Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

This refactors the Markdown pipeline so it supports the rendering of
multiple documents that may belong to different projects. An example of
where this happens is when displaying the event feed of a group. In this
case we retrieve events for all projects in the group. Previously we
would group events per project and render these chunks separately, but
this would result in many SQL queries being executed. By extending the
Markdown pipeline to support this out of the box we can drastically
reduce the number of SQL queries.

To achieve this we introduce a new object to the pipeline:
Banzai::RenderContext. This object simply wraps two other objects: an
optional Project instance, and an optional User instance. On its own
this wouldn't be very helpful, but a RenderContext can also be used to
associate HTML documents with specific Project instances. This work is
done in Banzai::ObjectRenderer and allows us to reuse as many queries
(and results) as possible.

When a user is not logged in, we want to show the `New Issue` link so
he gets directed to the login flow first.

When a project is archived, we never want to show the link.

This prevents performing the requests, and disables all emoji reaction buttons

So we can distinguish between the permissions on the source and the
target project.

- `create_merge_request_from` indicates a user can create a merge
  request with the project as a source_project
- `create_merge_request_in` indicates a user can create a merge
  request with the project as a target_project

This prevents creating merge requests targeting archived projects.

This could happen when a project was already forked, but then the
source was archived.

The TIMESTAMP data type is used for values that contain both date and
time parts. TIMESTAMP has a range of '1970-01-01 00:00:01' UTC to
'2038-01-19 03:14:07' UTC.

A Forever lib class was included to handle future dates for PostgreSQL
and MySQL, also changes were made to DeployToken to enforce Forever.date

Also removes extra conditional from JwtController

- Adds a default on expires_at datetime
- Modifies deploy tokens views to handle default expires at value
- Use datetime_with_timezone where possible
- Remove unused scopes

Also, fixes broken specs

Kamil Trzcińśki authored 6 years ago and Mayra Cabrera committed 6 years ago

We use controller actions to pass a newly created token and errors

- Keep 'Deploy Section' open upon save, otherwise the token might get
  lost
- When an error appears, display the error inside the form and also keep
  the Deploy Section open
- Changue copy of revoke modal

[10.6] Prevent notes on confidential issues from being sent to chat

See merge request gitlab/gitlabhq!2366
# Conflicts:
#	app/helpers/services_helper.rb

Repository archives are always named `<project>-<ref>-<sha>` even if
the ref is a commit. A consequence of always including the sha even
for tags is that packaging a release is more difficult because both
the ref and sha must be known by the packager.

- add append_sha option (defaults true) to provide a method for
toggling this feature.

Support added to GitLab Workhorse by gitlab-org/gitlab-workhorse!232

Jan Provaznik authored 6 years ago and Winnie Hellmann committed 6 years ago

When listing issues and merge requests on dasboard page,
make sure that at least one filter is enabled.

User's id is used in search autocomplete widget instead
of username, which allows presetting user in filter dropdowns.

Related to #43246

- NamespacesHelper#namespace_icon should return a URL instead of an image_tag for groups

When the database is in a read-only state, display a banner on each
page informing the user they cannot write to that GitLab instance.

Closes gitlab-org/gitlab-ce#43937.

Closes #28857

Douwe Maan authored 6 years ago and Mark Fletcher committed 6 years ago

Server Side Request Forgery in Services and Web Hooks

See merge request gitlab/gitlabhq!2337

This also makes the IDE generally available