Add latest changes from gitlab-org/gitlab@13-5-stable-eev13.5.0-rc42

3 files changed, 43 insertions, 4 deletions

diff --git a/app/validators/addressable_url_validator.rb b/app/validators/addressable_url_validator.rb
index 9fa99903e36..c6d9bd73566 100644
--- a/app/validators/addressable_url_validator.rb
+++ b/app/validators/addressable_url_validator.rb
@@ -80,7 +80,7 @@ class AddressableUrlValidator < ActiveModel::EachValidator
 
     value = strip_value!(record, attribute, value)
 
-    Gitlab::UrlBlocker.validate!(value, blocker_args)
+    Gitlab::UrlBlocker.validate!(value, **blocker_args)
   rescue Gitlab::UrlBlocker::BlockedUrlError => e
     record.errors.add(attribute, options.fetch(:blocked_message) % { exception_message: e.message })
   end
diff --git a/app/validators/ip_address_validator.rb b/app/validators/ip_address_validator.rb
new file mode 100644
index 00000000000..0acf2bdf4fc
--- /dev/null
+++ b/app/validators/ip_address_validator.rb
@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+# IpAddressValidator
+#
+# Validates that an IP address is a valid IPv4 or IPv6 address.
+# This should be coupled with a database column of type `inet`
+#
+# When using column type `inet` Rails will silently return the value
+# as `nil` when the value is not valid according to its type cast
+# using `IpAddr`. It's not very user friendly to return an error
+# "IP Address can't be blank" when a value was clearly given but
+# was not the right format. This validator will look at the value
+# before Rails type casts it when the value itself is `nil`.
+# This enables the validator to return a specific and useful error message.
+#
+# This validator allows `nil` values by default since the database
+# allows null values by default. To disallow `nil` values, use in conjunction
+# with `presence: true`.
+#
+# Do not use this validator with `allow_nil: true` or `allow_blank: true`.
+# Because of Rails type casting, when an invalid value is set the attribute
+# will return `nil` and Rails won't run this validator.
+#
+# Example:
+#
+#   class Group < ActiveRecord::Base
+#     validates :ip_address, presence: true, ip_address: true
+#   end
+#
+class IpAddressValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, _)
+    value = record.public_send("#{attribute}_before_type_cast") # rubocop:disable GitlabSecurity/PublicSend
+    return if value.blank?
+
+    IPAddress.parse(value.to_s)
+  rescue ArgumentError
+    record.errors.add(attribute, _('must be a valid IPv4 or IPv6 address'))
+  end
+end
diff --git a/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json b/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json
index 8fde92d6312..08442565931 100644
--- a/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json
+++ b/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json
@@ -6,8 +6,8 @@
             "type": "string",
             "default_value": "",
             "value": "",
-            "size": "MEDIUM",
-            "description": "Analyzer image's registry prefix (or Name of the registry providing the analyzers' image)"
+            "size": "LARGE",
+            "description": "Analyzer image's registry prefix (or name of the registry providing the analyzers' image)"
         },
         {
             "field" : "SAST_EXCLUDED_PATHS",
@@ -15,7 +15,7 @@
             "type": "string",
             "default_value": "",
             "value": "",
-            "size": "LARGE",
+            "size": "MEDIUM",
             "description": "Comma-separated list of paths to be excluded from analyzer output. Patterns can be globs, file paths, or folder paths."
         },
         {