Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-07-27 15:10:54 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-07-27 15:10:54 +0300
commit: 7a20b3758e651fe79032a5165db2208183877317 (patch)
tree: ca4964f3e851cd4b77879652aec225ea5daa1ca4 /app
parent: 2458ea514066142e3ca8e5131e44925398902a77 (diff)
14 files changed, 171 insertions, 145 deletions
diff --git a/app/assets/images/gitorious-logo-black.png b/app/assets/images/gitorious-logo-black.png
deleted file mode 100644
index 4a55fdc225a..00000000000
--- a/app/assets/images/gitorious-logo-black.png
+++ /dev/null
diff --git a/app/assets/images/gitorious-logo-blue.png b/app/assets/images/gitorious-logo-blue.png
deleted file mode 100644
index 5eaa327d3df..00000000000
--- a/app/assets/images/gitorious-logo-blue.png
+++ /dev/null
diff --git a/app/assets/javascripts/diffs/components/diff_file.vue b/app/assets/javascripts/diffs/components/diff_file.vue
index dde5ea81e9a..be5f4b09c3e 100644
--- a/app/assets/javascripts/diffs/components/diff_file.vue
+++ b/app/assets/javascripts/diffs/components/diff_file.vue
@@ -83,6 +83,7 @@ export default {
   idState() {
     return {
       isLoadingCollapsedDiff: false,
+      hasLoadedCollapsedDiff: false,
       forkMessageVisible: false,
       hasToggled: false,
     };
@@ -181,7 +182,13 @@ export default {
     },
     'file.file_hash': {
       handler: function hashChangeWatch(newHash, oldHash) {
-        if (newHash && oldHash && !this.hasDiff && !this.preRender) {
+        if (
+          newHash &&
+          oldHash &&
+          !this.hasDiff &&
+          !this.preRender &&
+          !this.idState.hasLoadedCollapsedDiff
+        ) {
           this.requestDiff();
         }
       },
@@ -265,14 +272,22 @@ export default {
       }
     },
     requestDiff() {
-      this.idState.isLoadingCollapsedDiff = true;
+      const { idState, file } = this;
 
-      this.loadCollapsedDiff(this.file)
+      idState.isLoadingCollapsedDiff = true;
+
+      this.loadCollapsedDiff(file)
         .then(() => {
-          this.idState.isLoadingCollapsedDiff = false;
-          this.setRenderIt(this.file);
+          idState.isLoadingCollapsedDiff = false;
+          idState.hasLoadedCollapsedDiff = true;
+
+          if (this.file.file_hash === file.file_hash) {
+            this.setRenderIt(this.file);
+          }
         })
         .then(() => {
+          if (this.file.file_hash !== file.file_hash) return;
+
           requestIdleCallback(
             () => {
               this.postRender();
@@ -282,7 +297,7 @@ export default {
           );
         })
         .catch(() => {
-          this.idState.isLoadingCollapsedDiff = false;
+          idState.isLoadingCollapsedDiff = false;
           createFlash({
             message: this.$options.i18n.genericError,
           });
diff --git a/app/assets/javascripts/main.js b/app/assets/javascripts/main.js
index 7f5e22c397b..f63bf8f49cb 100644
--- a/app/assets/javascripts/main.js
+++ b/app/assets/javascripts/main.js
@@ -131,138 +131,136 @@ function deferredInitialisation() {
   setTimeout(() => $body.addClass('page-initialised'), 1000);
 }
 
-document.addEventListener('DOMContentLoaded', () => {
-  const $body = $('body');
-  const $document = $(document);
-  const bootstrapBreakpoint = bp.getBreakpointSize();
-
-  initUserTracking();
-  initLayoutNav();
-  initAlertHandler();
-
-  // Set the default path for all cookies to GitLab's root directory
-  Cookies.defaults.path = gon.relative_url_root || '/';
-
-  // `hashchange` is not triggered when link target is already in window.location
-  $body.on('click', 'a[href^="#"]', function clickHashLinkCallback() {
-    const href = this.getAttribute('href');
-    if (href.substr(1) === getLocationHash()) {
-      setTimeout(handleLocationHash, 1);
-    }
-  });
+const $body = $('body');
+const $document = $(document);
+const bootstrapBreakpoint = bp.getBreakpointSize();
+
+initUserTracking();
+initLayoutNav();
+initAlertHandler();
+
+// Set the default path for all cookies to GitLab's root directory
+Cookies.defaults.path = gon.relative_url_root || '/';
+
+// `hashchange` is not triggered when link target is already in window.location
+$body.on('click', 'a[href^="#"]', function clickHashLinkCallback() {
+  const href = this.getAttribute('href');
+  if (href.substr(1) === getLocationHash()) {
+    setTimeout(handleLocationHash, 1);
+  }
+});
 
-  /**
-   * TODO: Apparently we are collapsing the right sidebar on certain screensizes per default
-   * except on issue board pages. Why can't we do it with CSS?
-   *
-   * Proposal: Expose a global sidebar API, which we could import wherever we are manipulating
-   * the visibility of the sidebar.
-   *
-   * Quick fix: Get rid of jQuery for this implementation
-   */
-  const isBoardsPage = /(projects|groups):boards:show/.test(document.body.dataset.page);
-  if (!isBoardsPage && (bootstrapBreakpoint === 'sm' || bootstrapBreakpoint === 'xs')) {
-    const $rightSidebar = $('aside.right-sidebar');
-    const $layoutPage = $('.layout-page');
-
-    if ($rightSidebar.length > 0) {
-      $rightSidebar.removeClass('right-sidebar-expanded').addClass('right-sidebar-collapsed');
-      $layoutPage.removeClass('right-sidebar-expanded').addClass('right-sidebar-collapsed');
-    } else {
-      $layoutPage.removeClass('right-sidebar-expanded right-sidebar-collapsed');
-    }
+/**
+ * TODO: Apparently we are collapsing the right sidebar on certain screensizes per default
+ * except on issue board pages. Why can't we do it with CSS?
+ *
+ * Proposal: Expose a global sidebar API, which we could import wherever we are manipulating
+ * the visibility of the sidebar.
+ *
+ * Quick fix: Get rid of jQuery for this implementation
+ */
+const isBoardsPage = /(projects|groups):boards:show/.test(document.body.dataset.page);
+if (!isBoardsPage && (bootstrapBreakpoint === 'sm' || bootstrapBreakpoint === 'xs')) {
+  const $rightSidebar = $('aside.right-sidebar');
+  const $layoutPage = $('.layout-page');
+
+  if ($rightSidebar.length > 0) {
+    $rightSidebar.removeClass('right-sidebar-expanded').addClass('right-sidebar-collapsed');
+    $layoutPage.removeClass('right-sidebar-expanded').addClass('right-sidebar-collapsed');
+  } else {
+    $layoutPage.removeClass('right-sidebar-expanded right-sidebar-collapsed');
   }
+}
 
-  // prevent default action for disabled buttons
-  $('.btn').click(function clickDisabledButtonCallback(e) {
-    if ($(this).hasClass('disabled')) {
-      e.preventDefault();
-      e.stopImmediatePropagation();
-      return false;
-    }
+// prevent default action for disabled buttons
+$('.btn').click(function clickDisabledButtonCallback(e) {
+  if ($(this).hasClass('disabled')) {
+    e.preventDefault();
+    e.stopImmediatePropagation();
+    return false;
+  }
 
-    return true;
-  });
+  return true;
+});
 
-  localTimeAgo(document.querySelectorAll('abbr.timeago, .js-timeago'), true);
-
-  /**
-   * This disables form buttons while a form is submitting
-   * We do not difinitively know all of the places where this is used
-   *
-   * TODO: Defer execution, migrate to behaviors, and add sentry logging
-   */
-  $body.on('ajax:complete, ajax:beforeSend, submit', 'form', function ajaxCompleteCallback(e) {
-    const $buttons = $('[type="submit"], .js-disable-on-submit', this).not('.js-no-auto-disable');
-    switch (e.type) {
-      case 'ajax:beforeSend':
-      case 'submit':
-        return $buttons.disable();
-      default:
-        return $buttons.enable();
-    }
-  });
+localTimeAgo(document.querySelectorAll('abbr.timeago, .js-timeago'), true);
+
+/**
+ * This disables form buttons while a form is submitting
+ * We do not difinitively know all of the places where this is used
+ *
+ * TODO: Defer execution, migrate to behaviors, and add sentry logging
+ */
+$body.on('ajax:complete, ajax:beforeSend, submit', 'form', function ajaxCompleteCallback(e) {
+  const $buttons = $('[type="submit"], .js-disable-on-submit', this).not('.js-no-auto-disable');
+  switch (e.type) {
+    case 'ajax:beforeSend':
+    case 'submit':
+      return $buttons.disable();
+    default:
+      return $buttons.enable();
+  }
+});
 
-  $('.navbar-toggler').on('click', () => {
-    // The order is important. The `menu-expanded` is used as a source of truth for now.
-    // This can be simplified when the :combined_menu feature flag is removed.
-    // https://gitlab.com/gitlab-org/gitlab/-/issues/333180
-    $('.header-content').toggleClass('menu-expanded');
-    navEventHub.$emit(EVENT_RESPONSIVE_TOGGLE);
-  });
+$('.navbar-toggler').on('click', () => {
+  // The order is important. The `menu-expanded` is used as a source of truth for now.
+  // This can be simplified when the :combined_menu feature flag is removed.
+  // https://gitlab.com/gitlab-org/gitlab/-/issues/333180
+  $('.header-content').toggleClass('menu-expanded');
+  navEventHub.$emit(EVENT_RESPONSIVE_TOGGLE);
+});
 
-  /**
-   * Show suppressed commit diff
-   *
-   * TODO: Move to commit diff pages
-   */
-  $document.on('click', '.diff-content .js-show-suppressed-diff', function showDiffCallback() {
-    const $container = $(this).parent();
-    $container.next('table').show();
-    $container.remove();
-  });
+/**
+ * Show suppressed commit diff
+ *
+ * TODO: Move to commit diff pages
+ */
+$document.on('click', '.diff-content .js-show-suppressed-diff', function showDiffCallback() {
+  const $container = $(this).parent();
+  $container.next('table').show();
+  $container.remove();
+});
 
-  // Show/hide comments on diff
-  $body.on('click', '.js-toggle-diff-comments', function toggleDiffCommentsCallback(e) {
-    const $this = $(this);
-    const notesHolders = $this.closest('.diff-file').find('.notes_holder');
+// Show/hide comments on diff
+$body.on('click', '.js-toggle-diff-comments', function toggleDiffCommentsCallback(e) {
+  const $this = $(this);
+  const notesHolders = $this.closest('.diff-file').find('.notes_holder');
 
-    e.preventDefault();
+  e.preventDefault();
 
-    $this.toggleClass('selected');
+  $this.toggleClass('selected');
 
-    if ($this.hasClass('active')) {
-      notesHolders.show().find('.hide, .content').show();
-    } else {
-      notesHolders.hide().find('.content').hide();
-    }
+  if ($this.hasClass('active')) {
+    notesHolders.show().find('.hide, .content').show();
+  } else {
+    notesHolders.hide().find('.content').hide();
+  }
 
-    $(document).trigger('toggle.comments');
-  });
+  $(document).trigger('toggle.comments');
+});
 
-  $('form.filter-form').on('submit', function filterFormSubmitCallback(event) {
-    const link = document.createElement('a');
-    link.href = this.action;
+$('form.filter-form').on('submit', function filterFormSubmitCallback(event) {
+  const link = document.createElement('a');
+  link.href = this.action;
 
-    const action = `${this.action}${link.search === '' ? '?' : '&'}`;
+  const action = `${this.action}${link.search === '' ? '?' : '&'}`;
 
-    event.preventDefault();
-    // eslint-disable-next-line no-jquery/no-serialize
-    visitUrl(`${action}${$(this).serialize()}`);
-  });
+  event.preventDefault();
+  // eslint-disable-next-line no-jquery/no-serialize
+  visitUrl(`${action}${$(this).serialize()}`);
+});
 
-  const flashContainer = document.querySelector('.flash-container');
+const flashContainer = document.querySelector('.flash-container');
 
-  if (flashContainer && flashContainer.children.length) {
-    flashContainer
-      .querySelectorAll('.flash-alert, .flash-notice, .flash-success')
-      .forEach((flashEl) => {
-        removeFlashClickListener(flashEl);
-      });
-  }
+if (flashContainer && flashContainer.children.length) {
+  flashContainer
+    .querySelectorAll('.flash-alert, .flash-notice, .flash-success')
+    .forEach((flashEl) => {
+      removeFlashClickListener(flashEl);
+    });
+}
 
-  // initialize field errors
-  $('.gl-show-field-errors').each((i, form) => new GlFieldErrors(form));
+// initialize field errors
+$('.gl-show-field-errors').each((i, form) => new GlFieldErrors(form));
 
-  requestIdleCallback(deferredInitialisation);
-});
+requestIdleCallback(deferredInitialisation);
diff --git a/app/assets/javascripts/sidebar/components/time_tracking/help_state.vue b/app/assets/javascripts/sidebar/components/time_tracking/help_state.vue
index 60edbb69666..7c157fe2775 100644
--- a/app/assets/javascripts/sidebar/components/time_tracking/help_state.vue
+++ b/app/assets/javascripts/sidebar/components/time_tracking/help_state.vue
@@ -1,6 +1,5 @@
 <script>
-/* eslint-disable vue/no-v-html */
-import { GlButton } from '@gitlab/ui';
+import { GlButton, GlSafeHtmlDirective } from '@gitlab/ui';
 import { joinPaths } from '~/lib/utils/url_utility';
 import { sprintf, s__ } from '../../../locale';
 
@@ -9,6 +8,9 @@ export default {
   components: {
     GlButton,
   },
+  directives: {
+    SafeHtml: GlSafeHtmlDirective,
+  },
   computed: {
     href() {
       return joinPaths(gon.relative_url_root || '', '/help/user/project/time_tracking.md');
@@ -40,8 +42,8 @@ export default {
     <div class="time-tracking-info">
       <h4>{{ __('Track time with quick actions') }}</h4>
       <p>{{ __('Quick actions can be used in description and comment boxes.') }}</p>
-      <p v-html="estimateText"></p>
-      <p v-html="spendText"></p>
+      <p v-safe-html="estimateText"></p>
+      <p v-safe-html="spendText"></p>
       <gl-button :href="href">{{ __('Learn more') }}</gl-button>
     </div>
   </div>
diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb
index 85ee2204324..010b85e81bf 100644
--- a/app/controllers/jwt_controller.rb
+++ b/app/controllers/jwt_controller.rb
@@ -19,7 +19,7 @@ class JwtController < ApplicationController
     service = SERVICES[params[:service]]
     return head :not_found unless service
 
-    result = service.new(@authentication_result.project, @authentication_result.actor, auth_params)
+    result = service.new(@authentication_result.project, auth_user, auth_params)
       .execute(authentication_abilities: @authentication_result.authentication_abilities)
 
     render json: result, status: result[:http_status]
@@ -67,7 +67,7 @@ class JwtController < ApplicationController
   end
 
   def additional_params
-    { scopes: scopes_param }.compact
+    { scopes: scopes_param, deploy_token: @authentication_result.deploy_token }.compact
   end
 
   # We have to parse scope here, because Docker Client does not send an array of scopes,
@@ -83,8 +83,7 @@ class JwtController < ApplicationController
 
   def auth_user
     strong_memoize(:auth_user) do
-      actor = @authentication_result&.actor
-      actor.is_a?(User) ? actor : nil
+      @authentication_result.auth_user
     end
   end
 end
diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb
index a3df566e4b3..2447a731167 100644
--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@@ -447,6 +447,12 @@ module ApplicationSettingsHelper
   def signup_enabled?
     !!Gitlab::CurrentSettings.signup_enabled
   end
+
+  def pending_user_count
+    return 0 if Gitlab::CurrentSettings.new_user_signups_cap.blank?
+
+    User.blocked_pending_approval.count
+  end
 end
 
 ApplicationSettingsHelper.prepend_mod_with('ApplicationSettingsHelper')
diff --git a/app/models/integrations/jira.rb b/app/models/integrations/jira.rb
index 745654a87be..ec6adc87bf4 100644
--- a/app/models/integrations/jira.rb
+++ b/app/models/integrations/jira.rb
@@ -539,8 +539,7 @@ module Integrations
     end
 
     def update_deployment_type?
-      (api_url_changed? || url_changed? || username_changed? || password_changed?) &&
-        testable?
+      api_url_changed? || url_changed? || username_changed? || password_changed?
     end
 
     def update_deployment_type
diff --git a/app/models/packages/debian.rb b/app/models/packages/debian.rb
index e20f1b8244a..2daafe0ebcf 100644
--- a/app/models/packages/debian.rb
+++ b/app/models/packages/debian.rb
@@ -6,6 +6,8 @@ module Packages
     COMPONENT_REGEX = DISTRIBUTION_REGEX.freeze
     ARCHITECTURE_REGEX = %r{[a-z0-9][-a-z0-9]*}.freeze
 
+    LETTER_REGEX = %r{(lib)?[a-z0-9]}.freeze
+
     def self.table_name_prefix
       'packages_debian_'
     end
diff --git a/app/services/auth/container_registry_authentication_service.rb b/app/services/auth/container_registry_authentication_service.rb
index d42dcb2fd00..18515536ad7 100644
--- a/app/services/auth/container_registry_authentication_service.rb
+++ b/app/services/auth/container_registry_authentication_service.rb
@@ -21,7 +21,7 @@ module Auth
 
       return error('DENIED', status: 403, message: 'access forbidden') unless has_registry_ability?
 
-      unless scopes.any? || current_user || project
+      unless scopes.any? || current_user || deploy_token || project
         return error('DENIED', status: 403, message: 'access forbidden')
       end
 
@@ -178,8 +178,7 @@ module Auth
     end
 
     def can_user?(ability, project)
-      user = current_user.is_a?(User) ? current_user : nil
-      can?(user, ability, project)
+      can?(current_user, ability, project)
     end
 
     def build_can_pull?(requested_project)
@@ -202,16 +201,16 @@ module Auth
 
     def deploy_token_can_pull?(requested_project)
       has_authentication_ability?(:read_container_image) &&
-        current_user.is_a?(DeployToken) &&
-        current_user.has_access_to?(requested_project) &&
-        current_user.read_registry?
+        deploy_token.present? &&
+        deploy_token.has_access_to?(requested_project) &&
+        deploy_token.read_registry?
     end
 
     def deploy_token_can_push?(requested_project)
       has_authentication_ability?(:create_container_image) &&
-        current_user.is_a?(DeployToken) &&
-        current_user.has_access_to?(requested_project) &&
-        current_user.write_registry?
+        deploy_token.present? &&
+        deploy_token.has_access_to?(requested_project) &&
+        deploy_token.write_registry?
     end
 
     ##
@@ -250,6 +249,10 @@ module Auth
       {}
     end
 
+    def deploy_token
+      params[:deploy_token]
+    end
+
     def log_if_actions_denied(type, requested_project, requested_actions, authorized_actions)
       return if requested_actions == authorized_actions
 
diff --git a/app/services/auth/dependency_proxy_authentication_service.rb b/app/services/auth/dependency_proxy_authentication_service.rb
index fab42e0ebb6..4335fb0bd06 100644
--- a/app/services/auth/dependency_proxy_authentication_service.rb
+++ b/app/services/auth/dependency_proxy_authentication_service.rb
@@ -11,7 +11,7 @@ module Auth
 
       # Because app/controllers/concerns/dependency_proxy/auth.rb consumes this
       # JWT only as `User.find`, we currently only allow User (not DeployToken, etc)
-      return error('access forbidden', 403) unless current_user.is_a?(User)
+      return error('access forbidden', 403) unless current_user
 
       { token: authorized_token.encoded }
     end
diff --git a/app/services/packages/debian/generate_distribution_service.rb b/app/services/packages/debian/generate_distribution_service.rb
index 651325c49a0..caf1673e0a0 100644
--- a/app/services/packages/debian/generate_distribution_service.rb
+++ b/app/services/packages/debian/generate_distribution_service.rb
@@ -120,7 +120,7 @@ module Packages
 
       def package_filename(package_file)
         letter = package_file.package.name.start_with?('lib') ? package_file.package.name[0..3] : package_file.package.name[0]
-        "#{pool_prefix(package_file)}/#{letter}/#{package_file.package.name}/#{package_file.file_name}"
+        "#{pool_prefix(package_file)}/#{letter}/#{package_file.package.name}/#{package_file.package.version}/#{package_file.file_name}"
       end
 
       def pool_prefix(package_file)
@@ -128,7 +128,7 @@ module Packages
         when ::Packages::Debian::GroupDistribution
           "pool/#{@distribution.codename}/#{package_file.package.project_id}"
         else
-          "pool/#{@distribution.codename}/#{@distribution.container_id}"
+          "pool/#{@distribution.codename}"
         end
       end
 
diff --git a/app/views/admin/application_settings/_signup.html.haml b/app/views/admin/application_settings/_signup.html.haml
index a5b47159239..a658ba63939 100644
--- a/app/views/admin/application_settings/_signup.html.haml
+++ b/app/views/admin/application_settings/_signup.html.haml
@@ -17,4 +17,5 @@
   email_restrictions_enabled: @application_setting[:email_restrictions_enabled].to_s,
   supported_syntax_link_url: 'https://github.com/google/re2/wiki/Syntax',
   email_restrictions: @application_setting.email_restrictions,
-  after_sign_up_text: @application_setting[:after_sign_up_text] } }
+  after_sign_up_text: @application_setting[:after_sign_up_text],
+  pending_user_count: pending_user_count } }
diff --git a/app/views/projects/show.html.haml b/app/views/projects/show.html.haml
index 4757f50739b..e515f1e7320 100644
--- a/app/views/projects/show.html.haml
+++ b/app/views/projects/show.html.haml
@@ -19,6 +19,7 @@
 = render "archived_notice", project: @project
 = render_if_exists "projects/marked_for_deletion_notice", project: @project
 = render_if_exists "projects/ancestor_group_marked_for_deletion_notice", project: @project
+= render_if_exists 'projects/sast_entry_points', project: @project
 
 - view_path = @project.default_view
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-07-27 15:10:54 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-07-27 15:10:54 +0300
commit	7a20b3758e651fe79032a5165db2208183877317 (patch)
tree	ca4964f3e851cd4b77879652aec225ea5daa1ca4 /app
parent	2458ea514066142e3ca8e5131e44925398902a77 (diff)