different provider?

See merge request !170

Added information about building projects using Docker

/cc @JobV

See merge request !178

Update annotations

I don't think that we need entry in log for this change.

/cc @vsizov

See merge request !189

Added support for image and services in YAML

- [x] Prepare changes for GitLab CI
- [x] Prepare documentation (70% done): https://gitlab.com/gitlab-org/gitlab-ci/merge_requests/178
- [x] Prepare GitLab Runner - changes are pushed to bleeding edge

/cc @vsizov

See merge request !181

Remove old sessions in order to force a new access_token access

/cc @vsizov @jacobvosmaer

See merge request !188

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Refactoring: Get rid of private_token usage in the frontend

See merge request !185

Rounded coverage on commit page

https://dev.gitlab.org/gitlab/gitlab-ci/issues/312

See merge request !184