Add latest changes from gitlab-org/gitlab@12-4-stable-ee

.gitlab/issue_templates/Acceptance_Testing.md

@@ -25,7 +25,7 @@ Then leave running while monitoring and performing some testing through web, api
 - [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
 - [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
-- [ ] [Check for errors in GitLab Dev Sentry](https://sentry.gitlap.com/gitlab/devgitlaborg/?query=is%3Aunresolved)
+- [ ] [Check for errors in GitLab Dev Sentry](https://sentry.gitlab.net/gitlab/devgitlaborg/?query=is%3Aunresolved)
 ## 2. Staging Trial
@@ -41,7 +41,7 @@ Then leave running while monitoring for at least **15 minutes** while performing
 - [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
 - [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
-- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved)
+- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlab.net/gitlab/gitlabcom/?query=is%3Aunresolved)
 ## 4. Production Server Version Check
@@ -57,7 +57,7 @@ Then leave running while monitoring for at least **15 minutes** while performing
 - [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
 - [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
-- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved)
+- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlab.net/gitlab/gitlabcom/?query=is%3Aunresolved)
 ## 6. Low Impact Check
@@ -69,7 +69,7 @@ Then leave running while monitoring for at least **30 minutes** while performing
 - [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
 - [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
-- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved)
+- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlab.net/gitlab/gitlabcom/?query=is%3Aunresolved)
 ## 7. Mid Impact Trial
@@ -81,7 +81,7 @@ Then leave running while monitoring for at least **12 hours** while performing s
 - [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
 - [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
-- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved)
+- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlab.net/gitlab/gitlabcom/?query=is%3Aunresolved)
 ## 8. Full Impact Trial
@@ -93,7 +93,7 @@ Then leave running while monitoring for at least **1 week**.
 - [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
 - [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
-- [ ] [Check for errors in GitLab Dev Sentry](https://sentry.gitlap.com/gitlab/devgitlaborg/?query=is%3Aunresolved)
+- [ ] [Check for errors in GitLab Dev Sentry](https://sentry.gitlab.net/gitlab/devgitlaborg/?query=is%3Aunresolved)
 #### Success?

.gitlab/issue_templates/Bug.md

@@ -2,17 +2,10 @@
 Please read this!
 Before opening a new issue, make sure to search for keywords in the issues
-filtered by the "regression" or "bug" label.
-For the Community Edition issue tracker:
-
-- https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name%5B%5D=regression
-- https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name%5B%5D=bug
-
-For the Enterprise Edition issue tracker:
-
-- https://gitlab.com/gitlab-org/gitlab-ee/issues?label_name%5B%5D=regression
-- https://gitlab.com/gitlab-org/gitlab-ee/issues?label_name%5B%5D=bug
+filtered by the "regression" or "bug" label:
+- https://gitlab.com/gitlab-org/gitlab/issues?label_name%5B%5D=regression
+- https://gitlab.com/gitlab-org/gitlab/issues?label_name%5B%5D=bug
 and verify the issue you're about to submit isn't a duplicate.
 --->

.gitlab/issue_templates/Coding style proposal.md

@@ -11,6 +11,6 @@ Please describe the proposal and add a link to the source (for example, http://w
 /label ~"development guidelines"
 /label ~"Style decision"
-/label ~Documentation
+/label ~documentation
 /cc @gitlab-org/maintainers/rails-backend

.gitlab/issue_templates/Doc Review.md

@@ -8,13 +8,13 @@
 ## References
-Merged MR that introduced documentation requiring review: 
-Related issue(s): 
+Merged MR that introduced documentation requiring review:
+Related issue(s):
 ## Further Details
 <!-- Any additional context, questions, or notes for the technical writer. -->
-/label ~Documentation ~docs-review
+/label ~documentation ~"Technical Writing"

.gitlab/issue_templates/Documentation.md

@@ -2,23 +2,13 @@
 * Use this issue template for suggesting new docs or updates to existing docs.
   Note: Doc work as part of feature development is covered in the Feature Request template.
-  
+
 * For issues related to features of the docs.gitlab.com site, see
-     https://gitlab.com/gitlab-org/gitlab-docs/issues/       
+     https://gitlab.com/gitlab-org/gitlab-docs/issues/
 * For information about documentation content and process, see
      https://docs.gitlab.com/ee/development/documentation/ -->
-<!-- Type of issue -->
-
-<!-- Un-comment the line for the applicable doc issue type to add its label.
-     Note that all text on that line is deleted upon issue creation. -->
-<!-- /label ~"docs:fix" - Correction or clarification needed. -->
-<!-- /label ~"docs:new" - New doc needed to cover a new topic or use case. -->
-<!-- /label ~"docs:improvement" - Improving an existing doc; e.g. adding a diagram, adding or rewording text, resolving redundancies, cross-linking, etc. -->
-<!-- /label ~"docs:revamp" - Review a page or group of pages in order to plan and implement major improvements/rewrites. -->
-<!-- /label ~"docs:other" - Anything else. -->
-
 ### Problem to solve
 <!-- Include the following detail as necessary:
@@ -50,4 +40,4 @@
 <!-- E.g. related GitLab issues/MRs -->
-/label ~Documentation
+/label ~documentation

.gitlab/issue_templates/Feature Flag Roll Out.md

@@ -24,7 +24,7 @@ Remove the `:feature_name` feature flag ...
 If applicable, any groups/projects that are happy to have this feature turned on early. Some organizations may wish to test big changes they are interested in with a small subset of users ahead of time for example.
-- `gitlab-org/gitlab-ce`/`gitlab-org/gitlab-ee` projects
+- `gitlab-org/gitlab` project
 - `gitlab-org`/`gitlab-com` groups
 - ...
@@ -34,6 +34,7 @@ If applicable, any groups/projects that are happy to have this feature turned on
 - [ ] Test on staging
 - [ ] Ensure that documentation has been updated
 - [ ] Enable on GitLab.com for individual groups/projects listed above and verify behaviour
+- [ ] Coordinate a time to enable the flag with `#production` and `#g_delivery` on slack.
 - [ ] Announce on the issue an estimated time this will be enabled on GitLab.com
 - [ ] Enable on GitLab.com by running chatops command in `#production`
 - [ ] Cross post chatops slack command to `#support_gitlab-com` and in your team channel

.gitlab/issue_templates/Problem_Validation.md

@@ -26,7 +26,7 @@
 ## Confidence
-<!-- How do we know this is a problem? Please provide and link to any supporting information (e.g. data, customer verbatims) and use this basis to provide a numerical assessment on our confidence level in this problem's severity: 
+<!-- How do we know this is a problem? Please provide and link to any supporting information (e.g. data, customer verbatims) and use this basis to provide a numerical assessment on our confidence level in this problem's severity:
 100% = High confidence
 80% = Medium confidence
@@ -34,8 +34,8 @@
 ## Effort
-<!-- How much effort do we think it will be to solve this problem? Please include all counterparts (Product, UX, Engineering, etc) in your assessment and quantify the number of person-months needed to dedicate to the effort. 
+<!-- How much effort do we think it will be to solve this problem? Please include all counterparts (Product, UX, Engineering, etc) in your assessment and quantify the number of person-months needed to dedicate to the effort.
 For example, if the solution will take a product manager, designer, and engineer two weeks of effort - you may quantify this as 1.5 (based on 0.5 months x 3 people). -->
-/label ~"workflow::problem backlog"
+/label ~"workflow::validation backlog" ~devops:: ~category: ~group::

.gitlab/issue_templates/Security Release.md

@@ -18,13 +18,7 @@ Set the title to: `Security Release: 12.2.X, 12.1.X, and 12.0.X`
 ## Security Issues:
-### CE
-
-* {https://gitlab.com/gitlab-org/gitlab-ce/issues link}
-
-### EE
-
-* {https://gitlab.com/gitlab-org/gitlab-ee/issues link}
+* {https://gitlab.com/gitlab-org/gitlab/issues link}
 ## Security Issues in dev.gitlab.org:

.gitlab/issue_templates/Test plan.md

@@ -2,7 +2,7 @@
 <!-- This issue outlines testing activities related to a particular issue or epic.
-[Here is an example test plan](https://gitlab.com/gitlab-org/gitlab-ce/issues/50353)
+[Here is an example test plan](https://gitlab.com/gitlab-org/gitlab-foss/issues/50353)
 This and other comments should be removed as you write the plan -->
@@ -63,7 +63,7 @@ intersection of Components and Attributes.
 Some features might be simple enough that they only involve one Component, while
 more complex features could involve multiple or even all.
-Example (from https://gitlab.com/gitlab-org/gitlab-ce/issues/50353):
+Example (from https://gitlab.com/gitlab-org/gitlab-foss/issues/50353):
 * Repository is
   * Intuitive
     * It's easy to select the desired file template

.gitlab/merge_request_templates/Change documentation location.md

@@ -10,12 +10,12 @@
 <!-- Mention the issue(s) this MR closes or is related to -->
-Closes 
+Closes
 ## Moving docs to a new location?
 Read the guidelines:
-https://docs.gitlab.com/ce/development/documentation/index.html#changing-document-location
+https://docs.gitlab.com/ee/development/documentation/index.html#changing-document-location
 - [ ] Make sure the old link is not removed and has its contents replaced with
       a link to the new location.
@@ -29,4 +29,4 @@ https://docs.gitlab.com/ce/development/documentation/index.html#changing-documen
       with the changes as well (https://docs.gitlab.com/ce/development/documentation/index.html#cherry-picking-from-ce-to-ee).
 - [ ] Ping one of the technical writers for review.
-/label ~Documentation
+/label ~documentation

.gitlab/merge_request_templates/Database changes.md

@@ -24,6 +24,7 @@ When adding migrations:
 - [ ] Added a `down` method so the migration can be reverted
 - [ ] Added the output of the migration(s) to the MR body
 - [ ] Added tests for the migration in `spec/migrations` if necessary (e.g. when migrating data)
+- [ ] Added rollback procedure. Include either a rollback procedure or description how to rollback changes 
 When adding or modifying queries to improve performance:
@@ -37,7 +38,7 @@ When adding foreign keys to existing tables:
 When adding tables:
-- [ ] Ordered columns based on the [Ordering Table Columns](https://docs.gitlab.com/ee/development/ordering_table_columns.html#ordering-table-columns) guidelines
+- [ ] Ordered columns based on the [Ordering Table Columns](https://docs.gitlab.com/ee/development/ordering_table_columns.html) guidelines
 - [ ] Added foreign keys to any columns pointing to data in other tables
 - [ ] Added indexes for fields that are used in statements such as `WHERE`, `ORDER BY`, `GROUP BY`, and `JOIN`s

.gitlab/merge_request_templates/Documentation.md

 <!-- Follow the documentation workflow https://docs.gitlab.com/ee/development/documentation/workflow.html -->
-<!-- Additional information is located at https://docs.gitlab.com/ee/development/documentation/ --> 
+<!-- Additional information is located at https://docs.gitlab.com/ee/development/documentation/ -->
 <!-- Mention "documentation" or "docs" in the MR title -->
 <!-- For changing documentation location use the "Change documentation location" template -->
@@ -17,7 +17,7 @@
 - [ ] Follow the [Documentation Guidelines](https://docs.gitlab.com/ee/development/documentation/) and [Style Guide](https://docs.gitlab.com/ee/development/documentation/styleguide.html).
 - [ ] If applicable, update the [permissions table](https://docs.gitlab.com/ee/user/permissions.html).
 - [ ] Link docs to and from the higher-level index page, plus other related docs where helpful.
-- [ ] Apply the ~Documentation label.
+- [ ] Apply the ~documentation label.
 ## Review checklist
@@ -26,7 +26,7 @@ All reviewers can help ensure accuracy, clarity, completeness, and adherence to
 **1. Primary Reviewer**
 * [ ] Review by a code reviewer or other selected colleague to confirm accuracy, clarity, and completeness. This can be skipped for minor fixes without substantive content changes.
- 
+
 **2. Technical Writer**
 * [ ] Optional: Technical writer review. If not requested for this MR, must be scheduled post-merge. To request for this MR, assign the writer listed for the applicable [DevOps stage](https://about.gitlab.com/handbook/product/categories/#devops-stages).
@@ -35,6 +35,6 @@ All reviewers can help ensure accuracy, clarity, completeness, and adherence to
 1. [ ] Review by assigned maintainer, who can always request/require the above reviews. Maintainer's review can occur before or after a technical writer review.
 1. [ ] Ensure a release milestone is set and that you merge the equivalent EE MR before the CE MR if both exist.
-1. [ ] If there has not been a technical writer review, [create an issue for one using the Doc Review template](https://gitlab.com/gitlab-org/gitlab-ce/issues/new?issuable_template=Doc%20Review).
-/label ~Documentation
+1. [ ] If there has not been a technical writer review, [create an issue for one using the Doc Review template](https://gitlab.com/gitlab-org/gitlab/issues/new?issuable_template=Doc%20Review).
+/label ~documentation

.haml-lint_todo.yml

@@ -208,6 +208,8 @@ linters:
       - 'app/views/projects/_md_preview.html.haml'
       - 'app/views/projects/_new_project_fields.html.haml'
       - 'app/views/projects/_readme.html.haml'
+      - 'app/views/projects/artifacts/_artifact.html.haml'
+      - 'app/views/projects/artifacts/_search_bar.html.haml'
       - 'app/views/projects/artifacts/_tree_file.html.haml'
       - 'app/views/projects/artifacts/browse.html.haml'
       - 'app/views/projects/blame/_age_map_legend.html.haml'
@@ -354,6 +356,7 @@ linters:
       - 'app/views/shared/_auto_devops_implicitly_enabled_banner.html.haml'
       - 'app/views/shared/_commit_message_container.html.haml'
       - 'app/views/shared/_confirm_modal.html.haml'
+      - 'app/views/shared/_confirm_fork_modal.html.haml'
       - 'app/views/shared/_delete_label_modal.html.haml'
       - 'app/views/shared/_group_form.html.haml'
       - 'app/views/shared/_group_tips.html.haml'

.projections.json.example

+{
+  "app/*.rb": {
+    "alternate": "spec/{}_spec.rb",
+    "type": "source"
+  },
+  "spec/*_spec.rb": {
+    "alternate": "app/{}.rb",
+    "type": "test"
+  },
+  "lib/*.rb": {
+    "alternate": "spec/lib/{}_spec.rb",
+    "type": "source"
+  },
+  "spec/lib/*_spec.rb": {
+    "alternate": "lib/{}.rb",
+    "type": "test"
+  },
+  "ee/app/*.rb": {
+    "alternate": "ee/spec/{}_spec.rb",
+    "type": "source"
+  },
+  "ee/spec/*_spec.rb": {
+    "alternate": "ee/app/{}.rb",
+    "type": "test"
+  },
+  "ee/lib/*.rb": {
+    "alternate": "ee/spec/lib/{}_spec.rb",
+    "type": "source"
+  },
+  "ee/spec/lib/*_spec.rb": {
+    "alternate": "ee/lib/{}.rb",
+    "type": "test"
+  },
+  "*.rb": {"dispatch": "bundle exec rubocop {file}"},
+  "*_spec.rb": {"dispatch": "bundle exec rspec {file}"}
+}

.rubocop.yml

@@ -51,7 +51,6 @@ Style/FrozenStringLiteralComment:
     - 'danger/**/*'
     - 'db/**/*'
     - 'ee/db/**/*'
-    - 'ee/spec/**/*'
     - 'ee/lib/tasks/**/*'
     - 'lib/tasks/**/*'
     - 'qa/**/*'
@@ -179,6 +178,11 @@ Gitlab/ModuleWithInstanceVariables:
     - spec/support/**/*.rb
     - features/steps/**/*.rb
+Gitlab/ConstGetInheritFalse:
+  Enabled: true
+  Exclude:
+    - 'qa/bin/*'
+
 Gitlab/HTTParty:
   Enabled: true
   Exclude:
@@ -218,6 +222,12 @@ ActiveRecordAssociationReload:
     - 'spec/**/*'
     - 'ee/spec/**/*'
+Naming/PredicateName:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'ee/spec/**/*'
+
 RSpec/FactoriesInMigrationSpecs:
   Enabled: true
   Include:

.rubocop_todo.yml

@@ -273,11 +273,6 @@ RSpec/ContextWording:
 RSpec/EmptyLineAfterFinalLet:
   Enabled: false
-# Offense count: 232
-# Cop supports --auto-correct.
-RSpec/EmptyLineAfterSubject:
-  Enabled: false
-
 # Offense count: 719
 # Cop supports --auto-correct.
 # Configuration parameters: EnforcedStyle.
@@ -442,19 +437,6 @@ Rails/LinkToBlank:
     - 'ee/app/helpers/ee/user_callouts_helper.rb'
     - 'ee/app/helpers/license_helper.rb'
-# Offense count: 11
-# Cop supports --auto-correct.
-Rails/Presence:
-  Exclude:
-    - 'app/models/ci/pipeline.rb'
-    - 'app/models/concerns/mentionable.rb'
-    - 'app/models/project_services/hipchat_service.rb'
-    - 'app/models/project_services/irker_service.rb'
-    - 'app/models/project_services/jira_service.rb'
-    - 'app/models/project_services/packagist_service.rb'
-    - 'app/models/wiki_page.rb'
-    - 'lib/gitlab/github_import/importer/releases_importer.rb'
-
 # Offense count: 1
 # Cop supports --auto-correct.
 # Configuration parameters: Include.

CHANGELOG-EE.md

 Please view this file on the master branch, on stable branches it's out of date.
+## 12.3.4
+
+### Fixed (2 changes)
+
+- Fix replies to service desk emails for projects with issue access as Only Project Members. !17401
+- Geo: LFS not being synced. !17633
+
+
+## 12.3.2
+
+### Security (2 changes)
+
+- Hide approvers if a rule has any hidden groups.
+- Prevent IDOR when adding groups to protected environments.
+
+
+## 12.3.1
+
+- No changes.
+
 ## 12.3.0
 ### Security (3 changes)
@@ -183,6 +203,29 @@ Please view this file on the master branch, on stable branches it's out of date.
 - Fixes style-lint errors and warnings for EE builds.scss file.
+## 12.2.8
+
+### Fixed (1 change)
+
+- Geo: LFS not being synced. !17633
+
+
+## 12.2.7
+
+### Security (1 change)
+
+- Restrict access for security reports in MR widget.
+
+
+## 12.2.6
+
+### Security (3 changes)
+
+- Hide approvers if a rule has any hidden groups.
+- Fix Gitaly SearchBlobs flag RPC injection [Gitaly v1.59.3].
+- Prevent IDOR when adding groups to protected environments.
+
+
 ## 12.2.5
 ### Security (1 change)
@@ -435,6 +478,27 @@ Please view this file on the master branch, on stable branches it's out of date.
 - Fix alignment of activity dropdown in epic tabs; add counter to discussion tab.
+## 12.1.14
+
+### Fixed (1 change)
+
+- Geo: LFS not being synced. !17633
+
+
+## 12.1.12
+
+### Security (4 changes)
+
+- Hide approvers if a rule has any hidden groups.
+- Fix Gitaly SearchBlobs flag RPC injection [Gitaly v1.53.4].
+- Prevent IDOR when adding groups to protected environments.
+- Upgrade mermaid to prevent XSS.
+
+
+## 12.1.10
+
+- No changes.
+
 ## 12.1.5
 - No changes.
@@ -4207,7 +4271,7 @@ Please view this file on the master branch, on stable branches it's out of date.
 ## 8.14.0 (2016-11-22)
 - Added Backfill service for Geo. !861
-- Fix for autosuggested approvers(https://gitlab.com/gitlab-org/gitlab-ee/issues/1273).
+- Fix for autosuggested approvers(https://gitlab.com/gitlab-org/gitlab/issues/1273).
 - Gracefully recover from previously failed rebase.
 - Disable retries for remote mirror update worker. !848
 - Fix Approvals API documentation.

CHANGELOG.md

@@ -2,33 +2,28 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
-## 12.3.5
-
-- No changes.
-
 ## 12.3.4
-- No changes.
-
-## 12.3.3
-### Security (1 change)
-
-- Fix private feature Elasticsearch leak.
+### Fixed (2 changes)
+- Fix cannot merge icon showing in dropdown for users who can merge. !17306
+- Fix pipelines for merge requests in project exports. !17844
 ## 12.3.2
-### Security (10 changes)
+### Security (12 changes)
 - Fix Gitaly SearchBlobs flag RPC injection.
 - Add a policy check for system notes that may not be visible due to cross references to private items.
 - Display only participants that user has permission to see on milestone page.
 - Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings.
+- Check permissions before showing head pipeline blocking merge requests.
 - Fix new project path being disclosed through unsubscribe link of issue/merge requests.
 - Prevent bypassing email verification using Salesforce.
 - Do not show resource label events referencing not accessible labels.
 - Cancel all running CI jobs triggered by the user who is just blocked.
+- Fix Gitaly SearchBlobs flag RPC injection.
 - Only render fixed number of mermaid blocks.
 - Prevent GitLab accounts takeover if SAML is configured.
@@ -312,6 +307,37 @@ entry.
 - Updates tooltip of 'detached' label/state.
+## 12.2.8
+
+### Security (1 change)
+
+- Limit search for IID to a type to avoid leaking records with the same IID that the user does not have access to.
+
+
+## 12.2.7
+
+### Security (1 change)
+
+- Fix private feature Elasticsearch leak.
+
+
+## 12.2.6
+
+### Security (11 changes)
+
+- Add a policy check for system notes that may not be visible due to cross references to private items.
+- Display only participants that user has permission to see on milestone page.
+- Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings.
+- Check permissions before showing head pipeline blocking merge requests.
+- Fix new project path being disclosed through unsubscribe link of issue/merge requests.
+- Prevent bypassing email verification using Salesforce.
+- Do not show resource label events referencing not accessible labels.
+- Cancel all running CI jobs triggered by the user who is just blocked.
+- Fix Gitaly SearchBlobs flag RPC injection [Gitaly v1.59.3].
+- Only render fixed number of mermaid blocks.
+- Prevent GitLab accounts takeover if SAML is configured.
+
+
 ## 12.2.5
 ### Security (1 change)
@@ -630,6 +656,35 @@ entry.
 - Update Packer.gitlab-ci.yml to use latest image. (Kelly Hair)
+## 12.1.14
+
+### Security (1 change)
+
+- Limit search for IID to a type to avoid leaking records with the same IID that the user does not have access to.
+
+
+## 12.1.12
+
+### Security (12 changes)
+
+- Add a policy check for system notes that may not be visible due to cross references to private items.
+- Display only participants that user has permission to see on milestone page.
+- Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings.
+- Check permissions before showing head pipeline blocking merge requests.
+- Fix new project path being disclosed through unsubscribe link of issue/merge requests.
+- Prevent bypassing email verification using Salesforce.
+- Do not show resource label events referencing not accessible labels.
+- Cancel all running CI jobs triggered by the user who is just blocked.
+- Fix Gitaly SearchBlobs flag RPC injection.
+- Only render fixed number of mermaid blocks.
+- Prevent GitLab accounts takeover if SAML is configured.
+- Upgrade mermaid to prevent XSS.
+
+
+## 12.1.10
+
+- No changes.
+
 ## 12.1.5
 ### Security (2 changes)
@@ -8394,7 +8449,7 @@ entry.
 - Reinstate is_admin flag in users api when authenticated user is an admin. !12211 (rickettm)
 - Fix edit button for deploy keys available from other projects. !12301 (Alexander Randa)
 - Fix passing CI_ENVIRONMENT_NAME and CI_ENVIRONMENT_SLUG for CI_ENVIRONMENT_URL. !12344
-- Disable environment list refresh due to bug https://gitlab.com/gitlab-org/gitlab-ee/issues/2677. !12347
+- Disable environment list refresh due to bug https://gitlab.com/gitlab-org/gitlab/issues/2677. !12347
 - Standardize timeline note margins across different viewport sizes. !12364
 - Fix Ordered Task List Items. !31483 (Jared Deckard <jared.deckard@gmail.com>)
 - Upgrade dependency to Go 1.8.3. !31943

Dangerfile

 # frozen_string_literal: true
 require_relative 'lib/gitlab_danger'
+require_relative 'lib/gitlab/danger/request_helper'
 danger.import_plugin('danger/plugins/helper.rb')
 danger.import_plugin('danger/plugins/roulette.rb')

GITALY_SERVER_VERSION

-1.65.1
+1.67.0