Add latest changes from gitlab-org/security/gitlab@14-10-stable-ee

3 files changed, 4 insertions, 2 deletions

diff --git a/app/models/issue.rb b/app/models/issue.rb
index c2b8b457049..484cceb9129 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -640,7 +640,8 @@ class Issue < ApplicationRecord
 
   # Returns `true` if this Issue is visible to everybody.
   def publicly_visible?
-    project.public? && !confidential? && !hidden? && !::Gitlab::ExternalAuthorization.enabled?
+    project.public? && project.feature_available?(:issues, nil) &&
+      !confidential? && !hidden? && !::Gitlab::ExternalAuthorization.enabled?
   end
 
   def expire_etag_cache
diff --git a/app/models/packages/package_file.rb b/app/models/packages/package_file.rb
index b49e04f481c..3d56c563ec8 100644
--- a/app/models/packages/package_file.rb
+++ b/app/models/packages/package_file.rb
@@ -35,6 +35,7 @@ class Packages::PackageFile < ApplicationRecord
   validates :file_name, presence: true
 
   validates :file_name, uniqueness: { scope: :package }, if: -> { !pending_destruction? && package&.pypi? }
+  validates :file_sha256, format: { with: Gitlab::Regex.sha256_regex }, if: -> { package&.pypi? }, allow_nil: true
 
   scope :recent, -> { order(id: :desc) }
   scope :limit_recent, ->(limit) { recent.limit(limit) }
diff --git a/app/models/project_feature.rb b/app/models/project_feature.rb
index 33783d31355..27692fe76f0 100644
--- a/app/models/project_feature.rb
+++ b/app/models/project_feature.rb
@@ -105,7 +105,7 @@ class ProjectFeature < ApplicationRecord
   # that the user has access to the feature. It's important to use this scope with others
   # that checks project authorizations first (e.g. `filter_by_feature_visibility`).
   #
-  # This method uses an optimised version of `with_feature_access_level` for
+  # This method uses an optimized version of `with_feature_access_level` for
   # logged in users to more efficiently get private projects with the given
   # feature.
   def self.with_feature_available_for_user(feature, user)