diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-21 12:10:32 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-21 12:10:32 +0300 |
| commit | a065770457b66dc856897fc5282bf897b9e4f65b (patch) | |
| tree | 2a992390d136664247bbbd177109709bcffd2808 | |
| parent | 2df3fbbc602861654d8797da654f578fd2b60303 (diff) | |
Add latest changes from gitlab-org/gitlab@master
45 files changed, 381 insertions, 110 deletions
diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index 8bd59719342..ebb2df3e7c1 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -461,7 +461,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/deploy_tokens.md @rdickenson /doc/api/deployments.md @rdickenson /doc/api/discussions.md @aqualls -/doc/api/dora/ @fneill +/doc/api/dora/ @lciutacu /doc/api/environments.md @rdickenson /doc/api/epic_issues.md @msedlakjakubowski /doc/api/epic_links.md @msedlakjakubowski @@ -484,8 +484,8 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/graphql/sample_issue_boards.md @msedlakjakubowski /doc/api/graphql/users_example.md @jglassman1 /doc/api/group_access_tokens.md @jglassman1 -/doc/api/group_activity_analytics.md @fneill -/doc/api/group_badges.md @fneill +/doc/api/group_activity_analytics.md @lciutacu +/doc/api/group_badges.md @lciutacu /doc/api/group_boards.md @msedlakjakubowski /doc/api/group_clusters.md @phillipwells /doc/api/group_import_export.md @eread @@ -498,7 +498,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/group_releases.md @rdickenson /doc/api/group_repository_storage_moves.md @ashrafkhamis /doc/api/group_wikis.md @ashrafkhamis -/doc/api/groups.md @fneill +/doc/api/groups.md @lciutacu /doc/api/import.md @eread /doc/api/index.md @ashrafkhamis /doc/api/instance_clusters.md @phillipwells @@ -588,7 +588,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/templates/gitlab_ci_ymls.md @marcel.amirault /doc/api/templates/licenses.md @rdickenson /doc/api/todos.md @msedlakjakubowski -/doc/api/topics.md @fneill +/doc/api/topics.md @lciutacu /doc/api/usage_data.md @claytoncornell /doc/api/users.md @jglassman1 /doc/api/version.md @phillipwells @@ -718,7 +718,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/development/permissions.md @jglassman1 /doc/development/policies.md @jglassman1 /doc/development/product_qualified_lead_guide/ @phillipwells -/doc/development/project_templates.md @fneill +/doc/development/project_templates.md @lciutacu /doc/development/prometheus_metrics.md @msedlakjakubowski /doc/development/real_time.md @msedlakjakubowski /doc/development/sec/ @rdickenson @@ -730,8 +730,8 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/development/testing_guide/ @sselhorn /doc/development/testing_guide/contract/ @sselhorn /doc/development/testing_guide/end_to_end/ @sselhorn -/doc/development/value_stream_analytics.md @fneill -/doc/development/value_stream_analytics/ @fneill +/doc/development/value_stream_analytics.md @lciutacu +/doc/development/value_stream_analytics/ @lciutacu /doc/development/wikis.md @ashrafkhamis /doc/development/work_items.md @msedlakjakubowski /doc/development/work_items_widgets.md @msedlakjakubowski @@ -798,7 +798,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/update/mysql_to_postgresql.md @aqualls /doc/update/package/ @axil /doc/update/upgrading_postgresql_using_slony.md @aqualls -/doc/user/admin_area/analytics/ @fneill +/doc/user/admin_area/analytics/ @lciutacu /doc/user/admin_area/broadcast_messages.md @phillipwells /doc/user/admin_area/credentials_inventory.md @jglassman1 /doc/user/admin_area/custom_project_templates.md @eread @@ -833,10 +833,10 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/admin_area/settings/rate_limit_on_notes_creation.md @msedlakjakubowski /doc/user/admin_area/settings/rate_limit_on_pipelines_creation.md @marcel.amirault /doc/user/admin_area/settings/rate_limit_on_users_api.md @jglassman1 -/doc/user/admin_area/settings/third_party_offers.md @fneill +/doc/user/admin_area/settings/third_party_offers.md @lciutacu /doc/user/admin_area/settings/usage_statistics.md @claytoncornell /doc/user/admin_area/settings/visibility_and_access_controls.md @aqualls -/doc/user/analytics/ @fneill +/doc/user/analytics/ @lciutacu /doc/user/analytics/ci_cd_analytics.md @rdickenson /doc/user/application_security/api_fuzzing/ @rdickenson /doc/user/application_security/configuration/ @rdickenson @@ -873,14 +873,14 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/discussions/ @aqualls /doc/user/feature_flags.md @sselhorn /doc/user/free_user_limit.md @phillipwells -/doc/user/group/ @fneill +/doc/user/group/ @lciutacu /doc/user/group/clusters/ @phillipwells -/doc/user/group/contribution_analytics/ @fneill +/doc/user/group/contribution_analytics/ @lciutacu /doc/user/group/custom_project_templates.md @eread -/doc/user/group/devops_adoption/ @fneill +/doc/user/group/devops_adoption/ @lciutacu /doc/user/group/epics/ @msedlakjakubowski /doc/user/group/import/ @eread -/doc/user/group/insights/ @fneill +/doc/user/group/insights/ @lciutacu /doc/user/group/issues_analytics/ @msedlakjakubowski /doc/user/group/iterations/ @msedlakjakubowski /doc/user/group/planning_hierarchy/ @msedlakjakubowski @@ -889,8 +889,8 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/group/saml_sso/ @jglassman1 /doc/user/group/settings/group_access_tokens.md @jglassman1 /doc/user/group/settings/import_export.md @eread -/doc/user/group/subgroups/ @fneill -/doc/user/group/value_stream_analytics/ @fneill +/doc/user/group/subgroups/ @lciutacu +/doc/user/group/value_stream_analytics/ @lciutacu /doc/user/infrastructure/ @phillipwells /doc/user/infrastructure/clusters/ @phillipwells /doc/user/infrastructure/clusters/connect/ @phillipwells @@ -900,7 +900,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/infrastructure/clusters/manage/management_project_applications/runner.md @sselhorn /doc/user/infrastructure/iac/ @phillipwells /doc/user/markdown.md @aqualls -/doc/user/namespace/ @fneill +/doc/user/namespace/ @lciutacu /doc/user/packages/ @claytoncornell /doc/user/packages/composer_repository/ @claytoncornell /doc/user/packages/conan_repository/ @claytoncornell @@ -933,8 +933,8 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/project/description_templates.md @msedlakjakubowski /doc/user/project/import/ @eread /doc/user/project/import/jira.md @msedlakjakubowski -/doc/user/project/index.md @fneill -/doc/user/project/insights/ @fneill +/doc/user/project/index.md @lciutacu +/doc/user/project/insights/ @lciutacu /doc/user/project/integrations/ @ashrafkhamis /doc/user/project/integrations/prometheus.md @msedlakjakubowski /doc/user/project/integrations/prometheus_library/ @msedlakjakubowski @@ -942,7 +942,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/project/issues/ @msedlakjakubowski /doc/user/project/issues/csv_import.md @eread /doc/user/project/labels.md @msedlakjakubowski -/doc/user/project/members/ @fneill +/doc/user/project/members/ @lciutacu /doc/user/project/merge_requests/ @aqualls /doc/user/project/merge_requests/approvals/ @aqualls /doc/user/project/merge_requests/csv_export.md @eread @@ -969,14 +969,14 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/project/requirements/ @msedlakjakubowski /doc/user/project/service_desk.md @msedlakjakubowski /doc/user/project/settings/import_export.md @eread -/doc/user/project/settings/index.md @fneill +/doc/user/project/settings/index.md @lciutacu /doc/user/project/settings/project_access_tokens.md @jglassman1 /doc/user/project/time_tracking.md @msedlakjakubowski /doc/user/project/web_ide/ @ashrafkhamis /doc/user/project/wiki/ @ashrafkhamis -/doc/user/project/working_with_projects.md @fneill -/doc/user/public_access.md @fneill -/doc/user/reserved_names.md @fneill +/doc/user/project/working_with_projects.md @lciutacu +/doc/user/public_access.md @lciutacu +/doc/user/reserved_names.md @lciutacu /doc/user/search/ @ashrafkhamis /doc/user/search/global_search/ @ashrafkhamis /doc/user/shortcuts.md @ashrafkhamis @@ -985,7 +985,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/tasks.md @msedlakjakubowski /doc/user/todos.md @msedlakjakubowski /doc/user/usage_quotas.md @fneill -/doc/user/workspace/ @fneill +/doc/user/workspace/ @lciutacu [Authentication and Authorization] /app/assets/javascripts/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers diff --git a/app/controllers/projects/starrers_controller.rb b/app/controllers/projects/starrers_controller.rb index bc857648a06..06996e8e5fc 100644 --- a/app/controllers/projects/starrers_controller.rb +++ b/app/controllers/projects/starrers_controller.rb @@ -11,14 +11,8 @@ class Projects::StarrersController < Projects::ApplicationController @starrers = UsersStarProjectsFinder.new(@project, params, current_user: @current_user).execute @sort = params[:sort].presence || sort_value_name @starrers = @starrers.preload_users.sort_by_attribute(@sort).page(params[:page]) - @public_count = @project.starrers.with_public_profile.size - @total_count = @project.starrers.size + @public_count = @project.starrers.active.with_public_profile.size + @total_count = @project.starrers.active.size @private_count = @total_count - @public_count end - - private - - def has_starred_project?(starrers) - starrers.first { |starrer| starrer.user_id == current_user.id } - end end diff --git a/app/finders/users_star_projects_finder.rb b/app/finders/users_star_projects_finder.rb index 7a7587c8631..ed36d0fb274 100644 --- a/app/finders/users_star_projects_finder.rb +++ b/app/finders/users_star_projects_finder.rb @@ -12,7 +12,7 @@ class UsersStarProjectsFinder end def execute - stars = UsersStarProject.all + stars = UsersStarProject.with_active_user stars = by_project(stars) stars = by_search(stars) filter_visible_profiles(stars) diff --git a/app/models/users_star_project.rb b/app/models/users_star_project.rb index 9a514b82506..9998e9b561f 100644 --- a/app/models/users_star_project.rb +++ b/app/models/users_star_project.rb @@ -12,6 +12,7 @@ class UsersStarProject < ApplicationRecord alias_attribute :starred_since, :created_at + scope :with_active_user, -> { joins(:user).merge(User.active) } scope :order_user_name_asc, -> { joins(:user).merge(User.order_name_asc) } scope :order_user_name_desc, -> { joins(:user).merge(User.order_name_desc) } scope :by_project, -> (project) { where(project_id: project.id) } diff --git a/config/metrics/counts_28d/20220222215951_xmau_plan.yml b/config/metrics/counts_28d/20220222215951_xmau_plan.yml index c254ad942c2..bc6c40d502f 100644 --- a/config/metrics/counts_28d/20220222215951_xmau_plan.yml +++ b/config/metrics/counts_28d/20220222215951_xmau_plan.yml @@ -22,6 +22,7 @@ options: - users_updating_work_item_dates - users_updating_work_item_labels - users_updating_work_item_iteration + - users_updating_weight_estimate data_category: optional distribution: - ce diff --git a/config/metrics/counts_28d/20220222215952_xmau_project_management.yml b/config/metrics/counts_28d/20220222215952_xmau_project_management.yml index 0dad4fd0979..9bafbe059ab 100644 --- a/config/metrics/counts_28d/20220222215952_xmau_project_management.yml +++ b/config/metrics/counts_28d/20220222215952_xmau_project_management.yml @@ -22,6 +22,7 @@ options: - users_updating_work_item_dates - users_updating_work_item_labels - users_updating_work_item_iteration + - users_updating_weight_estimate data_category: optional distribution: - ce diff --git a/config/metrics/counts_28d/20220222215955_users_work_items.yml b/config/metrics/counts_28d/20220222215955_users_work_items.yml index ec07fb25f11..a6b169730e8 100644 --- a/config/metrics/counts_28d/20220222215955_users_work_items.yml +++ b/config/metrics/counts_28d/20220222215955_users_work_items.yml @@ -22,6 +22,7 @@ options: - users_updating_work_item_dates - users_updating_work_item_labels - users_updating_work_item_iteration + - users_updating_weight_estimate data_category: optional distribution: - ce diff --git a/config/metrics/counts_28d/20220707022802_users_updating_weight_estimate_monthly.yml b/config/metrics/counts_28d/20220707022802_users_updating_weight_estimate_monthly.yml new file mode 100644 index 00000000000..88fc09b6cc2 --- /dev/null +++ b/config/metrics/counts_28d/20220707022802_users_updating_weight_estimate_monthly.yml @@ -0,0 +1,26 @@ +--- +key_path: redis_hll_counters.work_items.users_updating_weight_estimate_monthly +name: users_updating_weight_estimate_monthly +description: Unique users updating a work item's weight estimate +product_category: team_planning +product_section: dev +product_stage: plan +product_group: project_management +value_type: number +status: active +milestone: "15.2" +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91957 +time_frame: 28d +data_source: redis_hll +data_category: optional +instrumentation_class: RedisHLLMetric +performance_indicator_type: [] +options: + events: + - users_updating_weight_estimate +distribution: +- ce +- ee +tier: +- premium +- ultimate diff --git a/config/metrics/counts_7d/20220222215851_xmau_plan.yml b/config/metrics/counts_7d/20220222215851_xmau_plan.yml index 77325a205ee..b1776b614fb 100644 --- a/config/metrics/counts_7d/20220222215851_xmau_plan.yml +++ b/config/metrics/counts_7d/20220222215851_xmau_plan.yml @@ -22,6 +22,7 @@ options: - users_updating_work_item_dates - users_updating_work_item_labels - users_updating_work_item_iteration + - users_updating_weight_estimate data_category: optional distribution: - ce diff --git a/config/metrics/counts_7d/20220222215852_xmau_project_management.yml b/config/metrics/counts_7d/20220222215852_xmau_project_management.yml index c7e712cf92a..6aa913a778e 100644 --- a/config/metrics/counts_7d/20220222215852_xmau_project_management.yml +++ b/config/metrics/counts_7d/20220222215852_xmau_project_management.yml @@ -22,6 +22,7 @@ options: - users_updating_work_item_dates - users_updating_work_item_labels - users_updating_work_item_iteration + - users_updating_weight_estimate data_category: optional distribution: - ce diff --git a/config/metrics/counts_7d/20220222215855_users_work_items.yml b/config/metrics/counts_7d/20220222215855_users_work_items.yml index 0985f38c83b..952f15f3050 100644 --- a/config/metrics/counts_7d/20220222215855_users_work_items.yml +++ b/config/metrics/counts_7d/20220222215855_users_work_items.yml @@ -22,6 +22,7 @@ options: - users_updating_work_item_dates - users_updating_work_item_labels - users_updating_work_item_iteration + - users_updating_weight_estimate data_category: optional distribution: - ce diff --git a/config/metrics/counts_7d/20220707022758_users_updating_weight_estimate_weekly.yml b/config/metrics/counts_7d/20220707022758_users_updating_weight_estimate_weekly.yml new file mode 100644 index 00000000000..17486482ad1 --- /dev/null +++ b/config/metrics/counts_7d/20220707022758_users_updating_weight_estimate_weekly.yml @@ -0,0 +1,26 @@ +--- +key_path: redis_hll_counters.work_items.users_updating_weight_estimate_weekly +name: users_updating_weight_estimate_weekly +description: Unique users updating a work item's weight estimate +product_category: team_planning +product_section: dev +product_stage: plan +product_group: project_management +value_type: number +status: active +milestone: "15.2" +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91957 +time_frame: 7d +data_source: redis_hll +data_category: optional +instrumentation_class: RedisHLLMetric +performance_indicator_type: [] +options: + events: + - users_updating_weight_estimate +distribution: +- ce +- ee +tier: +- premium +- ultimate diff --git a/doc/development/documentation/styleguide/index.md b/doc/development/documentation/styleguide/index.md index d629bc0b87e..042b49b119e 100644 --- a/doc/development/documentation/styleguide/index.md +++ b/doc/development/documentation/styleguide/index.md @@ -823,7 +823,7 @@ To open either project or group settings: ```markdown 1. On the top bar, select **Main menu**, and: - - For a project, select ***Projects** and find your project. + - For a project, select **Projects** and find your project. - For a group, select **Groups** and find your group. 1. On the left sidebar, select **Settings > CI/CD**. 1. Expand **General pipelines**. diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md index afc9a006b39..bf6f45b915f 100644 --- a/doc/user/admin_area/settings/continuous_integration.md +++ b/doc/user/admin_area/settings/continuous_integration.md @@ -71,7 +71,7 @@ runner settings: To view the rendered details: 1. On the top bar, select **Main menu**, and: - - For a project, select ***Projects** and find your project. + - For a project, select **Projects** and find your project. - For a group, select **Groups** and find your group. 1. On the left sidebar, select **Settings > CI/CD**. 1. Expand **Runners**. diff --git a/doc/user/admin_area/settings/deprecated_api_rate_limits.md b/doc/user/admin_area/settings/deprecated_api_rate_limits.md index 279cac95fc9..8bf0ffd21a5 100644 --- a/doc/user/admin_area/settings/deprecated_api_rate_limits.md +++ b/doc/user/admin_area/settings/deprecated_api_rate_limits.md @@ -40,10 +40,10 @@ To override the general user and IP rate limits for requests to deprecated API e 1. Select the checkboxes for the types of rate limits you want to enable: - **Unauthenticated API request rate limit** - **Authenticated API request rate limit** -1. _If you enabled unauthenticated API request rate limits:_ +1. If you selected **unauthenticated**: 1. Select the **Maximum unauthenticated API requests per period per IP**. 1. Select the **Unauthenticated API rate limit period in seconds**. -1. _If you enabled authenticated API request rate limits:_ +1. If you selected **authenticated**: 1. Select the **Maximum authenticated API requests per period per user**. 1. Select the **Authenticated API rate limit period in seconds**. diff --git a/doc/user/admin_area/settings/files_api_rate_limits.md b/doc/user/admin_area/settings/files_api_rate_limits.md index e5f5064304c..ef9a3674c49 100644 --- a/doc/user/admin_area/settings/files_api_rate_limits.md +++ b/doc/user/admin_area/settings/files_api_rate_limits.md @@ -36,10 +36,10 @@ To override the general user and IP rate limits for requests to the Repository f 1. Select the checkboxes for the types of rate limits you want to enable: - **Unauthenticated API request rate limit** - **Authenticated API request rate limit** -1. _If you enabled unauthenticated API request rate limits:_ +1. If you selected **unauthenticated**: 1. Select the **Max unauthenticated API requests per period per IP**. 1. Select the **Unauthenticated API rate limit period in seconds**. -1. _If you enabled authenticated API request rate limits:_ +1. If you selected **authenticated**: 1. Select the **Max authenticated API requests per period per user**. 1. Select the **Authenticated API rate limit period in seconds**. diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index 54c1927e23b..228379357a3 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -525,7 +525,7 @@ The [Security Scanner Integration](../../../development/integrations/secure.md) To enable dependency scanning for GitLab 11.9 and later, you must [include](../../../ci/yaml/index.md#includetemplate) the -[`Dependency-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml) +[`Dependency-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml) that is provided as a part of your GitLab installation. For GitLab versions earlier than 11.9, you can copy and use the job as defined that template. @@ -534,7 +534,7 @@ Add the following to your `.gitlab-ci.yml` file: ```yaml include: - - template: Security/Dependency-Scanning.gitlab-ci.yml + - template: Jobs/Dependency-Scanning.gitlab-ci.yml ``` The included template creates dependency scanning jobs in your CI/CD diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md index a7624db4604..3f63fb6a2cd 100644 --- a/doc/user/application_security/sast/index.md +++ b/doc/user/application_security/sast/index.md @@ -207,14 +207,14 @@ To configure SAST for a project you can: ### Configure SAST manually To enable SAST you must [include](../../../ci/yaml/index.md#includetemplate) -the [`SAST.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml) +the [`SAST.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/SAST.gitlab-ci.yml) provided as a part of your GitLab installation. Add the following to your `.gitlab-ci.yml` file: ```yaml include: - - template: Security/SAST.gitlab-ci.yml + - template: Jobs/SAST.gitlab-ci.yml ``` The included template creates SAST jobs in your CI/CD pipeline and scans diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md index df6bb19ac25..b1cd16a6669 100644 --- a/doc/user/application_security/secret_detection/index.md +++ b/doc/user/application_security/secret_detection/index.md @@ -15,18 +15,18 @@ info: To determine the technical writer assigned to the Stage/Group associated w > `secret_detection_default_branch` and `secret_detection` were consolidated into one job, > `secret_detection`. -People may accidentally commit secrets to -remote Git repositories. Secrets include keys, passwords, API tokens, and other sensitive -information. Anyone with access to the repository could use the secrets for malicious purposes. -Exposed secrets are compromised and must be replaced, which can be costly. - -To help prevent secrets from being committed to a Git repository, you can use Secret Detection -to scan your repository for secrets. Scanning is language -and framework agnostic, but does not support scanning binary files. - -Secret Detection uses a specific analyzer containing the -[Gitleaks](https://github.com/zricethezav/gitleaks) tool to scan the repository for secrets, in a -`secret-detection` job. The results are saved as a +People may accidentally commit secrets (such as keys, passwords, and API tokens) to remote Git repositories. + +Anyone with access to the repository could use the secrets for malicious purposes. Exposed secrets +must be considered compromised and be replaced, which can be costly. + +To help prevent secrets from being committed to a Git repository, you can use Secret Detection to +scan your repository for secrets. Scanning is language and framework agnostic, but does not support +scanning binary files. + +Secret Detection uses an analyzer containing the [Gitleaks](https://github.com/zricethezav/gitleaks) +tool to scan the repository for secrets. Detection occurs in the `secret-detection` job. The results +are saved as a [Secret Detection report artifact](../../../ci/yaml/artifacts_reports.md#artifactsreportssecret_detection) that you can later download and analyze. Due to implementation limitations, we always take the latest Secret Detection artifact available. @@ -88,13 +88,13 @@ To enable Secret Detection, either: ### Enable Secret Detection by including the template -We recommend this method if you have an existing GitLab CI/CD configuration file. +You should use this method if you have an existing GitLab CI/CD configuration file. Add the following extract to your `.gitlab-ci.yml` file: ```yaml include: - - template: Security/Secret-Detection.gitlab-ci.yml + - template: Jobs/Secret-Detection.gitlab-ci.yml ``` Pipelines now include a Secret Detection job, and the results are included in the merge request @@ -122,7 +122,7 @@ widget. ## Responding to a leaked secret -If the scanner detects a secret we recommend you rotate it immediately. [Purging a file from the repository's history](../../project/repository/reducing_the_repo_size_using_git.md#purge-files-from-repository-history) may not be effective in removing all references to the file. Also, the secret remains in any forks of the repository. +If the scanner detects a secret you should rotate it immediately. [Purging a file from the repository's history](../../project/repository/reducing_the_repo_size_using_git.md#purge-files-from-repository-history) may not be effective in removing all references to the file. Also, the secret remains in any forks of the repository. ## Configure scan settings @@ -154,11 +154,13 @@ secret_detection: SECRET_DETECTION_HISTORIC_SCAN: "true" ``` -### Ignoring Secrets +### Ignore secrets -You might want to add a fake secret to your code base. For instance, you can use a fake secret as an example in your documentation or test suite. +In some instances, you might want to ignore a secret. For example, you may have a fake secret in an +example or a test suite. In these instances, you want to ignore the secret, instead of having it +reported as a vulnerability. -In these cases, Secret Detection can ignore the fake secret and not report it as a vulnerability. To ignore a secret, add `gitleaks:allow` as a comment to the line that contains the secret. +To ignore a secret, add `gitleaks:allow` as a comment to the line that contains the secret. For example: @@ -172,7 +174,7 @@ Secret Detection can be customized by defining available CI/CD variables: | CI/CD variable | Default value | Description | |-----------------------------------|---------------|-------------| -| `SECRET_DETECTION_EXCLUDED_PATHS` | "" | Exclude vulnerabilities from output based on the paths. This is a comma-separated list of patterns. Patterns can be globs (see [`doublestar.Match`](https://pkg.go.dev/github.com/bmatcuk/doublestar/v4@v4.0.2#Match) for supported patterns), or file or folder paths (for example, `doc,spec` ). Parent directories also match patterns. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/225273) in GitLab 13.3. | +| `SECRET_DETECTION_EXCLUDED_PATHS` | "" | Exclude vulnerabilities from output based on the paths. The paths are a comma-separated list of patterns. Patterns can be globs (see [`doublestar.Match`](https://pkg.go.dev/github.com/bmatcuk/doublestar/v4@v4.0.2#Match) for supported patterns), or file or folder paths (for example, `doc,spec` ). Parent directories also match patterns. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/225273) in GitLab 13.3. | | `SECRET_DETECTION_HISTORIC_SCAN` | false | Flag to enable a historic Gitleaks scan. | | `SECRET_DETECTION_IMAGE_SUFFIX` | "" | Suffix added to the image name. If set to `-fips`, `FIPS-enabled` images are used for scan. See [Use FIPS-enabled images](#use-fips-enabled-images) for more details. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/355519) in GitLab 14.10. | | `SECRET_DETECTION_LOG_OPTIONS` | "" | [`git log`](https://git-scm.com/docs/git-log) options used to define commit ranges. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/350660) in GitLab 15.1.| @@ -214,7 +216,7 @@ By default, Secret Detection scans only the current state of the Git repository. contained in the repository's history are not detected. To address this, Secret Detection can scan the Git repository's full history. -We recommend you do a full history scan only once, after enabling Secret Detection. A full history +You should do a full history scan only once, after enabling Secret Detection. A full history can take a long time, especially for larger repositories with lengthy Git histories. After completing an initial full history scan, use only standard Secret Detection as part of your pipeline. @@ -349,15 +351,15 @@ In the `secret-detection-ruleset.toml` file, do one of the following: ## Running Secret Detection in an offline environment **(PREMIUM SELF)** -For self-managed GitLab instances in an environment with limited, restricted, or intermittent access -to external resources through the internet, some configuration changes are required for the Secret -Detection job to run successfully. The instructions in this section must be completed together with -the instructions detailed in [offline environments](../offline_deployments/index.md). +An offline environment has limited, restricted, or intermittent access to external resources through +the internet. For self-managed GitLab instances in such an environment, Secret Detection requires +some configuration changes. The instructions in this section must be completed together with the +instructions detailed in [offline environments](../offline_deployments/index.md). ### Configure GitLab Runner By default, a runner tries to pull Docker images from the GitLab container registry even if a local -copy is available. We recommend using this default setting, to ensure Docker images remain current. +copy is available. You should use this default setting, to ensure Docker images remain current. However, if no network connectivity is available, you must change the default GitLab Runner `pull_policy` variable. @@ -383,7 +385,7 @@ Prerequisites: ``` The Secret Detection analyzer's image is [periodically updated](../index.md#vulnerability-scanner-maintenance) - so you may need to periodically update the local copy. + so you should periodically update the local copy. 1. Set the CI/CD variable `SECURE_ANALYZERS_PREFIX` to the local Docker container registry. @@ -454,14 +456,14 @@ secrets. If the number of commits in a merge request is greater than the value o [`GIT_DEPTH` CI/CD variable](../../../ci/runners/configure_runners.md#shallow-cloning), Secret Detection [fails to detect secrets](#error-couldnt-run-the-gitleaks-command-exit-status-2). -For example, if a pipeline is triggered from a merge request containing 60 commits and the -`GIT_DEPTH` variable's value is less than 60, the Secret Detection job fails as the clone is not -deep enough to contain all of the relevant commits. To veridy the current value, see +For example, you could have a pipeline triggered from a merge request containing 60 commits and the +`GIT_DEPTH` variable set to less than 60. In that case the Secret Detection job fails because the +clone is not deep enough to contain all of the relevant commits. To verify the current value, see [pipeline configuration](../../../ci/pipelines/settings.md#limit-the-number-of-changes-fetched-during-clone). -To confirm this as the cause of the error, set the [logging level](#set-the-logging-level) to `debug`, then -rerun the pipeline. The logs should look similar to the following example. The text "object not -found" is a symptom of this error. +To confirm this as the cause of the error, set the [logging level](#set-the-logging-level) to +`debug`, then rerun the pipeline. The logs should look similar to the following example. The text +"object not found" is a symptom of this error. ```plaintext ERRO[2020-11-18T18:05:52Z] object not found diff --git a/lib/gitlab/ci/templates/Bash.gitlab-ci.yml b/lib/gitlab/ci/templates/Bash.gitlab-ci.yml index 004c2897b60..fb062683397 100644 --- a/lib/gitlab/ci/templates/Bash.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Bash.gitlab-ci.yml @@ -41,3 +41,4 @@ deploy1: stage: deploy script: - echo "Do your deploy here" + environment: production diff --git a/lib/gitlab/ci/templates/ThemeKit.gitlab-ci.yml b/lib/gitlab/ci/templates/ThemeKit.gitlab-ci.yml index 8a0913e8f66..47329a602b1 100644 --- a/lib/gitlab/ci/templates/ThemeKit.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/ThemeKit.gitlab-ci.yml @@ -8,6 +8,7 @@ stages: - deploy:production staging: + environment: staging image: python:2 stage: deploy:staging script: @@ -18,6 +19,7 @@ staging: - $CI_DEFAULT_BRANCH == $CI_COMMIT_BRANCH production: + environment: production image: python:2 stage: deploy:production script: diff --git a/lib/gitlab/ci/templates/dotNET.gitlab-ci.yml b/lib/gitlab/ci/templates/dotNET.gitlab-ci.yml index 50ce181095e..8dfb6c38b55 100644 --- a/lib/gitlab/ci/templates/dotNET.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/dotNET.gitlab-ci.yml @@ -89,3 +89,4 @@ deploy_job: dependencies: - build_job - test_job + environment: production diff --git a/lib/gitlab/usage_data_counters/known_events/work_items.yml b/lib/gitlab/usage_data_counters/known_events/work_items.yml index ee828fc0f72..afa6663de07 100644 --- a/lib/gitlab/usage_data_counters/known_events/work_items.yml +++ b/lib/gitlab/usage_data_counters/known_events/work_items.yml @@ -27,3 +27,11 @@ redis_slot: users aggregation: weekly feature_flag: track_work_items_activity +- name: users_updating_weight_estimate + # The event tracks an EE feature. + # It's added here so it can be aggregated into the CE/EE 'OR' aggregate metrics. + # It will report 0 for CE instances and should not be used with 'AND' aggregators. + category: work_items + redis_slot: users + aggregation: weekly + feature_flag: track_work_items_activity diff --git a/lib/tasks/gitlab/openapi.rake b/lib/tasks/gitlab/openapi.rake index fd067a1bf0b..dee365de11c 100644 --- a/lib/tasks/gitlab/openapi.rake +++ b/lib/tasks/gitlab/openapi.rake @@ -9,6 +9,13 @@ end namespace :gitlab do namespace :openapi do + task :validate do + raise 'This task can only be run in the development environment' unless Rails.env.development? + + success = system('yarn swagger:validate doc/api/openapi/openapi_v2.yaml') + abort('Validation of swagger document failed') unless success + end + task :generate do raise 'This task can only be run in the development environment' unless Rails.env.development? @@ -19,5 +26,7 @@ namespace :gitlab do File.write("doc/api/openapi/openapi_v2.yaml", yaml_content) end + + task generate_and_check: [:generate, :validate] end end diff --git a/package.json b/package.json index 667b423bad0..8141f748555 100644 --- a/package.json +++ b/package.json @@ -40,6 +40,7 @@ "storybook:install": "yarn --cwd ./storybook install", "storybook:build": "yarn --cwd ./storybook build", "storybook:start": "./scripts/frontend/start_storybook.sh", + "swagger:validate": "swagger-cli validate", "webpack": "NODE_OPTIONS=\"--max-old-space-size=3584\" webpack --config config/webpack.config.js", "webpack-vendor": "NODE_OPTIONS=\"--max-old-space-size=3584\" webpack --config config/webpack.vendor.config.js", "webpack-prod": "NODE_OPTIONS=\"--max-old-space-size=3584\" NODE_ENV=production webpack --config config/webpack.config.js" @@ -59,7 +60,7 @@ "@rails/actioncable": "6.1.4-7", "@rails/ujs": "6.1.4-7", "@sentry/browser": "5.30.0", - "@sourcegraph/code-host-integration": "0.0.60", + "@sourcegraph/code-host-integration": "0.0.84", "@tiptap/core": "^2.0.0-beta.182", "@tiptap/extension-blockquote": "^2.0.0-beta.29", "@tiptap/extension-bold": "^2.0.0-beta.28", @@ -251,6 +252,7 @@ "purgecss-from-html": "^4.0.3", "sass": "^1.49.9", "stylelint": "^14.9.1", + "swagger-cli": "^4.0.4", "timezone-mock": "^1.0.8", "webpack-dev-server": "4.11.1", "xhr-mock": "^2.5.1", diff --git a/qa/qa/specs/features/api/1_manage/group_access_token_spec.rb b/qa/qa/specs/features/api/1_manage/group_access_token_spec.rb index bf95a215c8e..e0db758dde3 100644 --- a/qa/qa/specs/features/api/1_manage/group_access_token_spec.rb +++ b/qa/qa/specs/features/api/1_manage/group_access_token_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Manage' do - describe 'Group access token' do + describe 'Group access token', product_group: :authentication_and_authorization do let(:group_access_token) { QA::Resource::GroupAccessToken.fabricate_via_api! } let(:api_client) { Runtime::API::Client.new(:gitlab, personal_access_token: group_access_token.token) } let(:project) do diff --git a/qa/qa/specs/features/api/1_manage/project_access_token_spec.rb b/qa/qa/specs/features/api/1_manage/project_access_token_spec.rb index 756bbe2164a..e210ba882bb 100644 --- a/qa/qa/specs/features/api/1_manage/project_access_token_spec.rb +++ b/qa/qa/specs/features/api/1_manage/project_access_token_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Manage' do - describe 'Project access token' do + describe 'Project access token', product_group: :authentication_and_authorization do before(:all) do @project_access_token = QA::Resource::ProjectAccessToken.fabricate_via_api! do |pat| pat.project = Resource::ReusableProject.fabricate_via_api! diff --git a/qa/qa/specs/features/api/1_manage/user_access_termination_spec.rb b/qa/qa/specs/features/api/1_manage/user_access_termination_spec.rb index 28c20344b29..b7d0d72297a 100644 --- a/qa/qa/specs/features/api/1_manage/user_access_termination_spec.rb +++ b/qa/qa/specs/features/api/1_manage/user_access_termination_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Manage' do - describe 'User', :requires_admin, :reliable do + describe 'User', :requires_admin, :reliable, product_group: :authentication_and_authorization do before(:all) do admin_api_client = Runtime::API::Client.as_admin diff --git a/qa/qa/specs/features/browser_ui/1_manage/group/group_access_token_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/group/group_access_token_spec.rb index 9f39d376baf..a35cde854a2 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/group/group_access_token_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/group/group_access_token_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Manage' do - describe 'Group access tokens' do + describe 'Group access tokens', product_group: :authentication_and_authorization do let(:group_access_token) { QA::Resource::GroupAccessToken.fabricate_via_browser_ui! } it( diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/2fa_recovery_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/2fa_recovery_spec.rb index f459c0c71eb..0f3d6a104a7 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/login/2fa_recovery_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/login/2fa_recovery_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Manage', :requires_admin, :skip_live_env, :reliable do - describe '2FA' do + describe '2FA', product_group: :authentication_and_authorization do let(:owner_user) do Resource::User.fabricate_via_api! do |usr| usr.api_client = admin_api_client diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/2fa_ssh_recovery_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/2fa_ssh_recovery_spec.rb index 6c69e4c59d9..9484f15f35d 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/login/2fa_ssh_recovery_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/login/2fa_ssh_recovery_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - context 'Manage', :reliable, :requires_admin, :skip_live_env do + context 'Manage', :reliable, :requires_admin, :skip_live_env, product_group: :authentication_and_authorization do describe '2FA' do let!(:user) { Resource::User.fabricate_via_api! } let!(:user_api_client) { Runtime::API::Client.new(:gitlab, user: user) } diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/log_in_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/log_in_spec.rb index 98b5ecc8f0d..7b91156d926 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/login/log_in_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/login/log_in_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Manage', :smoke, :mobile do + RSpec.describe 'Manage', :smoke, :mobile, product_group: :authentication_and_authorization do describe 'basic user login' do it 'user logs in using basic credentials and logs out', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347880' do Flow::Login.sign_in diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/log_in_with_2fa_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/log_in_with_2fa_spec.rb index 56883917153..cf9282c1149 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/login/log_in_with_2fa_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/login/log_in_with_2fa_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Manage', :requires_admin, :skip_live_env do + RSpec.describe 'Manage', :requires_admin, :skip_live_env, product_group: :authentication_and_authorization do describe '2FA' do let(:admin_api_client) { Runtime::API::Client.as_admin } let(:owner_api_client) { Runtime::API::Client.new(:gitlab, user: owner_user) } diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb index 7ecad1101c9..3d2e8c13900 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Manage', :orchestrated, :ldap_no_tls, :ldap_tls do + RSpec.describe 'Manage', :orchestrated, :ldap_no_tls, :ldap_tls, product_group: :authentication_and_authorization do describe 'LDAP login' do it 'user logs into GitLab using LDAP credentials', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347892' do Flow::Login.sign_in diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/log_into_mattermost_via_gitlab_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/log_into_mattermost_via_gitlab_spec.rb index 80e660c1c1d..388c9f6b486 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/login/log_into_mattermost_via_gitlab_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/login/log_into_mattermost_via_gitlab_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Manage', :orchestrated, :mattermost do + RSpec.describe 'Manage', :orchestrated, :mattermost, product_group: :authentication_and_authorization do describe 'Mattermost login' do it 'user logs into Mattermost using GitLab OAuth', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347891' do Flow::Login.sign_in diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/login_via_instance_wide_saml_sso_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/login_via_instance_wide_saml_sso_spec.rb index d6cb65c2788..ca10a3f3d65 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/login/login_via_instance_wide_saml_sso_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/login/login_via_instance_wide_saml_sso_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Manage', :orchestrated, :instance_saml do + RSpec.describe 'Manage', :orchestrated, :instance_saml, product_group: :authentication_and_authorization do describe 'Instance wide SAML SSO' do it( 'user logs in to gitlab with SAML SSO', diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/maintain_log_in_mixed_env_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/maintain_log_in_mixed_env_spec.rb index 1d30b915594..dd39b0c8835 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/login/maintain_log_in_mixed_env_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/login/maintain_log_in_mixed_env_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Manage', only: { subdomain: %i[staging staging-canary] }, quarantine: { issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/344213', type: :stale } do - describe 'basic user' do + describe 'basic user', product_group: :authentication_and_authorization do it 'remains logged in when redirected from canary to non-canary node', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347626' do Runtime::Browser.visit(:gitlab, Page::Main::Login) diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/register_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/register_spec.rb index 295702aa328..e0242008785 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/login/register_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/login/register_spec.rb @@ -13,7 +13,7 @@ module QA end end - RSpec.describe 'Manage', :skip_signup_disabled, :requires_admin do + RSpec.describe 'Manage', :skip_signup_disabled, :requires_admin, product_group: :authentication_and_authorization do describe 'while LDAP is enabled', :orchestrated, :ldap_no_tls, testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347934' do before do # When LDAP is enabled, a previous test might have created a token for the LDAP 'tanuki' user who is not an admin diff --git a/qa/qa/specs/features/browser_ui/1_manage/project/project_access_token_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/project/project_access_token_spec.rb index 63ae90aed9c..55f63845acd 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/project/project_access_token_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/project/project_access_token_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Manage' do - describe 'Project access tokens', :reliable do + describe 'Project access tokens', :reliable, product_group: :authentication_and_authorization do let(:project_access_token) { QA::Resource::ProjectAccessToken.fabricate_via_browser_ui! } it( diff --git a/qa/qa/specs/features/browser_ui/1_manage/user/impersonation_token_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/user/impersonation_token_spec.rb index 5bcea1ff094..ce5d9307769 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/user/impersonation_token_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/user/impersonation_token_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Manage' do - describe 'Impersonation tokens', :requires_admin do + describe 'Impersonation tokens', :requires_admin, product_group: :authentication_and_authorization do let(:admin_api_client) { Runtime::API::Client.as_admin } let!(:user) do diff --git a/spec/controllers/projects/starrers_controller_spec.rb b/spec/controllers/projects/starrers_controller_spec.rb index 8d03600cd58..2148f495c31 100644 --- a/spec/controllers/projects/starrers_controller_spec.rb +++ b/spec/controllers/projects/starrers_controller_spec.rb @@ -6,6 +6,7 @@ RSpec.describe Projects::StarrersController do let(:user_1) { create(:user, name: 'John') } let(:user_2) { create(:user, name: 'Michael') } let(:private_user) { create(:user, name: 'Michael Douglas', private_profile: true) } + let(:blocked_user) { create(:user, state: 'blocked') } let(:admin) { create(:user, admin: true) } let(:project) { create(:project, :public) } @@ -13,6 +14,7 @@ RSpec.describe Projects::StarrersController do user_1.toggle_star(project) user_2.toggle_star(project) private_user.toggle_star(project) + blocked_user.toggle_star(project) end describe 'GET index' do @@ -61,6 +63,10 @@ RSpec.describe Projects::StarrersController do expect(user_ids).to contain_exactly(user_1.id, user_2.id) end + it 'non-active users are not visible' do + expect(user_ids).not_to include(blocked_user.id) + end + include_examples 'starrers counts' end diff --git a/spec/finders/users_star_projects_finder_spec.rb b/spec/finders/users_star_projects_finder_spec.rb index 038506cc93f..e824940430c 100644 --- a/spec/finders/users_star_projects_finder_spec.rb +++ b/spec/finders/users_star_projects_finder_spec.rb @@ -8,10 +8,12 @@ RSpec.describe UsersStarProjectsFinder do let(:user) { create(:user) } let(:private_user) { create(:user, private_profile: true) } let(:other_user) { create(:user) } + let(:blocked_user) { create(:user, state: 'blocked') } before do user.toggle_star(project) private_user.toggle_star(project) + blocked_user.toggle_star(project) end describe '#execute' do @@ -38,5 +40,13 @@ RSpec.describe UsersStarProjectsFinder do it { is_expected.to match_array(public_stars) } end + + describe 'with active users only' do + let(:current_user) { private_user } + + it 'ignores stars of non-active users' do + is_expected.not_to include(*blocked_user.users_star_projects) + end + end end end diff --git a/spec/lib/gitlab/usage/metrics/instrumentations/work_items_activity_aggregated_metric_spec.rb b/spec/lib/gitlab/usage/metrics/instrumentations/work_items_activity_aggregated_metric_spec.rb index 3e315692d0a..e014e7f2c8e 100644 --- a/spec/lib/gitlab/usage/metrics/instrumentations/work_items_activity_aggregated_metric_spec.rb +++ b/spec/lib/gitlab/usage/metrics/instrumentations/work_items_activity_aggregated_metric_spec.rb @@ -44,16 +44,25 @@ RSpec.describe Gitlab::Usage::Metrics::Instrumentations::WorkItemsActivityAggreg describe '#value', :clean_gitlab_redis_shared_state do let(:counter) { Gitlab::UsageDataCounters::HLLRedisCounter } + let(:author1_id) { 1 } + let(:author2_id) { 2 } + let(:event_time) { 1.week.ago } before do - counter.track_event(:users_creating_work_items, values: 1, time: 1.week.ago) - counter.track_event(:users_updating_work_item_title, values: 1, time: 1.week.ago) - counter.track_event(:users_updating_work_item_dates, values: 2, time: 1.week.ago) - counter.track_event(:users_updating_work_item_iteration, values: 2, time: 1.week.ago) + counter.track_event(:users_creating_work_items, values: author1_id, time: event_time) end - it 'has correct value' do - expect(described_class.new(metric_definition).value).to eq 2 + it 'has correct value after events are tracked', :aggregate_failures do + expect do + counter.track_event(:users_updating_work_item_title, values: author1_id, time: event_time) + counter.track_event(:users_updating_work_item_dates, values: author1_id, time: event_time) + counter.track_event(:users_updating_work_item_labels, values: author1_id, time: event_time) + end.to not_change { described_class.new(metric_definition).value } + + expect do + counter.track_event(:users_updating_work_item_iteration, values: author2_id, time: event_time) + counter.track_event(:users_updating_weight_estimate, values: author1_id, time: event_time) + end.to change { described_class.new(metric_definition).value }.from(1).to(2) end end end diff --git a/spec/models/users_star_project_spec.rb b/spec/models/users_star_project_spec.rb index e41519a2b69..8b66fd9c187 100644 --- a/spec/models/users_star_project_spec.rb +++ b/spec/models/users_star_project_spec.rb @@ -4,4 +4,50 @@ require 'spec_helper' RSpec.describe UsersStarProject, type: :model do it { is_expected.to belong_to(:project).touch(false) } + + describe 'scopes' do + let_it_be(:project1) { create(:project) } + let_it_be(:project2) { create(:project) } + let_it_be(:user_active) { create(:user, state: 'active', name: 'user2', private_profile: true) } + let_it_be(:user_blocked) { create(:user, state: 'blocked', name: 'user1') } + + let_it_be(:users_star_project1) { create(:users_star_project, project: project1, user: user_active) } + let_it_be(:users_star_project2) { create(:users_star_project, project: project2, user: user_blocked) } + + describe '.all' do + it 'returns all records' do + expect(described_class.all).to contain_exactly(users_star_project1, users_star_project2) + end + end + + describe '.with_active_user' do + it 'returns only records of active users' do + expect(described_class.with_active_user).to contain_exactly(users_star_project1) + end + end + + describe '.order_user_name_asc' do + it 'sorts records by ascending user name' do + expect(described_class.order_user_name_asc).to eq([users_star_project2, users_star_project1]) + end + end + + describe '.order_user_name_desc' do + it 'sorts records by descending user name' do + expect(described_class.order_user_name_desc).to eq([users_star_project1, users_star_project2]) + end + end + + describe '.by_project' do + it 'returns only records of given project' do + expect(described_class.by_project(project2)).to contain_exactly(users_star_project2) + end + end + + describe '.with_public_profile' do + it 'returns only records of users with public profile' do + expect(described_class.with_public_profile).to contain_exactly(users_star_project2) + end + end + end end diff --git a/yarn.lock b/yarn.lock index 1d8029ca500..29afc1d2f3a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -20,6 +20,48 @@ dependencies: "@jridgewell/trace-mapping" "^0.3.0" +"@apidevtools/json-schema-ref-parser@9.0.6": + version "9.0.6" + resolved "https://registry.yarnpkg.com/@apidevtools/json-schema-ref-parser/-/json-schema-ref-parser-9.0.6.tgz#5d9000a3ac1fd25404da886da6b266adcd99cf1c" + integrity sha512-M3YgsLjI0lZxvrpeGVk9Ap032W6TPQkH6pRAZz81Ac3WUNF79VQooAFnp8umjvVzUmD93NkogxEwbSce7qMsUg== + dependencies: + "@jsdevtools/ono" "^7.1.3" + call-me-maybe "^1.0.1" + js-yaml "^3.13.1" + +"@apidevtools/openapi-schemas@^2.1.0": + version "2.1.0" + resolved "https://registry.yarnpkg.com/@apidevtools/openapi-schemas/-/openapi-schemas-2.1.0.tgz#9fa08017fb59d80538812f03fc7cac5992caaa17" + integrity sha512-Zc1AlqrJlX3SlpupFGpiLi2EbteyP7fXmUOGup6/DnkRgjP9bgMM/ag+n91rsv0U1Gpz0H3VILA/o3bW7Ua6BQ== + +"@apidevtools/swagger-cli@4.0.4": + version "4.0.4" + resolved "https://registry.yarnpkg.com/@apidevtools/swagger-cli/-/swagger-cli-4.0.4.tgz#c645c291f56e4add583111aca9edeee23d60fa10" + integrity sha512-hdDT3B6GLVovCsRZYDi3+wMcB1HfetTU20l2DC8zD3iFRNMC6QNAZG5fo/6PYeHWBEv7ri4MvnlKodhNB0nt7g== + dependencies: + "@apidevtools/swagger-parser" "^10.0.1" + chalk "^4.1.0" + js-yaml "^3.14.0" + yargs "^15.4.1" + +"@apidevtools/swagger-methods@^3.0.2": + version "3.0.2" + resolved "https://registry.yarnpkg.com/@apidevtools/swagger-methods/-/swagger-methods-3.0.2.tgz#b789a362e055b0340d04712eafe7027ddc1ac267" + integrity sha512-QAkD5kK2b1WfjDS/UQn/qQkbwF31uqRjPTrsCs5ZG9BQGAkjwvqGFjjPqAuzac/IYzpPtRzjCP1WrTuAIjMrXg== + +"@apidevtools/swagger-parser@^10.0.1": + version "10.1.0" + resolved "https://registry.yarnpkg.com/@apidevtools/swagger-parser/-/swagger-parser-10.1.0.tgz#a987d71e5be61feb623203be0c96e5985b192ab6" + integrity sha512-9Kt7EuS/7WbMAUv2gSziqjvxwDbFSg3Xeyfuj5laUODX8o/k/CpsAKiQ8W7/R88eXFTMbJYg6+7uAmOWNKmwnw== + dependencies: + "@apidevtools/json-schema-ref-parser" "9.0.6" + "@apidevtools/openapi-schemas" "^2.1.0" + "@apidevtools/swagger-methods" "^3.0.2" + "@jsdevtools/ono" "^7.1.3" + ajv "^8.6.3" + ajv-draft-04 "^1.0.0" + call-me-maybe "^1.0.1" + "@apollo/client@^3.5.10": version "3.5.10" resolved "https://registry.yarnpkg.com/@apollo/client/-/client-3.5.10.tgz#43463108a6e07ae602cca0afc420805a19339a71" @@ -1522,6 +1564,11 @@ "@jridgewell/resolve-uri" "^3.0.3" "@jridgewell/sourcemap-codec" "^1.4.10" +"@jsdevtools/ono@^7.1.3": + version "7.1.3" + resolved "https://registry.yarnpkg.com/@jsdevtools/ono/-/ono-7.1.3.tgz#9df03bbd7c696a5c58885c34aa06da41c8543796" + integrity sha512-4JQNk+3mVzK3xh2rqd6RB4J46qUR19azEHBneZyTZM+c456qOrbbM/5xcR8huNCCcbVt7+UmizG6GuUvPvKUYg== + "@leichtgewicht/ip-codec@^2.0.1": version "2.0.3" resolved "https://registry.yarnpkg.com/@leichtgewicht/ip-codec/-/ip-codec-2.0.3.tgz#0300943770e04231041a51bd39f0439b5c7ab4f0" @@ -1660,10 +1707,10 @@ dependencies: "@sinonjs/commons" "^1.7.0" -"@sourcegraph/code-host-integration@0.0.60": - version "0.0.60" - resolved "https://registry.yarnpkg.com/@sourcegraph/code-host-integration/-/code-host-integration-0.0.60.tgz#2043877fabb7eb986fcb61b67ee480afbb29f4f0" - integrity sha512-T+MvM8SUF7daA279hyQgwmva3J5LvPqwgQ/mWwxdVshehOQIPLUd310I0c6x6nZ0F/x4UjDWgRWzAqy6NLwV1w== +"@sourcegraph/code-host-integration@0.0.84": + version "0.0.84" + resolved "https://registry.yarnpkg.com/@sourcegraph/code-host-integration/-/code-host-integration-0.0.84.tgz#680f5eadde4d05c1dfccb32e14b0a7e58365ebad" + integrity sha512-xHaplY49vBHeXggcc0K3LNQ0VebKy3BwCSokXGxqHDaRJ8JmUwp/DyZX1RFp0Rx/UR6OPXQXKyfVqFcz/UlkUw== "@testing-library/dom@^7.16.2": version "7.24.5" @@ -2598,6 +2645,11 @@ aggregate-error@^3.0.0: clean-stack "^2.0.0" indent-string "^4.0.0" +ajv-draft-04@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/ajv-draft-04/-/ajv-draft-04-1.0.0.tgz#3b64761b268ba0b9e668f0b41ba53fce0ad77fc8" + integrity sha512-mv00Te6nmYbRp5DCwclxtt7yV/joXJPGS7nM+97GdxvuttCOfgI3K4U25zboyeX0O+myI8ERluxQe5wljMmVIw== + ajv-errors@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/ajv-errors/-/ajv-errors-1.0.0.tgz#ecf021fa108fd17dfb5e6b383f2dd233e31ffc59" @@ -2632,10 +2684,10 @@ ajv@^6.1.0, ajv@^6.10.0, ajv@^6.10.2, ajv@^6.12.4, ajv@^6.12.5: json-schema-traverse "^0.4.1" uri-js "^4.2.2" -ajv@^8.0.0, ajv@^8.0.1, ajv@^8.10.0, ajv@^8.8.0: - version "8.10.0" - resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.10.0.tgz#e573f719bd3af069017e3b66538ab968d040e54d" - integrity sha512-bzqAEZOjkrUMl2afH8dknrq5KEk2SrwdBROR+vH1EKVQTqaUbJVPdc/gEdggTMM0Se+s+Ja4ju4TlNcStKl2Hw== +ajv@^8.0.0, ajv@^8.0.1, ajv@^8.10.0, ajv@^8.6.3, ajv@^8.8.0: + version "8.11.0" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.11.0.tgz#977e91dd96ca669f54a11e23e378e33b884a565f" + integrity sha512-wGgprdCvMalC0BztXvitD2hC04YffAvtsUn93JbGXYLAtCUO4xd17mCCZQxUOItiBwZvJScWo8NIvQMQ71rdpg== dependencies: fast-deep-equal "^3.1.1" json-schema-traverse "^1.0.0" @@ -3336,6 +3388,11 @@ call-bind@^1.0.0, call-bind@^1.0.2: function-bind "^1.1.1" get-intrinsic "^1.0.2" +call-me-maybe@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/call-me-maybe/-/call-me-maybe-1.0.1.tgz#26d208ea89e37b5cbde60250a15f031c16a4d66b" + integrity sha512-wCyFsDQkKPwwF8BDwOiWNx/9K45L/hvggQiDbve+viMNMQnWhrlYIuBk09offfwCRtCO9P6XwUttufzU11WCVw== + callsites@^3.0.0: version "3.1.0" resolved "https://registry.yarnpkg.com/callsites/-/callsites-3.1.0.tgz#b3630abd8943432f54b3f0519238e33cd7df2f73" @@ -3350,7 +3407,7 @@ camelcase-keys@^6.2.2: map-obj "^4.0.0" quick-lru "^4.0.1" -camelcase@^5.2.0, camelcase@^5.3.1: +camelcase@^5.0.0, camelcase@^5.2.0, camelcase@^5.3.1: version "5.3.1" resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.3.1.tgz#e3c9b31569e106811df242f715725a1f4c494320" integrity sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg== @@ -3521,6 +3578,15 @@ clipboard@^2.0.8: select "^1.1.2" tiny-emitter "^2.0.0" +cliui@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/cliui/-/cliui-6.0.0.tgz#511d702c0c4e41ca156d7d0e96021f23e13225b1" + integrity sha512-t6wbgtoCXvAzst7QgXxJYqPt0usEfbgQdftEPbLL/cvv6HPE5VgvqCuAIDR0NgU52ds6rFwqrgakNLrHEjCbrQ== + dependencies: + string-width "^4.2.0" + strip-ansi "^6.0.0" + wrap-ansi "^6.2.0" + cliui@^7.0.2: version "7.0.4" resolved "https://registry.yarnpkg.com/cliui/-/cliui-7.0.4.tgz#a0265ee655476fc807aea9df3df8df7783808b4f" @@ -6092,7 +6158,7 @@ gensync@^1.0.0-beta.2: resolved "https://registry.yarnpkg.com/gensync/-/gensync-1.0.0-beta.2.tgz#32a6ee76c3d7f52d46b2b1ae5d93fea8580a25e0" integrity sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg== -get-caller-file@^2.0.5: +get-caller-file@^2.0.1, get-caller-file@^2.0.5: version "2.0.5" resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e" integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg== @@ -7713,7 +7779,7 @@ js-sdsl@^4.1.4: resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499" integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ== -js-yaml@^3.13.1: +js-yaml@^3.13.1, js-yaml@^3.14.0: version "3.14.1" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.1.tgz#dae812fdb3825fa306609a8717383c50c36a0537" integrity sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g== @@ -10491,6 +10557,11 @@ require-from-string@^2.0.2: resolved "https://registry.yarnpkg.com/require-from-string/-/require-from-string-2.0.2.tgz#89a7fdd938261267318eafe14f9c32e598c36909" integrity sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw== +require-main-filename@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/require-main-filename/-/require-main-filename-2.0.0.tgz#d0b329ecc7cc0f61649f62215be69af54aa8989b" + integrity sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg== + require-package-name@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/require-package-name/-/require-package-name-2.0.1.tgz#c11e97276b65b8e2923f75dabf5fb2ef0c3841b9" @@ -10825,6 +10896,11 @@ serve-static@1.14.2: parseurl "~1.3.3" send "0.17.2" +set-blocking@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" + integrity sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw== + set-value@^2.0.0, set-value@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/set-value/-/set-value-2.0.1.tgz#a18d40530e6f07de4228c7defe4227af8cad005b" @@ -11418,6 +11494,13 @@ svg-tags@^1.0.0: resolved "https://registry.yarnpkg.com/svg-tags/-/svg-tags-1.0.0.tgz#58f71cee3bd519b59d4b2a843b6c7de64ac04764" integrity sha1-WPcc7jvVGbWdSyqEO2x95krAR2Q= +swagger-cli@^4.0.4: + version "4.0.4" + resolved "https://registry.yarnpkg.com/swagger-cli/-/swagger-cli-4.0.4.tgz#c3f0b94277073c776b9bcc3ae7507b372f3ff414" + integrity sha512-Cp8YYuLny3RJFQ4CvOBTaqmOOgYsem52dPx1xM5S4EUWFblIh2Q8atppMZvXKUr1e9xH5RwipYpmdUzdPcxWcA== + dependencies: + "@apidevtools/swagger-cli" "4.0.4" + swagger-ui-dist@4.12.0: version "4.12.0" resolved "https://registry.yarnpkg.com/swagger-ui-dist/-/swagger-ui-dist-4.12.0.tgz#986d90f05e81fb9db3ca40372278a5d8ce71db3a" @@ -12570,6 +12653,11 @@ which-boxed-primitive@^1.0.2: is-string "^1.0.5" is-symbol "^1.0.3" +which-module@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/which-module/-/which-module-2.0.0.tgz#d9ef07dce77b9902b8a3a8fa4b31c3e3f7e6e87a" + integrity sha512-B+enWhmw6cjfVC7kS8Pj9pCrKSc5txArRyaYGe088shv/FGWH+0Rjx/xPgtsWfsUtS27FkP697E4DDhgrgoc0Q== + which@^1.2.9, which@^1.3.1: version "1.3.1" resolved "https://registry.yarnpkg.com/which/-/which-1.3.1.tgz#a45043d54f5805316da8d62f9f50918d3da70b0a" @@ -12609,6 +12697,15 @@ worker-loader@^2.0.0: loader-utils "^1.0.0" schema-utils "^0.4.0" +wrap-ansi@^6.2.0: + version "6.2.0" + resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-6.2.0.tgz#e9393ba07102e6c91a3b221478f0257cd2856e53" + integrity sha512-r6lPcBGxZXlIcymEu7InxDMhdW0KDxpLgoFLcguasxCaJ/SOIZwINatK9KY/tf+ZrlywOKU0UDj3ATXUBfxJXA== + dependencies: + ansi-styles "^4.0.0" + string-width "^4.1.0" + strip-ansi "^6.0.0" + wrap-ansi@^7.0.0: version "7.0.0" resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" @@ -12724,11 +12821,36 @@ yaml@^2.0.0, yaml@^2.0.0-10: resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.1.1.tgz#1e06fb4ca46e60d9da07e4f786ea370ed3c3cfec" integrity sha512-o96x3OPo8GjWeSLF+wOAbrPfhFOGY0W00GNaxCDv+9hkcDJEnev1yh8S7pgHF0ik6zc8sQLuL8hjHjJULZp8bw== +yargs-parser@^18.1.2: + version "18.1.3" + resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-18.1.3.tgz#be68c4975c6b2abf469236b0c870362fab09a7b0" + integrity sha512-o50j0JeToy/4K6OZcaQmW6lyXXKhq7csREXcDwk2omFPJEwUNOVtJKvmDr9EI1fAJZUyZcRF7kxGBWmRXudrCQ== + dependencies: + camelcase "^5.0.0" + decamelize "^1.2.0" + yargs-parser@^20.2.2, yargs-parser@^20.2.3: version "20.2.9" resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.9.tgz#2eb7dc3b0289718fc295f362753845c41a0c94ee" integrity sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w== +yargs@^15.4.1: + version "15.4.1" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-15.4.1.tgz#0d87a16de01aee9d8bec2bfbf74f67851730f4f8" + integrity sha512-aePbxDmcYW++PaqBsJ+HYUFwCdv4LVvdnhBy78E57PIor8/OVvhMrADFFEDh8DHDFRv/O9i3lPhsENjO7QX0+A== + dependencies: + cliui "^6.0.0" + decamelize "^1.2.0" + find-up "^4.1.0" + get-caller-file "^2.0.1" + require-directory "^2.1.1" + require-main-filename "^2.0.0" + set-blocking "^2.0.0" + string-width "^4.2.0" + which-module "^2.0.0" + y18n "^4.0.0" + yargs-parser "^18.1.2" + yargs@^16.2.0: version "16.2.0" resolved "https://registry.yarnpkg.com/yargs/-/yargs-16.2.0.tgz#1c82bf0f6b6a66eafce7ef30e376f49a12477f66" |