Add latest changes from gitlab-org/gitlab@16-0-stable-eev16.0.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-05-17 19:05:49 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-05-17 19:05:49 +0300
commit: 43a25d93ebdabea52f99b05e15b06250cd8f07d7 (patch)
tree: dceebdc68925362117480a5d672bcff122fb625b /Gemfile
parent: 20c84b99005abd1c82101dfeff264ac50d2df211 (diff)
1 files changed, 77 insertions, 69 deletions
diff --git a/Gemfile b/Gemfile
index ed0c5127f73..10c4d6dc8d8 100644
--- a/Gemfile
+++ b/Gemfile
@@ -2,7 +2,7 @@
 
 source 'https://rubygems.org'
 
-if ENV['BUNDLER_CHECKSUM_VERIFICATION_OPT_IN'] # this verification is still experimental
+if ENV.fetch('BUNDLER_CHECKSUM_VERIFICATION_OPT_IN', 'false') != 'false' # this verification is still experimental
   $LOAD_PATH.unshift(File.expand_path("vendor/gems/bundler-checksum/lib", __dir__))
   require 'bundler-checksum'
   BundlerChecksum.patch!
@@ -17,27 +17,20 @@ gem 'rails', '~> 6.1.7.2'
 
 gem 'bootsnap', '~> 1.16.0', require: false
 
-# Pin openssl to match the version bundled with our supported Rubies.
-# See https://stdgems.org/openssl/#gem-version.
-gem 'openssl', '2.2.2'
-# This gem was originally bundled with Ruby 2.7, but is unbundled as of Ruby 3.
-# Since the latest version caused problems with GitLab, we pin this to an older
-# version for now.
-# See https://gitlab.com/gitlab-org/gitlab/-/issues/376417
-gem 'ipaddr', '1.2.2'
+gem 'openssl', '~> 3.0'
+gem 'ipaddr', '~> 1.2.5'
 
 # Responders respond_to and respond_with
 gem 'responders', '~> 3.0'
 
 gem 'sprockets', '~> 3.7.0'
 
-gem 'view_component', '~> 2.74.1'
-
-# Default values for AR models
-gem 'default_value_for', '~> 3.4.0'
+gem 'view_component', '~> 2.82.0'
 
 # Supported DBs
-gem 'pg', '~> 1.4.5'
+gem 'pg', '~> 1.5.3'
+
+gem 'neighbor', '~> 0.2.3'
 
 gem 'rugged', '~> 1.5'
 gem 'grape-path-helpers', '~> 1.7.1'
@@ -52,15 +45,14 @@ gem 'declarative_policy', '~> 1.1.0'
 gem 'devise', '~> 4.8.1'
 gem 'devise-pbkdf2-encryptable', '~> 0.0.0', path: 'vendor/gems/devise-pbkdf2-encryptable'
 gem 'bcrypt', '~> 3.1', '>= 3.1.14'
-gem 'doorkeeper', '~> 5.5'
-gem 'doorkeeper-openid_connect', '~> 1.8'
+gem 'doorkeeper', '~> 5.6', '>= 5.6.6'
+gem 'doorkeeper-openid_connect', '~> 1.8', '>= 1.8.6'
 gem 'rexml', '~> 3.2.5'
 gem 'ruby-saml', '~> 1.13.0'
 gem 'omniauth', '~> 2.1.0'
-gem 'omniauth-auth0', '~> 2.0.0'
+gem 'omniauth-auth0', '~> 3.1'
 gem 'omniauth-azure-activedirectory-v2', '~> 2.0'
 gem 'omniauth-azure-oauth2', '~> 0.0.9', path: 'vendor/gems/omniauth-azure-oauth2' # See gem README.md
-gem 'omniauth-cas3', '~> 1.1.4', path: 'vendor/gems/omniauth-cas3' # See vendor/gems/omniauth-cas3/README.md
 gem 'omniauth-dingtalk-oauth2', '~> 1.0'
 gem 'omniauth-alicloud', '~> 2.0.1'
 gem 'omniauth-facebook', '~> 4.0.0'
@@ -68,7 +60,7 @@ gem 'omniauth-github', '2.0.1'
 gem 'omniauth-gitlab', '~> 4.0.0', path: 'vendor/gems/omniauth-gitlab' # See vendor/gems/omniauth-gitlab/README.md
 gem 'omniauth-google-oauth2', '~> 1.1'
 gem 'omniauth-oauth2-generic', '~> 0.2.2'
-gem 'omniauth-saml', '~> 2.0.0'
+gem 'omniauth-saml', '~> 2.1.0'
 gem 'omniauth-twitter', '~> 1.4'
 gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd' # See vendor/gems/omniauth_crowd/README.md
 gem 'omniauth_openid_connect', '~> 0.6.1'
@@ -78,7 +70,7 @@ gem 'openid_connect', '= 1.3.0'
 gem 'omniauth-salesforce', '~> 1.0.5', path: 'vendor/gems/omniauth-salesforce' # See gem README.md
 gem 'omniauth-atlassian-oauth2', '~> 0.2.0'
 gem 'rack-oauth2', '~> 1.21.3'
-gem 'jwt', '~> 2.1.0'
+gem 'jwt', '~> 2.5'
 
 # Kerberos authentication. EE-only
 gem 'gssapi', '~> 1.3.1', group: :kerberos
@@ -93,7 +85,6 @@ gem 'invisible_captcha', '~> 2.0.0'
 gem 'devise-two-factor', '~> 4.0.2'
 gem 'rqrcode-rails3', '~> 0.1.7'
 gem 'attr_encrypted', '~> 3.2.4', path: 'vendor/gems/attr_encrypted'
-gem 'u2f', '~> 0.2.1'
 
 # GitLab Pages
 gem 'validates_hostname', '~> 1.0.11'
@@ -105,7 +96,7 @@ gem 'acme-client', '~> 2.0'
 gem 'browser', '~> 5.3.1'
 
 # OS detection for usage ping
-gem 'ohai', '~> 16.10'
+gem 'ohai', '~> 17.9'
 
 # GPG
 gem 'gpgme', '~> 2.0.22'
@@ -143,14 +134,12 @@ gem 'carrierwave', '~> 1.3'
 gem 'mini_magick', '~> 4.10.1'
 
 # for backups
-gem 'fog-aws', '~> 3.15'
+gem 'fog-aws', '~> 3.18'
 # Locked until fog-google resolves https://github.com/fog/fog-google/issues/421.
 # Also see config/initializers/fog_core_patch.rb.
 gem 'fog-core', '= 2.1.0'
 gem 'fog-google', '~> 1.19', require: 'fog/google'
 gem 'fog-local', '~> 0.8'
-gem 'fog-openstack', '~> 1.0'
-gem 'fog-rackspace', '~> 0.1.1'
 # NOTE:
 # the fog-aliyun gem since v0.4 pulls in aliyun-sdk transitively, which monkey-patches
 # the rest-client gem to drop the Content-Length header field for chunked transfers,
@@ -171,6 +160,7 @@ gem 'google-apis-cloudresourcemanager_v1', '~> 0.31.0'
 gem 'google-apis-iam_v1', '~> 0.36.0'
 gem 'google-apis-serviceusage_v1', '~> 0.28.0'
 gem 'google-apis-sqladmin_v1beta4', '~> 0.41.0'
+gem 'google-apis-androidpublisher_v3', '~> 0.34.0'
 
 # for aws storage
 gem 'unf', '~> 0.1.4'
@@ -182,9 +172,9 @@ gem 'seed-fu', '~> 2.3.7'
 gem 'elasticsearch-model', '~> 7.2'
 gem 'elasticsearch-rails', '~> 7.2', require: 'elasticsearch/rails/instrumentation'
 gem 'elasticsearch-api',   '7.13.3'
-gem 'aws-sdk-core', '~> 3.170.0'
+gem 'aws-sdk-core', '~> 3.172.0'
 gem 'aws-sdk-cloudformation', '~> 1'
-gem 'aws-sdk-s3', '~> 1.119.1'
+gem 'aws-sdk-s3', '~> 1.122.0'
 gem 'faraday_middleware-aws-sigv4', '~>0.3.0'
 gem 'typhoeus', '~> 1.4.0' # Used with Elasticsearch to support http keep-alive connections
 
@@ -199,13 +189,13 @@ gem 'rdoc', '~> 6.3.2'
 gem 'org-ruby', '~> 0.9.12'
 gem 'creole', '~> 0.5.0'
 gem 'wikicloth', '0.8.1'
-gem 'asciidoctor', '~> 2.0.17'
+gem 'asciidoctor', '~> 2.0.18'
 gem 'asciidoctor-include-ext', '~> 0.4.0', require: false
 gem 'asciidoctor-plantuml', '~> 0.0.16'
-gem 'asciidoctor-kroki', '~> 0.7.0', require: false
-gem 'rouge', '~> 3.30.0'
+gem 'asciidoctor-kroki', '~> 0.8.0', require: false
+gem 'rouge', '~> 4.1.0'
 gem 'truncato', '~> 0.7.12'
-gem 'nokogiri', '~> 1.14.1'
+gem 'nokogiri', '~> 1.14.3'
 
 # Calendar rendering
 gem 'icalendar'
@@ -215,7 +205,7 @@ gem 'diffy', '~> 3.4'
 gem 'diff_match_patch', '~> 0.1.0'
 
 # Application server
-gem 'rack', '~> 2.2.6', '>= 2.2.6.2'
+gem 'rack', '~> 2.2.7'
 # https://github.com/zombocom/rack-timeout/blob/master/README.md#rails-apps-manually
 gem 'rack-timeout', '~> 0.6.3', require: 'rack/timeout/base'
 
@@ -235,7 +225,7 @@ gem 'acts-as-taggable-on', '~> 9.0'
 gem 'sidekiq', '~> 6.5.7'
 gem 'sidekiq-cron', '~> 1.8.0'
 gem 'redis-namespace', '~> 1.9.0'
-gem 'gitlab-sidekiq-fetcher', '0.9.0', require: 'sidekiq-reliable-fetch'
+gem 'gitlab-sidekiq-fetcher', path: 'vendor/gems/sidekiq-reliable-fetch', require: 'sidekiq-reliable-fetch'
 
 # Cron Parser
 gem 'fugit', '~> 1.8.1'
@@ -249,14 +239,12 @@ gem 'rainbow', '~> 3.0'
 # Progress bar
 gem 'ruby-progressbar', '~> 1.10'
 
-# GitLab settings
-gem 'settingslogic', '~> 2.0.9'
-
 # Linear-time regex library for untrusted regular expressions
 gem 're2', '~> 1.6.0'
 
 # Misc
 
+gem 'semver_dialects', '~> 1.2.1'
 gem 'version_sorter', '~> 2.3'
 
 # Export Ruby Regex to Javascript
@@ -292,14 +280,18 @@ gem 'asana', '~> 0.10.13'
 gem 'ruby-fogbugz', '~> 0.3.0'
 
 # Kubernetes integration
-gem 'kubeclient', '~> 4.9.3', path: 'vendor/gems/kubeclient'
+gem 'kubeclient', '~> 4.11.0'
+
+# AI
+gem 'ruby-openai', '~> 3.7'
+gem 'circuitbox', '2.0.0'
 
 # Sanitize user input
 gem 'sanitize', '~> 6.0'
 gem 'babosa', '~> 1.0.4'
 
 # Sanitizes SVG input
-gem 'loofah', '~> 2.19.1'
+gem 'loofah', '~> 2.21.0'
 
 # Working with license
 # Detects the open source license the repository includes
@@ -310,7 +302,7 @@ gem 'licensee', '~> 9.15'
 gem 'charlock_holmes', '~> 0.7.7'
 
 # Detect mime content type from content
-gem 'ruby-magic', '~> 0.5'
+gem 'ruby-magic', '~> 0.6'
 
 # Faster blank
 gem 'fast_blank'
@@ -338,9 +330,9 @@ gem 'rack-attack', '~> 6.6.1'
 
 # Sentry integration
 gem 'sentry-raven', '~> 3.1'
-gem 'sentry-ruby', '~> 5.1.1'
-gem 'sentry-rails', '~> 5.1.1'
-gem 'sentry-sidekiq', '~> 5.1.1'
+gem 'sentry-ruby', '~> 5.8.0'
+gem 'sentry-rails', '~> 5.8.0'
+gem 'sentry-sidekiq', '~> 5.8.0'
 
 # PostgreSQL query parsing
 #
@@ -348,11 +340,11 @@ gem 'pg_query', '~> 2.2', '>= 2.2.1'
 
 gem 'premailer-rails', '~> 1.10.3'
 
-gem 'gitlab-labkit', '~> 0.30.1'
+gem 'gitlab-labkit', '~> 0.32.0'
 gem 'thrift', '>= 0.16.0'
 
 # I18n
-gem 'ruby_parser', '~> 3.19', require: false
+gem 'ruby_parser', '~> 3.20', require: false
 gem 'rails-i18n', '~> 7.0'
 gem 'gettext_i18n_rails', '~> 1.8.0'
 gem 'gettext_i18n_rails_js', '~> 1.3'
@@ -363,25 +355,28 @@ gem 'batch-loader', '~> 2.0.1'
 # Perf bar
 gem 'peek', '~> 1.1'
 
+# Google Cloud Profiler support
+gem 'cloud_profiler_agent', '~> 0.0.0', path: 'vendor/gems/cloud_profiler_agent', require: false
+
 # Snowplow events tracking
 gem 'snowplow-tracker', '~> 0.8.0'
 
 # Metrics
-gem 'webrick', '~> 1.6.1', require: false
-gem 'prometheus-client-mmap', '~> 0.17', require: 'prometheus/client'
+gem 'webrick', '~> 1.8.1', require: false
+gem 'prometheus-client-mmap', '~> 0.23', require: 'prometheus/client'
 
 gem 'warning', '~> 1.3.0'
 
 group :development do
-  gem 'lefthook', '~> 1.2.9', require: false
+  gem 'lefthook', '~> 1.3.13', require: false
   gem 'rubocop'
   gem 'solargraph', '~> 0.47.2', require: false
 
   gem 'letter_opener_web', '~> 2.0.0'
-  gem 'lookbook', '~> 1.5', '>= 1.5.3'
+  gem 'lookbook', '~> 2.0', '>= 2.0.1'
 
   # Better errors handler
-  gem 'better_errors', '~> 2.9.1'
+  gem 'better_errors', '~> 2.10.0'
 
   gem 'sprite-factory', '~> 1.7'
 
@@ -416,7 +411,7 @@ group :development, :test do
   gem 'bundler-audit', '~> 0.7.0.1', require: false
 
   # Benchmarking & profiling
-  gem 'benchmark-ips', '~> 2.3.0', require: false
+  gem 'benchmark-ips', '~> 2.11.0', require: false
   gem 'benchmark-memory', '~> 0.1', require: false
 
   gem 'knapsack', '~> 1.21.1'
@@ -436,7 +431,7 @@ group :development, :test do
 end
 
 group :development, :test, :danger do
-  gem 'gitlab-dangerfiles', '~> 3.7.0', require: false
+  gem 'gitlab-dangerfiles', '~> 3.10.0', require: false
 end
 
 group :development, :test, :coverage do
@@ -453,25 +448,27 @@ end
 
 group :test do
   gem 'fuubar', '~> 2.2.0'
-  gem 'rspec-retry', '~> 0.6.1'
+  gem 'rspec-retry', '~> 0.6.2'
   gem 'rspec_profiling', '~> 0.0.6'
   gem 'rspec-benchmark', '~> 0.6.0'
-  gem 'rspec-parameterized', require: false
+  gem 'rspec-parameterized', '~> 1.0', require: false
 
-  gem 'capybara', '~> 3.35.3'
-  gem 'capybara-screenshot', '~> 1.0.22'
-  gem 'selenium-webdriver', '~> 3.142'
+  gem 'capybara', '~> 3.39'
+  gem 'capybara-screenshot', '~> 1.0.26'
+  # 4.9.1 drops Ruby 2.7 support. We can upgrade further after we drop Ruby 2.7 support.
+  gem 'selenium-webdriver', '= 4.9.0'
 
   gem 'graphlyte', '~> 1.0.0'
 
   gem 'shoulda-matchers', '~> 5.1.0', require: false
   gem 'email_spec', '~> 2.2.0'
-  gem 'webmock', '~> 3.9.1'
+  gem 'webmock', '~> 3.18.1'
   gem 'rails-controller-testing'
   gem 'concurrent-ruby', '~> 1.1'
-  gem 'test-prof', '~> 1.0.7'
+  gem 'test-prof', '~> 1.2.1'
   gem 'rspec_junit_formatter'
   gem 'guard-rspec'
+  gem 'axe-core-rspec'
 
   # Moved in `test` because https://gitlab.com/gitlab-org/gitlab/-/issues/217527
   gem 'derailed_benchmarks', require: false
@@ -479,14 +476,12 @@ end
 
 gem 'octokit', '~> 4.15'
 
-# Updating this gem version here is deprecated. See:
-# https://docs.gitlab.com/ee/development/emails.html#mailroom-gem-updates
-gem 'gitlab-mail_room', '~> 0.0.9', require: 'mail_room'
+gem 'gitlab-mail_room', '~> 0.0.23', require: 'mail_room'
 
 gem 'email_reply_trimmer', '~> 0.1'
 gem 'html2text'
 
-gem 'stackprof', '~> 0.2.21', require: false
+gem 'stackprof', '~> 0.2.25', require: false
 gem 'rbtrace', '~> 0.4', require: false
 gem 'memory_profiler', '~> 1.0', require: false
 gem 'activerecord-explain-analyze', '~> 0.1', require: false
@@ -508,17 +503,17 @@ gem 'net-ntp'
 gem 'ssh_data', '~> 1.3'
 
 # Spamcheck GRPC protocol definitions
-gem 'spamcheck', '~> 1.0.0'
+gem 'spamcheck', '~> 1.3.0'
 
 # Gitaly GRPC protocol definitions
 gem 'gitaly', '~> 15.9.0-rc3'
 
 # KAS GRPC protocol definitions
-gem 'kas-grpc', '~> 0.0.2'
+gem 'kas-grpc', '~> 0.1.0'
 
 gem 'grpc', '~> 1.42.0'
 
-gem 'google-protobuf', '~> 3.21', '>= 3.21.12'
+gem 'google-protobuf', '~> 3.22', '>= 3.22.3'
 
 gem 'toml-rb', '~> 2.2.0'
 
@@ -534,7 +529,7 @@ gem 'lograge', '~> 0.5'
 gem 'grape_logging', '~> 1.8'
 
 # DNS Lookup
-gem 'gitlab-net-dns', '~> 0.9.1'
+gem 'gitlab-net-dns', '~> 0.9.2'
 
 # Countries list
 gem 'countries', '~> 4.0.0'
@@ -547,7 +542,11 @@ gem 'lru_redux'
 # Locked as long as quoted-printable encoding issues are not resolved
 # Monkey-patched in `config/initializers/mail_encoding_patch.rb`
 # See https://gitlab.com/gitlab-org/gitlab/issues/197386
-gem 'mail', '= 2.7.1'
+#
+# `config/initializers/mail_starttls_patch.rb` has also been patched to
+# fix STARTTLS handling until https://github.com/mikel/mail/pull/1536 is
+# released.
+gem 'mail', '= 2.8.1'
 gem 'mail-smtp_pool', '~> 0.1.0', path: 'vendor/gems/mail-smtp_pool', require: false
 
 gem 'microsoft_graph_mailer', '~> 0.1.0', path: 'vendor/gems/microsoft_graph_mailer'
@@ -566,7 +565,7 @@ gem 'oj-introspect', '~> 0.7'
 gem 'multi_json', '~> 1.14.1'
 gem 'yajl-ruby', '~> 1.4.3', require: 'yajl'
 
-gem 'webauthn', '~> 2.3'
+gem 'webauthn', '~> 3.0'
 
 # IPAddress utilities
 gem 'ipaddress', '~> 0.8.3'
@@ -587,9 +586,18 @@ gem 'cvss-suite', '~> 3.0.1', require: 'cvss_suite'
 # Work with RPM packages
 gem 'arr-pm', '~> 0.0.12'
 
+# Remote Development
+gem 'devfile', '~> 0.0.17.pre.alpha1'
+
 # Apple plist parsing
-gem 'CFPropertyList'
+gem 'CFPropertyList', '~> 3.0.0'
 gem 'app_store_connect'
 
 # For phone verification
 gem 'telesignenterprise', '~> 2.2'
+
+# BufferedIO patch
+# Updating this version will require updating scripts/allowed_warnings.txt
+gem 'net-protocol', '~> 0.1.3'
+
+gem 'duo_api', '~> 1.3'
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-05-17 19:05:49 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-05-17 19:05:49 +0300
commit	43a25d93ebdabea52f99b05e15b06250cd8f07d7 (patch)
tree	dceebdc68925362117480a5d672bcff122fb625b /Gemfile
parent	20c84b99005abd1c82101dfeff264ac50d2df211 (diff)