Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ce into ee_issue_928_backport

author: Simon Knox <psimyn@gmail.com> 2017-09-06 14:35:58 +1000
committer: Simon Knox <psimyn@gmail.com> 2017-09-06 14:35:58 +1000
commit: b9aa55e1ea2ba226bd9bf4c6fb08fdec30e046c5 (patch)
tree: b7770180f178086c78ef2ca25d6bb2267f739110 /config
parent: 74740604211dab6632771f1bfd7dd67902fea7ef (diff)
parent: d68ff7f50a93ebbff537b5e795cf6bf80bd66a6e (diff)
download: gitlab-ce-b9aa55e1ea2ba226bd9bf4c6fb08fdec30e046c5.tar.gz
12 files changed, 41 insertions, 34 deletions
diff --git a/config/application.rb b/config/application.rb
index f69dab4de39..32a290f2002 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -51,31 +51,24 @@ module Gitlab
     # Configure sensitive parameters which will be filtered from the log file.
     #
     # Parameters filtered:
-    # - Password (:password, :password_confirmation)
-    # - Private tokens
+    # - Any parameter ending with `_token`
+    # - Any parameter containing `password`
+    # - Any parameter containing `secret`
     # - Two-factor tokens (:otp_attempt)
     # - Repo/Project Import URLs (:import_url)
     # - Build variables (:variables)
     # - GitLab Pages SSL cert/key info (:certificate, :encrypted_key)
     # - Webhook URLs (:hook)
-    # - GitLab-shell secret token (:secret_token)
     # - Sentry DSN (:sentry_dsn)
     # - Deploy keys (:key)
+    config.filter_parameters += [/_token$/, /password/, /secret/]
     config.filter_parameters += %i(
-      authentication_token
       certificate
       encrypted_key
       hook
       import_url
-      incoming_email_token
-      rss_token
       key
       otp_attempt
-      password
-      password_confirmation
-      private_token
-      runners_token
-      secret_token
       sentry_dsn
       variables
     )
diff --git a/config/dependency_decisions.yml b/config/dependency_decisions.yml
index ca5b941aebf..d6c3c84851b 100644
--- a/config/dependency_decisions.yml
+++ b/config/dependency_decisions.yml
@@ -404,3 +404,15 @@
     :why: https://github.com/mafintosh/thunky/blob/master/README.md#license
     :versions: []
     :when: 2017-08-07 05:56:09.907045000 Z
+- - :whitelist
+  - Unlicense
+  - :who: Nick Thomas <nick@gitlab.com>
+    :why: https://gitlab.com/gitlab-com/organization/issues/116
+    :versions: []
+    :when: 2017-09-01 17:17:51.996511844 Z
+- - :blacklist
+  - Facebook BSD+PATENTS
+  - :who: Nick Thomas <nick@gitlab.com>
+    :why: https://gitlab.com/gitlab-com/organization/issues/117
+    :versions: []
+    :when: 2017-09-04 12:59:51.150798717 Z
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 25285525846..c5704ac5857 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -273,9 +273,8 @@ production: &base
         encryption: 'plain'
 
         # Enables SSL certificate verification if encryption method is
-        # "start_tls" or "simple_tls". (Defaults to false for backward-
-        # compatibility)
-        verify_certificates: false
+        # "start_tls" or "simple_tls". Defaults to true.
+        verify_certificates: true
 
         # Specifies the path to a file containing a PEM-format CA certificate,
         # e.g. if you need to use an internal CA.
@@ -509,7 +508,7 @@ production: &base
         failure_count_threshold: 10 # number of failures before stopping attempts
         failure_wait_time: 30 # Seconds after an access failure before allowing access again
         failure_reset_time: 1800 # Time in seconds to expire failures
-        storage_timeout: 5 # Time in seconds to wait before aborting a storage access attempt
+        storage_timeout: 30 # Time in seconds to wait before aborting a storage access attempt
 
 
   ## Backup settings
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index abaabad5d65..360b72cdea3 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -155,18 +155,11 @@ if Settings.ldap['enabled'] || Rails.env.test?
     server['encryption'] = 'simple_tls' if server['encryption'] == 'ssl'
     server['encryption'] = 'start_tls' if server['encryption'] == 'tls'
 
-    # Certificates are not verified for backwards compatibility.
-    # This default should be flipped to true in 9.5.
-    if server['verify_certificates'].nil?
-      server['verify_certificates'] = false
-
-      message = <<-MSG.strip_heredoc
-        LDAP SSL certificate verification is disabled for backwards-compatibility.
-        Please add the "verify_certificates" option to gitlab.yml for each LDAP
-        server. Certificate verification will be enabled by default in GitLab 9.5.
-      MSG
-      Rails.logger.warn(message)
-    end
+    # Certificate verification was added in 9.4.2, and defaulted to false for
+    # backwards-compatibility.
+    #
+    # Since GitLab 10.0, verify_certificates defaults to true for security.
+    server['verify_certificates'] = true if server['verify_certificates'].nil?
 
     Settings.ldap['servers'][key] = server
   end
diff --git a/config/initializers/7_prometheus_metrics.rb b/config/initializers/7_prometheus_metrics.rb
index 54c797e0714..31839297523 100644
--- a/config/initializers/7_prometheus_metrics.rb
+++ b/config/initializers/7_prometheus_metrics.rb
@@ -1,4 +1,5 @@
 require 'prometheus/client'
+require 'prometheus/client/support/unicorn'
 
 Prometheus::Client.configure do |config|
   config.logger = Rails.logger
@@ -9,6 +10,8 @@ Prometheus::Client.configure do |config|
   if Rails.env.development? || Rails.env.test?
     config.multiprocess_files_dir ||= Rails.root.join('tmp/prometheus_multiproc_dir')
   end
+
+  config.pid_provider = Prometheus::Client::Support::Unicorn.method(:worker_pid_provider)
 end
 
 Sidekiq.configure_server do |config|
diff --git a/config/initializers/8_metrics.rb b/config/initializers/8_metrics.rb
index 370a976b64a..5b455a8065a 100644
--- a/config/initializers/8_metrics.rb
+++ b/config/initializers/8_metrics.rb
@@ -122,6 +122,7 @@ def instrument_classes(instrumentation)
 
   # Needed for https://gitlab.com/gitlab-org/gitlab-ce/issues/36061
   instrumentation.instrument_instance_method(MergeRequest, :ensure_ref_fetched)
+  instrumentation.instrument_instance_method(MergeRequest, :fetch_ref)
 end
 # rubocop:enable Metrics/AbcSize
 
diff --git a/config/initializers/fast_gettext.rb b/config/initializers/fast_gettext.rb
index eb589ecdb52..fd0167aa476 100644
--- a/config/initializers/fast_gettext.rb
+++ b/config/initializers/fast_gettext.rb
@@ -1,4 +1,7 @@
-FastGettext.add_text_domain 'gitlab', path: File.join(Rails.root, 'locale'), type: :po
+FastGettext.add_text_domain 'gitlab',
+                            path: File.join(Rails.root, 'locale'),
+                            type: :po,
+                            ignore_fuzzy: true
 FastGettext.default_text_domain = 'gitlab'
 FastGettext.default_available_locales = Gitlab::I18n.available_locales
 FastGettext.default_locale = :en
diff --git a/config/initializers/sentry.rb b/config/initializers/sentry.rb
index 6b0cff75653..62d0967009a 100644
--- a/config/initializers/sentry.rb
+++ b/config/initializers/sentry.rb
@@ -1,19 +1,18 @@
 # Be sure to restart your server when you modify this file.
 
 require 'gitlab/current_settings'
-include Gitlab::CurrentSettings
 
 if Rails.env.production?
   # allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done
   begin
-    sentry_enabled = current_application_settings.sentry_enabled
+    sentry_enabled = Gitlab::CurrentSettings.current_application_settings.sentry_enabled
   rescue
     sentry_enabled = false
   end
 
   if sentry_enabled
     Raven.configure do |config|
-      config.dsn = current_application_settings.sentry_dsn
+      config.dsn = Gitlab::CurrentSettings.current_application_settings.sentry_dsn
       config.release = Gitlab::REVISION
 
       # Sanitize fields based on those sanitized from Rails.
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index e8213ac8ba4..f2fde1e0048 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -1,11 +1,10 @@
 # Be sure to restart your server when you modify this file.
 
 require 'gitlab/current_settings'
-include Gitlab::CurrentSettings
 
 # allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done
 begin
-  Settings.gitlab['session_expire_delay'] = current_application_settings.session_expire_delay || 10080
+  Settings.gitlab['session_expire_delay'] = Gitlab::CurrentSettings.current_application_settings.session_expire_delay || 10080
 rescue
   Settings.gitlab['session_expire_delay'] ||= 10080
 end
diff --git a/config/routes.rb b/config/routes.rb
index 5d7166cad9a..5683725c8a2 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -27,6 +27,7 @@ Rails.application.routes.draw do
   get '/autocomplete/users' => 'autocomplete#users'
   get '/autocomplete/users/:id' => 'autocomplete#user'
   get '/autocomplete/projects' => 'autocomplete#projects'
+  get '/autocomplete/award_emojis' => 'autocomplete#award_emojis'
 
   # Search
   get 'search' => 'search#show'
diff --git a/config/routes/project.rb b/config/routes/project.rb
index 3c7c218c356..b36d13888cd 100644
--- a/config/routes/project.rb
+++ b/config/routes/project.rb
@@ -303,11 +303,13 @@ constraints(ProjectUrlConstrainer.new) do
         member do
           post :toggle_subscription
           post :mark_as_spam
+          post :move
           get :referenced_merge_requests
           get :related_branches
           get :can_create_branch
           get :realtime_changes
           post :create_merge_request
+          get :discussions, format: :json
         end
         collection do
           post  :bulk_update
diff --git a/config/webpack.config.js b/config/webpack.config.js
index 7d63a42d7d8..6b0cd023291 100644
--- a/config/webpack.config.js
+++ b/config/webpack.config.js
@@ -30,7 +30,7 @@ var config = {
     blob:                 './blob_edit/blob_bundle.js',
     boards:               './boards/boards_bundle.js',
     common:               './commons/index.js',
-    common_vue:           ['vue', './vue_shared/common_vue.js'],
+    common_vue:           './vue_shared/vue_resource_interceptor.js',
     common_d3:            ['d3'],
     cycle_analytics:      './cycle_analytics/cycle_analytics_bundle.js',
     commit_pipelines:     './commit/pipelines/pipelines_bundle.js',
@@ -55,6 +55,7 @@ var config = {
     monitoring:           './monitoring/monitoring_bundle.js',
     network:              './network/network_bundle.js',
     notebook_viewer:      './blob/notebook_viewer.js',
+    notes:                './notes/index.js',
     pdf_viewer:           './blob/pdf_viewer.js',
     pipelines:            './pipelines/pipelines_bundle.js',
     pipelines_charts:     './pipelines/pipelines_charts.js',
@@ -194,6 +195,7 @@ var config = {
         'merge_conflicts',
         'monitoring',
         'notebook_viewer',
+        'notes',
         'pdf_viewer',
         'pipelines',
         'pipelines_details',
author	Simon Knox <psimyn@gmail.com>	2017-09-06 14:35:58 +1000
committer	Simon Knox <psimyn@gmail.com>	2017-09-06 14:35:58 +1000
commit	b9aa55e1ea2ba226bd9bf4c6fb08fdec30e046c5 (patch)
tree	b7770180f178086c78ef2ca25d6bb2267f739110 /config
parent	74740604211dab6632771f1bfd7dd67902fea7ef (diff)
parent	d68ff7f50a93ebbff537b5e795cf6bf80bd66a6e (diff)
download	gitlab-ce-b9aa55e1ea2ba226bd9bf4c6fb08fdec30e046c5.tar.gz