This change adds the capability of filtering and pagination for group
runners, group administrators can search and locate their runners.

Vincent Fazio authored 3 years ago and Drew Blessing committed 3 years ago

Previously the user state was set to `blocked` when
`block_auto_created_users` was set for a provider.

Now, the state is set to `blocked_pending_approval` so accounts can be
worked down by admins via the pending approval queue.

Changelog: changed

* fix project importers pagination issue if all repos on page were
already imported

Changelog: fixed

When there is no database value for the User#commit_email attribute,
the User model returns the primary email instead. This modifies the
User#notification_email attribute to behave the same way, instead of
setting the database value as if there had been user input. The intent
of this change is to help standardize the behavior of User secondary
email attributes, as part of a broader refactoring.

Removes the `instance_level_integration_overrides` feature flag to
enable the instance-level overrides feature.

https://gitlab.com/gitlab-org/gitlab/-/issues/218252
https://gitlab.com/gitlab-org/gitlab/-/issues/336750

Changelog: added

* if developer is allowed to create projects in group
  either via global or per-group setting - include them
  in available namespaces list
* remove unused namespaces field from base controller

Changelog: fixed

- Fixes bug related to `merge_request_to_resolve_discussions_of` which
  was introduced when the `yield` was removed from the view.
- Combines existing separate layouts into a single view (this was the
  source of the above bug). The layout hardcoded the name of the
  separate view, and was never reused, so it served no useful purpose
  as a layout anyway.
- Removes unused `has_submit` flag
- Renames views to be consistent "`captcha_check`" terminology used in
  controller and helper methods
- Reorganizes and adds comments to views
- See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/67195

This commit improves blobs downloading in two ways:

- When we send a blob via Workhorse, we don't need to download the
file first, so we can set the limit to zero and download the metadata
only

- When we serve a file via API, then we shouldn't load all unlimited
data, we'd better have a limit there

Changelog: performance

- Splits existing single `SpammableActions` module into three separate
  cohesive, loosely-coupled, and well-named new modules:
  - `SpammableActions::CaptchaCheck::JsonFormatActionsSupport`
  - `SpammableActions::CaptchaCheck::HtmlFormatActionsSupport`
  - `SpammableActions::AkismetMarkAsSpamAction`
- Updates and adds test coverage for the new modules.
- Moves responsibility for redirects out of shared modules and back into
   controllers.
- For clarity, inlines responsibility for determining whether a given
  `issueable` should be spam checked into `IssuableActions#update`,
  including preserving existing inconsistent behavior with regards to
  redirects. Comments added to explain what is happening.
- Renames `MarkAsSpamService` to `AkismetMarkAsSpamService` to make it
  clear that it is specific to Akismet.
- Refactors and DRYs up other related areas of logic

This reverts merge request !64196

Annabel Dunstone Gray authored 3 years ago and Matthias Käppler committed 3 years ago

- Keep wording consistent between issue activity and user profile
  activity feed

Changelog: changed

Changelog: other

Revert Dependency Proxy read permission from requiring
reporter group access to requiring guest root access.

Changelog: changed

This change removes the "runner_list_view_vue_ui" feature flag to
completely replace the admin runner table UI with the Vue UI and
GraphQL implementation.

Changelog: other

This commit checks whether the current user is allowed to create a
project prior to rendering the button.
It also return a `404` error for the Project#new method when the current
user is not allowed to create a new project.

Closes https://gitlab.com/gitlab-org/gitlab/-/issues/333450

Changelog: fixed

Remove the feature flag to enable group deploy token
access for the Dependency Proxy.

Changelog: added

Tom Quirk authored 3 years ago and Alexis Kalderimis committed 3 years ago

- Replace success alert with empty state
- Dynamic page title

Rename existing error tracking factories and add new ones to match new
ActiveRecord models.

Signed-off-by: Dmytro Zaporozhets <dzaporozhets@gitlab.com>

This change adds pronunciation to the
GitLab profile page

Changelog: added

This helper can be used whenever there's a need to stub the DNT
request header.

The `TrackingHelpers` needs to be included in a spec for it to
work.

Accept group deploy tokens as a valid credential
to access the dependency proxy.

Changelog: added

Previously, any user was able to accept an invite even if the
user's email addresses didn't match the invite. A note was
displayed but the invite could still be accepted. With this
change, a user without a matching, confirmed email address
is unable to accept the invite.

Changelog: security

- adds goto action and preview text experiment.

This will allow our frontend to modify the
container_registry_access_level.

The API[0] specifies that stickiness values for flexible rollout should
be in camel case, but were accidentally written to be in all-caps. We
should migrate existing usages and correct the forms and validations to
use camel case variants.

[0]: https://docs.getunleash.io/activation_strategy/#flexiblerollout

Changelog: fixed

These methods were scoped to a connection in
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65262. A
discussion after the merge request was merged revealed these methods
aren't tied to a specific connection, and as such better belong in
Gitlab::Database.

I briefly considered moving them to the Gitlab module instead, as the
methods don't actually run any database queries. Unfortunately, this
isn't possible as this module is loaded too early to prepend it with an
EE module.

We are planning to make a static page that uses only background
HTTP requests.

- experiment successful

Changelog: changed

When switching from custom settings to inherited settings, we rely on
the frontend to fill in the inherited values. For encrypted fields we
can't do that, so if one of them is required it's not possible to revert
an integration from custom settings back to default settings.

This is fixed by ignoring the settings sent by the frontend and instead
propagating the values from the parent integration.

Changelog: fixed

Adam Hegyi authored 3 years ago and E'zeki&el Kigbo committed 3 years ago

This change backports the stage specific endpoints (count, average,
median, records) from the group-level (paid) to FOSS (project-level).

In order for frontend to display appropriate message when a file
has a conflict, they need to know which type of conflict has
occurred.

This adds the `conflict_type` property which can be the following:
- both_modified
- modified_source_removed_target
- modified_target_removed_source
- renamed_same_file
- removed_source_renamed_target
- removed_target_renamed_source
- both_added