Merge branch 'master' into single-file-diffs

69 files changed, 1123 insertions, 388 deletions

diff --git a/.rubocop.yml b/.rubocop.yml
index cd13f581517..3aac8401848 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -284,7 +284,7 @@ Style/IfWithSemicolon:
 # Checks that conditional statements do not have an identical line at the
 # end of each branch, which can validly be moved out of the conditional.
 Style/IdenticalConditionalBranches:
-  Enabled: false
+  Enabled: true
 
 # Checks the indentation of the first line of the right-hand-side of a
 # multi-line assignment.
diff --git a/CHANGELOG b/CHANGELOG
index 680078622cf..ee4ee1eaeca 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -18,8 +18,10 @@ v 8.10.0 (unreleased)
   - Fix MR-auto-close text added to description. !4836
   - Fix issue, preventing users w/o push access to sort tags !5105 (redetection)
   - Add Spring EmojiOne updates.
+  - Add syntax for multiline blockquote using `>>>` fence !3954
   - Fix viewing notification settings when a project is pending deletion
   - Fix pagination when sorting by columns with lots of ties (like priority)
+  - The Markdown reference parsers now re-use query results to prevent running the same queries multiple times !5020
   - Updated project header design
   - Exclude email check from the standard health check
   - Updated layout for Projects, Groups, Users on Admin area !4424
@@ -28,8 +30,10 @@ v 8.10.0 (unreleased)
   - Wildcards for protected branches. !4665
   - Allow importing from Github using Personal Access Tokens. (Eric K Idema)
   - API: Todos !3188 (Robert Schilling)
+  - API: Expose shared groups for projects and shared projects for groups !5050 (Robert Schilling)
   - Add "Enabled Git access protocols" to Application Settings
   - Fix user creation with stronger minimum password requirements !4054 (nathan-pmt)
+  - Only show New Snippet button to users that can create snippets.
   - PipelinesFinder uses git cache data
   - Throttle the update of `project.pushes_since_gc` to 1 minute.
   - Allow expanding and collapsing files in diff view (!4990)
@@ -40,6 +44,7 @@ v 8.10.0 (unreleased)
   - Bump Rinku to 2.0.0
   - Remove unused front-end variable -> default_issues_tracker
   - Better caching of git calls on ProjectsController#show.
+  - Avoid to retrieve MR closes_issues as much as possible.
   - Add API endpoint for a group issues !4520 (mahcsig)
   - Add Bugzilla integration !4930 (iamtjg)
   - Instrument Rinku usage
@@ -47,6 +52,8 @@ v 8.10.0 (unreleased)
   - RailsCache metris now includes fetch_hit/fetch_miss and read_hit/read_miss info.
   - Allow [ci skip] to be in any case and allow [skip ci]. !4785 (simon_w)
   - Set import_url validation to be more strict
+  - Memoize MR merged/closed events retrieval
+  - Don't render discussion notes when requesting diff tab through AJAX
   - Add basic system information like memory and disk usage to the admin panel
   - Don't garbage collect commits that have related DB records like comments
   - More descriptive message for git hooks and file locks
@@ -56,6 +63,8 @@ v 8.10.0 (unreleased)
   - Add date when user joined the team on the member page
   - Fix 404 redirect after validation fails importing a GitLab project
   - Added setting to set new users by default as external !4545 (Dravere)
+  - Add min value for project limit field on user's form !3622 (jastkand)
+  - Add reminder to not paste private SSH keys !4399 (Ingo Blechschmidt)
 
 v 8.9.5
   - Add more debug info to import/export and memory killer. !5108
@@ -100,7 +109,7 @@ v 8.9.3
   - Removed fade when filtering results. !4932
   - Fix missing avatar on system notes. !4954
   - Reduce overhead and optimize ProjectTeam#max_member_access performance. !4973
-  - Use update_columns to by_pass all the dirty code on active_record. !4985
+  - Use update_columns to bypass all the dirty code on active_record. !4985
   - Fix restore Rake task warning message output !4980
 
 v 8.9.2
diff --git a/Gemfile b/Gemfile
index f47084f9d90..f1fef4caf76 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,4 +1,4 @@
-source "https://rubygems.org"
+source 'https://rubygems.org'
 
 gem 'rails', '4.2.6'
 gem 'rails-deprecated_sanitizer', '~> 1.0.3'
@@ -11,11 +11,11 @@ gem 'responders', '~> 2.0'
 gem 'sprockets', '~> 3.6.0'
 
 # Default values for AR models
-gem "default_value_for", "~> 3.0.0"
+gem 'default_value_for', '~> 3.0.0'
 
 # Supported DBs
-gem "mysql2", '~> 0.3.16', group: :mysql
-gem "pg", '~> 0.18.2', group: :postgres
+gem 'mysql2', '~> 0.3.16', group: :mysql
+gem 'pg', '~> 0.18.2', group: :postgres
 
 # Authentication libraries
 gem 'devise',                 '~> 4.0'
@@ -28,7 +28,7 @@ gem 'omniauth-cas3',          '~> 1.1.2'
 gem 'omniauth-facebook',      '~> 3.0.0'
 gem 'omniauth-github',        '~> 1.1.1'
 gem 'omniauth-gitlab',        '~> 1.0.0'
-gem 'omniauth-google-oauth2', '~> 0.2.0'
+gem 'omniauth-google-oauth2', '~> 0.4.1'
 gem 'omniauth-kerberos',      '~> 0.3.0', group: :kerberos
 gem 'omniauth-saml',          '~> 1.6.0'
 gem 'omniauth-shibboleth',    '~> 1.2.0'
@@ -48,16 +48,16 @@ gem 'attr_encrypted', '~> 3.0.0'
 gem 'u2f', '~> 0.2.1'
 
 # Browser detection
-gem "browser", '~> 2.2'
+gem 'browser', '~> 2.2'
 
 # Extracting information from a git repository
 # Provide access to Gitlab::Git library
-gem "gitlab_git", '~> 10.2'
+gem 'gitlab_git', '~> 10.2'
 
 # LDAP Auth
 # GitLab fork with several improvements to original library. For full list of changes
 # see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
-gem 'gitlab_omniauth-ldap', '~> 1.2.1', require: "omniauth-ldap"
+gem 'gitlab_omniauth-ldap', '~> 1.2.1', require: 'omniauth-ldap'
 
 # Git Wiki
 # Required manually in config/initializers/gollum.rb to control load order
@@ -65,7 +65,7 @@ gem 'gollum-lib', '~> 4.1.0', require: false
 gem 'gollum-rugged_adapter', '~> 0.4.2', require: false
 
 # Language detection
-gem "github-linguist", "~> 4.7.0", require: "linguist"
+gem 'github-linguist', '~> 4.7.0', require: 'linguist'
 
 # API
 gem 'grape',        '~> 0.13.0'
@@ -73,13 +73,13 @@ gem 'grape-entity', '~> 0.4.2'
 gem 'rack-cors',    '~> 0.4.0', require: 'rack/cors'
 
 # Pagination
-gem "kaminari", "~> 0.17.0"
+gem 'kaminari', '~> 0.17.0'
 
 # HAML
 gem 'hamlit', '~> 2.5'
 
 # Files attachments
-gem "carrierwave", '~> 0.10.0'
+gem 'carrierwave', '~> 0.10.0'
 
 # Drag and Drop UI
 gem 'dropzonejs-rails', '~> 0.7.1'
@@ -94,13 +94,13 @@ gem 'fog-openstack', '~> 0.1'
 gem 'fog-rackspace', '~> 0.1.1'
 
 # for aws storage
-gem "unf", '~> 0.1.4'
+gem 'unf', '~> 0.1.4'
 
 # Authorization
-gem "six", '~> 0.2.0'
+gem 'six', '~> 0.2.0'
 
 # Seed data
-gem "seed-fu", '~> 2.3.5'
+gem 'seed-fu', '~> 2.3.5'
 
 # Markdown and HTML processing
 gem 'html-pipeline', '~> 1.11.0'
@@ -124,29 +124,29 @@ gem 'diffy', '~> 3.0.3'
 
 # Application server
 group :unicorn do
-  gem "unicorn", '~> 4.9.0'
+  gem 'unicorn', '~> 4.9.0'
   gem 'unicorn-worker-killer', '~> 0.4.2'
 end
 
 # State machine
-gem "state_machines-activerecord", '~> 0.4.0'
+gem 'state_machines-activerecord', '~> 0.4.0'
 # Run events after state machine commits
-gem 'after_commit_queue'
+gem 'after_commit_queue', '~> 1.3.0'
 
 # Issue tags
 gem 'acts-as-taggable-on', '~> 3.4'
 
 # Background jobs
-gem 'sinatra', '~> 1.4.4', require: nil
+gem 'sinatra', '~> 1.4.4', require: false
 gem 'sidekiq', '~> 4.0'
 gem 'sidekiq-cron', '~> 0.4.0'
-gem 'redis-namespace'
+gem 'redis-namespace', '~> 1.5.2'
 
 # HTTP requests
-gem "httparty", '~> 0.13.3'
+gem 'httparty', '~> 0.13.3'
 
 # Colored output to console
-gem "rainbow", '~> 2.1.0'
+gem 'rainbow', '~> 2.1.0'
 
 # GitLab settings
 gem 'settingslogic', '~> 2.0.9'
@@ -156,7 +156,7 @@ gem 'settingslogic', '~> 2.0.9'
 gem 'version_sorter', '~> 2.0.0'
 
 # Cache
-gem "redis-rails", '~> 4.0.0'
+gem 'redis-rails', '~> 4.0.0'
 
 # Redis
 gem 'redis', '~> 3.2'
@@ -169,13 +169,13 @@ gem 'tinder', '~> 1.10.0'
 gem 'hipchat', '~> 1.5.0'
 
 # Flowdock integration
-gem "gitlab-flowdock-git-hook", "~> 1.0.1"
+gem 'gitlab-flowdock-git-hook', '~> 1.0.1'
 
 # Gemnasium integration
-gem "gemnasium-gitlab-service", "~> 0.2"
+gem 'gemnasium-gitlab-service', '~> 0.2'
 
 # Slack integration
-gem "slack-notifier", "~> 1.2.0"
+gem 'slack-notifier', '~> 1.2.0'
 
 # Asana integration
 gem 'asana', '~> 0.4.0'
@@ -187,20 +187,20 @@ gem 'ruby-fogbugz', '~> 0.2.1'
 gem 'd3_rails', '~> 3.5.0'
 
 # underscore-rails
-gem "underscore-rails", "~> 1.8.0"
+gem 'underscore-rails', '~> 1.8.0'
 
 # Sanitize user input
-gem "sanitize", '~> 2.0'
+gem 'sanitize', '~> 2.0'
 gem 'babosa', '~> 1.0.2'
 
 # Sanitizes SVG input
-gem "loofah", "~> 2.0.3"
+gem 'loofah', '~> 2.0.3'
 
 # Working with license
 gem 'licensee', '~> 8.0.0'
 
 # Protect against bruteforcing
-gem "rack-attack", '~> 4.3.1'
+gem 'rack-attack', '~> 4.3.1'
 
 # Ace editor
 gem 'ace-rails-ap', '~> 4.0.2'
@@ -214,9 +214,9 @@ gem 'charlock_holmes', '~> 0.7.3'
 # Parse duration
 gem 'chronic_duration', '~> 0.10.6'
 
-gem "sass-rails", '~> 5.0.0'
-gem "coffee-rails", '~> 4.1.0'
-gem "uglifier", '~> 2.7.2'
+gem 'sass-rails', '~> 5.0.0'
+gem 'coffee-rails', '~> 4.1.0'
+gem 'uglifier', '~> 2.7.2'
 gem 'turbolinks', '~> 2.5.0'
 gem 'jquery-turbolinks', '~> 2.1.0'
 
@@ -247,13 +247,13 @@ group :metrics do
 end
 
 group :development do
-  gem "foreman"
+  gem 'foreman', '~> 0.78.0'
   gem 'brakeman', '~> 3.3.0', require: false
 
   gem 'letter_opener_web', '~> 1.3.0'
   gem 'rerun', '~> 0.11.0'
-  gem 'bullet', require: false
-  gem 'rblineprof', platform: :mri, require: false
+  gem 'bullet', '~> 5.0.0', require: false
+  gem 'rblineprof', '~> 0.3.6', platform: :mri, require: false
   gem 'web-console', '~> 2.0'
 
   # Better errors handler
@@ -261,15 +261,15 @@ group :development do
   gem 'binding_of_caller', '~> 0.7.2'
 
   # Docs generator
-  gem "sdoc", '~> 0.3.20'
+  gem 'sdoc', '~> 0.3.20'
 
   # thin instead webrick
   gem 'thin', '~> 1.7.0'
 end
 
 group :development, :test do
-  gem 'byebug', platform: :mri
-  gem 'pry-rails'
+  gem 'byebug', '~> 8.2.1', platform: :mri
+  gem 'pry-rails', '~> 0.3.4'
 
   gem 'awesome_print', '~> 1.2.0', require: false
   gem 'fuubar', '~> 2.0.0'
@@ -277,7 +277,7 @@ group :development, :test do
   gem 'database_cleaner',   '~> 1.4.0'
   gem 'factory_girl_rails', '~> 4.6.0'
   gem 'rspec-rails',        '~> 3.5.0'
-  gem 'rspec-retry'
+  gem 'rspec-retry',        '~> 0.4.5'
   gem 'spinach-rails',      '~> 0.2.1'
   gem 'spinach-rerun-reporter', '~> 0.0.2'
 
@@ -303,14 +303,14 @@ group :development, :test do
   gem 'rubocop-rspec', '~> 1.5.0', require: false
   gem 'scss_lint', '~> 0.47.0', require: false
   gem 'simplecov', '~> 0.11.0', require: false
-  gem 'flog', require: false
-  gem 'flay', require: false
-  gem 'bundler-audit', require: false
+  gem 'flog', '~> 4.3.2', require: false
+  gem 'flay', '~> 2.6.1', require: false
+  gem 'bundler-audit', '~> 0.5.0', require: false
 
-  gem 'benchmark-ips', require: false
+  gem 'benchmark-ips', '~> 2.3.0', require: false
 
-  gem "license_finder", require: false
-  gem 'knapsack'
+  gem 'license_finder', '~> 2.1.0', require: false
+  gem 'knapsack', '~> 1.11.0'
 end
 
 group :test do
@@ -318,30 +318,30 @@ group :test do
   gem 'email_spec', '~> 1.6.0'
   gem 'webmock', '~> 1.21.0'
   gem 'test_after_commit', '~> 0.4.2'
-  gem 'sham_rack'
+  gem 'sham_rack', '~> 1.3.6'
 end
 
 group :production do
-  gem "gitlab_meta", '7.0'
+  gem 'gitlab_meta', '7.0'
 end
 
-gem "newrelic_rpm", '~> 3.14'
+gem 'newrelic_rpm', '~> 3.14'
 
 gem 'octokit', '~> 4.3.0'
 
-gem "mail_room", "~> 0.8"
+gem 'mail_room', '~> 0.8'
 
 gem 'email_reply_parser', '~> 0.5.8'
 
 ## CI
 gem 'activerecord-session_store', '~> 1.0.0'
-gem "nested_form", '~> 0.3.2'
+gem 'nested_form', '~> 0.3.2'
 
 # OAuth
 gem 'oauth2', '~> 1.2.0'
 
 # Soft deletion
-gem "paranoia", "~> 2.0"
+gem 'paranoia', '~> 2.0'
 
 # Health check
 gem 'health_check', '~> 1.5.1'
diff --git a/Gemfile.lock b/Gemfile.lock
index 055596b056f..721ab9ddc5d 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -439,7 +439,7 @@ GEM
     omniauth-gitlab (1.0.1)
       omniauth (~> 1.0)
       omniauth-oauth2 (~> 1.0)
-    omniauth-google-oauth2 (0.2.10)
+    omniauth-google-oauth2 (0.4.1)
       addressable (~> 2.3)
       jwt (~> 1.0)
       multi_json (~> 1.3)
@@ -806,7 +806,7 @@ DEPENDENCIES
   activerecord-session_store (~> 1.0.0)
   acts-as-taggable-on (~> 3.4)
   addressable (~> 2.3.8)
-  after_commit_queue
+  after_commit_queue (~> 1.3.0)
   akismet (~> 2.0)
   allocations (~> 1.0)
   asana (~> 0.4.0)
@@ -815,15 +815,15 @@ DEPENDENCIES
   awesome_print (~> 1.2.0)
   babosa (~> 1.0.2)
   base32 (~> 0.3.0)
-  benchmark-ips
+  benchmark-ips (~> 2.3.0)
   better_errors (~> 1.0.1)
   binding_of_caller (~> 0.7.2)
   bootstrap-sass (~> 3.3.0)
   brakeman (~> 3.3.0)
   browser (~> 2.2)
-  bullet
-  bundler-audit
-  byebug
+  bullet (~> 5.0.0)
+  bundler-audit (~> 0.5.0)
+  byebug (~> 8.2.1)
   capybara (~> 2.6.2)
   capybara-screenshot (~> 1.0.0)
   carrierwave (~> 0.10.0)
@@ -844,8 +844,8 @@ DEPENDENCIES
   email_spec (~> 1.6.0)
   factory_girl_rails (~> 4.6.0)
   ffaker (~> 2.0.0)
-  flay
-  flog
+  flay (~> 2.6.1)
+  flog (~> 4.3.2)
   fog-aws (~> 0.9)
   fog-azure (~> 0.0)
   fog-core (~> 1.40)
@@ -854,7 +854,7 @@ DEPENDENCIES
   fog-openstack (~> 0.1)
   fog-rackspace (~> 0.1.1)
   font-awesome-rails (~> 4.6.1)
-  foreman
+  foreman (~> 0.78.0)
   fuubar (~> 2.0.0)
   gemnasium-gitlab-service (~> 0.2)
   gemojione (~> 2.6)
@@ -881,9 +881,9 @@ DEPENDENCIES
   jquery-ui-rails (~> 5.0.0)
   jwt
   kaminari (~> 0.17.0)
-  knapsack
+  knapsack (~> 1.11.0)
   letter_opener_web (~> 1.3.0)
-  license_finder
+  license_finder (~> 2.1.0)
   licensee (~> 8.0.0)
   loofah (~> 2.0.3)
   mail_room (~> 0.8)
@@ -905,7 +905,7 @@ DEPENDENCIES
   omniauth-facebook (~> 3.0.0)
   omniauth-github (~> 1.1.1)
   omniauth-gitlab (~> 1.0.0)
-  omniauth-google-oauth2 (~> 0.2.0)
+  omniauth-google-oauth2 (~> 0.4.1)
   omniauth-kerberos (~> 0.3.0)
   omniauth-saml (~> 1.6.0)
   omniauth-shibboleth (~> 1.2.0)
@@ -916,19 +916,19 @@ DEPENDENCIES
   pg (~> 0.18.2)
   poltergeist (~> 1.9.0)
   premailer-rails (~> 1.9.0)
-  pry-rails
+  pry-rails (~> 0.3.4)
   rack-attack (~> 4.3.1)
   rack-cors (~> 0.4.0)
   rack-oauth2 (~> 1.2.1)
   rails (= 4.2.6)
   rails-deprecated_sanitizer (~> 1.0.3)
   rainbow (~> 2.1.0)
-  rblineprof
+  rblineprof (~> 0.3.6)
   rdoc (~> 3.6)
   recaptcha (~> 3.0)
   redcarpet (~> 3.3.3)
   redis (~> 3.2)
-  redis-namespace
+  redis-namespace (~> 1.5.2)
   redis-rails (~> 4.0.0)
   request_store (~> 1.3.0)
   rerun (~> 0.11.0)
@@ -936,7 +936,7 @@ DEPENDENCIES
   rouge (~> 1.11)
   rqrcode-rails3 (~> 0.1.7)
   rspec-rails (~> 3.5.0)
-  rspec-retry
+  rspec-retry (~> 0.4.5)
   rubocop (~> 0.40.0)
   rubocop-rspec (~> 1.5.0)
   ruby-fogbugz (~> 0.2.1)
@@ -948,7 +948,7 @@ DEPENDENCIES
   select2-rails (~> 3.5.9)
   sentry-raven (~> 1.1.0)
   settingslogic (~> 2.0.9)
-  sham_rack
+  sham_rack (~> 1.3.6)
   shoulda-matchers (~> 2.8.0)
   sidekiq (~> 4.0)
   sidekiq-cron (~> 0.4.0)
diff --git a/app/assets/javascripts/application.js.coffee b/app/assets/javascripts/application.js.coffee
index 20fe5a5cc27..64da503c35f 100644
--- a/app/assets/javascripts/application.js.coffee
+++ b/app/assets/javascripts/application.js.coffee
@@ -54,7 +54,6 @@
 #= require_directory ./u2f
 #= require_directory .
 #= require fuzzaldrin-plus
-#= require cropper
 #= require u2f
 
 window.slugify = (text) ->
diff --git a/app/assets/javascripts/dispatcher.js.coffee b/app/assets/javascripts/dispatcher.js.coffee
index a39df421832..74fd77cf7ab 100644
--- a/app/assets/javascripts/dispatcher.js.coffee
+++ b/app/assets/javascripts/dispatcher.js.coffee
@@ -131,7 +131,6 @@ class Dispatcher
       when 'dashboard', 'root'
         shortcut_handler = new ShortcutsDashboardNavigation()
       when 'profiles'
-        new Profile()
         new NotificationsForm()
         new NotificationsDropdown()
       when 'projects'
diff --git a/app/assets/javascripts/lib/cropper.js.coffee b/app/assets/javascripts/lib/cropper.js.coffee
new file mode 100644
index 00000000000..32536d23fe3
--- /dev/null
+++ b/app/assets/javascripts/lib/cropper.js.coffee
@@ -0,0 +1 @@
+#= require cropper
diff --git a/app/assets/javascripts/lib/utils/common_utils.js.coffee b/app/assets/javascripts/lib/utils/common_utils.js.coffee
index e39dcb2daa9..d4dd3dc329a 100644
--- a/app/assets/javascripts/lib/utils/common_utils.js.coffee
+++ b/app/assets/javascripts/lib/utils/common_utils.js.coffee
@@ -5,12 +5,12 @@
 
   w.gl.utils.isInGroupsPage = ->
 
-    return $('body').data('page').split(':')[0] is 'groups'
+    return gl.utils.getPagePath() is 'groups'
 
 
   w.gl.utils.isInProjectPage = ->
 
-    return $('body').data('page').split(':')[0] is 'projects'
+    return gl.utils.getPagePath() is 'projects'
 
 
   w.gl.utils.getProjectSlug = ->
@@ -40,6 +40,9 @@
         e.stopImmediatePropagation()
         return false
 
+  gl.utils.getPagePath = ->
+    return $('body').data('page').split(':')[0]
+
 
   jQuery.timefor = (time, suffix, expiredLabel) ->
 
diff --git a/app/assets/javascripts/profile/application.js.coffee b/app/assets/javascripts/profile/application.js.coffee
new file mode 100644
index 00000000000..91cacfece46
--- /dev/null
+++ b/app/assets/javascripts/profile/application.js.coffee
@@ -0,0 +1,2 @@
+#
+#= require_tree .
diff --git a/app/assets/javascripts/gl_crop.js.coffee b/app/assets/javascripts/profile/gl_crop.js.coffee
index df9bfdfa6cc..df9bfdfa6cc 100644
--- a/app/assets/javascripts/gl_crop.js.coffee
+++ b/app/assets/javascripts/profile/gl_crop.js.coffee
diff --git a/app/assets/javascripts/profile.js.coffee b/app/assets/javascripts/profile/profile.js.coffee
index 1583d1ba6f9..f3b05f2c646 100644
--- a/app/assets/javascripts/profile.js.coffee
+++ b/app/assets/javascripts/profile/profile.js.coffee
@@ -78,3 +78,6 @@ $ ->
 
     if comment && comment.length > 1 && $title.val() == ''
       $title.val(comment[1]).change()
+
+  if gl.utils.getPagePath() == 'profiles'
+    new Profile()
diff --git a/app/assets/stylesheets/framework/lists.scss b/app/assets/stylesheets/framework/lists.scss
index aed0b44d91b..2c40ec430ca 100644
--- a/app/assets/stylesheets/framework/lists.scss
+++ b/app/assets/stylesheets/framework/lists.scss
@@ -175,6 +175,12 @@ ul.content-list {
 
 .panel > .content-list > li {
   padding: $gl-padding-top $gl-padding;
+
+  &.commit {
+    @media (min-width: $screen-sm-min) {
+      padding-left: 46px + $gl-padding;
+    }
+  }
 }
 
 ul.controls {
diff --git a/app/assets/stylesheets/framework/nav.scss b/app/assets/stylesheets/framework/nav.scss
index 02ea98e9d94..364952d3b4a 100644
--- a/app/assets/stylesheets/framework/nav.scss
+++ b/app/assets/stylesheets/framework/nav.scss
@@ -77,10 +77,10 @@
 
   &.sub-nav {
     text-align: center;
-    background-color: $background-color;
+    background-color: $dark-background-color;
 
     .container-fluid {
-      background-color: $background-color;
+      background-color: $dark-background-color;
       margin-bottom: 0;
     }
 
diff --git a/app/assets/stylesheets/framework/variables.scss b/app/assets/stylesheets/framework/variables.scss
index 211a9af2348..4337fab5d87 100644
--- a/app/assets/stylesheets/framework/variables.scss
+++ b/app/assets/stylesheets/framework/variables.scss
@@ -12,10 +12,11 @@ $sidebar-breakpoint: 1024px;
 /*
  * UI elements
  */
-$border-color:       #e5e5e5;
-$focus-border-color: #3aabf0;
-$table-border-color: #f0f0f0;
-$background-color:   #fafafa;
+$border-color:          #e5e5e5;
+$focus-border-color:    #3aabf0;
+$table-border-color:    #f0f0f0;
+$background-color:      #fafafa;
+$dark-background-color: #f7f7f7;
 
 /*
  * Text
@@ -153,9 +154,6 @@ $warning-message-bg: #fbf2d9;
 $warning-message-color: #9e8e60;
 $warning-message-border: #f0e2bb;
 
-/* header */
-$light-grey-header: #faf9f9;
-
 /* tanuki logo colors */
 $tanuki-red: #e24329;
 $tanuki-orange: #fc6d26;
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index 31d7c324e55..941d68cda17 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -10,7 +10,6 @@ class Projects::MergeRequestsController < Projects::ApplicationController
     :edit, :update, :show, :diffs, :commits, :builds, :merge, :merge_check,
     :ci_status, :toggle_subscription, :cancel_merge_when_build_succeeds, :remove_wip
   ]
-  before_action :closes_issues, only: [:edit, :update, :show, :diffs, :commits, :builds]
   before_action :validates_merge_request, only: [:show, :diffs, :commits, :builds]
   before_action :define_show_vars, only: [:show, :diffs, :commits, :builds]
   before_action :define_widget_vars, only: [:merge, :cancel_merge_when_build_succeeds, :merge_check]
@@ -56,9 +55,6 @@ class Projects::MergeRequestsController < Projects::ApplicationController
   end
 
   def show
-    @note_counts = Note.where(commit_id: @merge_request.commits.map(&:id)).
-      group(:commit_id).count
-
     respond_to do |format|
       format.html
 
@@ -83,6 +79,8 @@ class Projects::MergeRequestsController < Projects::ApplicationController
   def diffs
     apply_diff_view_cookie!
 
+    @merge_request_diff = @merge_request.merge_request_diff
+
     respond_to do |format|
       format.html
       format.json { render json: { html: view_to_html_string("projects/merge_requests/show/_diffs") } }
@@ -111,7 +109,15 @@ class Projects::MergeRequestsController < Projects::ApplicationController
   def commits
     respond_to do |format|
       format.html { render 'show' }
-      format.json { render json: { html: view_to_html_string('projects/merge_requests/show/_commits') } }
+      format.json do
+        # Get commits from repository
+        # or from cache if already merged
+        @commits = @merge_request.commits
+        @note_counts = Note.where(commit_id: @commits.map(&:id)).
+          group(:commit_id).count
+
+        render json: { html: view_to_html_string('projects/merge_requests/show/_commits') }
+      end
     end
   end
 
@@ -309,10 +315,6 @@ class Projects::MergeRequestsController < Projects::ApplicationController
   alias_method :issuable, :merge_request
   alias_method :awardable, :merge_request
 
-  def closes_issues
-    @closes_issues ||= @merge_request.closes_issues
-  end
-
   def authorize_update_merge_request!
     return render_404 unless can?(current_user, :update_merge_request, @merge_request)
   end
@@ -341,14 +343,33 @@ class Projects::MergeRequestsController < Projects::ApplicationController
   end
 
   def define_show_vars
+    @noteable = @merge_request
+    @commits_count = @merge_request.commits.count
+
+    @pipeline = @merge_request.pipeline
+    @statuses = @pipeline.statuses if @pipeline
+
+    if @merge_request.locked_long_ago?
+      @merge_request.unlock_mr
+      @merge_request.close
+    end
+
+    if request.format == :html || action_name == 'show'
+      define_show_html_vars
+    end
+  end
+
+  # Discussion tab data is only required on html requests
+  def define_show_html_vars
     # Build a note object for comment form
-    @note = @project.notes.new(noteable: @merge_request)
+    @note = @project.notes.new(noteable: @noteable)
 
-    @discussions = @merge_request.mr_and_commit_notes.
+    @discussions = @noteable.mr_and_commit_notes.
       inc_author_project_award_emoji.
       fresh.
       discussions
 
+    # This is not executed lazily
     @notes = Banzai::NoteRenderer.render(
       @discussions.flatten,
       @project,
@@ -357,28 +378,11 @@ class Projects::MergeRequestsController < Projects::ApplicationController
       @project_wiki,
       @ref
     )
-
-    @noteable = @merge_request
-
-    # Get commits from repository
-    # or from cache if already merged
-    @commits = @merge_request.commits
-
-    @merge_request_diff = @merge_request.merge_request_diff
-
-    @pipeline = @merge_request.pipeline
-    @statuses = @pipeline.statuses if @pipeline
-
-    if @merge_request.locked_long_ago?
-      @merge_request.unlock_mr
-      @merge_request.close
-    end
   end
 
   def define_widget_vars
     @pipeline = @merge_request.pipeline
     @pipelines = [@pipeline].compact
-    closes_issues
   end
 
   def define_commit_vars
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 12e0d5a8413..1803aa8eab4 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -53,11 +53,11 @@ class ProjectsController < Projects::ApplicationController
             notice: "Project '#{@project.name}' was successfully updated."
           )
         end
-        format.js
       else
         format.html { render 'edit' }
-        format.js
       end
+
+      format.js
     end
   end
 
diff --git a/app/helpers/merge_requests_helper.rb b/app/helpers/merge_requests_helper.rb
index c7dedfe9254..4da1f4865a4 100644
--- a/app/helpers/merge_requests_helper.rb
+++ b/app/helpers/merge_requests_helper.rb
@@ -55,6 +55,10 @@ module MergeRequestsHelper
     end.sort.to_sentence
   end
 
+  def mr_closes_issues
+    @mr_closes_issues ||= @merge_request.closes_issues
+  end
+
   def mr_change_branches_path(merge_request)
     new_namespace_project_merge_request_path(
       @project.namespace, @project,
diff --git a/app/models/commit_range.rb b/app/models/commit_range.rb
index 4066958f67c..630ee9601e0 100644
--- a/app/models/commit_range.rb
+++ b/app/models/commit_range.rb
@@ -23,7 +23,7 @@ class CommitRange
   attr_reader :commit_from, :notation, :commit_to
   attr_reader :ref_from, :ref_to
 
-  # Optional Project model
+  # The Project model
   attr_accessor :project
 
   # The beginning and ending refs can be named or SHAs, and
@@ -56,7 +56,7 @@ class CommitRange
   # Initialize a CommitRange
   #
   # range_string - The String commit range.
-  # project      - An optional Project model.
+  # project      - The Project model.
   #
   # Raises ArgumentError if `range_string` does not match `PATTERN`.
   def initialize(range_string, project)
diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb
index d5c23716b04..157901378d3 100644
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -322,11 +322,11 @@ class MergeRequest < ActiveRecord::Base
   end
 
   def merge_event
-    self.target_project.events.where(target_id: self.id, target_type: "MergeRequest", action: Event::MERGED).last
+    @merge_event ||= target_project.events.where(target_id: self.id, target_type: "MergeRequest", action: Event::MERGED).last
   end
 
   def closed_event
-    self.target_project.events.where(target_id: self.id, target_type: "MergeRequest", action: Event::CLOSED).last
+    @closed_event ||= target_project.events.where(target_id: self.id, target_type: "MergeRequest", action: Event::CLOSED).last
   end
 
   WIP_REGEX = /\A\s*(\[WIP\]\s*|WIP:\s*|WIP\s+)+\s*/i.freeze
diff --git a/app/models/project_services/irker_service.rb b/app/models/project_services/irker_service.rb
index 58cb720c3c1..ce7d1c5d5b1 100644
--- a/app/models/project_services/irker_service.rb
+++ b/app/models/project_services/irker_service.rb
@@ -112,15 +112,7 @@ class IrkerService < Service
 
     # Authorize both irc://domain.com/#chan and irc://domain.com/chan
     if uri.is_a?(URI) && uri.scheme[/^ircs?\z/] && !uri.path.nil?
-      # Do not authorize irc://domain.com/
-      if uri.fragment.nil? && uri.path.length > 1
-        uri.to_s
-      else
-        # Authorize irc://domain.com/smthg#chan
-        # The irker daemon will deal with it by concatenating smthg and
-        # chan, thus sending messages on #smthgchan
-        uri.to_s
-      end
+      uri.to_s
     end
   end
 end
diff --git a/app/services/merge_requests/refresh_service.rb b/app/services/merge_requests/refresh_service.rb
index 21490ac77ea..b11ecd97a57 100644
--- a/app/services/merge_requests/refresh_service.rb
+++ b/app/services/merge_requests/refresh_service.rb
@@ -61,19 +61,14 @@ module MergeRequests
       merge_requests.each do |merge_request|
         if merge_request.source_branch == @branch_name || force_push?
           merge_request.reload_diff
-          merge_request.mark_as_unchecked
         else
           mr_commit_ids = merge_request.commits.map(&:id)
           push_commit_ids = @commits.map(&:id)
           matches = mr_commit_ids & push_commit_ids
-
-          if matches.any?
-            merge_request.reload_diff
-            merge_request.mark_as_unchecked
-          else
-            merge_request.mark_as_unchecked
-          end
+          merge_request.reload_diff if matches.any?
         end
+
+        merge_request.mark_as_unchecked
       end
     end
 
diff --git a/app/views/admin/users/_form.html.haml b/app/views/admin/users/_form.html.haml
index fe0b9d3a491..3145212728f 100644
--- a/app/views/admin/users/_form.html.haml
+++ b/app/views/admin/users/_form.html.haml
@@ -44,7 +44,7 @@
       %legend Access
       .form-group
         = f.label :projects_limit, class: 'control-label'
-        .col-sm-10= f.number_field :projects_limit, class: 'form-control'
+        .col-sm-10= f.number_field :projects_limit, min: 0, class: 'form-control'
 
       .form-group
         = f.label :can_create_group, class: 'control-label'
diff --git a/app/views/explore/snippets/index.html.haml b/app/views/explore/snippets/index.html.haml
index 9b838b9f3b7..6306fe6d0bf 100644
--- a/app/views/explore/snippets/index.html.haml
+++ b/app/views/explore/snippets/index.html.haml
@@ -10,7 +10,6 @@
   - if current_user
     .pull-right
       = link_to new_snippet_path, class: "btn btn-new", title: "New Snippet" do
-        = icon('plus')
         New Snippet
 
   .oneline
diff --git a/app/views/profiles/_head.html.haml b/app/views/profiles/_head.html.haml
new file mode 100644
index 00000000000..003884a5bd9
--- /dev/null
+++ b/app/views/profiles/_head.html.haml
@@ -0,0 +1,3 @@
+- content_for :page_specific_javascripts do
+  = page_specific_javascript_tag('lib/cropper.js')
+  = page_specific_javascript_tag('profile/application.js')
diff --git a/app/views/profiles/accounts/show.html.haml b/app/views/profiles/accounts/show.html.haml
index 8efe486e01b..57d16d29158 100644
--- a/app/views/profiles/accounts/show.html.haml
+++ b/app/views/profiles/accounts/show.html.haml
@@ -1,4 +1,5 @@
 - page_title "Account"
+= render 'profiles/head'
 
 - if current_user.ldap_user?
   .alert.alert-info
diff --git a/app/views/profiles/audit_log.html.haml b/app/views/profiles/audit_log.html.haml
index 9c404b6935f..9fe86e6b291 100644
--- a/app/views/profiles/audit_log.html.haml
+++ b/app/views/profiles/audit_log.html.haml
@@ -1,4 +1,5 @@
 - page_title "Audit Log"
+= render 'profiles/head'
 
 .row.prepend-top-default
   .col-lg-3.profile-settings-sidebar
diff --git a/app/views/profiles/emails/index.html.haml b/app/views/profiles/emails/index.html.haml
index 6f7fefdb46d..dc499be885b 100644
--- a/app/views/profiles/emails/index.html.haml
+++ b/app/views/profiles/emails/index.html.haml
@@ -1,4 +1,5 @@
 - page_title "Emails"
+= render 'profiles/head'
 
 .row.prepend-top-default
   .col-lg-3.profile-settings-sidebar
diff --git a/app/views/profiles/keys/_form.html.haml b/app/views/profiles/keys/_form.html.haml
index b3ed59a1a4a..6ea358d9f63 100644
--- a/app/views/profiles/keys/_form.html.haml
+++ b/app/views/profiles/keys/_form.html.haml
@@ -4,7 +4,7 @@
 
     .form-group
       = f.label :key, class: 'label-light'
-      = f.text_area :key, class: "form-control", rows: 8, required: true
+      = f.text_area :key, class: "form-control", rows: 8, required: true, placeholder: "Don't paste the private part of the SSH key. Paste the public part, which is usually contained in the file '~/.ssh/id_rsa.pub' and begins with 'ssh-rsa'."
     .form-group
       = f.label :title, class: 'label-light'
       = f.text_field :title, class: "form-control", required: true
diff --git a/app/views/profiles/keys/show.html.haml b/app/views/profiles/keys/show.html.haml
index 89f6f01581a..6283ceebf10 100644
--- a/app/views/profiles/keys/show.html.haml
+++ b/app/views/profiles/keys/show.html.haml
@@ -1,2 +1,3 @@
 - page_title @key.title, "SSH Keys"
+= render 'profiles/head'
 = render "key_details"
diff --git a/app/views/profiles/notifications/show.html.haml b/app/views/profiles/notifications/show.html.haml
index f77738f97f5..844fce59704 100644
--- a/app/views/profiles/notifications/show.html.haml
+++ b/app/views/profiles/notifications/show.html.haml
@@ -1,4 +1,5 @@
 - page_title "Notifications"
+= render 'profiles/head'
 
 %div
   - if @user.errors.any?
diff --git a/app/views/profiles/personal_access_tokens/index.html.haml b/app/views/profiles/personal_access_tokens/index.html.haml
index 1b45548bd02..71ac367830d 100644
--- a/app/views/profiles/personal_access_tokens/index.html.haml
+++ b/app/views/profiles/personal_access_tokens/index.html.haml
@@ -1,4 +1,5 @@
 - page_title "Personal Access Tokens"
+= render 'profiles/head'
 
 .row.prepend-top-default
   .col-lg-3.profile-settings-sidebar
diff --git a/app/views/profiles/preferences/show.html.haml b/app/views/profiles/preferences/show.html.haml
index 1b1b16d656f..b4d35dc9a3e 100644
--- a/app/views/profiles/preferences/show.html.haml
+++ b/app/views/profiles/preferences/show.html.haml
@@ -1,4 +1,5 @@
 - page_title 'Preferences'
+= render 'profiles/head'
 
 = form_for @user, url: profile_preferences_path, remote: true, method: :put, html: {class: 'row prepend-top-default js-preferences-form'} do |f|
   .col-lg-3.profile-settings-sidebar
diff --git a/app/views/profiles/show.html.haml b/app/views/profiles/show.html.haml
index eef50d887c7..d9fa74fad90 100644
--- a/app/views/profiles/show.html.haml
+++ b/app/views/profiles/show.html.haml
@@ -1,3 +1,5 @@
+= render 'profiles/head'
+
 = form_for @user, url: profile_path, method: :put, html: { multipart: true, class: "edit-user prepend-top-default" }, authenticity_token: true do |f|
   = form_errors(@user)
 
diff --git a/app/views/profiles/two_factor_auths/show.html.haml b/app/views/profiles/two_factor_auths/show.html.haml
index 593be2617c1..5890456bee2 100644
--- a/app/views/profiles/two_factor_auths/show.html.haml
+++ b/app/views/profiles/two_factor_auths/show.html.haml
@@ -1,5 +1,6 @@
 - page_title 'Two-Factor Authentication', 'Account'
 - header_title "Two-Factor Authentication", profile_two_factor_auth_path
+= render 'profiles/head'
 
 .row.prepend-top-default
   .col-lg-3
diff --git a/app/views/projects/merge_requests/_show.html.haml b/app/views/projects/merge_requests/_show.html.haml
index 2ec96308fd7..873ed9b59ee 100644
--- a/app/views/projects/merge_requests/_show.html.haml
+++ b/app/views/projects/merge_requests/_show.html.haml
@@ -42,7 +42,7 @@
         = succeed '.' do
           = link_to "command line", "#modal_merge_info", class: "how_to_merge_link vlink", title: "How To Merge", "data-toggle" => "modal"
 
-    - if @commits.present?
+    - if @commits_count.nonzero?
       %ul.merge-request-tabs.nav-links.no-top.no-bottom
         %li.notes-tab
           = link_to namespace_project_merge_request_path(@project.namespace, @project, @merge_request), data: {target: 'div#notes', action: 'notes', toggle: 'tab'} do
@@ -51,7 +51,7 @@
         %li.commits-tab
           = link_to commits_namespace_project_merge_request_path(@project.namespace, @project, @merge_request), data: {target: 'div#commits', action: 'commits', toggle: 'tab'} do
             Commits
-            %span.badge= @commits.size
+            %span.badge= @commits_count
         - if @pipeline
           %li.builds-tab
             = link_to builds_namespace_project_merge_request_path(@project.namespace, @project, @merge_request), data: {target: '#builds', action: 'builds', toggle: 'tab'} do
diff --git a/app/views/projects/merge_requests/widget/_open.html.haml b/app/views/projects/merge_requests/widget/_open.html.haml
index 0e0af57d76e..dc18f715f25 100644
--- a/app/views/projects/merge_requests/widget/_open.html.haml
+++ b/app/views/projects/merge_requests/widget/_open.html.haml
@@ -22,10 +22,10 @@
     - elsif @merge_request.can_be_merged?
       = render 'projects/merge_requests/widget/open/accept'
 
-  - if @closes_issues.present?
+  - if mr_closes_issues.present?
     .mr-widget-footer
       %span
         %i.fa.fa-check
-        Accepting this merge request will close #{"issue".pluralize(@closes_issues.size)}
+        Accepting this merge request will close #{"issue".pluralize(mr_closes_issues.size)}
         = succeed '.' do
-          != markdown issues_sentence(@closes_issues), pipeline: :gfm, author: @merge_request.author
+          != markdown issues_sentence(mr_closes_issues), pipeline: :gfm, author: @merge_request.author
diff --git a/app/views/projects/snippets/_actions.html.haml b/app/views/projects/snippets/_actions.html.haml
index bf57beb9d07..bdbf3e5f4d6 100644
--- a/app/views/projects/snippets/_actions.html.haml
+++ b/app/views/projects/snippets/_actions.html.haml
@@ -1,27 +1,29 @@
 .hidden-xs
-  = link_to new_namespace_project_snippet_path(@project.namespace, @project), class: 'btn btn-grouped btn-create new-snippet-link', title: "New Snippet" do
-    = icon('plus')
-    New Snippet
+  - if can?(current_user, :create_project_snippet, @project)
+    = link_to new_namespace_project_snippet_path(@project.namespace, @project), class: 'btn btn-grouped btn-create new-snippet-link', title: "New Snippet" do
+      New Snippet
   - if can?(current_user, :update_project_snippet, @snippet)
     = link_to edit_namespace_project_snippet_path(@project.namespace, @project, @snippet), class: "btn btn-grouped snippable-edit" do
       Edit
   - if can?(current_user, :update_project_snippet, @snippet)
     = link_to namespace_project_snippet_path(@project.namespace, @project, @snippet), method: :delete, data: { confirm: "Are you sure?" }, class: "btn btn-grouped btn-warning", title: 'Delete Snippet' do
       Delete
-.visible-xs-block.dropdown
-  %button.btn.btn-default.btn-block.append-bottom-0.prepend-top-5{ data: { toggle: "dropdown" } }
-    Options
-    %span.caret
-  .dropdown-menu.dropdown-menu-full-width
-    %ul
-      %li
-        = link_to new_namespace_project_snippet_path(@project.namespace, @project), title: "New Snippet" do
-          New Snippet
-      - if can?(current_user, :update_project_snippet, @snippet)
-        %li
-          = link_to edit_namespace_project_snippet_path(@project.namespace, @project, @snippet) do
-            Edit
-      - if can?(current_user, :update_project_snippet, @snippet)
-        %li
-          = link_to namespace_project_snippet_path(@project.namespace, @project, @snippet), method: :delete, data: { confirm: "Are you sure?" }, title: 'Delete Snippet' do
-            Delete
+- if can?(current_user, :create_project_snippet, @project) || can?(current_user, :update_project_snippet, @snippet)
+  .visible-xs-block.dropdown
+    %button.btn.btn-default.btn-block.append-bottom-0.prepend-top-5{ data: { toggle: "dropdown" } }
+      Options
+      %span.caret
+    .dropdown-menu.dropdown-menu-full-width
+      %ul
+        - if can?(current_user, :create_project_snippet, @project)
+          %li
+            = link_to new_namespace_project_snippet_path(@project.namespace, @project), title: "New Snippet" do
+              New Snippet
+        - if can?(current_user, :update_project_snippet, @snippet)
+          %li
+            = link_to edit_namespace_project_snippet_path(@project.namespace, @project, @snippet) do
+              Edit
+        - if can?(current_user, :update_project_snippet, @snippet)
+          %li
+            = link_to namespace_project_snippet_path(@project.namespace, @project, @snippet), method: :delete, data: { confirm: "Are you sure?" }, title: 'Delete Snippet' do
+              Delete
diff --git a/app/views/projects/snippets/index.html.haml b/app/views/projects/snippets/index.html.haml
index 96fee3b17b2..6c994ae486b 100644
--- a/app/views/projects/snippets/index.html.haml
+++ b/app/views/projects/snippets/index.html.haml
@@ -2,9 +2,9 @@
 
 .row-content-block.top-block
   .pull-right
-    = link_to new_namespace_project_snippet_path(@project.namespace, @project), class: "btn btn-new", title: "New Snippet" do
-      = icon('plus')
-      New Snippet
+    - if can?(current_user, :create_project_snippet, @project)
+      = link_to new_namespace_project_snippet_path(@project.namespace, @project), class: "btn btn-new", title: "New Snippet" do
+        New Snippet
 
   .oneline
     Share code pastes with others out of git repository
diff --git a/app/views/snippets/_actions.html.haml b/app/views/snippets/_actions.html.haml
index a7769654b61..160c6cd84da 100644
--- a/app/views/snippets/_actions.html.haml
+++ b/app/views/snippets/_actions.html.haml
@@ -1,27 +1,28 @@
 .hidden-xs
-  = link_to new_snippet_path, class: "btn btn-grouped btn-create new-snippet-link", title: "New Snippet" do
-    = icon('plus')
-    New Snippet
+  - if current_user
+    = link_to new_snippet_path, class: "btn btn-grouped btn-create new-snippet-link", title: "New Snippet" do
+      New Snippet
   - if can?(current_user, :update_personal_snippet, @snippet)
     = link_to edit_snippet_path(@snippet), class: "btn btn-grouped snippable-edit" do
       Edit
   - if can?(current_user, :admin_personal_snippet, @snippet)
-    = link_to snippet_path(@snippet), method: :delete, data: { confirm: "Are you sure?" }, class: "btn btn-grouped btn-warning", title: 'Delete Snippet' do
+    = link_to snippet_path(@snippet), method: :delete, data: { confirm: "Are you sure?" }, class: "btn btn-grouped btn-danger", title: 'Delete Snippet' do
       Delete
-.visible-xs-block.dropdown
-  %button.btn.btn-default.btn-block.append-bottom-0.prepend-top-5{ data: { toggle: "dropdown" } }
-    Options
-    %span.caret
-  .dropdown-menu.dropdown-menu-full-width
-    %ul
-      %li
-        = link_to new_snippet_path, title: "New Snippet" do
-          New Snippet
-      - if can?(current_user, :update_personal_snippet, @snippet)
+- if current_user
+  .visible-xs-block.dropdown
+    %button.btn.btn-default.btn-block.append-bottom-0.prepend-top-5{ data: { toggle: "dropdown" } }
+      Options
+      %span.caret
+    .dropdown-menu.dropdown-menu-full-width
+      %ul
         %li
-          = link_to edit_snippet_path(@snippet) do
-            Edit
-      - if can?(current_user, :admin_personal_snippet, @snippet)
-        %li
-          = link_to snippet_path(@snippet), method: :delete, data: { confirm: "Are you sure?" }, title: 'Delete Snippet' do
-            Delete
+          = link_to new_snippet_path, title: "New Snippet" do
+            New Snippet
+        - if can?(current_user, :update_personal_snippet, @snippet)
+          %li
+            = link_to edit_snippet_path(@snippet) do
+              Edit
+        - if can?(current_user, :admin_personal_snippet, @snippet)
+          %li
+            = link_to snippet_path(@snippet), method: :delete, data: { confirm: "Are you sure?" }, title: 'Delete Snippet' do
+              Delete
diff --git a/config/application.rb b/config/application.rb
index 2b0595ede2b..21e7cc7b6e8 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -84,6 +84,7 @@ module Gitlab
     config.assets.precompile << "graphs/application.js"
     config.assets.precompile << "users/application.js"
     config.assets.precompile << "network/application.js"
+    config.assets.precompile << "profile/application.js"
     config.assets.precompile << "lib/utils/*.js"
     config.assets.precompile << "lib/*.js"
 
diff --git a/db/migrate/20160616102642_remove_duplicated_keys.rb b/db/migrate/20160616102642_remove_duplicated_keys.rb
index 00a45d7fe73..180a75e0998 100644
--- a/db/migrate/20160616102642_remove_duplicated_keys.rb
+++ b/db/migrate/20160616102642_remove_duplicated_keys.rb
@@ -4,12 +4,12 @@ class RemoveDuplicatedKeys < ActiveRecord::Migration
     select_all("SELECT fingerprint FROM #{quote_table_name(:keys)} GROUP BY fingerprint HAVING COUNT(*) > 1").each do |row|
       fingerprint = connection.quote(row['fingerprint'])
       execute(%Q{
-        DELETE FROM keys
+        DELETE FROM #{quote_table_name(:keys)}
         WHERE fingerprint = #{fingerprint}
         AND id != (
           SELECT id FROM (
             SELECT max(id) AS id
-            FROM keys
+            FROM #{quote_table_name(:keys)}
             WHERE fingerprint = #{fingerprint}
           ) max_ids
         )
diff --git a/db/migrate/20160620110927_fix_no_validatable_import_url.rb b/db/migrate/20160620110927_fix_no_validatable_import_url.rb
deleted file mode 100644
index 82a616c62d9..00000000000
--- a/db/migrate/20160620110927_fix_no_validatable_import_url.rb
+++ /dev/null
@@ -1,86 +0,0 @@
-# Updates project records containing invalid URLs using the AddressableUrlValidator.
-# This is optimized assuming the number of invalid records is low, but
-# we still need to loop through all the projects with an +import_url+
-# so we use batching for the latter.
-#
-# This migration is non-reversible as we would have to keep the old data.
-
-class FixNoValidatableImportUrl < ActiveRecord::Migration
-  include Gitlab::Database::MigrationHelpers
-  class SqlBatches
-
-    attr_reader :results, :query
-
-    def initialize(batch_size: 100, query:)
-      @offset = 0
-      @batch_size = batch_size
-      @query = query
-      @results = []
-    end
-
-    def next?
-      @results = ActiveRecord::Base.connection.exec_query(batched_sql)
-      @offset += @batch_size
-      @results.any?
-    end
-
-    private
-
-    def batched_sql
-      "#{@query} LIMIT #{@batch_size} OFFSET #{@offset}"
-    end
-  end
-
-  # AddressableValidator - Snapshot of AddressableUrlValidator
-  module AddressableUrlValidatorSnap
-    extend self
-
-    def valid_url?(value)
-      return false unless value
-
-      valid_uri?(value) && valid_protocol?(value)
-    rescue Addressable::URI::InvalidURIError
-      false
-    end
-
-    def valid_uri?(value)
-      Addressable::URI.parse(value).is_a?(Addressable::URI)
-    end
-
-    def valid_protocol?(value)
-      value =~ /\A#{URI.regexp(%w(http https ssh git))}\z/
-    end
-  end
-
-  def up
-    unless defined?(Addressable::URI::InvalidURIError)
-      say('Skipping cleaning up invalid import URLs as class from Addressable is missing')
-      return
-    end
-
-    say('Cleaning up invalid import URLs... This may take a few minutes if we have a large number of imported projects.')
-
-    invalid_import_url_project_ids.each { |project_id| cleanup_import_url(project_id) }
-  end
-
-  def invalid_import_url_project_ids
-    ids = []
-    batches = SqlBatches.new(query: "SELECT id, import_url FROM projects WHERE import_url IS NOT NULL")
-
-    while batches.next?
-      batches.results.each do |result|
-        ids << result['id'] unless valid_url?(result['import_url'])
-      end
-    end
-
-    ids
-  end
-
-  def valid_url?(url)
-    AddressableUrlValidatorSnap.valid_url?(url)
-  end
-
-  def cleanup_import_url(project_id)
-    execute("UPDATE projects SET import_url = NULL WHERE id = #{project_id}")
-  end
-end
diff --git a/doc/administration/custom_hooks.md b/doc/administration/custom_hooks.md
index 9fd7b71d2dc..e3306c22d3f 100644
--- a/doc/administration/custom_hooks.md
+++ b/doc/administration/custom_hooks.md
@@ -48,7 +48,8 @@ as appropriate.
 This feature was [introduced][5073] in GitLab 8.10.
 
 If the commit is declined or an error occurs during the Git hook check,
-the STDERR and/or SDOUT message of the hook will be present in GitLab's UI.
+the STDERR or STDOUT message of the hook will be present in GitLab's UI.
+STDERR takes precedence over STDOUT.
 
 ![Custom message from custom Git hook](img/custom_hooks_error_msg.png)
 
diff --git a/doc/api/groups.md b/doc/api/groups.md
index 1ccb9715e96..87480bebfc4 100644
--- a/doc/api/groups.md
+++ b/doc/api/groups.md
@@ -42,46 +42,49 @@ Parameters:
 ```json

 [

   {

-    "id": 4,

-    "description": null,

+    "id": 9,

+    "description": "foo",

     "default_branch": "master",

+    "tag_list": [],

     "public": false,

-    "visibility_level": 0,

-    "ssh_url_to_repo": "git@example.com:diaspora/diaspora-client.git",

-    "http_url_to_repo": "http://example.com/diaspora/diaspora-client.git",

-    "web_url": "http://example.com/diaspora/diaspora-client",

-    "tag_list": [

-      "example",

-      "disapora client"

-    ],

-    "owner": {

-      "id": 3,

-      "name": "Diaspora",

-      "created_at": "2013-09-30T13: 46: 02Z"

-    },

-    "name": "Diaspora Client",

-    "name_with_namespace": "Diaspora / Diaspora Client",

-    "path": "diaspora-client",

-    "path_with_namespace": "diaspora/diaspora-client",

+    "archived": false,

+    "visibility_level": 10,

+    "ssh_url_to_repo": "git@gitlab.example.com/html5-boilerplate.git",

+    "http_url_to_repo": "http://gitlab.example.com/h5bp/html5-boilerplate.git",

+    "web_url": "http://gitlab.example.com/h5bp/html5-boilerplate",

+    "name": "Html5 Boilerplate",

+    "name_with_namespace": "Experimental / Html5 Boilerplate",

+    "path": "html5-boilerplate",

+    "path_with_namespace": "h5bp/html5-boilerplate",

     "issues_enabled": true,

     "merge_requests_enabled": true,

-    "builds_enabled": true,

     "wiki_enabled": true,

-    "snippets_enabled": false,

-    "created_at": "2013-09-30T13: 46: 02Z",

-    "last_activity_at": "2013-09-30T13: 46: 02Z",

-    "creator_id": 3,

+    "builds_enabled": true,

+    "snippets_enabled": true,

+    "created_at": "2016-04-05T21:40:50.169Z",

+    "last_activity_at": "2016-04-06T16:52:08.432Z",

+    "shared_runners_enabled": true,

+    "creator_id": 1,

     "namespace": {

-      "created_at": "2013-09-30T13: 46: 02Z",

-      "description": "",

-      "id": 3,

-      "name": "Diaspora",

-      "owner_id": 1,

-      "path": "diaspora",

-      "updated_at": "2013-09-30T13: 46: 02Z"

+      "id": 5,

+      "name": "Experimental",

+      "path": "h5bp",

+      "owner_id": null,

+      "created_at": "2016-04-05T21:40:49.152Z",

+      "updated_at": "2016-04-07T08:07:48.466Z",

+      "description": "foo",

+      "avatar": {

+        "url": null

+      },

+      "share_with_group_lock": false,

+      "visibility_level": 10

     },

-    "archived": false,

-    "avatar_url": "http://example.com/uploads/project/avatar/4/uploads/avatar.png"

+    "avatar_url": null,

+    "star_count": 1,

+    "forks_count": 0,

+    "open_issues_count": 3,

+    "public_builds": true,

+    "shared_with_groups": []

   }

 ]

 ```

@@ -96,7 +99,180 @@ GET /groups/:id
 

 Parameters:

 

-- `id` (required) - The ID or path of a group

+| Attribute | Type | Required | Description |

+| --------- | ---- | -------- | ----------- |

+| `id` | integer/string | yes | The ID or path of a group |

+

+```bash

+curl -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/4

+```

+

+Example response:

+

+```json

+{

+  "id": 4,

+  "name": "Twitter",

+  "path": "twitter",

+  "description": "Aliquid qui quis dignissimos distinctio ut commodi voluptas est.",

+  "visibility_level": 20,

+  "avatar_url": null,

+  "web_url": "https://gitlab.example.com/groups/twitter",

+  "projects": [

+    {

+      "id": 7,

+      "description": "Voluptas veniam qui et beatae voluptas doloremque explicabo facilis.",

+      "default_branch": "master",

+      "tag_list": [],

+      "public": true,

+      "archived": false,

+      "visibility_level": 20,

+      "ssh_url_to_repo": "git@gitlab.example.com:twitter/typeahead-js.git",

+      "http_url_to_repo": "https://gitlab.example.com/twitter/typeahead-js.git",

+      "web_url": "https://gitlab.example.com/twitter/typeahead-js",

+      "name": "Typeahead.Js",

+      "name_with_namespace": "Twitter / Typeahead.Js",

+      "path": "typeahead-js",

+      "path_with_namespace": "twitter/typeahead-js",

+      "issues_enabled": true,

+      "merge_requests_enabled": true,

+      "wiki_enabled": true,

+      "builds_enabled": true,

+      "snippets_enabled": false,

+      "container_registry_enabled": true,

+      "created_at": "2016-06-17T07:47:25.578Z",

+      "last_activity_at": "2016-06-17T07:47:25.881Z",

+      "shared_runners_enabled": true,

+      "creator_id": 1,

+      "namespace": {

+        "id": 4,

+        "name": "Twitter",

+        "path": "twitter",

+        "owner_id": null,

+        "created_at": "2016-06-17T07:47:24.216Z",

+        "updated_at": "2016-06-17T07:47:24.216Z",

+        "description": "Aliquid qui quis dignissimos distinctio ut commodi voluptas est.",

+        "avatar": {

+          "url": null

+        },

+        "share_with_group_lock": false,

+        "visibility_level": 20

+      },

+      "avatar_url": null,

+      "star_count": 0,

+      "forks_count": 0,

+      "open_issues_count": 3,

+      "public_builds": true,

+      "shared_with_groups": []

+    },

+    {

+      "id": 6,

+      "description": "Aspernatur omnis repudiandae qui voluptatibus eaque.",

+      "default_branch": "master",

+      "tag_list": [],

+      "public": false,

+      "archived": false,

+      "visibility_level": 10,

+      "ssh_url_to_repo": "git@gitlab.example.com:twitter/flight.git",

+      "http_url_to_repo": "https://gitlab.example.com/twitter/flight.git",

+      "web_url": "https://gitlab.example.com/twitter/flight",

+      "name": "Flight",

+      "name_with_namespace": "Twitter / Flight",

+      "path": "flight",

+      "path_with_namespace": "twitter/flight",

+      "issues_enabled": true,

+      "merge_requests_enabled": true,

+      "wiki_enabled": true,

+      "builds_enabled": true,

+      "snippets_enabled": false,

+      "container_registry_enabled": true,

+      "created_at": "2016-06-17T07:47:24.661Z",

+      "last_activity_at": "2016-06-17T07:47:24.838Z",

+      "shared_runners_enabled": true,

+      "creator_id": 1,

+      "namespace": {

+        "id": 4,

+        "name": "Twitter",

+        "path": "twitter",

+        "owner_id": null,

+        "created_at": "2016-06-17T07:47:24.216Z",

+        "updated_at": "2016-06-17T07:47:24.216Z",

+        "description": "Aliquid qui quis dignissimos distinctio ut commodi voluptas est.",

+        "avatar": {

+          "url": null

+        },

+        "share_with_group_lock": false,

+        "visibility_level": 20

+      },

+      "avatar_url": null,

+      "star_count": 0,

+      "forks_count": 0,

+      "open_issues_count": 8,

+      "public_builds": true,

+      "shared_with_groups": []

+    }

+  ],

+  "shared_projects": [

+    {

+      "id": 8,

+      "description": "Velit eveniet provident fugiat saepe eligendi autem.",

+      "default_branch": "master",

+      "tag_list": [],

+      "public": false,

+      "archived": false,

+      "visibility_level": 0,

+      "ssh_url_to_repo": "git@gitlab.example.com:h5bp/html5-boilerplate.git",

+      "http_url_to_repo": "https://gitlab.example.com/h5bp/html5-boilerplate.git",

+      "web_url": "https://gitlab.example.com/h5bp/html5-boilerplate",

+      "name": "Html5 Boilerplate",

+      "name_with_namespace": "H5bp / Html5 Boilerplate",

+      "path": "html5-boilerplate",

+      "path_with_namespace": "h5bp/html5-boilerplate",

+      "issues_enabled": true,

+      "merge_requests_enabled": true,

+      "wiki_enabled": true,

+      "builds_enabled": true,

+      "snippets_enabled": false,

+      "container_registry_enabled": true,

+      "created_at": "2016-06-17T07:47:27.089Z",

+      "last_activity_at": "2016-06-17T07:47:27.310Z",

+      "shared_runners_enabled": true,

+      "creator_id": 1,

+      "namespace": {

+        "id": 5,

+        "name": "H5bp",

+        "path": "h5bp",

+        "owner_id": null,

+        "created_at": "2016-06-17T07:47:26.621Z",

+        "updated_at": "2016-06-17T07:47:26.621Z",

+        "description": "Id consequatur rem vel qui doloremque saepe.",

+        "avatar": {

+          "url": null

+        },

+        "share_with_group_lock": false,

+        "visibility_level": 20

+      },

+      "avatar_url": null,

+      "star_count": 0,

+      "forks_count": 0,

+      "open_issues_count": 4,

+      "public_builds": true,

+      "shared_with_groups": [

+        {

+          "group_id": 4,

+          "group_name": "Twitter",

+          "group_access_level": 30

+        },

+        {

+          "group_id": 3,

+          "group_name": "Gitlab Org",

+          "group_access_level": 10

+        }

+      ]

+    }

+  ]

+}

+```

 

 ## New group

 

@@ -201,7 +377,8 @@ Example response:
       "star_count": 1,

       "forks_count": 0,

       "open_issues_count": 3,

-      "public_builds": true

+      "public_builds": true,

+      "shared_with_groups": []

     }

   ]

 }

diff --git a/doc/api/merge_requests.md b/doc/api/merge_requests.md
index aee94b3fc36..816f09e1007 100644
--- a/doc/api/merge_requests.md
+++ b/doc/api/merge_requests.md
@@ -49,10 +49,10 @@ Parameters:
       "state": "active",
       "created_at": "2012-04-29T08:46:00Z"
     },
-    "source_project_id": "2",
-    "target_project_id": "3",
+    "source_project_id": 2,
+    "target_project_id": 3,
     "labels": [ ],
-    "description":"fixed login page css paddings",
+    "description": "fixed login page css paddings",
     "work_in_progress": false,
     "milestone": {
       "id": 5,
@@ -113,10 +113,10 @@ Parameters:
     "state": "active",
     "created_at": "2012-04-29T08:46:00Z"
   },
-  "source_project_id": "2",
-  "target_project_id": "3",
+  "source_project_id": 2,
+  "target_project_id": 3,
   "labels": [ ],
-  "description":"fixed login page css paddings",
+  "description": "fixed login page css paddings",
   "work_in_progress": false,
   "milestone": {
     "id": 5,
@@ -296,7 +296,7 @@ Parameters:
   "source_project_id": 4,
   "target_project_id": 4,
   "labels": [ ],
-  "description":"fixed login page css paddings",
+  "description": "fixed login page css paddings",
   "work_in_progress": false,
   "milestone": {
     "id": 5,
@@ -465,7 +465,7 @@ Parameters:
   "source_project_id": 4,
   "target_project_id": 4,
   "labels": [ ],
-  "description":"fixed login page css paddings",
+  "description": "fixed login page css paddings",
   "work_in_progress": false,
   "milestone": {
     "id": 5,
@@ -531,7 +531,7 @@ Parameters:
   "source_project_id": 4,
   "target_project_id": 4,
   "labels": [ ],
-  "description":"fixed login page css paddings",
+  "description": "fixed login page css paddings",
   "work_in_progress": false,
   "milestone": {
     "id": 5,
diff --git a/doc/api/projects.md b/doc/api/projects.md
index f5f195b97df..dceee7b4ea7 100644
--- a/doc/api/projects.md
+++ b/doc/api/projects.md
@@ -52,7 +52,7 @@ Parameters:
     "owner": {
       "id": 3,
       "name": "Diaspora",
-      "created_at": "2013-09-30T13: 46: 02Z"
+      "created_at": "2013-09-30T13:46:02Z"
     },
     "name": "Diaspora Client",
     "name_with_namespace": "Diaspora / Diaspora Client",
@@ -64,17 +64,18 @@ Parameters:
     "builds_enabled": true,
     "wiki_enabled": true,
     "snippets_enabled": false,
-    "created_at": "2013-09-30T13: 46: 02Z",
-    "last_activity_at": "2013-09-30T13: 46: 02Z",
+    "container_registry_enabled": false,
+    "created_at": "2013-09-30T13:46:02Z",
+    "last_activity_at": "2013-09-30T13:46:02Z",
     "creator_id": 3,
     "namespace": {
-      "created_at": "2013-09-30T13: 46: 02Z",
+      "created_at": "2013-09-30T13:46:02Z",
       "description": "",
       "id": 3,
       "name": "Diaspora",
       "owner_id": 1,
       "path": "diaspora",
-      "updated_at": "2013-09-30T13: 46: 02Z"
+      "updated_at": "2013-09-30T13:46:02Z"
     },
     "archived": false,
     "avatar_url": "http://example.com/uploads/project/avatar/4/uploads/avatar.png",
@@ -82,7 +83,8 @@ Parameters:
     "forks_count": 0,
     "star_count": 0,
     "runners_token": "b8547b1dc37721d05889db52fa2f02",
-    "public_builds": true
+    "public_builds": true,
+    "shared_with_groups": []
   },
   {
     "id": 6,
@@ -112,6 +114,7 @@ Parameters:
     "builds_enabled": true,
     "wiki_enabled": true,
     "snippets_enabled": false,
+    "container_registry_enabled": false,
     "created_at": "2013-09-30T13:46:02Z",
     "last_activity_at": "2013-09-30T13:46:02Z",
     "creator_id": 3,
@@ -140,7 +143,8 @@ Parameters:
     "forks_count": 0,
     "star_count": 0,
     "runners_token": "b8547b1dc37721d05889db52fa2f02",
-    "public_builds": true
+    "public_builds": true,
+    "shared_with_groups": []
   }
 ]
 ```
@@ -223,7 +227,7 @@ Parameters:
   "owner": {
     "id": 3,
     "name": "Diaspora",
-    "created_at": "2013-09-30T13: 46: 02Z"
+    "created_at": "2013-09-30T13:46:02Z"
   },
   "name": "Diaspora Project Site",
   "name_with_namespace": "Diaspora / Diaspora Project Site",
@@ -235,17 +239,18 @@ Parameters:
   "builds_enabled": true,
   "wiki_enabled": true,
   "snippets_enabled": false,
-  "created_at": "2013-09-30T13: 46: 02Z",
-  "last_activity_at": "2013-09-30T13: 46: 02Z",
+  "container_registry_enabled": false,
+  "created_at": "2013-09-30T13:46:02Z",
+  "last_activity_at": "2013-09-30T13:46:02Z",
   "creator_id": 3,
   "namespace": {
-    "created_at": "2013-09-30T13: 46: 02Z",
+    "created_at": "2013-09-30T13:46:02Z",
     "description": "",
     "id": 3,
     "name": "Diaspora",
     "owner_id": 1,
     "path": "diaspora",
-    "updated_at": "2013-09-30T13: 46: 02Z"
+    "updated_at": "2013-09-30T13:46:02Z"
   },
   "permissions": {
     "project_access": {
@@ -262,7 +267,20 @@ Parameters:
   "shared_runners_enabled": true,
   "forks_count": 0,
   "star_count": 0,
-  "runners_token": "b8bc4a7a29eb76ea83cf79e4908c2b"
+  "runners_token": "b8bc4a7a29eb76ea83cf79e4908c2b",
+  "public_builds": true,
+  "shared_with_groups": [
+    {
+      "group_id": 4,
+      "group_name": "Twitter",
+      "group_access_level": 30
+    },
+    {
+      "group_id": 3,
+      "group_name": "Gitlab Org",
+      "group_access_level": 10
+    }
+  ]
 }
 ```
 
@@ -425,6 +443,7 @@ Parameters:
 - `wiki_enabled` (optional)
 - `snippets_enabled` (optional)
 - `container_registry_enabled` (optional)
+- `shared_runners_enabled` (optional)
 - `public` (optional) - if `true` same as setting visibility_level = 20
 - `visibility_level` (optional)
 - `import_url` (optional)
@@ -449,6 +468,7 @@ Parameters:
 - `wiki_enabled` (optional)
 - `snippets_enabled` (optional)
 - `container_registry_enabled` (optional)
+- `shared_runners_enabled` (optional)
 - `public` (optional) - if `true` same as setting visibility_level = 20
 - `visibility_level` (optional)
 - `import_url` (optional)
@@ -475,6 +495,7 @@ Parameters:
 - `wiki_enabled` (optional)
 - `snippets_enabled` (optional)
 - `container_registry_enabled` (optional)
+- `shared_runners_enabled` (optional)
 - `public` (optional) - if `true` same as setting visibility_level = 20
 - `visibility_level` (optional)
 - `public_builds` (optional)
@@ -537,23 +558,26 @@ Example response:
   "builds_enabled": true,
   "wiki_enabled": true,
   "snippets_enabled": false,
-  "created_at": "2013-09-30T13: 46: 02Z",
-  "last_activity_at": "2013-09-30T13: 46: 02Z",
+  "container_registry_enabled": false,
+  "created_at": "2013-09-30T13:46:02Z",
+  "last_activity_at": "2013-09-30T13:46:02Z",
   "creator_id": 3,
   "namespace": {
-    "created_at": "2013-09-30T13: 46: 02Z",
+    "created_at": "2013-09-30T13:46:02Z",
     "description": "",
     "id": 3,
     "name": "Diaspora",
     "owner_id": 1,
     "path": "diaspora",
-    "updated_at": "2013-09-30T13: 46: 02Z"
+    "updated_at": "2013-09-30T13:46:02Z"
   },
   "archived": true,
   "avatar_url": "http://example.com/uploads/project/avatar/3/uploads/avatar.png",
   "shared_runners_enabled": true,
   "forks_count": 0,
-  "star_count": 1
+  "star_count": 1,
+  "public_builds": true,
+  "shared_with_groups": []
 }
 ```
 
@@ -600,23 +624,26 @@ Example response:
   "builds_enabled": true,
   "wiki_enabled": true,
   "snippets_enabled": false,
-  "created_at": "2013-09-30T13: 46: 02Z",
-  "last_activity_at": "2013-09-30T13: 46: 02Z",
+  "container_registry_enabled": false,
+  "created_at": "2013-09-30T13:46:02Z",
+  "last_activity_at": "2013-09-30T13:46:02Z",
   "creator_id": 3,
   "namespace": {
-    "created_at": "2013-09-30T13: 46: 02Z",
+    "created_at": "2013-09-30T13:46:02Z",
     "description": "",
     "id": 3,
     "name": "Diaspora",
     "owner_id": 1,
     "path": "diaspora",
-    "updated_at": "2013-09-30T13: 46: 02Z"
+    "updated_at": "2013-09-30T13:46:02Z"
   },
   "archived": true,
   "avatar_url": "http://example.com/uploads/project/avatar/3/uploads/avatar.png",
   "shared_runners_enabled": true,
   "forks_count": 0,
-  "star_count": 0
+  "star_count": 0,
+  "public_builds": true,
+  "shared_with_groups": []
 }
 ```
 
@@ -660,7 +687,7 @@ Example response:
   "owner": {
     "id": 3,
     "name": "Diaspora",
-    "created_at": "2013-09-30T13: 46: 02Z"
+    "created_at": "2013-09-30T13:46:02Z"
   },
   "name": "Diaspora Project Site",
   "name_with_namespace": "Diaspora / Diaspora Project Site",
@@ -672,17 +699,18 @@ Example response:
   "builds_enabled": true,
   "wiki_enabled": true,
   "snippets_enabled": false,
-  "created_at": "2013-09-30T13: 46: 02Z",
-  "last_activity_at": "2013-09-30T13: 46: 02Z",
+  "container_registry_enabled": false,
+  "created_at": "2013-09-30T13:46:02Z",
+  "last_activity_at": "2013-09-30T13:46:02Z",
   "creator_id": 3,
   "namespace": {
-    "created_at": "2013-09-30T13: 46: 02Z",
+    "created_at": "2013-09-30T13:46:02Z",
     "description": "",
     "id": 3,
     "name": "Diaspora",
     "owner_id": 1,
     "path": "diaspora",
-    "updated_at": "2013-09-30T13: 46: 02Z"
+    "updated_at": "2013-09-30T13:46:02Z"
   },
   "permissions": {
     "project_access": {
@@ -699,7 +727,9 @@ Example response:
   "shared_runners_enabled": true,
   "forks_count": 0,
   "star_count": 0,
-  "runners_token": "b8bc4a7a29eb76ea83cf79e4908c2b"
+  "runners_token": "b8bc4a7a29eb76ea83cf79e4908c2b",
+  "public_builds": true,
+  "shared_with_groups": []
 }
 ```
 
@@ -713,7 +743,7 @@ have the proper access rights, code 403 is returned. Status 404 is returned if t
 doesn't exist, or is hidden to the user.
 
 ```
-POST /projects/:id/archive
+POST /projects/:id/unarchive
 ```
 
 | Attribute | Type | Required | Description |
@@ -743,7 +773,7 @@ Example response:
   "owner": {
     "id": 3,
     "name": "Diaspora",
-    "created_at": "2013-09-30T13: 46: 02Z"
+    "created_at": "2013-09-30T13:46:02Z"
   },
   "name": "Diaspora Project Site",
   "name_with_namespace": "Diaspora / Diaspora Project Site",
@@ -755,17 +785,18 @@ Example response:
   "builds_enabled": true,
   "wiki_enabled": true,
   "snippets_enabled": false,
-  "created_at": "2013-09-30T13: 46: 02Z",
-  "last_activity_at": "2013-09-30T13: 46: 02Z",
+  "container_registry_enabled": false,
+  "created_at": "2013-09-30T13:46:02Z",
+  "last_activity_at": "2013-09-30T13:46:02Z",
   "creator_id": 3,
   "namespace": {
-    "created_at": "2013-09-30T13: 46: 02Z",
+    "created_at": "2013-09-30T13:46:02Z",
     "description": "",
     "id": 3,
     "name": "Diaspora",
     "owner_id": 1,
     "path": "diaspora",
-    "updated_at": "2013-09-30T13: 46: 02Z"
+    "updated_at": "2013-09-30T13:46:02Z"
   },
   "permissions": {
     "project_access": {
@@ -782,7 +813,9 @@ Example response:
   "shared_runners_enabled": true,
   "forks_count": 0,
   "star_count": 0,
-  "runners_token": "b8bc4a7a29eb76ea83cf79e4908c2b"
+  "runners_token": "b8bc4a7a29eb76ea83cf79e4908c2b",
+  "public_builds": true,
+  "shared_with_groups": []
 }
 ```
 
@@ -965,11 +998,11 @@ Parameters:
   "id": 1,
   "url": "http://example.com/hook",
   "project_id": 3,
-  "push_events": "true",
-  "issues_events": "true",
-  "merge_requests_events": "true",
-  "note_events": "true",
-  "enable_ssl_verification": "true",
+  "push_events": true,
+  "issues_events": true,
+  "merge_requests_events": true,
+  "note_events": true,
+  "enable_ssl_verification": true,
   "created_at": "2012-10-12T17:04:47Z"
 }
 ```
@@ -1089,8 +1122,8 @@ Parameters:
         "name": "Jeremy Ashkenas",
         "email": "jashkenas@example.com"
       },
-      "authored_date": "2013-09-07T12: 58: 21+00: 00",
-      "committed_date": "2013-09-07T12: 58: 21+00: 00"
+      "authored_date": "2013-09-07T12:58:21+00:00",
+      "committed_date": "2013-09-07T12:58:21+00:00"
     },
     "protected": false
   }
diff --git a/doc/ci/examples/php.md b/doc/ci/examples/php.md
index 17e1c64bb8a..bfafcc44d66 100644
--- a/doc/ci/examples/php.md
+++ b/doc/ci/examples/php.md
@@ -49,7 +49,7 @@ apt-get update -yqq
 apt-get install git -yqq
 
 # Install phpunit, the tool that we will use for testing
-curl -o /usr/local/bin/phpunit https://phar.phpunit.de/phpunit.phar
+curl -Lo /usr/local/bin/phpunit https://phar.phpunit.de/phpunit.phar
 chmod +x /usr/local/bin/phpunit
 
 # Install mysql driver
diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md
index d2d1b04f893..eb81267242e 100644
--- a/doc/ci/yaml/README.md
+++ b/doc/ci/yaml/README.md
@@ -811,7 +811,7 @@ deploy:
 It's possible to overwrite globally defined `before_script` and `after_script`:
 
 ```yaml
-before_script
+before_script:
 - global before script
 
 job:
diff --git a/doc/development/ui_guide.md b/doc/development/ui_guide.md
index 5893b7c219e..ce0aaa2fd25 100644
--- a/doc/development/ui_guide.md
+++ b/doc/development/ui_guide.md
@@ -52,5 +52,6 @@ information from database or file system
 * Use red button for destructive actions (not revertable). For example removing issue.
 * Use green or blue button for primary action. Primary button should be only one. 
 Do not use both green and blue button in one form. 
-* For all other cases use default white button 
+* For all other cases use default white button. 
+* Text button should have only first word capitalized. So should be "Create issue" instead of "Create Issue"  
 
diff --git a/doc/integration/github.md b/doc/integration/github.md
index e7497e475c9..340c8a55fb3 100644
--- a/doc/integration/github.md
+++ b/doc/integration/github.md
@@ -19,7 +19,7 @@ GitHub will generate an application ID and secret key for you to use.
     - Application name: This can be anything. Consider something like "\<Organization\>'s GitLab" or "\<Your Name\>'s GitLab" or something else descriptive.
     - Homepage URL: The URL to your GitLab installation. 'https://gitlab.company.com'
     - Application description: Fill this in if you wish.
-    - Default authorization callback URL is '${YOUR_DOMAIN}/import/github/callback'
+    - Authorization callback URL is 'http(s)://${YOUR_DOMAIN}'
 1.  Select "Register application".
 
 1.  You should now see a Client ID and Client Secret near the top right of the page (see screenshot). 
diff --git a/doc/markdown/markdown.md b/doc/markdown/markdown.md
index 236eb7b12c4..fb2dd582754 100644
--- a/doc/markdown/markdown.md
+++ b/doc/markdown/markdown.md
@@ -7,11 +7,12 @@
 * [Newlines](#newlines)
 * [Multiple underscores in words](#multiple-underscores-in-words)
 * [URL auto-linking](#url-auto-linking)
+* [Multiline Blockquote](#multiline-blockquote)
 * [Code and Syntax Highlighting](#code-and-syntax-highlighting)
 * [Inline Diff](#inline-diff)
 * [Emoji](#emoji)
 * [Special GitLab references](#special-gitlab-references)
-* [Task lists](#task-lists)
+* [Task Lists](#task-lists)
 
 **[Standard Markdown](#standard-markdown)**
 
@@ -89,6 +90,37 @@ GFM will autolink almost any URL you copy and paste into your text.
 * irc://irc.freenode.net/gitlab
 * http://localhost:3000
 
+## Multiline Blockquote
+
+On top of standard Markdown [blockquotes](#blockquotes), which require prepending `>` to quoted lines,
+GFM supports multiline blockquotes fenced by <code>>>></code>.
+
+```no-highlight
+>>>
+If you paste a message from somewhere else
+
+that
+
+spans
+
+multiple lines,
+
+you can quote that without having to manually prepend `>` to every line!
+>>>
+```
+
+>>>
+If you paste a message from somewhere else
+
+that
+
+spans
+
+multiple lines,
+
+you can quote that without having to manually prepend `>` to every line!
+>>>
+
 ## Code and Syntax Highlighting
 
 _GitLab uses the [Rouge Ruby library][rouge] for syntax highlighting. For a
diff --git a/doc/update/8.9-to-8.10.md b/doc/update/8.9-to-8.10.md
index a51790b0bda..84065a84e50 100644
--- a/doc/update/8.9-to-8.10.md
+++ b/doc/update/8.9-to-8.10.md
@@ -46,7 +46,7 @@ sudo -u git -H git checkout 8-10-stable-ee
 ```bash
 cd /home/git/gitlab-shell
 sudo -u git -H git fetch --all --tags
-sudo -u git -H git checkout v3.1.0
+sudo -u git -H git checkout v3.2.0
 ```
 
 ### 5. Update gitlab-workhorse
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index db877d2eeb0..9076a0c3831 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -58,6 +58,14 @@ module API
       expose :path, :path_with_namespace
     end
 
+    class SharedGroup < Grape::Entity
+      expose :group_id
+      expose :group_name do |group_link, options|
+        group_link.group.name
+      end
+      expose :group_access, as: :group_access_level
+    end
+
     class Project < Grape::Entity
       expose :id, :description, :default_branch, :tag_list
       expose :public?, as: :public
@@ -77,6 +85,9 @@ module API
       expose :open_issues_count, if: lambda { |project, options| project.issues_enabled? && project.default_issues_tracker? }
       expose :runners_token, if: lambda { |_project, options| options[:user_can_admin_project] }
       expose :public_builds
+      expose :shared_with_groups do |project, options|
+        SharedGroup.represent(project.project_group_links.all, options)
+      end
     end
 
     class ProjectMember < UserBasic
@@ -93,6 +104,7 @@ module API
 
     class GroupDetail < Group
       expose :projects, using: Entities::Project
+      expose :shared_projects, using: Entities::Project
     end
 
     class GroupMember < UserBasic
diff --git a/lib/banzai/filter/blockquote_fence_filter.rb b/lib/banzai/filter/blockquote_fence_filter.rb
new file mode 100644
index 00000000000..d2c4b1e4d76
--- /dev/null
+++ b/lib/banzai/filter/blockquote_fence_filter.rb
@@ -0,0 +1,71 @@
+module Banzai
+  module Filter
+    class BlockquoteFenceFilter < HTML::Pipeline::TextFilter
+      REGEX = %r{
+          (?<code>
+            # Code blocks:
+            # ```
+            # Anything, including `>>>` blocks which are ignored by this filter
+            # ```
+
+            ^```
+            .+?
+            \n```$
+          )
+        |
+          (?<html>
+            # HTML block:
+            # <tag>
+            # Anything, including `>>>` blocks which are ignored by this filter
+            # </tag>
+
+            ^<[^>]+?>\n
+            .+?
+            \n<\/[^>]+?>$
+          )
+        |
+          (?:
+            # Blockquote:
+            # >>>
+            # Anything, including code and HTML blocks
+            # >>>
+
+            ^>>>\n
+            (?<quote>
+              (?:
+                  # Any character that doesn't introduce a code or HTML block
+                  (?!
+                      ^```
+                    |
+                      ^<[^>]+?>\n
+                  )
+                  .
+                |
+                  # A code block
+                  \g<code>
+                |
+                  # An HTML block
+                  \g<html>
+              )+?
+            )
+            \n>>>$
+          )
+      }mx.freeze
+
+      def initialize(text, context = nil, result = nil)
+        super text, context, result
+        @text = @text.delete("\r")
+      end
+
+      def call
+        @text.gsub(REGEX) do
+          if $~[:quote]
+            $~[:quote].gsub(/^/, "> ").gsub(/^> $/, ">")
+          else
+            $~[0]
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/banzai/pipeline/pre_process_pipeline.rb b/lib/banzai/pipeline/pre_process_pipeline.rb
index 50dc978b452..6cf219661d3 100644
--- a/lib/banzai/pipeline/pre_process_pipeline.rb
+++ b/lib/banzai/pipeline/pre_process_pipeline.rb
@@ -3,7 +3,8 @@ module Banzai
     class PreProcessPipeline < BasePipeline
       def self.filters
         FilterArray[
-          Filter::YamlFrontMatterFilter
+          Filter::YamlFrontMatterFilter,
+          Filter::BlockquoteFenceFilter,
         ]
       end
 
diff --git a/lib/banzai/reference_parser/base_parser.rb b/lib/banzai/reference_parser/base_parser.rb
index 3d7b9c4a024..6cf218aaa0d 100644
--- a/lib/banzai/reference_parser/base_parser.rb
+++ b/lib/banzai/reference_parser/base_parser.rb
@@ -133,8 +133,9 @@ module Banzai
         return {} if nodes.empty?
 
         ids = unique_attribute_values(nodes, attribute)
+        rows = collection_objects_for_ids(collection, ids)
 
-        collection.where(id: ids).each_with_object({}) do |row, hash|
+        rows.each_with_object({}) do |row, hash|
           hash[row.id] = row
         end
       end
@@ -153,6 +154,31 @@ module Banzai
         values.to_a
       end
 
+      # Queries the collection for the objects with the given IDs.
+      #
+      # If the RequestStore module is enabled this method will only query any
+      # objects that have not yet been queried. For objects that have already
+      # been queried the object is returned from the cache.
+      def collection_objects_for_ids(collection, ids)
+        if RequestStore.active?
+          cache = collection_cache[collection_cache_key(collection)]
+          to_query = ids.map(&:to_i) - cache.keys
+
+          unless to_query.empty?
+            collection.where(id: to_query).each { |row| cache[row.id] = row }
+          end
+
+          cache.values
+        else
+          collection.where(id: ids)
+        end
+      end
+
+      # Returns the cache key to use for a collection.
+      def collection_cache_key(collection)
+        collection.respond_to?(:model) ? collection.model : collection
+      end
+
       # Processes the list of HTML documents and returns an Array containing all
       # the references.
       def process(documents)
@@ -189,7 +215,7 @@ module Banzai
       end
 
       def find_projects_for_hash_keys(hash)
-        Project.where(id: hash.keys)
+        collection_objects_for_ids(Project, hash.keys)
       end
 
       private
@@ -199,6 +225,12 @@ module Banzai
       def lazy(&block)
         Gitlab::Lazy.new(&block)
       end
+
+      def collection_cache
+        RequestStore[:banzai_collection_cache] ||= Hash.new do |hash, key|
+          hash[key] = {}
+        end
+      end
     end
   end
 end
diff --git a/lib/banzai/reference_parser/user_parser.rb b/lib/banzai/reference_parser/user_parser.rb
index a12b0d19560..863f5725d3b 100644
--- a/lib/banzai/reference_parser/user_parser.rb
+++ b/lib/banzai/reference_parser/user_parser.rb
@@ -73,7 +73,7 @@ module Banzai
       def find_users(ids)
         return [] if ids.empty?
 
-        User.where(id: ids).to_a
+        collection_objects_for_ids(User, ids)
       end
 
       def find_users_for_groups(ids)
@@ -85,7 +85,8 @@ module Banzai
       def find_users_for_projects(ids)
         return [] if ids.empty?
 
-        Project.where(id: ids).flat_map { |p| p.team.members.to_a }
+        collection_objects_for_ids(Project, ids).
+          flat_map { |p| p.team.members.to_a }
       end
     end
   end
diff --git a/lib/gitlab/graphs/commits.rb b/lib/gitlab/graphs/commits.rb
index 2122339d2db..3caf9036459 100644
--- a/lib/gitlab/graphs/commits.rb
+++ b/lib/gitlab/graphs/commits.rb
@@ -18,7 +18,7 @@ module Gitlab
       end
 
       def commit_per_day
-        @commit_per_day ||= (@commits.size.to_f / @duration).round(1)
+        @commit_per_day ||= @commits.size / (@duration + 1)
       end
 
       def collect_data
diff --git a/lib/gitlab/url_sanitizer.rb b/lib/gitlab/url_sanitizer.rb
index 86ed18fb50d..19dad699edf 100644
--- a/lib/gitlab/url_sanitizer.rb
+++ b/lib/gitlab/url_sanitizer.rb
@@ -4,6 +4,8 @@ module Gitlab
       regexp = URI::Parser.new.make_regexp(['http', 'https', 'ssh', 'git'])
 
       content.gsub(regexp) { |url| new(url).masked_url }
+    rescue Addressable::URI::InvalidURIError
+      content.gsub(regexp, '')
     end
 
     def self.valid?(url)
diff --git a/lib/rouge/formatters/html_gitlab.rb b/lib/rouge/formatters/html_gitlab.rb
index 8c309efc7b8..3358ed6773e 100644
--- a/lib/rouge/formatters/html_gitlab.rb
+++ b/lib/rouge/formatters/html_gitlab.rb
@@ -143,18 +143,14 @@ module Rouge
               '</span>'
             end
           end
-          lines.join("\n")
-        else
-          if @linenos == 'inline'
-            lines = lines.each_with_index.map do |line, index|
-              number = index + @linenostart
-              "<span class=\"linenos\">#{number}</span>#{line}"
-            end
-            lines.join("\n")
-          else
-            lines.join("\n")
+        elsif @linenos == 'inline'
+          lines = lines.each_with_index.map do |line, index|
+            number = index + @linenostart
+            "<span class=\"linenos\">#{number}</span>#{line}"
           end
         end
+
+        lines.join("\n")
       end
 
       def span(tok, val)
diff --git a/spec/factories/projects.rb b/spec/factories/projects.rb
index 5c8ddbebf0d..b682ced75ac 100644
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@@ -2,7 +2,7 @@ FactoryGirl.define do
   # Project without repository
   #
   # Project does not have bare repository.
-  # Use this factory if you dont need repository in tests
+  # Use this factory if you don't need repository in tests
   factory :empty_project, class: 'Project' do
     sequence(:name) { |n| "project#{n}" }
     path { name.downcase.gsub(/\s/, '_') }
diff --git a/spec/fixtures/blockquote_fence_after.md b/spec/fixtures/blockquote_fence_after.md
new file mode 100644
index 00000000000..2652a842c0e
--- /dev/null
+++ b/spec/fixtures/blockquote_fence_after.md
@@ -0,0 +1,115 @@
+Single `>>>` inside code block:
+
+```
+# Code
+>>>
+# Code
+```
+
+Double `>>>` inside code block:
+
+```txt
+# Code
+>>>
+# Code
+>>>
+# Code
+```
+
+Blockquote outside code block:
+
+> Quote
+
+Code block inside blockquote:
+
+> Quote
+>
+> ```
+> # Code
+> ```
+>
+> Quote
+
+Single `>>>` inside code block inside blockquote:
+
+> Quote
+>
+> ```
+> # Code
+> >>>
+> # Code
+> ```
+>
+> Quote
+
+Double `>>>` inside code block inside blockquote:
+
+> Quote
+>
+> ```
+> # Code
+> >>>
+> # Code
+> >>>
+> # Code
+> ```
+>
+> Quote
+
+Single `>>>` inside HTML:
+
+<pre>
+# Code
+>>>
+# Code
+</pre>
+
+Double `>>>` inside HTML:
+
+<pre>
+# Code
+>>>
+# Code
+>>>
+# Code
+</pre>
+
+Blockquote outside HTML:
+
+> Quote
+
+HTML inside blockquote:
+
+> Quote
+>
+> <pre>
+> # Code
+> </pre>
+>
+> Quote
+
+Single `>>>` inside HTML inside blockquote:
+
+> Quote
+>
+> <pre>
+> # Code
+> >>>
+> # Code
+> </pre>
+>
+> Quote
+
+Double `>>>` inside HTML inside blockquote:
+
+> Quote
+>
+> <pre>
+> # Code
+> >>>
+> # Code
+> >>>
+> # Code
+> </pre>
+>
+> Quote
diff --git a/spec/fixtures/blockquote_fence_before.md b/spec/fixtures/blockquote_fence_before.md
new file mode 100644
index 00000000000..d52eec72896
--- /dev/null
+++ b/spec/fixtures/blockquote_fence_before.md
@@ -0,0 +1,131 @@
+Single `>>>` inside code block:
+
+```
+# Code
+>>>
+# Code
+```
+
+Double `>>>` inside code block:
+
+```txt
+# Code
+>>>
+# Code
+>>>
+# Code
+```
+
+Blockquote outside code block:
+
+>>>
+Quote
+>>>
+
+Code block inside blockquote:
+
+>>>
+Quote
+
+```
+# Code
+```
+
+Quote
+>>>
+
+Single `>>>` inside code block inside blockquote:
+
+>>>
+Quote
+
+```
+# Code
+>>>
+# Code
+```
+
+Quote
+>>>
+
+Double `>>>` inside code block inside blockquote:
+
+>>>
+Quote
+
+```
+# Code
+>>>
+# Code
+>>>
+# Code
+```
+
+Quote
+>>>
+
+Single `>>>` inside HTML:
+
+<pre>
+# Code
+>>>
+# Code
+</pre>
+
+Double `>>>` inside HTML:
+
+<pre>
+# Code
+>>>
+# Code
+>>>
+# Code
+</pre>
+
+Blockquote outside HTML:
+
+>>>
+Quote
+>>>
+
+HTML inside blockquote:
+
+>>>
+Quote
+
+<pre>
+# Code
+</pre>
+
+Quote
+>>>
+
+Single `>>>` inside HTML inside blockquote:
+
+>>>
+Quote
+
+<pre>
+# Code
+>>>
+# Code
+</pre>
+
+Quote
+>>>
+
+Double `>>>` inside HTML inside blockquote:
+
+>>>
+Quote
+
+<pre>
+# Code
+>>>
+# Code
+>>>
+# Code
+</pre>
+
+Quote
+>>>
diff --git a/spec/lib/banzai/filter/blockquote_fence_filter_spec.rb b/spec/lib/banzai/filter/blockquote_fence_filter_spec.rb
new file mode 100644
index 00000000000..2799249ae3e
--- /dev/null
+++ b/spec/lib/banzai/filter/blockquote_fence_filter_spec.rb
@@ -0,0 +1,14 @@
+require 'rails_helper'
+
+describe Banzai::Filter::BlockquoteFenceFilter, lib: true do
+  include FilterSpecHelper
+
+  it 'converts blockquote fences to blockquote lines' do
+    content = File.read(Rails.root.join('spec/fixtures/blockquote_fence_before.md'))
+    expected = File.read(Rails.root.join('spec/fixtures/blockquote_fence_after.md'))
+
+    output = filter(content)
+
+    expect(output).to eq(expected)
+  end
+end
diff --git a/spec/lib/banzai/reference_parser/base_parser_spec.rb b/spec/lib/banzai/reference_parser/base_parser_spec.rb
index 543b4786d84..ac9c66e2663 100644
--- a/spec/lib/banzai/reference_parser/base_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/base_parser_spec.rb
@@ -234,4 +234,79 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do
         to eq([project])
     end
   end
+
+  describe '#collection_objects_for_ids' do
+    context 'with RequestStore disabled' do
+      it 'queries the collection directly' do
+        collection = User.all
+
+        expect(collection).to receive(:where).twice.and_call_original
+
+        2.times do
+          expect(subject.collection_objects_for_ids(collection, [user.id])).
+            to eq([user])
+        end
+      end
+    end
+
+    context 'with RequestStore enabled' do
+      before do
+        cache = Hash.new { |hash, key| hash[key] = {} }
+
+        allow(RequestStore).to receive(:active?).and_return(true)
+        allow(subject).to receive(:collection_cache).and_return(cache)
+      end
+
+      it 'queries the collection on the first call' do
+        expect(subject.collection_objects_for_ids(User, [user.id])).
+          to eq([user])
+      end
+
+      it 'does not query previously queried objects' do
+        collection = User.all
+
+        expect(collection).to receive(:where).once.and_call_original
+
+        2.times do
+          expect(subject.collection_objects_for_ids(collection, [user.id])).
+            to eq([user])
+        end
+      end
+
+      it 'casts String based IDs to Fixnums before querying objects' do
+        2.times do
+          expect(subject.collection_objects_for_ids(User, [user.id.to_s])).
+            to eq([user])
+        end
+      end
+
+      it 'queries any additional objects after the first call' do
+        other_user = create(:user)
+
+        expect(subject.collection_objects_for_ids(User, [user.id])).
+          to eq([user])
+
+        expect(subject.collection_objects_for_ids(User, [user.id, other_user.id])).
+          to eq([user, other_user])
+      end
+
+      it 'caches objects on a per collection class basis' do
+        expect(subject.collection_objects_for_ids(User, [user.id])).
+          to eq([user])
+
+        expect(subject.collection_objects_for_ids(Project, [project.id])).
+          to eq([project])
+      end
+    end
+  end
+
+  describe '#collection_cache_key' do
+    it 'returns the cache key for a Class' do
+      expect(subject.collection_cache_key(Project)).to eq(Project)
+    end
+
+    it 'returns the cache key for an ActiveRecord::Relation' do
+      expect(subject.collection_cache_key(Project.all)).to eq(Project)
+    end
+  end
 end
diff --git a/spec/lib/gitlab/graphs/commits_spec.rb b/spec/lib/gitlab/graphs/commits_spec.rb
new file mode 100644
index 00000000000..f5c064303ad
--- /dev/null
+++ b/spec/lib/gitlab/graphs/commits_spec.rb
@@ -0,0 +1,39 @@
+require 'spec_helper'
+
+describe Gitlab::Graphs::Commits, lib: true do
+  let!(:project) { create(:project, :public, :empty_repo) }
+
+  let!(:commit1) { create(:commit, git_commit: RepoHelpers.sample_commit, project: project, committed_date: Time.now) }
+  let!(:commit1_yesterday) { create(:commit, git_commit: RepoHelpers.sample_commit, project: project, committed_date: 1.day.ago)}
+
+  let!(:commit2) { create(:commit, git_commit: RepoHelpers.another_sample_commit, project: project, committed_date: Time.now) }
+
+  describe '#commit_per_day' do
+    context 'when range is only commits from today' do
+      subject { described_class.new([commit2, commit1]).commit_per_day }
+      it { is_expected.to eq 2 }
+    end
+  end
+
+  context 'when range is only commits from today' do
+    subject { described_class.new([commit2, commit1]) }
+    describe '#commit_per_day' do
+      it { expect(subject.commit_per_day).to eq 2 }
+    end
+
+    describe '#duration' do
+      it { expect(subject.duration).to eq 0 }
+    end
+  end
+
+  context 'with commits from yesterday and today' do
+    subject { described_class.new([commit2, commit1_yesterday]) }
+    describe '#commit_per_day' do
+      it { expect(subject.commit_per_day).to eq 1 }
+    end
+
+    describe '#duration' do
+      it { expect(subject.duration).to eq 1 }
+    end
+  end
+end
diff --git a/spec/lib/gitlab/url_sanitizer_spec.rb b/spec/lib/gitlab/url_sanitizer_spec.rb
index 59024d3290b..2cb74629da8 100644
--- a/spec/lib/gitlab/url_sanitizer_spec.rb
+++ b/spec/lib/gitlab/url_sanitizer_spec.rb
@@ -45,6 +45,12 @@ describe Gitlab::UrlSanitizer, lib: true do
 
       expect(filtered_content).to include("user@server:project.git")
     end
+
+    it 'returns an empty string for invalid URLs' do
+      filtered_content = sanitize_url('ssh://')
+
+      expect(filtered_content).to include("repository '' not found")
+    end
   end
 
   describe '#sanitized_url' do
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 04141a45031..c2c94040ece 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -49,10 +49,25 @@ describe API::API, api: true  do
 
   describe "GET /groups/:id" do
     context "when authenticated as user" do
-      it "should return one of user1's groups" do
+      it "returns one of user1's groups" do
+        project = create(:project, namespace: group2, path: 'Foo')
+        create(:project_group_link, project: project, group: group1)
+
         get api("/groups/#{group1.id}", user1)
+
         expect(response).to have_http_status(200)
-        json_response['name'] == group1.name
+        expect(json_response['id']).to eq(group1.id)
+        expect(json_response['name']).to eq(group1.name)
+        expect(json_response['path']).to eq(group1.path)
+        expect(json_response['description']).to eq(group1.description)
+        expect(json_response['visibility_level']).to eq(group1.visibility_level)
+        expect(json_response['avatar_url']).to eq(group1.avatar_url)
+        expect(json_response['web_url']).to eq(group1.web_url)
+        expect(json_response['projects']).to be_an Array
+        expect(json_response['projects'].length).to eq(2)
+        expect(json_response['shared_projects']).to be_an Array
+        expect(json_response['shared_projects'].length).to eq(1)
+        expect(json_response['shared_projects'][0]['id']).to eq(project.id)
       end
 
       it "should not return a non existing group" do
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index 611dd2a2a88..8a52725a893 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -392,11 +392,47 @@ describe API::API, api: true  do
     before { project }
     before { project_member }
 
-    it 'should return a project by id' do
+    it 'returns a project by id' do
+      group = create(:group)
+      link = create(:project_group_link, project: project, group: group)
+
       get api("/projects/#{project.id}", user)
+
       expect(response).to have_http_status(200)
+      expect(json_response['id']).to eq(project.id)
+      expect(json_response['description']).to eq(project.description)
+      expect(json_response['default_branch']).to eq(project.default_branch)
+      expect(json_response['tag_list']).to be_an Array
+      expect(json_response['public']).to be_falsey
+      expect(json_response['archived']).to be_falsey
+      expect(json_response['visibility_level']).to be_present
+      expect(json_response['ssh_url_to_repo']).to be_present
+      expect(json_response['http_url_to_repo']).to be_present
+      expect(json_response['web_url']).to be_present
+      expect(json_response['owner']).to be_a Hash
+      expect(json_response['owner']).to be_a Hash
       expect(json_response['name']).to eq(project.name)
-      expect(json_response['owner']['username']).to eq(user.username)
+      expect(json_response['path']).to be_present
+      expect(json_response['issues_enabled']).to be_present
+      expect(json_response['merge_requests_enabled']).to be_present
+      expect(json_response['wiki_enabled']).to be_present
+      expect(json_response['builds_enabled']).to be_present
+      expect(json_response['snippets_enabled']).to be_present
+      expect(json_response['container_registry_enabled']).to be_present
+      expect(json_response['created_at']).to be_present
+      expect(json_response['last_activity_at']).to be_present
+      expect(json_response['shared_runners_enabled']).to be_present
+      expect(json_response['creator_id']).to be_present
+      expect(json_response['namespace']).to be_present
+      expect(json_response['avatar_url']).to be_nil
+      expect(json_response['star_count']).to be_present
+      expect(json_response['forks_count']).to be_present
+      expect(json_response['public_builds']).to be_present
+      expect(json_response['shared_with_groups']).to be_an Array
+      expect(json_response['shared_with_groups'].length).to eq(1)
+      expect(json_response['shared_with_groups'][0]['group_id']).to eq(group.id)
+      expect(json_response['shared_with_groups'][0]['group_name']).to eq(group.name)
+      expect(json_response['shared_with_groups'][0]['group_access_level']).to eq(link.group_access)
     end
 
     it 'should return a project by path name' do