373 files changed, 5360 insertions, 4729 deletions

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index cd19b6f47ff..6f356a07576 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,4 +1,4 @@
-image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.3-golang-1.8-git-2.7-phantomjs-2.1-node-7.1-postgresql-9.6"
+image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.3-golang-1.8-git-2.13-phantomjs-2.1-node-7.1-postgresql-9.6"
 
 .default-cache: &default-cache
   key: "ruby-233-with-yarn"
@@ -259,7 +259,7 @@ setup-test-env:
     <<: *default-cache
   script:
     - node --version
-    - yarn install --pure-lockfile --cache-folder .yarn-cache
+    - yarn install --frozen-lockfile --cache-folder .yarn-cache
     - bundle exec rake gettext:po_to_json
     - bundle exec rake gitlab:assets:compile
     - bundle exec ruby -Ispec -e 'require "spec_helper" ; TestEnv.init'
@@ -474,7 +474,6 @@ db:rollback-mysql:
   variables:
     SIZE: "1"
     SETUP_DB: "false"
-    RAILS_ENV: "development"
   script:
     - git clone https://gitlab.com/gitlab-org/gitlab-test.git
        /home/git/repositories/gitlab-org/gitlab-test.git
@@ -509,7 +508,7 @@ gitlab:assets:compile:
     WEBPACK_REPORT: "true"
     NO_COMPRESSION: "true"
   script:
-    - yarn install --pure-lockfile --production --cache-folder .yarn-cache
+    - yarn install --frozen-lockfile --production --cache-folder .yarn-cache
     - bundle exec rake gettext:po_to_json
     - bundle exec rake gitlab:assets:compile
   artifacts:
@@ -523,7 +522,7 @@ karma:
   <<: *dedicated-runner
   <<: *except-docs
   <<: *pull-cache
-  image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.3-golang-1.8-git-2.7-chrome-59.0-node-7.1-postgresql-9.6"
+  image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.3-golang-1.8-git-2.13-chrome-60.0-node-7.1-postgresql-9.6"
   stage: test
   variables:
     BABEL_ENV: "coverage"
diff --git a/.rubocop.yml b/.rubocop.yml
index d25b4ac39c9..23bb0fa8be8 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -251,6 +251,10 @@ Layout/Tab:
 Layout/TrailingBlankLines:
   Enabled: true
 
+# Avoid trailing whitespace.
+Layout/TrailingWhitespace:
+  Enabled: true
+
 # Style #######################################################################
 
 # Check the naming of accessor methods for get_/set_.
@@ -1174,29 +1178,33 @@ RSpec/VerifiedDoubles:
 GitlabSecurity/DeepMunge:
   Enabled: true
   Exclude:
-    - 'spec/**/*'
     - 'lib/**/*.rake'
+    - 'spec/**/*'
 
 GitlabSecurity/PublicSend:
   Enabled: true
   Exclude:
-    - 'spec/**/*'
+    - 'config/**/*'
+    - 'db/**/*'
+    - 'features/**/*'
     - 'lib/**/*.rake'
+    - 'qa/**/*'
+    - 'spec/**/*'
 
 GitlabSecurity/RedirectToParamsUpdate:
   Enabled: true
   Exclude:
-    - 'spec/**/*'
     - 'lib/**/*.rake'
+    - 'spec/**/*'
 
 GitlabSecurity/SqlInjection:
   Enabled: true
   Exclude:
-    - 'spec/**/*'
     - 'lib/**/*.rake'
+    - 'spec/**/*'
 
 GitlabSecurity/SystemCommandInjection:
   Enabled: true
   Exclude:
-    - 'spec/**/*'
     - 'lib/**/*.rake'
+    - 'spec/**/*'
diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
index cf14285ec2a..4b4f14efea4 100644
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@@ -57,11 +57,6 @@ Layout/SpaceInsideParens:
 Layout/SpaceInsidePercentLiteralDelimiters:
   Enabled: false
 
-# Offense count: 89
-# Cop supports --auto-correct.
-Layout/TrailingWhitespace:
-  Enabled: false
-
 # Offense count: 272
 RSpec/EmptyLineAfterFinalLet:
   Enabled: false
diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION
index c25c8e5b741..be386c9ede3 100644
--- a/GITALY_SERVER_VERSION
+++ b/GITALY_SERVER_VERSION
@@ -1 +1 @@
-0.30.0
+0.33.0
diff --git a/Gemfile b/Gemfile
index a484cefb9a4..6c8f64bfded 100644
--- a/Gemfile
+++ b/Gemfile
@@ -16,7 +16,7 @@ gem 'mysql2', '~> 0.4.5', group: :mysql
 gem 'pg', '~> 0.18.2', group: :postgres
 
 gem 'rugged', '~> 0.26.0'
-gem 'grape-route-helpers', '~> 2.0.0'
+gem 'grape-route-helpers', '~> 2.1.0'
 
 gem 'faraday', '~> 0.12'
 
@@ -76,7 +76,7 @@ gem 'gollum-rugged_adapter', '~> 0.4.4', require: false
 gem 'github-linguist', '~> 4.7.0', require: 'linguist'
 
 # API
-gem 'grape', '~> 0.19.2'
+gem 'grape', '~> 1.0'
 gem 'grape-entity', '~> 0.6.0'
 gem 'rack-cors', '~> 0.4.0', require: 'rack/cors'
 
@@ -144,8 +144,6 @@ end
 
 # State machine
 gem 'state_machines-activerecord', '~> 0.4.0'
-# Run events after state machine commits
-gem 'after_commit_queue', '~> 1.3.0'
 
 # Issue tags
 gem 'acts-as-taggable-on', '~> 4.0'
@@ -232,7 +230,7 @@ gem 'ace-rails-ap', '~> 4.1.0'
 gem 'mousetrap-rails', '~> 1.4.6'
 
 # Detect and convert string character encoding
-gem 'charlock_holmes', '~> 0.7.3'
+gem 'charlock_holmes', '~> 0.7.5'
 
 # Faster JSON
 gem 'oj', '~> 2.17.4'
@@ -289,7 +287,7 @@ group :metrics do
   gem 'influxdb', '~> 0.2', require: false
 
   # Prometheus
-  gem 'prometheus-client-mmap', '~>0.7.0.beta11'
+  gem 'prometheus-client-mmap', '~>0.7.0.beta12'
   gem 'raindrops', '~> 0.18'
 end
 
@@ -403,7 +401,7 @@ group :ed25519 do
 end
 
 # Gitaly GRPC client
-gem 'gitaly', '~> 0.27.0'
+gem 'gitaly', '~> 0.29.0'
 
 gem 'toml-rb', '~> 0.3.15', require: false
 
diff --git a/Gemfile.lock b/Gemfile.lock
index a93caba2393..ec8349cd1df 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -46,8 +46,6 @@ GEM
       ice_nine (~> 0.11.0)
       memoizable (~> 0.4.0)
     addressable (2.3.8)
-    after_commit_queue (1.3.0)
-      activerecord (>= 3.0)
     akismet (2.0.0)
     allocations (1.0.5)
     arel (6.0.4)
@@ -117,7 +115,7 @@ GEM
       activesupport (>= 4.0.0)
       mime-types (>= 1.16)
     cause (0.1)
-    charlock_holmes (0.7.3)
+    charlock_holmes (0.7.5)
     chronic (0.10.2)
     chronic_duration (0.10.6)
       numerizer (~> 0.1.1)
@@ -277,7 +275,7 @@ GEM
       po_to_json (>= 1.0.0)
       rails (>= 3.2.0)
     gherkin-ruby (0.3.2)
-    gitaly (0.27.0)
+    gitaly (0.29.0)
       google-protobuf (~> 3.1)
       grpc (~> 1.0)
     github-linguist (4.7.6)
@@ -342,12 +340,9 @@ GEM
       signet (~> 0.7)
     gpgme (2.0.13)
       mini_portile2 (~> 2.1)
-    grape (0.19.2)
+    grape (1.0.0)
       activesupport
       builder
-      hashie (>= 2.1.0)
-      multi_json (>= 1.3.2)
-      multi_xml (>= 0.5.2)
       mustermann-grape (~> 1.0.0)
       rack (>= 1.3.0)
       rack-accept
@@ -355,11 +350,11 @@ GEM
     grape-entity (0.6.0)
       activesupport
       multi_json (>= 1.3.2)
-    grape-route-helpers (2.0.0)
+    grape-route-helpers (2.1.0)
       activesupport
-      grape (~> 0.16, >= 0.16.0)
+      grape (>= 0.16.0)
       rake
-    grpc (1.4.0)
+    grpc (1.4.5)
       google-protobuf (~> 3.1)
       googleauth (~> 0.5.1)
     haml (4.0.7)
@@ -375,7 +370,7 @@ GEM
       thor
       tilt
     hashdiff (0.3.4)
-    hashie (3.5.5)
+    hashie (3.5.6)
     hashie-forbidden_attributes (0.1.1)
       hashie (>= 3.0)
     health_check (2.6.0)
@@ -624,7 +619,7 @@ GEM
       parser
       unparser
     procto (0.0.3)
-    prometheus-client-mmap (0.7.0.beta11)
+    prometheus-client-mmap (0.7.0.beta12)
       mmap2 (~> 2.2, >= 2.2.7)
     pry (0.10.4)
       coderay (~> 1.1.0)
@@ -727,7 +722,7 @@ GEM
     retriable (1.4.1)
     rinku (2.0.0)
     rotp (2.1.2)
-    rouge (2.1.0)
+    rouge (2.2.0)
     rqrcode (0.7.0)
       chunky_png
     rqrcode-rails3 (0.1.7)
@@ -963,7 +958,6 @@ DEPENDENCIES
   activerecord_sane_schema_dumper (= 0.2)
   acts-as-taggable-on (~> 4.0)
   addressable (~> 2.3.8)
-  after_commit_queue (~> 1.3.0)
   akismet (~> 2.0)
   allocations (~> 1.0)
   asana (~> 0.6.0)
@@ -986,7 +980,7 @@ DEPENDENCIES
   capybara (~> 2.6.2)
   capybara-screenshot (~> 1.0.0)
   carrierwave (~> 1.1)
-  charlock_holmes (~> 0.7.3)
+  charlock_holmes (~> 0.7.5)
   chronic (~> 0.10.2)
   chronic_duration (~> 0.10.6)
   concurrent-ruby (~> 1.0.5)
@@ -1025,7 +1019,7 @@ DEPENDENCIES
   gettext (~> 3.2.2)
   gettext_i18n_rails (~> 1.8.0)
   gettext_i18n_rails_js (~> 1.2.0)
-  gitaly (~> 0.27.0)
+  gitaly (~> 0.29.0)
   github-linguist (~> 4.7.0)
   gitlab-flowdock-git-hook (~> 1.0.1)
   gitlab-markup (~> 1.5.1)
@@ -1035,9 +1029,9 @@ DEPENDENCIES
   gon (~> 6.1.0)
   google-api-client (~> 0.8.6)
   gpgme
-  grape (~> 0.19.2)
+  grape (~> 1.0)
   grape-entity (~> 0.6.0)
-  grape-route-helpers (~> 2.0.0)
+  grape-route-helpers (~> 2.1.0)
   haml_lint (~> 0.26.0)
   hamlit (~> 2.6.1)
   hashie-forbidden_attributes
@@ -1100,7 +1094,7 @@ DEPENDENCIES
   pg (~> 0.18.2)
   poltergeist (~> 1.9.0)
   premailer-rails (~> 1.9.7)
-  prometheus-client-mmap (~> 0.7.0.beta11)
+  prometheus-client-mmap (~> 0.7.0.beta12)
   pry-byebug (~> 3.4.1)
   pry-rails (~> 0.3.4)
   rack-attack (~> 4.4.1)
diff --git a/PROCESS.md b/PROCESS.md
index e5b17784d20..538e4389e00 100644
--- a/PROCESS.md
+++ b/PROCESS.md
@@ -141,18 +141,22 @@ the stable branch are:
 * Fixes for security issues
 * New or updated translations (as long as they do not touch application code)
 
-Any merge requests cherry-picked into the stable branch for a previous release
-will also be picked into the latest stable branch. These fixes will be shipped
-in the next RC for that release if it is before the 22nd. If the fixes are are
-completed on or after the 22nd, they will be shipped in a patch for that
-release.
-
 During the feature freeze all merge requests that are meant to go into the upcoming
 release should have the correct milestone assigned _and_ have the label
 ~"Pick into Stable" set, so that release managers can find and pick them.
 Merge requests without a milestone and this label will
 not be merged into any stable branches.
 
+Fixes marked like this will be shipped in the next RC for that release. Once
+the final RC has been prepared ready for release on the 22nd, further fixes
+marked ~"Pick into Stable" will go into a patch for that release.
+
+If a merge request is to be picked into more than one release it will also need
+the ~"Pick into Backports" label set to remind the release manager to change
+the milestone after cherry-picking. As before, it should still have the
+~"Pick into Stable" label and the milestone of the highest release it will be
+picked into.
+
 ### Asking for an exception
 
 If you think a merge request should go into an RC or patch even though it does not meet these requirements,
diff --git a/app/assets/javascripts/boards/components/issue_card_inner.js b/app/assets/javascripts/boards/components/issue_card_inner.js
index d3de1830895..9a5d87ede7e 100644
--- a/app/assets/javascripts/boards/components/issue_card_inner.js
+++ b/app/assets/javascripts/boards/components/issue_card_inner.js
@@ -97,7 +97,7 @@ gl.issueBoards.IssueCardInner = Vue.extend({
       return `Avatar for ${assignee.name}`;
     },
     showLabel(label) {
-      if (!this.list || !label) return true;
+      if (!label.id) return false;
       return true;
     },
     filterByLabel(label, e) {
diff --git a/app/assets/javascripts/commits.js b/app/assets/javascripts/commits.js
index 2b0bf49cf92..047544b1762 100644
--- a/app/assets/javascripts/commits.js
+++ b/app/assets/javascripts/commits.js
@@ -17,7 +17,7 @@ window.CommitsList = (function() {
       }
     });
 
-    Pager.init(limit, false, false, this.processCommits);
+    Pager.init(parseInt(limit, 10), false, false, this.processCommits);
 
     this.content = $("#commits-list");
     this.searchField = $("#commits-search");
diff --git a/app/assets/javascripts/diff_notes/diff_notes_bundle.js b/app/assets/javascripts/diff_notes/diff_notes_bundle.js
index a2d33b0936e..5decfc1dc01 100644
--- a/app/assets/javascripts/diff_notes/diff_notes_bundle.js
+++ b/app/assets/javascripts/diff_notes/diff_notes_bundle.js
@@ -42,6 +42,10 @@ $(() => {
       $components.each(function () {
         const $this = $(this);
         const noteId = $this.attr(':note-id');
+        const discussionId = $this.attr(':discussion-id');
+
+        if ($this.is('comment-and-resolve-btn') && !discussionId) return;
+
         const tmp = Vue.extend({
           template: $this.get(0).outerHTML
         });
diff --git a/app/assets/javascripts/dispatcher.js b/app/assets/javascripts/dispatcher.js
index de47485c9f2..2bba7f55de1 100644
--- a/app/assets/javascripts/dispatcher.js
+++ b/app/assets/javascripts/dispatcher.js
@@ -414,7 +414,7 @@ import initChangesDropdown from './init_changes_dropdown';
         case 'projects:tree:show':
           shortcut_handler = new ShortcutsNavigation();
 
-          if (UserFeatureHelper.isNewRepo()) break;
+          if (UserFeatureHelper.isNewRepoEnabled()) break;
 
           new TreeView();
           new BlobViewer();
@@ -434,7 +434,7 @@ import initChangesDropdown from './init_changes_dropdown';
           shortcut_handler = true;
           break;
         case 'projects:blob:show':
-          if (UserFeatureHelper.isNewRepo()) break;
+          if (UserFeatureHelper.isNewRepoEnabled()) break;
           new BlobViewer();
           initBlob();
           break;
@@ -644,7 +644,7 @@ import initChangesDropdown from './init_changes_dropdown';
     return Dispatcher;
   })();
 
-  $(function() {
+  $(window).on('load', function() {
     new Dispatcher();
   });
 }).call(window);
diff --git a/app/assets/javascripts/fly_out_nav.js b/app/assets/javascripts/fly_out_nav.js
index cbc3ad23990..32cb42c8b10 100644
--- a/app/assets/javascripts/fly_out_nav.js
+++ b/app/assets/javascripts/fly_out_nav.js
@@ -15,6 +15,10 @@ export const setOpenMenu = (menu = null) => { currentOpenMenu = menu; };
 
 export const slope = (a, b) => (b.y - a.y) / (b.x - a.x);
 
+let headerHeight = 50;
+
+export const getHeaderHeight = () => headerHeight;
+
 export const canShowActiveSubItems = (el) => {
   const isHiddenByMedia = bp.getBreakpointSize() === 'sm' || bp.getBreakpointSize() === 'md';
 
@@ -74,7 +78,7 @@ export const moveSubItemsToPosition = (el, subItems) => {
   const isAbove = top < boundingRect.top;
 
   subItems.classList.add('fly-out-list');
-  subItems.style.transform = `translate3d(0, ${Math.floor(top)}px, 0)`; // eslint-disable-line no-param-reassign
+  subItems.style.transform = `translate3d(0, ${Math.floor(top) - headerHeight}px, 0)`; // eslint-disable-line no-param-reassign
 
   const subItemsRect = subItems.getBoundingClientRect();
 
@@ -153,6 +157,8 @@ export default () => {
     }, getHideSubItemsInterval());
   });
 
+  headerHeight = document.querySelector('.nav-sidebar').offsetTop;
+
   items.forEach((el) => {
     const subItems = el.querySelector('.sidebar-sub-level-items');
 
diff --git a/app/assets/javascripts/groups_select.js b/app/assets/javascripts/groups_select.js
index b5975295329..4d629bc6326 100644
--- a/app/assets/javascripts/groups_select.js
+++ b/app/assets/javascripts/groups_select.js
@@ -111,8 +111,7 @@ window.GroupsSelect = (function() {
   };
 
   GroupsSelect.prototype.forceOverflow = function (e) {
-    const itemHeight = this.dropdown.querySelector('.select2-result:first-child').clientHeight;
-    this.dropdown.style.height = `${Math.floor(this.dropdown.scrollHeight - (itemHeight * 0.9))}px`;
+    this.dropdown.style.height = `${Math.floor(this.dropdown.scrollHeight)}px`;
   };
 
   GroupsSelect.PER_PAGE = 20;
diff --git a/app/assets/javascripts/helpers/user_feature_helper.js b/app/assets/javascripts/helpers/user_feature_helper.js
index fcd8569819c..638118a5204 100644
--- a/app/assets/javascripts/helpers/user_feature_helper.js
+++ b/app/assets/javascripts/helpers/user_feature_helper.js
@@ -1,11 +1,7 @@
 import Cookies from 'js-cookie';
 
-function isNewRepo() {
-  return Cookies.get('new_repo') === 'true';
-}
-
-const UserFeatureHelper = {
-  isNewRepo,
+export default {
+  isNewRepoEnabled() {
+    return Cookies.get('new_repo') === 'true';
+  },
 };
-
-export default UserFeatureHelper;
diff --git a/app/assets/javascripts/lib/utils/common_utils.js b/app/assets/javascripts/lib/utils/common_utils.js
index e916724b666..b8f4f4eaba3 100644
--- a/app/assets/javascripts/lib/utils/common_utils.js
+++ b/app/assets/javascripts/lib/utils/common_utils.js
@@ -378,15 +378,15 @@
     w.gl.utils.backOff = (fn, timeout = 60000) => {
       const maxInterval = 32000;
       let nextInterval = 2000;
-
-      const startTime = Date.now();
+      let timeElapsed = 0;
 
       return new Promise((resolve, reject) => {
         const stop = arg => ((arg instanceof Error) ? reject(arg) : resolve(arg));
 
         const next = () => {
-          if (Date.now() - startTime < timeout) {
-            setTimeout(fn.bind(null, next, stop), nextInterval);
+          if (timeElapsed < timeout) {
+            setTimeout(() => fn(next, stop), nextInterval);
+            timeElapsed += nextInterval;
             nextInterval = Math.min(nextInterval + nextInterval, maxInterval);
           } else {
             reject(new Error('BACKOFF_TIMEOUT'));
diff --git a/app/assets/javascripts/lib/utils/sticky.js b/app/assets/javascripts/lib/utils/sticky.js
index 43a808b6ab3..ff2b66046b4 100644
--- a/app/assets/javascripts/lib/utils/sticky.js
+++ b/app/assets/javascripts/lib/utils/sticky.js
@@ -1,7 +1,7 @@
 export const isSticky = (el, scrollY, stickyTop) => {
   const top = el.offsetTop - scrollY;
 
-  if (top === stickyTop) {
+  if (top <= stickyTop) {
     el.classList.add('is-stuck');
   } else {
     el.classList.remove('is-stuck');
diff --git a/app/assets/javascripts/main.js b/app/assets/javascripts/main.js
index 37f531c78f4..6d7c7e3c930 100644
--- a/app/assets/javascripts/main.js
+++ b/app/assets/javascripts/main.js
@@ -132,8 +132,9 @@ import './project_select';
 import './project_show';
 import './project_variables';
 import './projects_list';
-import './render_gfm';
+import './syntax_highlight';
 import './render_math';
+import './render_gfm';
 import './right_sidebar';
 import './search';
 import './search_autocomplete';
@@ -141,7 +142,6 @@ import './smart_interval';
 import './star';
 import './subscription';
 import './subscription_select';
-import './syntax_highlight';
 
 import './dispatcher';
 
diff --git a/app/assets/javascripts/new_sidebar.js b/app/assets/javascripts/new_sidebar.js
index b10b074f5ac..2d1ed9e4076 100644
--- a/app/assets/javascripts/new_sidebar.js
+++ b/app/assets/javascripts/new_sidebar.js
@@ -43,10 +43,12 @@ export default class NewNavSidebar {
   }
 
   toggleCollapsedSidebar(collapsed) {
-    this.$sidebar.toggleClass('sidebar-icons-only', collapsed);
+    const breakpoint = bp.getBreakpointSize();
+
     if (this.$sidebar.length) {
+      this.$sidebar.toggleClass('sidebar-icons-only', collapsed);
       this.$page.toggleClass('page-with-new-sidebar', !collapsed);
-      this.$page.toggleClass('page-with-icon-sidebar', collapsed);
+      this.$page.toggleClass('page-with-icon-sidebar', breakpoint === 'sm' ? true : collapsed);
     }
     NewNavSidebar.setCollapsedCookie(collapsed);
   }
diff --git a/app/assets/javascripts/render_gfm.js b/app/assets/javascripts/render_gfm.js
index 2c3a9cacd38..bcdc0fd67b8 100644
--- a/app/assets/javascripts/render_gfm.js
+++ b/app/assets/javascripts/render_gfm.js
@@ -11,7 +11,5 @@
     return this;
   };
 
-  $(document).on('ready load', function() {
-    return $('body').renderGFM();
-  });
+  $(() => $('body').renderGFM());
 }).call(window);
diff --git a/app/assets/javascripts/repo/components/repo.vue b/app/assets/javascripts/repo/components/repo.vue
index 3d5e01c8ec0..d6c864cb976 100644
--- a/app/assets/javascripts/repo/components/repo.vue
+++ b/app/assets/javascripts/repo/components/repo.vue
@@ -43,15 +43,18 @@ export default {
 </script>
 
 <template>
-  <div class="repository-view tree-content-holder">
-    <repo-sidebar/><div v-if="isMini"
-    class="panel-right"
-    :class="{'edit-mode': editMode}">
-      <repo-tabs/>
-      <component
-        :is="currentBlobView"
-        class="blob-viewer-container"/>
-      <repo-file-buttons/>
+  <div class="repository-view">
+    <div class="tree-content-holder" :class="{'tree-content-holder-mini' : isMini}">
+      <repo-sidebar/>
+      <div v-if="isMini"
+      class="panel-right"
+      :class="{'edit-mode': editMode}">
+        <repo-tabs/>
+        <component
+          :is="currentBlobView"
+          class="blob-viewer-container"/>
+        <repo-file-buttons/>
+      </div>
     </div>
     <repo-commit-section/>
     <popup-dialog
diff --git a/app/assets/javascripts/repo/components/repo_sidebar.vue b/app/assets/javascripts/repo/components/repo_sidebar.vue
index 72b40288566..3414128526d 100644
--- a/app/assets/javascripts/repo/components/repo_sidebar.vue
+++ b/app/assets/javascripts/repo/components/repo_sidebar.vue
@@ -74,7 +74,8 @@ export default {
     <tbody>
       <repo-file-options
         :is-mini="isMini"
-        :project-name="projectName"/>
+        :project-name="projectName"
+      />
       <repo-previous-directory
         v-if="isRoot"
         :prev-url="prevURL"
@@ -84,7 +85,8 @@ export default {
         :key="n"
         :loading="loading"
         :has-files="!!files.length"
-        :is-mini="isMini"/>
+        :is-mini="isMini"
+      />
       <repo-file
         v-for="file in files"
         :key="file.id"
@@ -93,7 +95,8 @@ export default {
         @linkclicked="fileClicked(file)"
         :is-tree="isTree"
         :has-files="!!files.length"
-        :active-file="activeFile"/>
+        :active-file="activeFile"
+      />
     </tbody>
   </table>
 </div>
diff --git a/app/assets/javascripts/sidebar/components/confidential/confidential_issue_sidebar.vue b/app/assets/javascripts/sidebar/components/confidential/confidential_issue_sidebar.vue
index cfacba09fad..8e7abdbffef 100644
--- a/app/assets/javascripts/sidebar/components/confidential/confidential_issue_sidebar.vue
+++ b/app/assets/javascripts/sidebar/components/confidential/confidential_issue_sidebar.vue
@@ -71,7 +71,7 @@ export default {
       />
       <div v-if="!isConfidential" class="no-value confidential-value">
         <i class="fa fa-eye is-not-confidential"></i>
-        This issue is not confidential
+        Not confidential
       </div>
       <div v-else class="value confidential-value hide-collapsed">
         <i aria-hidden="true" data-hidden="true" class="fa fa-eye-slash is-confidential"></i>
diff --git a/app/assets/stylesheets/framework/dropdowns.scss b/app/assets/stylesheets/framework/dropdowns.scss
index 1bb04b59a2a..5e768df972f 100644
--- a/app/assets/stylesheets/framework/dropdowns.scss
+++ b/app/assets/stylesheets/framework/dropdowns.scss
@@ -728,26 +728,41 @@
 @mixin new-style-dropdown($selector: '') {
   #{$selector}.dropdown-menu,
   #{$selector}.dropdown-menu-nav {
-    .divider {
-      margin: 6px 0;
-    }
-
     li {
       padding: 0 1px;
 
+      &:hover {
+        background-color: transparent;
+      }
+
+      &.divider {
+        margin: 6px 0;
+
+        &:hover {
+          background-color: $dropdown-divider-color;
+        }
+      }
+
       &.dropdown-header {
         padding: 8px 16px;
       }
 
-      a {
+      a,
+      button {
         border-radius: 0;
         padding: 8px 16px;
 
+        // make sure the text color is not overriden
+        &.text-danger {
+          @extend .text-danger;
+        }
+
         &.is-focused,
         &:hover,
         &:active,
         &:focus {
           background-color: $gray-darker;
+          color: $gl-text-color;
         }
 
         &.is-active {
diff --git a/app/assets/stylesheets/framework/filters.scss b/app/assets/stylesheets/framework/filters.scss
index ec13a86ccf7..8dcaa879b3f 100644
--- a/app/assets/stylesheets/framework/filters.scss
+++ b/app/assets/stylesheets/framework/filters.scss
@@ -50,6 +50,8 @@
 }
 
 .filtered-search-wrapper {
+  @include new-style-dropdown;
+
   display: -webkit-flex;
   display: flex;
 
@@ -411,8 +413,6 @@
 }
 
 %filter-dropdown-item-btn-hover {
-  background-color: $dropdown-hover-color;
-  color: $white-light;
   text-decoration: none;
   outline: 0;
 
@@ -422,8 +422,6 @@
 }
 
 .droplab-dropdown .dropdown-menu .filter-dropdown-item {
-  padding: 0;
-
   .btn {
     border: none;
     width: 100%;
diff --git a/app/assets/stylesheets/framework/lists.scss b/app/assets/stylesheets/framework/lists.scss
index ab754f4a492..df2bf561194 100644
--- a/app/assets/stylesheets/framework/lists.scss
+++ b/app/assets/stylesheets/framework/lists.scss
@@ -132,6 +132,8 @@ ul.content-list {
     }
 
     .controls {
+      @include new-style-dropdown;
+
       float: right;
 
       > .control-text {
diff --git a/app/assets/stylesheets/framework/nav.scss b/app/assets/stylesheets/framework/nav.scss
index d386ac5ba9c..071f20fc457 100644
--- a/app/assets/stylesheets/framework/nav.scss
+++ b/app/assets/stylesheets/framework/nav.scss
@@ -161,6 +161,8 @@
   }
 
   .nav-controls {
+    @include new-style-dropdown;
+
     display: inline-block;
     float: right;
     text-align: right;
diff --git a/app/assets/stylesheets/framework/typography.scss b/app/assets/stylesheets/framework/typography.scss
index 96409b10b99..0bd84c9e08c 100644
--- a/app/assets/stylesheets/framework/typography.scss
+++ b/app/assets/stylesheets/framework/typography.scss
@@ -18,7 +18,8 @@
     background-color: $gray-lightest;
   }
 
-  img.js-lazy-loaded {
+  img.js-lazy-loaded,
+  img.emoji {
     min-width: inherit;
     min-height: inherit;
     background-color: inherit;
diff --git a/app/assets/stylesheets/new_sidebar.scss b/app/assets/stylesheets/new_sidebar.scss
index faedd207e01..cee5b22adb9 100644
--- a/app/assets/stylesheets/new_sidebar.scss
+++ b/app/assets/stylesheets/new_sidebar.scss
@@ -97,13 +97,16 @@ $new-sidebar-collapsed-width: 50px;
   top: $header-height;
   bottom: 0;
   left: 0;
-  overflow: auto;
   background-color: $gray-normal;
   box-shadow: inset -2px 0 0 $border-color;
+  transform: translate3d(0, 0, 0);
 
   &.sidebar-icons-only {
     width: $new-sidebar-collapsed-width;
-    overflow-x: hidden;
+
+    .nav-sidebar-inner-scroll {
+      overflow-x: hidden;
+    }
 
     .badge,
     .project-title {
@@ -111,7 +114,11 @@ $new-sidebar-collapsed-width: 50px;
     }
 
     .nav-item-name {
-      opacity: 0;
+      display: none;
+    }
+
+    .sidebar-top-level-items > li > a {
+      min-height: 44px;
     }
   }
 
@@ -176,6 +183,12 @@ $new-sidebar-collapsed-width: 50px;
   }
 }
 
+.nav-sidebar-inner-scroll {
+  height: 100%;
+  width: 100%;
+  overflow: auto;
+}
+
 .with-performance-bar .nav-sidebar {
   top: $header-height + $performance-bar-height;
 }
diff --git a/app/assets/stylesheets/pages/issuable.scss b/app/assets/stylesheets/pages/issuable.scss
index 87eaf27663f..49839a9b528 100644
--- a/app/assets/stylesheets/pages/issuable.scss
+++ b/app/assets/stylesheets/pages/issuable.scss
@@ -81,6 +81,7 @@
     border: 1px solid $white-normal;
     padding: 5px;
     max-height: calc(100vh - 100px);
+    max-width: 100%;
   }
 
   .emoji-block {
@@ -259,7 +260,7 @@
       padding-top: 10px;
     }
 
-    &:not(.issue-boards-sidebar):not([data-signed-in]) {
+    &:not(.issue-boards-sidebar):not([data-signed-in]):not([data-always-show-toggle]) {
       .issuable-sidebar-header {
         display: none;
       }
diff --git a/app/assets/stylesheets/pages/repo.scss b/app/assets/stylesheets/pages/repo.scss
index b3527fe8cd9..1f4d4698199 100644
--- a/app/assets/stylesheets/pages/repo.scss
+++ b/app/assets/stylesheets/pages/repo.scss
@@ -47,14 +47,26 @@
   margin: 20px;
 }
 
-.repository-view.tree-content-holder {
+.repository-view {
   border: 1px solid $border-color;
   border-radius: $border-radius-default;
   color: $almost-black;
 
+  .tree-content-holder {
+    display: flex;
+    max-height: 100vh;
+    min-height: 300px;
+  }
+
+  .tree-content-holder-mini {
+    height: 100vh;
+  }
+
   .panel-right {
-    display: inline-block;
+    display: flex;
+    flex-direction: column;
     width: 80%;
+    height: 100%;
 
     .monaco-editor.vs {
       .line-numbers {
@@ -85,16 +97,17 @@
     }
 
     .blob-viewer-container {
-      height: calc(100vh - 62px);
+      flex: 1;
       overflow: auto;
     }
 
     #tabs {
+      flex-shrink: 0;
+      display: flex;
+      width: 100%;
       padding-left: 0;
       margin-bottom: 0;
-      display: flex;
       white-space: nowrap;
-      width: 100%;
       overflow-y: hidden;
       overflow-x: auto;
 
@@ -222,14 +235,12 @@
   }
 
   #sidebar {
+    flex: 1;
+    height: 100%;
 
     &.sidebar-mini {
-      display: inline-block;
-      vertical-align: top;
       width: 20%;
       border-right: 1px solid $white-normal;
-      min-height: 475px;
-      height: calc(100vh + 20px);
       overflow: auto;
     }
 
diff --git a/app/controllers/concerns/issuable_actions.rb b/app/controllers/concerns/issuable_actions.rb
index 0c3b68a7ac3..4079072a930 100644
--- a/app/controllers/concerns/issuable_actions.rb
+++ b/app/controllers/concerns/issuable_actions.rb
@@ -10,7 +10,7 @@ module IssuableActions
   def destroy
     issuable.destroy
     destroy_method = "destroy_#{issuable.class.name.underscore}".to_sym
-    TodoService.new.public_send(destroy_method, issuable, current_user)
+    TodoService.new.public_send(destroy_method, issuable, current_user) # rubocop:disable GitlabSecurity/PublicSend
 
     name = issuable.human_class_name
     flash[:notice] = "The #{name} was successfully deleted."
diff --git a/app/controllers/groups/application_controller.rb b/app/controllers/groups/application_controller.rb
index c0ac47e363d..96ce686c989 100644
--- a/app/controllers/groups/application_controller.rb
+++ b/app/controllers/groups/application_controller.rb
@@ -34,7 +34,7 @@ class Groups::ApplicationController < ApplicationController
 
   def build_canonical_path(group)
     params[:group_id] = group.to_param
-    
+
     url_for(params)
   end
 end
diff --git a/app/controllers/import/github_controller.rb b/app/controllers/import/github_controller.rb
index baa6645e5ce..ab18d86dcae 100644
--- a/app/controllers/import/github_controller.rb
+++ b/app/controllers/import/github_controller.rb
@@ -64,7 +64,7 @@ class Import::GithubController < Import::BaseController
   end
 
   def import_enabled?
-    __send__("#{provider}_import_enabled?")
+    __send__("#{provider}_import_enabled?") # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def new_import_url
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index b4213574561..7444826a5d1 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -142,13 +142,13 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
   def oauth
     @oauth ||= request.env['omniauth.auth']
   end
-  
+
   def fail_login
     error_message = @user.errors.full_messages.to_sentence
 
     return redirect_to omniauth_error_path(oauth['provider'], error: error_message)
   end
-  
+
   def fail_ldap_login
     flash[:alert] = 'Access denied for your LDAP account.'
 
diff --git a/app/controllers/projects/cycle_analytics/events_controller.rb b/app/controllers/projects/cycle_analytics/events_controller.rb
index b69d46f2c41..26f3c114108 100644
--- a/app/controllers/projects/cycle_analytics/events_controller.rb
+++ b/app/controllers/projects/cycle_analytics/events_controller.rb
@@ -2,7 +2,7 @@ module Projects
   module CycleAnalytics
     class EventsController < Projects::ApplicationController
       include CycleAnalyticsParams
-    
+
       before_action :authorize_read_cycle_analytics!
       before_action :authorize_read_build!, only: [:test, :staging]
       before_action :authorize_read_issue!, only: [:issue, :production]
@@ -11,33 +11,33 @@ module Projects
       def issue
         render_events(cycle_analytics[:issue].events)
       end
-    
+
       def plan
         render_events(cycle_analytics[:plan].events)
       end
-    
+
       def code
         render_events(cycle_analytics[:code].events)
       end
-    
+
       def test
         options(events_params)[:branch] = events_params[:branch_name]
-    
+
         render_events(cycle_analytics[:test].events)
       end
-    
+
       def review
         render_events(cycle_analytics[:review].events)
       end
-    
+
       def staging
         render_events(cycle_analytics[:staging].events)
       end
-    
+
       def production
         render_events(cycle_analytics[:production].events)
       end
-    
+
       private
 
       def render_events(events)
@@ -46,14 +46,14 @@ module Projects
           format.json { render json: { events: events } }
         end
       end
-    
+
       def cycle_analytics
         @cycle_analytics ||= ::CycleAnalytics.new(project, options(events_params))
       end
-    
+
       def events_params
         return {} unless params[:events].present?
-    
+
         params[:events].permit(:start_date, :branch_name)
       end
     end
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index 4de814d0ca8..2a3b73577a5 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -218,8 +218,8 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
             if can?(current_user, :read_environment, environment) && environment.has_metrics?
               metrics_project_environment_deployment_path(environment.project, environment, deployment)
             end
-          
-          metrics_monitoring_url = 
+
+          metrics_monitoring_url =
             if can?(current_user, :read_environment, environment)
               environment_metrics_path(environment)
             end
diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb
index dc882b17143..16a74f82d3f 100644
--- a/app/controllers/uploads_controller.rb
+++ b/app/controllers/uploads_controller.rb
@@ -89,7 +89,7 @@ class UploadsController < ApplicationController
 
       @uploader.retrieve_from_store!(params[:filename])
     else
-      @uploader = @model.send(upload_mount)
+      @uploader = @model.public_send(upload_mount) # rubocop:disable GitlabSecurity/PublicSend
 
       redirect_to @uploader.url unless @uploader.file_storage?
     end
diff --git a/app/helpers/commits_helper.rb b/app/helpers/commits_helper.rb
index 69220a1c0f6..72e26b64e60 100644
--- a/app/helpers/commits_helper.rb
+++ b/app/helpers/commits_helper.rb
@@ -128,10 +128,10 @@ module CommitsHelper
   #  avatar: true will prepend the avatar image
   #  size:   size of the avatar image in px
   def commit_person_link(commit, options = {})
-    user = commit.send(options[:source])
+    user = commit.public_send(options[:source]) # rubocop:disable GitlabSecurity/PublicSend
 
-    source_name = clean(commit.send "#{options[:source]}_name".to_sym)
-    source_email = clean(commit.send "#{options[:source]}_email".to_sym)
+    source_name  = clean(commit.public_send(:"#{options[:source]}_name"))  # rubocop:disable GitlabSecurity/PublicSend
+    source_email = clean(commit.public_send(:"#{options[:source]}_email")) # rubocop:disable GitlabSecurity/PublicSend
 
     person_name = user.try(:name) || source_name
 
diff --git a/app/helpers/events_helper.rb b/app/helpers/events_helper.rb
index 48c87dca217..c6f98e7e782 100644
--- a/app/helpers/events_helper.rb
+++ b/app/helpers/events_helper.rb
@@ -35,18 +35,18 @@ module EventsHelper
     [event.action_name, target].join(" ")
   end
 
-  def event_filter_link(key, tooltip)
+  def event_filter_link(key, text, tooltip)
     key = key.to_s
     active = 'active' if @event_filter.active?(key)
     link_opts = {
-      class: "event-filter-link",
+      class: "event-filter-link has-tooltip",
       id:    "#{key}_event_filter",
-      title: "Filter by #{tooltip.downcase}"
+      title: tooltip
     }
 
     content_tag :li, class: active do
       link_to request.path, link_opts do
-        content_tag(:span, ' ' + tooltip)
+        content_tag(:span, ' ' + text)
       end
     end
   end
@@ -176,7 +176,7 @@ module EventsHelper
     sanitize(
       text,
       tags: %w(a img gl-emoji b pre code p span),
-      attributes: Rails::Html::WhiteListSanitizer.allowed_attributes + ['style', 'data-name', 'data-unicode-version']
+      attributes: Rails::Html::WhiteListSanitizer.allowed_attributes + ['style', 'data-src', 'data-name', 'data-unicode-version']
     )
   end
 
diff --git a/app/helpers/import_helper.rb b/app/helpers/import_helper.rb
index a57b5a8fea5..a18ebfb6030 100644
--- a/app/helpers/import_helper.rb
+++ b/app/helpers/import_helper.rb
@@ -5,7 +5,7 @@ module ImportHelper
   end
 
   def provider_project_link(provider, path_with_namespace)
-    url = __send__("#{provider}_project_url", path_with_namespace)
+    url = __send__("#{provider}_project_url", path_with_namespace) # rubocop:disable GitlabSecurity/PublicSend
 
     link_to path_with_namespace, url, target: '_blank', rel: 'noopener noreferrer'
   end
diff --git a/app/helpers/issuables_helper.rb b/app/helpers/issuables_helper.rb
index 70ea35fab1e..197c90c4081 100644
--- a/app/helpers/issuables_helper.rb
+++ b/app/helpers/issuables_helper.rb
@@ -174,7 +174,14 @@ module IssuablesHelper
   end
 
   def assigned_issuables_count(issuable_type)
-    current_user.public_send("assigned_open_#{issuable_type}_count")
+    case issuable_type
+    when :issues
+      current_user.assigned_open_issues_count
+    when :merge_requests
+      current_user.assigned_open_merge_requests_count
+    else
+      raise ArgumentError, "invalid issuable `#{issuable_type}`"
+    end
   end
 
   def issuable_filter_params
@@ -298,10 +305,6 @@ module IssuablesHelper
     cookies[:collapsed_gutter] == 'true'
   end
 
-  def base_issuable_scope(issuable)
-    issuable.project.send(issuable.class.table_name).send(issuable_state_scope(issuable))
-  end
-
   def issuable_state_scope(issuable)
     if issuable.respond_to?(:merged?) && issuable.merged?
       :merged
diff --git a/app/helpers/milestones_helper.rb b/app/helpers/milestones_helper.rb
index f8860bfee99..86666022a2a 100644
--- a/app/helpers/milestones_helper.rb
+++ b/app/helpers/milestones_helper.rb
@@ -32,7 +32,18 @@ module MilestonesHelper
   end
 
   def milestone_issues_by_label_count(milestone, label, state:)
-    milestone.issues.with_label(label.title).send(state).size
+    issues = milestone.issues.with_label(label.title)
+    issues =
+      case state
+      when :opened
+        issues.opened
+      when :closed
+        issues.closed
+      else
+        raise ArgumentError, "invalid milestone state `#{state}`"
+      end
+
+    issues.size
   end
 
   # Returns count of milestones for different states
diff --git a/app/helpers/pipeline_schedules_helper.rb b/app/helpers/pipeline_schedules_helper.rb
index fee1edc2a1b..6edaf78de1b 100644
--- a/app/helpers/pipeline_schedules_helper.rb
+++ b/app/helpers/pipeline_schedules_helper.rb
@@ -1,10 +1,10 @@
 module PipelineSchedulesHelper
   def timezone_data
-    ActiveSupport::TimeZone.all.map do |timezone| 
-      { 
-        name: timezone.name, 
-        offset: timezone.utc_offset, 
-        identifier: timezone.tzinfo.identifier 
+    ActiveSupport::TimeZone.all.map do |timezone|
+      {
+        name: timezone.name,
+        offset: timezone.utc_offset,
+        identifier: timezone.tzinfo.identifier
       }
     end
   end
diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb
index 278d394bc03..bee4950e414 100644
--- a/app/helpers/projects_helper.rb
+++ b/app/helpers/projects_helper.rb
@@ -149,15 +149,16 @@ module ProjectsHelper
     # Don't show option "everyone with access" if project is private
     options = project_feature_options
 
+    level = @project.project_feature.public_send(field) # rubocop:disable GitlabSecurity/PublicSend
+
     if @project.private?
-      level = @project.project_feature.send(field)
       disabled_option = ProjectFeature::ENABLED
       highest_available_option = ProjectFeature::PRIVATE if level == disabled_option
     end
 
     options = options_for_select(
       options.invert,
-      selected: highest_available_option || @project.project_feature.public_send(field),
+      selected: highest_available_option || level,
       disabled: disabled_option
     )
 
@@ -488,7 +489,7 @@ module ProjectsHelper
   end
 
   def filename_path(project, filename)
-    if project && blob = project.repository.send(filename)
+    if project && blob = project.repository.public_send(filename) # rubocop:disable GitlabSecurity/PublicSend
       project_blob_path(
         project,
         tree_join(project.default_branch, blob.name)
diff --git a/app/helpers/version_check_helper.rb b/app/helpers/version_check_helper.rb
index 3b175251446..456598b4c28 100644
--- a/app/helpers/version_check_helper.rb
+++ b/app/helpers/version_check_helper.rb
@@ -2,7 +2,7 @@ module VersionCheckHelper
   def version_status_badge
     if Rails.env.production? && current_application_settings.version_check_enabled
       image_url = VersionCheck.new.url
-      image_tag image_url, class: 'js-version-status-badge', lazy: false
+      image_tag image_url, class: 'js-version-status-badge'
     end
   end
 end
diff --git a/app/models/blob_viewer/composer_json.rb b/app/models/blob_viewer/composer_json.rb
index ef8b4aef8e8..def4879fbb5 100644
--- a/app/models/blob_viewer/composer_json.rb
+++ b/app/models/blob_viewer/composer_json.rb
@@ -9,7 +9,7 @@ module BlobViewer
     end
 
     def manager_url
-      'https://getcomposer.com/'
+      'https://getcomposer.org/'
     end
 
     def package_name
diff --git a/app/models/blob_viewer/notebook.rb b/app/models/blob_viewer/notebook.rb
index 8632b8a9885..e00b47e6c17 100644
--- a/app/models/blob_viewer/notebook.rb
+++ b/app/models/blob_viewer/notebook.rb
@@ -2,7 +2,7 @@ module BlobViewer
   class Notebook < Base
     include Rich
     include ClientSide
-    
+
     self.partial_name = 'notebook'
     self.extensions = %w(ipynb)
     self.binary = false
diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb
index 8be2dee6479..4692fb5644a 100644
--- a/app/models/ci/build.rb
+++ b/app/models/ci/build.rb
@@ -194,10 +194,7 @@ module Ci
     #   * Maximum length is 63 bytes
     #   * First/Last Character is not a hyphen
     def ref_slug
-      ref.to_s
-          .downcase
-          .gsub(/[^a-z0-9]/, '-')[0..62]
-          .gsub(/(\A-+|-+\z)/, '')
+      Gitlab::Utils.slugify(ref.to_s)
     end
 
     # Variables whose value does not depend on environment
diff --git a/app/models/ci/pipeline_schedule.rb b/app/models/ci/pipeline_schedule.rb
index 085eeeae157..e7e02587759 100644
--- a/app/models/ci/pipeline_schedule.rb
+++ b/app/models/ci/pipeline_schedule.rb
@@ -9,7 +9,7 @@ module Ci
     belongs_to :owner, class_name: 'User'
     has_one :last_pipeline, -> { order(id: :desc) }, class_name: 'Ci::Pipeline'
     has_many :pipelines
-    has_many :variables, class_name: 'Ci::PipelineScheduleVariable'
+    has_many :variables, class_name: 'Ci::PipelineScheduleVariable', validate: false
 
     validates :cron, unless: :importing?, cron: true, presence: { unless: :importing? }
     validates :cron_timezone, cron_timezone: true, presence: { unless: :importing? }
diff --git a/app/models/ci/pipeline_schedule_variable.rb b/app/models/ci/pipeline_schedule_variable.rb
index 1ff177616e8..ee5b8733fac 100644
--- a/app/models/ci/pipeline_schedule_variable.rb
+++ b/app/models/ci/pipeline_schedule_variable.rb
@@ -4,5 +4,7 @@ module Ci
     include HasVariable
 
     belongs_to :pipeline_schedule
+
+    validates :key, uniqueness: { scope: :pipeline_schedule_id }
   end
 end
diff --git a/app/models/commit.rb b/app/models/commit.rb
index 638fddc5d3d..d41c88b4e30 100644
--- a/app/models/commit.rb
+++ b/app/models/commit.rb
@@ -200,7 +200,7 @@ class Commit
   end
 
   def method_missing(m, *args, &block)
-    @raw.send(m, *args, &block)
+    @raw.__send__(m, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def respond_to_missing?(method, include_private = false)
@@ -383,6 +383,6 @@ class Commit
   end
 
   def gpg_commit
-    @gpg_commit ||= Gitlab::Gpg::Commit.new(self)
+    @gpg_commit ||= Gitlab::Gpg::Commit.for_commit(self)
   end
 end
diff --git a/app/models/concerns/cache_markdown_field.rb b/app/models/concerns/cache_markdown_field.rb
index 48547a938fc..193e459977a 100644
--- a/app/models/concerns/cache_markdown_field.rb
+++ b/app/models/concerns/cache_markdown_field.rb
@@ -78,7 +78,7 @@ module CacheMarkdownField
   def cached_html_up_to_date?(markdown_field)
     html_field = cached_markdown_fields.html_field(markdown_field)
 
-    cached = cached_html_for(markdown_field).present? && __send__(markdown_field).present?
+    cached = cached_html_for(markdown_field).present? && __send__(markdown_field).present? # rubocop:disable GitlabSecurity/PublicSend
     return false unless cached
 
     markdown_changed = attribute_changed?(markdown_field) || false
@@ -93,14 +93,14 @@ module CacheMarkdownField
   end
 
   def attribute_invalidated?(attr)
-    __send__("#{attr}_invalidated?")
+    __send__("#{attr}_invalidated?") # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def cached_html_for(markdown_field)
     raise ArgumentError.new("Unknown field: #{field}") unless
       cached_markdown_fields.markdown_fields.include?(markdown_field)
 
-    __send__(cached_markdown_fields.html_field(markdown_field))
+    __send__(cached_markdown_fields.html_field(markdown_field)) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   included do
diff --git a/app/models/concerns/internal_id.rb b/app/models/concerns/internal_id.rb
index 67a0adfcd56..a3d0ac8d862 100644
--- a/app/models/concerns/internal_id.rb
+++ b/app/models/concerns/internal_id.rb
@@ -9,7 +9,7 @@ module InternalId
   def set_iid
     if iid.blank?
       parent = project || group
-      records = parent.send(self.class.name.tableize)
+      records = parent.public_send(self.class.name.tableize) # rubocop:disable GitlabSecurity/PublicSend
       records = records.with_deleted if self.paranoid?
       max_iid = records.maximum(:iid)
 
diff --git a/app/models/concerns/mentionable.rb b/app/models/concerns/mentionable.rb
index c034bf9cbc0..1db6b2d2fa2 100644
--- a/app/models/concerns/mentionable.rb
+++ b/app/models/concerns/mentionable.rb
@@ -56,7 +56,7 @@ module Mentionable
     end
 
     self.class.mentionable_attrs.each do |attr, options|
-      text    = __send__(attr)
+      text    = __send__(attr) # rubocop:disable GitlabSecurity/PublicSend
       options = options.merge(
         cache_key: [self, attr],
         author: author,
@@ -100,7 +100,7 @@ module Mentionable
                         end
 
     self.class.mentionable_attrs.any? do |attr, _|
-      __send__(attr) =~ reference_pattern
+      __send__(attr) =~ reference_pattern # rubocop:disable GitlabSecurity/PublicSend
     end
   end
 
diff --git a/app/models/concerns/participable.rb b/app/models/concerns/participable.rb
index 4865c0a14b1..ce69fd34ac5 100644
--- a/app/models/concerns/participable.rb
+++ b/app/models/concerns/participable.rb
@@ -82,7 +82,7 @@ module Participable
           if attr.respond_to?(:call)
             source.instance_exec(current_user, ext, &attr)
           else
-            process << source.__send__(attr)
+            process << source.__send__(attr) # rubocop:disable GitlabSecurity/PublicSend
           end
         end
       when Enumerable, ActiveRecord::Relation
diff --git a/app/models/concerns/project_features_compatibility.rb b/app/models/concerns/project_features_compatibility.rb
index 60734bc6660..cb59b4da3d7 100644
--- a/app/models/concerns/project_features_compatibility.rb
+++ b/app/models/concerns/project_features_compatibility.rb
@@ -32,6 +32,6 @@ module ProjectFeaturesCompatibility
     build_project_feature unless project_feature
 
     access_level = Gitlab::Utils.to_boolean(value) ? ProjectFeature::ENABLED : ProjectFeature::DISABLED
-    project_feature.send(:write_attribute, field, access_level)
+    project_feature.__send__(:write_attribute, field, access_level) # rubocop:disable GitlabSecurity/PublicSend
   end
 end
diff --git a/app/models/concerns/referable.rb b/app/models/concerns/referable.rb
index 10f4be72016..78ac4f324e7 100644
--- a/app/models/concerns/referable.rb
+++ b/app/models/concerns/referable.rb
@@ -25,6 +25,11 @@ module Referable
     to_reference(from_project)
   end
 
+  included do
+    alias_method :non_referable_inspect, :inspect
+    alias_method :inspect, :referable_inspect
+  end
+
   def referable_inspect
     if respond_to?(:id)
       "#<#{self.class.name} id:#{id} #{to_reference(full: true)}>"
@@ -33,10 +38,6 @@ module Referable
     end
   end
 
-  def inspect
-    referable_inspect
-  end
-
   module ClassMethods
     # The character that prefixes the actual reference identifier
     #
diff --git a/app/models/deploy_keys_project.rb b/app/models/deploy_keys_project.rb
index ae8486bd9ac..b37b9bfbdac 100644
--- a/app/models/deploy_keys_project.rb
+++ b/app/models/deploy_keys_project.rb
@@ -12,7 +12,7 @@ class DeployKeysProject < ActiveRecord::Base
 
   def destroy_orphaned_deploy_key
     return unless self.deploy_key.destroyed_when_orphaned? && self.deploy_key.orphaned?
-    
+
     self.deploy_key.destroy
   end
 end
diff --git a/app/models/gpg_signature.rb b/app/models/gpg_signature.rb
index 1ac0e123ff1..50fb35c77ec 100644
--- a/app/models/gpg_signature.rb
+++ b/app/models/gpg_signature.rb
@@ -18,4 +18,8 @@ class GpgSignature < ActiveRecord::Base
   def commit
     project.commit(commit_sha)
   end
+
+  def gpg_commit
+    Gitlab::Gpg::Commit.new(project, commit_sha)
+  end
 end
diff --git a/app/models/issue.rb b/app/models/issue.rb
index 1c948c8957e..043da9967a1 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -9,11 +9,8 @@ class Issue < ActiveRecord::Base
   include Spammable
   include FasterCacheKeys
   include RelativePositioning
-  include IgnorableColumn
   include CreatedAtFilterable
 
-  ignore_column :position
-
   DueDateStruct = Struct.new(:title, :name).freeze
   NoDueDate     = DueDateStruct.new('No Due Date', '0').freeze
   AnyDueDate    = DueDateStruct.new('Any Due Date', '').freeze
diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb
index ac08dc0ee1f..f028d2395c1 100644
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -7,7 +7,6 @@ class MergeRequest < ActiveRecord::Base
   include IgnorableColumn
   include CreatedAtFilterable
 
-  ignore_column :position
   ignore_column :locked_at
 
   belongs_to :target_project, class_name: "Project"
diff --git a/app/models/network/commit.rb b/app/models/network/commit.rb
index 8417f200e36..9357e55b419 100644
--- a/app/models/network/commit.rb
+++ b/app/models/network/commit.rb
@@ -12,7 +12,7 @@ module Network
     end
 
     def method_missing(m, *args, &block)
-      @commit.send(m, *args, &block)
+      @commit.__send__(m, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
     end
 
     def space
diff --git a/app/models/project.rb b/app/models/project.rb
index 0de7da0ddaa..be248bc99e1 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -60,7 +60,7 @@ class Project < ActiveRecord::Base
   end
 
   before_destroy :remove_private_deploy_keys
-  after_destroy :remove_pages
+  after_destroy -> { run_after_commit { remove_pages } }
 
   # update visibility_level of forks
   after_update :update_forks_visibility_level
@@ -369,7 +369,10 @@ class Project < ActiveRecord::Base
     state :failed
 
     after_transition [:none, :finished, :failed] => :scheduled do |project, _|
-      project.run_after_commit { add_import_job }
+      project.run_after_commit do
+        job_id = add_import_job
+        update(import_jid: job_id) if job_id
+      end
     end
 
     after_transition started: :finished do |project, _|
@@ -524,17 +527,26 @@ class Project < ActiveRecord::Base
   def add_import_job
     job_id =
       if forked?
-        RepositoryForkWorker.perform_async(id, forked_from_project.repository_storage_path,
-          forked_from_project.full_path,
-          self.namespace.full_path)
+        RepositoryForkWorker.perform_async(id,
+                                           forked_from_project.repository_storage_path,
+                                           forked_from_project.full_path,
+                                           self.namespace.full_path)
       else
         RepositoryImportWorker.perform_async(self.id)
       end
 
+    log_import_activity(job_id)
+
+    job_id
+  end
+
+  def log_import_activity(job_id, type: :import)
+    job_type = type.to_s.capitalize
+
     if job_id
-      Rails.logger.info "Import job started for #{full_path} with job ID #{job_id}"
+      Rails.logger.info("#{job_type} job scheduled for #{full_path} with job ID #{job_id}.")
     else
-      Rails.logger.error "Import job failed to start for #{full_path}"
+      Rails.logger.error("#{job_type} job failed to create for #{full_path}.")
     end
   end
 
@@ -543,6 +555,7 @@ class Project < ActiveRecord::Base
       ProjectCacheWorker.perform_async(self.id)
     end
 
+    update(import_error: nil)
     remove_import_data
   end
 
@@ -920,14 +933,14 @@ class Project < ActiveRecord::Base
   end
 
   def execute_hooks(data, hooks_scope = :push_hooks)
-    hooks.send(hooks_scope).each do |hook|
+    hooks.public_send(hooks_scope).each do |hook| # rubocop:disable GitlabSecurity/PublicSend
       hook.async_execute(data, hooks_scope.to_s)
     end
   end
 
   def execute_services(data, hooks_scope = :push_hooks)
     # Call only service hooks that are active for this scope
-    services.send(hooks_scope).each do |service|
+    services.public_send(hooks_scope).each do |service| # rubocop:disable GitlabSecurity/PublicSend
       service.async_execute(data)
     end
   end
@@ -1224,6 +1237,9 @@ class Project < ActiveRecord::Base
 
   # TODO: what to do here when not using Legacy Storage? Do we still need to rename and delay removal?
   def remove_pages
+    # Projects with a missing namespace cannot have their pages removed
+    return unless namespace
+
     ::Projects::UpdatePagesConfigurationService.new(self).execute
 
     # 1. We rename pages to temporary directory
@@ -1282,12 +1298,16 @@ class Project < ActiveRecord::Base
     status.zero?
   end
 
+  def full_path_slug
+    Gitlab::Utils.slugify(full_path.to_s)
+  end
+
   def predefined_variables
     [
       { key: 'CI_PROJECT_ID', value: id.to_s, public: true },
       { key: 'CI_PROJECT_NAME', value: path, public: true },
       { key: 'CI_PROJECT_PATH', value: full_path, public: true },
-      { key: 'CI_PROJECT_PATH_SLUG', value: full_path.parameterize, public: true },
+      { key: 'CI_PROJECT_PATH_SLUG', value: full_path_slug, public: true },
       { key: 'CI_PROJECT_NAMESPACE', value: namespace.full_path, public: true },
       { key: 'CI_PROJECT_URL', value: web_url, public: true }
     ]
diff --git a/app/models/project_services/chat_notification_service.rb b/app/models/project_services/chat_notification_service.rb
index 6d1a321f651..7b15a5dd04d 100644
--- a/app/models/project_services/chat_notification_service.rb
+++ b/app/models/project_services/chat_notification_service.rb
@@ -115,7 +115,7 @@ class ChatNotificationService < Service
 
   def get_channel_field(event)
     field_name = event_channel_name(event)
-    self.public_send(field_name)
+    self.public_send(field_name) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def build_event_channels
diff --git a/app/models/project_services/hipchat_service.rb b/app/models/project_services/hipchat_service.rb
index e3906943ecd..f422e0ea036 100644
--- a/app/models/project_services/hipchat_service.rb
+++ b/app/models/project_services/hipchat_service.rb
@@ -53,7 +53,7 @@ class HipchatService < Service
     return unless supported_events.include?(data[:object_kind])
     message = create_message(data)
     return unless message.present?
-    gate[room].send('GitLab', message, message_options(data))
+    gate[room].send('GitLab', message, message_options(data)) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def test(data)
diff --git a/app/models/protectable_dropdown.rb b/app/models/protectable_dropdown.rb
index 122fbce257d..c96edc5a259 100644
--- a/app/models/protectable_dropdown.rb
+++ b/app/models/protectable_dropdown.rb
@@ -1,5 +1,9 @@
 class ProtectableDropdown
+  REF_TYPES = %i[branches tags].freeze
+
   def initialize(project, ref_type)
+    raise ArgumentError, "invalid ref type `#{ref_type}`" unless ref_type.in?(REF_TYPES)
+
     @project = project
     @ref_type = ref_type
   end
@@ -16,7 +20,7 @@ class ProtectableDropdown
   private
 
   def refs
-    @project.repository.public_send(@ref_type)
+    @project.repository.public_send(@ref_type) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def ref_names
@@ -24,7 +28,7 @@ class ProtectableDropdown
   end
 
   def protections
-    @project.public_send("protected_#{@ref_type}")
+    @project.public_send("protected_#{@ref_type}") # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def non_wildcard_protected_ref_names
diff --git a/app/models/redirect_route.rb b/app/models/redirect_route.rb
index 090fbd61e6f..31de204d824 100644
--- a/app/models/redirect_route.rb
+++ b/app/models/redirect_route.rb
@@ -14,7 +14,7 @@ class RedirectRoute < ActiveRecord::Base
              else
                'redirect_routes.path = ? OR redirect_routes.path LIKE ?'
              end
-             
+
     where(wheres, path, "#{sanitize_sql_like(path)}/%")
   end
 end
diff --git a/app/models/repository.rb b/app/models/repository.rb
index a761302b06b..c1e4fcf94a4 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -48,7 +48,9 @@ class Repository
     alias_method(original, name)
 
     define_method(name) do
-      cache_method_output(name, fallback: fallback, memoize_only: memoize_only) { __send__(original) }
+      cache_method_output(name, fallback: fallback, memoize_only: memoize_only) do
+        __send__(original) # rubocop:disable GitlabSecurity/PublicSend
+      end
     end
   end
 
@@ -443,9 +445,9 @@ class Repository
   def method_missing(m, *args, &block)
     if m == :lookup && !block_given?
       lookup_cache[m] ||= {}
-      lookup_cache[m][args.join(":")] ||= raw_repository.send(m, *args, &block)
+      lookup_cache[m][args.join(":")] ||= raw_repository.__send__(m, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
     else
-      raw_repository.send(m, *args, &block)
+      raw_repository.__send__(m, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
     end
   end
 
@@ -776,7 +778,7 @@ class Repository
       end
 
       actions.each do |options|
-        index.public_send(options.delete(:action), options)
+        index.public_send(options.delete(:action), options) # rubocop:disable GitlabSecurity/PublicSend
       end
 
       options = {
diff --git a/app/models/user.rb b/app/models/user.rb
index 2b25736bb26..fbd08bc4d0a 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -47,11 +47,6 @@ class User < ActiveRecord::Base
   devise :lockable, :recoverable, :rememberable, :trackable,
     :validatable, :omniauthable, :confirmable, :registerable
 
-  # devise overrides #inspect, so we manually use the Referable one
-  def inspect
-    referable_inspect
-  end
-
   # Override Devise::Models::Trackable#update_tracked_fields!
   # to limit database writes to at most once every hour
   def update_tracked_fields!(request)
@@ -842,7 +837,12 @@ class User < ActiveRecord::Base
     create_namespace!(path: username, name: username) unless namespace
 
     if username_changed?
-      namespace.update_attributes(path: username, name: username)
+      unless namespace.update_attributes(path: username, name: username)
+        namespace.errors.each do |attribute, message|
+          self.errors.add(:"namespace_#{attribute}", message)
+        end
+        raise ActiveRecord::RecordInvalid.new(namespace)
+      end
     end
   end
 
@@ -1070,7 +1070,7 @@ class User < ActiveRecord::Base
   # Added according to https://github.com/plataformatec/devise/blob/7df57d5081f9884849ca15e4fde179ef164a575f/README.md#activejob-integration
   def send_devise_notification(notification, *args)
     return true unless can?(:receive_notifications)
-    devise_mailer.send(notification, self, *args).deliver_later
+    devise_mailer.__send__(notification, self, *args).deliver_later # rubocop:disable GitlabSecurity/PublicSend
   end
 
   # This works around a bug in Devise 4.2.0 that erroneously causes a user to
diff --git a/app/serializers/project_entity.rb b/app/serializers/project_entity.rb
index dc283ba3e7a..b3e5fd21e97 100644
--- a/app/serializers/project_entity.rb
+++ b/app/serializers/project_entity.rb
@@ -1,6 +1,6 @@
 class ProjectEntity < Grape::Entity
   include RequestAwareEntity
-  
+
   expose :id
   expose :name
 
diff --git a/app/services/akismet_service.rb b/app/services/akismet_service.rb
index 8e11a2a36a7..59153cbbc0a 100644
--- a/app/services/akismet_service.rb
+++ b/app/services/akismet_service.rb
@@ -58,7 +58,7 @@ class AkismetService
     }
 
     begin
-      akismet_client.public_send(type, options[:ip_address], options[:user_agent], params)
+      akismet_client.public_send(type, options[:ip_address], options[:user_agent], params) # rubocop:disable GitlabSecurity/PublicSend
       true
     rescue => e
       Rails.logger.error("Unable to connect to Akismet: #{e}, skipping!")
diff --git a/app/services/ci/retry_build_service.rb b/app/services/ci/retry_build_service.rb
index 6372e5755db..ea3b8d66ed9 100644
--- a/app/services/ci/retry_build_service.rb
+++ b/app/services/ci/retry_build_service.rb
@@ -23,7 +23,7 @@ module Ci
       end
 
       attributes = CLONE_ACCESSORS.map do |attribute|
-        [attribute, build.send(attribute)]
+        [attribute, build.public_send(attribute)] # rubocop:disable GitlabSecurity/PublicSend
       end
 
       attributes.push([:user, current_user])
diff --git a/app/services/commits/change_service.rb b/app/services/commits/change_service.rb
index a48d6a976f0..85c2fcf9ea6 100644
--- a/app/services/commits/change_service.rb
+++ b/app/services/commits/change_service.rb
@@ -11,6 +11,7 @@ module Commits
     def commit_change(action)
       raise NotImplementedError unless repository.respond_to?(action)
 
+      # rubocop:disable GitlabSecurity/PublicSend
       repository.public_send(
         action,
         current_user,
diff --git a/app/services/git_push_service.rb b/app/services/git_push_service.rb
index ada2b64a3a6..e81a56672e2 100644
--- a/app/services/git_push_service.rb
+++ b/app/services/git_push_service.rb
@@ -90,8 +90,19 @@ class GitPushService < BaseService
   end
 
   def update_signatures
-    @push_commits.each do |commit|
-      CreateGpgSignatureWorker.perform_async(commit.sha, @project.id)
+    commit_shas = @push_commits.last(PROCESS_COMMIT_LIMIT).map(&:sha)
+
+    return if commit_shas.empty?
+
+    shas_with_cached_signatures = GpgSignature.where(commit_sha: commit_shas).pluck(:commit_sha)
+    commit_shas -= shas_with_cached_signatures
+
+    return if commit_shas.empty?
+
+    commit_shas = Gitlab::Git::Commit.shas_with_signatures(project.repository, commit_shas)
+
+    commit_shas.each do |sha|
+      CreateGpgSignatureWorker.perform_async(sha, project.id)
     end
   end
 
diff --git a/app/services/issuable_base_service.rb b/app/services/issuable_base_service.rb
index b84a6fd2b7d..4a4f2b91182 100644
--- a/app/services/issuable_base_service.rb
+++ b/app/services/issuable_base_service.rb
@@ -338,7 +338,7 @@ class IssuableBaseService < BaseService
 
   def invalidate_cache_counts(issuable, users: [], skip_project_cache: false)
     users.each do |user|
-      user.public_send("invalidate_#{issuable.model_name.singular}_cache_counts")
+      user.public_send("invalidate_#{issuable.model_name.singular}_cache_counts") # rubocop:disable GitlabSecurity/PublicSend
     end
 
     unless skip_project_cache
diff --git a/app/services/members/destroy_service.rb b/app/services/members/destroy_service.rb
index 2e089149ca8..46c505baf8b 100644
--- a/app/services/members/destroy_service.rb
+++ b/app/services/members/destroy_service.rb
@@ -31,7 +31,7 @@ module Members
         source.members.find_by(condition) ||
           source.requesters.find_by!(condition)
       else
-        source.public_send(scope).find_by!(condition)
+        source.public_send(scope).find_by!(condition) # rubocop:disable GitlabSecurity/PublicSend
       end
     end
 
diff --git a/app/services/merge_requests/create_from_issue_service.rb b/app/services/merge_requests/create_from_issue_service.rb
index 738cedbaed7..e9e4513e0d0 100644
--- a/app/services/merge_requests/create_from_issue_service.rb
+++ b/app/services/merge_requests/create_from_issue_service.rb
@@ -3,6 +3,8 @@ module MergeRequests
     def execute
       return error('Invalid issue iid') unless issue_iid.present? && issue.present?
 
+      params[:label_ids] = issue.label_ids if issue.label_ids.any?
+      
       result = CreateBranchService.new(project, current_user).execute(branch_name, ref)
       return result if result[:status] == :error
 
@@ -43,7 +45,8 @@ module MergeRequests
       {
         source_project_id: project.id,
         source_branch: branch_name,
-        target_project_id: project.id
+        target_project_id: project.id,
+        milestone_id: issue.milestone_id
       }
     end
 
diff --git a/app/services/merge_requests/create_service.rb b/app/services/merge_requests/create_service.rb
index fa0c0b7175c..194413bf321 100644
--- a/app/services/merge_requests/create_service.rb
+++ b/app/services/merge_requests/create_service.rb
@@ -25,7 +25,6 @@ module MergeRequests
     end
 
     def after_create(issuable)
-      event_service.open_mr(issuable, current_user)
       todo_service.new_merge_request(issuable, current_user)
       issuable.cache_merge_request_closes_issues!(current_user)
       update_merge_requests_head_pipeline(issuable)
diff --git a/app/services/notification_service.rb b/app/services/notification_service.rb
index 4267879b03d..e2a80db06a6 100644
--- a/app/services/notification_service.rb
+++ b/app/services/notification_service.rb
@@ -1,3 +1,5 @@
+# rubocop:disable GitlabSecurity/PublicSend
+
 # NotificationService class
 #
 # Used for notifying users with emails about different events
diff --git a/app/services/system_hooks_service.rb b/app/services/system_hooks_service.rb
index cbcd4478af6..a1c2f8d0180 100644
--- a/app/services/system_hooks_service.rb
+++ b/app/services/system_hooks_service.rb
@@ -4,7 +4,7 @@ class SystemHooksService
   end
 
   def execute_hooks(data, hooks_scope = :all)
-    SystemHook.public_send(hooks_scope).find_each do |hook|
+    SystemHook.public_send(hooks_scope).find_each do |hook| # rubocop:disable GitlabSecurity/PublicSend
       hook.async_execute(data, 'system_hooks')
     end
   end
diff --git a/app/services/test_hooks/base_service.rb b/app/services/test_hooks/base_service.rb
index 74ba814afff..4abd2c44b2f 100644
--- a/app/services/test_hooks/base_service.rb
+++ b/app/services/test_hooks/base_service.rb
@@ -18,7 +18,7 @@ module TestHooks
       end
 
       error_message = catch(:validation_error) do
-        sample_data = self.__send__(trigger_data_method)
+        sample_data = self.__send__(trigger_data_method) # rubocop:disable GitlabSecurity/PublicSend
 
         return hook.execute(sample_data, trigger)
       end
diff --git a/app/views/admin/users/_user.html.haml b/app/views/admin/users/_user.html.haml
index 4cf4a57ba18..ca6e43e091c 100644
--- a/app/views/admin/users/_user.html.haml
+++ b/app/views/admin/users/_user.html.haml
@@ -40,9 +40,10 @@
               %li
                 = link_to 'Remove user', admin_user_path(user),
                     data: { confirm: "USER #{user.name} WILL BE REMOVED! Are you sure?" },
+                    class: 'text-danger',
                     method: :delete
             %li
               = link_to 'Remove user and contributions', admin_user_path(user, hard_delete: true),
                   data: { confirm: "USER #{user.name} WILL BE REMOVED! All issues, merge requests and comments authored by this user, and groups owned solely by them, will also be removed! Are you sure?" },
-                  class: 'btn btn-remove btn-block',
+                  class: 'text-danger',
                   method: :delete
diff --git a/app/views/help/ui.html.haml b/app/views/help/ui.html.haml
index f18c3a74120..445f0dffbcc 100644
--- a/app/views/help/ui.html.haml
+++ b/app/views/help/ui.html.haml
@@ -189,7 +189,7 @@
             = icon('chevron-down')
           %ul.dropdown-menu
             %li
-              %a Sort by date
+              = link_to 'Sort by date', '#'
 
         = link_to 'New issue', '#', class: 'btn btn-new btn-inverted'
 
diff --git a/app/views/layouts/nav/_new_admin_sidebar.html.haml b/app/views/layouts/nav/_new_admin_sidebar.html.haml
index 0b4a9d92bea..3cbcd841aff 100644
--- a/app/views/layouts/nav/_new_admin_sidebar.html.haml
+++ b/app/views/layouts/nav/_new_admin_sidebar.html.haml
@@ -1,150 +1,151 @@
 .nav-sidebar{ class: ("sidebar-icons-only" if collapsed_sidebar?) }
-  .context-header
-    = link_to admin_root_path, title: 'Admin Overview' do
-      .avatar-container.s40.settings-avatar
-        = icon('wrench')
-      .project-title Admin Area
-  %ul.sidebar-top-level-items
-    = nav_link(controller: %w(dashboard admin projects users groups jobs runners cohorts), html_options: {class: 'home'}) do
-      = link_to admin_root_path, title: 'Overview', class: 'shortcuts-tree' do
-        .nav-icon-container
-          = custom_icon('overview')
-        %span.nav-item-name
-          Overview
-
-      %ul.sidebar-sub-level-items
-        = nav_link(controller: :dashboard, html_options: {class: 'home'}) do
-          = link_to admin_root_path, title: 'Overview' do
-            %span
-              Dashboard
-        = nav_link(controller: [:admin, :projects]) do
-          = link_to admin_projects_path, title: 'Projects' do
-            %span
-              Projects
-        = nav_link(controller: :users) do
-          = link_to admin_users_path, title: 'Users' do
-            %span
-              Users
-        = nav_link(controller: :groups) do
-          = link_to admin_groups_path, title: 'Groups' do
-            %span
-              Groups
-        = nav_link path: 'jobs#index' do
-          = link_to admin_jobs_path, title: 'Jobs' do
-            %span
-              Jobs
-        = nav_link path: ['runners#index', 'runners#show'] do
-          = link_to admin_runners_path, title: 'Runners' do
-            %span
-              Runners
-        = nav_link path: 'cohorts#index' do
-          = link_to admin_cohorts_path, title: 'Cohorts' do
-            %span
-              Cohorts
+  .nav-sidebar-inner-scroll
+    .context-header
+      = link_to admin_root_path, title: 'Admin Overview' do
+        .avatar-container.s40.settings-avatar
+          = icon('wrench')
+        .project-title Admin Area
+    %ul.sidebar-top-level-items
+      = nav_link(controller: %w(dashboard admin projects users groups jobs runners cohorts), html_options: {class: 'home'}) do
+        = link_to admin_root_path, title: 'Overview', class: 'shortcuts-tree' do
+          .nav-icon-container
+            = custom_icon('overview')
+          %span.nav-item-name
+            Overview
 
-    = nav_link(controller: %w(conversational_development_index system_info background_jobs logs health_check requests_profiles)) do
-      = link_to admin_conversational_development_index_path, title: 'Monitoring' do
-        .nav-icon-container
-          = custom_icon('monitoring')
-        %span.nav-item-name
-          Monitoring
+        %ul.sidebar-sub-level-items
+          = nav_link(controller: :dashboard, html_options: {class: 'home'}) do
+            = link_to admin_root_path, title: 'Overview' do
+              %span
+                Dashboard
+          = nav_link(controller: [:admin, :projects]) do
+            = link_to admin_projects_path, title: 'Projects' do
+              %span
+                Projects
+          = nav_link(controller: :users) do
+            = link_to admin_users_path, title: 'Users' do
+              %span
+                Users
+          = nav_link(controller: :groups) do
+            = link_to admin_groups_path, title: 'Groups' do
+              %span
+                Groups
+          = nav_link path: 'jobs#index' do
+            = link_to admin_jobs_path, title: 'Jobs' do
+              %span
+                Jobs
+          = nav_link path: ['runners#index', 'runners#show'] do
+            = link_to admin_runners_path, title: 'Runners' do
+              %span
+                Runners
+          = nav_link path: 'cohorts#index' do
+            = link_to admin_cohorts_path, title: 'Cohorts' do
+              %span
+                Cohorts
 
-      %ul.sidebar-sub-level-items
-        = nav_link(controller: :conversational_development_index) do
-          = link_to admin_conversational_development_index_path, title: 'ConvDev Index' do
-            %span
-              ConvDev Index
-        = nav_link(controller: :system_info) do
-          = link_to admin_system_info_path, title: 'System Info' do
-            %span
-              System Info
-        = nav_link(controller: :background_jobs) do
-          = link_to admin_background_jobs_path, title: 'Background Jobs' do
-            %span
-              Background Jobs
-        = nav_link(controller: :logs) do
-          = link_to admin_logs_path, title: 'Logs' do
-            %span
-              Logs
-        = nav_link(controller: :health_check) do
-          = link_to admin_health_check_path, title: 'Health Check' do
-            %span
-              Health Check
-        = nav_link(controller: :requests_profiles) do
-          = link_to admin_requests_profiles_path, title: 'Requests Profiles' do
-            %span
-              Requests Profiles
+      = nav_link(controller: %w(conversational_development_index system_info background_jobs logs health_check requests_profiles)) do
+        = link_to admin_conversational_development_index_path, title: 'Monitoring' do
+          .nav-icon-container
+            = custom_icon('monitoring')
+          %span.nav-item-name
+            Monitoring
 
-    = nav_link(controller: :broadcast_messages) do
-      = link_to admin_broadcast_messages_path, title: 'Messages' do
-        .nav-icon-container
-          = custom_icon('messages')
-        %span.nav-item-name
-          Messages
-    = nav_link(controller: [:hooks, :hook_logs]) do
-      = link_to admin_hooks_path, title: 'Hooks' do
-        .nav-icon-container
-          = custom_icon('system_hooks')
-        %span.nav-item-name
-          System Hooks
+        %ul.sidebar-sub-level-items
+          = nav_link(controller: :conversational_development_index) do
+            = link_to admin_conversational_development_index_path, title: 'ConvDev Index' do
+              %span
+                ConvDev Index
+          = nav_link(controller: :system_info) do
+            = link_to admin_system_info_path, title: 'System Info' do
+              %span
+                System Info
+          = nav_link(controller: :background_jobs) do
+            = link_to admin_background_jobs_path, title: 'Background Jobs' do
+              %span
+                Background Jobs
+          = nav_link(controller: :logs) do
+            = link_to admin_logs_path, title: 'Logs' do
+              %span
+                Logs
+          = nav_link(controller: :health_check) do
+            = link_to admin_health_check_path, title: 'Health Check' do
+              %span
+                Health Check
+          = nav_link(controller: :requests_profiles) do
+            = link_to admin_requests_profiles_path, title: 'Requests Profiles' do
+              %span
+                Requests Profiles
 
-    = nav_link(controller: :applications) do
-      = link_to admin_applications_path, title: 'Applications' do
-        .nav-icon-container
-          = custom_icon('applications')
-        %span.nav-item-name
-          Applications
+      = nav_link(controller: :broadcast_messages) do
+        = link_to admin_broadcast_messages_path, title: 'Messages' do
+          .nav-icon-container
+            = custom_icon('messages')
+          %span.nav-item-name
+            Messages
+      = nav_link(controller: [:hooks, :hook_logs]) do
+        = link_to admin_hooks_path, title: 'Hooks' do
+          .nav-icon-container
+            = custom_icon('system_hooks')
+          %span.nav-item-name
+            System Hooks
 
-    = nav_link(controller: :abuse_reports) do
-      = link_to admin_abuse_reports_path, title: "Abuse Reports" do
-        .nav-icon-container
-          = custom_icon('abuse_reports')
-        %span.nav-item-name
-          Abuse Reports
-        %span.badge.count= number_with_delimiter(AbuseReport.count(:all))
+      = nav_link(controller: :applications) do
+        = link_to admin_applications_path, title: 'Applications' do
+          .nav-icon-container
+            = custom_icon('applications')
+          %span.nav-item-name
+            Applications
 
-    - if akismet_enabled?
-      = nav_link(controller: :spam_logs) do
-        = link_to admin_spam_logs_path, title: "Spam Logs" do
+      = nav_link(controller: :abuse_reports) do
+        = link_to admin_abuse_reports_path, title: "Abuse Reports" do
           .nav-icon-container
-            = custom_icon('spam_logs')
+            = custom_icon('abuse_reports')
           %span.nav-item-name
-            Spam Logs
+            Abuse Reports
+          %span.badge.count= number_with_delimiter(AbuseReport.count(:all))
 
-    = nav_link(controller: :deploy_keys) do
-      = link_to admin_deploy_keys_path, title: 'Deploy Keys' do
-        .nav-icon-container
-          = custom_icon('key')
-        %span.nav-item-name
-          Deploy Keys
+      - if akismet_enabled?
+        = nav_link(controller: :spam_logs) do
+          = link_to admin_spam_logs_path, title: "Spam Logs" do
+            .nav-icon-container
+              = custom_icon('spam_logs')
+            %span.nav-item-name
+              Spam Logs
 
-    = nav_link(controller: :services) do
-      = link_to admin_application_settings_services_path, title: 'Service Templates' do
-        .nav-icon-container
-          = custom_icon('service_templates')
-        %span.nav-item-name
-          Service Templates
+      = nav_link(controller: :deploy_keys) do
+        = link_to admin_deploy_keys_path, title: 'Deploy Keys' do
+          .nav-icon-container
+            = custom_icon('key')
+          %span.nav-item-name
+            Deploy Keys
 
-    = nav_link(controller: :labels) do
-      = link_to admin_labels_path, title: 'Labels' do
-        .nav-icon-container
-          = custom_icon('labels')
-        %span.nav-item-name
-          Labels
+      = nav_link(controller: :services) do
+        = link_to admin_application_settings_services_path, title: 'Service Templates' do
+          .nav-icon-container
+            = custom_icon('service_templates')
+          %span.nav-item-name
+            Service Templates
 
-    = nav_link(controller: :appearances) do
-      = link_to admin_appearances_path, title: 'Appearances' do
-        .nav-icon-container
-          = custom_icon('appearance')
-        %span.nav-item-name
-          Appearance
+      = nav_link(controller: :labels) do
+        = link_to admin_labels_path, title: 'Labels' do
+          .nav-icon-container
+            = custom_icon('labels')
+          %span.nav-item-name
+            Labels
 
-    %li.divider
-    = nav_link(controller: :application_settings) do
-      = link_to admin_application_settings_path, title: 'Settings' do
-        .nav-icon-container
-          = custom_icon('settings')
-        %span.nav-item-name
-          Settings
+      = nav_link(controller: :appearances) do
+        = link_to admin_appearances_path, title: 'Appearances' do
+          .nav-icon-container
+            = custom_icon('appearance')
+          %span.nav-item-name
+            Appearance
+
+      %li.divider
+      = nav_link(controller: :application_settings) do
+        = link_to admin_application_settings_path, title: 'Settings' do
+          .nav-icon-container
+            = custom_icon('settings')
+          %span.nav-item-name
+            Settings
 
-  = render 'shared/sidebar_toggle_button'
+    = render 'shared/sidebar_toggle_button'
diff --git a/app/views/layouts/nav/_new_group_sidebar.html.haml b/app/views/layouts/nav/_new_group_sidebar.html.haml
index c7dabbd8237..ed5793f09fe 100644
--- a/app/views/layouts/nav/_new_group_sidebar.html.haml
+++ b/app/views/layouts/nav/_new_group_sidebar.html.haml
@@ -1,89 +1,90 @@
 .nav-sidebar{ class: ("sidebar-icons-only" if collapsed_sidebar?) }
-  .context-header
-    = link_to group_path(@group), title: @group.name do
-      .avatar-container.s40.group-avatar
-        = image_tag group_icon(@group), class: "avatar s40 avatar-tile"
-      .group-title
-        = @group.name
-  %ul.sidebar-top-level-items
-    = nav_link(path: ['groups#show', 'groups#activity', 'groups#subgroups'], html_options: { class: 'home' }) do
-      = link_to group_path(@group), title: 'Group overview' do
-        .nav-icon-container
-          = custom_icon('project')
-        %span.nav-item-name
-          Overview
-
-      %ul.sidebar-sub-level-items
-        = nav_link(path: ['groups#show', 'groups#subgroups'], html_options: { class: 'home' }) do
-          = link_to group_path(@group), title: 'Group details' do
-            %span
-              Details
-
-        = nav_link(path: 'groups#activity') do
-          = link_to activity_group_path(@group), title: 'Activity' do
-            %span
-              Activity
-
-    = nav_link(path: ['groups#issues', 'labels#index', 'milestones#index']) do
-      = link_to issues_group_path(@group), title: 'Issues' do
-        .nav-icon-container
-          = custom_icon('issues')
-        %span.nav-item-name
-          - issues = IssuesFinder.new(current_user, group_id: @group.id, state: 'opened').execute
-          Issues
-        %span.badge.count= number_with_delimiter(issues.count)
-
-      %ul.sidebar-sub-level-items
-        = nav_link(path: 'groups#issues', html_options: { class: 'home' }) do
-          = link_to issues_group_path(@group), title: 'List' do
-            %span
-              List
+  .nav-sidebar-inner-scroll
+    .context-header
+      = link_to group_path(@group), title: @group.name do
+        .avatar-container.s40.group-avatar
+          = image_tag group_icon(@group), class: "avatar s40 avatar-tile"
+        .group-title
+          = @group.name
+    %ul.sidebar-top-level-items
+      = nav_link(path: ['groups#show', 'groups#activity', 'groups#subgroups'], html_options: { class: 'home' }) do
+        = link_to group_path(@group), title: 'Group overview' do
+          .nav-icon-container
+            = custom_icon('project')
+          %span.nav-item-name
+            Overview
 
-        = nav_link(path: 'labels#index') do
-          = link_to group_labels_path(@group), title: 'Labels' do
-            %span
-              Labels
+        %ul.sidebar-sub-level-items
+          = nav_link(path: ['groups#show', 'groups#subgroups'], html_options: { class: 'home' }) do
+            = link_to group_path(@group), title: 'Group details' do
+              %span
+                Details
 
-        = nav_link(path: 'milestones#index') do
-          = link_to group_milestones_path(@group), title: 'Milestones' do
-            %span
-              Milestones
+          = nav_link(path: 'groups#activity') do
+            = link_to activity_group_path(@group), title: 'Activity' do
+              %span
+                Activity
 
-    = nav_link(path: 'groups#merge_requests') do
-      = link_to merge_requests_group_path(@group), title: 'Merge Requests' do
-        .nav-icon-container
-          = custom_icon('mr_bold')
-        %span.nav-item-name
-          - merge_requests = MergeRequestsFinder.new(current_user, group_id: @group.id, state: 'opened', non_archived: true).execute
-          Merge Requests
-        %span.badge.count= number_with_delimiter(merge_requests.count)
-    = nav_link(path: 'group_members#index') do
-      = link_to group_group_members_path(@group), title: 'Members' do
-        .nav-icon-container
-          = custom_icon('members')
-        %span.nav-item-name
-          Members
-    - if current_user && can?(current_user, :admin_group, @group)
-      = nav_link(path: %w[groups#projects groups#edit ci_cd#show]) do
-        = link_to edit_group_path(@group), title: 'Settings' do
+      = nav_link(path: ['groups#issues', 'labels#index', 'milestones#index']) do
+        = link_to issues_group_path(@group), title: 'Issues' do
           .nav-icon-container
-            = custom_icon('settings')
+            = custom_icon('issues')
           %span.nav-item-name
-            Settings
+            - issues = IssuesFinder.new(current_user, group_id: @group.id, state: 'opened').execute
+            Issues
+          %span.badge.count= number_with_delimiter(issues.count)
+
         %ul.sidebar-sub-level-items
-          = nav_link(path: 'groups#edit') do
-            = link_to edit_group_path(@group), title: 'General' do
+          = nav_link(path: 'groups#issues', html_options: { class: 'home' }) do
+            = link_to issues_group_path(@group), title: 'List' do
               %span
-                General
+                List
 
-          = nav_link(path: 'groups#projects') do
-            = link_to projects_group_path(@group), title: 'Projects' do
+          = nav_link(path: 'labels#index') do
+            = link_to group_labels_path(@group), title: 'Labels' do
               %span
-                Projects
+                Labels
 
-          = nav_link(controller: :ci_cd) do
-            = link_to group_settings_ci_cd_path(@group), title: 'CI / CD' do
+          = nav_link(path: 'milestones#index') do
+            = link_to group_milestones_path(@group), title: 'Milestones' do
               %span
-                CI / CD
+                Milestones
+
+      = nav_link(path: 'groups#merge_requests') do
+        = link_to merge_requests_group_path(@group), title: 'Merge Requests' do
+          .nav-icon-container
+            = custom_icon('mr_bold')
+          %span.nav-item-name
+            - merge_requests = MergeRequestsFinder.new(current_user, group_id: @group.id, state: 'opened', non_archived: true).execute
+            Merge Requests
+          %span.badge.count= number_with_delimiter(merge_requests.count)
+      = nav_link(path: 'group_members#index') do
+        = link_to group_group_members_path(@group), title: 'Members' do
+          .nav-icon-container
+            = custom_icon('members')
+          %span.nav-item-name
+            Members
+      - if current_user && can?(current_user, :admin_group, @group)
+        = nav_link(path: %w[groups#projects groups#edit ci_cd#show]) do
+          = link_to edit_group_path(@group), title: 'Settings' do
+            .nav-icon-container
+              = custom_icon('settings')
+            %span.nav-item-name
+              Settings
+          %ul.sidebar-sub-level-items
+            = nav_link(path: 'groups#edit') do
+              = link_to edit_group_path(@group), title: 'General' do
+                %span
+                  General
+
+            = nav_link(path: 'groups#projects') do
+              = link_to projects_group_path(@group), title: 'Projects' do
+                %span
+                  Projects
+
+            = nav_link(controller: :ci_cd) do
+              = link_to group_settings_ci_cd_path(@group), title: 'CI / CD' do
+                %span
+                  CI / CD
 
-  = render 'shared/sidebar_toggle_button'
+    = render 'shared/sidebar_toggle_button'
diff --git a/app/views/layouts/nav/_new_profile_sidebar.html.haml b/app/views/layouts/nav/_new_profile_sidebar.html.haml
index edae009a28e..4234df56d1d 100644
--- a/app/views/layouts/nav/_new_profile_sidebar.html.haml
+++ b/app/views/layouts/nav/_new_profile_sidebar.html.haml
@@ -1,84 +1,85 @@
 .nav-sidebar{ class: ("sidebar-icons-only" if collapsed_sidebar?) }
-  .context-header
-    = link_to profile_path, title: 'Profile Settings' do
-      .avatar-container.s40.settings-avatar
-        = icon('user')
-      .project-title User Settings
-  %ul.sidebar-top-level-items
-    = nav_link(path: 'profiles#show', html_options: {class: 'home'}) do
+  .nav-sidebar-inner-scroll
+    .context-header
       = link_to profile_path, title: 'Profile Settings' do
-        .nav-icon-container
-          = custom_icon('profile')
-        %span.nav-item-name
-          Profile
-    = nav_link(controller: [:accounts, :two_factor_auths]) do
-      = link_to profile_account_path, title: 'Account' do
-        .nav-icon-container
-          = custom_icon('account')
-        %span.nav-item-name
-          Account
-    - if current_application_settings.user_oauth_applications?
-      = nav_link(controller: 'oauth/applications') do
-        = link_to applications_profile_path, title: 'Applications' do
+        .avatar-container.s40.settings-avatar
+          = icon('user')
+        .project-title User Settings
+    %ul.sidebar-top-level-items
+      = nav_link(path: 'profiles#show', html_options: {class: 'home'}) do
+        = link_to profile_path, title: 'Profile Settings' do
           .nav-icon-container
-            = custom_icon('applications')
+            = custom_icon('profile')
           %span.nav-item-name
-            Applications
-    = nav_link(controller: :chat_names) do
-      = link_to profile_chat_names_path, title: 'Chat' do
-        .nav-icon-container
-          = custom_icon('chat')
-        %span.nav-item-name
-          Chat
-    = nav_link(controller: :personal_access_tokens) do
-      = link_to profile_personal_access_tokens_path, title: 'Access Tokens' do
-        .nav-icon-container
-          = custom_icon('access_tokens')
-        %span.nav-item-name
-          Access Tokens
-    = nav_link(controller: :emails) do
-      = link_to profile_emails_path, title: 'Emails' do
-        .nav-icon-container
-          = custom_icon('emails')
-        %span.nav-item-name
-          Emails
-    - unless current_user.ldap_user?
-      = nav_link(controller: :passwords) do
-        = link_to edit_profile_password_path, title: 'Password' do
+            Profile
+      = nav_link(controller: [:accounts, :two_factor_auths]) do
+        = link_to profile_account_path, title: 'Account' do
           .nav-icon-container
-            = custom_icon('lock')
+            = custom_icon('account')
           %span.nav-item-name
-            Password
-    = nav_link(controller: :notifications) do
-      = link_to profile_notifications_path, title: 'Notifications' do
-        .nav-icon-container
-          = custom_icon('notifications')
-        %span.nav-item-name
-          Notifications
+            Account
+      - if current_application_settings.user_oauth_applications?
+        = nav_link(controller: 'oauth/applications') do
+          = link_to applications_profile_path, title: 'Applications' do
+            .nav-icon-container
+              = custom_icon('applications')
+            %span.nav-item-name
+              Applications
+      = nav_link(controller: :chat_names) do
+        = link_to profile_chat_names_path, title: 'Chat' do
+          .nav-icon-container
+            = custom_icon('chat')
+          %span.nav-item-name
+            Chat
+      = nav_link(controller: :personal_access_tokens) do
+        = link_to profile_personal_access_tokens_path, title: 'Access Tokens' do
+          .nav-icon-container
+            = custom_icon('access_tokens')
+          %span.nav-item-name
+            Access Tokens
+      = nav_link(controller: :emails) do
+        = link_to profile_emails_path, title: 'Emails' do
+          .nav-icon-container
+            = custom_icon('emails')
+          %span.nav-item-name
+            Emails
+      - unless current_user.ldap_user?
+        = nav_link(controller: :passwords) do
+          = link_to edit_profile_password_path, title: 'Password' do
+            .nav-icon-container
+              = custom_icon('lock')
+            %span.nav-item-name
+              Password
+      = nav_link(controller: :notifications) do
+        = link_to profile_notifications_path, title: 'Notifications' do
+          .nav-icon-container
+            = custom_icon('notifications')
+          %span.nav-item-name
+            Notifications
 
-    = nav_link(controller: :keys) do
-      = link_to profile_keys_path, title: 'SSH Keys' do
-        .nav-icon-container
-          = custom_icon('key')
-        %span.nav-item-name
-          SSH Keys
-    = nav_link(controller: :gpg_keys) do
-      = link_to profile_gpg_keys_path, title: 'GPG Keys' do
-        .nav-icon-container
-          = custom_icon('key_2')
-        %span.nav-item-name
-          GPG Keys
-    = nav_link(controller: :preferences) do
-      = link_to profile_preferences_path, title: 'Preferences' do
-        .nav-icon-container
-          = custom_icon('preferences')
-        %span.nav-item-name
-          Preferences
-    = nav_link(path: 'profiles#audit_log') do
-      = link_to audit_log_profile_path, title: 'Authentication log' do
-        .nav-icon-container
-          = custom_icon('authentication_log')
-        %span.nav-item-name
-          Authentication log
+      = nav_link(controller: :keys) do
+        = link_to profile_keys_path, title: 'SSH Keys' do
+          .nav-icon-container
+            = custom_icon('key')
+          %span.nav-item-name
+            SSH Keys
+      = nav_link(controller: :gpg_keys) do
+        = link_to profile_gpg_keys_path, title: 'GPG Keys' do
+          .nav-icon-container
+            = custom_icon('key_2')
+          %span.nav-item-name
+            GPG Keys
+      = nav_link(controller: :preferences) do
+        = link_to profile_preferences_path, title: 'Preferences' do
+          .nav-icon-container
+            = custom_icon('preferences')
+          %span.nav-item-name
+            Preferences
+      = nav_link(path: 'profiles#audit_log') do
+        = link_to audit_log_profile_path, title: 'Authentication log' do
+          .nav-icon-container
+            = custom_icon('authentication_log')
+          %span.nav-item-name
+            Authentication log
 
-  = render 'shared/sidebar_toggle_button'
+    = render 'shared/sidebar_toggle_button'
diff --git a/app/views/layouts/nav/_new_project_sidebar.html.haml b/app/views/layouts/nav/_new_project_sidebar.html.haml
index e0477c29ebe..0ef81375c3a 100644
--- a/app/views/layouts/nav/_new_project_sidebar.html.haml
+++ b/app/views/layouts/nav/_new_project_sidebar.html.haml
@@ -1,261 +1,262 @@
 .nav-sidebar{ class: ("sidebar-icons-only" if collapsed_sidebar?) }
-  - can_edit = can?(current_user, :admin_project, @project)
-  .context-header
-    = link_to project_path(@project), title: @project.name do
-      .avatar-container.s40.project-avatar
-        = project_icon(@project, alt: @project.name, class: 'avatar s40 avatar-tile')
-      .project-title
-        = @project.name
-  %ul.sidebar-top-level-items
-    = nav_link(path: ['projects#show', 'projects#activity', 'cycle_analytics#show'], html_options: { class: 'home' }) do
-      = link_to project_path(@project), title: 'Project overview', class: 'shortcuts-project' do
-        .nav-icon-container
-          = custom_icon('project')
-        %span.nav-item-name
-          Overview
-
-      %ul.sidebar-sub-level-items
-        = nav_link(path: 'projects#show') do
-          = link_to project_path(@project), title: _('Project details'), class: 'shortcuts-project' do
-            %span= _('Details')
-
-        = nav_link(path: 'projects#activity') do
-          = link_to activity_project_path(@project), title: _('Activity'), class: 'shortcuts-project-activity' do
-            %span= _('Activity')
-
-        - if can?(current_user, :read_cycle_analytics, @project)
-          = nav_link(path: 'cycle_analytics#show') do
-            = link_to project_cycle_analytics_path(@project), title: _('Cycle Analytics'), class: 'shortcuts-project-cycle-analytics' do
-              %span= _('Cycle Analytics')
-
-    - if project_nav_tab? :files
-      = nav_link(controller: %w(tree blob blame edit_tree new_tree find_file commit commits compare projects/repositories tags branches releases graphs network)) do
-        = link_to project_tree_path(@project), title: 'Repository',  class: 'shortcuts-tree' do
+  .nav-sidebar-inner-scroll
+    - can_edit = can?(current_user, :admin_project, @project)
+    .context-header
+      = link_to project_path(@project), title: @project.name do
+        .avatar-container.s40.project-avatar
+          = project_icon(@project, alt: @project.name, class: 'avatar s40 avatar-tile')
+        .project-title
+          = @project.name
+    %ul.sidebar-top-level-items
+      = nav_link(path: ['projects#show', 'projects#activity', 'cycle_analytics#show'], html_options: { class: 'home' }) do
+        = link_to project_path(@project), title: 'Project overview', class: 'shortcuts-project' do
           .nav-icon-container
-            = custom_icon('doc_text')
+            = custom_icon('project')
           %span.nav-item-name
-            Repository
+            Overview
 
         %ul.sidebar-sub-level-items
-          = nav_link(controller: %w(tree blob blame edit_tree new_tree find_file)) do
-            = link_to project_tree_path(@project) do
-              #{ _('Files') }
-
-          = nav_link(controller: [:commit, :commits]) do
-            = link_to project_commits_path(@project, current_ref) do
-              #{ _('Commits') }
-
-          = nav_link(html_options: {class: branches_tab_class}) do
-            = link_to project_branches_path(@project) do
-              #{ _('Branches') }
-
-          = nav_link(controller: [:tags, :releases]) do
-            = link_to project_tags_path(@project) do
-              #{ _('Tags') }
-
-          = nav_link(path: 'graphs#show') do
-            = link_to project_graph_path(@project, current_ref) do
-              #{ _('Contributors') }
-
-          = nav_link(controller: %w(network)) do
-            = link_to project_network_path(@project, current_ref) do
-              #{ s_('ProjectNetworkGraph|Graph') }
-
-          = nav_link(controller: :compare) do
-            = link_to project_compare_index_path(@project, from: @repository.root_ref, to: current_ref) do
-              #{ _('Compare') }
-
-          = nav_link(path: 'graphs#charts') do
-            = link_to charts_project_graph_path(@project, current_ref) do
-              #{ _('Charts') }
-
-    - if project_nav_tab? :container_registry
-      = nav_link(controller: %w[projects/registry/repositories]) do
-        = link_to project_container_registry_index_path(@project), title: 'Container Registry', class: 'shortcuts-container-registry' do
-          .nav-icon-container
-            = custom_icon('container_registry')
-          %span.nav-item-name
-            Registry
-
-    - if project_nav_tab? :issues
-      = nav_link(controller: @project.issues_enabled? ? [:issues, :labels, :milestones, :boards] : :issues) do
-        = link_to project_issues_path(@project), title: 'Issues', class: 'shortcuts-issues' do
-          .nav-icon-container
-            = custom_icon('issues')
-          %span.nav-item-name
-            Issues
-          - if @project.issues_enabled?
-            %span.badge.count.issue_counter= number_with_delimiter(IssuesFinder.new(current_user, project_id: @project.id).execute.opened.count)
-
-        %ul.sidebar-sub-level-items
-          = nav_link(controller: :issues) do
-            = link_to project_issues_path(@project), title: 'Issues' do
-              %span
-                List
-
-          = nav_link(controller: :boards) do
-            = link_to project_boards_path(@project), title: 'Board' do
-              %span
-                Board
-
-          = nav_link(controller: :labels) do
-            = link_to project_labels_path(@project), title: 'Labels' do
-              %span
-                Labels
-
-          = nav_link(controller: :milestones) do
-            = link_to project_milestones_path(@project), title: 'Milestones' do
-              %span
-                Milestones
-
-    - if project_nav_tab? :merge_requests
-      = nav_link(controller: @project.issues_enabled? ? :merge_requests : [:merge_requests, :labels, :milestones]) do
-        = link_to project_merge_requests_path(@project), title: 'Merge Requests', class: 'shortcuts-merge_requests' do
-          .nav-icon-container
-            = custom_icon('mr_bold')
-          %span.nav-item-name
-            Merge Requests
-          %span.badge.count.merge_counter.js-merge-counter= number_with_delimiter(MergeRequestsFinder.new(current_user, project_id: @project.id).execute.opened.count)
-
-    - if project_nav_tab? :pipelines
-      = nav_link(controller: [:pipelines, :builds, :jobs, :pipeline_schedules, :environments, :artifacts]) do
-        = link_to project_pipelines_path(@project), title: 'CI / CD', class: 'shortcuts-pipelines' do
-          .nav-icon-container
-            = custom_icon('pipeline')
-          %span.nav-item-name
-            CI / CD
-
-        %ul.sidebar-sub-level-items
-          - if project_nav_tab? :pipelines
-            = nav_link(path: ['pipelines#index', 'pipelines#show']) do
-              = link_to project_pipelines_path(@project), title: 'Pipelines', class: 'shortcuts-pipelines' do
-                %span
-                  Pipelines
-
-          - if project_nav_tab? :builds
-            = nav_link(controller: [:jobs, :artifacts]) do
-              = link_to project_jobs_path(@project), title: 'Jobs', class: 'shortcuts-builds' do
+          = nav_link(path: 'projects#show') do
+            = link_to project_path(@project), title: _('Project details'), class: 'shortcuts-project' do
+              %span= _('Details')
+
+          = nav_link(path: 'projects#activity') do
+            = link_to activity_project_path(@project), title: _('Activity'), class: 'shortcuts-project-activity' do
+              %span= _('Activity')
+
+          - if can?(current_user, :read_cycle_analytics, @project)
+            = nav_link(path: 'cycle_analytics#show') do
+              = link_to project_cycle_analytics_path(@project), title: _('Cycle Analytics'), class: 'shortcuts-project-cycle-analytics' do
+                %span= _('Cycle Analytics')
+
+      - if project_nav_tab? :files
+        = nav_link(controller: %w(tree blob blame edit_tree new_tree find_file commit commits compare projects/repositories tags branches releases graphs network)) do
+          = link_to project_tree_path(@project), title: 'Repository',  class: 'shortcuts-tree' do
+            .nav-icon-container
+              = custom_icon('doc_text')
+            %span.nav-item-name
+              Repository
+
+          %ul.sidebar-sub-level-items
+            = nav_link(controller: %w(tree blob blame edit_tree new_tree find_file)) do
+              = link_to project_tree_path(@project) do
+                #{ _('Files') }
+
+            = nav_link(controller: [:commit, :commits]) do
+              = link_to project_commits_path(@project, current_ref) do
+                #{ _('Commits') }
+
+            = nav_link(html_options: {class: branches_tab_class}) do
+              = link_to project_branches_path(@project) do
+                #{ _('Branches') }
+
+            = nav_link(controller: [:tags, :releases]) do
+              = link_to project_tags_path(@project) do
+                #{ _('Tags') }
+
+            = nav_link(path: 'graphs#show') do
+              = link_to project_graph_path(@project, current_ref) do
+                #{ _('Contributors') }
+
+            = nav_link(controller: %w(network)) do
+              = link_to project_network_path(@project, current_ref) do
+                #{ s_('ProjectNetworkGraph|Graph') }
+
+            = nav_link(controller: :compare) do
+              = link_to project_compare_index_path(@project, from: @repository.root_ref, to: current_ref) do
+                #{ _('Compare') }
+
+            = nav_link(path: 'graphs#charts') do
+              = link_to charts_project_graph_path(@project, current_ref) do
+                #{ _('Charts') }
+
+      - if project_nav_tab? :container_registry
+        = nav_link(controller: %w[projects/registry/repositories]) do
+          = link_to project_container_registry_index_path(@project), title: 'Container Registry', class: 'shortcuts-container-registry' do
+            .nav-icon-container
+              = custom_icon('container_registry')
+            %span.nav-item-name
+              Registry
+
+      - if project_nav_tab? :issues
+        = nav_link(controller: @project.issues_enabled? ? [:issues, :labels, :milestones, :boards] : :issues) do
+          = link_to project_issues_path(@project), title: 'Issues', class: 'shortcuts-issues' do
+            .nav-icon-container
+              = custom_icon('issues')
+            %span.nav-item-name
+              Issues
+            - if @project.issues_enabled?
+              %span.badge.count.issue_counter= number_with_delimiter(IssuesFinder.new(current_user, project_id: @project.id).execute.opened.count)
+
+          %ul.sidebar-sub-level-items
+            = nav_link(controller: :issues) do
+              = link_to project_issues_path(@project), title: 'Issues' do
                 %span
-                  Jobs
+                  List
 
-          - if project_nav_tab? :pipelines
-            = nav_link(controller: :pipeline_schedules) do
-              = link_to pipeline_schedules_path(@project), title: 'Schedules', class: 'shortcuts-builds' do
+            = nav_link(controller: :boards) do
+              = link_to project_boards_path(@project), title: 'Board' do
                 %span
-                  Schedules
+                  Board
 
-          - if project_nav_tab? :environments
-            = nav_link(controller: :environments) do
-              = link_to project_environments_path(@project), title: 'Environments', class: 'shortcuts-environments' do
+            = nav_link(controller: :labels) do
+              = link_to project_labels_path(@project), title: 'Labels' do
                 %span
-                  Environments
+                  Labels
 
-          - if @project.feature_available?(:builds, current_user) && !@project.empty_repo?
-            = nav_link(path: 'pipelines#charts') do
-              = link_to charts_project_pipelines_path(@project), title: 'Charts', class: 'shortcuts-pipelines-charts' do
+            = nav_link(controller: :milestones) do
+              = link_to project_milestones_path(@project), title: 'Milestones' do
                 %span
-                  Charts
+                  Milestones
+
+      - if project_nav_tab? :merge_requests
+        = nav_link(controller: @project.issues_enabled? ? :merge_requests : [:merge_requests, :labels, :milestones]) do
+          = link_to project_merge_requests_path(@project), title: 'Merge Requests', class: 'shortcuts-merge_requests' do
+            .nav-icon-container
+              = custom_icon('mr_bold')
+            %span.nav-item-name
+              Merge Requests
+            %span.badge.count.merge_counter.js-merge-counter= number_with_delimiter(MergeRequestsFinder.new(current_user, project_id: @project.id).execute.opened.count)
+
+      - if project_nav_tab? :pipelines
+        = nav_link(controller: [:pipelines, :builds, :jobs, :pipeline_schedules, :environments, :artifacts]) do
+          = link_to project_pipelines_path(@project), title: 'CI / CD', class: 'shortcuts-pipelines' do
+            .nav-icon-container
+              = custom_icon('pipeline')
+            %span.nav-item-name
+              CI / CD
+
+          %ul.sidebar-sub-level-items
+            - if project_nav_tab? :pipelines
+              = nav_link(path: ['pipelines#index', 'pipelines#show']) do
+                = link_to project_pipelines_path(@project), title: 'Pipelines', class: 'shortcuts-pipelines' do
+                  %span
+                    Pipelines
 
-    - if project_nav_tab? :wiki
-      = nav_link(controller: :wikis) do
-        = link_to get_project_wiki_path(@project), title: 'Wiki', class: 'shortcuts-wiki' do
-          .nav-icon-container
-            = custom_icon('wiki')
-          %span.nav-item-name
-            Wiki
+            - if project_nav_tab? :builds
+              = nav_link(controller: [:jobs, :artifacts]) do
+                = link_to project_jobs_path(@project), title: 'Jobs', class: 'shortcuts-builds' do
+                  %span
+                    Jobs
 
-    - if project_nav_tab? :snippets
-      = nav_link(controller: :snippets) do
-        = link_to project_snippets_path(@project), title: 'Snippets', class: 'shortcuts-snippets' do
-          .nav-icon-container
-            = custom_icon('snippets')
-          %span.nav-item-name
-            Snippets
+            - if project_nav_tab? :pipelines
+              = nav_link(controller: :pipeline_schedules) do
+                = link_to pipeline_schedules_path(@project), title: 'Schedules', class: 'shortcuts-builds' do
+                  %span
+                    Schedules
 
-    - if project_nav_tab? :settings
-      = nav_link(path: %w[projects#edit project_members#index integrations#show services#edit repository#show ci_cd#show pages#show]) do
-        = link_to edit_project_path(@project), title: 'Settings', class: 'shortcuts-tree' do
-          .nav-icon-container
-            = custom_icon('settings')
-          %span.nav-item-name
-            Settings
+            - if project_nav_tab? :environments
+              = nav_link(controller: :environments) do
+                = link_to project_environments_path(@project), title: 'Environments', class: 'shortcuts-environments' do
+                  %span
+                    Environments
 
-        %ul.sidebar-sub-level-items
-          - can_edit = can?(current_user, :admin_project, @project)
-          - if can_edit
-            = nav_link(path: %w[projects#edit]) do
-              = link_to edit_project_path(@project), title: 'General' do
-                %span
-                  General
-          = nav_link(controller: :project_members) do
-            = link_to project_project_members_path(@project), title: 'Members' do
-              %span
-                Members
-          - if can_edit
-            = nav_link(controller: [:integrations, :services, :hooks, :hook_logs]) do
-              = link_to project_settings_integrations_path(@project), title: 'Integrations' do
-                %span
-                  Integrations
-            = nav_link(controller: :repository) do
-              = link_to project_settings_repository_path(@project), title: 'Repository' do
+            - if @project.feature_available?(:builds, current_user) && !@project.empty_repo?
+              = nav_link(path: 'pipelines#charts') do
+                = link_to charts_project_pipelines_path(@project), title: 'Charts', class: 'shortcuts-pipelines-charts' do
+                  %span
+                    Charts
+
+      - if project_nav_tab? :wiki
+        = nav_link(controller: :wikis) do
+          = link_to get_project_wiki_path(@project), title: 'Wiki', class: 'shortcuts-wiki' do
+            .nav-icon-container
+              = custom_icon('wiki')
+            %span.nav-item-name
+              Wiki
+
+      - if project_nav_tab? :snippets
+        = nav_link(controller: :snippets) do
+          = link_to project_snippets_path(@project), title: 'Snippets', class: 'shortcuts-snippets' do
+            .nav-icon-container
+              = custom_icon('snippets')
+            %span.nav-item-name
+              Snippets
+
+      - if project_nav_tab? :settings
+        = nav_link(path: %w[projects#edit project_members#index integrations#show services#edit repository#show ci_cd#show pages#show]) do
+          = link_to edit_project_path(@project), title: 'Settings', class: 'shortcuts-tree' do
+            .nav-icon-container
+              = custom_icon('settings')
+            %span.nav-item-name
+              Settings
+
+          %ul.sidebar-sub-level-items
+            - can_edit = can?(current_user, :admin_project, @project)
+            - if can_edit
+              = nav_link(path: %w[projects#edit]) do
+                = link_to edit_project_path(@project), title: 'General' do
+                  %span
+                    General
+            = nav_link(controller: :project_members) do
+              = link_to project_project_members_path(@project), title: 'Members' do
                 %span
-                  Repository
-            - if @project.feature_available?(:builds, current_user)
-              = nav_link(controller: :ci_cd) do
-                = link_to project_settings_ci_cd_path(@project), title: 'CI / CD' do
+                  Members
+            - if can_edit
+              = nav_link(controller: [:integrations, :services, :hooks, :hook_logs]) do
+                = link_to project_settings_integrations_path(@project), title: 'Integrations' do
                   %span
-                    CI / CD
-            - if Gitlab.config.pages.enabled
-              = nav_link(controller: :pages) do
-                = link_to project_pages_path(@project), title: 'Pages' do
+                    Integrations
+              = nav_link(controller: :repository) do
+                = link_to project_settings_repository_path(@project), title: 'Repository' do
                   %span
-                    Pages
-
-    - else
-      = nav_link(path: %w[members#show]) do
-        = link_to project_settings_members_path(@project), title: 'Members', class: 'shortcuts-tree' do
-          .nav-icon-container
-            = custom_icon('members')
-          %span.nav-item-name
-            Members
-
-    = render 'shared/sidebar_toggle_button'
-
-    -# Shortcut to Project > Activity
-    %li.hidden
-      = link_to activity_project_path(@project), title: 'Activity', class: 'shortcuts-project-activity' do
-        %span
-          Activity
-
-    -# Shortcut to Repository > Graph (formerly, Network)
-    - if project_nav_tab? :network
+                    Repository
+              - if @project.feature_available?(:builds, current_user)
+                = nav_link(controller: :ci_cd) do
+                  = link_to project_settings_ci_cd_path(@project), title: 'CI / CD' do
+                    %span
+                      CI / CD
+              - if Gitlab.config.pages.enabled
+                = nav_link(controller: :pages) do
+                  = link_to project_pages_path(@project), title: 'Pages' do
+                    %span
+                      Pages
+
+      - else
+        = nav_link(path: %w[members#show]) do
+          = link_to project_settings_members_path(@project), title: 'Members', class: 'shortcuts-tree' do
+            .nav-icon-container
+              = custom_icon('members')
+            %span.nav-item-name
+              Members
+
+      = render 'shared/sidebar_toggle_button'
+
+      -# Shortcut to Project > Activity
       %li.hidden
-        = link_to project_network_path(@project, current_ref), title: 'Network', class: 'shortcuts-network' do
-          Graph
-
-    -# Shortcut to Repository > Charts (formerly, top-nav item "Graphs")
-    - unless @project.empty_repo?
-      %li.hidden
-        = link_to charts_project_graph_path(@project, current_ref), title: 'Charts', class: 'shortcuts-repository-charts' do
-          Charts
-
-    -# Shortcut to Issues > New Issue
-    %li.hidden
-      = link_to new_project_issue_path(@project), class: 'shortcuts-new-issue' do
-        Create a new issue
-
-    -# Shortcut to Pipelines > Jobs
-    - if project_nav_tab? :builds
+        = link_to activity_project_path(@project), title: 'Activity', class: 'shortcuts-project-activity' do
+          %span
+            Activity
+
+      -# Shortcut to Repository > Graph (formerly, Network)
+      - if project_nav_tab? :network
+        %li.hidden
+          = link_to project_network_path(@project, current_ref), title: 'Network', class: 'shortcuts-network' do
+            Graph
+
+      -# Shortcut to Repository > Charts (formerly, top-nav item "Graphs")
+      - unless @project.empty_repo?
+        %li.hidden
+          = link_to charts_project_graph_path(@project, current_ref), title: 'Charts', class: 'shortcuts-repository-charts' do
+            Charts
+
+      -# Shortcut to Issues > New Issue
       %li.hidden
-        = link_to project_jobs_path(@project), title: 'Jobs', class: 'shortcuts-builds' do
-          Jobs
-
-    -# Shortcut to commits page
-    - if project_nav_tab? :commits
+        = link_to new_project_issue_path(@project), class: 'shortcuts-new-issue' do
+          Create a new issue
+
+      -# Shortcut to Pipelines > Jobs
+      - if project_nav_tab? :builds
+        %li.hidden
+          = link_to project_jobs_path(@project), title: 'Jobs', class: 'shortcuts-builds' do
+            Jobs
+
+      -# Shortcut to commits page
+      - if project_nav_tab? :commits
+        %li.hidden
+          = link_to project_commits_path(@project), title: 'Commits', class: 'shortcuts-commits' do
+            Commits
+
+      -# Shortcut to issue boards
       %li.hidden
-        = link_to project_commits_path(@project), title: 'Commits', class: 'shortcuts-commits' do
-          Commits
-
-    -# Shortcut to issue boards
-    %li.hidden
-      = link_to 'Issue Boards', project_boards_path(@project), title: 'Issue Boards', class: 'shortcuts-issue-boards'
+        = link_to 'Issue Boards', project_boards_path(@project), title: 'Issue Boards', class: 'shortcuts-issue-boards'
diff --git a/app/views/profiles/accounts/show.html.haml b/app/views/profiles/accounts/show.html.haml
index ed079ed7dfb..5d778d67ae7 100644
--- a/app/views/profiles/accounts/show.html.haml
+++ b/app/views/profiles/accounts/show.html.haml
@@ -92,25 +92,24 @@
             Update username
   %hr
 
-- if signup_enabled?
-  .row.prepend-top-default
-    .col-lg-4.profile-settings-sidebar
-      %h4.prepend-top-0.danger-title
-        Remove account
-    .col-lg-8
-      - if @user.can_be_removed? && can?(current_user, :destroy_user, @user)
+.row.prepend-top-default
+  .col-lg-4.profile-settings-sidebar
+    %h4.prepend-top-0.danger-title
+      Remove account
+  .col-lg-8
+    - if @user.can_be_removed? && can?(current_user, :destroy_user, @user)
+      %p
+        Deleting an account has the following effects:
+      = render 'users/deletion_guidance', user: current_user
+      = link_to 'Delete account', user_registration_path, data: { confirm: "REMOVE #{current_user.name}? Are you sure?" }, method: :delete, class: "btn btn-remove"
+    - else
+      - if @user.solo_owned_groups.present?
         %p
-          Deleting an account has the following effects:
-        = render 'users/deletion_guidance', user: current_user
-        = link_to 'Delete account', user_registration_path, data: { confirm: "REMOVE #{current_user.name}? Are you sure?" }, method: :delete, class: "btn btn-remove"
+          Your account is currently an owner in these groups:
+          %strong= @user.solo_owned_groups.map(&:name).join(', ')
+        %p
+          You must transfer ownership or delete these groups before you can delete your account.
       - else
-        - if @user.solo_owned_groups.present?
-          %p
-            Your account is currently an owner in these groups:
-            %strong= @user.solo_owned_groups.map(&:name).join(', ')
-          %p
-            You must transfer ownership or delete these groups before you can delete your account.
-        - else
-          %p
-            You don't have access to delete this user.
+        %p
+          You don't have access to delete this user.
 .append-bottom-default
diff --git a/app/views/profiles/gpg_keys/index.html.haml b/app/views/profiles/gpg_keys/index.html.haml
index 8331daeeb75..720a97cddb7 100644
--- a/app/views/profiles/gpg_keys/index.html.haml
+++ b/app/views/profiles/gpg_keys/index.html.haml
@@ -12,7 +12,7 @@
       Add a GPG key
     %p.profile-settings-content
       Before you can add a GPG key you need to
-      = link_to 'generate it.', help_page_path('workflow/gpg_signed_commits/index.md')
+      = link_to 'generate it.', help_page_path('user/project/gpg_signed_commits/index.md')
     = render 'form'
     %hr
     %h5
diff --git a/app/views/projects/_activity.html.haml b/app/views/projects/_activity.html.haml
index ad63f5e73ae..1f701f2aa1b 100644
--- a/app/views/projects/_activity.html.haml
+++ b/app/views/projects/_activity.html.haml
@@ -1,7 +1,7 @@
 %div{ class: container_class }
   .nav-block.activity-filter-block.activities
     .controls
-      = link_to project_path(@project, rss_url_options), title: "Subscribe", class: 'btn rss-btn has-tooltip' do
+      = link_to project_path(@project, rss_url_options), title: s_("ProjectActivityRSS|Subscribe"), class: 'btn rss-btn has-tooltip' do
         = icon('rss')
 
     = render 'shared/event_filter'
diff --git a/app/views/projects/_last_push.html.haml b/app/views/projects/_last_push.html.haml
index 1a71bfca2e2..56eecece54c 100644
--- a/app/views/projects/_last_push.html.haml
+++ b/app/views/projects/_last_push.html.haml
@@ -3,16 +3,16 @@
   .row-content-block.top-block.hidden-xs.white
     .event-last-push
       .event-last-push-text
-        %span You pushed to
+        %span= s_("LastPushEvent|You pushed to")
         %strong
           = link_to event.ref_name, project_commits_path(event.project, event.ref_name), class: 'ref-name'
 
         - if event.project != @project
-          %span at
+          %span= s_("LastPushEvent|at")
           %strong= link_to_project event.project
 
         #{time_ago_with_tooltip(event.created_at)}
 
       .pull-right
-        = link_to new_mr_path_from_push_event(event), title: "New merge request", class: "btn btn-info btn-sm" do
+        = link_to new_mr_path_from_push_event(event), title: _("New merge request"), class: "btn btn-info btn-sm" do
           #{ _('Create merge request') }
diff --git a/app/views/projects/_project_templates.html.haml b/app/views/projects/_project_templates.html.haml
index 21baf35f2ac..97cf13df070 100644
--- a/app/views/projects/_project_templates.html.haml
+++ b/app/views/projects/_project_templates.html.haml
@@ -5,6 +5,6 @@
     Blank
   - Gitlab::ProjectTemplate.all.each do |template|
     .btn
-      %input{ type: "radio",  autocomplete: "off", name: "project_templates", id: template.name }
+      %input{ type: "radio",  autocomplete: "off", name: "project[template_name]", id: template.name, value: template.name }
       = custom_icon(template.logo)
       = template.title
diff --git a/app/views/projects/activity.html.haml b/app/views/projects/activity.html.haml
index 9e2688e492e..5452c6db6a6 100644
--- a/app/views/projects/activity.html.haml
+++ b/app/views/projects/activity.html.haml
@@ -1,9 +1,9 @@
 - @no_container = true
 
 - if show_new_nav?
-  - add_to_breadcrumbs("Project", project_path(@project))
+  - add_to_breadcrumbs(_("Project"), project_path(@project))
 
-- page_title "Activity"
+- page_title _("Activity")
 = render "projects/head"
 
 = render 'projects/last_push'
diff --git a/app/views/projects/commit/_signature_badge.html.haml b/app/views/projects/commit/_signature_badge.html.haml
index 66f00eb5507..a3783b31b86 100644
--- a/app/views/projects/commit/_signature_badge.html.haml
+++ b/app/views/projects/commit/_signature_badge.html.haml
@@ -12,7 +12,7 @@
   %span.monospace= signature.gpg_key_primary_keyid
 
 
-  = link_to('Learn more about signing commits', help_page_path('workflow/gpg_signed_commits/index.md'), class: 'gpg-popover-help-link')
+  = link_to('Learn more about signing commits', help_page_path('user/project/gpg_signed_commits/index.md'), class: 'gpg-popover-help-link')
 
 %button{ class: css_classes, data: { toggle: 'popover', html: 'true', placement: 'auto top', title: title, content: content } }
   = label
diff --git a/app/views/projects/commits/_commit.html.haml b/app/views/projects/commits/_commit.html.haml
index e7da47032be..7e8a5a38086 100644
--- a/app/views/projects/commits/_commit.html.haml
+++ b/app/views/projects/commits/_commit.html.haml
@@ -5,7 +5,7 @@
   - notes = commit.notes
   - note_count = notes.user.count
 
-- cache_key = [project.full_path, commit.id, current_application_settings, note_count, @path.presence, current_controller?(:commits)]
+- cache_key = [project.full_path, commit.id, current_application_settings, note_count, @path.presence, current_controller?(:commits), I18n.locale]
 - cache_key.push(commit.status(ref)) if commit.status(ref)
 
 = cache(cache_key, expires_in: 1.day) do
diff --git a/app/views/projects/merge_requests/_discussion.html.haml b/app/views/projects/merge_requests/_discussion.html.haml
index b787edb3427..3303aa72604 100644
--- a/app/views/projects/merge_requests/_discussion.html.haml
+++ b/app/views/projects/merge_requests/_discussion.html.haml
@@ -4,8 +4,8 @@
       = link_to 'Close merge request', merge_request_path(@merge_request, merge_request: { state_event: :close }), method: :put, class: "btn btn-nr btn-comment btn-close close-mr-link js-note-target-close", title: "Close merge request", data: { original_text: "Close merge request", alternative_text: "Comment & close merge request"}
     - if @merge_request.reopenable?
       = link_to 'Reopen merge request', merge_request_path(@merge_request, merge_request: { state_event: :reopen }), method: :put, class: "btn btn-nr btn-comment btn-reopen reopen-mr-link js-note-target-close js-note-target-reopen", title: "Reopen merge request", data: { original_text: "Reopen merge request", alternative_text: "Comment & reopen merge request"}
-  %comment-and-resolve-btn{ "inline-template" => true, ":discussion-id" => "" }
-    %button.btn.btn-nr.btn-default.append-right-10.js-comment-resolve-button{ "v-if" => "showButton", type: "submit", data: { project_path: "#{project_path(@merge_request.project)}" } }
-      {{ buttonText }}
+    %comment-and-resolve-btn{ "inline-template" => true }
+      %button.btn.btn-nr.btn-default.append-right-10.js-comment-resolve-button{ "v-if" => "showButton", type: "submit", data: { project_path: "#{project_path(@merge_request.project)}" } }
+        {{ buttonText }}
 
 #notes= render "shared/notes/notes_with_form", :autocomplete => true
diff --git a/app/views/projects/new.html.haml b/app/views/projects/new.html.haml
index e3bbebbcf4c..647e0a772b1 100644
--- a/app/views/projects/new.html.haml
+++ b/app/views/projects/new.html.haml
@@ -25,7 +25,7 @@
               .form-group
                 = f.label :template_project, class: 'label-light' do
                   Create from template
-                  = link_to icon('question-circle'), help_page_path("public_access/public_access"), aria: { label: "What’s included in a template?" }, title: "What’s included in a template?", class: 'has-tooltip', data: { placement: 'top'}
+                  = link_to icon('question-circle'), help_page_path("gitlab-basics/create-project"), target: '_blank', aria: { label: "What’s included in a template?" }, title: "What’s included in a template?", class: 'has-tooltip', data: { placement: 'top'}
                 %div
                   = render 'project_templates', f: f
           .second-column
diff --git a/app/views/shared/_event_filter.html.haml b/app/views/shared/_event_filter.html.haml
index e50ab5fea09..151aad306a0 100644
--- a/app/views/shared/_event_filter.html.haml
+++ b/app/views/shared/_event_filter.html.haml
@@ -1,11 +1,11 @@
 %ul.nav-links.event-filter.scrolling-tabs
-  = event_filter_link EventFilter.all, 'All'
+  = event_filter_link EventFilter.all, _('All'), s_('EventFilterBy|Filter by all')
   - if event_filter_visible(:repository)
-    = event_filter_link EventFilter.push, 'Push events'
+    = event_filter_link EventFilter.push, _('Push events'), s_('EventFilterBy|Filter by push events')
   - if event_filter_visible(:merge_requests)
-    = event_filter_link EventFilter.merged, 'Merge events'
+    = event_filter_link EventFilter.merged, _('Merge events'), s_('EventFilterBy|Filter by merge events')
   - if event_filter_visible(:issues)
-    = event_filter_link EventFilter.issue, 'Issue events'
+    = event_filter_link EventFilter.issue, _('Issue events'), s_('EventFilterBy|Filter by issue events')
   - if comments_visible?
-    = event_filter_link EventFilter.comments, 'Comments'
-  = event_filter_link EventFilter.team, 'Team'
+    = event_filter_link EventFilter.comments, _('Comments'), s_('EventFilterBy|Filter by comments')
+  = event_filter_link EventFilter.team, _('Team'), s_('EventFilterBy|Filter by team')
diff --git a/app/views/shared/_import_form.html.haml b/app/views/shared/_import_form.html.haml
index 873179339dc..233d8c95eda 100644
--- a/app/views/shared/_import_form.html.haml
+++ b/app/views/shared/_import_form.html.haml
@@ -13,4 +13,4 @@
       %li
         The import will time out after 15 minutes. For repositories that take longer, use a clone/push combination.
       %li
-        To migrate an SVN repository, check out #{link_to "this document", help_page_path('workflow/importing/migrating_from_svn')}.
+        To migrate an SVN repository, check out #{link_to "this document", help_page_path('user/project/import/svn')}.
diff --git a/app/views/shared/issuable/_search_bar.html.haml b/app/views/shared/issuable/_search_bar.html.haml
index 1ad00461d76..f63b9698408 100644
--- a/app/views/shared/issuable/_search_bar.html.haml
+++ b/app/views/shared/issuable/_search_bar.html.haml
@@ -57,7 +57,7 @@
                 %li.filter-dropdown-item{ data: { value: 'none' } }
                   %button.btn.btn-link
                     No Assignee
-                %li.divider
+                %li.divider.droplab-item-ignore
                 - if current_user
                   = render 'shared/issuable/user_dropdown_item',
                     user: current_user
@@ -76,7 +76,7 @@
                 %li.filter-dropdown-item{ 'data-value' => 'started' }
                   %button.btn.btn-link
                     Started
-                %li.divider
+                %li.divider.droplab-item-ignore
               %ul.filter-dropdown{ data: { dynamic: true, dropdown: true } }
                 %li.filter-dropdown-item
                   %button.btn.btn-link.js-data-value
@@ -86,7 +86,7 @@
                 %li.filter-dropdown-item{ data: { value: 'none' } }
                   %button.btn.btn-link
                     No Label
-                %li.divider
+                %li.divider.droplab-item-ignore
               %ul.filter-dropdown{ data: { dynamic: true, dropdown: true } }
                 %li.filter-dropdown-item
                   %button.btn.btn-link
diff --git a/app/views/shared/milestones/_milestone.html.haml b/app/views/shared/milestones/_milestone.html.haml
index 6f6a036b13f..6a85f7d0564 100644
--- a/app/views/shared/milestones/_milestone.html.haml
+++ b/app/views/shared/milestones/_milestone.html.haml
@@ -32,7 +32,7 @@
         .col-sm-6.milestone-actions
           - if can?(current_user, :admin_milestones, @group)
             - if milestone.is_group_milestone?
-              = link_to edit_group_milestone_path(@group, milestone.id), class: "btn btn-xs btn-grouped" do
+              = link_to edit_group_milestone_path(@group, milestone), class: "btn btn-xs btn-grouped" do
                 Edit
               \
             - if milestone.closed?
diff --git a/app/views/shared/milestones/_sidebar.html.haml b/app/views/shared/milestones/_sidebar.html.haml
index 66ac8196f2f..40379f48393 100644
--- a/app/views/shared/milestones/_sidebar.html.haml
+++ b/app/views/shared/milestones/_sidebar.html.haml
@@ -1,7 +1,7 @@
 - affix_offset = local_assigns.fetch(:affix_offset, "50")
 - project = local_assigns[:project]
 
-%aside.right-sidebar.js-right-sidebar{ data: { "offset-top" => affix_offset, "spy" => "affix" }, class: sidebar_gutter_collapsed_class, 'aria-live' => 'polite' }
+%aside.right-sidebar.js-right-sidebar{ data: { "offset-top" => affix_offset, "spy" => "affix", "always-show-toggle" => true }, class: sidebar_gutter_collapsed_class, 'aria-live' => 'polite' }
   .issuable-sidebar.milestone-sidebar
     .block.milestone-progress.issuable-sidebar-header
       %a.gutter-toggle.pull-right.js-sidebar-toggle{ role: "button", href: "#", "aria-label" => "Toggle sidebar" }
diff --git a/app/views/shared/milestones/_top.html.haml b/app/views/shared/milestones/_top.html.haml
index b93837e3087..3014300fbe7 100644
--- a/app/views/shared/milestones/_top.html.haml
+++ b/app/views/shared/milestones/_top.html.haml
@@ -23,7 +23,7 @@
     .pull-right
       - if can?(current_user, :admin_milestones, group)
         - if milestone.is_group_milestone?
-          = link_to edit_group_milestone_path(group, milestone.iid), class: "btn btn btn-grouped" do
+          = link_to edit_group_milestone_path(group, milestone), class: "btn btn btn-grouped" do
             Edit
         - if milestone.active?
           = link_to 'Close Milestone', group_milestone_route(milestone, {state_event: :close }), method: :put, class: "btn btn-grouped btn-close"
diff --git a/app/workers/create_gpg_signature_worker.rb b/app/workers/create_gpg_signature_worker.rb
index 4f47717ff69..f34dff2d656 100644
--- a/app/workers/create_gpg_signature_worker.rb
+++ b/app/workers/create_gpg_signature_worker.rb
@@ -4,13 +4,9 @@ class CreateGpgSignatureWorker
 
   def perform(commit_sha, project_id)
     project = Project.find_by(id: project_id)
-
     return unless project
 
-    commit = project.commit(commit_sha)
-
-    return unless commit
-
-    commit.signature
+    # This calculates and caches the signature in the database
+    Gitlab::Gpg::Commit.new(project, commit_sha).signature
   end
 end
diff --git a/app/workers/gitlab_shell_worker.rb b/app/workers/gitlab_shell_worker.rb
index 964287a1793..0ec871e00e1 100644
--- a/app/workers/gitlab_shell_worker.rb
+++ b/app/workers/gitlab_shell_worker.rb
@@ -4,6 +4,6 @@ class GitlabShellWorker
   include DedicatedSidekiqQueue
 
   def perform(action, *arg)
-    gitlab_shell.send(action, *arg)
+    gitlab_shell.__send__(action, *arg) # rubocop:disable GitlabSecurity/PublicSend
   end
 end
diff --git a/app/workers/namespaceless_project_destroy_worker.rb b/app/workers/namespaceless_project_destroy_worker.rb
index bfae0c77700..a9073742ff7 100644
--- a/app/workers/namespaceless_project_destroy_worker.rb
+++ b/app/workers/namespaceless_project_destroy_worker.rb
@@ -24,10 +24,6 @@ class NamespacelessProjectDestroyWorker
 
     unlink_fork(project) if project.forked?
 
-    # Override Project#remove_pages for this instance so it doesn't do anything
-    def project.remove_pages
-    end
-
     project.destroy!
   end
 
diff --git a/app/workers/repository_fork_worker.rb b/app/workers/repository_fork_worker.rb
index a338523dc6b..cde5b45ad41 100644
--- a/app/workers/repository_fork_worker.rb
+++ b/app/workers/repository_fork_worker.rb
@@ -5,14 +5,17 @@ class RepositoryForkWorker
   include Gitlab::ShellAdapter
   include DedicatedSidekiqQueue
 
+  sidekiq_options status_expiration: StuckImportJobsWorker::IMPORT_JOBS_EXPIRATION
+
   def perform(project_id, forked_from_repository_storage_path, source_path, target_path)
+    project = Project.find(project_id)
+
+    return unless start_fork(project)
+
     Gitlab::Metrics.add_event(:fork_repository,
                               source_path: source_path,
                               target_path: target_path)
 
-    project = Project.find(project_id)
-    project.import_start
-
     result = gitlab_shell.fork_repository(forked_from_repository_storage_path, source_path,
                                           project.repository_storage_path, target_path)
     raise ForkError, "Unable to fork project #{project_id} for repository #{source_path} -> #{target_path}" unless result
@@ -33,6 +36,13 @@ class RepositoryForkWorker
 
   private
 
+  def start_fork(project)
+    return true if project.import_start
+
+    Rails.logger.info("Project #{project.full_path} was in inconsistent state (#{project.import_status}) while forking.")
+    false
+  end
+
   def fail_fork(project, message)
     Rails.logger.error(message)
     project.mark_import_as_failed(message)
diff --git a/app/workers/repository_import_worker.rb b/app/workers/repository_import_worker.rb
index 6be541abd3e..2c2d1e8b91f 100644
--- a/app/workers/repository_import_worker.rb
+++ b/app/workers/repository_import_worker.rb
@@ -4,23 +4,18 @@ class RepositoryImportWorker
   include Sidekiq::Worker
   include DedicatedSidekiqQueue
 
-  sidekiq_options status_expiration: StuckImportJobsWorker::IMPORT_EXPIRATION
-
-  attr_accessor :project, :current_user
+  sidekiq_options status_expiration: StuckImportJobsWorker::IMPORT_JOBS_EXPIRATION
 
   def perform(project_id)
-    @project = Project.find(project_id)
-    @current_user = @project.creator
+    project = Project.find(project_id)
 
-    project.import_start
+    return unless start_import(project)
 
     Gitlab::Metrics.add_event(:import_repository,
-                              import_url: @project.import_url,
-                              path: @project.full_path)
-
-    project.update_columns(import_jid: self.jid, import_error: nil)
+                              import_url: project.import_url,
+                              path: project.full_path)
 
-    result = Projects::ImportService.new(project, current_user).execute
+    result = Projects::ImportService.new(project, project.creator).execute
     raise ImportError, result[:message] if result[:status] == :error
 
     project.repository.after_import
@@ -37,6 +32,13 @@ class RepositoryImportWorker
 
   private
 
+  def start_import(project)
+    return true if project.import_start
+
+    Rails.logger.info("Project #{project.full_path} was in inconsistent state (#{project.import_status}) while importing.")
+    false
+  end
+
   def fail_import(project, message)
     project.mark_import_as_failed(message)
   end
diff --git a/app/workers/stuck_import_jobs_worker.rb b/app/workers/stuck_import_jobs_worker.rb
index bfc5e667bb6..f850e459cd9 100644
--- a/app/workers/stuck_import_jobs_worker.rb
+++ b/app/workers/stuck_import_jobs_worker.rb
@@ -2,36 +2,60 @@ class StuckImportJobsWorker
   include Sidekiq::Worker
   include CronjobQueue
 
-  IMPORT_EXPIRATION = 15.hours.to_i
+  IMPORT_JOBS_EXPIRATION = 15.hours.to_i
 
   def perform
-    stuck_projects.find_in_batches(batch_size: 500) do |group|
+    projects_without_jid_count = mark_projects_without_jid_as_failed!
+    projects_with_jid_count = mark_projects_with_jid_as_failed!
+
+    Gitlab::Metrics.add_event(:stuck_import_jobs,
+                             projects_without_jid_count: projects_without_jid_count,
+                             projects_with_jid_count: projects_with_jid_count)
+  end
+
+  private
+
+  def mark_projects_without_jid_as_failed!
+    started_projects_without_jid.each do |project|
+      project.mark_import_as_failed(error_message)
+    end.count
+  end
+
+  def mark_projects_with_jid_as_failed!
+    completed_jids_count = 0
+
+    started_projects_with_jid.find_in_batches(batch_size: 500) do |group|
       jids = group.map(&:import_jid)
 
       # Find the jobs that aren't currently running or that exceeded the threshold.
-      completed_jids = Gitlab::SidekiqStatus.completed_jids(jids)
+      completed_jids = Gitlab::SidekiqStatus.completed_jids(jids).to_set
 
       if completed_jids.any?
-        completed_ids = group.select { |project| completed_jids.include?(project.import_jid) }.map(&:id)
+        completed_jids_count += completed_jids.count
+        group.each do |project|
+          project.mark_import_as_failed(error_message) if completed_jids.include?(project.import_jid)
+        end
 
-        fail_batch!(completed_jids, completed_ids)
+        Rails.logger.info("Marked stuck import jobs as failed. JIDs: #{completed_jids.to_a.join(', ')}")
       end
     end
-  end
 
-  private
+    completed_jids_count
+  end
 
-  def stuck_projects
-    Project.select('id, import_jid').with_import_status(:started).where.not(import_jid: nil)
+  def started_projects
+    Project.with_import_status(:started)
   end
 
-  def fail_batch!(completed_jids, completed_ids)
-    Project.where(id: completed_ids).update_all(import_status: 'failed', import_error: error_message)
+  def started_projects_with_jid
+    started_projects.where.not(import_jid: nil)
+  end
 
-    Rails.logger.info("Marked stuck import jobs as failed. JIDs: #{completed_jids.join(', ')}")
+  def started_projects_without_jid
+    started_projects.where(import_jid: nil)
   end
 
   def error_message
-    "Import timed out. Import took longer than #{IMPORT_EXPIRATION} seconds"
+    "Import timed out. Import took longer than #{IMPORT_JOBS_EXPIRATION} seconds"
   end
 end
diff --git a/changelogs/unreleased/34049-public-commits-should-not-require-authentication.yml b/changelogs/unreleased/34049-public-commits-should-not-require-authentication.yml
new file mode 100644
index 00000000000..278ef2a8acb
--- /dev/null
+++ b/changelogs/unreleased/34049-public-commits-should-not-require-authentication.yml
@@ -0,0 +1,4 @@
+---
+title: Added tests for commits API unauthenticated user and public/private project
+merge_request: 13287
+author: Jacopo Beschi @jacopo-beschi
diff --git a/changelogs/unreleased/34643-fix-project-path-slugify.yml b/changelogs/unreleased/34643-fix-project-path-slugify.yml
new file mode 100644
index 00000000000..f7018a1aca5
--- /dev/null
+++ b/changelogs/unreleased/34643-fix-project-path-slugify.yml
@@ -0,0 +1,4 @@
+---
+title: Fix CI_PROJECT_PATH_SLUG slugify
+merge_request: 13350
+author: Ivan Chernov
diff --git a/changelogs/unreleased/35072-fix-pages-delete.yml b/changelogs/unreleased/35072-fix-pages-delete.yml
new file mode 100644
index 00000000000..21af2bde201
--- /dev/null
+++ b/changelogs/unreleased/35072-fix-pages-delete.yml
@@ -0,0 +1,5 @@
+---
+title: Fix deleting GitLab Pages files when a project is removed
+merge_request: 13631
+author:
+type: fixed
diff --git a/changelogs/unreleased/35343-inherit-milestones-and-labels.yml b/changelogs/unreleased/35343-inherit-milestones-and-labels.yml
new file mode 100644
index 00000000000..ce737a67356
--- /dev/null
+++ b/changelogs/unreleased/35343-inherit-milestones-and-labels.yml
@@ -0,0 +1,5 @@
+---
+title: inherits milestone and labels when a merge request is created from issue
+merge_request: 13461 
+author: haseebeqx
+type: added
diff --git a/changelogs/unreleased/36041-notification-title.yml b/changelogs/unreleased/36041-notification-title.yml
new file mode 100644
index 00000000000..7c5e0a0cd0d
--- /dev/null
+++ b/changelogs/unreleased/36041-notification-title.yml
@@ -0,0 +1,4 @@
+---
+title: Don't escape html entities in InlineDiffMarkdownMarker
+merge_request:
+author:
diff --git a/changelogs/unreleased/36087-users-cannot-delete-their-account.yml b/changelogs/unreleased/36087-users-cannot-delete-their-account.yml
new file mode 100644
index 00000000000..9ba75d8b1d0
--- /dev/null
+++ b/changelogs/unreleased/36087-users-cannot-delete-their-account.yml
@@ -0,0 +1,5 @@
+---
+title: allow all users to delete their account
+merge_request: 13636
+author: Jacopo Beschi @jacopo-beschi
+type: changed
diff --git a/changelogs/unreleased/36611-error-in-getcomposer-link.yml b/changelogs/unreleased/36611-error-in-getcomposer-link.yml
new file mode 100644
index 00000000000..1ff6ec01684
--- /dev/null
+++ b/changelogs/unreleased/36611-error-in-getcomposer-link.yml
@@ -0,0 +1,5 @@
+---
+title: Fix external link to Composer website
+merge_request:
+author:
+type: fixed
diff --git a/changelogs/unreleased/commits-list-page-limit.yml b/changelogs/unreleased/commits-list-page-limit.yml
new file mode 100644
index 00000000000..2fd54c5960a
--- /dev/null
+++ b/changelogs/unreleased/commits-list-page-limit.yml
@@ -0,0 +1,5 @@
+---
+title: Fix commit list not loading the correct page when scrolling
+merge_request:
+author:
+type: fixed
diff --git a/changelogs/unreleased/dm-commit-cache-i18n.yml b/changelogs/unreleased/dm-commit-cache-i18n.yml
new file mode 100644
index 00000000000..d47226fd408
--- /dev/null
+++ b/changelogs/unreleased/dm-commit-cache-i18n.yml
@@ -0,0 +1,5 @@
+---
+title: Commit rows would occasionally render with the wrong language
+merge_request:
+author:
+type: fixed
diff --git a/changelogs/unreleased/gitaly_ref_exists.yml b/changelogs/unreleased/gitaly_ref_exists.yml
new file mode 100644
index 00000000000..f62b646e406
--- /dev/null
+++ b/changelogs/unreleased/gitaly_ref_exists.yml
@@ -0,0 +1,4 @@
+---
+title: Implement the Gitaly RefService::RefExists endpoint
+merge_request: 13528
+author: Andrew Newdigate
diff --git a/changelogs/unreleased/issue_35580.yml b/changelogs/unreleased/issue_35580.yml
new file mode 100644
index 00000000000..3a94e771e25
--- /dev/null
+++ b/changelogs/unreleased/issue_35580.yml
@@ -0,0 +1,4 @@
+---
+title: Fix project milestones import when projects belongs to a group
+merge_request:
+author:
diff --git a/changelogs/unreleased/mk-fix-user-namespace-rename.yml b/changelogs/unreleased/mk-fix-user-namespace-rename.yml
new file mode 100644
index 00000000000..bb43b21f708
--- /dev/null
+++ b/changelogs/unreleased/mk-fix-user-namespace-rename.yml
@@ -0,0 +1,5 @@
+---
+title: Make username update fail if the namespace update fails
+merge_request: 13642
+author:
+type: fixed
diff --git a/changelogs/unreleased/rouge-2-2-0.yml b/changelogs/unreleased/rouge-2-2-0.yml
new file mode 100644
index 00000000000..0b53cd14628
--- /dev/null
+++ b/changelogs/unreleased/rouge-2-2-0.yml
@@ -0,0 +1,5 @@
+---
+title: Bump rouge to v2.2.0
+merge_request: 13633
+author:
+type: other
diff --git a/changelogs/unreleased/tc-git-tower-pagination-links.yml b/changelogs/unreleased/tc-git-tower-pagination-links.yml
new file mode 100644
index 00000000000..b99ef8c3c4c
--- /dev/null
+++ b/changelogs/unreleased/tc-git-tower-pagination-links.yml
@@ -0,0 +1,5 @@
+---
+title: Improve API pagination headers when no record found
+merge_request: 13629
+author: Jordan Patterson
+type: fixed
diff --git a/changelogs/unreleased/zj-remove-ci-api-v1.yml b/changelogs/unreleased/zj-remove-ci-api-v1.yml
new file mode 100644
index 00000000000..8f2dc321b36
--- /dev/null
+++ b/changelogs/unreleased/zj-remove-ci-api-v1.yml
@@ -0,0 +1,5 @@
+---
+title: Remove CI API v1
+merge_request:
+author:
+type: removed
diff --git a/changelogs/unreleased/zj-upgrade-grape.yml b/changelogs/unreleased/zj-upgrade-grape.yml
new file mode 100644
index 00000000000..daa6a234c07
--- /dev/null
+++ b/changelogs/unreleased/zj-upgrade-grape.yml
@@ -0,0 +1,5 @@
+---
+title: Upgrade grape to 1.0
+merge_request:
+author:
+type: other
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index e73db08fcac..25285525846 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -649,6 +649,9 @@ test:
       default:
         path: tmp/tests/repositories/
         gitaly_address: unix:tmp/tests/gitaly/gitaly.socket
+        failure_count_threshold: 999999
+        failure_wait_time: 0
+        storage_timeout: 30
       broken:
         path: tmp/tests/non-existent-repositories
         gitaly_address: unix:tmp/tests/gitaly/gitaly.socket
diff --git a/config/initializers/0_acts_as_taggable.rb b/config/initializers/0_acts_as_taggable.rb
index 54e9fcc31db..50dc47673ab 100644
--- a/config/initializers/0_acts_as_taggable.rb
+++ b/config/initializers/0_acts_as_taggable.rb
@@ -5,5 +5,5 @@ ActsAsTaggableOn.strict_case_match = true
 ActsAsTaggableOn.tags_counter = false
 
 # validate that counter cache is disabled
-raise "Counter cache is not disabled" if 
+raise "Counter cache is not disabled" if
     ActsAsTaggableOn::Tagging.reflections["tag"].options[:counter_cache]
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 5c6578d3531..abaabad5d65 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -1,3 +1,5 @@
+# rubocop:disable GitlabSecurity/PublicSend
+
 require_dependency Rails.root.join('lib/gitlab') # Load Gitlab as soon as possible
 
 class Settings < Settingslogic
@@ -137,6 +139,8 @@ if Settings.ldap['enabled'] || Rails.env.test?
   end
 
   Settings.ldap['servers'].each do |key, server|
+    server = Settingslogic.new(server)
+
     server['label'] ||= 'LDAP'
     server['timeout'] ||= 10.seconds
     server['block_auto_created_users'] = false if server['block_auto_created_users'].nil?
@@ -163,6 +167,8 @@ if Settings.ldap['enabled'] || Rails.env.test?
       MSG
       Rails.logger.warn(message)
     end
+
+    Settings.ldap['servers'][key] = server
   end
 end
 
@@ -434,7 +440,9 @@ unless Settings.repositories.storages['default']
   Settings.repositories.storages['default']['path'] ||= Settings.gitlab['user_home'] + '/repositories/'
 end
 
-Settings.repositories.storages.values.each do |storage|
+Settings.repositories.storages.each do |key, storage|
+  storage = Settingslogic.new(storage)
+
   # Expand relative paths
   storage['path'] = Settings.absolute(storage['path'])
   # Set failure defaults
@@ -448,6 +456,8 @@ Settings.repositories.storages.values.each do |storage|
   storage['failure_reset_time'] = storage['failure_reset_time'].to_i
   # We might want to have a timeout shorter than 1 second.
   storage['storage_timeout'] = storage['storage_timeout'].to_f
+
+  Settings.repositories.storages[key] = storage
 end
 
 #
diff --git a/config/initializers/6_validations.rb b/config/initializers/6_validations.rb
index 92ce4dd03cd..f8e67ce04c9 100644
--- a/config/initializers/6_validations.rb
+++ b/config/initializers/6_validations.rb
@@ -37,12 +37,12 @@ def validate_storages_config
       storage_validation_error("#{name} is not a valid storage, because it has no `path` key. Refer to gitlab.yml.example for an updated example")
     end
 
-    %w(failure_count_threshold failure_wait_time failure_reset_time storage_timeout).each do |setting|
+    %w(failure_count_threshold failure_reset_time storage_timeout).each do |setting|
       # Falling back to the defaults is fine!
       next if repository_storage[setting].nil?
 
       unless repository_storage[setting].to_f > 0
-        storage_validation_error("#{setting}, for storage `#{name}` needs to be greater than 0")
+        storage_validation_error("`#{setting}` for storage `#{name}` needs to be greater than 0")
       end
     end
   end
diff --git a/config/initializers/active_record_array_type_casting.rb b/config/initializers/active_record_array_type_casting.rb
new file mode 100644
index 00000000000..d94d592add6
--- /dev/null
+++ b/config/initializers/active_record_array_type_casting.rb
@@ -0,0 +1,20 @@
+module ActiveRecord
+  class PredicateBuilder
+    class ArrayHandler
+      module TypeCasting
+        def call(attribute, value)
+          # This is necessary because by default ActiveRecord does not respect
+          # custom type definitions (like our `ShaAttribute`) when providing an
+          # array in `where`, like in `where(commit_sha: [sha1, sha2, sha3])`.
+          model = attribute.relation&.engine
+          type = model.user_provided_columns[attribute.name] if model
+          value = value.map { |value| type.type_cast_for_database(value) } if type
+
+          super(attribute, value)
+        end
+      end
+
+      prepend TypeCasting
+    end
+  end
+end
diff --git a/config/initializers/static_files.rb b/config/initializers/static_files.rb
index 9ed96ddb0b4..943e01f1496 100644
--- a/config/initializers/static_files.rb
+++ b/config/initializers/static_files.rb
@@ -1,15 +1,15 @@
 app = Rails.application
 
 if app.config.serve_static_files
-  # The `ActionDispatch::Static` middleware intercepts requests for static files 
-  # by checking if they exist in the `/public` directory. 
+  # The `ActionDispatch::Static` middleware intercepts requests for static files
+  # by checking if they exist in the `/public` directory.
   # We're replacing it with our `Gitlab::Middleware::Static` that does the same,
   # except ignoring `/uploads`, letting those go through to the GitLab Rails app.
 
   app.config.middleware.swap(
-    ActionDispatch::Static, 
-    Gitlab::Middleware::Static, 
-    app.paths["public"].first, 
+    ActionDispatch::Static,
+    Gitlab::Middleware::Static,
+    app.paths["public"].first,
     app.config.static_cache_control
   )
 
diff --git a/config/initializers/trusted_proxies.rb b/config/initializers/trusted_proxies.rb
index fc4f02453d7..0c32528311e 100644
--- a/config/initializers/trusted_proxies.rb
+++ b/config/initializers/trusted_proxies.rb
@@ -2,7 +2,7 @@
 # as the ActionDispatch::Request object. This is necessary for libraries
 # like rack_attack where they don't use ActionDispatch, and we want them
 # to block/throttle requests on private networks.
-# Rack Attack specific issue: https://github.com/kickstarter/rack-attack/issues/145 
+# Rack Attack specific issue: https://github.com/kickstarter/rack-attack/issues/145
 module Rack
   class Request
     def trusted_proxy?(ip)
diff --git a/config/routes/ci.rb b/config/routes/ci.rb
index 8d23aa8fbf6..cbd4c2db852 100644
--- a/config/routes/ci.rb
+++ b/config/routes/ci.rb
@@ -1,8 +1,4 @@
 namespace :ci do
-  # CI API
-  Ci::API::API.logger Rails.logger
-  mount Ci::API::API => '/api'
-
   resource :lint, only: [:show, :create]
 
   root to: redirect('/')
diff --git a/config/routes/repository.rb b/config/routes/repository.rb
index 57b7c55423d..9ffdebbcff1 100644
--- a/config/routes/repository.rb
+++ b/config/routes/repository.rb
@@ -3,7 +3,7 @@
 resource :repository, only: [:create] do
   member do
     get ':ref/archive', constraints: { format: Gitlab::PathRegex.archive_formats_regex, ref: /.+/ }, action: 'archive', as: 'archive'
-    
+
     # deprecated since GitLab 9.5
     get 'archive', constraints: { format: Gitlab::PathRegex.archive_formats_regex }, as: 'archive_alternative'
   end
diff --git a/config/webpack.config.js b/config/webpack.config.js
index 6a347c2e660..8aa938d538e 100644
--- a/config/webpack.config.js
+++ b/config/webpack.config.js
@@ -76,7 +76,6 @@ var config = {
     terminal:             './terminal/terminal_bundle.js',
     u2f:                  ['vendor/u2f'],
     ui_development_kit:   './ui_development_kit.js',
-    users:                './users/index.js',
     raven:                './raven/index.js',
     vue_merge_request_widget: './vue_merge_request_widget/index.js',
     test:                 './test.js',
@@ -277,14 +276,9 @@ if (IS_PRODUCTION) {
     })
   );
 
-  // zopfli requires a lot of compute time and is disabled in CI
+  // compression can require a lot of compute time and is disabled in CI
   if (!NO_COMPRESSION) {
-    // gracefully fall back to gzip if `node-zopfli` is unavailable (e.g. in CentOS 6)
-    try {
-      config.plugins.push(new CompressionPlugin({ algorithm: 'zopfli' }));
-    } catch(err) {
-      config.plugins.push(new CompressionPlugin({ algorithm: 'gzip' }));
-    }
+    config.plugins.push(new CompressionPlugin());
   }
 }
 
diff --git a/db/migrate/20161020075830_default_request_access_projects.rb b/db/migrate/20161020075830_default_request_access_projects.rb
index cb790291b24..a3a53350e8d 100644
--- a/db/migrate/20161020075830_default_request_access_projects.rb
+++ b/db/migrate/20161020075830_default_request_access_projects.rb
@@ -1,7 +1,7 @@
 class DefaultRequestAccessProjects < ActiveRecord::Migration
   include Gitlab::Database::MigrationHelpers
   DOWNTIME = false
-  
+
   def up
     change_column_default :projects, :request_access_enabled, false
   end
diff --git a/db/migrate/20170820100558_correct_protected_tags_foreign_keys.rb b/db/migrate/20170820100558_correct_protected_tags_foreign_keys.rb
new file mode 100644
index 00000000000..229298e1946
--- /dev/null
+++ b/db/migrate/20170820100558_correct_protected_tags_foreign_keys.rb
@@ -0,0 +1,35 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class CorrectProtectedTagsForeignKeys < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    remove_foreign_key_without_error(:protected_tag_create_access_levels,
+                                     column: :protected_tag_id)
+
+    execute <<-EOF
+    DELETE FROM protected_tag_create_access_levels
+    WHERE NOT EXISTS (
+      SELECT true
+      FROM protected_tags
+      WHERE protected_tag_create_access_levels.protected_tag_id = protected_tags.id
+    )
+    AND protected_tag_id IS NOT NULL
+    EOF
+
+    add_concurrent_foreign_key(:protected_tag_create_access_levels,
+                               :protected_tags,
+                               column: :protected_tag_id)
+  end
+
+  def down
+    # Previously there was a foreign key without a CASCADING DELETE, so we'll
+    # just leave the foreign key in place.
+  end
+end
diff --git a/db/post_migrate/20170503004427_update_retried_for_ci_build.rb b/db/post_migrate/20170503004427_update_retried_for_ci_build.rb
index 705e11ed47d..3a4d6c4916b 100644
--- a/db/post_migrate/20170503004427_update_retried_for_ci_build.rb
+++ b/db/post_migrate/20170503004427_update_retried_for_ci_build.rb
@@ -21,7 +21,7 @@ class UpdateRetriedForCiBuild < ActiveRecord::Migration
   private
 
   def up_mysql
-    # This is a trick to overcome MySQL limitation: 
+    # This is a trick to overcome MySQL limitation:
     # Mysql2::Error: Table 'ci_builds' is specified twice, both as a target for 'UPDATE' and as a separate source for data
     # However, this leads to create a temporary table from `max(ci_builds.id)` which is slow and do full database update
     execute <<-SQL.strip_heredoc
diff --git a/db/post_migrate/20170523083112_migrate_old_artifacts.rb b/db/post_migrate/20170523083112_migrate_old_artifacts.rb
index f2690bd0017..3a77b9751d3 100644
--- a/db/post_migrate/20170523083112_migrate_old_artifacts.rb
+++ b/db/post_migrate/20170523083112_migrate_old_artifacts.rb
@@ -7,7 +7,7 @@ class MigrateOldArtifacts < ActiveRecord::Migration
 
   # This uses special heuristic to find potential candidates for data migration
   # Read more about this here: https://gitlab.com/gitlab-org/gitlab-ce/issues/32036#note_30422345
-  
+
   def up
     builds_with_artifacts.find_each do |build|
       build.migrate_artifacts!
@@ -51,14 +51,14 @@ class MigrateOldArtifacts < ActiveRecord::Migration
     private
 
     def source_artifacts_path
-      @source_artifacts_path ||= 
+      @source_artifacts_path ||=
         File.join(Gitlab.config.artifacts.path,
           created_at.utc.strftime('%Y_%m'),
           ci_id.to_s, id.to_s)
     end
 
     def target_artifacts_path
-      @target_artifacts_path ||= 
+      @target_artifacts_path ||=
         File.join(Gitlab.config.artifacts.path,
           created_at.utc.strftime('%Y_%m'),
           project_id.to_s, id.to_s)
diff --git a/db/post_migrate/20170815060945_remove_duplicate_mr_events.rb b/db/post_migrate/20170815060945_remove_duplicate_mr_events.rb
new file mode 100644
index 00000000000..6132b553177
--- /dev/null
+++ b/db/post_migrate/20170815060945_remove_duplicate_mr_events.rb
@@ -0,0 +1,26 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class RemoveDuplicateMrEvents < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+  DOWNTIME = false
+
+  class Event < ActiveRecord::Base
+    self.table_name = 'events'
+  end
+
+  def up
+    base_condition = "action = 1 AND target_type = 'MergeRequest' AND created_at > '2017-08-13'"
+    Event.select('target_id, count(*)')
+      .where(base_condition)
+      .group('target_id').having('count(*) > 1').each do |event|
+      duplicates = Event.where("#{base_condition} AND target_id = #{event.target_id}").pluck(:id)
+      duplicates.shift
+
+      Event.where(id: duplicates).delete_all
+    end
+  end
+
+  def down
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 46430a5759e..c31bff3a8f2 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20170809161910) do
+ActiveRecord::Schema.define(version: 20170820100558) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -1728,7 +1728,7 @@ ActiveRecord::Schema.define(version: 20170809161910) do
   add_foreign_key "protected_branch_push_access_levels", "protected_branches", name: "fk_9ffc86a3d9", on_delete: :cascade
   add_foreign_key "protected_branches", "projects", name: "fk_7a9c6d93e7", on_delete: :cascade
   add_foreign_key "protected_tag_create_access_levels", "namespaces", column: "group_id"
-  add_foreign_key "protected_tag_create_access_levels", "protected_tags"
+  add_foreign_key "protected_tag_create_access_levels", "protected_tags", name: "fk_f7dfda8c51", on_delete: :cascade
   add_foreign_key "protected_tag_create_access_levels", "users"
   add_foreign_key "protected_tags", "projects", name: "fk_8e4af87648", on_delete: :cascade
   add_foreign_key "push_event_payloads", "events_for_migration", column: "event_id", name: "fk_36c74129da", on_delete: :cascade
diff --git a/doc/README.md b/doc/README.md
index 547541c4876..76d4c3e51fe 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -98,11 +98,11 @@ Manage your [repositories](user/project/repository/index.md) from the UI (user i
 - [Git](topics/git/index.md): Getting started with Git, branching strategies, Git LFS, advanced use.
 - [Git cheatsheet](https://gitlab.com/gitlab-com/marketing/raw/master/design/print/git-cheatsheet/print-pdf/git-cheatsheet.pdf): Download a PDF describing the most used Git operations.
 - [GitLab Flow](workflow/gitlab_flow.md): explore the best of Git with the GitLab Flow strategy.
-- [Signing commits](workflow/gpg_signed_commits/index.md): use GPG to sign your commits.
+- [Signing commits](user/project/gpg_signed_commits/index.md): use GPG to sign your commits.
 
 ### Migrate and import your projects from other platforms
 
-- [Importing to GitLab](workflow/importing/README.md): Import your projects from GitHub, Bitbucket, GitLab.com, FogBugz and SVN into GitLab.
+- [Importing to GitLab](user/project/import/index.md): Import your projects from GitHub, Bitbucket, GitLab.com, FogBugz and SVN into GitLab.
 - [Migrating from SVN](workflow/importing/migrating_from_svn.md): Convert a SVN repository to Git and GitLab.
 
 ### Continuous Integration, Delivery, and Deployment
diff --git a/doc/api/README.md b/doc/api/README.md
index 8acb2145f1a..266b5f018d9 100644
--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -55,15 +55,10 @@ following locations:
 - [Tags](tags.md)
 - [Todos](todos.md)
 - [Users](users.md)
-- [Validate CI configuration](ci/lint.md)
+- [Validate CI configuration](lint.md)
 - [V3 to V4](v3_to_v4.md)
 - [Version](version.md)
 
-The following documentation is for the [internal CI API](ci/README.md):
-
-- [Builds](ci/builds.md)
-- [Runners](ci/runners.md)
-
 ## Road to GraphQL
 
 Going forward, we will start on moving to
diff --git a/doc/api/ci/README.md b/doc/api/ci/README.md
deleted file mode 100644
index 96a281e27c8..00000000000
--- a/doc/api/ci/README.md
+++ /dev/null
@@ -1,24 +0,0 @@
-# GitLab CI API
-
-## Purpose
-
-The main purpose of GitLab CI API is to provide the necessary data and context
-for GitLab CI Runners.
-
-All relevant information about the consumer API can be found in a
-[separate document](../../api/README.md).
-
-## API Prefix
-
-The current CI API prefix is `/ci/api/v1`.
-
-You need to prepend this prefix to all examples in this documentation, like:
-
-```bash
-GET /ci/api/v1/builds/:id/artifacts
-```
-
-## Resources
-
-- [Builds](builds.md)
-- [Runners](runners.md)
diff --git a/doc/api/ci/builds.md b/doc/api/ci/builds.md
deleted file mode 100644
index c8374d94716..00000000000
--- a/doc/api/ci/builds.md
+++ /dev/null
@@ -1,147 +0,0 @@
-# Builds API
-
-API used by runners to receive and update builds.
-
->**Note:**
-This API is intended to be used only by Runners as their own
-communication channel. For the consumer API see the
-[Jobs API](../jobs.md).
-
-## Authentication
-
-This API uses two types of authentication:
-
-1. Unique Runner's token which is the token assigned to the Runner after it
-   has been registered.
-
-2. Using the build authorization token.
-   This is project's CI token that can be found under the **Builds** section of
-   a project's settings. The build authorization token can be passed as a
-   parameter or a value of `BUILD-TOKEN` header.
-
-These two methods of authentication are interchangeable.
-
-## Builds
-
-### Runs oldest pending build by runner
-
-```
-POST /ci/api/v1/builds/register
-```
-
-| Attribute | Type    | Required | Description         |
-|-----------|---------|----------|---------------------|
-| `token`   | string  | yes      | Unique runner token |
-
-
-```
-curl --request POST "https://gitlab.example.com/ci/api/v1/builds/register" --form "token=t0k3n"
-```
-
-**Responses:**
-
-| Status | Data |Description                                                                |
-|--------|------|---------------------------------------------------------------------------|
-| `201`  | yes  | When a build is scheduled for a runner                                    |
-| `204`  | no   | When no builds are scheduled for a runner (for GitLab Runner >= `v1.3.0`) |
-| `403`  | no   | When invalid token is used or no token is sent                            |
-| `404`  | no   | When no builds are scheduled for a runner (for GitLab Runner < `v1.3.0`) **or** when the runner is set to `paused` in GitLab runner's configuration page |
-
-### Update details of an existing build
-
-```
-PUT /ci/api/v1/builds/:id
-```
-
-| Attribute | Type    | Required | Description          |
-|-----------|---------|----------|----------------------|
-| `id`      | integer | yes      | The ID of a project  |
-| `token`   | string  | yes      | Unique runner token  |
-| `state`   | string  | no       | The state of a build |
-| `trace`   | string  | no       | The trace of a build |
-
-```
-curl --request PUT "https://gitlab.example.com/ci/api/v1/builds/1234" --form "token=t0k3n" --form "state=running" --form "trace=Running git clone...\n"
-```
-
-### Incremental build trace update
-
-Using this method you need to send trace content as a request body. You also need to provide the `Content-Range` header
-with a range of sent trace part. Note that you need to send parts in the proper order, so the begining of the part
-must start just after the end of the previous part. If you provide the wrong part, then GitLab CI API will return `416
-Range Not Satisfiable` response with a header `Range: 0-X`, where `X` is the current trace length.
-
-For example, if you receive `Range: 0-11` in the response, then your next part must contain a `Content-Range: 11-...`
-header and a trace part covered by this range.
-
-For a valid update API will return `202` response with:
-* `Build-Status: {status}` header containing current status of the build,
-* `Range: 0-{length}` header with the current trace length.
-
-```
-PATCH /ci/api/v1/builds/:id/trace.txt
-```
-
-Parameters:
-
-| Attribute | Type    | Required | Description          |
-|-----------|---------|----------|----------------------|
-| `id`      | integer | yes      | The ID of a build    |
-
-Headers:
-
-| Attribute       | Type    | Required | Description                       |
-|-----------------|---------|----------|-----------------------------------|
-| `BUILD-TOKEN`   | string  | yes      | The build authorization token     |
-| `Content-Range` | string  | yes      | Bytes range of trace that is sent |
-
-```
-curl --request PATCH "https://gitlab.example.com/ci/api/v1/builds/1234/trace.txt" --header "BUILD-TOKEN=build_t0k3n" --header "Content-Range=0-21" --data "Running git clone...\n"
-```
-
-
-### Upload artifacts to build
-
-```
-POST /ci/api/v1/builds/:id/artifacts
-```
-
-| Attribute | Type    | Required | Description                   |
-|-----------|---------|----------|-------------------------------|
-| `id`      | integer | yes      | The ID of a build             |
-| `token`   | string  | yes      | The build authorization token |
-| `file`    | mixed   | yes      | Artifacts file                |
-
-```
-curl --request POST "https://gitlab.example.com/ci/api/v1/builds/1234/artifacts" --form "token=build_t0k3n" --form "file=@/path/to/file"
-```
-
-### Download the artifacts file from build
-
-```
-GET /ci/api/v1/builds/:id/artifacts
-```
-
-| Attribute | Type    | Required | Description                   |
-|-----------|---------|----------|-------------------------------|
-| `id`      | integer | yes      | The ID of a build             |
-| `token`   | string  | yes      | The build authorization token |
-
-```
-curl "https://gitlab.example.com/ci/api/v1/builds/1234/artifacts" --form "token=build_t0k3n"
-```
-
-### Remove the artifacts file from build
-
-```
-DELETE /ci/api/v1/builds/:id/artifacts
-```
-
-| Attribute | Type    | Required | Description                   |
-|-----------|---------|----------|-------------------------------|
-| ` id`     | integer | yes      | The ID of a build             |
-| `token`   | string  | yes      | The build authorization token |
-
-```
-curl --request DELETE "https://gitlab.example.com/ci/api/v1/builds/1234/artifacts" --form "token=build_t0k3n"
-```
diff --git a/doc/api/ci/runners.md b/doc/api/ci/runners.md
deleted file mode 100644
index 342c039dad8..00000000000
--- a/doc/api/ci/runners.md
+++ /dev/null
@@ -1,59 +0,0 @@
-# Register and Delete Runners API
-
-API used by Runners to register and delete themselves.
-
->**Note:**
-This API is intended to be used only by Runners as their own
-communication channel. For the consumer API see the
-[new Runners API](../runners.md).
-
-## Authentication
-
-This API uses two types of authentication:
-
-1. Unique Runner's token, which is the token assigned to the Runner after it
-   has been registered.  This token can be found on the Runner's edit page (go to
-   **Project > Runners**, select one of the Runners listed under **Runners activated for
-   this project**).
-
-2. Using Runners' registration token.
-   This is a token that can be found in project's settings.
-   It can also be found in the **Admin > Runners** settings area.
-   There are two types of tokens you can pass: shared Runner registration
-   token or project specific registration token.
-
-## Register a new runner
-
-Used to make GitLab CI aware of available runners.
-
-```sh
-POST /ci/api/v1/runners/register
-```
-
-| Attribute | Type    | Required  | Description |
-| --------- | ------- | --------- | ----------- |
-| `token`   | string  | yes       | Runner's registration token |
-
-Example request:
-
-```sh
-curl --request POST "https://gitlab.example.com/ci/api/v1/runners/register" --form "token=t0k3n"
-```
-
-## Delete a Runner
-
-Used to remove a Runner.
-
-```sh
-DELETE /ci/api/v1/runners/delete
-```
-
-| Attribute | Type    | Required  | Description |
-| --------- | ------- | --------- | ----------- |
-| `token`   | string  | yes       | Unique Runner's token |
-
-Example request:
-
-```sh
-curl --request DELETE "https://gitlab.example.com/ci/api/v1/runners/delete" --form "token=t0k3n"
-```
diff --git a/doc/api/group_level_variables.md b/doc/api/group_level_variables.md
index e19be7b35c4..33c6da08018 100644
--- a/doc/api/group_level_variables.md
+++ b/doc/api/group_level_variables.md
@@ -1,5 +1,7 @@
 # Group-level Variables  API
 
+> [Introduced][ce-34519] in GitLab 9.5
+
 ## List group variables
 
 Get list of a group's variables.
@@ -123,3 +125,5 @@ DELETE /groups/:id/variables/:key
 ```
 curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/groups/1/variables/VARIABLE_1"
 ```
+
+[ce-34519]: https://gitlab.com/gitlab-org/gitlab-ce/issues/34519
diff --git a/doc/api/ci/lint.md b/doc/api/lint.md
index e4a6dc809b1..bd5a216a99d 100644
--- a/doc/api/ci/lint.md
+++ b/doc/api/lint.md
@@ -5,7 +5,7 @@
 Checks if your .gitlab-ci.yml file is valid.
 
 ```
-POST ci/lint
+POST /lint
 ```
 
 | Attribute  | Type    | Required | Description |
@@ -49,3 +49,4 @@ Example responses:
     ```
 
 [ce-5953]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5953
+
diff --git a/doc/api/project_snippets.md b/doc/api/project_snippets.md
index d74398c6e65..24c8ff5fa7a 100644
--- a/doc/api/project_snippets.md
+++ b/doc/api/project_snippets.md
@@ -150,4 +150,4 @@ Example response:
 }
 ```
 
-[ce-[ce-29508]: https://gitlab.com/gitlab-org/gitlab-ce/issues/29508]: https://gitlab.com/gitlab-org/gitlab-ce/issues/29508
+[ce-29508]: https://gitlab.com/gitlab-org/gitlab-ce/issues/29508
diff --git a/doc/articles/index.md b/doc/articles/index.md
index 3039faca411..1aa65504852 100644
--- a/doc/articles/index.md
+++ b/doc/articles/index.md
@@ -17,8 +17,8 @@ Explore GitLab's supported [authentications methods](../topics/authentication/in
 | Article title | Category | Publishing date |
 | :------------ | :------: | --------------: |
 | **LDAP** |
-| [How to configure LDAP with GitLab CE](how_to_configure_ldap_gitlab_ce/index.md)| Admin guide | 2017/05/03 |
-| [How to configure LDAP with GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/) | Admin guide | 2017/05/03 |
+| [How to configure LDAP with GitLab CE](how_to_configure_ldap_gitlab_ce/index.md)| Admin guide | 2017-05-03 |
+| [How to configure LDAP with GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/) | Admin guide | 2017-05-03 |
 
 ## Build, test, and deploy with GitLab CI/CD
 
@@ -27,17 +27,17 @@ Build, test, and deploy the software you develop with [GitLab CI/CD](../ci/READM
 | Article title | Category | Publishing date |
 | :------------ | :------: | --------------: |
 | [How to deploy Maven projects to Artifactory with GitLab CI/CD](artifactory_and_gitlab/index.md) | Tutorial | 2017-08-15 |
-| [Making CI Easier with GitLab](https://about.gitlab.com/2017/07/13/making-ci-easier-with-gitlab/) | Concepts | 2017/07/13 |
-| [Dockerizing GitLab Review Apps](https://about.gitlab.com/2017/07/11/dockerizing-review-apps/) | Concepts | 2017/07/11 |
-| [Continuous Integration: From Jenkins to GitLab Using Docker](https://about.gitlab.com/2017/07/27/docker-my-precious/) | Concepts | 2017/07/27 |
-| [Continuous Delivery of a Spring Boot application with GitLab CI and Kubernetes](https://about.gitlab.com/2016/12/14/continuous-delivery-of-a-spring-boot-application-with-gitlab-ci-and-kubernetes/) | Tutorial | 2016/12/14 |
-| [Setting up GitLab CI for Android projects](https://about.gitlab.com/2016/11/30/setting-up-gitlab-ci-for-android-projects/) | Tutorial | 2016/11/30 |
-| [Automated Debian Package Build with GitLab CI](https://about.gitlab.com/2016/10/12/automated-debian-package-build-with-gitlab-ci/) | Tutorial | 2016/10/12 |
-| [Building an Elixir Release into a Docker image using GitLab CI](https://about.gitlab.com/2016/08/11/building-an-elixir-release-into-docker-image-using-gitlab-ci-part-1/) | Tutorial | 2016/08/11 |
-| [Continuous Delivery with GitLab and Convox](https://about.gitlab.com/2016/06/09/continuous-delivery-with-gitlab-and-convox/) | Technical overview | 2016/06/09 |
-| [GitLab Container Registry](https://about.gitlab.com/2016/05/23/gitlab-container-registry/) | Technical overview | 2016/05/23 |
-| [How to use GitLab CI and MacStadium to build your macOS or iOS projects](https://about.gitlab.com/2017/05/15/how-to-use-macstadium-and-gitlab-ci-to-build-your-macos-or-ios-projects/) | Technical overview | 2017/05/15 |
-| [Setting up GitLab CI for iOS projects](https://about.gitlab.com/2016/03/10/setting-up-gitlab-ci-for-ios-projects/) | Tutorial | 2016/03/10 |
+| [Making CI Easier with GitLab](https://about.gitlab.com/2017/07/13/making-ci-easier-with-gitlab/) | Concepts | 2017-07-13 |
+| [Dockerizing GitLab Review Apps](https://about.gitlab.com/2017/07/11/dockerizing-review-apps/) | Concepts | 2017-07-11 |
+| [Continuous Integration: From Jenkins to GitLab Using Docker](https://about.gitlab.com/2017/07/27/docker-my-precious/) | Concepts | 2017-07-27 |
+| [Continuous Delivery of a Spring Boot application with GitLab CI and Kubernetes](https://about.gitlab.com/2016/12/14/continuous-delivery-of-a-spring-boot-application-with-gitlab-ci-and-kubernetes/) | Tutorial | 2016-12-14 |
+| [Setting up GitLab CI for Android projects](https://about.gitlab.com/2016/11/30/setting-up-gitlab-ci-for-android-projects/) | Tutorial | 2016-11-30 |
+| [Automated Debian Package Build with GitLab CI](https://about.gitlab.com/2016/10/12/automated-debian-package-build-with-gitlab-ci/) | Tutorial | 2016-10-12 |
+| [Building an Elixir Release into a Docker image using GitLab CI](https://about.gitlab.com/2016/08/11/building-an-elixir-release-into-docker-image-using-gitlab-ci-part-1/) | Tutorial | 2016-08-11 |
+| [Continuous Delivery with GitLab and Convox](https://about.gitlab.com/2016/06/09/continuous-delivery-with-gitlab-and-convox/) | Technical overview | 2016-06-09 |
+| [GitLab Container Registry](https://about.gitlab.com/2016/05/23/gitlab-container-registry/) | Technical overview | 2016-05-23 |
+| [How to use GitLab CI and MacStadium to build your macOS or iOS projects](https://about.gitlab.com/2017/05/15/how-to-use-macstadium-and-gitlab-ci-to-build-your-macos-or-ios-projects/) | Technical overview | 2017-05-15 |
+| [Setting up GitLab CI for iOS projects](https://about.gitlab.com/2016/03/10/setting-up-gitlab-ci-for-ios-projects/) | Tutorial | 2016-03-10 |
 
 ## Git
 
@@ -45,10 +45,11 @@ Learn how to use [Git with GitLab](../topics/git/index.md):
 
 | Article title | Category | Publishing date |
 | :------------ | :------: | --------------: |
-| [Why Git is Worth the Learning Curve](https://about.gitlab.com/2017/05/17/learning-curve-is-the-biggest-challenge-developers-face-with-git/) | Concepts | 2017/05/17 |
-| [How to install Git](how_to_install_git/index.md) | Tutorial | 2017/05/15 |
-| [Getting Started with Git LFS](https://about.gitlab.com/2017/01/30/getting-started-with-git-lfs-tutorial/) | Tutorial | 2017/01/30 |
-| [Git Tips & Tricks](https://about.gitlab.com/2016/12/08/git-tips-and-tricks/) | Technical overview | 2016/12/08 |
+| [Numerous _undo_ possibilities in Git](numerous_undo_possibilities_in_git/index.md) | Tutorial | 2017-08-17 |
+| [Why Git is Worth the Learning Curve](https://about.gitlab.com/2017/05/17/learning-curve-is-the-biggest-challenge-developers-face-with-git/) | Concepts | 2017-05-17 |
+| [How to install Git](how_to_install_git/index.md) | Tutorial | 2017-05-15 |
+| [Getting Started with Git LFS](https://about.gitlab.com/2017/01/30/getting-started-with-git-lfs-tutorial/) | Tutorial | 2017-01-30 |
+| [Git Tips & Tricks](https://about.gitlab.com/2016/12/08/git-tips-and-tricks/) | Technical overview | 2016-12-08 |
 
 ## GitLab Pages
 
@@ -57,21 +58,21 @@ Learn how to deploy a static website with [GitLab Pages](../user/project/pages/i
 | Article title | Category | Publishing date |
 | :------------ | :------: | --------------: |
 | **Series: GitLab Pages from A to Z:** |
-| [- Part 1: Static sites and GitLab Pages domains](../user/project/pages/getting_started_part_one.md)| User guide | 2017/02/22 |
-| [- Part 2: Quick start guide - Setting up GitLab Pages](../user/project/pages/getting_started_part_two.md)| User guide | 2017/02/22 |
-| [- Part 3: Setting Up Custom Domains - DNS Records and SSL/TLS Certificates](../user/project/pages/getting_started_part_three.md)| User guide | 2017/02/22 |
-| [- Part 4: Creating and tweaking `.gitlab-ci.yml` for GitLab Pages](../user/project/pages/getting_started_part_four.md)| User guide | 2017/02/22 |
-| [Setting up GitLab Pages with CloudFlare Certificates](https://about.gitlab.com/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/) | Tutorial | 2017/02/07 |
-| [Building a new GitLab Docs site with Nanoc, GitLab CI, and GitLab Pages](https://about.gitlab.com/2016/12/07/building-a-new-gitlab-docs-site-with-nanoc-gitlab-ci-and-gitlab-pages/) | Tutorial | 2016/12/07 |
-| [Publish Code Coverage Report with GitLab Pages](https://about.gitlab.com/2016/11/03/publish-code-coverage-report-with-gitlab-pages/) | Tutorial | 2016/11/03 |
-| [GitLab CI: Deployment & Environments](https://about.gitlab.com/2016/08/26/ci-deployment-and-environments/) | Tutorial | 2016/08/26 |
-| [Posting to your GitLab Pages blog from iOS](https://about.gitlab.com/2016/08/19/posting-to-your-gitlab-pages-blog-from-ios/) | Tutorial | 2016/08/19 |
+| [- Part 1: Static sites and GitLab Pages domains](../user/project/pages/getting_started_part_one.md)| User guide | 2017-02-22 |
+| [- Part 2: Quick start guide - Setting up GitLab Pages](../user/project/pages/getting_started_part_two.md)| User guide | 2017-02-22 |
+| [- Part 3: Setting Up Custom Domains - DNS Records and SSL/TLS Certificates](../user/project/pages/getting_started_part_three.md)| User guide | 2017-02-22 |
+| [- Part 4: Creating and tweaking `.gitlab-ci.yml` for GitLab Pages](../user/project/pages/getting_started_part_four.md)| User guide | 2017-02-22 |
+| [Setting up GitLab Pages with CloudFlare Certificates](https://about.gitlab.com/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/) | Tutorial | 2017-02-07 |
+| [Building a new GitLab Docs site with Nanoc, GitLab CI, and GitLab Pages](https://about.gitlab.com/2016/12/07/building-a-new-gitlab-docs-site-with-nanoc-gitlab-ci-and-gitlab-pages/) | Tutorial | 2016-12-07 |
+| [Publish Code Coverage Report with GitLab Pages](https://about.gitlab.com/2016/11/03/publish-code-coverage-report-with-gitlab-pages/) | Tutorial | 2016-11-03 |
+| [GitLab CI: Deployment & Environments](https://about.gitlab.com/2016/08/26/ci-deployment-and-environments/) | Tutorial | 2016-08-26 |
+| [Posting to your GitLab Pages blog from iOS](https://about.gitlab.com/2016/08/19/posting-to-your-gitlab-pages-blog-from-ios/) | Tutorial | 2016-08-19 |
 | **Series: Static Site Generator:** |
-| [- Part 1: Dynamic vs Static Websites](https://about.gitlab.com/2016/06/03/ssg-overview-gitlab-pages-part-1-dynamic-x-static/) | Tutorial | 2016/06/03 |
-| [- Part 2: Modern Static Site Generators](https://about.gitlab.com/2016/06/10/ssg-overview-gitlab-pages-part-2/) | Tutorial | 2016/06/10 |
-| [- Part 3: Build any SSG site with GitLab Pages](https://about.gitlab.com/2016/06/17/ssg-overview-gitlab-pages-part-3-examples-ci/) | Tutorial | 2016/06/17 |
-| [Securing your GitLab Pages with TLS and Let's Encrypt](https://about.gitlab.com/2016/04/11/tutorial-securing-your-gitlab-pages-with-tls-and-letsencrypt/) | Tutorial | 2016/04/11 |
-| [Hosting on GitLab.com with GitLab Pages](https://about.gitlab.com/2016/04/07/gitlab-pages-setup/) | Tutorial | 2016/04/07 |
+| [- Part 1: Dynamic vs Static Websites](https://about.gitlab.com/2016/06/03/ssg-overview-gitlab-pages-part-1-dynamic-x-static/) | Tutorial | 2016-06-03 |
+| [- Part 2: Modern Static Site Generators](https://about.gitlab.com/2016/06/10/ssg-overview-gitlab-pages-part-2/) | Tutorial | 2016-06-10 |
+| [- Part 3: Build any SSG site with GitLab Pages](https://about.gitlab.com/2016/06/17/ssg-overview-gitlab-pages-part-3-examples-ci/) | Tutorial | 2016-06-17 |
+| [Securing your GitLab Pages with TLS and Let's Encrypt](https://about.gitlab.com/2016/04/11/tutorial-securing-your-gitlab-pages-with-tls-and-letsencrypt/) | Tutorial | 2016-04-11 |
+| [Hosting on GitLab.com with GitLab Pages](https://about.gitlab.com/2016/04/07/gitlab-pages-setup/) | Tutorial | 2016-04-07 |
 
 ## Install and maintain GitLab
 
@@ -79,10 +80,10 @@ Install, upgrade, integrate, migrate to GitLab:
 
 | Article title | Category | Publishing date |
 | :------------ | :------: | --------------: |
-| [Video Tutorial: Idea to Production on Google Container Engine (GKE)](https://about.gitlab.com/2017/01/23/video-tutorial-idea-to-production-on-google-container-engine-gke/) | Tutorial | 2017/01/23 |
-| [How to Setup a GitLab Instance on Microsoft Azure](https://about.gitlab.com/2016/07/13/how-to-setup-a-gitlab-instance-on-microsoft-azure/) | Tutorial | 2016/07/13 |
-| [Get started with OpenShift Origin 3 and GitLab](openshift_and_gitlab/index.md) | Tutorial | 2016/06/28 |
-| [Getting started with GitLab and DigitalOcean](https://about.gitlab.com/2016/04/27/getting-started-with-gitlab-and-digitalocean/) | Tutorial | 2016/04/27 |
+| [Video Tutorial: Idea to Production on Google Container Engine (GKE)](https://about.gitlab.com/2017/01/23/video-tutorial-idea-to-production-on-google-container-engine-gke/) | Tutorial | 2017-01-23 |
+| [How to Setup a GitLab Instance on Microsoft Azure](https://about.gitlab.com/2016/07/13/how-to-setup-a-gitlab-instance-on-microsoft-azure/) | Tutorial | 2016-07-13 |
+| [Get started with OpenShift Origin 3 and GitLab](openshift_and_gitlab/index.md) | Tutorial | 2016-06-28 |
+| [Getting started with GitLab and DigitalOcean](https://about.gitlab.com/2016/04/27/getting-started-with-gitlab-and-digitalocean/) | Tutorial | 2016-04-27 |
 
 ## Software development
 
@@ -90,25 +91,25 @@ Explore the best of GitLab's software development's capabilities:
 
 | Article title | Category | Publishing date |
 | :------------ | :------: | --------------: |
-| [Making CI Easier with GitLab](https://about.gitlab.com/2017/07/13/making-ci-easier-with-gitlab/) | Concepts | 2017/07/13 |
-| [From 2/3 of the Self-Hosted Git Market, to the Next-Generation CI System, to Auto DevOps](https://about.gitlab.com/2017/06/29/whats-next-for-gitlab-ci/)| Concepts | 2017/06/29 |
-| [Fast and Natural Continuous Integration with GitLab CI](https://about.gitlab.com/2017/05/22/fast-and-natural-continuous-integration-with-gitlab-ci/) | Concepts | 2017/05/22 |
-| [Demo: Auto-Deploy from GitLab to an OpenShift Container Cluster](https://about.gitlab.com/2017/05/16/devops-containers-gitlab-openshift/) | Technical overview | 2017/05/16 |
-| [Demo: GitLab Service Desk](https://about.gitlab.com/2017/05/09/demo-service-desk/) | Feature highlight | 2017/05/09 |
-| [Demo: Mapping Work Versus Time, With Burndown Charts](https://about.gitlab.com/2017/04/25/mapping-work-to-do-versus-time-with-burndown-charts/) | Feature highlight | 2017/04/25 |
-| [Demo: Cloud Native Development with GitLab](https://about.gitlab.com/2017/04/18/cloud-native-demo/) | Feature highlight | 2017/04/18 |
-| [Demo:  Mastering Code Review With GitLab](https://about.gitlab.com/2017/03/17/demo-mastering-code-review-with-gitlab/) | Feature highlight | 2017/03/17 |
-| [In 13 minutes from Kubernetes to a complete application development tool](https://about.gitlab.com/2016/11/14/idea-to-production/) | Technical overview | 2016/11/14 |
-| [GitLab Workflow, an Overview](https://about.gitlab.com/2016/10/25/gitlab-workflow-an-overview/) | Technical overview | 2016/10/25 |
-| [Trends in Version Control Land: Microservices](https://about.gitlab.com/2016/08/16/trends-in-version-control-land-microservices/) | Concepts | 2016/08/16 |
-| [Continuous Integration, Delivery, and Deployment with GitLab](https://about.gitlab.com/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/) | Concepts | 2016/08/05 |
-| [Trends in Version Control Land: Innersourcing](https://about.gitlab.com/2016/07/07/trends-version-control-innersourcing/) | Concepts | 2016/07/07 |
-| [Tutorial: It's all connected in GitLab](https://about.gitlab.com/2016/03/08/gitlab-tutorial-its-all-connected/) | Technical overview | 2016/03/08 |
+| [Making CI Easier with GitLab](https://about.gitlab.com/2017/07/13/making-ci-easier-with-gitlab/) | Concepts | 2017-07-13 |
+| [From 2/3 of the Self-Hosted Git Market, to the Next-Generation CI System, to Auto DevOps](https://about.gitlab.com/2017/06/29/whats-next-for-gitlab-ci/)| Concepts | 2017-06-29 |
+| [Fast and Natural Continuous Integration with GitLab CI](https://about.gitlab.com/2017/05/22/fast-and-natural-continuous-integration-with-gitlab-ci/) | Concepts | 2017-05-22 |
+| [Demo: Auto-Deploy from GitLab to an OpenShift Container Cluster](https://about.gitlab.com/2017/05/16/devops-containers-gitlab-openshift/) | Technical overview | 2017-05-16 |
+| [Demo: GitLab Service Desk](https://about.gitlab.com/2017/05/09/demo-service-desk/) | Feature highlight | 2017-05-09 |
+| [Demo: Mapping Work Versus Time, With Burndown Charts](https://about.gitlab.com/2017/04/25/mapping-work-to-do-versus-time-with-burndown-charts/) | Feature highlight | 2017-04-25 |
+| [Demo: Cloud Native Development with GitLab](https://about.gitlab.com/2017/04/18/cloud-native-demo/) | Feature highlight | 2017-04-18 |
+| [Demo:  Mastering Code Review With GitLab](https://about.gitlab.com/2017/03/17/demo-mastering-code-review-with-gitlab/) | Feature highlight | 2017-03-17 |
+| [In 13 minutes from Kubernetes to a complete application development tool](https://about.gitlab.com/2016/11/14/idea-to-production/) | Technical overview | 2016-11-14 |
+| [GitLab Workflow, an Overview](https://about.gitlab.com/2016/10/25/gitlab-workflow-an-overview/) | Technical overview | 2016-10-25 |
+| [Trends in Version Control Land: Microservices](https://about.gitlab.com/2016/08/16/trends-in-version-control-land-microservices/) | Concepts | 2016-08-16 |
+| [Continuous Integration, Delivery, and Deployment with GitLab](https://about.gitlab.com/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/) | Concepts | 2016-08-05 |
+| [Trends in Version Control Land: Innersourcing](https://about.gitlab.com/2016/07/07/trends-version-control-innersourcing/) | Concepts | 2016-07-07 |
+| [Tutorial: It's all connected in GitLab](https://about.gitlab.com/2016/03/08/gitlab-tutorial-its-all-connected/) | Technical overview | 2016-03-08 |
 
 ## Technologies
 
 | Article title | Category | Publishing date |
 | :------------ | :------: | --------------: |
-| [Why we are not leaving the cloud](https://about.gitlab.com/2017/03/02/why-we-are-not-leaving-the-cloud/) | Concepts | 2017/03/02 |
-| [Why We Chose Vue.js](https://about.gitlab.com/2016/10/20/why-we-chose-vue/) | Concepts | 2016/10/20 |
-| [Markdown Kramdown Tips & Tricks](https://about.gitlab.com/2016/07/19/markdown-kramdown-tips-and-tricks/) | Technical overview | 2016/07/19 |
+| [Why we are not leaving the cloud](https://about.gitlab.com/2017/03/02/why-we-are-not-leaving-the-cloud/) | Concepts | 2017-03-02 |
+| [Why We Chose Vue.js](https://about.gitlab.com/2016/10/20/why-we-chose-vue/) | Concepts | 2016-10-20 |
+| [Markdown Kramdown Tips & Tricks](https://about.gitlab.com/2016/07/19/markdown-kramdown-tips-and-tricks/) | Technical overview | 2016-07-19 |
diff --git a/doc/articles/numerous_undo_possibilities_in_git/img/branching.png b/doc/articles/numerous_undo_possibilities_in_git/img/branching.png
new file mode 100644
index 00000000000..9a80c211c99
--- /dev/null
+++ b/doc/articles/numerous_undo_possibilities_in_git/img/branching.png
diff --git a/doc/articles/numerous_undo_possibilities_in_git/img/rebase_reset.png b/doc/articles/numerous_undo_possibilities_in_git/img/rebase_reset.png
new file mode 100644
index 00000000000..ac7ea9ecddc
--- /dev/null
+++ b/doc/articles/numerous_undo_possibilities_in_git/img/rebase_reset.png
diff --git a/doc/articles/numerous_undo_possibilities_in_git/img/revert.png b/doc/articles/numerous_undo_possibilities_in_git/img/revert.png
new file mode 100644
index 00000000000..13b3a35ca45
--- /dev/null
+++ b/doc/articles/numerous_undo_possibilities_in_git/img/revert.png
diff --git a/doc/articles/numerous_undo_possibilities_in_git/index.md b/doc/articles/numerous_undo_possibilities_in_git/index.md
new file mode 100644
index 00000000000..9f1239b8f88
--- /dev/null
+++ b/doc/articles/numerous_undo_possibilities_in_git/index.md
@@ -0,0 +1,497 @@
+# Numerous undo possibilities in Git
+
+> **Article [Type](../../development/writing_documentation.md#types-of-technical-articles):**  tutorial ||
+> **Level:** intermediary ||
+> **Author:** [Crt Mori](https://gitlab.com/Letme)  ||
+> **Publication date:** 2017/08/17
+
+## Introduction
+
+In this tutorial, we will show you different ways of undoing your work in Git, for which
+we will assume you have a basic working knowledge of. Check GitLab's
+[Git documentation](../../topics/git/index.md#git-documentation) for reference.
+Also, we will only provide some general info of the commands, which is enough
+to get you started for the easy cases/examples, but for anything more advanced please refer to the [Git book](https://git-scm.com/book/en/v2).
+
+We will explain a few different techniques to undo your changes based on the stage
+of the change in your current development. Also, keep in mind that [nothing in
+Git is really deleted.][git-autoclean-ref]
+This means that until Git automatically cleans detached commits (which cannot be
+accessed by branch or tag) it will be possible to view them with `git reflog` command
+and access them with direct commit-id. Read more about _[redoing the undo](#redoing-the-undo)_ on the section below.
+
+This guide is organized depending on the [stage of development][git-basics]
+where you want to undo your changes from and if they were shared with other developers
+or not. Because Git is tracking changes a created or edited file is in the unstaged state
+(if created it is untracked by Git). After you add it to a repository (`git add`) you put
+a file into the **staged** state, which is then committed (`git commit`) to your
+local repository. After that, file can be shared with other developers (`git push`).
+Here's what we'll cover in this tutorial:
+
+ - [Undo local changes](#undo-local-changes) which were not pushed to remote repository
+
+    - Before you commit, in both unstaged and staged state
+    - After you committed
+
+ - Undo changes after they are pushed to remote repository
+
+    - [Without history modification](#undo-remote-changes-without-changing-history) (preferred way)
+    - [With history modification](#undo-remote-changes-with-modifying-history) (requires
+      coordination with team and force pushes).
+
+      - [Usecases when modifying history is generally acceptable](#where-modifying-history-is-generally-acceptable)
+      - [How to modify history](#how-modifying-history-is-done)
+      - [How to remove sensitive information from repository](#deleting-sensitive-information-from-commits)
+
+
+### Branching strategy
+
+[Git][git-official] is a de-centralized version control system, which means that beside regular
+versioning of the whole repository, it has possibilities to exchange changes
+with other repositories. To avoid chaos with
+[multiple sources of truth][git-distributed], various
+development workflows have to be followed, and it depends on your internal
+workflow how certain changes or commits can be undone or changed.
+[GitLab Flow][gitlab-flow] provides a good
+balance between developers clashing with each other while
+developing the same feature and cooperating seamlessly, but it does not enable
+joined development of the same feature by multiple developers by default.
+When multiple developers develop the same feature on the same branch, clashing
+with every synchronization is unavoidable, but a proper or chosen Git Workflow will
+prevent that anything is lost or out of sync when feature is complete. You can also
+read through this blog post on [Git Tips & Tricks][gitlab-git-tips-n-tricks]
+to learn how to easily **do** things in Git.
+
+
+## Undo local changes
+
+Until you push your changes to any remote repository, they will only affect you.
+That broadens your options on how to handle undoing them. Still, local changes
+can be on various stages and each stage has a different approach on how to tackle them.
+
+
+### Unstaged local changes (before you commit)
+
+When a change is made, but it is not added to the staged tree, Git itself
+proposes a solution to discard changes to certain file.
+
+Suppose you edited a file to change the content using your favorite editor:
+
+```shell
+vim <file>
+```
+
+Since you did not `git add <file>` to staging, it should be under unstaged files (or
+untracked if file was created). You can confirm that with:
+
+```shell
+$ git status
+On branch master
+Your branch is up-to-date with 'origin/master'.
+Changes not staged for commit:
+  (use "git add <file>..." to update what will be committed)
+  (use "git checkout -- <file>..." to discard changes in working directory)
+
+    modified:   <file>
+no changes added to commit (use "git add" and/or "git commit -a")
+```
+
+At this point there are 3 options to undo the local changes you have:
+
+ - Discard all local changes, but save them for possible re-use [later](#quickly-save-local-changes)
+
+     ```shell
+     git stash
+     ```
+
+ - Discarding local changes (permanently) to a file
+
+     ```shell
+     git checkout -- <file>
+     ```
+
+ - Discard all local changes to all files permanently
+
+     ```shell
+     git reset --hard
+     ```
+
+
+Before executing `git reset --hard`, keep in mind that there is also a way to
+just temporary store the changes without committing them using `git stash`.
+This command resets the changes to all files, but it also saves them in case
+you would like to apply them at some later time. You can read more about it in
+[section below](#quickly-save-local-changes).
+
+### Quickly save local changes
+
+You are working on a feature when a boss drops by with an urgent task. Since your
+feature is not complete, but you need to swap to another branch, you can use
+`git stash` to save what you had done, swap to another branch, commit, push,
+test, then get back to previous feature branch, do `git stash pop` and continue
+where you left.
+
+The example above shows that discarding all changes is not always a preferred option,
+but Git provides a way to save them for later, while resetting the repository to state without
+them. This is achieved by Git stashing command `git stash`, which in fact saves your
+current work and runs `git reset --hard`, but it also has various
+additional options like:
+
+ - `git stash save`, which enables including temporary commit message, which will help you identify changes, among with other options
+ - `git stash list`, which lists all previously stashed commits (yes, there can be more) that were not `pop`ed
+ - `git stash pop`, which redoes previously stashed changes and removes them from stashed list
+ - `git stash apply`, which redoes previously stashed changes, but keeps them on stashed list
+
+### Staged local changes (before you commit)
+
+Let's say you have added some files to staging, but you want to remove them from the
+current commit, yet you want to retain those changes - just move them outside
+of the staging tree. You also have an option to discard all changes with
+`git reset --hard` or think about `git stash` [as described earlier.](#quickly-save-local-changes)
+
+Lets start the example by editing a file, with your favorite editor, to change the
+content and add it to staging
+
+```
+vim <file>
+git add <file>
+```
+
+The file is now added to staging as confirmed by `git status` command:
+
+```shell
+$ git status
+On branch master
+Your branch is up-to-date with 'origin/master'.
+Changes to be committed:
+  (use "git reset HEAD <file>..." to unstage)
+
+	new file:   <file>
+```
+
+Now you have 4 options to undo your changes:
+
+ - Unstage the file to current commit (HEAD)
+
+     ```shell
+     git reset HEAD <file>
+     ```
+
+ - Unstage everything - retain changes
+
+     ```shell
+     git reset
+     ```
+
+ - Discard all local changes, but save them for [later](#quickly-save-local-changes)
+
+     ```shell
+     git stash
+     ```
+
+ - Discard everything permanently
+
+     ```shell
+     git reset --hard
+     ```
+
+## Committed local changes
+
+Once you commit, your changes are recorded by the version control system.
+Because you haven't pushed to your remote repository yet, your changes are
+still not public (or shared with other developers). At this point, undoing
+things is a lot easier, we have quite some workaround options. Once you push
+your code, you'll have less options to troubleshoot your work.
+
+### Without modifying history
+
+Through the development process some of the previously committed changes do not
+fit anymore in the end solution, or are source of the bugs. Once you find the
+commit which triggered bug, or once you have a faulty commit, you can simply
+revert it with `git revert commit-id`. This command inverts (swaps) the additions and
+deletions in that commit, so that it does not modify history. Retaining history
+can be helpful in future to notice that some changes have been tried
+unsuccessfully in the past.
+
+In our example we will assume there are commits `A`,`B`,`C`,`D`,`E` committed in this order: `A-B-C-D-E`,
+and `B` is the commit you want to undo. There are many different ways to identify commit
+`B` as bad, one of them is to pass a range to `git bisect` command. The provided range includes
+last known good commit (we assume `A`) and first known bad commit (where bug was detected - we will assume `E`).
+
+```shell
+git bisect A..E
+```
+
+Bisect will provide us with commit-id of the middle commit to test, and then guide us
+through simple bisection process. You can read more about it [in official Git Tools][git-debug]
+In our example we will end up with commit `B`, that introduced bug/error. We have
+4 options on how to remove it (or part of it) from our repository.
+
+- Undo (swap additions and deletions) changes introduced by commit `B`.
+
+   ```shell
+   git revert commit-B-id
+   ```
+
+- Undo changes on a single file or directory from commit `B`, but retain them in the staged state
+
+   ```shell
+   git checkout commit-B-id <file>
+   ```
+
+- Undo changes on a single file or directory from commit `B`, but retain them in the unstaged state
+
+   ```shell
+   git reset  commit-B-id <file>
+   ```
+
+ - There is one command we also must not forget: **creating a new branch**
+   from the point where changes are not applicable or where the development has hit a
+   dead end. For example you have done commits `A-B-C-D` on your feature-branch
+   and then you figure `C` and `D` are wrong. At this point you either reset to `B`
+   and do commit `F` (which will cause problems with pushing and if forced pushed also with other developers)
+   since branch now looks `A-B-F`, which clashes with what other developers have locally (you will
+   [change history](#with-history-modification)), or you simply checkout commit `B` create
+   a new branch and do commit `F`. In the last case, everyone else can still do their work while you
+   have your new way to get it right and merge it back in later. Alternatively, with GitLab,
+   you can [cherry-pick](../../user/project/merge_requests/cherry_pick_changes.md#cherry-picking-a-commit)
+   that commit into a new merge request.
+
+      ![Create a new branch to avoid clashing](img/branching.png)
+
+      ```shell
+      git checkout commit-B-id
+      git checkout -b new-path-of-feature
+      # Create <commit F>
+      git commit -a
+      ```
+
+### With history modification
+
+There is one command for history modification and that is `git rebase`. Command
+provides interactive mode (`-i` flag) which enables you to:
+
+ - **reword** commit messages (there is also `git commit --amend` for editing
+   last commit message)
+ - **edit** the commit content (changes introduced by commit) and message
+ - **squash** multiple commits into a single one, and have a custom or aggregated
+   commit message
+ - **drop** commits - simply delete them
+ - and few more options
+
+Let us check few examples. Again there are commits `A-B-C-D` where you want to
+delete commit `B`.
+
+- Rebase the range from current commit D to A:
+
+   ```shell
+   git rebase -i A
+   ```
+
+- Command opens your favorite editor where you write `drop` in front of commit
+ `B`, but you leave default `pick` with all other commits. Save and exit the
+ editor to perform a rebase. Remember: if you want to cancel delete whole
+ file content before saving and exiting the editor
+
+In case you want to modify something introduced in commit `B`.
+
+- Rebase the range from current commit D to A:
+
+    ```shell
+    git rebase -i A
+    ```
+
+- Command opens your favorite text editor where you write `edit` in front of commit
+ `B`, but leave default `pick` with all other commits. Save and exit the editor to
+ perform a rebase
+
+- Now do your edits and commit changes:
+
+    ```shell
+    git commit -a
+    ```
+
+You can find some more examples in [below section where we explain how to modify
+history](#how-modifying-history-is-done)
+
+
+### Redoing the Undo
+
+Sometimes you realize that the changes you undid were useful and you want them
+back. Well because of first paragraph you are in luck. Command `git reflog`
+enables you to *recall* detached local commits by referencing or applying them
+via commit-id. Although, do not expect to see really old commits in reflog, because
+Git regularly [cleans the commits which are *unreachable* by branches or tags][git-autoclean-ref].
+
+To view repository history and to track older commits you can use below command:
+
+```shell
+$ git reflog show
+
+# Example output:
+b673187 HEAD@{4}: merge 6e43d5987921bde189640cc1e37661f7f75c9c0b: Merge made by the 'recursive' strategy.
+eb37e74 HEAD@{5}: rebase -i (finish): returning to refs/heads/master
+eb37e74 HEAD@{6}: rebase -i (pick): Commit C
+97436c6 HEAD@{7}: rebase -i (start): checkout 97436c6eec6396c63856c19b6a96372705b08b1b
+...
+88f1867 HEAD@{12}: commit: Commit D
+97436c6 HEAD@{13}: checkout: moving from 97436c6eec6396c63856c19b6a96372705b08b1b to test
+97436c6 HEAD@{14}: checkout: moving from master to 97436c6
+05cc326 HEAD@{15}: commit: Commit C
+6e43d59 HEAD@{16}: commit: Commit B
+```
+
+Output of command shows repository history. In first column there is commit-id,
+in following column, number next to `HEAD` indicates how many commits ago something
+was made, after that indicator of action that was made (commit, rebase, merge, ...)
+and then on end description of that action.
+
+## Undo remote changes without changing history
+
+This topic is roughly same as modifying committed local changes without modifying
+history. **It should be the preferred way of undoing changes on any remote repository
+or public branch.** Keep in mind that branching is the best solution when you want
+to retain the history of faulty development, yet start anew from certain point. Branching
+enables you to include the existing changes in new development (by merging) and
+it also provides a clear timeline and development structure.
+
+![Use revert to keep branch flowing](img/revert.png)
+
+If you want to revert changes introduced in certain `commit-id` you can simply
+revert that `commit-id` (swap additions and deletions) in newly created commit:
+You can do this with
+
+```shell
+git revert commit-id
+```
+
+or creating a new branch:
+
+```shell
+git checkout commit-id
+git checkout -b new-path-of-feature
+```
+
+## Undo remote changes with modifying history
+
+This is useful when you want to *hide* certain things - like secret keys,
+passwords, SSH keys, etc. It is and should not be used to hide mistakes, as
+it will make it harder to debug in case there are some other bugs. The main
+reason for this is that you loose the real development progress. **Also keep in
+mind that, even with modified history, commits are just detached and can still be
+accessed through commit-id** - at least until all repositories perform
+the cleanup of detached commits (happens automatically).
+
+![Modifying history causes problems on remote branch](img/rebase_reset.png)
+
+### Where modifying history is generally acceptable
+
+Modified history breaks the development chain of other developers, as changed
+history does not have matching commits'ids. For that reason it should not
+be used on any public branch or on branch that *might* be used by other
+developers. When contributing to big open source repositories (e.g. [GitLab CE][gitlab-ce]),
+it is acceptable to *squash* commits into a single one, to present
+a nicer history of your contribution.
+Keep in mind that this also removes the comments attached to certain commits
+in merge requests, so if you need to retain traceability in GitLab, then
+modifying history is not acceptable.
+A feature-branch of a merge request is a public branch and might be used by 
+other developers, but project process and rules might allow or require 
+you to use `git rebase` (command that changes history) to reduce number of
+displayed commits on target branch after reviews are done (for example
+GitLab). There is a `git merge --squash` command which does exactly that
+(squashes commits on feature-branch to a single commit on target branch
+at merge).
+
+>**Note:**
+Never modify the commit history of `master` or shared branch
+
+### How modifying history is done
+
+After you know what you want to modify (how far in history or how which range of
+old commits), use `git rebase -i commit-id`. This command will then display all the commits from
+current version to chosen commit-id and allow modification, squashing, deletion
+of that commits.
+
+```shell
+$ git rebase -i commit1-id..commit3-id
+pick <commit1-id> <commit1-commit-message>
+pick <commit2-id> <commit2-commit-message>
+pick <commit3-id> <commit3-commit-message>
+
+# Rebase commit1-id..commit3-id onto <commit4-id> (3 command(s))
+#
+# Commands:
+# p, pick = use commit
+# r, reword = use commit, but edit the commit message
+# e, edit = use commit, but stop for amending
+# s, squash = use commit, but meld into previous commit
+# f, fixup = like "squash", but discard this commit's log message
+# x, exec = run command (the rest of the line) using shell
+# d, drop = remove commit
+#
+# These lines can be re-ordered; they are executed from top to bottom.
+#
+# If you remove a line here THAT COMMIT WILL BE LOST.
+#
+# However, if you remove everything, the rebase will be aborted.
+#
+# Note that empty commits are commented out
+```
+
+>**Note:**
+It is important to notice that comment from the output clearly states that, if
+you decide to abort, then do not just close your editor (as that will in-fact
+modify history), but remove all uncommented lines and save.
+
+That is one of the reasons why `git rebase` should be used carefully on
+shared and remote branches. But don't worry, there will be nothing broken until
+you push back to the remote repository (so you can freely explore the
+different outcomes locally).
+
+```shell
+# Modify history from commit-id to HEAD (current commit)
+git rebase -i commit-id
+```
+
+### Deleting sensitive information from commits
+
+Git also enables you to delete sensitive information from your past commits and
+it does modify history in the progress. That is why we have included it in this
+section and not as a standalone topic. To do so, you should run the
+`git filter-branch`, which enables you to rewrite history with
+[certain filters][git-filters-manual].
+This command uses rebase to modify history and if you want to remove certain
+file from history altogether use:
+
+```shell
+git filter-branch --tree-filter 'rm filename' HEAD
+```
+
+Since `git filter-branch` command might be slow on big repositories, there are
+tools that can use some of Git specifics to enable faster execution of common
+tasks (which is exactly what removing sensitive information file is about).
+An alternative is [BFG Repo-cleaner][bfg-repo-cleaner]. Keep in mind that these
+tools are faster because they do not provide a same fully feature set as `git filter-branch`
+does, but focus on specific usecases.
+
+## Conclusion
+
+There are various options of undoing your work with any version control system, but
+because of de-centralized nature of Git, these options are multiplied (or limited)
+depending on the stage of your process. Git also enables rewriting history, but that
+should be avoided as it might cause problems when multiple developers are
+contributing to the same codebase.
+
+<!-- Identifiers, in alphabetical order -->
+
+[bfg-repo-cleaner]: https://rtyley.github.io/bfg-repo-cleaner/
+[git-autoclean-ref]: https://git-scm.com/book/en/v2/Git-Internals-Maintenance-and-Data-Recovery
+[git-basics]: https://git-scm.com/book/en/v2/Git-Basics-Recording-Changes-to-the-Repository
+[git-debug]: https://git-scm.com/book/en/v2/Git-Tools-Debugging-with-Git
+[git-distributed]: https://git-scm.com/about/distributed
+[git-filters-manual]: https://git-scm.com/docs/git-filter-branch#_options
+[git-official]: https://git-scm.com/
+[gitlab-ce]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#contribution-acceptance-criteria
+[gitlab-flow]: https://about.gitlab.com/2014/09/29/gitlab-flow/
+[gitlab-git-tips-n-tricks]: https://about.gitlab.com/2016/12/08/git-tips-and-tricks/
diff --git a/doc/ci/api/README.md b/doc/ci/api/README.md
deleted file mode 100644
index 98f37935427..00000000000
--- a/doc/ci/api/README.md
+++ /dev/null
@@ -1 +0,0 @@
-This document was moved to a [new location](../../api/ci/README.md).
diff --git a/doc/ci/api/builds.md b/doc/ci/api/builds.md
deleted file mode 100644
index 0563a367609..00000000000
--- a/doc/ci/api/builds.md
+++ /dev/null
@@ -1 +0,0 @@
-This document was moved to a [new location](../../api/ci/builds.md).
diff --git a/doc/ci/api/runners.md b/doc/ci/api/runners.md
deleted file mode 100644
index 1027363851c..00000000000
--- a/doc/ci/api/runners.md
+++ /dev/null
@@ -1 +0,0 @@
-This document was moved to a [new location](../../api/ci/runners.md).
diff --git a/doc/ci/docker/using_docker_images.md b/doc/ci/docker/using_docker_images.md
index d3433594eb7..dc5313c5597 100644
--- a/doc/ci/docker/using_docker_images.md
+++ b/doc/ci/docker/using_docker_images.md
@@ -117,7 +117,7 @@ following these rules:
   created (requires GitLab Runner v1.1.0 or higher)
 
 To override the default behavior, you can
-[specify a service alias](#available-settings-for-services-entry).
+[specify a service alias](#available-settings-for-services).
 
 ## Define `image` and `services` from `.gitlab-ci.yml`
 
@@ -183,8 +183,7 @@ test:
 
 ## Extended Docker configuration options
 
-> **Note:**
-This feature requires GitLab 9.4 and GitLab Runner 9.4 or higher.
+> Introduced in GitLab and GitLab Runner 9.4.
 
 When configuring the `image` or `services` entries, you can use a string or a map as
 options:
@@ -221,28 +220,29 @@ For example, the following two definitions are equal:
 
 ### Available settings for `image`
 
-> **Note:**
-This feature requires GitLab 9.4 and GitLab Runner 9.4 or higher.
+> Introduced in GitLab and GitLab Runner 9.4.
 
-| Setting    | Required | Description |
-|------------|----------|-------------|
-| `name`     | yes, when used with any other option      | Full name of the image that should be used. It should contain the Registry part if needed. |
-| `entrypoint` | no     | Command or script that should be executed as the container's entrypoint. It will be translated to Docker's `--entrypoint` option while creating the container. The syntax is similar to [`Dockerfile`'s `ENTRYPOINT`][entrypoint] directive, where each shell token is a separate string in the array. |
+| Setting    | Required | GitLab version | Description |
+|------------|----------|----------------| ----------- |
+| `name`     | yes, when used with any other option      | 9.4 |Full name of the image that should be used. It should contain the Registry part if needed. |
+| `entrypoint` | no     | 9.4 |Command or script that should be executed as the container's entrypoint. It will be translated to Docker's `--entrypoint` option while creating the container. The syntax is similar to [`Dockerfile`'s `ENTRYPOINT`][entrypoint] directive, where each shell token is a separate string in the array. |
 
 ### Available settings for `services`
 
-> **Note:**
-This feature requires GitLab 9.4 and GitLab Runner 9.4 or higher.
+> Introduced in GitLab and GitLab Runner 9.4.
 
-| Setting    | Required | Description |
-|------------|----------|-------------|
-| `name`       | yes, when used with any other option      | Full name of the image that should be used. It should contain the Registry part if needed. |
-| `entrypoint` | no     | Command or script that should be executed as the container's entrypoint. It will be translated to Docker's `--entrypoint` option while creating the container. The syntax is similar to [`Dockerfile`'s `ENTRYPOINT`][entrypoint] directive, where each shell token is a separate string in the array. |
-| `command`    | no       | Command or script that should be used as the container's command. It will be translated to arguments passed to Docker after the image's name. The syntax is similar to [`Dockerfile`'s `CMD`][cmd] directive, where each shell token is a separate string in the array. |
-| `alias`      | no       | Additional alias that can be used to access the service from the job's container. Read [Accessing the services](#accessing-the-services) for more information. |
+| Setting    | Required | GitLab version | Description |
+|------------|----------|----------------| ----------- |
+| `name`       | yes, when used with any other option  | 9.4 | Full name of the image that should be used. It should contain the Registry part if needed. |
+| `entrypoint` | no     | 9.4 |Command or script that should be executed as the container's entrypoint. It will be translated to Docker's `--entrypoint` option while creating the container. The syntax is similar to [`Dockerfile`'s `ENTRYPOINT`][entrypoint] directive, where each shell token is a separate string in the array. |
+| `command`    | no       | 9.4 |Command or script that should be used as the container's command. It will be translated to arguments passed to Docker after the image's name. The syntax is similar to [`Dockerfile`'s `CMD`][cmd] directive, where each shell token is a separate string in the array. |
+| `alias`      | no       | 9.4 |Additional alias that can be used to access the service from the job's container. Read [Accessing the services](#accessing-the-services) for more information. |
 
 ### Starting multiple services from the same image
 
+> Introduced in GitLab and GitLab Runner 9.4. Read more about the [extended
+configuration options](#extended-docker-configuration-options).
+
 Before the new extended Docker configuration options, the following configuration
 would not work properly:
 
@@ -274,6 +274,9 @@ in `.gitlab-ci.yml` file.
 
 ### Setting a command for the service
 
+> Introduced in GitLab and GitLab Runner 9.4. Read more about the [extended
+configuration options](#extended-docker-configuration-options).
+
 Let's assume you have a `super/sql:latest` image with some SQL database
 inside it and you would like to use it as a service for your job. Let's also
 assume that this image doesn't start the database process while starting
@@ -313,6 +316,9 @@ As you can see, the syntax of `command` is similar to [Dockerfile's `CMD`][cmd].
 
 ### Overriding the entrypoint of an image
 
+> Introduced in GitLab and GitLab Runner 9.4. Read more about the [extended
+configuration options](#extended-docker-configuration-options).
+
 Let's assume you have a `super/sql:experimental` image with some SQL database
 inside it and you would like to use it as a base image for your job because you
 want to execute some tests with this database binary. Let's also assume that
diff --git a/doc/development/README.md b/doc/development/README.md
index 58993c52dcd..dd150421b65 100644
--- a/doc/development/README.md
+++ b/doc/development/README.md
@@ -46,6 +46,7 @@
 
 ## Databases
 
+- [Merge Request Checklist](database_merge_request_checklist.md)
 - [What requires downtime?](what_requires_downtime.md)
 - [Adding database indexes](adding_database_indexes.md)
 - [Post Deployment Migrations](post_deployment_migrations.md)
@@ -56,6 +57,9 @@
 - [Background Migrations](background_migrations.md)
 - [Storing SHA1 Hashes As Binary](sha1_as_binary.md)
 - [Iterating Tables In Batches](iterating_tables_in_batches.md)
+- [Ordering Table Columns](ordering_table_columns.md)
+- [Verifying Database Capabilities](verifying_database_capabilities.md)
+- [Hash Indexes](hash_indexes.md)
 
 ## i18n
 
diff --git a/doc/development/database_merge_request_checklist.md b/doc/development/database_merge_request_checklist.md
new file mode 100644
index 00000000000..75c395b61ef
--- /dev/null
+++ b/doc/development/database_merge_request_checklist.md
@@ -0,0 +1,15 @@
+# Merge Request Checklist
+
+When creating a merge request that performs database related changes (schema
+changes, adjusting queries to optimise performance, etc) you should use the
+merge request template called "Database Changes". This template contains a
+checklist of steps to follow to make sure the changes are up to snuff.
+
+To use the checklist, create a new merge request and click on the "Choose a
+template" dropdown, then click "Database Changes".
+
+An example of this checklist can be found at
+https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12463.
+
+The source code of the checklist can be found in at
+https://gitlab.com/gitlab-org/gitlab-ce/blob/master/.gitlab/merge_request_templates/Database%20Changes.md
diff --git a/doc/development/hash_indexes.md b/doc/development/hash_indexes.md
new file mode 100644
index 00000000000..e6c1b3590b1
--- /dev/null
+++ b/doc/development/hash_indexes.md
@@ -0,0 +1,20 @@
+# Hash Indexes
+
+Both PostgreSQL and MySQL support hash indexes besides the regular btree
+indexes. Hash indexes however are to be avoided at all costs. While they may
+_sometimes_ provide better performance the cost of rehashing can be very high.
+More importantly: at least until PostgreSQL 10.0 hash indexes are not
+WAL-logged, meaning they are not replicated to any replicas. From the PostgreSQL
+documentation:
+
+> Hash index operations are not presently WAL-logged, so hash indexes might need
+> to be rebuilt with REINDEX after a database crash if there were unwritten
+> changes. Also, changes to hash indexes are not replicated over streaming or
+> file-based replication after the initial base backup, so they give wrong
+> answers to queries that subsequently use them. For these reasons, hash index
+> use is presently discouraged.
+
+RuboCop is configured to register an offence when it detects the use of a hash
+index.
+
+Instead of using hash indexes you should use regular btree indexes.
diff --git a/doc/development/ordering_table_columns.md b/doc/development/ordering_table_columns.md
new file mode 100644
index 00000000000..249e70c7b0e
--- /dev/null
+++ b/doc/development/ordering_table_columns.md
@@ -0,0 +1,127 @@
+# Ordering Table Columns
+
+Similar to C structures the space of a table is influenced by the order of
+columns. This is because the size of columns is aligned depending on the type of
+the column. Take the following column order for example:
+
+* id (integer, 4 bytes)
+* name (text, variable)
+* user_id (integer, 4 bytes)
+
+Integers are aligned to the word size. This means that on a 64 bit platform the
+actual size of each column would be: 8 bytes, variable, 8 bytes. This means that
+each row will require at least 16 bytes for the two integers, and a variable
+amount for the text field. If a table has a few rows this is not an issue, but
+once you start storing millions of rows you can save space by using a different
+order. For the above example a more ideal column order would be the following:
+
+* id (integer, 4 bytes)
+* user_id (integer, 4 bytes)
+* name (text, variable)
+
+In this setup the `id` and `user_id` columns can be packed together, which means
+we only need 8 bytes to store _both_ of them. This in turn each row will require
+8 bytes less of space.
+
+For GitLab we require that columns of new tables are ordered based to use the
+least amount of space. An easy way of doing this is to order them based on the
+type size in descending order with variable sizes (string and text columns for
+example) at the end.
+
+## Type Sizes
+
+While the PostgreSQL docuemntation
+(https://www.postgresql.org/docs/current/static/datatype.html) contains plenty
+of information we will list the sizes of common types here so it's easier to
+look them up. Here "word" refers to the word size, which is 4 bytes for a 32
+bits platform and 8 bytes for a 64 bits platform.
+
+| Type             | Size                                 | Aligned To |
+|:-----------------|:-------------------------------------|:-----------|
+| smallint         | 2 bytes                              | 1 word     |
+| integer          | 4 bytes                              | 1 word     |
+| bigint           | 8 bytes                              | 8 bytes    |
+| real             | 4 bytes                              | 1 word     |
+| double precision | 8 bytes                              | 8 bytes    |
+| boolean          | 1 byte                               | not needed |
+| text / string    | variable, 1 byte plus the data       | 1 word     |
+| bytea            | variable, 1 or 4 bytes plus the data | 1 word     |
+| timestamp        | 8 bytes                              | 8 bytes    |
+| timestamptz      | 8 bytes                              | 8 bytes    |
+| date             | 4 bytes                              | 1 word     |
+
+A "variable" size means the actual size depends on the value being stored. If
+PostgreSQL determines this can be embedded directly into a row it may do so, but
+for very large values it will store the data externally and store a pointer (of
+1 word in size) in the column. Because of this variable sized columns should
+always be at the end of a table.
+
+## Real Example
+
+Let's use the "events" table as an example, which currently has the following
+layout:
+
+| Column      | Type                        | Size     |
+|:------------|:----------------------------|:---------|
+| id          | integer                     | 4 bytes  |
+| target_type | character varying           | variable |
+| target_id   | integer                     | 4 bytes  |
+| title       | character varying           | variable |
+| data        | text                        | variable |
+| project_id  | integer                     | 4 bytes  |
+| created_at  | timestamp without time zone | 8 bytes  |
+| updated_at  | timestamp without time zone | 8 bytes  |
+| action      | integer                     | 4 bytes  |
+| author_id   | integer                     | 4 bytes  |
+
+After adding padding to align the columns this would translate to columns being
+divided into fixed size chunks as follows:
+
+| Chunk Size | Columns           |
+|:-----------|:------------------|
+| 8 bytes    | id                |
+| variable   | target_type       |
+| 8 bytes    | target_id         |
+| variable   | title             |
+| variable   | data              |
+| 8 bytes    | project_id        |
+| 8 bytes    | created_at        |
+| 8 bytes    | updated_at        |
+| 8 bytes    | action, author_id |
+
+This means that excluding the variable sized data we need at least 48 bytes per
+row.
+
+We can optimise this by using the following column order instead:
+
+| Column      | Type                        | Size     |
+|:------------|:----------------------------|:---------|
+| created_at  | timestamp without time zone | 8 bytes  |
+| updated_at  | timestamp without time zone | 8 bytes  |
+| id          | integer                     | 4 bytes  |
+| target_id   | integer                     | 4 bytes  |
+| project_id  | integer                     | 4 bytes  |
+| action      | integer                     | 4 bytes  |
+| author_id   | integer                     | 4 bytes  |
+| target_type | character varying           | variable |
+| title       | character varying           | variable |
+| data        | text                        | variable |
+
+This would produce the following chunks:
+
+| Chunk Size | Columns            |
+|:-----------|:-------------------|
+| 8 bytes    | created_at         |
+| 8 bytes    | updated_at         |
+| 8 bytes    | id, target_id      |
+| 8 bytes    | project_id, action |
+| 8 bytes    | author_id          |
+| variable   | target_type        |
+| variable   | title              |
+| variable   | data               |
+
+Here we only need 40 bytes per row excluding the variable sized data. 8 bytes
+being saved may not sound like much, but for tables as large as the "events"
+table it does begin to matter. For example, when storing 80 000 000 rows this
+translates to a space saving of at least 610 MB: all by just changing the order
+of a few columns.
diff --git a/doc/development/serializing_data.md b/doc/development/serializing_data.md
index 2b56f48bc44..37332c20147 100644
--- a/doc/development/serializing_data.md
+++ b/doc/development/serializing_data.md
@@ -1,7 +1,8 @@
 # Serializing Data
 
 **Summary:** don't store serialized data in the database, use separate columns
-and/or tables instead.
+and/or tables instead. This includes storing of comma separated values as a
+string.
 
 Rails makes it possible to store serialized data in JSON, YAML or other formats.
 Such a field can be defined as follows:
diff --git a/doc/development/sql.md b/doc/development/sql.md
index 23fd7604957..974b1d99dff 100644
--- a/doc/development/sql.md
+++ b/doc/development/sql.md
@@ -216,4 +216,30 @@ exact same results. This also means there's no need to add an index on
 `created_at` to ensure consistent performance as `id` is already indexed by
 default.
 
+## Use WHERE EXISTS instead of WHERE IN
+
+While `WHERE IN` and `WHERE EXISTS` can be used to produce the same data it is
+recommended to use `WHERE EXISTS` whenever possible. While in many cases
+PostgreSQL can optimise `WHERE IN` quite well there are also many cases where
+`WHERE EXISTS` will perform (much) better.
+
+In Rails you have to use this by creating SQL fragments:
+
+```ruby
+Project.where('EXISTS (?)', User.select(1).where('projects.creator_id = users.id AND users.foo = X'))
+```
+
+This would then produce a query along the lines of the following:
+
+```sql
+SELECT *
+FROM projects
+WHERE EXISTS (
+    SELECT 1
+    FROM users
+    WHERE projects.creator_id = users.id
+    AND users.foo = X
+)
+```
+
 [gin-index]: http://www.postgresql.org/docs/current/static/gin.html
diff --git a/doc/development/verifying_database_capabilities.md b/doc/development/verifying_database_capabilities.md
new file mode 100644
index 00000000000..cc6d62957e3
--- /dev/null
+++ b/doc/development/verifying_database_capabilities.md
@@ -0,0 +1,26 @@
+# Verifying Database Capabilities
+
+Sometimes certain bits of code may only work on a certain database and/or
+version. While we try to avoid such code as much as possible sometimes it is
+necessary to add database (version) specific behaviour.
+
+To facilitate this we have the following methods that you can use:
+
+* `Gitlab::Database.postgresql?`: returns `true` if PostgreSQL is being used
+* `Gitlab::Database.mysql?`: returns `true` if MySQL is being used
+* `Gitlab::Database.version`: returns the PostgreSQL version number as a string
+  in the format `X.Y.Z`. This method does not work for MySQL
+
+This allows you to write code such as:
+
+```ruby
+if Gitlab::Database.postgresql?
+  if Gitlab::Database.version.to_f >= 9.6
+    run_really_fast_query
+  else
+    run_fast_query
+  end
+else
+  run_query
+end
+```
diff --git a/doc/gitlab-basics/create-project.md b/doc/gitlab-basics/create-project.md
index 2513f4b420a..67ef189fee9 100644
--- a/doc/gitlab-basics/create-project.md
+++ b/doc/gitlab-basics/create-project.md
@@ -1,5 +1,9 @@
 # How to create a project in GitLab
 
+>**Notes:**
+- For a list of words that are not allowed to be used as project names see the
+  [reserved names][reserved].
+
 1. In your dashboard, click the green **New project** button or use the plus
    icon in the upper right corner of the navigation bar.
 
@@ -9,13 +13,17 @@
 
     ![Project information](img/create_new_project_info.png)
 
+1. Choose if you want start a blank project, or with one of the predefined
+   [Project Templates](https://gitlab.com/gitlab-org/project-templates):
+   this will kickstart your repository code and CI automatically.
+   Otherwise, if you have a project in a different repository, you can [import it] by
+   clicking an **Import project from** button provided this is enabled in
+   your GitLab instance. Ask your administrator if not.
+
 1. Provide the following information:
     - Enter the name of your project in the **Project name** field. You can't use
       special characters, but you can use spaces, hyphens, underscores or even
       emoji.
-    - If you have a project in a different repository, you can [import it] by
-      clicking an **Import project from** button provided this is enabled in
-      your GitLab instance. Ask your administrator if not.
     - The **Project description (optional)** field enables you to enter a
       description for your project's dashboard, which will help others
       understand what your project is about. Though it's not required, it's a good
@@ -26,3 +34,4 @@
 1. Click **Create project**.
 
 [import it]: ../workflow/importing/README.md
+[reserved]:  ../user/reserved_names.md
diff --git a/doc/gitlab-basics/img/create_new_project_info.png b/doc/gitlab-basics/img/create_new_project_info.png
index fcfbca87b91..ef8753e224b 100644
--- a/doc/gitlab-basics/img/create_new_project_info.png
+++ b/doc/gitlab-basics/img/create_new_project_info.png
diff --git a/doc/install/installation.md b/doc/install/installation.md
index b14cb2d44c4..66eb7675896 100644
--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -80,7 +80,7 @@ Make sure you have the right version of Git installed
     # Install Git
     sudo apt-get install -y git-core
 
-    # Make sure Git is version 2.8.4 or higher
+    # Make sure Git is version 2.13.0 or higher
     git --version
 
 Is the system packaged Git too old? Remove it and compile from source.
diff --git a/doc/topics/authentication/index.md b/doc/topics/authentication/index.md
index 0c0d482499a..fac91935a45 100644
--- a/doc/topics/authentication/index.md
+++ b/doc/topics/authentication/index.md
@@ -37,7 +37,6 @@ This page gathers all the resources for the topic **Authentication** within GitL
 - [Private Tokens](../../api/README.md#private-tokens)
 - [Impersonation tokens](../../api/README.md#impersonation-tokens)
 - [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider)
-- [GitLab Runner API - Authentication](../../api/ci/runners.md#authentication)
 
 ## Third-party resources
 
diff --git a/doc/topics/git/index.md b/doc/topics/git/index.md
index 604f9375714..df56f031970 100644
--- a/doc/topics/git/index.md
+++ b/doc/topics/git/index.md
@@ -22,6 +22,7 @@ We've gathered some resources to help you to get the best from Git with GitLab.
   - [Cherry-picking a commit](../../user/project/merge_requests/cherry_pick_changes.md#cherry-picking-a-commit)
   - [Squashing commits](../../workflow/gitlab_flow.md#squashing-commits-with-rebase)
 - **Articles:**
+  - [Numerous _undo_ possibilities in Git](../../articles/numerous_undo_possibilities_in_git/index.md)
   - [How to install Git](../../articles/how_to_install_git/index.md)
   - [Git Tips & Tricks](https://about.gitlab.com/2016/12/08/git-tips-and-tricks/)
   - [Eight Tips to help you work better with Git](https://about.gitlab.com/2015/02/19/8-tips-to-help-you-work-better-with-git/)
diff --git a/doc/user/group/index.md b/doc/user/group/index.md
index ceec8b74373..9e168e830e5 100644
--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -57,6 +57,10 @@ By doing so:
 
 ## Create a new group
 
+> **Notes:**
+- For a list of words that are not allowed to be used as group names see the
+  [reserved names][reserved].
+
 You can create a group in GitLab from:
 
 1. The Groups page: expand the left menu, click **Groups**, and click the green button **New group**:
@@ -213,4 +217,5 @@ for the group (GitLab admins only, available in [GitLab Enterprise Edition Start
 - **Pipelines quota**: keep track of the [pipeline quota](../admin_area/settings/continuous_integration.md) for the group
 
 [permissions]: ../permissions.md#permissions
-[ee]: https://about.gitlab.com/products/
\ No newline at end of file
+[ee]: https://about.gitlab.com/products/
+[reserved]:  ../reserved_names.md
diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index 5724dcfab48..d2478aea4bd 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -83,10 +83,7 @@ structure.
 - You need to be an Owner of a group in order to be able to create
   a subgroup. For more information check the [permissions table][permissions].
 - For a list of words that are not allowed to be used as group names see the
-  [`path_regex.rb` file][reserved] under the `TOP_LEVEL_ROUTES`, `PROJECT_WILDCARD_ROUTES` and `GROUP_ROUTES` lists:
-  - `TOP_LEVEL_ROUTES`: are names that are reserved as usernames or top level groups
-  - `PROJECT_WILDCARD_ROUTES`: are names that are reserved for child groups or projects.
-  - `GROUP_ROUTES`: are names that are reserved for all groups or projects.
+  [reserved names][reserved].
 
 To create a subgroup:
 
@@ -175,5 +172,5 @@ Here's a list of what you can't do with subgroups:
 
 [ce-2772]: https://gitlab.com/gitlab-org/gitlab-ce/issues/2772
 [permissions]: ../../permissions.md#group
-[reserved]:  https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/gitlab/path_regex.rb
+[reserved]:  ../../reserved_names.md
 [issue]: https://gitlab.com/gitlab-org/gitlab-ce/issues/30472#note_27747600
diff --git a/doc/user/profile/img/profile_settings_dropdown.png b/doc/user/profile/img/profile_settings_dropdown.png
new file mode 100644
index 00000000000..a2c620642e2
--- /dev/null
+++ b/doc/user/profile/img/profile_settings_dropdown.png
diff --git a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png b/doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png
index 8e26d98f1b0..8e26d98f1b0 100644
--- a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png
+++ b/doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png
diff --git a/doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png b/doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png
new file mode 100644
index 00000000000..5c14df36d73
--- /dev/null
+++ b/doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png
diff --git a/doc/user/project/gpg_signed_commits/img/project_signed_and_unsigned_commits.png b/doc/user/project/gpg_signed_commits/img/project_signed_and_unsigned_commits.png
new file mode 100644
index 00000000000..33936a7d6d7
--- /dev/null
+++ b/doc/user/project/gpg_signed_commits/img/project_signed_and_unsigned_commits.png
diff --git a/doc/workflow/gpg_signed_commits/img/project_signed_commit_unverified_signature.png b/doc/user/project/gpg_signed_commits/img/project_signed_commit_unverified_signature.png
index 22565cf7c7e..22565cf7c7e 100644
--- a/doc/workflow/gpg_signed_commits/img/project_signed_commit_unverified_signature.png
+++ b/doc/user/project/gpg_signed_commits/img/project_signed_commit_unverified_signature.png
diff --git a/doc/workflow/gpg_signed_commits/img/project_signed_commit_verified_signature.png b/doc/user/project/gpg_signed_commits/img/project_signed_commit_verified_signature.png
index 1778b2ddf2b..1778b2ddf2b 100644
--- a/doc/workflow/gpg_signed_commits/img/project_signed_commit_verified_signature.png
+++ b/doc/user/project/gpg_signed_commits/img/project_signed_commit_verified_signature.png
diff --git a/doc/user/project/gpg_signed_commits/index.md b/doc/user/project/gpg_signed_commits/index.md
new file mode 100644
index 00000000000..3ea2203c895
--- /dev/null
+++ b/doc/user/project/gpg_signed_commits/index.md
@@ -0,0 +1,245 @@
+# Signing commits with GPG
+
+> [Introduced][ce-9546] in GitLab 9.5.
+
+GitLab can show whether a commit is verified or not when signed with a GPG key.
+All you need to do is upload the public GPG key in your profile settings.
+
+GPG verified tags are not supported yet.
+
+## Getting started with GPG
+
+Here are a few guides to get you started with GPG:
+
+- [Git Tools - Signing Your Work](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work)
+- [Managing OpenPGP Keys](https://riseup.net/en/security/message-security/openpgp/gpg-keys)
+- [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices)
+- [Creating a new GPG key with subkeys](https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/) (advanced)
+
+## How GitLab handles GPG
+
+GitLab uses its own keyring to verify the GPG signature. It does not access any
+public key server.
+
+In order to have a commit verified on GitLab the corresponding public key needs
+to be uploaded to GitLab. For a signature to be verified two prerequisites need
+to be met:
+
+1. The public key needs to be added your GitLab account
+1. One of the emails in the GPG key matches your **primary** email
+
+## Generating a GPG key
+
+If you don't already have a GPG key, the following steps will help you get
+started:
+
+1. [Install GPG](https://www.gnupg.org/download/index.html) for your operating system
+1. Generate the private/public key pair with the following command:
+
+    ```sh
+    gpg --full-gen-key
+    ```
+
+    This will spawn a series of questions.
+
+1. The first question is which algorithm can be used.  Select the kind you want
+   or press <kbd>Enter</kbd> to choose the default (RSA and RSA):
+
+    ```
+    Please select what kind of key you want:
+       (1) RSA and RSA (default)
+       (2) DSA and Elgamal
+       (3) DSA (sign only)
+       (4) RSA (sign only)
+    Your selection? 1
+    ```
+
+1. The next question is key length. We recommend to choose the highest value
+   which is `4096`:
+
+    ```
+    RSA keys may be between 1024 and 4096 bits long.
+    What keysize do you want? (2048) 4096
+    Requested keysize is 4096 bits
+    ```
+1. Next, you need to specify the validity period of your key. This is something
+   subjective, and you can use the default value which is to never expire:
+
+    ```
+    Please specify how long the key should be valid.
+             0 = key does not expire
+          <n>  = key expires in n days
+          <n>w = key expires in n weeks
+          <n>m = key expires in n months
+          <n>y = key expires in n years
+    Key is valid for? (0) 0
+    Key does not expire at all
+    ```
+
+1. Confirm that the answers you gave were correct by typing `y`:
+
+    ```
+    Is this correct? (y/N) y
+    ```
+
+1. Enter you real name, the email address to be associated with this key (should
+   match the primary email address you use in GitLab) and an optional comment
+   (press <kbd>Enter</kbd> to skip):
+
+    ```
+    GnuPG needs to construct a user ID to identify your key.
+
+    Real name: Mr. Robot
+    Email address: mr@robot.sh
+    Comment:
+    You selected this USER-ID:
+        "Mr. Robot <mr@robot.sh>"
+
+    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
+    ```
+
+1. Pick a strong password when asked and type it twice to confirm.
+1. Use the following command to list the private GPG key you just created:
+
+    ```
+    gpg --list-secret-keys mr@robot.sh
+    ```
+
+    Replace `mr@robot.sh` with the email address you entered above.
+
+1. Copy the GPG key ID that starts with `sec`. In the following example, that's
+   `0x30F2B65B9246B6CA`:
+
+    ```
+    sec   rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
+          D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
+    uid                   [ultimate] Mr. Robot <mr@robot.sh>
+    ssb   rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
+    ```
+
+1. Export the public key of that ID (replace your key ID from the previous step):
+
+    ```
+    gpg --armor --export 0x30F2B65B9246B6CA
+    ```
+
+1. Finally, copy the public key and [add it in your profile settings](#adding-a-gpg-key-to-your-account)
+
+## Adding a GPG key to your account
+
+>**Note:**
+Once you add a key, you cannot edit it, only remove it. In case the paste
+didn't work, you'll have to remove the offending key and re-add it.
+
+You can add a GPG key in your profile's settings:
+
+1. On the upper right corner, click on your avatar and go to your **Settings**.
+
+    ![Settings dropdown](../../profile/img/profile_settings_dropdown.png)
+
+1. Navigate to the **GPG keys** tab and paste your _public_ key in the 'Key'
+   box.
+
+    ![Paste GPG public key](img/profile_settings_gpg_keys_paste_pub.png)
+
+1. Finally, click on **Add key** to add it to GitLab. You will be able to see
+   its fingerprint, the corresponding email address and creation date.
+
+    ![GPG key single page](img/profile_settings_gpg_keys_single_key.png)
+
+## Associating your GPG key with Git
+
+After you have [created your GPG key](#generating-a-gpg-key) and [added it to
+your account](#adding-a-gpg-key-to-your-account), it's time to tell Git which
+key to use.
+
+1. Use the following command to list the private GPG key you just created:
+
+    ```
+    gpg --list-secret-keys mr@robot.sh
+    ```
+
+    Replace `mr@robot.sh` with the email address you entered above.
+
+1. Copy the GPG key ID that starts with `sec`. In the following example, that's
+   `0x30F2B65B9246B6CA`:
+
+    ```
+    sec   rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
+          D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
+    uid                   [ultimate] Mr. Robot <mr@robot.sh>
+    ssb   rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
+    ```
+
+1. Tell Git to use that key to sign the commits:
+
+    ```
+    git config --global user.signingkey 0x30F2B65B9246B6CA
+    ```
+
+    Replace `0x30F2B65B9246B6CA` with your GPG key ID.
+
+## Signing commits
+
+After you have [created your GPG key](#generating-a-gpg-key) and [added it to
+your account](#adding-a-gpg-key-to-your-account), you can start signing your
+commits:
+
+1. Commit like you used to, the only difference is the addition of the `-S` flag:
+
+    ```
+    git commit -S -m "My commit msg"
+    ```
+
+1. Enter the passphrase of your GPG key when asked.
+1. Push to GitLab and check that your commits [are verified](#verifying-commits).
+
+If you don't want to type the `-S` flag every time you commit, you can tell Git
+to sign your commits automatically:
+
+```
+git config --global commit.gpgsign true
+```
+
+## Verifying commits
+
+1. Within a project or [merge request](../merge_requests/index.md), navigate to
+   the **Commits** tab. Signed commits will show a badge containing either
+   "Verified" or "Unverified", depending on the verification status of the GPG
+   signature.
+
+    ![Signed and unsigned commits](img/project_signed_and_unsigned_commits.png)
+
+1. By clicking on the GPG badge, details of the signature are displayed.
+
+    ![Signed commit with verified signature](img/project_signed_commit_verified_signature.png)
+
+    ![Signed commit with verified signature](img/project_signed_commit_unverified_signature.png)
+
+## Revoking a GPG key
+
+Revoking a key **unverifies** already signed commits. Commits that were
+verified by using this key will change to an unverified state. Future commits
+will also stay unverified once you revoke this key. This action should be used
+in case your key has been compromised.
+
+To revoke a GPG key:
+
+1. On the upper right corner, click on your avatar and go to your **Settings**.
+1. Navigate to the **GPG keys** tab.
+1. Click on **Revoke** besides the GPG key you want to delete.
+
+## Removing a GPG key
+
+Removing a key **does not unverify** already signed commits. Commits that were
+verified by using this key will stay verified. Only unpushed commits will stay
+unverified once you remove this key. To unverify already signed commits, you need
+to [revoke the associated GPG key](#revoking-a-gpg-key) from your account.
+
+To remove a GPG key from your account:
+
+1. On the upper right corner, click on your avatar and go to your **Settings**.
+1. Navigate to the **GPG keys** tab.
+1. Click on the trash icon besides the GPG key you want to delete.
+
+[ce-9546]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9546
diff --git a/doc/user/project/import/bitbucket.md b/doc/user/project/import/bitbucket.md
new file mode 100644
index 00000000000..b22c7db0047
--- /dev/null
+++ b/doc/user/project/import/bitbucket.md
@@ -0,0 +1,62 @@
+# Import your project from Bitbucket to GitLab
+
+Import your projects from Bitbucket to GitLab with minimal effort.
+
+## Overview
+
+>**Note:**
+The [Bitbucket integration][bb-import] must be first enabled in order to be
+able to import your projects from Bitbucket. Ask your GitLab administrator
+to enable this if not already.
+
+- At its current state, the Bitbucket importer can import:
+  - the repository description (GitLab 7.7+)
+  - the Git repository data (GitLab 7.7+)
+  - the issues (GitLab 7.7+)
+  - the issue comments (GitLab 8.15+)
+  - the pull requests (GitLab 8.4+)
+  - the pull request comments (GitLab 8.15+)
+  - the milestones (GitLab 8.15+)
+  - the wiki (GitLab 8.15+)
+- References to pull requests and issues are preserved (GitLab 8.7+)
+- Repository public access is retained. If a repository is private in Bitbucket
+  it will be created as private in GitLab as well.
+
+
+## How it works
+
+When issues/pull requests are being imported, the Bitbucket importer tries to find
+the Bitbucket author/assignee in GitLab's database using the Bitbucket ID. For this
+to work, the Bitbucket author/assignee should have signed in beforehand in GitLab
+and **associated their Bitbucket account**. If the user is not
+found in GitLab's database, the project creator (most of the times the current
+user that started the import process) is set as the author, but a reference on
+the issue about the original Bitbucket author is kept.
+
+The importer will create any new namespaces (groups) if they don't exist or in
+the case the namespace is taken, the repository will be imported under the user's
+namespace that started the import process.
+
+## Importing your Bitbucket repositories
+
+1. Sign in to GitLab and go to your dashboard.
+1. Click on **New project**.
+
+    ![New project in GitLab](img/bitbucket_import_new_project.png)
+
+1. Click on the "Bitbucket" button
+
+    ![Bitbucket](img/import_projects_from_new_project_page.png)
+
+1. Grant GitLab access to your Bitbucket account
+
+    ![Grant access](img/bitbucket_import_grant_access.png)
+
+1. Click on the projects that you'd like to import or **Import all projects**.
+   You can also select the namespace under which each project will be
+   imported.
+
+    ![Import projects](img/bitbucket_import_select_project.png)
+
+[bb-import]: ../../../integration/bitbucket.md
+[social sign-in]: ../../profile/account/social_sign_in.md
diff --git a/doc/user/project/import/clearcase.md b/doc/user/project/import/clearcase.md
new file mode 100644
index 00000000000..f23623ed485
--- /dev/null
+++ b/doc/user/project/import/clearcase.md
@@ -0,0 +1,47 @@
+# Migrating from ClearCase
+
+[ClearCase](https://www-03.ibm.com/software/products/en/clearcase/) is a set of
+tools developed by IBM which also include a centralized version control system
+similar to Git.
+
+A good read of ClearCase's basic concepts is can be found in this [StackOverflow
+post](https://stackoverflow.com/a/645771/974710).
+
+The following table illustrates the main differences between ClearCase and Git:
+
+| Aspect | ClearCase | Git |
+| ------ | --------- | --- |
+| Repository model | Client-server | Distributed |
+| Revision IDs | Branch + number  | Global alphanumeric ID |
+| Scope of Change | File | Directory tree snapshot |
+| Concurrency model | Merge | Merge |
+| Storage Method | Deltas | Full content |
+| Client | CLI, Eclipse, CC Client | CLI, Eclipse, Git client/GUIs |
+| Server | UNIX, Windows legacy systems | UNIX, macOS |
+| License | Proprietary | GPL |
+
+_Taken from the slides [ClearCase and the journey to Git](https://www.open.collab.net/media/pdfs/ClearCase-and-the-journey-to-Git.pdf) provided by collab.net_
+
+## Why migrate
+
+ClearCase can be difficult to manage both from a user and an admin perspective.
+Migrating to Git/GitLab there is:
+
+- **No licensing costs**, Git is GPL while ClearCase is proprietary.
+- **Shorter learning curve**, Git has a big community and a vast number of
+  tutorials to get you started.
+- **Integration with modern tools**, migrating to Git and GitLab you can have
+  an open source end-to-end software development platform with built-in version
+  control, issue tracking, code review, CI/CD, and more.
+
+## How to migrate
+
+While there doesn't exist a tool to fully migrate from ClearCase to Git, here
+are some useful links to get you started:
+
+- [Bridge for Git and ClearCase](https://github.com/charleso/git-cc)
+- [Slides "ClearCase and the journey to Git"](https://www.open.collab.net/media/pdfs/ClearCase-and-the-journey-to-Git.pdf)
+- [ClearCase to Git](https://therub.org/2013/07/19/clearcase-to-git/)
+- [Dual syncing ClearCase to Git](https://therub.org/2013/10/22/dual-syncing-clearcase-and-git/)
+- [Moving to Git from ClearCase](https://sateeshkumarb.wordpress.com/2011/01/15/moving-to-git-from-clearcase/)
+- [ClearCase to Git webinar](https://www.brighttalk.com/webcast/11817/162473/clearcase-to-git)
diff --git a/doc/user/project/import/fogbugz.md b/doc/user/project/import/fogbugz.md
new file mode 100644
index 00000000000..17222c53675
--- /dev/null
+++ b/doc/user/project/import/fogbugz.md
@@ -0,0 +1,28 @@
+# Import your project from FogBugz to GitLab
+
+It only takes a few simple steps to import your project from FogBugz.
+The importer will import all of your cases and comments with original case
+numbers and timestamps. You will also have the opportunity to map FogBugz
+users to GitLab users.
+
+1. From your GitLab dashboard click 'New project'
+1. Click on the 'FogBugz' button
+
+  ![FogBugz](img/fogbugz_import_select_fogbogz.png)
+
+1. Enter your FogBugz URL, email address, and password.
+
+  ![Login](img/fogbugz_import_login.png)
+
+1. Create mapping from FogBugz users to GitLab users.
+
+  ![User Map](img/fogbugz_import_user_map.png)
+
+1. Select the projects you wish to import by clicking the Import buttons
+
+  ![Import Project](img/fogbugz_import_select_project.png)
+
+1. Once the import has finished click the link to take you to the project
+dashboard. Follow the directions to push your existing repository.
+
+  ![Finished](img/fogbugz_import_finished.png)
diff --git a/doc/user/project/import/gitea.md b/doc/user/project/import/gitea.md
new file mode 100644
index 00000000000..f5746a0fb31
--- /dev/null
+++ b/doc/user/project/import/gitea.md
@@ -0,0 +1,77 @@
+# Import your project from Gitea to GitLab
+
+Import your projects from Gitea to GitLab with minimal effort.
+
+## Overview
+
+>**Note:**
+This requires Gitea `v1.0.0` or newer.
+
+- At its current state, Gitea importer can import:
+  - the repository description (GitLab 8.15+)
+  - the Git repository data (GitLab 8.15+)
+  - the issues (GitLab 8.15+)
+  - the pull requests (GitLab 8.15+)
+  - the milestones (GitLab 8.15+)
+  - the labels (GitLab 8.15+)
+- Repository public access is retained. If a repository is private in Gitea
+  it will be created as private in GitLab as well.
+
+## How it works
+
+Since Gitea is currently not an OAuth provider, author/assignee cannot be mapped
+to users in your GitLab's instance. This means that the project creator (most of
+the times the current user that started the import process) is set as the author,
+but a reference on the issue about the original Gitea author is kept.
+
+The importer will create any new namespaces (groups) if they don't exist or in
+the case the namespace is taken, the repository will be imported under the user's
+namespace that started the import process.
+
+## Importing your Gitea repositories
+
+The importer page is visible when you create a new project.
+
+![New project page on GitLab](img/import_projects_from_new_project_page.png)
+
+Click on the **Gitea** link and the import authorization process will start.
+
+![New Gitea project import](img/import_projects_from_gitea_new_import.png)
+
+### Authorize access to your repositories using a personal access token
+
+With this method, you will perform a one-off authorization with Gitea to grant
+GitLab access your repositories:
+
+1. Go to <https://you-gitea-instance/user/settings/applications> (replace
+   `you-gitea-instance` with the host of your Gitea instance).
+1. Click **Generate New Token**.
+1. Enter a token description.
+1. Click **Generate Token**.
+1. Copy the token hash.
+1. Go back to GitLab and provide the token to the Gitea importer.
+1. Hit the **List Your Gitea Repositories** button and wait while GitLab reads
+   your repositories' information. Once done, you'll be taken to the importer
+   page to select the repositories to import.
+
+### Select which repositories to import
+
+After you've authorized access to your Gitea repositories, you will be
+redirected to the Gitea importer page.
+
+From there, you can see the import statuses of your Gitea repositories.
+
+- Those that are being imported will show a _started_ status,
+- those already successfully imported will be green with a _done_ status,
+- whereas those that are not yet imported will have an **Import** button on the
+  right side of the table.
+
+If you want, you can import all your Gitea projects in one go by hitting
+**Import all projects** in the upper left corner.
+
+![Gitea importer page](img/import_projects_from_github_importer.png)
+
+---
+
+You can also choose a different name for the project and a different namespace,
+if you have the privileges to do so.
diff --git a/doc/user/project/import/github.md b/doc/user/project/import/github.md
new file mode 100644
index 00000000000..016f98966e3
--- /dev/null
+++ b/doc/user/project/import/github.md
@@ -0,0 +1,122 @@
+# Import your project from GitHub to GitLab
+
+Import your projects from GitHub to GitLab with minimal effort.
+
+## Overview
+
+>**Note:**
+If you are an administrator you can enable the [GitHub integration][gh-import]
+in your GitLab instance sitewide. This configuration is optional, users will
+still be able to import their GitHub repositories with a
+[personal access token][gh-token].
+
+>**Note:**
+Administrators of a GitLab instance (Community or Enterprise Edition) can also
+use the [GitHub rake task][gh-rake] to import projects from GitHub without the
+constrains of a Sidekiq worker.
+
+- At its current state, GitHub importer can import:
+  - the repository description (GitLab 7.7+)
+  - the Git repository data (GitLab 7.7+)
+  - the issues (GitLab 7.7+)
+  - the pull requests (GitLab 8.4+)
+  - the wiki pages (GitLab 8.4+)
+  - the milestones (GitLab 8.7+)
+  - the labels (GitLab 8.7+)
+  - the release note descriptions (GitLab 8.12+)
+- References to pull requests and issues are preserved (GitLab 8.7+)
+- Repository public access is retained. If a repository is private in GitHub
+  it will be created as private in GitLab as well.
+
+## How it works
+
+When issues/pull requests are being imported, the GitHub importer tries to find
+the GitHub author/assignee in GitLab's database using the GitHub ID. For this
+to work, the GitHub author/assignee should have signed in beforehand in GitLab
+and **associated their GitHub account**. If the user is not
+found in GitLab's database, the project creator (most of the times the current
+user that started the import process) is set as the author, but a reference on
+the issue about the original GitHub author is kept.
+
+The importer will create any new namespaces (groups) if they don't exist or in
+the case the namespace is taken, the repository will be imported under the user's
+namespace that started the import process.
+
+## Importing your GitHub repositories
+
+The importer page is visible when you create a new project.
+
+![New project page on GitLab](img/import_projects_from_new_project_page.png)
+
+Click on the **GitHub** link and the import authorization process will start.
+There are two ways to authorize access to your GitHub repositories:
+
+1. [Using the GitHub integration][gh-integration] (if it's enabled by your
+   GitLab administrator). This is the preferred way as it's possible to
+   preserve the GitHub authors/assignees. Read more in the [How it works](#how-it-works)
+   section.
+1. [Using a personal access token][gh-token] provided by GitHub.
+
+![Select authentication method](img/import_projects_from_github_select_auth_method.png)
+
+### Authorize access to your repositories using the GitHub integration
+
+If the [GitHub integration][gh-import] is enabled by your GitLab administrator,
+you can use it instead of the personal access token.
+
+1. First you may want to connect your GitHub account to GitLab in order for
+   the username mapping to be correct.
+1. Once you connect GitHub, click the **List your GitHub repositories** button
+   and you will be redirected to GitHub for permission to access your projects.
+1. After accepting, you'll be automatically redirected to the importer.
+
+You can now go on and [select which repositories to import](#select-which-repositories-to-import).
+
+### Authorize access to your repositories using a personal access token
+
+>**Note:**
+For a proper author/assignee mapping for issues and pull requests, the
+[GitHub integration][gh-integration] should be used instead of the
+[personal access token][gh-token]. If the GitHub integration is enabled by your
+GitLab administrator, it should be the preferred method to import your repositories.
+Read more in the [How it works](#how-it-works) section.
+
+If you are not using the GitHub integration, you can still perform a one-off
+authorization with GitHub to grant GitLab access your repositories:
+
+1. Go to <https://github.com/settings/tokens/new>.
+1. Enter a token description.
+1. Check the `repo` scope.
+1. Click **Generate token**.
+1. Copy the token hash.
+1. Go back to GitLab and provide the token to the GitHub importer.
+1. Hit the **List Your GitHub Repositories** button and wait while GitLab reads
+   your repositories' information. Once done, you'll be taken to the importer
+   page to select the repositories to import.
+
+### Select which repositories to import
+
+After you've authorized access to your GitHub repositories, you will be
+redirected to the GitHub importer page.
+
+From there, you can see the import statuses of your GitHub repositories.
+
+- Those that are being imported will show a _started_ status,
+- those already successfully imported will be green with a _done_ status,
+- whereas those that are not yet imported will have an **Import** button on the
+  right side of the table.
+
+If you want, you can import all your GitHub projects in one go by hitting
+**Import all projects** in the upper left corner.
+
+![GitHub importer page](img/import_projects_from_github_importer.png)
+
+---
+
+You can also choose a different name for the project and a different namespace,
+if you have the privileges to do so.
+
+[gh-import]: ../../../integration/github.md "GitHub integration"
+[gh-rake]: ../../../administration/raketasks/github_import.md "GitHub rake task"
+[gh-integration]: #authorize-access-to-your-repositories-using-the-github-integration
+[gh-token]: #authorize-access-to-your-repositories-using-a-personal-access-token
diff --git a/doc/user/project/import/gitlab_com.md b/doc/user/project/import/gitlab_com.md
new file mode 100644
index 00000000000..3b37da67a5b
--- /dev/null
+++ b/doc/user/project/import/gitlab_com.md
@@ -0,0 +1,20 @@
+# Project importing from GitLab.com to your private GitLab instance
+
+You can import your existing GitLab.com projects to your GitLab instance. But keep in mind that it is possible only if
+GitLab support is enabled on your GitLab instance.
+You can read more about GitLab support [here](http://docs.gitlab.com/ce/integration/gitlab.html)
+To get to the importer page you need to go to "New project" page.
+
+>**Note:**
+If you are interested in importing Wiki and Merge Request data to your new
+instance, you'll need to follow the instructions for [project export](../settings/import_export.md)
+
+![New project page](img/gitlab_new_project_page.png)
+
+Click on the "Import projects from GitLab.com" link and you will be redirected to GitLab.com
+for permission to access your projects. After accepting, you'll be automatically redirected to the importer.
+
+![Importer page](img/gitlab_importer.png)
+
+To import a project, you can simple click "Import". The importer will import your repository and issues.
+Once the importer is done, a new GitLab project will be created with your imported data.
diff --git a/doc/workflow/importing/img/bitbucket_import_grant_access.png b/doc/user/project/import/img/bitbucket_import_grant_access.png
index 429904e621d..429904e621d 100644
--- a/doc/workflow/importing/img/bitbucket_import_grant_access.png
+++ b/doc/user/project/import/img/bitbucket_import_grant_access.png
diff --git a/doc/workflow/importing/img/bitbucket_import_new_project.png b/doc/user/project/import/img/bitbucket_import_new_project.png
index 8ed528c2f09..8ed528c2f09 100644
--- a/doc/workflow/importing/img/bitbucket_import_new_project.png
+++ b/doc/user/project/import/img/bitbucket_import_new_project.png
diff --git a/doc/workflow/importing/img/bitbucket_import_select_project.png b/doc/user/project/import/img/bitbucket_import_select_project.png
index 1bca6166ec8..1bca6166ec8 100644
--- a/doc/workflow/importing/img/bitbucket_import_select_project.png
+++ b/doc/user/project/import/img/bitbucket_import_select_project.png
diff --git a/doc/workflow/importing/fogbugz_importer/fogbugz_import_finished.png b/doc/user/project/import/img/fogbugz_import_finished.png
index 62c5c86c9b3..62c5c86c9b3 100644
--- a/doc/workflow/importing/fogbugz_importer/fogbugz_import_finished.png
+++ b/doc/user/project/import/img/fogbugz_import_finished.png
diff --git a/doc/workflow/importing/fogbugz_importer/fogbugz_import_login.png b/doc/user/project/import/img/fogbugz_import_login.png
index 96bce70b74d..96bce70b74d 100644
--- a/doc/workflow/importing/fogbugz_importer/fogbugz_import_login.png
+++ b/doc/user/project/import/img/fogbugz_import_login.png
diff --git a/doc/workflow/importing/fogbugz_importer/fogbugz_import_select_fogbogz.png b/doc/user/project/import/img/fogbugz_import_select_fogbogz.png
index b26c652e382..b26c652e382 100644
--- a/doc/workflow/importing/fogbugz_importer/fogbugz_import_select_fogbogz.png
+++ b/doc/user/project/import/img/fogbugz_import_select_fogbogz.png
diff --git a/doc/workflow/importing/fogbugz_importer/fogbugz_import_select_project.png b/doc/user/project/import/img/fogbugz_import_select_project.png
index ccc82f9d4cd..ccc82f9d4cd 100644
--- a/doc/workflow/importing/fogbugz_importer/fogbugz_import_select_project.png
+++ b/doc/user/project/import/img/fogbugz_import_select_project.png
diff --git a/doc/workflow/importing/fogbugz_importer/fogbugz_import_user_map.png b/doc/user/project/import/img/fogbugz_import_user_map.png
index 28ff55a8d89..28ff55a8d89 100644
--- a/doc/workflow/importing/fogbugz_importer/fogbugz_import_user_map.png
+++ b/doc/user/project/import/img/fogbugz_import_user_map.png
diff --git a/doc/workflow/importing/gitlab_importer/importer.png b/doc/user/project/import/img/gitlab_importer.png
index 27d42eb492e..27d42eb492e 100644
--- a/doc/workflow/importing/gitlab_importer/importer.png
+++ b/doc/user/project/import/img/gitlab_importer.png
diff --git a/doc/workflow/importing/gitlab_importer/new_project_page.png b/doc/user/project/import/img/gitlab_new_project_page.png
index c673724f436..c673724f436 100644
--- a/doc/workflow/importing/gitlab_importer/new_project_page.png
+++ b/doc/user/project/import/img/gitlab_new_project_page.png
diff --git a/doc/workflow/importing/img/import_projects_from_gitea_new_import.png b/doc/user/project/import/img/import_projects_from_gitea_new_import.png
index a3f603cbd0a..a3f603cbd0a 100644
--- a/doc/workflow/importing/img/import_projects_from_gitea_new_import.png
+++ b/doc/user/project/import/img/import_projects_from_gitea_new_import.png
diff --git a/doc/workflow/importing/img/import_projects_from_github_importer.png b/doc/user/project/import/img/import_projects_from_github_importer.png
index d8effaf6075..d8effaf6075 100644
--- a/doc/workflow/importing/img/import_projects_from_github_importer.png
+++ b/doc/user/project/import/img/import_projects_from_github_importer.png
diff --git a/doc/workflow/importing/img/import_projects_from_github_select_auth_method.png b/doc/user/project/import/img/import_projects_from_github_select_auth_method.png
index 1ccb38a815e..1ccb38a815e 100644
--- a/doc/workflow/importing/img/import_projects_from_github_select_auth_method.png
+++ b/doc/user/project/import/img/import_projects_from_github_select_auth_method.png
diff --git a/doc/workflow/importing/img/import_projects_from_new_project_page.png b/doc/user/project/import/img/import_projects_from_new_project_page.png
index 97ca30b2087..97ca30b2087 100644
--- a/doc/workflow/importing/img/import_projects_from_new_project_page.png
+++ b/doc/user/project/import/img/import_projects_from_new_project_page.png
diff --git a/doc/user/project/import/index.md b/doc/user/project/import/index.md
new file mode 100644
index 00000000000..2a8728ed96e
--- /dev/null
+++ b/doc/user/project/import/index.md
@@ -0,0 +1,21 @@
+# Migrating projects to a GitLab instance
+
+1. [From Bitbucket.org](bitbucket.md)
+1. [From GitHub.com of GitHub Enterprise](github.md)
+1. [From GitLab.com](gitlab_com.md)
+1. [From FogBugz](fogbugz.md)
+1. [From Gitea](gitea.md)
+1. [From SVN](svn.md)
+1. [From ClearCase](clearcase.md)
+
+In addition to the specific migration documentation above, you can import any
+Git repository via HTTP from the New Project page. Be aware that if the
+repository is too large the import can timeout.
+
+## Migrating from self-hosted GitLab to GitLab.com
+
+You can copy your repos by changing the remote and pushing to the new server,
+but issues and merge requests can't be imported.
+
+If you want to retain all metadata like issues and merge requests, you can use
+the [import/export feature](../settings/import_export.md).
diff --git a/doc/user/project/import/svn.md b/doc/user/project/import/svn.md
new file mode 100644
index 00000000000..7a3628a39d7
--- /dev/null
+++ b/doc/user/project/import/svn.md
@@ -0,0 +1,183 @@
+# Migrating from SVN to GitLab
+
+Subversion (SVN) is a central version control system (VCS) while
+Git is a distributed version control system. There are some major differences
+between the two, for more information consult your favorite search engine.
+
+## Overview
+
+There are two approaches to SVN to Git migration:
+
+1. [Git/SVN Mirror](#smooth-migration-with-a-gitsvn-mirror-using-subgit) which:
+    - Makes the GitLab repository to mirror the SVN project.
+    - Git and SVN repositories are kept in sync; you can use either one.
+    - Smoothens the migration process and allows to manage migration risks.
+
+1. [Cut over migration](#cut-over-migration-with-svn2git) which:
+     - Translates and imports the existing data and history from SVN to Git.
+     - Is a fire and forget approach, good for smaller teams.
+
+## Smooth migration with a Git/SVN mirror using SubGit
+
+[SubGit](https://subgit.com) is a tool for a smooth, stress-free SVN to Git
+migration. It creates a writable Git mirror of a local or remote Subversion
+repository and that way you can use both Subversion and Git as long as you like.
+It requires access to your GitLab server as it talks with the Git repositories
+directly in a filesystem level.
+
+### SubGit prerequisites
+
+1. Install Oracle JRE 1.8 or newer. On Debian-based Linux distributions you can
+   follow [this article](http://www.webupd8.org/2012/09/install-oracle-java-8-in-ubuntu-via-ppa.html).
+1. Download SubGit from https://subgit.com/download/.
+1. Unpack the downloaded SubGit zip archive to the `/opt` directory. The `subgit`
+   command will be available at `/opt/subgit-VERSION/bin/subgit`.
+
+### SubGit configuration
+
+The first step to mirror you SVN repository in GitLab is to create a new empty
+project which will be used as a mirror. For Omnibus installations the path to
+the repository will be located at
+`/var/opt/gitlab/git-data/repositories/USER/REPO.git` by default. For
+installations from source, the default repository directory will be
+`/home/git/repositories/USER/REPO.git`. For convenience, assign this path to a
+variable:
+
+```
+GIT_REPO_PATH=/var/opt/gitlab/git-data/repositories/USER/REPOS.git
+```
+
+SubGit will keep this repository in sync with a remote SVN project. For
+convenience, assign your remote SVN project URL to a variable:
+
+```
+SVN_PROJECT_URL=http://svn.company.com/repos/project
+```
+
+Next you need to run SubGit to set up a Git/SVN mirror. Make sure the following
+`subgit` command is ran on behalf of the same user that keeps ownership of
+GitLab Git repositories (by default `git`):
+
+```
+subgit configure --layout auto $SVN_PROJECT_URL $GIT_REPO_PATH
+```
+
+Adjust authors and branches mappings, if necessary. Open with your favorite
+text editor:
+
+```
+edit $GIT_REPO_PATH/subgit/authors.txt
+edit $GIT_REPO_PATH/subgit/config
+```
+
+For more information regarding the SubGit configuration options, refer to
+[SubGit's documentation](https://subgit.com/documentation.html) website.
+
+### Initial translation
+
+Now that SubGit has configured the Git/SVN repos, run `subgit` to perform the
+initial translation of existing SVN revisions into the Git repository:
+
+```
+subgit install $GIT_REPO_PATH
+```
+
+After the initial translation is completed, the Git repository and the SVN
+project will be kept in sync by `subgit` - new Git commits will be translated to
+SVN revisions and new SVN revisions will be translated to Git commits. Mirror
+works transparently and does not require any special commands.
+
+If you would prefer to perform one-time cut over migration with `subgit`, use
+the `import` command instead of `install`:
+
+```
+subgit import $GIT_REPO_PATH
+```
+
+### SubGit licensing
+
+Running SubGit in a mirror mode requires a
+[registration](https://subgit.com/pricing.html). Registration is free for open
+source, academic and startup projects.
+
+We're currently working on deeper GitLab/SubGit integration. You may track our
+progress at [this issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/990).
+
+### SubGit support
+
+For any questions related to SVN to GitLab migration with SubGit, you can
+contact the SubGit team directly at [support@subgit.com](mailto:support@subgit.com).
+
+## Cut over migration with svn2git
+
+If you are currently using an SVN repository, you can migrate the repository
+to Git and GitLab. We recommend a hard cut over - run the migration command once
+and then have all developers start using the new GitLab repository immediately.
+Otherwise, it's hard to keep changing in sync in both directions. The conversion
+process should be run on a local workstation.
+
+Install `svn2git`. On all systems you can install as a Ruby gem if you already
+have Ruby and Git installed.
+
+```bash
+sudo gem install svn2git
+```
+
+On Debian-based Linux distributions you can install the native packages:
+
+```bash
+sudo apt-get install git-core git-svn ruby
+```
+
+Optionally, prepare an authors file so `svn2git` can map SVN authors to Git authors.
+If you choose not to create the authors file then commits will not be attributed
+to the correct GitLab user. Some users may not consider this a big issue while
+others will want to ensure they complete this step. If you choose to map authors
+you will be required to map every author that is present on changes in the SVN
+repository. If you don't, the conversion will fail and you will have to update
+the author file accordingly. The following command will search through the
+repository and output a list of authors.
+
+```bash
+svn log --quiet | grep -E "r[0-9]+ \| .+ \|" | cut -d'|' -f2 | sed 's/ //g' | sort | uniq
+```
+
+Use the output from the last command to construct the authors file.
+Create a file called `authors.txt` and add one mapping per line.
+
+```
+janedoe = Jane Doe <janedoe@example.com>
+johndoe = John Doe <johndoe@example.com>
+```
+
+If your SVN repository is in the standard format (trunk, branches, tags,
+not nested) the conversion is simple. For a non-standard repository see
+[svn2git documentation](https://github.com/nirvdrum/svn2git). The following
+command will checkout the repository and do the conversion in the current
+working directory. Be sure to create a new directory for each repository before
+running the `svn2git` command. The conversion process will take some time.
+
+```bash
+svn2git https://svn.example.com/path/to/repo --authors /path/to/authors.txt
+```
+
+If your SVN repository requires a username and password add the
+`--username <username>` and `--password <password` flags to the above command.
+`svn2git` also supports excluding certain file paths, branches, tags, etc. See
+[svn2git documentation](https://github.com/nirvdrum/svn2git) or run
+`svn2git --help` for full documentation on all of the available options.
+
+Create a new GitLab project, where you will eventually push your converted code.
+Copy the SSH or HTTP(S) repository URL from the project page. Add the GitLab
+repository as a Git remote and push all the changes. This will push all commits,
+branches and tags.
+
+```bash
+git remote add origin git@gitlab.com:<group>/<project>.git
+git push --all origin
+git push --tags origin
+```
+
+## Contribute to this guide
+We welcome all contributions that would expand this guide with instructions on
+how to migrate from SVN and other version control systems.
diff --git a/doc/user/project/index.md b/doc/user/project/index.md
index 0dd0faf35e9..41a96246292 100644
--- a/doc/user/project/index.md
+++ b/doc/user/project/index.md
@@ -24,6 +24,7 @@ integrated platform
   from messing with history or pushing code without review
   - [Protected tags](protected_tags.md): Control over who has
   permission to create tags, and prevent accidental update or deletion
+  - [Signing commits](gpg_signed_commits/index.md): use GPG to sign your commits
 - [Merge Requests](merge_requests/index.md): Apply your branching
 strategy and get reviewed by your team
   - [Merge Request Approvals](https://docs.gitlab.com/ee/user/project/merge_requests/merge_request_approvals.html) (**EES/EEP**): Ask for approval before
@@ -90,11 +91,11 @@ from your fork to the upstream project
 
 ## Import or export a project
 
-- Import a project from:
-  - [GitHub to GitLab](../../workflow/importing/import_projects_from_github.md)
-  - [BitBucket to GitLab](../../workflow/importing/import_projects_from_bitbucket.md)
-  - [Gitea to GitLab](../../workflow/importing/import_projects_from_gitea.md)
-  - [FogBugz to GitLab](../../workflow/importing/import_projects_from_fogbugz.md)
+- [Import a project](import/index.md) from:
+  - [GitHub to GitLab](import/github.md)
+  - [BitBucket to GitLab](import/bitbucket.md)
+  - [Gitea to GitLab](import/gitea.md)
+  - [FogBugz to GitLab](import/fogbugz.md)
 - [Export a project from GitLab](settings/import_export.md#exporting-a-project-and-its-data)
 - [Importing and exporting projects between GitLab instances](settings/import_export.md)
 
diff --git a/doc/user/reserved_names.md b/doc/user/reserved_names.md
new file mode 100644
index 00000000000..50ec99be48b
--- /dev/null
+++ b/doc/user/reserved_names.md
@@ -0,0 +1,109 @@
+# Reserved project and group names
+
+Not all project & group names are allowed because they would conflict with
+existing routes used by GitLab.
+
+For a list of words that are not allowed to be used as group or project names, see the
+[`path_regex.rb` file][reserved] under the `TOP_LEVEL_ROUTES`, `PROJECT_WILDCARD_ROUTES` and `GROUP_ROUTES` lists:
+- `TOP_LEVEL_ROUTES`: are names that are reserved as usernames or top level groups
+- `PROJECT_WILDCARD_ROUTES`: are names that are reserved for child groups or projects.
+- `GROUP_ROUTES`: are names that are reserved for all groups or projects.
+
+## Reserved project names
+
+It is currently not possible to create a project with the following names:
+
+- -
+- badges
+- blame
+- blob
+- builds
+- commits
+- create
+- create_dir
+- edit
+- environments/folders
+- files
+- find_file
+- gitlab-lfs/objects
+- info/lfs/objects
+- new
+- preview
+- raw
+- refs
+- tree
+- update
+- wikis
+
+## Reserved group names
+
+Currently the following names are reserved as top level groups:
+
+- 503.html
+- -
+- .well-known
+- 404.html
+- 422.html
+- 500.html
+- 502.html
+- abuse_reports
+- admin
+- api
+- apple-touch-icon-precomposed.png
+- apple-touch-icon.png
+- files
+- assets
+- autocomplete
+- ci
+- dashboard
+- deploy.html
+- explore
+- favicon.ico
+- groups
+- header_logo_dark.png
+- header_logo_light.png
+- health_check
+- help
+- import
+- invites
+- jwt
+- koding
+- notification_settings
+- oauth
+- profile
+- projects
+- public
+- robots.txt
+- s
+- search
+- sent_notifications
+- slash-command-logo.png
+- snippets
+- u
+- unicorn_test
+- unsubscribes
+- uploads
+- users
+
+These group names are unavailable as subgroup names:
+
+- -
+- activity
+- analytics
+- audit_events
+- avatar
+- edit
+- group_members
+- hooks
+- issues
+- labels
+- ldap
+- ldap_group_links
+- merge_requests
+- milestones
+- notification_setting
+- pipeline_quota
+- projects
+- subgroups
+
+[reserved]:  https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/gitlab/path_regex.rb
diff --git a/doc/user/search/img/group_issues_filter.png b/doc/user/search/img/group_issues_filter.png
new file mode 100644
index 00000000000..45eced79b99
--- /dev/null
+++ b/doc/user/search/img/group_issues_filter.png
diff --git a/doc/user/search/index.md b/doc/user/search/index.md
index 6d59dcc6c75..79f34fd29ba 100644
--- a/doc/user/search/index.md
+++ b/doc/user/search/index.md
@@ -40,6 +40,14 @@ The same process is valid for merge requests. Navigate to your project's **Merge
 and click **Search or filter results...**. Merge requests can be filtered by author, assignee,
 milestone, and label.
 
+## Issues and merge requests per group
+
+Similar to **Issues and merge requests per project**, you can also search for issues
+within a group. Navigate to a group's **Issues** tab and query search results in
+the same way as you do for projects.
+
+![filter issues in a group](img/group_issues_filter.png)
+
 ## Search history
 
 You can view recent searches by clicking on the little arrow-clock icon, which is to the left of the search input. Click the search entry to run that search again. This feature is available for issues and merge requests. Searches are stored locally in your browser.
diff --git a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys.png b/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys.png
deleted file mode 100644
index e525083918b..00000000000
--- a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys.png
+++ /dev/null
diff --git a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png b/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png
deleted file mode 100644
index f715c46adc3..00000000000
--- a/doc/workflow/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png
+++ /dev/null
diff --git a/doc/workflow/gpg_signed_commits/img/project_signed_and_unsigned_commits.png b/doc/workflow/gpg_signed_commits/img/project_signed_and_unsigned_commits.png
deleted file mode 100644
index 16ec2d031ae..00000000000
--- a/doc/workflow/gpg_signed_commits/img/project_signed_and_unsigned_commits.png
+++ /dev/null
diff --git a/doc/workflow/gpg_signed_commits/index.md b/doc/workflow/gpg_signed_commits/index.md
deleted file mode 100644
index 7d5762d2b9d..00000000000
--- a/doc/workflow/gpg_signed_commits/index.md
+++ /dev/null
@@ -1,84 +0,0 @@
-# Signing commits with GPG
-
-## Getting started
-
-- [Git Tools - Signing Your Work](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work)
-- [Git Tools - Signing Your Work: GPG introduction](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work#_gpg_introduction)
-- [Git Tools - Signing Your Work: Signing commits](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work#_signing_commits)
-
-## How GitLab handles GPG
-
-GitLab uses its own keyring to verify the GPG signature. It does not access any
-public key server.
-
-In order to have a commit verified on GitLab the corresponding public key needs
-to be uploaded to GitLab.
-
-For a signature to be verified two prerequisites need to be met:
-
-1. The public key needs to be added to GitLab
-1. One of the emails in the GPG key matches your **primary** email
-
-## Add a GPG key
-
-1. On the upper right corner, click on your avatar and go to your **Settings**.
-
-    ![Settings dropdown](../../gitlab-basics/img/profile_settings.png)
-
-1. Navigate to the **GPG keys** tab.
-
-    ![GPG Keys](img/profile_settings_gpg_keys.png)
-
-1. Paste your **public** key in the 'Key' box.
-
-    ![Paste GPG public key](img/profile_settings_gpg_keys_paste_pub.png)
-
-1. Finally, click on **Add key** to add it to GitLab. You will be able to see
-   its fingerprint, the corresponding email address and creation date.
-
-    ![GPG key single page](img/profile_settings_gpg_keys_single_key.png)
-
->**Note:**
-Once you add a key, you cannot edit it, only remove it. In case the paste
-didn't work, you will have to remove the offending key and re-add it.
-
-## Remove a GPG key
-
-1. On the upper right corner, click on your avatar and go to your **Settings**.
-
-1. Navigate to the **GPG keys** tab.
-
-1. Click on the trash icon besides the GPG key you want to delete.
-
->**Note:**
-Removing a key **does not unverify** already signed commits. Commits that were
-verified by using this key will stay verified. Only unpushed commits will stay
-unverified once you remove this key.
-
-## Revoke a GPG key
-
-1. On the upper right corner, click on your avatar and go to your **Settings**.
-
-1. Navigate to the **GPG keys** tab.
-
-1. Click on **Revoke** besides the GPG key you want to delete.
-
->**Note:**
-Revoking a key **unverifies** already signed commits. Commits that were
-verified by using this key will change to an unverified state. Future commits
-will also stay unverified once you revoke this key. This action should be used
-in case your key has been compromised.
-
-## Verifying commits
-
-1. Within a project navigate to the **Commits** tag. Signed commits will show a
-   badge containing either "Verified" or "Unverified", depending on the
-   verification status of the GPG signature.
-
-    ![Signed and unsigned commits](img/project_signed_and_unsigned_commits.png)
-
-1. By clicking on the GPG badge details of the signature are displayed.
-
-    ![Signed commit with verified signature](img/project_signed_commit_verified_signature.png)
-
-    ![Signed commit with verified signature](img/project_signed_commit_unverified_signature.png)
diff --git a/doc/workflow/importing/README.md b/doc/workflow/importing/README.md
index 2d91bee0e94..f753708ad89 100644
--- a/doc/workflow/importing/README.md
+++ b/doc/workflow/importing/README.md
@@ -1,17 +1 @@
-# Migrating projects to a GitLab instance

-

-1. [Bitbucket](import_projects_from_bitbucket.md)

-1. [GitHub](import_projects_from_github.md)

-1. [GitLab.com](import_projects_from_gitlab_com.md)

-1. [FogBugz](import_projects_from_fogbugz.md)

-1. [Gitea](import_projects_from_gitea.md)

-1. [SVN](migrating_from_svn.md)

-

-In addition to the specific migration documentation above, you can import any

-Git repository via HTTP from the New Project page. Be aware that if the

-repository is too large the import can timeout.

-

-### Migrating from self-hosted GitLab to GitLab.com

-

-You can copy your repos by changing the remote and pushing to the new server;

-but issues and merge requests can't be imported.

+This document was moved to a [new location](../../user/project/import/index.md).

diff --git a/doc/workflow/importing/import_projects_from_bitbucket.md b/doc/workflow/importing/import_projects_from_bitbucket.md
index f3c636ed1d5..248c3990372 100644
--- a/doc/workflow/importing/import_projects_from_bitbucket.md
+++ b/doc/workflow/importing/import_projects_from_bitbucket.md
@@ -1,62 +1 @@
-# Import your project from Bitbucket to GitLab

-

-Import your projects from Bitbucket to GitLab with minimal effort.

-

-## Overview

-

->**Note:**

-The [Bitbucket integration][bb-import] must be first enabled in order to be

-able to import your projects from Bitbucket. Ask your GitLab administrator

-to enable this if not already.

-

-- At its current state, the Bitbucket importer can import:

-  - the repository description (GitLab 7.7+)

-  - the Git repository data (GitLab 7.7+)

-  - the issues (GitLab 7.7+)

-  - the issue comments (GitLab 8.15+)

-  - the pull requests (GitLab 8.4+)

-  - the pull request comments (GitLab 8.15+)

-  - the milestones (GitLab 8.15+)

-  - the wiki (GitLab 8.15+)

-- References to pull requests and issues are preserved (GitLab 8.7+)

-- Repository public access is retained. If a repository is private in Bitbucket

-  it will be created as private in GitLab as well.

-

-

-## How it works

-

-When issues/pull requests are being imported, the Bitbucket importer tries to find

-the Bitbucket author/assignee in GitLab's database using the Bitbucket ID. For this

-to work, the Bitbucket author/assignee should have signed in beforehand in GitLab

-and **associated their Bitbucket account**. If the user is not

-found in GitLab's database, the project creator (most of the times the current

-user that started the import process) is set as the author, but a reference on

-the issue about the original Bitbucket author is kept.

-

-The importer will create any new namespaces (groups) if they don't exist or in

-the case the namespace is taken, the repository will be imported under the user's

-namespace that started the import process.

-

-## Importing your Bitbucket repositories

-

-1. Sign in to GitLab and go to your dashboard.

-1. Click on **New project**.

-

-    ![New project in GitLab](img/bitbucket_import_new_project.png)

-

-1. Click on the "Bitbucket" button

-

-    ![Bitbucket](img/import_projects_from_new_project_page.png)

-

-1. Grant GitLab access to your Bitbucket account

-

-    ![Grant access](img/bitbucket_import_grant_access.png)

-

-1. Click on the projects that you'd like to import or **Import all projects**.

-   You can also select the namespace under which each project will be

-   imported.

-

-    ![Import projects](img/bitbucket_import_select_project.png)

-

-[bb-import]: ../../integration/bitbucket.md

-[social sign-in]: ../../user/profile/account/social_sign_in.md

+This document was moved to a [new location](../../user/project/import/bitbucket.md).

diff --git a/doc/workflow/importing/import_projects_from_fogbugz.md b/doc/workflow/importing/import_projects_from_fogbugz.md
index 71af0f9ea44..050746e2b4d 100644
--- a/doc/workflow/importing/import_projects_from_fogbugz.md
+++ b/doc/workflow/importing/import_projects_from_fogbugz.md
@@ -1,29 +1 @@
-# Import your project from FogBugz to GitLab
-
-It only takes a few simple steps to import your project from FogBugz.
-The importer will import all of your cases and comments with original case
-numbers and timestamps. You will also have the opportunity to map FogBugz
-users to GitLab users.
-
-* From your GitLab dashboard click 'New project'
-
-* Click on the 'FogBugz' button
-
-![FogBugz](fogbugz_importer/fogbugz_import_select_fogbogz.png)
-
-* Enter your FogBugz URL, email address, and password.
-
-![Login](fogbugz_importer/fogbugz_import_login.png)
-
-* Create mapping from FogBugz users to GitLab users.
-
-![User Map](fogbugz_importer/fogbugz_import_user_map.png)
-
-* Select the projects you wish to import by clicking the Import buttons
-
-![Import Project](fogbugz_importer/fogbugz_import_select_project.png)
-
-* Once the import has finished click the link to take you to the project
-dashboard. Follow the directions to push your existing repository.
-
-![Finished](fogbugz_importer/fogbugz_import_finished.png)
+This document was moved to a [new location](../../user/project/import/fogbugz.md).
diff --git a/doc/workflow/importing/import_projects_from_gitea.md b/doc/workflow/importing/import_projects_from_gitea.md
index f5746a0fb31..cb90c490b0f 100644
--- a/doc/workflow/importing/import_projects_from_gitea.md
+++ b/doc/workflow/importing/import_projects_from_gitea.md
@@ -1,77 +1 @@
-# Import your project from Gitea to GitLab
-
-Import your projects from Gitea to GitLab with minimal effort.
-
-## Overview
-
->**Note:**
-This requires Gitea `v1.0.0` or newer.
-
-- At its current state, Gitea importer can import:
-  - the repository description (GitLab 8.15+)
-  - the Git repository data (GitLab 8.15+)
-  - the issues (GitLab 8.15+)
-  - the pull requests (GitLab 8.15+)
-  - the milestones (GitLab 8.15+)
-  - the labels (GitLab 8.15+)
-- Repository public access is retained. If a repository is private in Gitea
-  it will be created as private in GitLab as well.
-
-## How it works
-
-Since Gitea is currently not an OAuth provider, author/assignee cannot be mapped
-to users in your GitLab's instance. This means that the project creator (most of
-the times the current user that started the import process) is set as the author,
-but a reference on the issue about the original Gitea author is kept.
-
-The importer will create any new namespaces (groups) if they don't exist or in
-the case the namespace is taken, the repository will be imported under the user's
-namespace that started the import process.
-
-## Importing your Gitea repositories
-
-The importer page is visible when you create a new project.
-
-![New project page on GitLab](img/import_projects_from_new_project_page.png)
-
-Click on the **Gitea** link and the import authorization process will start.
-
-![New Gitea project import](img/import_projects_from_gitea_new_import.png)
-
-### Authorize access to your repositories using a personal access token
-
-With this method, you will perform a one-off authorization with Gitea to grant
-GitLab access your repositories:
-
-1. Go to <https://you-gitea-instance/user/settings/applications> (replace
-   `you-gitea-instance` with the host of your Gitea instance).
-1. Click **Generate New Token**.
-1. Enter a token description.
-1. Click **Generate Token**.
-1. Copy the token hash.
-1. Go back to GitLab and provide the token to the Gitea importer.
-1. Hit the **List Your Gitea Repositories** button and wait while GitLab reads
-   your repositories' information. Once done, you'll be taken to the importer
-   page to select the repositories to import.
-
-### Select which repositories to import
-
-After you've authorized access to your Gitea repositories, you will be
-redirected to the Gitea importer page.
-
-From there, you can see the import statuses of your Gitea repositories.
-
-- Those that are being imported will show a _started_ status,
-- those already successfully imported will be green with a _done_ status,
-- whereas those that are not yet imported will have an **Import** button on the
-  right side of the table.
-
-If you want, you can import all your Gitea projects in one go by hitting
-**Import all projects** in the upper left corner.
-
-![Gitea importer page](img/import_projects_from_github_importer.png)
-
----
-
-You can also choose a different name for the project and a different namespace,
-if you have the privileges to do so.
+This document was moved to a [new location](../../user/project/import/gitea.md).
diff --git a/doc/workflow/importing/import_projects_from_github.md b/doc/workflow/importing/import_projects_from_github.md
index 8ed1d98d05b..13639feaa04 100644
--- a/doc/workflow/importing/import_projects_from_github.md
+++ b/doc/workflow/importing/import_projects_from_github.md
@@ -1,122 +1 @@
-# Import your project from GitHub to GitLab

-

-Import your projects from GitHub to GitLab with minimal effort.

-

-## Overview

-

->**Note:**

-If you are an administrator you can enable the [GitHub integration][gh-import]

-in your GitLab instance sitewide. This configuration is optional, users will

-still be able to import their GitHub repositories with a

-[personal access token][gh-token].

-

->**Note:**

-Administrators of a GitLab instance (Community or Enterprise Edition) can also

-use the [GitHub rake task][gh-rake] to import projects from GitHub without the

-constrains of a Sidekiq worker.

-

-- At its current state, GitHub importer can import:

-  - the repository description (GitLab 7.7+)

-  - the Git repository data (GitLab 7.7+)

-  - the issues (GitLab 7.7+)

-  - the pull requests (GitLab 8.4+)

-  - the wiki pages (GitLab 8.4+)

-  - the milestones (GitLab 8.7+)

-  - the labels (GitLab 8.7+)

-  - the release note descriptions (GitLab 8.12+)

-- References to pull requests and issues are preserved (GitLab 8.7+)

-- Repository public access is retained. If a repository is private in GitHub

-  it will be created as private in GitLab as well.

-

-## How it works

-

-When issues/pull requests are being imported, the GitHub importer tries to find

-the GitHub author/assignee in GitLab's database using the GitHub ID. For this

-to work, the GitHub author/assignee should have signed in beforehand in GitLab

-and **associated their GitHub account**. If the user is not

-found in GitLab's database, the project creator (most of the times the current

-user that started the import process) is set as the author, but a reference on

-the issue about the original GitHub author is kept.

-

-The importer will create any new namespaces (groups) if they don't exist or in

-the case the namespace is taken, the repository will be imported under the user's

-namespace that started the import process.

-

-## Importing your GitHub repositories

-

-The importer page is visible when you create a new project.

-

-![New project page on GitLab](img/import_projects_from_new_project_page.png)

-

-Click on the **GitHub** link and the import authorization process will start.

-There are two ways to authorize access to your GitHub repositories:

-

-1. [Using the GitHub integration][gh-integration] (if it's enabled by your

-   GitLab administrator). This is the preferred way as it's possible to

-   preserve the GitHub authors/assignees. Read more in the [How it works](#how-it-works)

-   section.

-1. [Using a personal access token][gh-token] provided by GitHub.

-

-![Select authentication method](img/import_projects_from_github_select_auth_method.png)

-

-### Authorize access to your repositories using the GitHub integration

-

-If the [GitHub integration][gh-import] is enabled by your GitLab administrator,

-you can use it instead of the personal access token.

-

-1. First you may want to connect your GitHub account to GitLab in order for

-   the username mapping to be correct.

-1. Once you connect GitHub, click the **List your GitHub repositories** button

-   and you will be redirected to GitHub for permission to access your projects.

-1. After accepting, you'll be automatically redirected to the importer.

-

-You can now go on and [select which repositories to import](#select-which-repositories-to-import).

-

-### Authorize access to your repositories using a personal access token

-

->**Note:**

-For a proper author/assignee mapping for issues and pull requests, the

-[GitHub integration][gh-integration] should be used instead of the

-[personal access token][gh-token]. If the GitHub integration is enabled by your

-GitLab administrator, it should be the preferred method to import your repositories.

-Read more in the [How it works](#how-it-works) section.

-

-If you are not using the GitHub integration, you can still perform a one-off

-authorization with GitHub to grant GitLab access your repositories:

-

-1. Go to <https://github.com/settings/tokens/new>.

-1. Enter a token description.

-1. Check the `repo` scope.

-1. Click **Generate token**.

-1. Copy the token hash.

-1. Go back to GitLab and provide the token to the GitHub importer.

-1. Hit the **List Your GitHub Repositories** button and wait while GitLab reads

-   your repositories' information. Once done, you'll be taken to the importer

-   page to select the repositories to import.

-

-### Select which repositories to import

-

-After you've authorized access to your GitHub repositories, you will be

-redirected to the GitHub importer page.

-

-From there, you can see the import statuses of your GitHub repositories.

-

-- Those that are being imported will show a _started_ status,

-- those already successfully imported will be green with a _done_ status,

-- whereas those that are not yet imported will have an **Import** button on the

-  right side of the table.

-

-If you want, you can import all your GitHub projects in one go by hitting

-**Import all projects** in the upper left corner.

-

-![GitHub importer page](img/import_projects_from_github_importer.png)

-

----

-

-You can also choose a different name for the project and a different namespace,

-if you have the privileges to do so.

-

-[gh-import]: ../../integration/github.md "GitHub integration"

-[gh-rake]: ../../administration/raketasks/github_import.md "GitHub rake task"

-[gh-integration]: #authorize-access-to-your-repositories-using-the-github-integration

-[gh-token]: #authorize-access-to-your-repositories-using-a-personal-access-token

+This document was moved to a [new location](../../user/project/import/github.md).

diff --git a/doc/workflow/importing/import_projects_from_gitlab_com.md b/doc/workflow/importing/import_projects_from_gitlab_com.md
index b27125a44de..df4c180919a 100644
--- a/doc/workflow/importing/import_projects_from_gitlab_com.md
+++ b/doc/workflow/importing/import_projects_from_gitlab_com.md
@@ -1,21 +1 @@
-# Project importing from GitLab.com to your private GitLab instance
-
-You can import your existing GitLab.com projects to your GitLab instance. But keep in mind that it is possible only if
-GitLab support is enabled on your GitLab instance. 
-You can read more about GitLab support [here](http://docs.gitlab.com/ce/integration/gitlab.html)
-To get to the importer page you need to go to "New project" page.
-
->**Note:**
-If you are interested in importing Wiki and Merge Request data to your new instance, you'll need to follow the instructions for [project export](../../user/project/settings/import_export.md)
-
-![New project page](gitlab_importer/new_project_page.png)
-
-Click on the "Import projects from GitLab.com" link and you will be redirected to GitLab.com
-for permission to access your projects. After accepting, you'll be automatically redirected to the importer.
-
-
-![Importer page](gitlab_importer/importer.png)
-
-
-To import a project, you can simple click "Import". The importer will import your repository and issues. 
-Once the importer is done, a new GitLab project will be created with your imported data.
\ No newline at end of file
+This document was moved to a [new location](../../user/project/import/gitlab_com.md).
diff --git a/doc/workflow/importing/migrating_from_svn.md b/doc/workflow/importing/migrating_from_svn.md
index 7a3628a39d7..81df3fbcdbb 100644
--- a/doc/workflow/importing/migrating_from_svn.md
+++ b/doc/workflow/importing/migrating_from_svn.md
@@ -1,183 +1 @@
-# Migrating from SVN to GitLab
-
-Subversion (SVN) is a central version control system (VCS) while
-Git is a distributed version control system. There are some major differences
-between the two, for more information consult your favorite search engine.
-
-## Overview
-
-There are two approaches to SVN to Git migration:
-
-1. [Git/SVN Mirror](#smooth-migration-with-a-gitsvn-mirror-using-subgit) which:
-    - Makes the GitLab repository to mirror the SVN project.
-    - Git and SVN repositories are kept in sync; you can use either one.
-    - Smoothens the migration process and allows to manage migration risks.
-
-1. [Cut over migration](#cut-over-migration-with-svn2git) which:
-     - Translates and imports the existing data and history from SVN to Git.
-     - Is a fire and forget approach, good for smaller teams.
-
-## Smooth migration with a Git/SVN mirror using SubGit
-
-[SubGit](https://subgit.com) is a tool for a smooth, stress-free SVN to Git
-migration. It creates a writable Git mirror of a local or remote Subversion
-repository and that way you can use both Subversion and Git as long as you like.
-It requires access to your GitLab server as it talks with the Git repositories
-directly in a filesystem level.
-
-### SubGit prerequisites
-
-1. Install Oracle JRE 1.8 or newer. On Debian-based Linux distributions you can
-   follow [this article](http://www.webupd8.org/2012/09/install-oracle-java-8-in-ubuntu-via-ppa.html).
-1. Download SubGit from https://subgit.com/download/.
-1. Unpack the downloaded SubGit zip archive to the `/opt` directory. The `subgit`
-   command will be available at `/opt/subgit-VERSION/bin/subgit`.
-
-### SubGit configuration
-
-The first step to mirror you SVN repository in GitLab is to create a new empty
-project which will be used as a mirror. For Omnibus installations the path to
-the repository will be located at
-`/var/opt/gitlab/git-data/repositories/USER/REPO.git` by default. For
-installations from source, the default repository directory will be
-`/home/git/repositories/USER/REPO.git`. For convenience, assign this path to a
-variable:
-
-```
-GIT_REPO_PATH=/var/opt/gitlab/git-data/repositories/USER/REPOS.git
-```
-
-SubGit will keep this repository in sync with a remote SVN project. For
-convenience, assign your remote SVN project URL to a variable:
-
-```
-SVN_PROJECT_URL=http://svn.company.com/repos/project
-```
-
-Next you need to run SubGit to set up a Git/SVN mirror. Make sure the following
-`subgit` command is ran on behalf of the same user that keeps ownership of
-GitLab Git repositories (by default `git`):
-
-```
-subgit configure --layout auto $SVN_PROJECT_URL $GIT_REPO_PATH
-```
-
-Adjust authors and branches mappings, if necessary. Open with your favorite
-text editor:
-
-```
-edit $GIT_REPO_PATH/subgit/authors.txt
-edit $GIT_REPO_PATH/subgit/config
-```
-
-For more information regarding the SubGit configuration options, refer to
-[SubGit's documentation](https://subgit.com/documentation.html) website.
-
-### Initial translation
-
-Now that SubGit has configured the Git/SVN repos, run `subgit` to perform the
-initial translation of existing SVN revisions into the Git repository:
-
-```
-subgit install $GIT_REPO_PATH
-```
-
-After the initial translation is completed, the Git repository and the SVN
-project will be kept in sync by `subgit` - new Git commits will be translated to
-SVN revisions and new SVN revisions will be translated to Git commits. Mirror
-works transparently and does not require any special commands.
-
-If you would prefer to perform one-time cut over migration with `subgit`, use
-the `import` command instead of `install`:
-
-```
-subgit import $GIT_REPO_PATH
-```
-
-### SubGit licensing
-
-Running SubGit in a mirror mode requires a
-[registration](https://subgit.com/pricing.html). Registration is free for open
-source, academic and startup projects.
-
-We're currently working on deeper GitLab/SubGit integration. You may track our
-progress at [this issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/990).
-
-### SubGit support
-
-For any questions related to SVN to GitLab migration with SubGit, you can
-contact the SubGit team directly at [support@subgit.com](mailto:support@subgit.com).
-
-## Cut over migration with svn2git
-
-If you are currently using an SVN repository, you can migrate the repository
-to Git and GitLab. We recommend a hard cut over - run the migration command once
-and then have all developers start using the new GitLab repository immediately.
-Otherwise, it's hard to keep changing in sync in both directions. The conversion
-process should be run on a local workstation.
-
-Install `svn2git`. On all systems you can install as a Ruby gem if you already
-have Ruby and Git installed.
-
-```bash
-sudo gem install svn2git
-```
-
-On Debian-based Linux distributions you can install the native packages:
-
-```bash
-sudo apt-get install git-core git-svn ruby
-```
-
-Optionally, prepare an authors file so `svn2git` can map SVN authors to Git authors.
-If you choose not to create the authors file then commits will not be attributed
-to the correct GitLab user. Some users may not consider this a big issue while
-others will want to ensure they complete this step. If you choose to map authors
-you will be required to map every author that is present on changes in the SVN
-repository. If you don't, the conversion will fail and you will have to update
-the author file accordingly. The following command will search through the
-repository and output a list of authors.
-
-```bash
-svn log --quiet | grep -E "r[0-9]+ \| .+ \|" | cut -d'|' -f2 | sed 's/ //g' | sort | uniq
-```
-
-Use the output from the last command to construct the authors file.
-Create a file called `authors.txt` and add one mapping per line.
-
-```
-janedoe = Jane Doe <janedoe@example.com>
-johndoe = John Doe <johndoe@example.com>
-```
-
-If your SVN repository is in the standard format (trunk, branches, tags,
-not nested) the conversion is simple. For a non-standard repository see
-[svn2git documentation](https://github.com/nirvdrum/svn2git). The following
-command will checkout the repository and do the conversion in the current
-working directory. Be sure to create a new directory for each repository before
-running the `svn2git` command. The conversion process will take some time.
-
-```bash
-svn2git https://svn.example.com/path/to/repo --authors /path/to/authors.txt
-```
-
-If your SVN repository requires a username and password add the
-`--username <username>` and `--password <password` flags to the above command.
-`svn2git` also supports excluding certain file paths, branches, tags, etc. See
-[svn2git documentation](https://github.com/nirvdrum/svn2git) or run
-`svn2git --help` for full documentation on all of the available options.
-
-Create a new GitLab project, where you will eventually push your converted code.
-Copy the SSH or HTTP(S) repository URL from the project page. Add the GitLab
-repository as a Git remote and push all the changes. This will push all commits,
-branches and tags.
-
-```bash
-git remote add origin git@gitlab.com:<group>/<project>.git
-git push --all origin
-git push --tags origin
-```
-
-## Contribute to this guide
-We welcome all contributions that would expand this guide with instructions on
-how to migrate from SVN and other version control systems.
+This document was moved to a [new location](../../user/project/import/svn.md).
diff --git a/features/steps/profile/emails.rb b/features/steps/profile/emails.rb
index 10ebe705365..4f44f932a6d 100644
--- a/features/steps/profile/emails.rb
+++ b/features/steps/profile/emails.rb
@@ -28,7 +28,7 @@ class Spinach::Features::ProfileEmails < Spinach::FeatureSteps
     expect(email).to be_nil
     expect(page).not_to have_content("my@email.com")
   end
-  
+
   step 'I click link "Remove" for "my@email.com"' do
     # there should only be one remove button at this time
     click_link "Remove"
diff --git a/lib/after_commit_queue.rb b/lib/after_commit_queue.rb
new file mode 100644
index 00000000000..b67575a3ac2
--- /dev/null
+++ b/lib/after_commit_queue.rb
@@ -0,0 +1,30 @@
+module AfterCommitQueue
+  extend ActiveSupport::Concern
+
+  included do
+    after_commit :_run_after_commit_queue
+    after_rollback :_clear_after_commit_queue
+  end
+
+  def run_after_commit(method = nil, &block)
+    _after_commit_queue << proc { self.send(method) } if method
+    _after_commit_queue << block if block
+    true
+  end
+
+  protected
+
+  def _run_after_commit_queue
+    while action = _after_commit_queue.pop
+      self.instance_eval(&action)
+    end
+  end
+
+  def _after_commit_queue
+    @after_commit_queue ||= []
+  end
+
+  def _clear_after_commit_queue
+    _after_commit_queue.clear
+  end
+end
diff --git a/lib/api/api_guard.rb b/lib/api/api_guard.rb
index 0d2d71e336a..c4c0fdda665 100644
--- a/lib/api/api_guard.rb
+++ b/lib/api/api_guard.rb
@@ -122,7 +122,7 @@ module API
         error_classes = [MissingTokenError, TokenNotFoundError,
                          ExpiredError, RevokedError, InsufficientScopeError]
 
-        base.send :rescue_from, *error_classes, oauth2_bearer_token_error_handler
+        base.__send__(:rescue_from, *error_classes, oauth2_bearer_token_error_handler) # rubocop:disable GitlabSecurity/PublicSend
       end
 
       def oauth2_bearer_token_error_handler
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 18cd604a216..e8dd61e493f 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -83,7 +83,7 @@ module API
       expose :created_at, :last_activity_at
     end
 
-    class Project < BasicProjectDetails 
+    class Project < BasicProjectDetails
       include ::API::Helpers::RelatedResourcesHelpers
 
       expose :_links do
@@ -541,8 +541,9 @@ module API
         target_url    = "namespace_project_#{target_type}_url"
         target_anchor = "note_#{todo.note_id}" if todo.note_id?
 
-        Gitlab::Routing.url_helpers.public_send(target_url,
-          todo.project.namespace, todo.project, todo.target, anchor: target_anchor)
+        Gitlab::Routing
+          .url_helpers
+          .public_send(target_url, todo.project.namespace, todo.project, todo.target, anchor: target_anchor) # rubocop:disable GitlabSecurity/PublicSend
       end
 
       expose :body
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 3582ed81b0f..b56fd2388b3 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -290,7 +290,7 @@ module API
 
     def uploaded_file(field, uploads_path)
       if params[field]
-        bad_request!("#{field} is not a file") unless params[field].respond_to?(:filename)
+        bad_request!("#{field} is not a file") unless params[field][:filename]
         return params[field]
       end
 
diff --git a/lib/api/helpers/pagination.rb b/lib/api/helpers/pagination.rb
index 0764b58fb4c..95108292aac 100644
--- a/lib/api/helpers/pagination.rb
+++ b/lib/api/helpers/pagination.rb
@@ -11,7 +11,7 @@ module API
 
       def add_pagination_headers(paginated_data)
         header 'X-Total',       paginated_data.total_count.to_s
-        header 'X-Total-Pages', paginated_data.total_pages.to_s
+        header 'X-Total-Pages', total_pages(paginated_data).to_s
         header 'X-Per-Page',    paginated_data.limit_value.to_s
         header 'X-Page',        paginated_data.current_page.to_s
         header 'X-Next-Page',   paginated_data.next_page.to_s
@@ -26,20 +26,25 @@ module API
 
         links = []
 
-        request_params[:page] = paginated_data.current_page - 1
-        links << %(<#{request_url}?#{request_params.to_query}>; rel="prev") unless paginated_data.first_page?
+        request_params[:page] = paginated_data.prev_page
+        links << %(<#{request_url}?#{request_params.to_query}>; rel="prev") if request_params[:page]
 
-        request_params[:page] = paginated_data.current_page + 1
-        links << %(<#{request_url}?#{request_params.to_query}>; rel="next") unless paginated_data.last_page?
+        request_params[:page] = paginated_data.next_page
+        links << %(<#{request_url}?#{request_params.to_query}>; rel="next") if request_params[:page]
 
         request_params[:page] = 1
         links << %(<#{request_url}?#{request_params.to_query}>; rel="first")
 
-        request_params[:page] = paginated_data.total_pages
+        request_params[:page] = total_pages(paginated_data)
         links << %(<#{request_url}?#{request_params.to_query}>; rel="last")
 
         links.join(', ')
       end
+
+      def total_pages(paginated_data)
+        # Ensure there is in total at least 1 page
+        [paginated_data.total_pages, 1].max
+      end
     end
   end
 end
diff --git a/lib/api/jobs.rb b/lib/api/jobs.rb
index 8a67de10bca..a40018b214e 100644
--- a/lib/api/jobs.rb
+++ b/lib/api/jobs.rb
@@ -16,9 +16,9 @@ module API
                              case scope
                              when String
                                [scope]
-                             when Hashie::Mash
+                             when ::Hash
                                scope.values
-                             when Hashie::Array
+                             when ::Array
                                scope
                              else
                                ['unknown']
diff --git a/lib/api/protected_branches.rb b/lib/api/protected_branches.rb
index d742f2e18d0..dccf4fa27a7 100644
--- a/lib/api/protected_branches.rb
+++ b/lib/api/protected_branches.rb
@@ -61,7 +61,7 @@ module API
         service_args = [user_project, current_user, protected_branch_params]
 
         protected_branch = ::ProtectedBranches::CreateService.new(*service_args).execute
-        
+
         if protected_branch.persisted?
           present protected_branch, with: Entities::ProtectedBranch, project: user_project
         else
diff --git a/lib/api/runners.rb b/lib/api/runners.rb
index 5bf5a18e42f..31f940fe96b 100644
--- a/lib/api/runners.rb
+++ b/lib/api/runners.rb
@@ -153,7 +153,7 @@ module API
           render_api_error!('Scope contains invalid value', 400)
         end
 
-        runners.send(scope)
+        runners.public_send(scope) # rubocop:disable GitlabSecurity/PublicSend
       end
 
       def get_runner(id)
diff --git a/lib/api/templates.rb b/lib/api/templates.rb
index 0fc13b35d5b..f70bc0622b7 100644
--- a/lib/api/templates.rb
+++ b/lib/api/templates.rb
@@ -57,7 +57,7 @@ module API
     end
     get "templates/licenses" do
       options = {
-        featured: declared(params).popular.present? ? true : nil
+        featured: declared(params)[:popular].present? ? true : nil
       }
       licences = ::Kaminari.paginate_array(Licensee::License.all(options))
       present paginate(licences), with: Entities::RepoLicense
@@ -71,7 +71,7 @@ module API
       requires :name, type: String, desc: 'The name of the template'
     end
     get "templates/licenses/:name", requirements: { name: /[\w\.-]+/ } do
-      not_found!('License') unless Licensee::License.find(declared(params).name)
+      not_found!('License') unless Licensee::License.find(declared(params)[:name])
 
       template = parsed_license_template
 
@@ -102,7 +102,7 @@ module API
         requires :name, type: String, desc: 'The name of the template'
       end
       get "templates/#{template_type}/:name" do
-        new_template = klass.find(declared(params).name)
+        new_template = klass.find(declared(params)[:name])
 
         render_response(template_type, new_template)
       end
diff --git a/lib/api/v3/builds.rb b/lib/api/v3/builds.rb
index 93ad9eb26b8..c189d486f50 100644
--- a/lib/api/v3/builds.rb
+++ b/lib/api/v3/builds.rb
@@ -16,7 +16,7 @@ module API
                              coerce_with: ->(scope) {
                                             if scope.is_a?(String)
                                               [scope]
-                                            elsif   scope.is_a?(Hashie::Mash)
+                                            elsif   scope.is_a?(::Hash)
                                               scope.values
                                             else
                                               ['unknown']
diff --git a/lib/api/v3/notes.rb b/lib/api/v3/notes.rb
index 23fe95e42e4..d49772b92f2 100644
--- a/lib/api/v3/notes.rb
+++ b/lib/api/v3/notes.rb
@@ -22,7 +22,7 @@ module API
             use :pagination
           end
           get ":id/#{noteables_str}/:noteable_id/notes" do
-            noteable = user_project.send(noteables_str.to_sym).find(params[:noteable_id])
+            noteable = user_project.public_send(noteables_str.to_sym).find(params[:noteable_id]) # rubocop:disable GitlabSecurity/PublicSend
 
             if can?(current_user, noteable_read_ability_name(noteable), noteable)
               # We exclude notes that are cross-references and that cannot be viewed
@@ -50,7 +50,7 @@ module API
             requires :noteable_id, type: Integer, desc: 'The ID of the noteable'
           end
           get ":id/#{noteables_str}/:noteable_id/notes/:note_id" do
-            noteable = user_project.send(noteables_str.to_sym).find(params[:noteable_id])
+            noteable = user_project.public_send(noteables_str.to_sym).find(params[:noteable_id]) # rubocop:disable GitlabSecurity/PublicSend
             note = noteable.notes.find(params[:note_id])
             can_read_note = can?(current_user, noteable_read_ability_name(noteable), noteable) && !note.cross_reference_not_visible_for?(current_user)
 
@@ -76,7 +76,7 @@ module API
               noteable_id: params[:noteable_id]
             }
 
-            noteable = user_project.send(noteables_str.to_sym).find(params[:noteable_id])
+            noteable = user_project.public_send(noteables_str.to_sym).find(params[:noteable_id]) # rubocop:disable GitlabSecurity/PublicSend
 
             if can?(current_user, noteable_read_ability_name(noteable), noteable)
               if params[:created_at] && (current_user.admin? || user_project.owner == current_user)
diff --git a/lib/api/v3/templates.rb b/lib/api/v3/templates.rb
index 4c577a8d2b7..2a2fb59045c 100644
--- a/lib/api/v3/templates.rb
+++ b/lib/api/v3/templates.rb
@@ -59,7 +59,7 @@ module API
         end
         get route do
           options = {
-            featured: declared(params).popular.present? ? true : nil
+            featured: declared(params)[:popular].present? ? true : nil
           }
           present Licensee::License.all(options), with: ::API::Entities::RepoLicense
         end
@@ -76,7 +76,7 @@ module API
           requires :name, type: String, desc: 'The name of the template'
         end
         get route, requirements: { name: /[\w\.-]+/ } do
-          not_found!('License') unless Licensee::License.find(declared(params).name)
+          not_found!('License') unless Licensee::License.find(declared(params)[:name])
 
           template = parsed_license_template
 
@@ -111,7 +111,7 @@ module API
             requires :name, type: String, desc: 'The name of the template'
           end
           get route do
-            new_template = klass.find(declared(params).name)
+            new_template = klass.find(declared(params)[:name])
 
             render_response(template_type, new_template)
           end
diff --git a/lib/banzai/filter/external_issue_reference_filter.rb b/lib/banzai/filter/external_issue_reference_filter.rb
index 53a229256a5..ed01a72ff9f 100644
--- a/lib/banzai/filter/external_issue_reference_filter.rb
+++ b/lib/banzai/filter/external_issue_reference_filter.rb
@@ -95,10 +95,10 @@ module Banzai
       private
 
       def external_issues_cached(attribute)
-        return project.public_send(attribute) unless RequestStore.active?
+        return project.public_send(attribute) unless RequestStore.active? # rubocop:disable GitlabSecurity/PublicSend
 
         cached_attributes = RequestStore[:banzai_external_issues_tracker_attributes] ||= Hash.new { |h, k| h[k] = {} }
-        cached_attributes[project.id][attribute] = project.public_send(attribute) if cached_attributes[project.id][attribute].nil?
+        cached_attributes[project.id][attribute] = project.public_send(attribute) if cached_attributes[project.id][attribute].nil? # rubocop:disable GitlabSecurity/PublicSend
         cached_attributes[project.id][attribute]
       end
     end
diff --git a/lib/banzai/filter/image_lazy_load_filter.rb b/lib/banzai/filter/image_lazy_load_filter.rb
index 7a81d583b82..bcb4f332267 100644
--- a/lib/banzai/filter/image_lazy_load_filter.rb
+++ b/lib/banzai/filter/image_lazy_load_filter.rb
@@ -6,9 +6,9 @@ module Banzai
         doc.xpath('descendant-or-self::img').each do |img|
           img['class'] ||= '' << 'lazy'
           img['data-src'] = img['src']
-          img['src'] = LazyImageTagHelper.placeholder_image          
+          img['src'] = LazyImageTagHelper.placeholder_image
         end
-        
+
         doc
       end
     end
diff --git a/lib/banzai/object_renderer.rb b/lib/banzai/object_renderer.rb
index 002a3341ccd..2196a92474c 100644
--- a/lib/banzai/object_renderer.rb
+++ b/lib/banzai/object_renderer.rb
@@ -37,7 +37,7 @@ module Banzai
 
       objects.each_with_index do |object, index|
         redacted_data = redacted[index]
-        object.__send__("redacted_#{attribute}_html=", redacted_data[:document].to_html.html_safe)
+        object.__send__("redacted_#{attribute}_html=", redacted_data[:document].to_html.html_safe) # rubocop:disable GitlabSecurity/PublicSend
         object.user_visible_reference_count = redacted_data[:visible_reference_count]
       end
     end
diff --git a/lib/banzai/pipeline/base_pipeline.rb b/lib/banzai/pipeline/base_pipeline.rb
index 321fd5bbe14..3ae3bed570d 100644
--- a/lib/banzai/pipeline/base_pipeline.rb
+++ b/lib/banzai/pipeline/base_pipeline.rb
@@ -18,7 +18,7 @@ module Banzai
           define_method(meth) do |text, context|
             context = transform_context(context)
 
-            html_pipeline.send(meth, text, context)
+            html_pipeline.__send__(meth, text, context) # rubocop:disable GitlabSecurity/PublicSend
           end
         end
       end
diff --git a/lib/banzai/renderer.rb b/lib/banzai/renderer.rb
index ad08c0905e2..95d82d17658 100644
--- a/lib/banzai/renderer.rb
+++ b/lib/banzai/renderer.rb
@@ -43,7 +43,7 @@ module Banzai
 
     # Same as +render_field+, but without consulting or updating the cache field
     def self.cacheless_render_field(object, field, options = {})
-      text = object.__send__(field)
+      text = object.__send__(field) # rubocop:disable GitlabSecurity/PublicSend
       context = object.banzai_render_context(field).merge(options)
 
       cacheless_render(text, context)
@@ -156,7 +156,7 @@ module Banzai
     # method.
     def self.full_cache_multi_key(cache_key, pipeline_name)
       return unless cache_key
-      Rails.cache.send(:expanded_key, full_cache_key(cache_key, pipeline_name))
+      Rails.cache.__send__(:expanded_key, full_cache_key(cache_key, pipeline_name)) # rubocop:disable GitlabSecurity/PublicSend
     end
 
     # GitLab EE needs to disable updates on GET requests in Geo
diff --git a/lib/bitbucket/collection.rb b/lib/bitbucket/collection.rb
index 3a9379ff680..a78495dbf5e 100644
--- a/lib/bitbucket/collection.rb
+++ b/lib/bitbucket/collection.rb
@@ -13,7 +13,7 @@ module Bitbucket
     def method_missing(method, *args)
       return super unless self.respond_to?(method)
 
-      self.send(method, *args) do |item|
+      self.__send__(method, *args) do |item| # rubocop:disable GitlabSecurity/PublicSend
         block_given? ? yield(item) : item
       end
     end
diff --git a/lib/ci/ansi2html.rb b/lib/ci/ansi2html.rb
index 8354fc8d595..b9e9f9f7f4a 100644
--- a/lib/ci/ansi2html.rb
+++ b/lib/ci/ansi2html.rb
@@ -208,7 +208,7 @@ module Ci
         return unless command = stack.shift()
 
         if self.respond_to?("on_#{command}", true)
-          self.send("on_#{command}", stack)
+          self.__send__("on_#{command}", stack) # rubocop:disable GitlabSecurity/PublicSend
         end
 
         evaluate_command_stack(stack)
diff --git a/lib/ci/api/api.rb b/lib/ci/api/api.rb
deleted file mode 100644
index 24bb3649a76..00000000000
--- a/lib/ci/api/api.rb
+++ /dev/null
@@ -1,39 +0,0 @@
-module Ci
-  module API
-    class API < Grape::API
-      include ::API::APIGuard
-      version 'v1', using: :path
-
-      rescue_from ActiveRecord::RecordNotFound do
-        rack_response({ 'message' => '404 Not found' }.to_json, 404)
-      end
-
-      # Retain 405 error rather than a 500 error for Grape 0.15.0+.
-      # https://github.com/ruby-grape/grape/blob/a3a28f5b5dfbb2797442e006dbffd750b27f2a76/UPGRADING.md#changes-to-method-not-allowed-routes
-      rescue_from Grape::Exceptions::MethodNotAllowed do |e|
-        error! e.message, e.status, e.headers
-      end
-
-      rescue_from Grape::Exceptions::Base do |e|
-        error! e.message, e.status, e.headers
-      end
-
-      rescue_from :all do |exception|
-        handle_api_exception(exception)
-      end
-
-      content_type :txt,  'text/plain'
-      content_type :json, 'application/json'
-      format :json
-
-      helpers ::SentryHelper
-      helpers ::Ci::API::Helpers
-      helpers ::API::Helpers
-      helpers Gitlab::CurrentSettings
-
-      mount ::Ci::API::Builds
-      mount ::Ci::API::Runners
-      mount ::Ci::API::Triggers
-    end
-  end
-end
diff --git a/lib/ci/api/builds.rb b/lib/ci/api/builds.rb
deleted file mode 100644
index 79058c02ce5..00000000000
--- a/lib/ci/api/builds.rb
+++ /dev/null
@@ -1,219 +0,0 @@
-module Ci
-  module API
-    # Builds API
-    class Builds < Grape::API
-      resource :builds do
-        # Runs oldest pending build by runner - Runners only
-        #
-        # Parameters:
-        #   token (required) - The uniq token of runner
-        #
-        # Example Request:
-        #   POST /builds/register
-        post "register" do
-          authenticate_runner!
-          required_attributes! [:token]
-          not_found! unless current_runner.active?
-          update_runner_info
-
-          if current_runner.is_runner_queue_value_latest?(params[:last_update])
-            header 'X-GitLab-Last-Update', params[:last_update]
-            Gitlab::Metrics.add_event(:build_not_found_cached)
-            return build_not_found!
-          end
-
-          new_update = current_runner.ensure_runner_queue_value
-
-          result = Ci::RegisterJobService.new(current_runner).execute
-
-          if result.valid?
-            if result.build
-              Gitlab::Metrics.add_event(:build_found,
-                                        project: result.build.project.full_path)
-
-              present result.build, with: Entities::BuildDetails
-            else
-              Gitlab::Metrics.add_event(:build_not_found)
-
-              header 'X-GitLab-Last-Update', new_update
-
-              build_not_found!
-            end
-          else
-            # We received build that is invalid due to concurrency conflict
-            Gitlab::Metrics.add_event(:build_invalid)
-            conflict!
-          end
-        end
-
-        # Update an existing build - Runners only
-        #
-        # Parameters:
-        #   id (required) - The ID of a project
-        #   state (optional) - The state of a build
-        #   trace (optional) - The trace of a build
-        # Example Request:
-        #   PUT /builds/:id
-        put ":id" do
-          authenticate_runner!
-          build = Ci::Build.where(runner_id: current_runner.id).running.find(params[:id])
-          validate_build!(build)
-
-          update_runner_info
-
-          build.trace.set(params[:trace]) if params[:trace]
-
-          Gitlab::Metrics.add_event(:update_build,
-                                    project: build.project.full_path)
-
-          case params[:state].to_s
-          when 'success'
-            build.success
-          when 'failed'
-            build.drop
-          end
-        end
-
-        # Send incremental log update - Runners only
-        #
-        # Parameters:
-        #   id (required) - The ID of a build
-        # Body:
-        #   content of logs to append
-        # Headers:
-        #   Content-Range (required) - range of content that was sent
-        #   BUILD-TOKEN (required) - The build authorization token
-        # Example Request:
-        #   PATCH /builds/:id/trace.txt
-        patch ":id/trace.txt" do
-          build = authenticate_build!
-
-          error!('400 Missing header Content-Range', 400) unless request.headers.key?('Content-Range')
-          content_range = request.headers['Content-Range']
-          content_range = content_range.split('-')
-
-          stream_size = build.trace.append(request.body.read, content_range[0].to_i)
-          if stream_size < 0
-            return error!('416 Range Not Satisfiable', 416, { 'Range' => "0-#{-stream_size}" })
-          end
-
-          status 202
-          header 'Build-Status', build.status
-          header 'Range', "0-#{stream_size}"
-        end
-
-        # Authorize artifacts uploading for build - Runners only
-        #
-        # Parameters:
-        #   id (required) - The ID of a build
-        #   token (required) - The build authorization token
-        #   filesize (optional) - the size of uploaded file
-        # Example Request:
-        #   POST /builds/:id/artifacts/authorize
-        post ":id/artifacts/authorize" do
-          require_gitlab_workhorse!
-          Gitlab::Workhorse.verify_api_request!(headers)
-          not_allowed! unless Gitlab.config.artifacts.enabled
-          build = authenticate_build!
-          forbidden!('build is not running') unless build.running?
-
-          if params[:filesize]
-            file_size = params[:filesize].to_i
-            file_to_large! unless file_size < max_artifacts_size
-          end
-
-          status 200
-          content_type Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE
-          Gitlab::Workhorse.artifact_upload_ok
-        end
-
-        # Upload artifacts to build - Runners only
-        #
-        # Parameters:
-        #   id (required) - The ID of a build
-        #   token (required) - The build authorization token
-        #   file (required) - Artifacts file
-        #   expire_in (optional) - Specify when artifacts should expire (ex. 7d)
-        # Parameters (accelerated by GitLab Workhorse):
-        #   file.path - path to locally stored body (generated by Workhorse)
-        #   file.name - real filename as send in Content-Disposition
-        #   file.type - real content type as send in Content-Type
-        #   metadata.path - path to locally stored body (generated by Workhorse)
-        #   metadata.name - filename (generated by Workhorse)
-        # Headers:
-        #   BUILD-TOKEN (required) - The build authorization token, the same as token
-        # Body:
-        #   The file content
-        #
-        # Example Request:
-        #   POST /builds/:id/artifacts
-        post ":id/artifacts" do
-          require_gitlab_workhorse!
-          not_allowed! unless Gitlab.config.artifacts.enabled
-          build = authenticate_build!
-          forbidden!('Build is not running!') unless build.running?
-
-          artifacts_upload_path = ArtifactUploader.artifacts_upload_path
-          artifacts = uploaded_file(:file, artifacts_upload_path)
-          metadata = uploaded_file(:metadata, artifacts_upload_path)
-
-          bad_request!('Missing artifacts file!') unless artifacts
-          file_to_large! unless artifacts.size < max_artifacts_size
-
-          build.artifacts_file = artifacts
-          build.artifacts_metadata = metadata
-          build.artifacts_expire_in =
-            params['expire_in'] ||
-            Gitlab::CurrentSettings.current_application_settings
-              .default_artifacts_expire_in
-
-          if build.save
-            present(build, with: Entities::BuildDetails)
-          else
-            render_validation_error!(build)
-          end
-        end
-
-        # Download the artifacts file from build - Runners only
-        #
-        # Parameters:
-        #   id (required) - The ID of a build
-        #   token (required) - The build authorization token
-        # Headers:
-        #   BUILD-TOKEN (required) - The build authorization token, the same as token
-        # Example Request:
-        #   GET /builds/:id/artifacts
-        get ":id/artifacts" do
-          build = authenticate_build!
-          artifacts_file = build.artifacts_file
-
-          unless artifacts_file.exists?
-            not_found!
-          end
-
-          unless artifacts_file.file_storage?
-            return redirect_to build.artifacts_file.url
-          end
-
-          present_file!(artifacts_file.path, artifacts_file.filename)
-        end
-
-        # Remove the artifacts file from build - Runners only
-        #
-        # Parameters:
-        #   id (required) - The ID of a build
-        #   token (required) - The build authorization token
-        # Headers:
-        #   BUILD-TOKEN (required) - The build authorization token, the same as token
-        # Example Request:
-        #   DELETE /builds/:id/artifacts
-        delete ":id/artifacts" do
-          build = authenticate_build!
-
-          status(200)
-          build.erase_artifacts!
-        end
-      end
-    end
-  end
-end
diff --git a/lib/ci/api/entities.rb b/lib/ci/api/entities.rb
deleted file mode 100644
index 31f66dd5a58..00000000000
--- a/lib/ci/api/entities.rb
+++ /dev/null
@@ -1,93 +0,0 @@
-module Ci
-  module API
-    module Entities
-      class Commit < Grape::Entity
-        expose :id, :sha, :project_id, :created_at
-        expose :status, :finished_at, :duration
-        expose :git_commit_message, :git_author_name, :git_author_email
-      end
-
-      class CommitWithBuilds < Commit
-        expose :builds
-      end
-
-      class ArtifactFile < Grape::Entity
-        expose :filename, :size
-      end
-
-      class BuildOptions < Grape::Entity
-        expose :image
-        expose :services
-        expose :artifacts
-        expose :cache
-        expose :dependencies
-        expose :after_script
-      end
-
-      class Build < Grape::Entity
-        expose :id, :ref, :tag, :sha, :status
-        expose :name, :token, :stage
-        expose :project_id
-        expose :project_name
-        expose :artifacts_file, using: ArtifactFile, if: ->(build, _) { build.artifacts? }
-      end
-
-      class BuildCredentials < Grape::Entity
-        expose :type, :url, :username, :password
-      end
-
-      class BuildDetails < Build
-        expose :commands
-        expose :repo_url
-        expose :before_sha
-        expose :allow_git_fetch
-        expose :token
-        expose :artifacts_expire_at, if: ->(build, _) { build.artifacts? }
-
-        expose :options do |model|
-          # This part ensures that output of old API is still the same after adding support
-          # for extended docker configuration options, used by new API
-          #
-          # I'm leaving this here, not in the model, because it should be removed at the same time
-          # when old API will be removed (planned for August 2017).
-          model.options.dup.tap do |options|
-            options[:image] = options[:image][:name] if options[:image].is_a?(Hash)
-            options[:services]&.map! do |service|
-              if service.is_a?(Hash)
-                service[:name]
-              else
-                service
-              end
-            end
-          end
-        end
-
-        expose :timeout do |model|
-          model.timeout
-        end
-
-        expose :variables
-        expose :depends_on_builds, using: Build
-
-        expose :credentials, using: BuildCredentials
-      end
-
-      class Runner < Grape::Entity
-        expose :id, :token
-      end
-
-      class RunnerProject < Grape::Entity
-        expose :id, :project_id, :runner_id
-      end
-
-      class WebHook < Grape::Entity
-        expose :id, :project_id, :url
-      end
-
-      class TriggerRequest < Grape::Entity
-        expose :id, :variables
-        expose :pipeline, using: Commit, as: :commit
-      end
-    end
-  end
-end
diff --git a/lib/ci/api/helpers.rb b/lib/ci/api/helpers.rb
deleted file mode 100644
index a40b6ab6c9f..00000000000
--- a/lib/ci/api/helpers.rb
+++ /dev/null
@@ -1,89 +0,0 @@
-module Ci
-  module API
-    module Helpers
-      BUILD_TOKEN_HEADER = "HTTP_BUILD_TOKEN".freeze
-      BUILD_TOKEN_PARAM = :token
-      UPDATE_RUNNER_EVERY = 10 * 60
-
-      def authenticate_runners!
-        forbidden! unless runner_registration_token_valid?
-      end
-
-      def authenticate_runner!
-        forbidden! unless current_runner
-      end
-
-      def authenticate_build!
-        build = Ci::Build.find_by_id(params[:id])
-
-        validate_build!(build) do
-          forbidden! unless build_token_valid?(build)
-        end
-
-        build
-      end
-
-      def validate_build!(build)
-        not_found! unless build
-
-        yield if block_given?
-
-        project = build.project
-        forbidden!('Project has been deleted!') if project.nil? || project.pending_delete?
-        forbidden!('Build has been erased!') if build.erased?
-      end
-
-      def runner_registration_token_valid?
-        ActiveSupport::SecurityUtils.variable_size_secure_compare(
-          params[:token],
-          current_application_settings.runners_registration_token)
-      end
-
-      def build_token_valid?(build)
-        token = (params[BUILD_TOKEN_PARAM] || env[BUILD_TOKEN_HEADER]).to_s
-
-        # We require to also check `runners_token` to maintain compatibility with old version of runners
-        token && (build.valid_token?(token) || build.project.valid_runners_token?(token))
-      end
-
-      def update_runner_info
-        return unless update_runner?
-
-        current_runner.contacted_at = Time.now
-        current_runner.assign_attributes(get_runner_version_from_params)
-        current_runner.save if current_runner.changed?
-      end
-
-      def update_runner?
-        # Use a random threshold to prevent beating DB updates.
-        # It generates a distribution between [40m, 80m].
-        #
-        contacted_at_max_age = UPDATE_RUNNER_EVERY + Random.rand(UPDATE_RUNNER_EVERY)
-
-        current_runner.contacted_at.nil? ||
-          (Time.now - current_runner.contacted_at) >= contacted_at_max_age
-      end
-
-      def build_not_found!
-        if headers['User-Agent'].to_s =~ /gitlab-ci-multi-runner \d+\.\d+\.\d+(~beta\.\d+\.g[0-9a-f]+)? /
-          no_content!
-        else
-          not_found!
-        end
-      end
-
-      def current_runner
-        @runner ||= Runner.find_by_token(params[:token].to_s)
-      end
-
-      def get_runner_version_from_params
-        return unless params["info"].present?
-        attributes_for_keys(%w(name version revision platform architecture), params["info"])
-      end
-
-      def max_artifacts_size
-        current_application_settings.max_artifacts_size.megabytes.to_i
-      end
-    end
-  end
-end
diff --git a/lib/ci/api/runners.rb b/lib/ci/api/runners.rb
deleted file mode 100644
index 45aa2adccf5..00000000000
--- a/lib/ci/api/runners.rb
+++ /dev/null
@@ -1,50 +0,0 @@
-module Ci
-  module API
-    class Runners < Grape::API
-      resource :runners do
-        desc 'Delete a runner'
-        params do
-          requires :token, type: String, desc: 'The unique token of the runner'
-        end
-        delete "delete" do
-          authenticate_runner!
-
-          status(200)
-          Ci::Runner.find_by_token(params[:token]).destroy
-        end
-
-        desc 'Register a new runner' do
-          success Entities::Runner
-        end
-        params do
-          requires :token, type: String, desc: 'The unique token of the runner'
-          optional :description, type: String, desc: 'The description of the runner'
-          optional :tag_list, type: Array[String], desc: 'A list of tags the runner should run for'
-          optional :run_untagged, type: Boolean, desc: 'Flag if the runner should execute untagged jobs'
-          optional :locked, type: Boolean, desc: 'Lock this runner for this specific project'
-        end
-        post "register" do
-          runner_params = declared(params, include_missing: false).except(:token)
-
-          runner =
-            if runner_registration_token_valid?
-              # Create shared runner. Requires admin access
-              Ci::Runner.create(runner_params.merge(is_shared: true))
-            elsif project = Project.find_by(runners_token: params[:token])
-              # Create a specific runner for project.
-              project.runners.create(runner_params)
-            end
-
-          return forbidden! unless runner
-
-          if runner.id
-            runner.update(get_runner_version_from_params)
-            present runner, with: Entities::Runner
-          else
-            not_found!
-          end
-        end
-      end
-    end
-  end
-end
diff --git a/lib/ci/api/triggers.rb b/lib/ci/api/triggers.rb
deleted file mode 100644
index 6225203f223..00000000000
--- a/lib/ci/api/triggers.rb
+++ /dev/null
@@ -1,39 +0,0 @@
-module Ci
-  module API
-    class Triggers < Grape::API
-      resource :projects do
-        desc 'Trigger a GitLab CI project build' do
-          success Entities::TriggerRequest
-        end
-        params do
-          requires :id, type: Integer, desc: 'The ID of a CI project'
-          requires :ref, type: String, desc: "The name of project's branch or tag"
-          requires :token, type: String, desc: 'The unique token of the trigger'
-          optional :variables, type: Hash, desc: 'Optional build variables'
-        end
-        post ":id/refs/:ref/trigger" do
-          project = Project.find_by(ci_id: params[:id])
-          trigger = Ci::Trigger.find_by_token(params[:token])
-          not_found! unless project && trigger
-          unauthorized! unless trigger.project == project
-
-          # Validate variables
-          variables = params[:variables].to_h
-          unless variables.all? { |key, value| key.is_a?(String) && value.is_a?(String) }
-            render_api_error!('variables needs to be a map of key-valued strings', 400)
-          end
-
-          # create request and trigger builds
-          result = Ci::CreateTriggerRequestService.execute(project, trigger, params[:ref], variables)
-          pipeline = result.pipeline
-
-          if pipeline.persisted?
-            present result.trigger_request, with: Entities::TriggerRequest
-          else
-            render_validation_error!(pipeline)
-          end
-        end
-      end
-    end
-  end
-end
diff --git a/lib/constraints/project_url_constrainer.rb b/lib/constraints/project_url_constrainer.rb
index fd7b97d3167..5bef29eb1da 100644
--- a/lib/constraints/project_url_constrainer.rb
+++ b/lib/constraints/project_url_constrainer.rb
@@ -7,7 +7,7 @@ class ProjectUrlConstrainer
     return false unless DynamicPathValidator.valid_project_path?(full_path)
 
     # We intentionally allow SELECT(*) here so result of this query can be used
-    # as cache for further Project.find_by_full_path calls within request 
+    # as cache for further Project.find_by_full_path calls within request
     Project.find_by_full_path(full_path, follow_redirects: request.get?).present?
   end
 end
diff --git a/lib/declarative_policy/base.rb b/lib/declarative_policy/base.rb
index df94cafb6a1..b028169f500 100644
--- a/lib/declarative_policy/base.rb
+++ b/lib/declarative_policy/base.rb
@@ -109,7 +109,7 @@ module DeclarativePolicy
         name = name.to_sym
 
         if delegation_block.nil?
-          delegation_block = proc { @subject.__send__(name) }
+          delegation_block = proc { @subject.__send__(name) } # rubocop:disable GitlabSecurity/PublicSend
         end
 
         own_delegations[name] = delegation_block
@@ -221,7 +221,7 @@ module DeclarativePolicy
     end
 
     # computes the given ability and prints a helpful debugging output
-    # showing which 
+    # showing which
     def debug(ability, *a)
       runner(ability).debug(*a)
     end
diff --git a/lib/declarative_policy/dsl.rb b/lib/declarative_policy/dsl.rb
index b26807a7622..6ba1e7a3c5c 100644
--- a/lib/declarative_policy/dsl.rb
+++ b/lib/declarative_policy/dsl.rb
@@ -93,7 +93,7 @@ module DeclarativePolicy
     def method_missing(m, *a, &b)
       return super unless @context_class.respond_to?(m)
 
-      @context_class.__send__(m, *a, &b)
+      @context_class.__send__(m, *a, &b) # rubocop:disable GitlabSecurity/PublicSend
     end
 
     def respond_to_missing?(m)
diff --git a/lib/file_size_validator.rb b/lib/file_size_validator.rb
index eb19ab45ac3..de391de9059 100644
--- a/lib/file_size_validator.rb
+++ b/lib/file_size_validator.rb
@@ -44,13 +44,13 @@ class FileSizeValidator < ActiveModel::EachValidator
         when Integer
           check_value
         when Symbol
-          record.send(check_value)
+          record.public_send(check_value) # rubocop:disable GitlabSecurity/PublicSend
         end
 
       value ||= [] if key == :maximum
 
       value_size = value.size
-      next if value_size.send(validity_check, check_value)
+      next if value_size.public_send(validity_check, check_value) # rubocop:disable GitlabSecurity/PublicSend
 
       errors_options = options.except(*RESERVED_OPTIONS)
       errors_options[:file_size] = help.number_to_human_size check_value
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index 7d3aa532750..8cb4060cd97 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -101,7 +101,7 @@ module Gitlab
         if Service.available_services_names.include?(underscored_service)
           # We treat underscored_service as a trusted input because it is included
           # in the Service.available_services_names whitelist.
-          service = project.public_send("#{underscored_service}_service")
+          service = project.public_send("#{underscored_service}_service") # rubocop:disable GitlabSecurity/PublicSend
 
           if service && service.activated? && service.valid_token?(password)
             Gitlab::Auth::Result.new(nil, project, :ci, build_authentication_abilities)
@@ -149,7 +149,7 @@ module Gitlab
 
       def abilities_for_scope(scopes)
         scopes.map do |scope|
-          self.public_send(:"#{scope}_scope_authentication_abilities")
+          self.public_send(:"#{scope}_scope_authentication_abilities") # rubocop:disable GitlabSecurity/PublicSend
         end.flatten.uniq
       end
 
diff --git a/lib/gitlab/auth/ip_rate_limiter.rb b/lib/gitlab/auth/ip_rate_limiter.rb
index 1089bc9f89e..e6173d45af3 100644
--- a/lib/gitlab/auth/ip_rate_limiter.rb
+++ b/lib/gitlab/auth/ip_rate_limiter.rb
@@ -11,11 +11,11 @@ module Gitlab
       def enabled?
         config.enabled
       end
-      
+
       def reset!
         Rack::Attack::Allow2Ban.reset(ip, config)
       end
-      
+
       def register_fail!
         # Allow2Ban.filter will return false if this IP has not failed too often yet
         @banned = Rack::Attack::Allow2Ban.filter(ip, config) do
@@ -23,17 +23,17 @@ module Gitlab
           ip_can_be_banned?
         end
       end
-      
+
       def banned?
         @banned
       end
-      
+
       private
-      
+
       def config
         Gitlab.config.rack_attack.git_basic_auth
       end
-      
+
       def ip_can_be_banned?
         config.ip_whitelist.exclude?(ip)
       end
diff --git a/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb b/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb
index 310a69a4bd4..3fde1b09efb 100644
--- a/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb
+++ b/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb
@@ -81,12 +81,15 @@ module Gitlab
             relative_order: index
           )
 
-          # Compatibility with old diffs created with Psych.
           diff_hash.tap do |hash|
             diff_text = hash[:diff]
 
             hash[:too_large] = !!hash[:too_large]
 
+            hash[:a_mode] ||= guess_mode(hash[:new_file], hash[:diff])
+            hash[:b_mode] ||= guess_mode(hash[:deleted_file], hash[:diff])
+
+            # Compatibility with old diffs created with Psych.
             if diff_text.encoding == Encoding::BINARY && !diff_text.ascii_only?
               hash[:binary] = true
               hash[:diff] = [diff_text].pack('m0')
@@ -97,6 +100,15 @@ module Gitlab
         [commit_rows, file_rows]
       end
 
+      # This doesn't have to be 100% accurate, because it's only used for
+      # display - it won't change file modes in the repository. Submodules are
+      # created as 600, regular files as 644.
+      def guess_mode(file_missing, diff)
+        return '0' if file_missing
+
+        diff.include?('Subproject commit') ? '160000' : '100644'
+      end
+
       # Unlike MergeRequestDiff#valid_raw_diff?, don't count Rugged objects as
       # valid, because we don't render them usefully anyway.
       def valid_raw_diffs?(diffs)
diff --git a/lib/gitlab/cache/request_cache.rb b/lib/gitlab/cache/request_cache.rb
index f1a04affd38..754a45c3257 100644
--- a/lib/gitlab/cache/request_cache.rb
+++ b/lib/gitlab/cache/request_cache.rb
@@ -69,7 +69,7 @@ module Gitlab
                   instance_variable_set(ivar_name, {})
               end
 
-            key = __send__(cache_key_method_name, args)
+            key = __send__(cache_key_method_name, args) # rubocop:disable GitlabSecurity/PublicSend
 
             store.fetch(key) { store[key] = super(*args) }
           end
diff --git a/lib/gitlab/ci/build/artifacts/metadata.rb b/lib/gitlab/ci/build/artifacts/metadata.rb
index a375ccbece0..a788fb3fcbc 100644
--- a/lib/gitlab/ci/build/artifacts/metadata.rb
+++ b/lib/gitlab/ci/build/artifacts/metadata.rb
@@ -60,7 +60,7 @@ module Gitlab
               begin
                 path = read_string(gz).force_encoding('UTF-8')
                 meta = read_string(gz).force_encoding('UTF-8')
-               
+
                 next unless path.valid_encoding? && meta.valid_encoding?
                 next unless path =~ match_pattern
                 next if path =~ INVALID_PATH_PATTERN
diff --git a/lib/gitlab/database/migration_helpers.rb b/lib/gitlab/database/migration_helpers.rb
index 69ca9aa596b..b83e633c7ed 100644
--- a/lib/gitlab/database/migration_helpers.rb
+++ b/lib/gitlab/database/migration_helpers.rb
@@ -606,6 +606,11 @@ module Gitlab
           Arel::Nodes::SqlLiteral.new(replace.to_sql)
         end
       end
+
+      def remove_foreign_key_without_error(*args)
+        remove_foreign_key(*args)
+      rescue ArgumentError
+      end
     end
   end
 end
diff --git a/lib/gitlab/diff/line_mapper.rb b/lib/gitlab/diff/line_mapper.rb
index 576a761423e..cf71d47df8e 100644
--- a/lib/gitlab/diff/line_mapper.rb
+++ b/lib/gitlab/diff/line_mapper.rb
@@ -38,7 +38,7 @@ module Gitlab
         # - The first diff line with a higher line number, if it falls between diff contexts
         # - The last known diff line, if it falls after the last diff context
         diff_line = diff_lines.find do |diff_line|
-          diff_from_line = diff_line.send(from)
+          diff_from_line = diff_line.public_send(from) # rubocop:disable GitlabSecurity/PublicSend
           diff_from_line && diff_from_line >= from_line
         end
         diff_line ||= diff_lines.last
@@ -47,8 +47,8 @@ module Gitlab
         # mapped line number is the same as the specified line number.
         return from_line unless diff_line
 
-        diff_from_line = diff_line.send(from)
-        diff_to_line = diff_line.send(to)
+        diff_from_line = diff_line.public_send(from) # rubocop:disable GitlabSecurity/PublicSend
+        diff_to_line = diff_line.public_send(to) # rubocop:disable GitlabSecurity/PublicSend
 
         # If the line was removed, there is no mapped line number.
         return unless diff_to_line
diff --git a/lib/gitlab/git/blob.rb b/lib/gitlab/git/blob.rb
index 77b81d2d437..7780f4e4d4f 100644
--- a/lib/gitlab/git/blob.rb
+++ b/lib/gitlab/git/blob.rb
@@ -54,7 +54,7 @@ module Gitlab
         # [[commit_sha, path], [commit_sha, path], ...]. If blob_size_limit < 0 then the
         # full blob contents are returned. If blob_size_limit >= 0 then each blob will
         # contain no more than limit bytes in its data attribute.
-        # 
+        #
         # Keep in mind that this method may allocate a lot of memory. It is up
         # to the caller to limit the number of blobs and blob_size_limit.
         #
@@ -173,7 +173,7 @@ module Gitlab
 
       def initialize(options)
         %w(id name path size data mode commit_id binary).each do |key|
-          self.send("#{key}=", options[key.to_sym])
+          self.__send__("#{key}=", options[key.to_sym]) # rubocop:disable GitlabSecurity/PublicSend
         end
 
         @loaded_all_data = false
diff --git a/lib/gitlab/git/commit.rb b/lib/gitlab/git/commit.rb
index fd4dfdb09a2..a499bbc6266 100644
--- a/lib/gitlab/git/commit.rb
+++ b/lib/gitlab/git/commit.rb
@@ -210,6 +210,16 @@ module Gitlab
 
           @rugged_sort_types.fetch(sort_type, Rugged::SORT_NONE)
         end
+
+        def shas_with_signatures(repository, shas)
+          shas.select do |sha|
+            begin
+              Rugged::Commit.extract_signature(repository.rugged, sha)
+            rescue Rugged::OdbError
+              false
+            end
+          end
+        end
       end
 
       def initialize(repository, raw_commit, head = nil)
@@ -335,15 +345,6 @@ module Gitlab
         parent_ids.map { |oid| self.class.find(@repository, oid) }.compact
       end
 
-      # Get the gpg signature of this commit.
-      #
-      # Ex.
-      #   commit.signature(repo)
-      #
-      def signature(repo)
-        Rugged::Commit.extract_signature(repo.rugged, sha)
-      end
-
       def stats
         Gitlab::Git::CommitStats.new(self)
       end
diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index 38772d06dbd..eb3731ba35a 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -18,6 +18,28 @@ module Gitlab
       InvalidBlobName = Class.new(StandardError)
       InvalidRef = Class.new(StandardError)
 
+      class << self
+        # Unlike `new`, `create` takes the storage path, not the storage name
+        def create(storage_path, name, bare: true, symlink_hooks_to: nil)
+          repo_path = File.join(storage_path, name)
+          repo_path += '.git' unless repo_path.end_with?('.git')
+
+          FileUtils.mkdir_p(repo_path, mode: 0770)
+
+          # Equivalent to `git --git-path=#{repo_path} init [--bare]`
+          repo = Rugged::Repository.init_at(repo_path, bare)
+          repo.close
+
+          if symlink_hooks_to.present?
+            hooks_path = File.join(repo_path, 'hooks')
+            FileUtils.rm_rf(hooks_path)
+            FileUtils.ln_s(symlink_hooks_to, hooks_path)
+          end
+
+          true
+        end
+      end
+
       # Full path to repo
       attr_reader :path
 
@@ -42,7 +64,6 @@ module Gitlab
       end
 
       delegate  :empty?,
-                :bare?,
                 to: :rugged
 
       delegate :exists?, to: :gitaly_repository_client
@@ -104,6 +125,8 @@ module Gitlab
       # This is to work around a bug in libgit2 that causes in-memory refs to
       # be stale/invalid when packed-refs is changed.
       # See https://gitlab.com/gitlab-org/gitlab-ce/issues/15392#note_14538333
+      #
+      # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/474
       def find_branch(name, force_reload = false)
         reload_rugged if force_reload
 
@@ -182,21 +205,26 @@ module Gitlab
       #
       # name - The name of the tag as a String.
       def tag_exists?(name)
-        !!rugged.tags[name]
+        gitaly_migrate(:ref_exists_tags) do |is_enabled|
+          if is_enabled
+            gitaly_ref_exists?("refs/tags/#{name}")
+          else
+            rugged_tag_exists?(name)
+          end
+        end
       end
 
       # Returns true if the given branch exists
       #
       # name - The name of the branch as a String.
       def branch_exists?(name)
-        rugged.branches.exists?(name)
-
-      # If the branch name is invalid (e.g. ".foo") Rugged will raise an error.
-      # Whatever code calls this method shouldn't have to deal with that so
-      # instead we just return `false` (which is true since a branch doesn't
-      # exist when it has an invalid name).
-      rescue Rugged::ReferenceError
-        false
+        gitaly_migrate(:ref_exists_branches) do |is_enabled|
+          if is_enabled
+            gitaly_ref_exists?("refs/heads/#{name}")
+          else
+            rugged_branch_exists?(name)
+          end
+        end
       end
 
       # Returns an Array of branch and tag names
@@ -204,10 +232,6 @@ module Gitlab
         branch_names + tag_names
       end
 
-      def has_commits?
-        !empty?
-      end
-
       # Discovers the default branch based on the repository's available branches
       #
       # - If no branches are present, returns nil
@@ -547,6 +571,8 @@ module Gitlab
       end
 
       # Delete the specified branch from the repository
+      #
+      # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/476
       def delete_branch(branch_name)
         rugged.branches.delete(branch_name)
       end
@@ -556,6 +582,8 @@ module Gitlab
       # Examples:
       #   create_branch("feature")
       #   create_branch("other-feature", "master")
+      #
+      # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/476
       def create_branch(ref, start_point = "HEAD")
         rugged_ref = rugged.branches.create(ref, start_point)
         target_commit = Gitlab::Git::Commit.find(self, rugged_ref.target)
@@ -565,38 +593,26 @@ module Gitlab
         raise InvalidRef.new("Invalid reference #{start_point}")
       end
 
-      # Return an array of this repository's remote names
-      def remote_names
-        rugged.remotes.each_name.to_a
-      end
-
       # Delete the specified remote from this repository.
       def remote_delete(remote_name)
         rugged.remotes.delete(remote_name)
+        nil
       end
 
-      # Add a new remote to this repository.  Returns a Rugged::Remote object
+      # Add a new remote to this repository.
       def remote_add(remote_name, url)
         rugged.remotes.create(remote_name, url)
+        nil
       end
 
       # Update the specified remote using the values in the +options+ hash
       #
       # Example
       # repo.update_remote("origin", url: "path/to/repo")
-      def remote_update(remote_name, options = {})
+      def remote_update(remote_name, url:)
         # TODO: Implement other remote options
-        rugged.remotes.set_url(remote_name, options[:url]) if options[:url]
-      end
-
-      # Fetch the specified remote
-      def fetch(remote_name)
-        rugged.remotes[remote_name].fetch
-      end
-
-      # Push +*refspecs+ to the remote identified by +remote_name+.
-      def push(remote_name, *refspecs)
-        rugged.remotes[remote_name].push(refspecs)
+        rugged.remotes.set_url(remote_name, url)
+        nil
       end
 
       AUTOCRLF_VALUES = {
@@ -631,33 +647,15 @@ module Gitlab
 
       # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/328
       def copy_gitattributes(ref)
-        begin
-          commit = lookup(ref)
-        rescue Rugged::ReferenceError
-          raise InvalidRef.new("Ref #{ref} is invalid")
-        end
-
-        # Create the paths
-        info_dir_path = File.join(path, 'info')
-        info_attributes_path = File.join(info_dir_path, 'attributes')
-
-        begin
-          # Retrieve the contents of the blob
-          gitattributes_content = blob_content(commit, '.gitattributes')
-        rescue InvalidBlobName
-          # No .gitattributes found. Should now remove any info/attributes and return
-          File.delete(info_attributes_path) if File.exist?(info_attributes_path)
-          return
-        end
-
-        # Create the info directory if needed
-        Dir.mkdir(info_dir_path) unless File.directory?(info_dir_path)
-
-        # Write the contents of the .gitattributes file to info/attributes
-        # Use binary mode to prevent Rails from converting ASCII-8BIT to UTF-8
-        File.open(info_attributes_path, "wb") do |file|
-          file.write(gitattributes_content)
+        Gitlab::GitalyClient.migrate(:apply_gitattributes) do |is_enabled|
+          if is_enabled
+            gitaly_copy_gitattributes(ref)
+          else
+            rugged_copy_gitattributes(ref)
+          end
         end
+      rescue GRPC::InvalidArgument
+        raise InvalidRef
       end
 
       # Returns the Git attributes for the given file path.
@@ -990,6 +988,68 @@ module Gitlab
 
         raw_output.compact
       end
+
+      # Returns true if the given ref name exists
+      #
+      # Ref names must start with `refs/`.
+      def gitaly_ref_exists?(ref_name)
+        gitaly_ref_client.ref_exists?(ref_name)
+      end
+
+      # Returns true if the given tag exists
+      #
+      # name - The name of the tag as a String.
+      def rugged_tag_exists?(name)
+        !!rugged.tags[name]
+      end
+
+      # Returns true if the given branch exists
+      #
+      # name - The name of the branch as a String.
+      def rugged_branch_exists?(name)
+        rugged.branches.exists?(name)
+
+      # If the branch name is invalid (e.g. ".foo") Rugged will raise an error.
+      # Whatever code calls this method shouldn't have to deal with that so
+      # instead we just return `false` (which is true since a branch doesn't
+      # exist when it has an invalid name).
+      rescue Rugged::ReferenceError
+        false
+      end
+
+      def gitaly_copy_gitattributes(revision)
+        gitaly_repository_client.apply_gitattributes(revision)
+      end
+
+      def rugged_copy_gitattributes(ref)
+        begin
+          commit = lookup(ref)
+        rescue Rugged::ReferenceError
+          raise InvalidRef.new("Ref #{ref} is invalid")
+        end
+
+        # Create the paths
+        info_dir_path = File.join(path, 'info')
+        info_attributes_path = File.join(info_dir_path, 'attributes')
+
+        begin
+          # Retrieve the contents of the blob
+          gitattributes_content = blob_content(commit, '.gitattributes')
+        rescue InvalidBlobName
+          # No .gitattributes found. Should now remove any info/attributes and return
+          File.delete(info_attributes_path) if File.exist?(info_attributes_path)
+          return
+        end
+
+        # Create the info directory if needed
+        Dir.mkdir(info_dir_path) unless File.directory?(info_dir_path)
+
+        # Write the contents of the .gitattributes file to info/attributes
+        # Use binary mode to prevent Rails from converting ASCII-8BIT to UTF-8
+        File.open(info_attributes_path, "wb") do |file|
+          file.write(gitattributes_content)
+        end
+      end
     end
   end
 end
diff --git a/lib/gitlab/git/tree.rb b/lib/gitlab/git/tree.rb
index 8e959c57c7c..b54962a4456 100644
--- a/lib/gitlab/git/tree.rb
+++ b/lib/gitlab/git/tree.rb
@@ -89,7 +89,7 @@ module Gitlab
 
       def initialize(options)
         %w(id root_id name path type mode commit_id).each do |key|
-          self.send("#{key}=", options[key.to_sym])
+          self.send("#{key}=", options[key.to_sym]) # rubocop:disable GitlabSecurity/PublicSend
         end
       end
 
diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb
index 0b62911958d..3e8b83c0f90 100644
--- a/lib/gitlab/git_access.rb
+++ b/lib/gitlab/git_access.rb
@@ -4,6 +4,7 @@ module Gitlab
   class GitAccess
     UnauthorizedError = Class.new(StandardError)
     NotFoundError = Class.new(StandardError)
+    ProjectMovedError = Class.new(NotFoundError)
 
     ERROR_MESSAGES = {
       upload: 'You are not allowed to upload code for this project.',
@@ -90,18 +91,18 @@ module Gitlab
     end
 
     def check_project_moved!
-      if redirected_path
-        url = protocol == 'ssh' ? project.ssh_url_to_repo : project.http_url_to_repo
-        message = <<-MESSAGE.strip_heredoc
-          Project '#{redirected_path}' was moved to '#{project.full_path}'.
+      return unless redirected_path
 
-          Please update your Git remote and try again:
+      url = protocol == 'ssh' ? project.ssh_url_to_repo : project.http_url_to_repo
+      message = <<-MESSAGE.strip_heredoc
+        Project '#{redirected_path}' was moved to '#{project.full_path}'.
 
-            git remote set-url origin #{url}
-        MESSAGE
+        Please update your Git remote and try again:
 
-        raise NotFoundError, message
-      end
+          git remote set-url origin #{url}
+      MESSAGE
+
+      raise ProjectMovedError, message
     end
 
     def check_command_disabled!(cmd)
diff --git a/lib/gitlab/gitaly_client.rb b/lib/gitlab/gitaly_client.rb
index 70177cd0fec..9a5f4f598b2 100644
--- a/lib/gitlab/gitaly_client.rb
+++ b/lib/gitlab/gitaly_client.rb
@@ -55,7 +55,7 @@ module Gitlab
     def self.call(storage, service, rpc, request)
       metadata = request_metadata(storage)
       metadata = yield(metadata) if block_given?
-      stub(service, storage).send(rpc, request, metadata)
+      stub(service, storage).__send__(rpc, request, metadata) # rubocop:disable GitlabSecurity/PublicSend
     end
 
     def self.request_metadata(storage)
diff --git a/lib/gitlab/gitaly_client/blob_service.rb b/lib/gitlab/gitaly_client/blob_service.rb
index 7ea8e8d0857..a250eb75bd4 100644
--- a/lib/gitlab/gitaly_client/blob_service.rb
+++ b/lib/gitlab/gitaly_client/blob_service.rb
@@ -13,10 +13,17 @@ module Gitlab
         )
         response = GitalyClient.call(@gitaly_repo.storage_name, :blob_service, :get_blob, request)
 
-        blob = response.first
-        return unless blob.oid.present?
+        data = ''
+        blob = nil
+        response.each do |msg|
+          if blob.nil?
+            blob = msg
+          end
 
-        data = response.reduce(blob.data.dup) { |memo, msg| memo << msg.data.dup }
+          data << msg.data
+        end
+
+        return nil if blob.oid.blank?
 
         Gitlab::Git::Blob.new(
           id: blob.oid,
diff --git a/lib/gitlab/gitaly_client/commit_service.rb b/lib/gitlab/gitaly_client/commit_service.rb
index 93268d9f33c..b36e81278d6 100644
--- a/lib/gitlab/gitaly_client/commit_service.rb
+++ b/lib/gitlab/gitaly_client/commit_service.rb
@@ -60,15 +60,21 @@ module Gitlab
         )
 
         response = GitalyClient.call(@repository.storage, :commit_service, :tree_entry, request)
-        entry = response.first
-        return unless entry.oid.present?
 
-        if entry.type == :BLOB
-          rest_of_data = response.reduce("") { |memo, msg| memo << msg.data }
-          entry.data += rest_of_data
+        entry = nil
+        data = ''
+        response.each do |msg|
+          if entry.nil?
+            entry = msg
+
+            break unless entry.type == :BLOB
+          end
+
+          data << msg.data
         end
+        entry.data = data
 
-        entry
+        entry unless entry.oid.blank?
       end
 
       def tree_entries(repository, revision, path)
diff --git a/lib/gitlab/gitaly_client/ref_service.rb b/lib/gitlab/gitaly_client/ref_service.rb
index 919fb68b8c7..cdcfed36740 100644
--- a/lib/gitlab/gitaly_client/ref_service.rb
+++ b/lib/gitlab/gitaly_client/ref_service.rb
@@ -70,6 +70,14 @@ module Gitlab
         consume_tags_response(response)
       end
 
+      def ref_exists?(ref_name)
+        request = Gitaly::RefExistsRequest.new(repository: @gitaly_repo, ref: ref_name)
+        response = GitalyClient.call(@storage, :ref_service, :ref_exists, request)
+        response.value
+      rescue GRPC::InvalidArgument => e
+        raise ArgumentError, e.message
+      end
+
       private
 
       def consume_refs_response(response)
diff --git a/lib/gitlab/gitaly_client/repository_service.rb b/lib/gitlab/gitaly_client/repository_service.rb
index 6ad97e62941..a74a6dc6e78 100644
--- a/lib/gitlab/gitaly_client/repository_service.rb
+++ b/lib/gitlab/gitaly_client/repository_service.rb
@@ -32,6 +32,11 @@ module Gitlab
         request = Gitaly::RepositorySizeRequest.new(repository: @gitaly_repo)
         GitalyClient.call(@storage, :repository_service, :repository_size, request).size
       end
+
+      def apply_gitattributes(revision)
+        request = Gitaly::ApplyGitattributesRequest.new(repository: @gitaly_repo, revision: revision)
+        GitalyClient.call(@storage, :repository_service, :apply_gitattributes, request)
+      end
     end
   end
 end
diff --git a/lib/gitlab/github_import/base_formatter.rb b/lib/gitlab/github_import/base_formatter.rb
index 8c80791e7c9..f330041cc00 100644
--- a/lib/gitlab/github_import/base_formatter.rb
+++ b/lib/gitlab/github_import/base_formatter.rb
@@ -11,7 +11,9 @@ module Gitlab
       end
 
       def create!
-        project.public_send(project_association).find_or_create_by!(find_condition) do |record|
+        association = project.public_send(project_association) # rubocop:disable GitlabSecurity/PublicSend
+
+        association.find_or_create_by!(find_condition) do |record|
           record.attributes = attributes
         end
       end
diff --git a/lib/gitlab/github_import/client.rb b/lib/gitlab/github_import/client.rb
index 7dbeec5b010..0550f9695bd 100644
--- a/lib/gitlab/github_import/client.rb
+++ b/lib/gitlab/github_import/client.rb
@@ -120,7 +120,7 @@ module Gitlab
       def request(method, *args, &block)
         sleep rate_limit_sleep_time if rate_limit_exceed?
 
-        data = api.send(method, *args)
+        data = api.__send__(method, *args) # rubocop:disable GitlabSecurity/PublicSend
         return data unless data.is_a?(Array)
 
         last_response = api.last_response
diff --git a/lib/gitlab/github_import/importer.rb b/lib/gitlab/github_import/importer.rb
index 266b1a6fece..373062b354b 100644
--- a/lib/gitlab/github_import/importer.rb
+++ b/lib/gitlab/github_import/importer.rb
@@ -289,7 +289,7 @@ module Gitlab
 
         opts.last[:page] = current_page(resource_type)
 
-        client.public_send(resource_type, *opts) do |resources|
+        client.public_send(resource_type, *opts) do |resources| # rubocop:disable GitlabSecurity/PublicSend
           yield resources
           increment_page(resource_type)
         end
diff --git a/lib/gitlab/gpg/commit.rb b/lib/gitlab/gpg/commit.rb
index 55428b85207..606c7576f70 100644
--- a/lib/gitlab/gpg/commit.rb
+++ b/lib/gitlab/gpg/commit.rb
@@ -1,12 +1,20 @@
 module Gitlab
   module Gpg
     class Commit
-      attr_reader :commit
+      def self.for_commit(commit)
+        new(commit.project, commit.sha)
+      end
 
-      def initialize(commit)
-        @commit = commit
+      def initialize(project, sha)
+        @project = project
+        @sha = sha
 
-        @signature_text, @signed_text = commit.raw.signature(commit.project.repository)
+        @signature_text, @signed_text =
+          begin
+            Rugged::Commit.extract_signature(project.repository.rugged, sha)
+          rescue Rugged::OdbError
+            nil
+          end
       end
 
       def has_signature?
@@ -16,18 +24,20 @@ module Gitlab
       def signature
         return unless has_signature?
 
-        cached_signature = GpgSignature.find_by(commit_sha: commit.sha)
-        return cached_signature if cached_signature.present?
+        return @signature if @signature
 
-        using_keychain do |gpg_key|
-          create_cached_signature!(gpg_key)
-        end
+        cached_signature = GpgSignature.find_by(commit_sha: @sha)
+        return @signature = cached_signature if cached_signature.present?
+
+        @signature = create_cached_signature!
       end
 
       def update_signature!(cached_signature)
         using_keychain do |gpg_key|
           cached_signature.update_attributes!(attributes(gpg_key))
         end
+
+        @signature = cached_signature
       end
 
       private
@@ -55,16 +65,18 @@ module Gitlab
         end
       end
 
-      def create_cached_signature!(gpg_key)
-        GpgSignature.create!(attributes(gpg_key))
+      def create_cached_signature!
+        using_keychain do |gpg_key|
+          GpgSignature.create!(attributes(gpg_key))
+        end
       end
 
       def attributes(gpg_key)
         user_infos = user_infos(gpg_key)
 
         {
-          commit_sha: commit.sha,
-          project: commit.project,
+          commit_sha: @sha,
+          project: @project,
           gpg_key: gpg_key,
           gpg_key_primary_keyid: gpg_key&.primary_keyid || verified_signature.fingerprint,
           gpg_key_user_name: user_infos[:name],
diff --git a/lib/gitlab/gpg/invalid_gpg_signature_updater.rb b/lib/gitlab/gpg/invalid_gpg_signature_updater.rb
index 3bb491120ba..a525ee7a9ee 100644
--- a/lib/gitlab/gpg/invalid_gpg_signature_updater.rb
+++ b/lib/gitlab/gpg/invalid_gpg_signature_updater.rb
@@ -10,9 +10,7 @@ module Gitlab
           .select(:id, :commit_sha, :project_id)
           .where('gpg_key_id IS NULL OR valid_signature = ?', false)
           .where(gpg_key_primary_keyid: @gpg_key.primary_keyid)
-          .find_each do |gpg_signature|
-            Gitlab::Gpg::Commit.new(gpg_signature.commit).update_signature!(gpg_signature)
-          end
+          .find_each { |sig| sig.gpg_commit.update_signature!(sig) }
       end
     end
   end
diff --git a/lib/gitlab/import_export/attributes_finder.rb b/lib/gitlab/import_export/attributes_finder.rb
index d230de781d5..56042ddecbf 100644
--- a/lib/gitlab/import_export/attributes_finder.rb
+++ b/lib/gitlab/import_export/attributes_finder.rb
@@ -1,7 +1,6 @@
 module Gitlab
   module ImportExport
     class AttributesFinder
-    
       def initialize(included_attributes:, excluded_attributes:, methods:)
         @included_attributes = included_attributes || {}
         @excluded_attributes = excluded_attributes || {}
diff --git a/lib/gitlab/import_export/project_tree_restorer.rb b/lib/gitlab/import_export/project_tree_restorer.rb
index 84ab1977dfa..cbc8d170936 100644
--- a/lib/gitlab/import_export/project_tree_restorer.rb
+++ b/lib/gitlab/import_export/project_tree_restorer.rb
@@ -1,6 +1,9 @@
 module Gitlab
   module ImportExport
     class ProjectTreeRestorer
+      # Relations which cannot have both group_id and project_id at the same time
+      RESTRICT_PROJECT_AND_GROUP = %i(milestones).freeze
+
       def initialize(user:, shared:, project:)
         @path = File.join(shared.export_path, 'project.json')
         @user = user
@@ -118,9 +121,11 @@ module Gitlab
       end
 
       def create_relation(relation, relation_hash_list)
+        relation_type = relation.to_sym
+
         relation_array = [relation_hash_list].flatten.map do |relation_hash|
-          Gitlab::ImportExport::RelationFactory.create(relation_sym: relation.to_sym,
-                                                       relation_hash: parsed_relation_hash(relation_hash),
+          Gitlab::ImportExport::RelationFactory.create(relation_sym: relation_type,
+                                                       relation_hash: parsed_relation_hash(relation_hash, relation_type),
                                                        members_mapper: members_mapper,
                                                        user: @user,
                                                        project: restored_project)
@@ -129,8 +134,16 @@ module Gitlab
         relation_hash_list.is_a?(Array) ? relation_array : relation_array.first
       end
 
-      def parsed_relation_hash(relation_hash)
-        relation_hash.merge!('group_id' => restored_project.group.try(:id), 'project_id' => restored_project.id)
+      def parsed_relation_hash(relation_hash, relation_type)
+        if RESTRICT_PROJECT_AND_GROUP.include?(relation_type)
+          params = {}
+          params['group_id'] = restored_project.group.try(:id) if relation_hash['group_id']
+          params['project_id'] = restored_project.id if relation_hash['project_id']
+        else
+          params = { 'group_id' => restored_project.group.try(:id), 'project_id' => restored_project.id }
+        end
+
+        relation_hash.merge(params)
       end
     end
   end
diff --git a/lib/gitlab/lazy.rb b/lib/gitlab/lazy.rb
index 2a659ae4c74..99594577141 100644
--- a/lib/gitlab/lazy.rb
+++ b/lib/gitlab/lazy.rb
@@ -16,7 +16,7 @@ module Gitlab
     def method_missing(name, *args, &block)
       __evaluate__
 
-      @result.__send__(name, *args, &block)
+      @result.__send__(name, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
     end
 
     def respond_to_missing?(name, include_private = false)
diff --git a/lib/gitlab/ldap/auth_hash.rb b/lib/gitlab/ldap/auth_hash.rb
index 95378e5a769..4fbc5fa5262 100644
--- a/lib/gitlab/ldap/auth_hash.rb
+++ b/lib/gitlab/ldap/auth_hash.rb
@@ -17,7 +17,7 @@ module Gitlab
           value = value.first if value
           break if value.present?
         end
-        
+
         return super unless value
 
         Gitlab::Utils.force_utf8(value)
diff --git a/lib/gitlab/ldap/person.rb b/lib/gitlab/ldap/person.rb
index 43eb73250b7..e138b466a34 100644
--- a/lib/gitlab/ldap/person.rb
+++ b/lib/gitlab/ldap/person.rb
@@ -32,7 +32,7 @@ module Gitlab
       end
 
       def uid
-        entry.send(config.uid).first
+        entry.public_send(config.uid).first # rubocop:disable GitlabSecurity/PublicSend
       end
 
       def username
@@ -65,7 +65,7 @@ module Gitlab
 
         return nil unless selected_attr
 
-        entry.public_send(selected_attr)
+        entry.public_send(selected_attr) # rubocop:disable GitlabSecurity/PublicSend
       end
     end
   end
diff --git a/lib/gitlab/markdown/pipeline.rb b/lib/gitlab/markdown/pipeline.rb
index 699d8b9fc07..306923902e0 100644
--- a/lib/gitlab/markdown/pipeline.rb
+++ b/lib/gitlab/markdown/pipeline.rb
@@ -23,7 +23,7 @@ module Gitlab
           define_method(meth) do |text, context|
             context = transform_context(context)
 
-            html_pipeline.send(meth, text, context)
+            html_pipeline.__send__(meth, text, context) # rubocop:disable GitlabSecurity/PublicSend
           end
         end
       end
diff --git a/lib/gitlab/middleware/rails_queue_duration.rb b/lib/gitlab/middleware/rails_queue_duration.rb
index 5d2d7d0026c..63c3372da51 100644
--- a/lib/gitlab/middleware/rails_queue_duration.rb
+++ b/lib/gitlab/middleware/rails_queue_duration.rb
@@ -8,7 +8,7 @@ module Gitlab
       def initialize(app)
         @app = app
       end
-      
+
       def call(env)
         trans = Gitlab::Metrics.current_transaction
         proxy_start = env['HTTP_GITLAB_WORKHORSE_PROXY_START'].presence
diff --git a/lib/gitlab/redis/cache.rb b/lib/gitlab/redis/cache.rb
index b0da516ff83..9bf019b72e6 100644
--- a/lib/gitlab/redis/cache.rb
+++ b/lib/gitlab/redis/cache.rb
@@ -7,9 +7,6 @@ module Gitlab
       CACHE_NAMESPACE = 'cache:gitlab'.freeze
       DEFAULT_REDIS_CACHE_URL = 'redis://localhost:6380'.freeze
       REDIS_CACHE_CONFIG_ENV_VAR_NAME = 'GITLAB_REDIS_CACHE_CONFIG_FILE'.freeze
-      if defined?(::Rails) && ::Rails.root.present?
-        DEFAULT_REDIS_CACHE_CONFIG_FILE_NAME = ::Rails.root.join('config', 'redis.cache.yml').freeze
-      end
 
       class << self
         def default_url
@@ -22,7 +19,7 @@ module Gitlab
           return file_name unless file_name.nil?
 
           # otherwise, if config files exists for this class, use it
-          file_name = File.expand_path(DEFAULT_REDIS_CACHE_CONFIG_FILE_NAME, __dir__)
+          file_name = config_file_path('redis.cache.yml')
           return file_name if File.file?(file_name)
 
           # this will force use of DEFAULT_REDIS_QUEUES_URL when config file is absent
diff --git a/lib/gitlab/redis/queues.rb b/lib/gitlab/redis/queues.rb
index f9249d05565..e1695aafbeb 100644
--- a/lib/gitlab/redis/queues.rb
+++ b/lib/gitlab/redis/queues.rb
@@ -8,9 +8,6 @@ module Gitlab
       MAILROOM_NAMESPACE = 'mail_room:gitlab'.freeze
       DEFAULT_REDIS_QUEUES_URL = 'redis://localhost:6381'.freeze
       REDIS_QUEUES_CONFIG_ENV_VAR_NAME = 'GITLAB_REDIS_QUEUES_CONFIG_FILE'.freeze
-      if defined?(::Rails) && ::Rails.root.present?
-        DEFAULT_REDIS_QUEUES_CONFIG_FILE_NAME = ::Rails.root.join('config', 'redis.queues.yml').freeze
-      end
 
       class << self
         def default_url
@@ -23,7 +20,7 @@ module Gitlab
           return file_name if file_name
 
           # otherwise, if config files exists for this class, use it
-          file_name = File.expand_path(DEFAULT_REDIS_QUEUES_CONFIG_FILE_NAME, __dir__)
+          file_name = config_file_path('redis.queues.yml')
           return file_name if File.file?(file_name)
 
           # this will force use of DEFAULT_REDIS_QUEUES_URL when config file is absent
diff --git a/lib/gitlab/redis/shared_state.rb b/lib/gitlab/redis/shared_state.rb
index 395dcf082da..10bec7a90da 100644
--- a/lib/gitlab/redis/shared_state.rb
+++ b/lib/gitlab/redis/shared_state.rb
@@ -7,9 +7,6 @@ module Gitlab
       SESSION_NAMESPACE = 'session:gitlab'.freeze
       DEFAULT_REDIS_SHARED_STATE_URL = 'redis://localhost:6382'.freeze
       REDIS_SHARED_STATE_CONFIG_ENV_VAR_NAME = 'GITLAB_REDIS_SHARED_STATE_CONFIG_FILE'.freeze
-      if defined?(::Rails) && ::Rails.root.present?
-        DEFAULT_REDIS_SHARED_STATE_CONFIG_FILE_NAME = ::Rails.root.join('config', 'redis.shared_state.yml').freeze
-      end
 
       class << self
         def default_url
@@ -22,7 +19,7 @@ module Gitlab
           return file_name if file_name
 
           # otherwise, if config files exists for this class, use it
-          file_name = File.expand_path(DEFAULT_REDIS_SHARED_STATE_CONFIG_FILE_NAME, __dir__)
+          file_name = config_file_path('redis.shared_state.yml')
           return file_name if File.file?(file_name)
 
           # this will force use of DEFAULT_REDIS_SHARED_STATE_URL when config file is absent
diff --git a/lib/gitlab/redis/wrapper.rb b/lib/gitlab/redis/wrapper.rb
index c43b37dde74..8ad06480575 100644
--- a/lib/gitlab/redis/wrapper.rb
+++ b/lib/gitlab/redis/wrapper.rb
@@ -8,9 +8,6 @@ module Gitlab
     class Wrapper
       DEFAULT_REDIS_URL = 'redis://localhost:6379'.freeze
       REDIS_CONFIG_ENV_VAR_NAME = 'GITLAB_REDIS_CONFIG_FILE'.freeze
-      if defined?(::Rails) && ::Rails.root.present?
-        DEFAULT_REDIS_CONFIG_FILE_NAME = ::Rails.root.join('config', 'resque.yml').freeze
-      end
 
       class << self
         delegate :params, :url, to: :new
@@ -49,13 +46,21 @@ module Gitlab
           DEFAULT_REDIS_URL
         end
 
+        # Return the absolute path to a Rails configuration file
+        #
+        # We use this instead of `Rails.root` because for certain tasks
+        # utilizing these classes, `Rails` might not be available.
+        def config_file_path(filename)
+          File.expand_path("../../../config/#{filename}", __dir__)
+        end
+
         def config_file_name
           # if ENV set for wrapper class, use it even if it points to a file does not exist
           file_name = ENV[REDIS_CONFIG_ENV_VAR_NAME]
           return file_name unless file_name.nil?
 
           # otherwise, if config files exists for wrapper class, use it
-          file_name = File.expand_path(DEFAULT_REDIS_CONFIG_FILE_NAME, __dir__)
+          file_name = config_file_path('resque.yml')
           return file_name if File.file?(file_name)
 
           # nil will force use of DEFAULT_REDIS_URL when config file is absent
diff --git a/lib/gitlab/shell.rb b/lib/gitlab/shell.rb
index 0cb28732402..280a9abf03e 100644
--- a/lib/gitlab/shell.rb
+++ b/lib/gitlab/shell.rb
@@ -73,8 +73,10 @@ module Gitlab
     #
     # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/387
     def add_repository(storage, name)
-      gitlab_shell_fast_execute([gitlab_shell_projects_path,
-                                 'add-project', storage, "#{name}.git"])
+      Gitlab::Git::Repository.create(storage, name, bare: true, symlink_hooks_to: gitlab_shell_hooks_path)
+    rescue => err
+      Rails.logger.error("Failed to add repository #{storage}/#{name}: #{err}")
+      false
     end
 
     # Import repository
@@ -273,7 +275,11 @@ module Gitlab
     protected
 
     def gitlab_shell_path
-      Gitlab.config.gitlab_shell.path
+      File.expand_path(Gitlab.config.gitlab_shell.path)
+    end
+
+    def gitlab_shell_hooks_path
+      File.expand_path(Gitlab.config.gitlab_shell.hooks_path)
     end
 
     def gitlab_shell_user_home
diff --git a/lib/gitlab/sidekiq_status.rb b/lib/gitlab/sidekiq_status.rb
index ca8d3271541..a0a2769cf9e 100644
--- a/lib/gitlab/sidekiq_status.rb
+++ b/lib/gitlab/sidekiq_status.rb
@@ -90,9 +90,14 @@ module Gitlab
     #
     # Returns an array of completed JIDs
     def self.completed_jids(job_ids)
-      Sidekiq.redis do |redis|
-        job_ids.reject { |jid| redis.exists(key_for(jid)) }
+      statuses = job_status(job_ids)
+
+      completed = []
+      job_ids.zip(statuses).each do |job_id, status|
+        completed << job_id unless status
       end
+
+      completed
     end
 
     def self.key_for(jid)
diff --git a/lib/gitlab/slash_commands/presenters/help.rb b/lib/gitlab/slash_commands/presenters/help.rb
index ea611a4d629..ab855319077 100644
--- a/lib/gitlab/slash_commands/presenters/help.rb
+++ b/lib/gitlab/slash_commands/presenters/help.rb
@@ -14,7 +14,7 @@ module Gitlab
           if text.start_with?('help')
             header_with_list("Available commands", full_commands(trigger))
           else
-            header_with_list("Unknown command, these commands are available", full_commands(trigger)) 
+            header_with_list("Unknown command, these commands are available", full_commands(trigger))
           end
         end
 
diff --git a/lib/gitlab/string_range_marker.rb b/lib/gitlab/string_range_marker.rb
index 94fba0a221a..11aeec1ebfa 100644
--- a/lib/gitlab/string_range_marker.rb
+++ b/lib/gitlab/string_range_marker.rb
@@ -1,21 +1,31 @@
 module Gitlab
   class StringRangeMarker
-    attr_accessor :raw_line, :rich_line
-
-    def initialize(raw_line, rich_line = raw_line)
-      @raw_line = raw_line
-      @rich_line = ERB::Util.html_escape(rich_line)
+    attr_accessor :raw_line, :rich_line, :html_escaped
+
+    def initialize(raw_line, rich_line = nil)
+      @raw_line = raw_line.dup
+      if rich_line.nil?
+        @rich_line = raw_line.dup
+        @html_escaped = false
+      else
+        @rich_line = ERB::Util.html_escape(rich_line)
+        @html_escaped = true
+      end
     end
 
     def mark(marker_ranges)
       return rich_line unless marker_ranges
 
-      rich_marker_ranges = []
-      marker_ranges.each do |range|
-        # Map the inline-diff range based on the raw line to character positions in the rich line
-        rich_positions = position_mapping[range].flatten
-        # Turn the array of character positions into ranges
-        rich_marker_ranges.concat(collapse_ranges(rich_positions))
+      if html_escaped
+        rich_marker_ranges = []
+        marker_ranges.each do |range|
+          # Map the inline-diff range based on the raw line to character positions in the rich line
+          rich_positions = position_mapping[range].flatten
+          # Turn the array of character positions into ranges
+          rich_marker_ranges.concat(collapse_ranges(rich_positions))
+        end
+      else
+        rich_marker_ranges = marker_ranges
       end
 
       offset = 0
@@ -31,7 +41,7 @@ module Gitlab
         offset += text.length - original_text.length
       end
 
-      rich_line.html_safe
+      @html_escaped ? rich_line.html_safe : rich_line
     end
 
     private
diff --git a/lib/gitlab/utils.rb b/lib/gitlab/utils.rb
index fa182c4deda..9670c93759e 100644
--- a/lib/gitlab/utils.rb
+++ b/lib/gitlab/utils.rb
@@ -14,6 +14,19 @@ module Gitlab
       str.force_encoding(Encoding::UTF_8)
     end
 
+    # A slugified version of the string, suitable for inclusion in URLs and
+    # domain names. Rules:
+    #
+    #   * Lowercased
+    #   * Anything not matching [a-z0-9-] is replaced with a -
+    #   * Maximum length is 63 bytes
+    #   * First/Last Character is not a hyphen
+    def slugify(str)
+      return str.downcase
+        .gsub(/[^a-z0-9]/, '-')[0..62]
+        .gsub(/(\A-+|-+\z)/, '')
+    end
+
     def to_boolean(value)
       return value if [true, false].include?(value)
       return true if value =~ /^(true|t|yes|y|1|on)$/i
diff --git a/lib/tasks/gitlab/gitaly.rake b/lib/tasks/gitlab/gitaly.rake
index e337c67a0f5..08677a98fc1 100644
--- a/lib/tasks/gitlab/gitaly.rake
+++ b/lib/tasks/gitlab/gitaly.rake
@@ -18,7 +18,7 @@ namespace :gitlab do
       command = status.zero? ? ['gmake'] : ['make']
 
       if Rails.env.test?
-        command += %W[BUNDLE_PATH=#{Bundler.bundle_path}] 
+        command += %W[BUNDLE_PATH=#{Bundler.bundle_path}]
       end
 
       Dir.chdir(args.dir) do
diff --git a/lib/uploaded_file.rb b/lib/uploaded_file.rb
index 41dee5fdc06..4a3c40f88eb 100644
--- a/lib/uploaded_file.rb
+++ b/lib/uploaded_file.rb
@@ -27,7 +27,7 @@ class UploadedFile
   alias_method :local_path, :path
 
   def method_missing(method_name, *args, &block) #:nodoc:
-    @tempfile.__send__(method_name, *args, &block)
+    @tempfile.__send__(method_name, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def respond_to?(method_name, include_private = false) #:nodoc:
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index e60504e1395..a4a3ef6c42c 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -8,8 +8,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gitlab 1.0.0\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2017-07-13 12:07-0500\n"
-"PO-Revision-Date: 2017-07-13 12:07-0500\n"
+"POT-Creation-Date: 2017-08-18 14:15+0530\n"
+"PO-Revision-Date: 2017-08-18 14:15+0530\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 "Language: \n"
@@ -31,6 +31,23 @@ msgstr[1] ""
 msgid "%{commit_author_link} committed %{commit_timeago}"
 msgstr ""
 
+msgid "%{number_of_failures} of %{maximum_failures} failures. GitLab will allow access on the next attempt."
+msgstr ""
+
+msgid "%{number_of_failures} of %{maximum_failures} failures. GitLab will block access for %{number_of_seconds} seconds."
+msgstr ""
+
+msgid "%{number_of_failures} of %{maximum_failures} failures. GitLab will not retry automatically. Reset storage information when the problem is resolved."
+msgstr ""
+
+msgid "%{storage_name}: failed storage access attempt on host:"
+msgid_plural "%{storage_name}: %{failed_attempts} failed storage access attempts:"
+msgstr[0] ""
+msgstr[1] ""
+
+msgid "(checkout the %{link} for information on how to install it)."
+msgstr ""
+
 msgid "1 pipeline"
 msgid_plural "%d pipelines"
 msgstr[0] ""
@@ -42,6 +59,9 @@ msgstr ""
 msgid "About auto deploy"
 msgstr ""
 
+msgid "Access to failing storages has been temporarily disabled to allow the mount to recover. Reset storage information after the issue has been resolved to allow access again."
+msgstr ""
+
 msgid "Active"
 msgstr ""
 
@@ -63,12 +83,27 @@ msgstr ""
 msgid "Add new directory"
 msgstr ""
 
+msgid "All"
+msgstr ""
+
 msgid "Archived project! Repository is read-only"
 msgstr ""
 
 msgid "Are you sure you want to delete this pipeline schedule?"
 msgstr ""
 
+msgid "Are you sure you want to discard your changes?"
+msgstr ""
+
+msgid "Are you sure you want to reset registration token?"
+msgstr ""
+
+msgid "Are you sure you want to reset the health check token?"
+msgstr ""
+
+msgid "Are you sure?"
+msgstr ""
+
 msgid "Attach a file by drag &amp; drop or %{upload_link}"
 msgstr ""
 
@@ -110,6 +145,9 @@ msgstr ""
 msgid "Cancel"
 msgstr ""
 
+msgid "Cancel edit"
+msgstr ""
+
 msgid "ChangeTypeActionLabel|Pick into branch"
 msgstr ""
 
@@ -188,6 +226,9 @@ msgstr ""
 msgid "CiStatus|running"
 msgstr ""
 
+msgid "Comments"
+msgstr ""
+
 msgid "Commit"
 msgid_plural "Commits"
 msgstr[0] ""
@@ -235,6 +276,9 @@ msgstr ""
 msgid "Create New Directory"
 msgstr ""
 
+msgid "Create a new branch"
+msgstr ""
+
 msgid "Create a personal access token on your account to pull or push via %{protocol}."
 msgstr ""
 
@@ -312,9 +356,15 @@ msgstr[1] ""
 msgid "Description"
 msgstr ""
 
+msgid "Details"
+msgstr ""
+
 msgid "Directory name"
 msgstr ""
 
+msgid "Discard changes"
+msgstr ""
+
 msgid "Don't show again"
 msgstr ""
 
@@ -351,6 +401,24 @@ msgstr ""
 msgid "Edit Pipeline Schedule %{id}"
 msgstr ""
 
+msgid "EventFilterBy|Filter by all"
+msgstr ""
+
+msgid "EventFilterBy|Filter by comments"
+msgstr ""
+
+msgid "EventFilterBy|Filter by issue events"
+msgstr ""
+
+msgid "EventFilterBy|Filter by merge events"
+msgstr ""
+
+msgid "EventFilterBy|Filter by push events"
+msgstr ""
+
+msgid "EventFilterBy|Filter by team"
+msgstr ""
+
 msgid "Every day (at 4:00am)"
 msgstr ""
 
@@ -398,12 +466,36 @@ msgstr ""
 msgid "From merge request merge until deploy to production"
 msgstr ""
 
+msgid "Git storage health information has been reset"
+msgstr ""
+
+msgid "GitLab Runner section"
+msgstr ""
+
 msgid "Go to your fork"
 msgstr ""
 
 msgid "GoToYourFork|Fork"
 msgstr ""
 
+msgid "Health Check"
+msgstr ""
+
+msgid "Health information can be retrieved from the following endpoints. More information is available"
+msgstr ""
+
+msgid "HealthCheck|Access token is"
+msgstr ""
+
+msgid "HealthCheck|Healthy"
+msgstr ""
+
+msgid "HealthCheck|No Health Problems Detected"
+msgstr ""
+
+msgid "HealthCheck|Unhealthy"
+msgstr ""
+
 msgid "Home"
 msgstr ""
 
@@ -413,12 +505,18 @@ msgstr ""
 msgid "Import repository"
 msgstr ""
 
+msgid "Install a Runner compatible with GitLab CI"
+msgstr ""
+
 msgid "Interval Pattern"
 msgstr ""
 
 msgid "Introducing Cycle Analytics"
 msgstr ""
 
+msgid "Issue events"
+msgstr ""
+
 msgid "Jobs for last month"
 msgstr ""
 
@@ -448,6 +546,12 @@ msgstr ""
 msgid "Last commit"
 msgstr ""
 
+msgid "LastPushEvent|You pushed to"
+msgstr ""
+
+msgid "LastPushEvent|at"
+msgstr ""
+
 msgid "Learn more in the"
 msgstr ""
 
@@ -468,9 +572,15 @@ msgstr[1] ""
 msgid "Median"
 msgstr ""
 
+msgid "Merge events"
+msgstr ""
+
 msgid "MissingSSHKeyWarningLink|add an SSH key"
 msgstr ""
 
+msgid "More information is available|here"
+msgstr ""
+
 msgid "New Issue"
 msgid_plural "New Issues"
 msgstr[0] ""
@@ -668,6 +778,9 @@ msgstr ""
 msgid "Pipeline|with stages"
 msgstr ""
 
+msgid "Project"
+msgstr ""
+
 msgid "Project '%{project_name}' queued for deletion."
 msgstr ""
 
@@ -683,6 +796,9 @@ msgstr ""
 msgid "Project access must be granted explicitly to each user."
 msgstr ""
 
+msgid "Project details"
+msgstr ""
+
 msgid "Project export could not be deleted."
 msgstr ""
 
@@ -698,6 +814,9 @@ msgstr ""
 msgid "Project home"
 msgstr ""
 
+msgid "ProjectActivityRSS|Subscribe"
+msgstr ""
+
 msgid "ProjectFeature|Disabled"
 msgstr ""
 
@@ -719,6 +838,9 @@ msgstr ""
 msgid "ProjectNetworkGraph|Graph"
 msgstr ""
 
+msgid "Push events"
+msgstr ""
+
 msgid "Read more"
 msgstr ""
 
@@ -755,9 +877,21 @@ msgstr ""
 msgid "Remove project"
 msgstr ""
 
+msgid "Repository"
+msgstr ""
+
 msgid "Request Access"
 msgstr ""
 
+msgid "Reset git storage health information"
+msgstr ""
+
+msgid "Reset health check access token"
+msgstr ""
+
+msgid "Reset runners registration token"
+msgstr ""
+
 msgid "Revert this commit"
 msgstr ""
 
@@ -782,6 +916,9 @@ msgstr ""
 msgid "Select a timezone"
 msgstr ""
 
+msgid "Select existing branch"
+msgstr ""
+
 msgid "Select target branch"
 msgstr ""
 
@@ -808,12 +945,18 @@ msgstr[1] ""
 msgid "Source code"
 msgstr ""
 
+msgid "Specify the following URL during the Runner setup:"
+msgstr ""
+
 msgid "StarProject|Star"
 msgstr ""
 
 msgid "Start a %{new_merge_request} with these changes"
 msgstr ""
 
+msgid "Start the Runner!"
+msgstr ""
+
 msgid "Switch branch/tag"
 msgstr ""
 
@@ -828,6 +971,9 @@ msgstr ""
 msgid "Target Branch"
 msgstr ""
 
+msgid "Team"
+msgstr ""
+
 msgid "The coding stage shows the time from the first commit to creating the merge request. The data will automatically be added here once you create your first merge request."
 msgstr ""
 
@@ -876,6 +1022,9 @@ msgstr ""
 msgid "The value lying at the midpoint of a series of observed values. E.g., between 3, 5, 9, the median is 5. Between 3, 5, 7, 8, the median is (5+7)/2 = 6."
 msgstr ""
 
+msgid "There are problems accessing Git storage: "
+msgstr ""
+
 msgid "This means you can not push code until you create an empty repository or import existing one."
 msgstr ""
 
@@ -1045,6 +1194,9 @@ msgstr ""
 msgid "UploadLink|click to upload"
 msgstr ""
 
+msgid "Use the following registration token during setup:"
+msgstr ""
+
 msgid "Use your global notification setting"
 msgstr ""
 
diff --git a/package.json b/package.json
index cbb9be3a27f..1725658729a 100644
--- a/package.json
+++ b/package.json
@@ -20,7 +20,7 @@
     "babel-preset-latest": "^6.24.0",
     "babel-preset-stage-2": "^6.22.0",
     "bootstrap-sass": "^3.3.6",
-    "compression-webpack-plugin": "^0.3.2",
+    "compression-webpack-plugin": "^1.0.0",
     "copy-webpack-plugin": "^4.0.1",
     "core-js": "^2.4.1",
     "cropper": "^2.3.0",
@@ -63,7 +63,7 @@
     "vue-loader": "^11.3.4",
     "vue-resource": "^1.3.4",
     "vue-template-compiler": "^2.2.6",
-    "webpack": "^3.5.4",
+    "webpack": "^3.5.5",
     "webpack-bundle-analyzer": "^2.8.2",
     "webpack-stats-plugin": "^0.1.5"
   },
diff --git a/qa/qa/runtime/release.rb b/qa/qa/runtime/release.rb
index 4f83a773645..12e56404cf6 100644
--- a/qa/qa/runtime/release.rb
+++ b/qa/qa/runtime/release.rb
@@ -21,7 +21,7 @@ module QA
       end
 
       def self.method_missing(name, *args)
-        self.new.strategy.public_send(name, *args)
+        self.new.strategy.public_send(name, *args) # rubocop:disable GitlabSecurity/PublicSend
       end
     end
   end
diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb
index 5db42175c15..dbb0ae9c86e 100644
--- a/spec/features/admin/admin_settings_spec.rb
+++ b/spec/features/admin/admin_settings_spec.rb
@@ -74,7 +74,7 @@ feature 'Admin updates settings' do
   context 'sign-in restrictions', :js do
     it 'de-activates oauth sign-in source' do
       find('.btn', text: 'GitLab.com').click
-      
+
       expect(find('.btn', text: 'GitLab.com')).not_to have_css('.active')
     end
   end
diff --git a/spec/features/groups/milestone_spec.rb b/spec/features/groups/milestone_spec.rb
index 32b3e13c624..56144d17d4f 100644
--- a/spec/features/groups/milestone_spec.rb
+++ b/spec/features/groups/milestone_spec.rb
@@ -35,12 +35,12 @@ feature 'Group milestones', :js do
   context 'milestones list' do
     let!(:other_project) { create(:project_empty_repo, group: group) }
 
-    let!(:active_group_milestone) { create(:milestone, group: group, state: 'active') }
     let!(:active_project_milestone1) { create(:milestone, project: project, state: 'active', title: 'v1.0') }
     let!(:active_project_milestone2) { create(:milestone, project: other_project, state: 'active', title: 'v1.0') }
-    let!(:closed_group_milestone) { create(:milestone, group: group, state: 'closed') }
     let!(:closed_project_milestone1) { create(:milestone, project: project, state: 'closed', title: 'v2.0') }
     let!(:closed_project_milestone2) { create(:milestone, project: other_project, state: 'closed', title: 'v2.0') }
+    let!(:active_group_milestone) { create(:milestone, group: group, state: 'active') }
+    let!(:closed_group_milestone) { create(:milestone, group: group, state: 'closed') }
 
     before do
       visit group_milestones_path(group)
@@ -58,5 +58,30 @@ feature 'Group milestones', :js do
       expect(page).to have_selector("#milestone_#{active_group_milestone.id}", count: 1)
       expect(page).to have_selector("#milestone_#{legacy_milestone.milestones.first.id}", count: 1)
     end
+
+    it 'updates milestone' do
+      page.within(".milestones #milestone_#{active_group_milestone.id}") do
+        click_link('Edit')
+      end
+
+      page.within('.milestone-form') do
+        fill_in 'milestone_title', with: 'new title'
+        click_button('Update milestone')
+      end
+
+      expect(find('#content-body h2')).to have_content('new title')
+    end
+
+    it 'shows milestone detail and supports its edit' do
+      page.within(".milestones #milestone_#{active_group_milestone.id}") do
+        click_link(active_group_milestone.title)
+      end
+
+      page.within('.detail-page-header') do
+        click_link('Edit')
+      end
+
+      expect(page).to have_selector('.milestone-form')
+    end
   end
 end
diff --git a/spec/features/help_pages_spec.rb b/spec/features/help_pages_spec.rb
index bd4f233cba9..93be3b066ee 100644
--- a/spec/features/help_pages_spec.rb
+++ b/spec/features/help_pages_spec.rb
@@ -50,7 +50,7 @@ describe 'Help Pages' do
 
     it 'hides the version check image if the image request fails' do
       # We use '--load-images=yes' with poltergeist so the image fails to load
-      expect(find('.js-version-status-badge', visible: false)).not_to be_visible
+      expect(page).to have_selector('.js-version-status-badge', visible: false)
     end
   end
 
diff --git a/spec/features/issues/filtered_search/dropdown_assignee_spec.rb b/spec/features/issues/filtered_search/dropdown_assignee_spec.rb
index a69bd8a09b7..2cc027aac9e 100644
--- a/spec/features/issues/filtered_search/dropdown_assignee_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_assignee_spec.rb
@@ -134,8 +134,10 @@ describe 'Dropdown assignee', :js do
     it 'fills in the assignee username when the assignee has not been filtered' do
       click_assignee(user_jacob.name)
 
+      wait_for_requests
+
       expect(page).to have_css(js_dropdown_assignee, visible: false)
-      expect_tokens([{ name: 'assignee', value: "@#{user_jacob.username}" }])
+      expect_tokens([assignee_token(user_jacob.name)])
       expect_filtered_search_input_empty
     end
 
@@ -143,8 +145,10 @@ describe 'Dropdown assignee', :js do
       filtered_search.send_keys('roo')
       click_assignee(user.name)
 
+      wait_for_requests
+
       expect(page).to have_css(js_dropdown_assignee, visible: false)
-      expect_tokens([{ name: 'assignee', value: "@#{user.username}" }])
+      expect_tokens([assignee_token(user.name)])
       expect_filtered_search_input_empty
     end
 
@@ -152,7 +156,7 @@ describe 'Dropdown assignee', :js do
       find('#js-dropdown-assignee .filter-dropdown-item', text: 'No Assignee').click
 
       expect(page).to have_css(js_dropdown_assignee, visible: false)
-      expect_tokens([{ name: 'assignee', value: 'none' }])
+      expect_tokens([assignee_token('none')])
       expect_filtered_search_input_empty
     end
   end
@@ -171,7 +175,7 @@ describe 'Dropdown assignee', :js do
       find('#js-dropdown-assignee .filter-dropdown-item', text: user.username).click
 
       expect(page).to have_css(js_dropdown_assignee, visible: false)
-      expect_tokens([{ name: 'assignee', value: user.username }])
+      expect_tokens([assignee_token(user.username)])
       expect_filtered_search_input_empty
     end
   end
diff --git a/spec/features/issues/filtered_search/dropdown_author_spec.rb b/spec/features/issues/filtered_search/dropdown_author_spec.rb
index 4bbf18e1dbe..975dc035f2d 100644
--- a/spec/features/issues/filtered_search/dropdown_author_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_author_spec.rb
@@ -121,16 +121,20 @@ describe 'Dropdown author', js: true do
     it 'fills in the author username when the author has not been filtered' do
       click_author(user_jacob.name)
 
+      wait_for_requests
+
       expect(page).to have_css(js_dropdown_author, visible: false)
-      expect_tokens([{ name: 'author', value: "@#{user_jacob.username}" }])
+      expect_tokens([author_token(user_jacob.name)])
       expect_filtered_search_input_empty
     end
 
     it 'fills in the author username when the author has been filtered' do
       click_author(user.name)
 
+      wait_for_requests
+
       expect(page).to have_css(js_dropdown_author, visible: false)
-      expect_tokens([{ name: 'author', value: "@#{user.username}" }])
+      expect_tokens([author_token(user.name)])
       expect_filtered_search_input_empty
     end
   end
@@ -149,7 +153,7 @@ describe 'Dropdown author', js: true do
       find('#js-dropdown-author .filter-dropdown-item', text: user.username).click
 
       expect(page).to have_css(js_dropdown_author, visible: false)
-      expect_tokens([{ name: 'author', value: user.username }])
+      expect_tokens([author_token(user.username)])
       expect_filtered_search_input_empty
     end
   end
diff --git a/spec/features/issues/filtered_search/dropdown_label_spec.rb b/spec/features/issues/filtered_search/dropdown_label_spec.rb
index 67eb0ef0119..e84b07ec2ef 100644
--- a/spec/features/issues/filtered_search/dropdown_label_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_label_spec.rb
@@ -47,7 +47,7 @@ describe 'Dropdown label', js: true do
 
       filtered_search.native.send_keys(:down, :down, :enter)
 
-      expect_tokens([{ name: 'label', value: "~#{bug_label.title}" }])
+      expect_tokens([label_token(bug_label.title)])
       expect_filtered_search_input_empty
     end
   end
@@ -178,7 +178,7 @@ describe 'Dropdown label', js: true do
       click_label(bug_label.title)
 
       expect(page).not_to have_css(js_dropdown_label)
-      expect_tokens([{ name: 'label', value: "~#{bug_label.title}" }])
+      expect_tokens([label_token(bug_label.title)])
       expect_filtered_search_input_empty
     end
 
@@ -187,7 +187,7 @@ describe 'Dropdown label', js: true do
       click_label(bug_label.title)
 
       expect(page).not_to have_css(js_dropdown_label)
-      expect_tokens([{ name: 'label', value: "~#{bug_label.title}" }])
+      expect_tokens([label_token(bug_label.title)])
       expect_filtered_search_input_empty
     end
 
@@ -195,7 +195,7 @@ describe 'Dropdown label', js: true do
       click_label(two_words_label.title)
 
       expect(page).not_to have_css(js_dropdown_label)
-      expect_tokens([{ name: 'label', value: "\"#{two_words_label.title}\"" }])
+      expect_tokens([label_token("\"#{two_words_label.title}\"")])
       expect_filtered_search_input_empty
     end
 
@@ -203,7 +203,7 @@ describe 'Dropdown label', js: true do
       click_label(long_label.title)
 
       expect(page).not_to have_css(js_dropdown_label)
-      expect_tokens([{ name: 'label', value: "\"#{long_label.title}\"" }])
+      expect_tokens([label_token("\"#{long_label.title}\"")])
       expect_filtered_search_input_empty
     end
 
@@ -211,7 +211,7 @@ describe 'Dropdown label', js: true do
       click_label(wont_fix_label.title)
 
       expect(page).not_to have_css(js_dropdown_label)
-      expect_tokens([{ name: 'label', value: "~'#{wont_fix_label.title}'" }])
+      expect_tokens([label_token("'#{wont_fix_label.title}'")])
       expect_filtered_search_input_empty
     end
 
@@ -219,7 +219,7 @@ describe 'Dropdown label', js: true do
       click_label(uppercase_label.title)
 
       expect(page).not_to have_css(js_dropdown_label)
-      expect_tokens([{ name: 'label', value: "~#{uppercase_label.title}" }])
+      expect_tokens([label_token(uppercase_label.title)])
       expect_filtered_search_input_empty
     end
 
@@ -227,7 +227,7 @@ describe 'Dropdown label', js: true do
       click_label(special_label.title)
 
       expect(page).not_to have_css(js_dropdown_label)
-      expect_tokens([{ name: 'label', value: "~#{special_label.title}" }])
+      expect_tokens([label_token(special_label.title)])
       expect_filtered_search_input_empty
     end
 
@@ -235,7 +235,7 @@ describe 'Dropdown label', js: true do
       find("#{js_dropdown_label} .filter-dropdown-item", text: 'No Label').click
 
       expect(page).not_to have_css(js_dropdown_label)
-      expect_tokens([{ name: 'label', value: 'none' }])
+      expect_tokens([label_token('none', false)])
       expect_filtered_search_input_empty
     end
   end
diff --git a/spec/features/issues/filtered_search/dropdown_milestone_spec.rb b/spec/features/issues/filtered_search/dropdown_milestone_spec.rb
index 456eb05f241..5f99921ae2e 100644
--- a/spec/features/issues/filtered_search/dropdown_milestone_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_milestone_spec.rb
@@ -134,7 +134,7 @@ describe 'Dropdown milestone', :js do
       click_milestone(milestone.title)
 
       expect(page).to have_css(js_dropdown_milestone, visible: false)
-      expect_tokens([{ name: 'milestone', value: "%#{milestone.title}" }])
+      expect_tokens([milestone_token(milestone.title)])
       expect_filtered_search_input_empty
     end
 
@@ -143,7 +143,7 @@ describe 'Dropdown milestone', :js do
       click_milestone(milestone.title)
 
       expect(page).to have_css(js_dropdown_milestone, visible: false)
-      expect_tokens([{ name: 'milestone', value: "%#{milestone.title}" }])
+      expect_tokens([milestone_token(milestone.title)])
       expect_filtered_search_input_empty
     end
 
@@ -151,7 +151,7 @@ describe 'Dropdown milestone', :js do
       click_milestone(two_words_milestone.title)
 
       expect(page).to have_css(js_dropdown_milestone, visible: false)
-      expect_tokens([{ name: 'milestone', value: "%\"#{two_words_milestone.title}\"" }])
+      expect_tokens([milestone_token("\"#{two_words_milestone.title}\"")])
       expect_filtered_search_input_empty
     end
 
@@ -159,7 +159,7 @@ describe 'Dropdown milestone', :js do
       click_milestone(long_milestone.title)
 
       expect(page).to have_css(js_dropdown_milestone, visible: false)
-      expect_tokens([{ name: 'milestone', value: "%\"#{long_milestone.title}\"" }])
+      expect_tokens([milestone_token("\"#{long_milestone.title}\"")])
       expect_filtered_search_input_empty
     end
 
@@ -167,7 +167,7 @@ describe 'Dropdown milestone', :js do
       click_milestone(wont_fix_milestone.title)
 
       expect(page).to have_css(js_dropdown_milestone, visible: false)
-      expect_tokens([{ name: 'milestone', value: "%'#{wont_fix_milestone.title}'" }])
+      expect_tokens([milestone_token("'#{wont_fix_milestone.title}'")])
       expect_filtered_search_input_empty
     end
 
@@ -175,7 +175,7 @@ describe 'Dropdown milestone', :js do
       click_milestone(uppercase_milestone.title)
 
       expect(page).to have_css(js_dropdown_milestone, visible: false)
-      expect_tokens([{ name: 'milestone', value: "%#{uppercase_milestone.title}" }])
+      expect_tokens([milestone_token(uppercase_milestone.title)])
       expect_filtered_search_input_empty
     end
 
@@ -183,7 +183,7 @@ describe 'Dropdown milestone', :js do
       click_milestone(special_milestone.title)
 
       expect(page).to have_css(js_dropdown_milestone, visible: false)
-      expect_tokens([{ name: 'milestone', value: "%#{special_milestone.title}" }])
+      expect_tokens([milestone_token(special_milestone.title)])
       expect_filtered_search_input_empty
     end
 
@@ -191,7 +191,7 @@ describe 'Dropdown milestone', :js do
       click_static_milestone('No Milestone')
 
       expect(page).to have_css(js_dropdown_milestone, visible: false)
-      expect_tokens([{ name: 'milestone', value: 'none' }])
+      expect_tokens([milestone_token('none', false)])
       expect_filtered_search_input_empty
     end
 
@@ -199,7 +199,7 @@ describe 'Dropdown milestone', :js do
       click_static_milestone('Upcoming')
 
       expect(page).to have_css(js_dropdown_milestone, visible: false)
-      expect_tokens([{ name: 'milestone', value: 'upcoming' }])
+      expect_tokens([milestone_token('upcoming', false)])
       expect_filtered_search_input_empty
     end
 
@@ -207,7 +207,7 @@ describe 'Dropdown milestone', :js do
       click_static_milestone('Started')
 
       expect(page).to have_css(js_dropdown_milestone, visible: false)
-      expect_tokens([{ name: 'milestone', value: 'started' }])
+      expect_tokens([milestone_token('started', false)])
       expect_filtered_search_input_empty
     end
   end
diff --git a/spec/features/issues/filtered_search/filter_issues_spec.rb b/spec/features/issues/filtered_search/filter_issues_spec.rb
index cd2cbf4bfe7..2070043d842 100644
--- a/spec/features/issues/filtered_search/filter_issues_spec.rb
+++ b/spec/features/issues/filtered_search/filter_issues_spec.rb
@@ -97,7 +97,9 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched author' do
         input_filtered_search("author:@#{user.username}")
 
-        expect_tokens([{ name: 'author', value: user.username }])
+        wait_for_requests
+
+        expect_tokens([author_token(user.name)])
         expect_issues_list_count(5)
         expect_filtered_search_input_empty
       end
@@ -117,7 +119,9 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched author and text' do
         input_filtered_search("author:@#{user.username} #{search_term}")
 
-        expect_tokens([{ name: 'author', value: user.username }])
+        wait_for_requests
+
+        expect_tokens([author_token(user.name)])
         expect_issues_list_count(3)
         expect_filtered_search_input(search_term)
       end
@@ -125,10 +129,9 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched author, assignee and text' do
         input_filtered_search("author:@#{user.username} assignee:@#{user.username} #{search_term}")
 
-        expect_tokens([
-          { name: 'author', value: user.username },
-          { name: 'assignee', value: user.username }
-        ])
+        wait_for_requests
+
+        expect_tokens([author_token(user.name), assignee_token(user.name)])
         expect_issues_list_count(3)
         expect_filtered_search_input(search_term)
       end
@@ -136,10 +139,12 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched author, assignee, label, and text' do
         input_filtered_search("author:@#{user.username} assignee:@#{user.username} label:~#{caps_sensitive_label.title} #{search_term}")
 
+        wait_for_requests
+
         expect_tokens([
-          { name: 'author', value: user.username },
-          { name: 'assignee', value: user.username },
-          { name: 'label', value: caps_sensitive_label.title }
+          author_token(user.name),
+          assignee_token(user.name),
+          label_token(caps_sensitive_label.title)
         ])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
@@ -148,11 +153,13 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched author, assignee, label, milestone and text' do
         input_filtered_search("author:@#{user.username} assignee:@#{user.username} label:~#{caps_sensitive_label.title} milestone:%#{milestone.title} #{search_term}")
 
+        wait_for_requests
+
         expect_tokens([
-          { name: 'author', value: user.username },
-          { name: 'assignee', value: user.username },
-          { name: 'label', value: caps_sensitive_label.title },
-          { name: 'milestone', value: milestone.title }
+          author_token(user.name),
+          assignee_token(user.name),
+          label_token(caps_sensitive_label.title),
+          milestone_token(milestone.title)
         ])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
@@ -169,7 +176,9 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched assignee' do
         input_filtered_search("assignee:@#{user.username}")
 
-        expect_tokens([{ name: 'assignee', value: user.username }])
+        wait_for_requests
+
+        expect_tokens([assignee_token(user.name)])
         expect_issues_list_count(5)
         expect_filtered_search_input_empty
       end
@@ -177,7 +186,7 @@ describe 'Filter issues', js: true do
       it 'filters issues by no assignee' do
         input_filtered_search('assignee:none')
 
-        expect_tokens([{ name: 'assignee', value: 'none' }])
+        expect_tokens([assignee_token('none')])
         expect_issues_list_count(8, 1)
         expect_filtered_search_input_empty
       end
@@ -197,7 +206,9 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched assignee and text' do
         input_filtered_search("assignee:@#{user.username} #{search_term}")
 
-        expect_tokens([{ name: 'assignee', value: user.username }])
+        wait_for_requests
+
+        expect_tokens([assignee_token(user.name)])
         expect_issues_list_count(2)
         expect_filtered_search_input(search_term)
       end
@@ -205,10 +216,9 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched assignee, author and text' do
         input_filtered_search("assignee:@#{user.username} author:@#{user.username} #{search_term}")
 
-        expect_tokens([
-          { name: 'assignee', value: user.username },
-          { name: 'author', value: user.username }
-        ])
+        wait_for_requests
+
+        expect_tokens([assignee_token(user.name), author_token(user.name)])
         expect_issues_list_count(2)
         expect_filtered_search_input(search_term)
       end
@@ -216,10 +226,12 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched assignee, author, label, text' do
         input_filtered_search("assignee:@#{user.username} author:@#{user.username} label:~#{caps_sensitive_label.title} #{search_term}")
 
+        wait_for_requests
+
         expect_tokens([
-          { name: 'assignee', value: user.username },
-          { name: 'author', value: user.username },
-          { name: 'label', value: caps_sensitive_label.title }
+          assignee_token(user.name),
+          author_token(user.name),
+          label_token(caps_sensitive_label.title)
         ])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
@@ -229,10 +241,10 @@ describe 'Filter issues', js: true do
         input_filtered_search("assignee:@#{user.username} author:@#{user.username} label:~#{caps_sensitive_label.title} milestone:%#{milestone.title} #{search_term}")
 
         expect_tokens([
-          { name: 'assignee', value: user.username },
-          { name: 'author', value: user.username },
-          { name: 'label', value: caps_sensitive_label.title },
-          { name: 'milestone', value: milestone.title }
+          assignee_token(user.name),
+          author_token(user.name),
+          label_token(caps_sensitive_label.title),
+          milestone_token(milestone.title)
         ])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
@@ -253,7 +265,7 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched label' do
         input_filtered_search("label:~#{bug_label.title}")
 
-        expect_tokens([{ name: 'label', value: bug_label.title }])
+        expect_tokens([label_token(bug_label.title)])
         expect_issues_list_count(2)
         expect_filtered_search_input_empty
       end
@@ -261,7 +273,7 @@ describe 'Filter issues', js: true do
       it 'filters issues by no label' do
         input_filtered_search('label:none')
 
-        expect_tokens([{ name: 'label', value: 'none' }])
+        expect_tokens([label_token('none', false)])
         expect_issues_list_count(9, 1)
         expect_filtered_search_input_empty
       end
@@ -274,8 +286,8 @@ describe 'Filter issues', js: true do
         input_filtered_search("label:~#{bug_label.title} label:~#{caps_sensitive_label.title}")
 
         expect_tokens([
-          { name: 'label', value: bug_label.title },
-          { name: 'label', value: caps_sensitive_label.title }
+          label_token(bug_label.title),
+          label_token(caps_sensitive_label.title)
         ])
         expect_issues_list_count(1)
         expect_filtered_search_input_empty
@@ -287,7 +299,8 @@ describe 'Filter issues', js: true do
         special_issue.labels << special_label
 
         input_filtered_search("label:~#{special_label.title}")
-        expect_tokens([{ name: 'label', value: special_label.title }])
+
+        expect_tokens([label_token(special_label.title)])
         expect_issues_list_count(1)
         expect_filtered_search_input_empty
       end
@@ -297,7 +310,7 @@ describe 'Filter issues', js: true do
 
         input_filtered_search("label:~#{new_label.title}")
 
-        expect_tokens([{ name: 'label', value: new_label.title }])
+        expect_tokens([label_token(new_label.title)])
         expect_no_issues_list()
         expect_filtered_search_input_empty
       end
@@ -311,25 +324,27 @@ describe 'Filter issues', js: true do
 
         input_filtered_search("label:~'#{special_multiple_label.title}'")
 
-        # filtered search defaults quotations to double quotes
-        expect_tokens([{ name: 'label', value: "\"#{special_multiple_label.title}\"" }])
+        # Check for search results (which makes sure that the page has changed)
         expect_issues_list_count(1)
 
+        # filtered search defaults quotations to double quotes
+        expect_tokens([label_token("\"#{special_multiple_label.title}\"")])
+
         expect_filtered_search_input_empty
       end
 
       it 'single quotes' do
         input_filtered_search("label:~'#{multiple_words_label.title}'")
 
-        expect_tokens([{ name: 'label', value: "\"#{multiple_words_label.title}\"" }])
         expect_issues_list_count(1)
+        expect_tokens([label_token("\"#{multiple_words_label.title}\"")])
         expect_filtered_search_input_empty
       end
 
       it 'double quotes' do
         input_filtered_search("label:~\"#{multiple_words_label.title}\"")
 
-        expect_tokens([{ name: 'label', value: "\"#{multiple_words_label.title}\"" }])
+        expect_tokens([label_token("\"#{multiple_words_label.title}\"")])
         expect_issues_list_count(1)
         expect_filtered_search_input_empty
       end
@@ -341,7 +356,7 @@ describe 'Filter issues', js: true do
 
         input_filtered_search("label:~'#{double_quotes_label.title}'")
 
-        expect_tokens([{ name: 'label', value: "'#{double_quotes_label.title}'" }])
+        expect_tokens([label_token("'#{double_quotes_label.title}'")])
         expect_issues_list_count(1)
         expect_filtered_search_input_empty
       end
@@ -353,7 +368,7 @@ describe 'Filter issues', js: true do
 
         input_filtered_search("label:~\"#{single_quotes_label.title}\"")
 
-        expect_tokens([{ name: 'label', value: "\"#{single_quotes_label.title}\"" }])
+        expect_tokens([label_token("\"#{single_quotes_label.title}\"")])
         expect_issues_list_count(1)
         expect_filtered_search_input_empty
       end
@@ -363,7 +378,7 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched label and text' do
         input_filtered_search("label:~#{caps_sensitive_label.title} #{search_term}")
 
-        expect_tokens([{ name: 'label', value: caps_sensitive_label.title }])
+        expect_tokens([label_token(caps_sensitive_label.title)])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
       end
@@ -371,10 +386,9 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched label, author and text' do
         input_filtered_search("label:~#{caps_sensitive_label.title} author:@#{user.username} #{search_term}")
 
-        expect_tokens([
-          { name: 'label', value: caps_sensitive_label.title },
-          { name: 'author', value: user.username }
-        ])
+        wait_for_requests
+
+        expect_tokens([label_token(caps_sensitive_label.title), author_token(user.name)])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
       end
@@ -382,10 +396,12 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched label, author, assignee and text' do
         input_filtered_search("label:~#{caps_sensitive_label.title} author:@#{user.username} assignee:@#{user.username} #{search_term}")
 
+        wait_for_requests
+
         expect_tokens([
-          { name: 'label', value: caps_sensitive_label.title },
-          { name: 'author', value: user.username },
-          { name: 'assignee', value: user.username }
+          label_token(caps_sensitive_label.title),
+          author_token(user.name),
+          assignee_token(user.name)
         ])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
@@ -395,10 +411,10 @@ describe 'Filter issues', js: true do
         input_filtered_search("label:~#{caps_sensitive_label.title} author:@#{user.username} assignee:@#{user.username} milestone:%#{milestone.title} #{search_term}")
 
         expect_tokens([
-          { name: 'label', value: caps_sensitive_label.title },
-          { name: 'author', value: user.username },
-          { name: 'assignee', value: user.username },
-          { name: 'milestone', value: milestone.title }
+          label_token(caps_sensitive_label.title),
+          author_token(user.name),
+          assignee_token(user.name),
+          milestone_token(milestone.title)
         ])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
@@ -410,8 +426,8 @@ describe 'Filter issues', js: true do
         input_filtered_search("label:~#{bug_label.title} label:~#{caps_sensitive_label.title} #{search_term}")
 
         expect_tokens([
-          { name: 'label', value: bug_label.title },
-          { name: 'label', value: caps_sensitive_label.title }
+          label_token(bug_label.title),
+          label_token(caps_sensitive_label.title)
         ])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
@@ -420,10 +436,12 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched label, label2, author and text' do
         input_filtered_search("label:~#{bug_label.title} label:~#{caps_sensitive_label.title} author:@#{user.username} #{search_term}")
 
+        wait_for_requests
+
         expect_tokens([
-          { name: 'label', value: bug_label.title },
-          { name: 'label', value: caps_sensitive_label.title },
-          { name: 'author', value: user.username }
+          label_token(bug_label.title),
+          label_token(caps_sensitive_label.title),
+          author_token(user.name)
         ])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
@@ -432,11 +450,13 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched label, label2, author, assignee and text' do
         input_filtered_search("label:~#{bug_label.title} label:~#{caps_sensitive_label.title} author:@#{user.username} assignee:@#{user.username} #{search_term}")
 
+        wait_for_requests
+
         expect_tokens([
-          { name: 'label', value: bug_label.title },
-          { name: 'label', value: caps_sensitive_label.title },
-          { name: 'author', value: user.username },
-          { name: 'assignee', value: user.username }
+          label_token(bug_label.title),
+          label_token(caps_sensitive_label.title),
+          author_token(user.name),
+          assignee_token(user.name)
         ])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
@@ -445,12 +465,14 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched label, label2, author, assignee, milestone and text' do
         input_filtered_search("label:~#{bug_label.title} label:~#{caps_sensitive_label.title} author:@#{user.username} assignee:@#{user.username} milestone:%#{milestone.title} #{search_term}")
 
+        wait_for_requests
+
         expect_tokens([
-          { name: 'label', value: bug_label.title },
-          { name: 'label', value: caps_sensitive_label.title },
-          { name: 'author', value: user.username },
-          { name: 'assignee', value: user.username },
-          { name: 'milestone', value: milestone.title }
+          label_token(bug_label.title),
+          label_token(caps_sensitive_label.title),
+          author_token(user.name),
+          assignee_token(user.name),
+          milestone_token(milestone.title)
         ])
         expect_issues_list_count(1)
         expect_filtered_search_input(search_term)
@@ -467,7 +489,7 @@ describe 'Filter issues', js: true do
       end
 
       it 'displays in search bar' do
-        expect_tokens([{ name: 'label', value: "\"#{multiple_words_label.title}\"" }])
+        expect_tokens([label_token("\"#{multiple_words_label.title}\"")])
         expect_filtered_search_input_empty
       end
     end
@@ -484,7 +506,7 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched milestone' do
         input_filtered_search("milestone:%#{milestone.title}")
 
-        expect_tokens([{ name: 'milestone', value: milestone.title }])
+        expect_tokens([milestone_token(milestone.title)])
         expect_issues_list_count(5)
         expect_filtered_search_input_empty
       end
@@ -492,7 +514,7 @@ describe 'Filter issues', js: true do
       it 'filters issues by no milestone' do
         input_filtered_search("milestone:none")
 
-        expect_tokens([{ name: 'milestone', value: 'none' }])
+        expect_tokens([milestone_token('none', false)])
         expect_issues_list_count(7, 1)
         expect_filtered_search_input_empty
       end
@@ -500,7 +522,7 @@ describe 'Filter issues', js: true do
       it 'filters issues by upcoming milestones' do
         input_filtered_search("milestone:upcoming")
 
-        expect_tokens([{ name: 'milestone', value: 'upcoming' }])
+        expect_tokens([milestone_token('upcoming', false)])
         expect_issues_list_count(1)
         expect_filtered_search_input_empty
       end
@@ -508,7 +530,7 @@ describe 'Filter issues', js: true do
       it 'filters issues by started milestones' do
         input_filtered_search("milestone:started")
 
-        expect_tokens([{ name: 'milestone', value: 'started' }])
+        expect_tokens([milestone_token('started', false)])
         expect_issues_list_count(5)
         expect_filtered_search_input_empty
       end
@@ -527,7 +549,7 @@ describe 'Filter issues', js: true do
 
         input_filtered_search("milestone:%#{special_milestone.title}")
 
-        expect_tokens([{ name: 'milestone', value: special_milestone.title }])
+        expect_tokens([milestone_token(special_milestone.title)])
         expect_issues_list_count(1)
         expect_filtered_search_input_empty
       end
@@ -537,7 +559,7 @@ describe 'Filter issues', js: true do
 
         input_filtered_search("milestone:%#{new_milestone.title}")
 
-        expect_tokens([{ name: 'milestone', value: new_milestone.title }])
+        expect_tokens([milestone_token(new_milestone.title)])
         expect_no_issues_list()
         expect_filtered_search_input_empty
       end
@@ -549,7 +571,7 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched milestone and text' do
         input_filtered_search("milestone:%#{milestone.title} #{search_term}")
 
-        expect_tokens([{ name: 'milestone', value: milestone.title }])
+        expect_tokens([milestone_token(milestone.title)])
         expect_issues_list_count(2)
         expect_filtered_search_input(search_term)
       end
@@ -557,9 +579,11 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched milestone, author and text' do
         input_filtered_search("milestone:%#{milestone.title} author:@#{user.username} #{search_term}")
 
+        wait_for_requests
+
         expect_tokens([
-          { name: 'milestone', value: milestone.title },
-          { name: 'author', value: user.username }
+          milestone_token(milestone.title),
+          author_token(user.name)
         ])
         expect_issues_list_count(2)
         expect_filtered_search_input(search_term)
@@ -568,10 +592,12 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched milestone, author, assignee and text' do
         input_filtered_search("milestone:%#{milestone.title} author:@#{user.username} assignee:@#{user.username} #{search_term}")
 
+        wait_for_requests
+
         expect_tokens([
-          { name: 'milestone', value: milestone.title },
-          { name: 'author', value: user.username },
-          { name: 'assignee', value: user.username }
+          milestone_token(milestone.title),
+          author_token(user.name),
+          assignee_token(user.name)
         ])
         expect_issues_list_count(2)
         expect_filtered_search_input(search_term)
@@ -580,11 +606,13 @@ describe 'Filter issues', js: true do
       it 'filters issues by searched milestone, author, assignee, label and text' do
         input_filtered_search("milestone:%#{milestone.title} author:@#{user.username} assignee:@#{user.username} label:~#{bug_label.title} #{search_term}")
 
+        wait_for_requests
+
         expect_tokens([
-          { name: 'milestone', value: milestone.title },
-          { name: 'author', value: user.username },
-          { name: 'assignee', value: user.username },
-          { name: 'label', value: bug_label.title }
+          milestone_token(milestone.title),
+          author_token(user.name),
+          assignee_token(user.name),
+          label_token(bug_label.title)
         ])
         expect_issues_list_count(2)
         expect_filtered_search_input(search_term)
diff --git a/spec/features/issues/filtered_search/search_bar_spec.rb b/spec/features/issues/filtered_search/search_bar_spec.rb
index aa9d0d842de..a432d031337 100644
--- a/spec/features/issues/filtered_search/search_bar_spec.rb
+++ b/spec/features/issues/filtered_search/search_bar_spec.rb
@@ -32,7 +32,7 @@ describe 'Search bar', js: true do
     it 'selects item' do
       filtered_search.native.send_keys(:down, :down, :enter)
 
-      expect_tokens([{ name: 'author' }])
+      expect_tokens([author_token])
       expect_filtered_search_input_empty
     end
   end
diff --git a/spec/features/issues/filtered_search/visual_tokens_spec.rb b/spec/features/issues/filtered_search/visual_tokens_spec.rb
index 52efe944b69..14a555fde10 100644
--- a/spec/features/issues/filtered_search/visual_tokens_spec.rb
+++ b/spec/features/issues/filtered_search/visual_tokens_spec.rb
@@ -346,8 +346,8 @@ describe 'Visual tokens', js: true do
 
     it 'tokenizes the search term to complete visual token' do
       expect_tokens([
-        { name: 'author', value: '@root' },
-        { name: 'assignee', value: 'none' }
+        author_token(user.name),
+        assignee_token('none')
       ])
     end
   end
diff --git a/spec/features/issues_spec.rb b/spec/features/issues_spec.rb
index 3c8e37ff920..3ffc80622f5 100644
--- a/spec/features/issues_spec.rb
+++ b/spec/features/issues_spec.rb
@@ -708,7 +708,7 @@ describe 'Issues' do
   end
 
   describe 'confidential issue#show', js: true do
-    it 'shows confidential sibebar information as confidential and can be turned off' do 
+    it 'shows confidential sibebar information as confidential and can be turned off' do
       issue = create(:issue, :confidential, project: project)
 
       visit project_issue_path(project, issue)
diff --git a/spec/features/merge_requests/conflicts_spec.rb b/spec/features/merge_requests/conflicts_spec.rb
index 2c560632a1b..2d2c674f8fb 100644
--- a/spec/features/merge_requests/conflicts_spec.rb
+++ b/spec/features/merge_requests/conflicts_spec.rb
@@ -28,11 +28,12 @@ feature 'Merge request conflict resolution', js: true do
       end
 
       click_button 'Commit conflict resolution'
-      wait_for_requests
 
       expect(page).to have_content('All merge conflicts were resolved')
       merge_request.reload_diff
 
+      wait_for_requests
+
       click_on 'Changes'
       wait_for_requests
 
@@ -69,10 +70,12 @@ feature 'Merge request conflict resolution', js: true do
       end
 
       click_button 'Commit conflict resolution'
-      wait_for_requests
+
       expect(page).to have_content('All merge conflicts were resolved')
       merge_request.reload_diff
 
+      wait_for_requests
+
       click_on 'Changes'
       wait_for_requests
 
@@ -140,12 +143,13 @@ feature 'Merge request conflict resolution', js: true do
         end
 
         click_button 'Commit conflict resolution'
-        wait_for_requests
 
         expect(page).to have_content('All merge conflicts were resolved')
 
         merge_request.reload_diff
 
+        wait_for_requests
+
         click_on 'Changes'
         wait_for_requests
         click_link 'Expand all'
diff --git a/spec/features/merge_requests/filter_by_milestone_spec.rb b/spec/features/merge_requests/filter_by_milestone_spec.rb
index 521fcabc881..166c02a7a7f 100644
--- a/spec/features/merge_requests/filter_by_milestone_spec.rb
+++ b/spec/features/merge_requests/filter_by_milestone_spec.rb
@@ -25,7 +25,7 @@ feature 'Merge Request filtering by Milestone' do
     visit_merge_requests(project)
     input_filtered_search('milestone:none')
 
-    expect_tokens([{ name: 'milestone', value: 'none' }])
+    expect_tokens([milestone_token('none', false)])
     expect_filtered_search_input_empty
 
     expect(page).to have_issuable_counts(open: 1, closed: 0, all: 1)
diff --git a/spec/features/merge_requests/filter_merge_requests_spec.rb b/spec/features/merge_requests/filter_merge_requests_spec.rb
index 3686131fee4..b51ae0890e4 100644
--- a/spec/features/merge_requests/filter_merge_requests_spec.rb
+++ b/spec/features/merge_requests/filter_merge_requests_spec.rb
@@ -24,7 +24,9 @@ describe 'Filter merge requests' do
     let(:search_query) { "assignee:@#{user.username}" }
 
     def expect_assignee_visual_tokens
-      expect_tokens([{ name: 'assignee', value: "@#{user.username}" }])
+      wait_for_requests
+
+      expect_tokens([assignee_token(user.name)])
       expect_filtered_search_input_empty
     end
 
@@ -57,7 +59,7 @@ describe 'Filter merge requests' do
     let(:search_query) { "milestone:%\"#{milestone.title}\"" }
 
     def expect_milestone_visual_tokens
-      expect_tokens([{ name: 'milestone', value: "%\"#{milestone.title}\"" }])
+      expect_tokens([milestone_token("\"#{milestone.title}\"")])
       expect_filtered_search_input_empty
     end
 
@@ -91,7 +93,7 @@ describe 'Filter merge requests' do
       input_filtered_search('label:none')
 
       expect_mr_list_count(1)
-      expect_tokens([{ name: 'label', value: 'none' }])
+      expect_tokens([label_token('none', false)])
       expect_filtered_search_input_empty
     end
 
@@ -99,7 +101,7 @@ describe 'Filter merge requests' do
       input_filtered_search("label:~#{label.title}")
 
       expect_mr_list_count(0)
-      expect_tokens([{ name: 'label', value: "~#{label.title}" }])
+      expect_tokens([label_token(label.title)])
       expect_filtered_search_input_empty
     end
 
@@ -107,10 +109,7 @@ describe 'Filter merge requests' do
       input_filtered_search("label:~\"#{wontfix.title}\" label:~#{label.title}")
 
       expect_mr_list_count(0)
-      expect_tokens([
-        { name: 'label', value: "~\"#{wontfix.title}\"" },
-        { name: 'label', value: "~#{label.title}" }
-      ])
+      expect_tokens([label_token("\"#{wontfix.title}\""), label_token(label.title)])
       expect_filtered_search_input_empty
     end
 
@@ -118,16 +117,13 @@ describe 'Filter merge requests' do
       input_filtered_search("label:~\"#{wontfix.title}\"")
 
       expect_mr_list_count(0)
-      expect_tokens([{ name: 'label', value: "~\"#{wontfix.title}\"" }])
+      expect_tokens([label_token("\"#{wontfix.title}\"")])
       expect_filtered_search_input_empty
 
       input_filtered_search_keys("label:~#{label.title}")
 
       expect_mr_list_count(0)
-      expect_tokens([
-        { name: 'label', value: "~\"#{wontfix.title}\"" },
-        { name: 'label', value: "~#{label.title}" }
-      ])
+      expect_tokens([label_token("\"#{wontfix.title}\""), label_token(label.title)])
       expect_filtered_search_input_empty
     end
   end
@@ -143,10 +139,9 @@ describe 'Filter merge requests' do
 
     context 'assignee and label', js: true do
       def expect_assignee_label_visual_tokens
-        expect_tokens([
-          { name: 'assignee', value: "@#{user.username}" },
-          { name: 'label', value: "~#{label.title}" }
-        ])
+        wait_for_requests
+
+        expect_tokens([assignee_token(user.name), label_token(label.title)])
         expect_filtered_search_input_empty
       end
 
@@ -214,7 +209,7 @@ describe 'Filter merge requests' do
         input_filtered_search_keys(' label:~bug')
 
         expect_mr_list_count(1)
-        expect_tokens([{ name: 'label', value: '~bug' }])
+        expect_tokens([label_token('bug')])
         expect_filtered_search_input('Bug')
       end
 
@@ -227,7 +222,7 @@ describe 'Filter merge requests' do
         input_filtered_search_keys(' milestone:%8')
 
         expect_mr_list_count(1)
-        expect_tokens([{ name: 'milestone', value: '%8' }])
+        expect_tokens([milestone_token('8')])
         expect_filtered_search_input('Bug')
       end
 
@@ -240,7 +235,10 @@ describe 'Filter merge requests' do
         input_filtered_search_keys(" assignee:@#{user.username}")
 
         expect_mr_list_count(1)
-        expect_tokens([{ name: 'assignee', value: "@#{user.username}" }])
+
+        wait_for_requests
+
+        expect_tokens([assignee_token(user.name)])
         expect_filtered_search_input('Bug')
       end
 
@@ -252,8 +250,10 @@ describe 'Filter merge requests' do
 
         input_filtered_search_keys(" author:@#{user.username}")
 
+        wait_for_requests
+
         expect_mr_list_count(1)
-        expect_tokens([{ name: 'author', value: "@#{user.username}" }])
+        expect_tokens([author_token(user.name)])
         expect_filtered_search_input('Bug')
       end
     end
@@ -293,7 +293,9 @@ describe 'Filter merge requests' do
     it 'filter by current user' do
       visit project_merge_requests_path(project, assignee_id: user.id)
 
-      expect_tokens([{ name: 'assignee', value: "@#{user.username}" }])
+      wait_for_requests
+
+      expect_tokens([assignee_token(user.name)])
       expect_filtered_search_input_empty
     end
 
@@ -303,7 +305,9 @@ describe 'Filter merge requests' do
 
       visit project_merge_requests_path(project, assignee_id: new_user.id)
 
-      expect_tokens([{ name: 'assignee', value: "@#{new_user.username}" }])
+      wait_for_requests
+
+      expect_tokens([assignee_token(new_user.name)])
       expect_filtered_search_input_empty
     end
   end
@@ -312,7 +316,9 @@ describe 'Filter merge requests' do
     it 'filter by current user' do
       visit project_merge_requests_path(project, author_id: user.id)
 
-      expect_tokens([{ name: 'author', value: "@#{user.username}" }])
+      wait_for_requests
+
+      expect_tokens([author_token(user.name)])
       expect_filtered_search_input_empty
     end
 
@@ -322,7 +328,9 @@ describe 'Filter merge requests' do
 
       visit project_merge_requests_path(project, author_id: new_user.id)
 
-      expect_tokens([{ name: 'author', value: "@#{new_user.username}" }])
+      wait_for_requests
+
+      expect_tokens([author_token(new_user.name)])
       expect_filtered_search_input_empty
     end
   end
diff --git a/spec/features/milestones/show_spec.rb b/spec/features/milestones/show_spec.rb
index 20303359c46..624f13922ed 100644
--- a/spec/features/milestones/show_spec.rb
+++ b/spec/features/milestones/show_spec.rb
@@ -8,7 +8,7 @@ describe 'Milestone show' do
   let(:issue_params) { { project: project, assignees: [user], author: user, milestone: milestone, labels: labels } }
 
   before do
-    project.add_user(user, :developer) 
+    project.add_user(user, :developer)
     sign_in(user)
   end
 
diff --git a/spec/features/profile_spec.rb b/spec/features/profile_spec.rb
index 672022304da..f183dd8cb75 100644
--- a/spec/features/profile_spec.rb
+++ b/spec/features/profile_spec.rb
@@ -7,9 +7,8 @@ describe 'Profile account page' do
     sign_in(user)
   end
 
-  describe 'when signup is enabled' do
+  describe 'when I delete my account' do
     before do
-      stub_application_setting(signup_enabled: true)
       visit profile_account_path
     end
 
@@ -21,18 +20,6 @@ describe 'Profile account page' do
     end
   end
 
-  describe 'when signup is disabled' do
-    before do
-      stub_application_setting(signup_enabled: false)
-      visit profile_account_path
-    end
-
-    it 'does not have option to remove account' do
-      expect(page).not_to have_content('Remove account')
-      expect(current_path).to eq(profile_account_path)
-    end
-  end
-
   describe 'when I reset private token' do
     before do
       visit profile_account_path
diff --git a/spec/features/projects/files/undo_template_spec.rb b/spec/features/projects/files/undo_template_spec.rb
index 4238d25e9ee..9bcd5beabb8 100644
--- a/spec/features/projects/files/undo_template_spec.rb
+++ b/spec/features/projects/files/undo_template_spec.rb
@@ -20,7 +20,7 @@ feature 'Template Undo Button', js: true do
     end
   end
 
-  context 'creating a non-matching file' do 
+  context 'creating a non-matching file' do
     before do
       visit project_new_blob_path(project, 'master')
       select_file_template_type('LICENSE')
diff --git a/spec/features/projects_spec.rb b/spec/features/projects_spec.rb
index d3d7915bebf..baf3d29e6c5 100644
--- a/spec/features/projects_spec.rb
+++ b/spec/features/projects_spec.rb
@@ -18,7 +18,7 @@ feature 'Project' do
         click_button "Create project"
       end
 
-      expect(page).to have_content 'This project Loading..'
+      expect(page).to have_content template.name
     end
   end
 
diff --git a/spec/features/search_spec.rb b/spec/features/search_spec.rb
index 9b49fc2225d..6742d77937f 100644
--- a/spec/features/search_spec.rb
+++ b/spec/features/search_spec.rb
@@ -195,37 +195,33 @@ describe "Search"  do
 
         it 'takes user to her issues page when issues assigned is clicked' do
           find('.dropdown-menu').click_link 'Issues assigned to me'
-          sleep 2
 
           expect(page).to have_selector('.filtered-search')
-          expect_tokens([{ name: 'assignee', value: "@#{user.username}" }])
+          expect_tokens([assignee_token(user.name)])
           expect_filtered_search_input_empty
         end
 
         it 'takes user to her issues page when issues authored is clicked' do
           find('.dropdown-menu').click_link "Issues I've created"
-          sleep 2
 
           expect(page).to have_selector('.filtered-search')
-          expect_tokens([{ name: 'author', value: "@#{user.username}" }])
+          expect_tokens([author_token(user.name)])
           expect_filtered_search_input_empty
         end
 
         it 'takes user to her MR page when MR assigned is clicked' do
           find('.dropdown-menu').click_link 'Merge requests assigned to me'
-          sleep 2
 
           expect(page).to have_selector('.merge-requests-holder')
-          expect_tokens([{ name: 'assignee', value: "@#{user.username}" }])
+          expect_tokens([assignee_token(user.name)])
           expect_filtered_search_input_empty
         end
 
         it 'takes user to her MR page when MR authored is clicked' do
           find('.dropdown-menu').click_link "Merge requests I've created"
-          sleep 2
 
           expect(page).to have_selector('.merge-requests-holder')
-          expect_tokens([{ name: 'author', value: "@#{user.username}" }])
+          expect_tokens([author_token(user.name)])
           expect_filtered_search_input_empty
         end
       end
diff --git a/spec/helpers/diff_helper_spec.rb b/spec/helpers/diff_helper_spec.rb
index f81a9b6492c..0deea0ff6a3 100644
--- a/spec/helpers/diff_helper_spec.rb
+++ b/spec/helpers/diff_helper_spec.rb
@@ -135,10 +135,10 @@ describe DiffHelper do
     it "returns strings with marked inline diffs" do
       marked_old_line, marked_new_line = mark_inline_diffs(old_line, new_line)
 
-      expect(marked_old_line).to eq(%q{abc <span class="idiff left right deletion">&#39;def&#39;</span>})
-      expect(marked_old_line).to be_html_safe
-      expect(marked_new_line).to eq(%q{abc <span class="idiff left right addition">&quot;def&quot;</span>})
-      expect(marked_new_line).to be_html_safe
+      expect(marked_old_line).to eq(%q{abc <span class="idiff left right deletion">'def'</span>})
+      expect(marked_old_line).not_to be_html_safe
+      expect(marked_new_line).to eq(%q{abc <span class="idiff left right addition">"def"</span>})
+      expect(marked_new_line).not_to be_html_safe
     end
   end
 
diff --git a/spec/helpers/events_helper_spec.rb b/spec/helpers/events_helper_spec.rb
index aa138f25bd3..4b72dbb7964 100644
--- a/spec/helpers/events_helper_spec.rb
+++ b/spec/helpers/events_helper_spec.rb
@@ -62,6 +62,12 @@ describe EventsHelper do
       expect(helper.event_note(input)).to eq(expected)
     end
 
+    it 'preserves data-src for lazy images' do
+      input = "![ImageTest](/uploads/test.png)"
+      image_url = "data-src=\"/uploads/test.png\""
+      expect(helper.event_note(input)).to match(image_url)
+    end
+
     context 'labels formatting' do
       let(:input) { 'this should be ~label_1' }
 
diff --git a/spec/helpers/version_check_helper_spec.rb b/spec/helpers/version_check_helper_spec.rb
index 889fe441171..5eba03ef576 100644
--- a/spec/helpers/version_check_helper_spec.rb
+++ b/spec/helpers/version_check_helper_spec.rb
@@ -23,7 +23,7 @@ describe VersionCheckHelper do
       end
 
       it 'should have a js prefixed css class' do
-        expect(@image_tag).to match(/class="js-version-status-badge"/)
+        expect(@image_tag).to match(/class="js-version-status-badge lazy"/)
       end
 
       it 'should have a VersionCheck url as the src' do
diff --git a/spec/initializers/settings_spec.rb b/spec/initializers/settings_spec.rb
index e5ec90cb8f9..9a974e70e8c 100644
--- a/spec/initializers/settings_spec.rb
+++ b/spec/initializers/settings_spec.rb
@@ -2,6 +2,22 @@ require 'spec_helper'
 require_relative '../../config/initializers/1_settings'
 
 describe Settings do
+  describe '#ldap' do
+    it 'can be accessed with dot syntax all the way down' do
+      expect(Gitlab.config.ldap.servers.main.label).to eq('ldap')
+    end
+
+    # Specifically trying to cause this error discovered in EE when removing the
+    # reassignment of each server element with Settingslogic.
+    #
+    #   `undefined method `label' for #<Hash:0x007fbd18b59c08>`
+    #
+    it 'can be accessed in a very specific way that breaks without reassigning each element with Settingslogic' do
+      server_settings = Gitlab.config.ldap.servers['main']
+      expect(server_settings.label).to eq('ldap')
+    end
+  end
+
   describe '#repositories' do
     it 'assigns the default failure attributes' do
       repository_settings = Gitlab.config.repositories.storages['broken']
@@ -11,6 +27,15 @@ describe Settings do
       expect(repository_settings['failure_reset_time']).to eq(1800)
       expect(repository_settings['storage_timeout']).to eq(5)
     end
+
+    it 'can be accessed with dot syntax all the way down' do
+      expect(Gitlab.config.repositories.storages.broken.failure_count_threshold).to eq(10)
+    end
+
+    it 'can be accessed in a very specific way that breaks without reassigning each element with Settingslogic' do
+      storage_settings = Gitlab.config.repositories.storages['broken']
+      expect(storage_settings.failure_count_threshold).to eq(10)
+    end
   end
 
   describe '#host_without_www' do
diff --git a/spec/javascripts/boards/board_new_issue_spec.js b/spec/javascripts/boards/board_new_issue_spec.js
index c0a7323a505..eac2eecb6bc 100644
--- a/spec/javascripts/boards/board_new_issue_spec.js
+++ b/spec/javascripts/boards/board_new_issue_spec.js
@@ -30,6 +30,8 @@ describe('Issue boards new issue form', () => {
   };
 
   beforeEach((done) => {
+    setFixtures('<div class="test-container"></div>');
+
     const BoardNewIssueComp = Vue.extend(boardNewIssue);
 
     Vue.http.interceptors.push(boardsMockInterceptor);
@@ -46,15 +48,17 @@ describe('Issue boards new issue form', () => {
       propsData: {
         list,
       },
-    }).$mount();
+    }).$mount(document.querySelector('.test-container'));
 
     Vue.nextTick()
       .then(done)
       .catch(done.fail);
   });
 
+  afterEach(() => vm.$destroy());
+
   it('calls submit if submit button is clicked', (done) => {
-    spyOn(vm, 'submit');
+    spyOn(vm, 'submit').and.callFake(e => e.preventDefault());
     vm.title = 'Testing Title';
 
     Vue.nextTick()
diff --git a/spec/javascripts/boards/issue_card_spec.js b/spec/javascripts/boards/issue_card_spec.js
index 69cfcbbce5a..47aaa57e6b9 100644
--- a/spec/javascripts/boards/issue_card_spec.js
+++ b/spec/javascripts/boards/issue_card_spec.js
@@ -278,6 +278,25 @@ describe('Issue card component', () => {
           nodes.includes(label1.color),
         ).toBe(true);
       });
+
+      it('does not render label if label does not have an ID', (done) => {
+        component.issue.addLabel(new ListLabel({
+          title: 'closed',
+        }));
+
+        Vue.nextTick()
+          .then(() => {
+            expect(
+              component.$el.querySelectorAll('.label').length,
+            ).toBe(2);
+            expect(
+              component.$el.textContent,
+            ).not.toContain('closed');
+
+            done();
+          })
+          .catch(done.fail);
+      });
     });
   });
 });
diff --git a/spec/javascripts/fixtures/prometheus_service.rb b/spec/javascripts/fixtures/prometheus_service.rb
index 7a46e47bb15..7968c9425f2 100644
--- a/spec/javascripts/fixtures/prometheus_service.rb
+++ b/spec/javascripts/fixtures/prometheus_service.rb
@@ -7,7 +7,7 @@ describe Projects::ServicesController, '(JavaScript fixtures)', type: :controlle
   let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
   let(:project)   { create(:project_empty_repo, namespace: namespace, path: 'services-project') }
   let!(:service)  { create(:prometheus_service, project: project) }
-  
+
   render_views
 
   before(:all) do
diff --git a/spec/javascripts/fixtures/services.rb b/spec/javascripts/fixtures/services.rb
index 0a3c64d5d31..80915c32a74 100644
--- a/spec/javascripts/fixtures/services.rb
+++ b/spec/javascripts/fixtures/services.rb
@@ -7,7 +7,6 @@ describe Projects::ServicesController, '(JavaScript fixtures)', type: :controlle
   let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
   let(:project)   { create(:project_empty_repo, namespace: namespace, path: 'services-project') }
   let!(:service)  { create(:custom_issue_tracker_service, project: project, title: 'Custom Issue Tracker') }
-  
 
   render_views
 
diff --git a/spec/javascripts/fly_out_nav_spec.js b/spec/javascripts/fly_out_nav_spec.js
index 65a7459c5ed..2e81a1b056b 100644
--- a/spec/javascripts/fly_out_nav_spec.js
+++ b/spec/javascripts/fly_out_nav_spec.js
@@ -10,6 +10,7 @@ import {
   mousePos,
   getHideSubItemsInterval,
   documentMouseMove,
+  getHeaderHeight,
 } from '~/fly_out_nav';
 import bp from '~/breakpoints';
 
@@ -59,7 +60,7 @@ describe('Fly out sidebar navigation', () => {
 
   describe('getHideSubItemsInterval', () => {
     beforeEach(() => {
-      el.innerHTML = '<div class="sidebar-sub-level-items" style="position: fixed; top: 0; left: 100px; height: 50px;"></div>';
+      el.innerHTML = '<div class="sidebar-sub-level-items" style="position: fixed; top: 0; left: 100px; height: 150px;"></div>';
     });
 
     it('returns 0 if currentOpenMenu is nil', () => {
@@ -112,6 +113,7 @@ describe('Fly out sidebar navigation', () => {
         clientX: el.getBoundingClientRect().left + 20,
         clientY: el.getBoundingClientRect().top + 10,
       });
+      console.log(el);
 
       expect(
         getHideSubItemsInterval(),
@@ -245,7 +247,7 @@ describe('Fly out sidebar navigation', () => {
 
       expect(
         subItems.style.transform,
-      ).toBe(`translate3d(0px, ${Math.floor(el.getBoundingClientRect().top)}px, 0px)`);
+      ).toBe(`translate3d(0px, ${Math.floor(el.getBoundingClientRect().top) - getHeaderHeight()}px, 0px)`);
     });
 
     it('sets is-above when element is above', () => {
diff --git a/spec/javascripts/lib/utils/common_utils_spec.js b/spec/javascripts/lib/utils/common_utils_spec.js
index 55037bbbf73..a6ad250bd86 100644
--- a/spec/javascripts/lib/utils/common_utils_spec.js
+++ b/spec/javascripts/lib/utils/common_utils_spec.js
@@ -266,6 +266,12 @@ import '~/lib/utils/common_utils';
     });
 
     describe('gl.utils.backOff', () => {
+      beforeEach(() => {
+        // shortcut our timeouts otherwise these tests will take a long time to finish
+        const origSetTimeout = window.setTimeout;
+        spyOn(window, 'setTimeout').and.callFake(cb => origSetTimeout(cb, 0));
+      });
+
       it('solves the promise from the callback', (done) => {
         const expectedResponseValue = 'Success!';
         gl.utils.backOff((next, stop) => (
@@ -299,37 +305,33 @@ import '~/lib/utils/common_utils';
         let numberOfCalls = 1;
         const expectedResponseValue = 'Success!';
         gl.utils.backOff((next, stop) => (
-          new Promise((resolve) => {
-            resolve(expectedResponseValue);
-          }).then((resp) => {
-            if (numberOfCalls < 3) {
-              numberOfCalls += 1;
-              next();
-            } else {
-              stop(resp);
-            }
-          })
+          Promise.resolve(expectedResponseValue)
+            .then((resp) => {
+              if (numberOfCalls < 3) {
+                numberOfCalls += 1;
+                next();
+              } else {
+                stop(resp);
+              }
+            })
         )).then((respBackoff) => {
+          const timeouts = window.setTimeout.calls.allArgs().map(([, timeout]) => timeout);
+          expect(timeouts).toEqual([2000, 4000]);
           expect(respBackoff).toBe(expectedResponseValue);
-          expect(numberOfCalls).toBe(3);
           done();
         });
-      }, 10000);
+      });
 
       it('rejects the backOff promise after timing out', (done) => {
-        const expectedResponseValue = 'Success!';
-        gl.utils.backOff(next => (
-          new Promise((resolve) => {
-            resolve(expectedResponseValue);
-          }).then(() => {
-            setTimeout(next(), 5000); // it will time out
-          })
-        ), 3000).catch((errBackoffResp) => {
-          expect(errBackoffResp instanceof Error).toBe(true);
-          expect(errBackoffResp.message).toBe('BACKOFF_TIMEOUT');
-          done();
-        });
-      }, 10000);
+        gl.utils.backOff(next => next(), 64000)
+          .catch((errBackoffResp) => {
+            const timeouts = window.setTimeout.calls.allArgs().map(([, timeout]) => timeout);
+            expect(timeouts).toEqual([2000, 4000, 8000, 16000, 32000, 32000]);
+            expect(errBackoffResp instanceof Error).toBe(true);
+            expect(errBackoffResp.message).toBe('BACKOFF_TIMEOUT');
+            done();
+          });
+      });
     });
 
     describe('gl.utils.setFavicon', () => {
diff --git a/spec/javascripts/lib/utils/text_utility_spec.js b/spec/javascripts/lib/utils/text_utility_spec.js
index ca1b1b7cc3c..f1a975ba962 100644
--- a/spec/javascripts/lib/utils/text_utility_spec.js
+++ b/spec/javascripts/lib/utils/text_utility_spec.js
@@ -52,6 +52,7 @@ describe('text_utility', () => {
     beforeAll(() => {
       textArea = document.createElement('textarea');
       document.querySelector('body').appendChild(textArea);
+      textArea.focus();
     });
 
     afterAll(() => {
diff --git a/spec/javascripts/sidebar/confidential_issue_sidebar_spec.js b/spec/javascripts/sidebar/confidential_issue_sidebar_spec.js
index 2e16adffb5b..88a33caf2e3 100644
--- a/spec/javascripts/sidebar/confidential_issue_sidebar_spec.js
+++ b/spec/javascripts/sidebar/confidential_issue_sidebar_spec.js
@@ -41,7 +41,7 @@ describe('Confidential Issue Sidebar Block', () => {
     ).toBe(true);
 
     expect(
-      vm2.$el.innerHTML.includes('This issue is not confidential'),
+      vm2.$el.innerHTML.includes('Not confidential'),
     ).toBe(true);
   });
 
diff --git a/spec/lib/after_commit_queue_spec.rb b/spec/lib/after_commit_queue_spec.rb
new file mode 100644
index 00000000000..6e7c2ec2363
--- /dev/null
+++ b/spec/lib/after_commit_queue_spec.rb
@@ -0,0 +1,15 @@
+require 'spec_helper'
+
+describe AfterCommitQueue do
+  it 'runs after transaction is committed' do
+    called = false
+    test_proc = proc { called = true }
+
+    project = build(:project)
+    project.run_after_commit(&test_proc)
+
+    project.save
+
+    expect(called).to be true
+  end
+end
diff --git a/spec/lib/api/helpers/pagination_spec.rb b/spec/lib/api/helpers/pagination_spec.rb
index fb3ef04b860..59deca7757b 100644
--- a/spec/lib/api/helpers/pagination_spec.rb
+++ b/spec/lib/api/helpers/pagination_spec.rb
@@ -52,7 +52,13 @@ describe API::Helpers::Pagination do
           expect_header('X-Page', '1')
           expect_header('X-Next-Page', '2')
           expect_header('X-Prev-Page', '')
-          expect_header('Link', any_args)
+
+          expect_header('Link', anything) do |_key, val|
+            expect(val).to include('rel="first"')
+            expect(val).to include('rel="last"')
+            expect(val).to include('rel="next"')
+            expect(val).not_to include('rel="prev"')
+          end
 
           subject.paginate(resource)
         end
@@ -75,15 +81,53 @@ describe API::Helpers::Pagination do
           expect_header('X-Page', '2')
           expect_header('X-Next-Page', '')
           expect_header('X-Prev-Page', '1')
-          expect_header('Link', any_args)
+
+          expect_header('Link', anything) do |_key, val|
+            expect(val).to include('rel="first"')
+            expect(val).to include('rel="last"')
+            expect(val).to include('rel="prev"')
+            expect(val).not_to include('rel="next"')
+          end
+
+          subject.paginate(resource)
+        end
+      end
+    end
+
+    context 'when resource empty' do
+      describe 'first page' do
+        before do
+          allow(subject).to receive(:params)
+            .and_return({ page: 1, per_page: 2 })
+        end
+
+        it 'returns appropriate amount of resources' do
+          expect(subject.paginate(resource).count).to eq 0
+        end
+
+        it 'adds appropriate headers' do
+          expect_header('X-Total', '0')
+          expect_header('X-Total-Pages', '1')
+          expect_header('X-Per-Page', '2')
+          expect_header('X-Page', '1')
+          expect_header('X-Next-Page', '')
+          expect_header('X-Prev-Page', '')
+
+          expect_header('Link', anything) do |_key, val|
+            expect(val).to include('rel="first"')
+            expect(val).to include('rel="last"')
+            expect(val).not_to include('rel="prev"')
+            expect(val).not_to include('rel="next"')
+            expect(val).not_to include('page=0')
+          end
 
           subject.paginate(resource)
         end
       end
     end
 
-    def expect_header(name, value)
-      expect(subject).to receive(:header).with(name, value)
+    def expect_header(*args, &block)
+      expect(subject).to receive(:header).with(*args, &block)
     end
 
     def expect_message(method)
diff --git a/spec/lib/file_size_validator_spec.rb b/spec/lib/file_size_validator_spec.rb
index 49501931dd2..c44bc1840df 100644
--- a/spec/lib/file_size_validator_spec.rb
+++ b/spec/lib/file_size_validator_spec.rb
@@ -24,13 +24,13 @@ describe FileSizeValidator do
   describe 'options uses a symbol' do
     let(:options) do
       {
-        maximum: :test,
+        maximum: :max_attachment_size,
         attributes: { attachment: attachment }
       }
     end
 
     before do
-      allow(note).to receive(:test) { 10 }
+      expect(note).to receive(:max_attachment_size) { 10 }
     end
 
     it 'attachment exceeds maximum limit' do
diff --git a/spec/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits_spec.rb b/spec/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits_spec.rb
index 7cd2ce82eda..c0427639746 100644
--- a/spec/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits_spec.rb
+++ b/spec/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits_spec.rb
@@ -134,6 +134,17 @@ describe Gitlab::BackgroundMigration::DeserializeMergeRequestDiffsAndCommits do
       include_examples 'updated MR diff'
     end
 
+    context 'when the merge request diffs do not have a_mode and b_mode set' do
+      let(:commits) { merge_request_diff.commits.map(&:to_hash) }
+      let(:expected_diffs) { diffs_to_hashes(merge_request_diff.merge_request_diff_files) }
+
+      let(:diffs) do
+        expected_diffs.map { |diff| diff.except(:a_mode, :b_mode) }
+      end
+
+      include_examples 'updated MR diff'
+    end
+
     context 'when the merge request diffs have binary content' do
       let(:commits) { merge_request_diff.commits.map(&:to_hash) }
       let(:expected_diffs) { diffs }
diff --git a/spec/lib/gitlab/ci/trace/stream_spec.rb b/spec/lib/gitlab/ci/trace/stream_spec.rb
index ebe5af56160..e5555546fa8 100644
--- a/spec/lib/gitlab/ci/trace/stream_spec.rb
+++ b/spec/lib/gitlab/ci/trace/stream_spec.rb
@@ -295,7 +295,7 @@ describe Gitlab::Ci::Trace::Stream do
     end
 
     context 'malicious regexp' do
-      let(:data) { malicious_text }  
+      let(:data) { malicious_text }
       let(:regex) { malicious_regexp }
 
       include_examples 'malicious regexp'
diff --git a/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb b/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb
index 854aaa34c73..0560c47f03f 100644
--- a/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb
@@ -6,10 +6,10 @@ describe Gitlab::CycleAnalytics::BaseEventFetcher do
   let(:user) { create(:user, :admin) }
   let(:start_time_attrs) { Issue.arel_table[:created_at] }
   let(:end_time_attrs) { [Issue::Metrics.arel_table[:first_associated_with_milestone_at]] }
-  let(:options) do 
+  let(:options) do
     { start_time_attrs: start_time_attrs,
       end_time_attrs: end_time_attrs,
-      from: 30.days.ago } 
+      from: 30.days.ago }
   end
 
   subject do
diff --git a/spec/lib/gitlab/diff/inline_diff_markdown_marker_spec.rb b/spec/lib/gitlab/diff/inline_diff_markdown_marker_spec.rb
index 046b096e366..7e17437fa2a 100644
--- a/spec/lib/gitlab/diff/inline_diff_markdown_marker_spec.rb
+++ b/spec/lib/gitlab/diff/inline_diff_markdown_marker_spec.rb
@@ -6,9 +6,9 @@ describe Gitlab::Diff::InlineDiffMarkdownMarker do
     let(:inline_diffs) { [2..5] }
     let(:subject) { described_class.new(raw).mark(inline_diffs, mode: :deletion) }
 
-    it 'marks the range' do
-      expect(subject).to eq("ab{-c &#39;d-}ef&#39;")
-      expect(subject).to be_html_safe
+    it 'does not escape html etities and marks the range' do
+      expect(subject).to eq("ab{-c 'd-}ef'")
+      expect(subject).not_to be_html_safe
     end
   end
 end
diff --git a/spec/lib/gitlab/diff/inline_diff_marker_spec.rb b/spec/lib/gitlab/diff/inline_diff_marker_spec.rb
index c3bf34c24ae..7296bbf5df3 100644
--- a/spec/lib/gitlab/diff/inline_diff_marker_spec.rb
+++ b/spec/lib/gitlab/diff/inline_diff_marker_spec.rb
@@ -2,11 +2,13 @@ require 'spec_helper'
 
 describe Gitlab::Diff::InlineDiffMarker do
   describe '#mark' do
+    let(:inline_diffs) { [2..5] }
+    let(:raw) { "abc 'def'" }
+
+    subject { described_class.new(raw, rich).mark(inline_diffs) }
+
     context "when the rich text is html safe" do
-      let(:raw) { "abc 'def'" }
       let(:rich) { %{<span class="abc">abc</span><span class="space"> </span><span class="def">&#39;def&#39;</span>}.html_safe }
-      let(:inline_diffs) { [2..5] }
-      let(:subject) { described_class.new(raw, rich).mark(inline_diffs) }
 
       it 'marks the range' do
         expect(subject).to eq(%{<span class="abc">ab<span class="idiff left">c</span></span><span class="space"><span class="idiff"> </span></span><span class="def"><span class="idiff right">&#39;d</span>ef&#39;</span>})
@@ -15,12 +17,10 @@ describe Gitlab::Diff::InlineDiffMarker do
     end
 
     context "when the text text is not html safe" do
-      let(:raw) { "abc 'def'" }
-      let(:inline_diffs) { [2..5] }
-      let(:subject) { described_class.new(raw).mark(inline_diffs) }
+      let(:rich) { "abc 'def' differs" }
 
       it 'marks the range' do
-        expect(subject).to eq(%{ab<span class="idiff left right">c &#39;d</span>ef&#39;})
+        expect(subject).to eq(%{ab<span class="idiff left right">c &#39;d</span>ef&#39; differs})
         expect(subject).to be_html_safe
       end
     end
diff --git a/spec/lib/gitlab/git/repository_spec.rb b/spec/lib/gitlab/git/repository_spec.rb
index 4ef5d9070a2..8ec8dfe6acf 100644
--- a/spec/lib/gitlab/git/repository_spec.rb
+++ b/spec/lib/gitlab/git/repository_spec.rb
@@ -235,18 +235,10 @@ describe Gitlab::Git::Repository, seed_helper: true do
     it { is_expected.to be < 2 }
   end
 
-  describe '#has_commits?' do
-    it { expect(repository.has_commits?).to be_truthy }
-  end
-
   describe '#empty?' do
     it { expect(repository.empty?).to be_falsey }
   end
 
-  describe '#bare?' do
-    it { expect(repository.bare?).to be_truthy }
-  end
-
   describe '#ref_names' do
     let(:ref_names) { repository.ref_names }
     subject { ref_names }
@@ -441,15 +433,6 @@ describe Gitlab::Git::Repository, seed_helper: true do
     end
   end
 
-  describe "#remote_names" do
-    let(:remotes) { repository.remote_names }
-
-    it "should have one entry: 'origin'" do
-      expect(remotes.size).to eq(1)
-      expect(remotes.first).to eq("origin")
-    end
-  end
-
   describe "#refs_hash" do
     let(:refs) { repository.refs_hash }
 
@@ -1098,28 +1081,48 @@ describe Gitlab::Git::Repository, seed_helper: true do
   end
 
   describe '#tag_exists?' do
-    it 'returns true for an existing tag' do
-      tag = repository.tag_names.first
+    shared_examples 'checks the existence of tags' do
+      it 'returns true for an existing tag' do
+        tag = repository.tag_names.first
+
+        expect(repository.tag_exists?(tag)).to eq(true)
+      end
 
-      expect(repository.tag_exists?(tag)).to eq(true)
+      it 'returns false for a non-existing tag' do
+        expect(repository.tag_exists?('v9000')).to eq(false)
+      end
     end
 
-    it 'returns false for a non-existing tag' do
-      expect(repository.tag_exists?('v9000')).to eq(false)
+    context 'when Gitaly ref_exists_tags feature is enabled' do
+      it_behaves_like 'checks the existence of tags'
+    end
+
+    context 'when Gitaly ref_exists_tags feature is disabled', skip_gitaly_mock: true do
+      it_behaves_like 'checks the existence of tags'
     end
   end
 
   describe '#branch_exists?' do
-    it 'returns true for an existing branch' do
-      expect(repository.branch_exists?('master')).to eq(true)
+    shared_examples 'checks the existence of branches' do
+      it 'returns true for an existing branch' do
+        expect(repository.branch_exists?('master')).to eq(true)
+      end
+
+      it 'returns false for a non-existing branch' do
+        expect(repository.branch_exists?('kittens')).to eq(false)
+      end
+
+      it 'returns false when using an invalid branch name' do
+        expect(repository.branch_exists?('.bla')).to eq(false)
+      end
     end
 
-    it 'returns false for a non-existing branch' do
-      expect(repository.branch_exists?('kittens')).to eq(false)
+    context 'when Gitaly ref_exists_branches feature is enabled' do
+      it_behaves_like 'checks the existence of branches'
     end
 
-    it 'returns false when using an invalid branch name' do
-      expect(repository.branch_exists?('.bla')).to eq(false)
+    context 'when Gitaly ref_exists_branches feature is disabled', skip_gitaly_mock: true do
+      it_behaves_like 'checks the existence of branches'
     end
   end
 
diff --git a/spec/lib/gitlab/git/storage/circuit_breaker_spec.rb b/spec/lib/gitlab/git/storage/circuit_breaker_spec.rb
index 9d1763b96ad..c86353abb7c 100644
--- a/spec/lib/gitlab/git/storage/circuit_breaker_spec.rb
+++ b/spec/lib/gitlab/git/storage/circuit_breaker_spec.rb
@@ -1,9 +1,30 @@
 require 'spec_helper'
 
 describe Gitlab::Git::Storage::CircuitBreaker, clean_gitlab_redis_shared_state: true, broken_storage: true do
-  let(:circuit_breaker) { described_class.new('default') }
+  let(:storage_name) { 'default' }
+  let(:circuit_breaker) { described_class.new(storage_name) }
   let(:hostname) { Gitlab::Environment.hostname }
-  let(:cache_key) { "storage_accessible:default:#{hostname}" }
+  let(:cache_key) { "storage_accessible:#{storage_name}:#{hostname}" }
+
+  before do
+    # Override test-settings for the circuitbreaker with something more realistic
+    # for these specs.
+    stub_storage_settings('default' => {
+                            'path' => TestEnv.repos_path,
+                            'failure_count_threshold' => 10,
+                            'failure_wait_time' => 30,
+                            'failure_reset_time' => 1800,
+                            'storage_timeout' => 5
+                          },
+                          'broken' => {
+                            'path' => 'tmp/tests/non-existent-repositories',
+                            'failure_count_threshold' => 10,
+                            'failure_wait_time' => 30,
+                            'failure_reset_time' => 1800,
+                            'storage_timeout' => 5
+                          }
+                         )
+  end
 
   def value_from_redis(name)
     Gitlab::Git::Storage.redis.with do |redis|
@@ -96,14 +117,14 @@ describe Gitlab::Git::Storage::CircuitBreaker, clean_gitlab_redis_shared_state:
   end
 
   describe '#circuit_broken?' do
-    it 'is closed when there is no last failure' do
+    it 'is working when there is no last failure' do
       set_in_redis(:last_failure, nil)
       set_in_redis(:failure_count, 0)
 
       expect(circuit_breaker.circuit_broken?).to be_falsey
     end
 
-    it 'is open when there was a recent failure' do
+    it 'is broken when there was a recent failure' do
       Timecop.freeze do
         set_in_redis(:last_failure, 1.second.ago.to_f)
         set_in_redis(:failure_count, 1)
@@ -112,16 +133,34 @@ describe Gitlab::Git::Storage::CircuitBreaker, clean_gitlab_redis_shared_state:
       end
     end
 
-    it 'is open when there are to many failures' do
+    it 'is broken when there are too many failures' do
       set_in_redis(:last_failure, 1.day.ago.to_f)
       set_in_redis(:failure_count, 200)
 
       expect(circuit_breaker.circuit_broken?).to be_truthy
     end
+
+    context 'the `failure_wait_time` is set to 0' do
+      before do
+        stub_storage_settings('default' => {
+                                'failure_wait_time' => 0,
+                                'path' => TestEnv.repos_path
+                              })
+      end
+
+      it 'is working even when there is a recent failure' do
+        Timecop.freeze do
+          set_in_redis(:last_failure, 0.seconds.ago.to_f)
+          set_in_redis(:failure_count, 1)
+
+          expect(circuit_breaker.circuit_broken?).to be_falsey
+        end
+      end
+    end
   end
 
   describe "storage_available?" do
-    context 'when the storage is available' do
+    context 'the storage is available' do
       it 'tracks that the storage was accessible an raises the error' do
         expect(circuit_breaker).to receive(:track_storage_accessible)
 
@@ -136,8 +175,8 @@ describe Gitlab::Git::Storage::CircuitBreaker, clean_gitlab_redis_shared_state:
       end
     end
 
-    context 'when storage is not available' do
-      let(:circuit_breaker) { described_class.new('broken') }
+    context 'storage is not available' do
+      let(:storage_name) { 'broken' }
 
       it 'tracks that the storage was inaccessible' do
         expect(circuit_breaker).to receive(:track_storage_inaccessible)
@@ -158,8 +197,8 @@ describe Gitlab::Git::Storage::CircuitBreaker, clean_gitlab_redis_shared_state:
       end
     end
 
-    context 'when the storage is not available' do
-      let(:circuit_breaker) { described_class.new('broken') }
+    context 'the storage is not available' do
+      let(:storage_name) { 'broken' }
 
       it 'raises an error' do
         expect(circuit_breaker).to receive(:track_storage_inaccessible)
diff --git a/spec/lib/gitlab/git_access_spec.rb b/spec/lib/gitlab/git_access_spec.rb
index 2d6ea37d0ac..80dc49e99cb 100644
--- a/spec/lib/gitlab/git_access_spec.rb
+++ b/spec/lib/gitlab/git_access_spec.rb
@@ -1,21 +1,17 @@
 require 'spec_helper'
 
 describe Gitlab::GitAccess do
-  let(:pull_access_check) { access.check('git-upload-pack', '_any') }
-  let(:push_access_check) { access.check('git-receive-pack', '_any') }
-  let(:access) { described_class.new(actor, project, protocol, authentication_abilities: authentication_abilities, redirected_path: redirected_path) }
-  let(:project) { create(:project, :repository) }
-  let(:user) { create(:user) }
+  set(:user) { create(:user) }
+
   let(:actor) { user }
+  let(:project) { create(:project, :repository) }
   let(:protocol) { 'ssh' }
+  let(:authentication_abilities) { %i[read_project download_code push_code] }
   let(:redirected_path) { nil }
-  let(:authentication_abilities) do
-    [
-      :read_project,
-      :download_code,
-      :push_code
-    ]
-  end
+
+  let(:access) { described_class.new(actor, project, protocol, authentication_abilities: authentication_abilities, redirected_path: redirected_path) }
+  let(:push_access_check) { access.check('git-receive-pack', '_any') }
+  let(:pull_access_check) { access.check('git-upload-pack', '_any') }
 
   describe '#check with single protocols allowed' do
     def disable_protocol(protocol)
@@ -27,12 +23,11 @@ describe Gitlab::GitAccess do
         disable_protocol('ssh')
       end
 
-      it 'blocks ssh git push' do
-        expect { push_access_check }.to raise_unauthorized('Git access over SSH is not allowed')
-      end
-
-      it 'blocks ssh git pull' do
-        expect { pull_access_check }.to raise_unauthorized('Git access over SSH is not allowed')
+      it 'blocks ssh git push and pull' do
+        aggregate_failures do
+          expect { push_access_check }.to raise_unauthorized('Git access over SSH is not allowed')
+          expect { pull_access_check }.to raise_unauthorized('Git access over SSH is not allowed')
+        end
       end
     end
 
@@ -43,12 +38,11 @@ describe Gitlab::GitAccess do
         disable_protocol('http')
       end
 
-      it 'blocks http push' do
-        expect { push_access_check }.to raise_unauthorized('Git access over HTTP is not allowed')
-      end
-
-      it 'blocks http git pull' do
-        expect { pull_access_check }.to raise_unauthorized('Git access over HTTP is not allowed')
+      it 'blocks http push and pull' do
+        aggregate_failures do
+          expect { push_access_check }.to raise_unauthorized('Git access over HTTP is not allowed')
+          expect { pull_access_check }.to raise_unauthorized('Git access over HTTP is not allowed')
+        end
       end
     end
   end
@@ -65,22 +59,20 @@ describe Gitlab::GitAccess do
               deploy_key.projects << project
             end
 
-            it 'allows pull access' do
-              expect { pull_access_check }.not_to raise_error
-            end
-
-            it 'allows push access' do
-              expect { push_access_check }.not_to raise_error
+            it 'allows push and pull access' do
+              aggregate_failures do
+                expect { push_access_check }.not_to raise_error
+                expect { pull_access_check }.not_to raise_error
+              end
             end
           end
 
           context 'when the Deploykey does not have access to the project' do
-            it 'blocks pulls with "not found"' do
-              expect { pull_access_check }.to raise_not_found('The project you were looking for could not be found.')
-            end
-
-            it 'blocks pushes with "not found"' do
-              expect { push_access_check }.to raise_not_found('The project you were looking for could not be found.')
+            it 'blocks push and pull with "not found"' do
+              aggregate_failures do
+                expect { push_access_check }.to raise_not_found
+                expect { pull_access_check }.to raise_not_found
+              end
             end
           end
         end
@@ -88,25 +80,23 @@ describe Gitlab::GitAccess do
         context 'when actor is a User' do
           context 'when the User can read the project' do
             before do
-              project.team << [user, :master]
+              project.add_master(user)
             end
 
-            it 'allows pull access' do
-              expect { pull_access_check }.not_to raise_error
-            end
-
-            it 'allows push access' do
-              expect { push_access_check }.not_to raise_error
+            it 'allows push and pull access' do
+              aggregate_failures do
+                expect { pull_access_check }.not_to raise_error
+                expect { push_access_check }.not_to raise_error
+              end
             end
           end
 
           context 'when the User cannot read the project' do
-            it 'blocks pulls with "not found"' do
-              expect { pull_access_check }.to raise_not_found('The project you were looking for could not be found.')
-            end
-
-            it 'blocks pushes with "not found"' do
-              expect { push_access_check }.to raise_not_found('The project you were looking for could not be found.')
+            it 'blocks push and pull with "not found"' do
+              aggregate_failures do
+                expect { push_access_check }.to raise_not_found
+                expect { pull_access_check }.to raise_not_found
+              end
             end
           end
         end
@@ -121,7 +111,7 @@ describe Gitlab::GitAccess do
           end
 
           it 'does not block pushes with "not found"' do
-            expect { push_access_check }.to raise_unauthorized('You are not allowed to upload code for this project.')
+            expect { push_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:upload])
           end
         end
       end
@@ -137,17 +127,17 @@ describe Gitlab::GitAccess do
           end
 
           it 'does not block pushes with "not found"' do
-            expect { push_access_check }.to raise_unauthorized('You are not allowed to upload code for this project.')
+            expect { push_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:upload])
           end
         end
 
         context 'when guests cannot read the project' do
           it 'blocks pulls with "not found"' do
-            expect { pull_access_check }.to raise_not_found('The project you were looking for could not be found.')
+            expect { pull_access_check }.to raise_not_found
           end
 
           it 'blocks pushes with "not found"' do
-            expect { push_access_check }.to raise_not_found('The project you were looking for could not be found.')
+            expect { push_access_check }.to raise_not_found
           end
         end
       end
@@ -156,48 +146,50 @@ describe Gitlab::GitAccess do
     context 'when the project is nil' do
       let(:project) { nil }
 
-      it 'blocks any command with "not found"' do
-        expect { pull_access_check }.to raise_not_found('The project you were looking for could not be found.')
-        expect { push_access_check }.to raise_not_found('The project you were looking for could not be found.')
+      it 'blocks push and pull with "not found"' do
+        aggregate_failures do
+          expect { pull_access_check }.to raise_not_found
+          expect { push_access_check }.to raise_not_found
+        end
       end
     end
   end
 
   describe '#check_project_moved!' do
     before do
-      project.team << [user, :master]
+      project.add_master(user)
     end
 
     context 'when a redirect was not followed to find the project' do
-      context 'pull code' do
-        it { expect { pull_access_check }.not_to raise_error }
-      end
-
-      context 'push code' do
-        it { expect { push_access_check }.not_to raise_error }
+      it 'allows push and pull access' do
+        aggregate_failures do
+          expect { push_access_check }.not_to raise_error
+          expect { pull_access_check }.not_to raise_error
+        end
       end
     end
 
     context 'when a redirect was followed to find the project' do
       let(:redirected_path) { 'some/other-path' }
 
-      context 'pull code' do
-        it { expect { pull_access_check }.to raise_not_found(/Project '#{redirected_path}' was moved to '#{project.full_path}'/) }
-        it { expect { pull_access_check }.to raise_not_found(/git remote set-url origin #{project.ssh_url_to_repo}/) }
+      it 'blocks push and pull access' do
+        aggregate_failures do
+          expect { push_access_check }.to raise_error(described_class::ProjectMovedError, /Project '#{redirected_path}' was moved to '#{project.full_path}'/)
+          expect { push_access_check }.to raise_error(described_class::ProjectMovedError, /git remote set-url origin #{project.ssh_url_to_repo}/)
 
-        context 'http protocol' do
-          let(:protocol) { 'http' }
-          it { expect { pull_access_check }.to raise_not_found(/git remote set-url origin #{project.http_url_to_repo}/) }
+          expect { pull_access_check }.to raise_error(described_class::ProjectMovedError, /Project '#{redirected_path}' was moved to '#{project.full_path}'/)
+          expect { pull_access_check }.to raise_error(described_class::ProjectMovedError, /git remote set-url origin #{project.ssh_url_to_repo}/)
         end
       end
 
-      context 'push code' do
-        it { expect { push_access_check }.to raise_not_found(/Project '#{redirected_path}' was moved to '#{project.full_path}'/) }
-        it { expect { push_access_check }.to raise_not_found(/git remote set-url origin #{project.ssh_url_to_repo}/) }
+      context 'http protocol' do
+        let(:protocol) { 'http' }
 
-        context 'http protocol' do
-          let(:protocol) { 'http' }
-          it { expect { push_access_check }.to raise_not_found(/git remote set-url origin #{project.http_url_to_repo}/) }
+        it 'includes the path to the project using HTTP' do
+          aggregate_failures do
+            expect { push_access_check }.to raise_error(described_class::ProjectMovedError, /git remote set-url origin #{project.http_url_to_repo}/)
+            expect { pull_access_check }.to raise_error(described_class::ProjectMovedError, /git remote set-url origin #{project.http_url_to_repo}/)
+          end
         end
       end
     end
@@ -242,40 +234,28 @@ describe Gitlab::GitAccess do
   end
 
   describe '#check_download_access!' do
-    describe 'master permissions' do
-      before do
-        project.team << [user, :master]
-      end
+    it 'allows masters to pull' do
+      project.add_master(user)
 
-      context 'pull code' do
-        it { expect { pull_access_check }.not_to raise_error }
-      end
+      expect { pull_access_check }.not_to raise_error
     end
 
-    describe 'guest permissions' do
-      before do
-        project.team << [user, :guest]
-      end
+    it 'disallows guests to pull' do
+      project.add_guest(user)
 
-      context 'pull code' do
-        it { expect { pull_access_check }.to raise_unauthorized('You are not allowed to download code from this project.') }
-      end
+      expect { pull_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:download])
     end
 
-    describe 'blocked user' do
-      before do
-        project.team << [user, :master]
-        user.block
-      end
+    it 'disallows blocked users to pull' do
+      project.add_master(user)
+      user.block
 
-      context 'pull code' do
-        it { expect { pull_access_check }.to raise_unauthorized('Your account has been blocked.') }
-      end
+      expect { pull_access_check }.to raise_unauthorized('Your account has been blocked.')
     end
 
     describe 'without access to project' do
       context 'pull code' do
-        it { expect { pull_access_check }.to raise_not_found('The project you were looking for could not be found.') }
+        it { expect { pull_access_check }.to raise_not_found }
       end
 
       context 'when project is public' do
@@ -292,7 +272,7 @@ describe Gitlab::GitAccess do
           it 'does not give access to download code' do
             public_project.project_feature.update_attribute(:repository_access_level, ProjectFeature::DISABLED)
 
-            expect { pull_access_check }.to raise_unauthorized('You are not allowed to download code from this project.')
+            expect { pull_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:download])
           end
         end
       end
@@ -321,13 +301,13 @@ describe Gitlab::GitAccess do
           context 'from internal project' do
             let(:project) { create(:project, :internal, :repository) }
 
-            it { expect { pull_access_check }.to raise_not_found('The project you were looking for could not be found.') }
+            it { expect { pull_access_check }.to raise_not_found }
           end
 
           context 'from private project' do
             let(:project) { create(:project, :private, :repository) }
 
-            it { expect { pull_access_check }.to raise_not_found('The project you were looking for could not be found.') }
+            it { expect { pull_access_check }.to raise_not_found }
           end
         end
       end
@@ -369,7 +349,7 @@ describe Gitlab::GitAccess do
 
         context 'when is not member of the project' do
           context 'pull code' do
-            it { expect { pull_access_check }.to raise_unauthorized('You are not allowed to download code from this project.') }
+            it { expect { pull_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:download]) }
           end
         end
       end
@@ -428,28 +408,30 @@ describe Gitlab::GitAccess do
       end
     end
 
-    # Run permission checks for a user
     def self.run_permission_checks(permissions_matrix)
-      permissions_matrix.keys.each do |role|
-        describe "#{role} access" do
-          before do
-            if role == :admin
-              user.update_attribute(:admin, true)
-            else
-              project.team << [user, role]
-            end
+      permissions_matrix.each_pair do |role, matrix|
+        # Run through the entire matrix for this role in one test to avoid
+        # repeated setup.
+        #
+        # Expectations are given a custom failure message proc so that it's
+        # easier to identify which check(s) failed.
+        it "has the correct permissions for #{role}s" do
+          if role == :admin
+            user.update_attribute(:admin, true)
+          else
+            project.team << [user, role]
           end
 
-          permissions_matrix[role].each do |action, allowed|
-            context action.to_s do
-              subject { access.send(:check_push_access!, changes[action]) }
+          aggregate_failures do
+            matrix.each do |action, allowed|
+              check = -> { access.send(:check_push_access!, changes[action]) }
 
-              it do
-                if allowed
-                  expect { subject }.not_to raise_error
-                else
-                  expect { subject }.to raise_error(Gitlab::GitAccess::UnauthorizedError)
-                end
+              if allowed
+                expect(&check).not_to raise_error,
+                  -> { "expected #{action} to be allowed" }
+              else
+                expect(&check).to raise_error(Gitlab::GitAccess::UnauthorizedError),
+                  -> { "expected #{action} to be disallowed" }
               end
             end
           end
@@ -588,26 +570,26 @@ describe Gitlab::GitAccess do
         project.team << [user, :reporter]
       end
 
-      it { expect { push_access_check }.to raise_unauthorized('You are not allowed to upload code for this project.') }
+      it { expect { push_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:upload]) }
     end
 
     context 'when unauthorized' do
       context 'to public project' do
         let(:project) { create(:project, :public, :repository) }
 
-        it { expect { push_access_check }.to raise_unauthorized('You are not allowed to upload code for this project.') }
+        it { expect { push_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:upload]) }
       end
 
       context 'to internal project' do
         let(:project) { create(:project, :internal, :repository) }
 
-        it { expect { push_access_check }.to raise_unauthorized('You are not allowed to upload code for this project.') }
+        it { expect { push_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:upload]) }
       end
 
       context 'to private project' do
         let(:project) { create(:project, :private, :repository) }
 
-        it { expect { push_access_check }.to raise_not_found('The project you were looking for could not be found.') }
+        it { expect { push_access_check }.to raise_not_found }
       end
     end
   end
@@ -631,19 +613,19 @@ describe Gitlab::GitAccess do
         context 'to public project' do
           let(:project) { create(:project, :public, :repository) }
 
-          it { expect { push_access_check }.to raise_unauthorized('This deploy key does not have write access to this project.') }
+          it { expect { push_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:deploy_key_upload]) }
         end
 
         context 'to internal project' do
           let(:project) { create(:project, :internal, :repository) }
 
-          it { expect { push_access_check }.to raise_not_found('The project you were looking for could not be found.') }
+          it { expect { push_access_check }.to raise_not_found }
         end
 
         context 'to private project' do
           let(:project) { create(:project, :private, :repository) }
 
-          it { expect { push_access_check }.to raise_not_found('The project you were looking for could not be found.') }
+          it { expect { push_access_check }.to raise_not_found }
         end
       end
     end
@@ -656,26 +638,26 @@ describe Gitlab::GitAccess do
           key.projects << project
         end
 
-        it { expect { push_access_check }.to raise_unauthorized('This deploy key does not have write access to this project.') }
+        it { expect { push_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:deploy_key_upload]) }
       end
 
       context 'when unauthorized' do
         context 'to public project' do
           let(:project) { create(:project, :public, :repository) }
 
-          it { expect { push_access_check }.to raise_unauthorized('This deploy key does not have write access to this project.') }
+          it { expect { push_access_check }.to raise_unauthorized(described_class::ERROR_MESSAGES[:deploy_key_upload]) }
         end
 
         context 'to internal project' do
           let(:project) { create(:project, :internal, :repository) }
 
-          it { expect { push_access_check }.to raise_not_found('The project you were looking for could not be found.') }
+          it { expect { push_access_check }.to raise_not_found }
         end
 
         context 'to private project' do
           let(:project) { create(:project, :private, :repository) }
 
-          it { expect { push_access_check }.to raise_not_found('The project you were looking for could not be found.') }
+          it { expect { push_access_check }.to raise_not_found }
         end
       end
     end
@@ -687,8 +669,9 @@ describe Gitlab::GitAccess do
     raise_error(Gitlab::GitAccess::UnauthorizedError, message)
   end
 
-  def raise_not_found(message)
-    raise_error(Gitlab::GitAccess::NotFoundError, message)
+  def raise_not_found
+    raise_error(Gitlab::GitAccess::NotFoundError,
+                Gitlab::GitAccess::ERROR_MESSAGES[:project_not_found])
   end
 
   def build_authentication_abilities
diff --git a/spec/lib/gitlab/gitaly_client/ref_service_spec.rb b/spec/lib/gitlab/gitaly_client/ref_service_spec.rb
index 46efc1b18f0..6f59750b4da 100644
--- a/spec/lib/gitlab/gitaly_client/ref_service_spec.rb
+++ b/spec/lib/gitlab/gitaly_client/ref_service_spec.rb
@@ -1,10 +1,11 @@
 require 'spec_helper'
 
 describe Gitlab::GitalyClient::RefService do
-  let(:project) { create(:project) }
+  let(:project) { create(:project, :repository) }
   let(:storage_name) { project.repository_storage }
   let(:relative_path) { project.disk_path + '.git' }
-  let(:client) { described_class.new(project.repository) }
+  let(:repository) { project.repository }
+  let(:client) { described_class.new(repository) }
 
   describe '#branches' do
     it 'sends a find_all_branches message' do
@@ -84,11 +85,23 @@ describe Gitlab::GitalyClient::RefService do
   end
 
   describe '#find_ref_name', seed_helper: true do
-    let(:repository) { Gitlab::Git::Repository.new('default', TEST_REPO_PATH) }
-    let(:client) { described_class.new(repository) }
     subject { client.find_ref_name(SeedRepo::Commit::ID, 'refs/heads/master') }
 
     it { is_expected.to be_utf8 }
     it { is_expected.to eq('refs/heads/master') }
   end
+
+  describe '#ref_exists?', seed_helper: true do
+    it 'finds the master branch ref' do
+      expect(client.ref_exists?('refs/heads/master')).to eq(true)
+    end
+
+    it 'returns false for an illegal tag name ref' do
+      expect(client.ref_exists?('refs/tags/.this-tag-name-is-illegal')).to eq(false)
+    end
+
+    it 'raises an argument error if the ref name parameter does not start with refs/' do
+      expect { client.ref_exists?('reXXXXX') }.to raise_error(ArgumentError)
+    end
+  end
 end
diff --git a/spec/lib/gitlab/gitaly_client/repository_service_spec.rb b/spec/lib/gitlab/gitaly_client/repository_service_spec.rb
new file mode 100644
index 00000000000..fd5f984601e
--- /dev/null
+++ b/spec/lib/gitlab/gitaly_client/repository_service_spec.rb
@@ -0,0 +1,76 @@
+require 'spec_helper'
+
+describe Gitlab::GitalyClient::RepositoryService do
+  let(:project) { create(:project) }
+  let(:storage_name) { project.repository_storage }
+  let(:relative_path) { project.disk_path + '.git' }
+  let(:client) { described_class.new(project.repository) }
+
+  describe '#exists?' do
+    it 'sends a repository_exists message' do
+      expect_any_instance_of(Gitaly::RepositoryService::Stub)
+        .to receive(:repository_exists)
+        .with(gitaly_request_with_path(storage_name, relative_path), kind_of(Hash))
+        .and_return(double(exists: true))
+
+      client.exists?
+    end
+  end
+
+  describe '#garbage_collect' do
+    it 'sends a garbage_collect message' do
+      expect_any_instance_of(Gitaly::RepositoryService::Stub)
+        .to receive(:garbage_collect)
+        .with(gitaly_request_with_path(storage_name, relative_path), kind_of(Hash))
+        .and_return(double(:garbage_collect_response))
+
+      client.garbage_collect(true)
+    end
+  end
+
+  describe '#repack_full' do
+    it 'sends a repack_full message' do
+      expect_any_instance_of(Gitaly::RepositoryService::Stub)
+        .to receive(:repack_full)
+        .with(gitaly_request_with_path(storage_name, relative_path), kind_of(Hash))
+        .and_return(double(:repack_full_response))
+
+      client.repack_full(true)
+    end
+  end
+
+  describe '#repack_incremental' do
+    it 'sends a repack_incremental message' do
+      expect_any_instance_of(Gitaly::RepositoryService::Stub)
+        .to receive(:repack_incremental)
+        .with(gitaly_request_with_path(storage_name, relative_path), kind_of(Hash))
+        .and_return(double(:repack_incremental_response))
+
+      client.repack_incremental
+    end
+  end
+
+  describe '#repository_size' do
+    it 'sends a repository_size message' do
+      expect_any_instance_of(Gitaly::RepositoryService::Stub)
+        .to receive(:repository_size)
+        .with(gitaly_request_with_path(storage_name, relative_path), kind_of(Hash))
+        .and_return(size: 0)
+
+      client.repository_size
+    end
+  end
+
+  describe '#apply_gitattributes' do
+    let(:revision) { 'master' }
+
+    it 'sends an apply_gitattributes message' do
+      expect_any_instance_of(Gitaly::RepositoryService::Stub)
+        .to receive(:apply_gitattributes)
+        .with(gitaly_request_with_path(storage_name, relative_path), kind_of(Hash))
+        .and_return(double(:apply_gitattributes_response))
+
+      client.apply_gitattributes(revision)
+    end
+  end
+end
diff --git a/spec/lib/gitlab/gpg/commit_spec.rb b/spec/lib/gitlab/gpg/commit_spec.rb
index ddb8dd9f0f4..e521fcc6dc1 100644
--- a/spec/lib/gitlab/gpg/commit_spec.rb
+++ b/spec/lib/gitlab/gpg/commit_spec.rb
@@ -1,13 +1,13 @@
 require 'rails_helper'
 
-RSpec.describe Gitlab::Gpg::Commit do
+describe Gitlab::Gpg::Commit do
   describe '#signature' do
     let!(:project) { create :project, :repository, path: 'sample-project' }
     let!(:commit_sha) { '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33'  }
 
-    context 'unisgned commit' do
+    context 'unsigned commit' do
       it 'returns nil' do
-        expect(described_class.new(project.commit).signature).to be_nil
+        expect(described_class.new(project, commit_sha).signature).to be_nil
       end
     end
 
@@ -16,18 +16,19 @@ RSpec.describe Gitlab::Gpg::Commit do
         create :gpg_key, key: GpgHelpers::User1.public_key, user: create(:user, email: GpgHelpers::User1.emails.first)
       end
 
-      let!(:commit) do
-        raw_commit = double(:raw_commit, signature: [
-          GpgHelpers::User1.signed_commit_signature,
-          GpgHelpers::User1.signed_commit_base_data
-        ], sha: commit_sha)
-        allow(raw_commit).to receive :save!
-
-        create :commit, git_commit: raw_commit, project: project
+      before do
+        allow(Rugged::Commit).to receive(:extract_signature)
+          .with(Rugged::Repository, commit_sha)
+          .and_return(
+            [
+              GpgHelpers::User1.signed_commit_signature,
+              GpgHelpers::User1.signed_commit_base_data
+            ]
+          )
       end
 
       it 'returns a valid signature' do
-        expect(described_class.new(commit).signature).to have_attributes(
+        expect(described_class.new(project, commit_sha).signature).to have_attributes(
           commit_sha: commit_sha,
           project: project,
           gpg_key: gpg_key,
@@ -39,7 +40,7 @@ RSpec.describe Gitlab::Gpg::Commit do
       end
 
       it 'returns the cached signature on second call' do
-        gpg_commit = described_class.new(commit)
+        gpg_commit = described_class.new(project, commit_sha)
 
         expect(gpg_commit).to receive(:using_keychain).and_call_original
         gpg_commit.signature
@@ -53,18 +54,19 @@ RSpec.describe Gitlab::Gpg::Commit do
     context 'known but unverified public key' do
       let!(:gpg_key) { create :gpg_key, key: GpgHelpers::User1.public_key }
 
-      let!(:commit) do
-        raw_commit = double(:raw_commit, signature: [
-          GpgHelpers::User1.signed_commit_signature,
-          GpgHelpers::User1.signed_commit_base_data
-        ], sha: commit_sha)
-        allow(raw_commit).to receive :save!
-
-        create :commit, git_commit: raw_commit, project: project
+      before do
+        allow(Rugged::Commit).to receive(:extract_signature)
+          .with(Rugged::Repository, commit_sha)
+          .and_return(
+            [
+              GpgHelpers::User1.signed_commit_signature,
+              GpgHelpers::User1.signed_commit_base_data
+            ]
+          )
       end
 
       it 'returns an invalid signature' do
-        expect(described_class.new(commit).signature).to have_attributes(
+        expect(described_class.new(project, commit_sha).signature).to have_attributes(
           commit_sha: commit_sha,
           project: project,
           gpg_key: gpg_key,
@@ -76,7 +78,7 @@ RSpec.describe Gitlab::Gpg::Commit do
       end
 
       it 'returns the cached signature on second call' do
-        gpg_commit = described_class.new(commit)
+        gpg_commit = described_class.new(project, commit_sha)
 
         expect(gpg_commit).to receive(:using_keychain).and_call_original
         gpg_commit.signature
@@ -88,20 +90,19 @@ RSpec.describe Gitlab::Gpg::Commit do
     end
 
     context 'unknown public key' do
-      let!(:commit) do
-        raw_commit = double(:raw_commit, signature: [
-          GpgHelpers::User1.signed_commit_signature,
-          GpgHelpers::User1.signed_commit_base_data
-        ], sha: commit_sha)
-        allow(raw_commit).to receive :save!
-
-        create :commit,
-          git_commit: raw_commit,
-          project: project
+      before do
+        allow(Rugged::Commit).to receive(:extract_signature)
+          .with(Rugged::Repository, commit_sha)
+          .and_return(
+            [
+              GpgHelpers::User1.signed_commit_signature,
+              GpgHelpers::User1.signed_commit_base_data
+            ]
+          )
       end
 
       it 'returns an invalid signature' do
-        expect(described_class.new(commit).signature).to have_attributes(
+        expect(described_class.new(project, commit_sha).signature).to have_attributes(
           commit_sha: commit_sha,
           project: project,
           gpg_key: nil,
@@ -113,7 +114,7 @@ RSpec.describe Gitlab::Gpg::Commit do
       end
 
       it 'returns the cached signature on second call' do
-        gpg_commit = described_class.new(commit)
+        gpg_commit = described_class.new(project, commit_sha)
 
         expect(gpg_commit).to receive(:using_keychain).and_call_original
         gpg_commit.signature
diff --git a/spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb b/spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb
index c4e04ee46a2..4de4419de27 100644
--- a/spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb
+++ b/spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb
@@ -4,23 +4,16 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
   describe '#run' do
     let!(:commit_sha) { '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33' }
     let!(:project) { create :project, :repository, path: 'sample-project' }
-    let!(:raw_commit) do
-      raw_commit = double(:raw_commit, signature: [
-        GpgHelpers::User1.signed_commit_signature,
-        GpgHelpers::User1.signed_commit_base_data
-      ], sha: commit_sha)
-
-      allow(raw_commit).to receive :save!
-
-      raw_commit
-    end
-
-    let!(:commit) do
-      create :commit, git_commit: raw_commit, project: project
-    end
 
     before do
-      allow_any_instance_of(Project).to receive(:commit).and_return(commit)
+      allow(Rugged::Commit).to receive(:extract_signature)
+        .with(Rugged::Repository, commit_sha)
+        .and_return(
+          [
+            GpgHelpers::User1.signed_commit_signature,
+            GpgHelpers::User1.signed_commit_base_data
+          ]
+        )
     end
 
     context 'gpg signature did have an associated gpg key which was removed later' do
diff --git a/spec/lib/gitlab/import_export/project.light.json b/spec/lib/gitlab/import_export/project.light.json
index a78836c3c34..2d8f3d4a566 100644
--- a/spec/lib/gitlab/import_export/project.light.json
+++ b/spec/lib/gitlab/import_export/project.light.json
@@ -2,6 +2,20 @@
   "description": "Nisi et repellendus ut enim quo accusamus vel magnam.",
   "visibility_level": 10,
   "archived": false,
+  "milestones": [
+    {
+      "id": 1,
+      "title": "test milestone",
+      "project_id": 8,
+      "description": "test milestone",
+      "due_date": null,
+      "created_at": "2016-06-14T15:02:04.415Z",
+      "updated_at": "2016-06-14T15:02:04.415Z",
+      "state": "active",
+      "iid": 1,
+      "group_id": null
+    }
+  ],
   "labels": [
     {
       "id": 2,
@@ -14,20 +28,6 @@
       "description": "",
       "type": "ProjectLabel",
       "priorities": [
-      ]
-    },
-    {
-      "id": 3,
-      "title": "test3",
-      "color": "#428bca",
-      "group_id": 8,
-      "created_at": "2016-07-22T08:55:44.161Z",
-      "updated_at": "2016-07-22T08:55:44.161Z",
-      "template": false,
-      "description": "",
-      "project_id": null,
-      "type": "GroupLabel",
-      "priorities": [
         {
           "id": 1,
           "project_id": 5,
@@ -39,10 +39,80 @@
       ]
     }
   ],
+  "issues": [
+    {
+      "id": 1,
+      "title": "Fugiat est minima quae maxime non similique.",
+      "assignee_id": null,
+      "project_id": 8,
+      "author_id": 1,
+      "created_at": "2017-07-07T18:13:01.138Z",
+      "updated_at": "2017-08-15T18:37:40.807Z",
+      "branch_name": null,
+      "description": "Quam totam fuga numquam in eveniet.",
+      "state": "opened",
+      "iid": 20,
+      "updated_by_id": 1,
+      "confidential": false,
+      "deleted_at": null,
+      "due_date": null,
+      "moved_to_id": null,
+      "lock_version": null,
+      "time_estimate": 0,
+      "closed_at": null,
+      "last_edited_at": null,
+      "last_edited_by_id": null,
+      "group_milestone_id": null,
+      "label_links": [
+        {
+          "id": 11,
+          "label_id": 6,
+          "target_id": 1,
+          "target_type": "Issue",
+          "created_at": "2017-08-15T18:37:40.795Z",
+          "updated_at": "2017-08-15T18:37:40.795Z",
+          "label": {
+            "id": 6,
+            "title": "group label",
+            "color": "#A8D695",
+            "project_id": null,
+            "created_at": "2017-08-15T18:37:19.698Z",
+            "updated_at": "2017-08-15T18:37:19.698Z",
+            "template": false,
+            "description": "",
+            "group_id": 5,
+            "type": "GroupLabel",
+            "priorities": []
+          }
+        },
+        {
+          "id": 11,
+          "label_id": 2,
+          "target_id": 1,
+          "target_type": "Issue",
+          "created_at": "2017-08-15T18:37:40.795Z",
+          "updated_at": "2017-08-15T18:37:40.795Z",
+          "label": {
+            "id": 6,
+            "title": "project label",
+            "color": "#A8D695",
+            "project_id": null,
+            "created_at": "2017-08-15T18:37:19.698Z",
+            "updated_at": "2017-08-15T18:37:19.698Z",
+            "template": false,
+            "description": "",
+            "group_id": 5,
+            "type": "ProjectLabel",
+            "priorities": []
+          }
+        }
+      ]
+    }
+  ],
   "snippets": [
 
   ],
   "hooks": [
 
   ]
-}
\ No newline at end of file
+}
diff --git a/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb b/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
index 7ee0e22f28d..956f1d56eb4 100644
--- a/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
+++ b/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
@@ -183,7 +183,8 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
     let(:restored_project_json) { project_tree_restorer.restore }
 
     before do
-      allow(ImportExport).to receive(:project_filename).and_return('project.light.json')
+      project_tree_restorer.instance_variable_set(:@path, "spec/lib/gitlab/import_export/project.light.json")
+
       allow(shared).to receive(:export_path).and_return('spec/lib/gitlab/import_export/')
     end
 
@@ -195,7 +196,7 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
 
           restored_project_json
 
-          expect(shared.errors.first).not_to include('test')
+          expect(shared.errors.first).to be_nil
         end
       end
     end
@@ -219,15 +220,42 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
       end
 
       before do
+        project_tree_restorer.instance_variable_set(:@path, "spec/lib/gitlab/import_export/project.light.json")
+
         restored_project_json
       end
 
-      it 'has group labels' do
-        expect(GroupLabel.count).to eq(1)
+      it 'correctly restores project' do
+        expect(restored_project_json).to be_truthy
+        expect(shared.errors).to be_empty
+      end
+
+      it 'has labels' do
+        expect(project.labels.count).to eq(2)
+      end
+
+      it 'creates group label' do
+        expect(project.group.labels.count).to eq(1)
       end
 
       it 'has label priorities' do
-        expect(GroupLabel.first.priorities).not_to be_empty
+        expect(project.labels.first.priorities).not_to be_empty
+      end
+
+      it 'has milestones' do
+        expect(project.milestones.count).to eq(1)
+      end
+
+      it 'has issue' do
+        expect(project.issues.count).to eq(1)
+        expect(project.issues.first.labels.count).to eq(2)
+      end
+
+      it 'has issue with group label and project label' do
+        labels = project.issues.first.labels
+
+        expect(labels.where(type: "GroupLabel").count).to eq(1)
+        expect(labels.where(type: "ProjectLabel").count).to eq(1)
       end
     end
   end
diff --git a/spec/lib/gitlab/key_fingerprint_spec.rb b/spec/lib/gitlab/key_fingerprint_spec.rb
index f5fd5a96bc9..d643dc5342d 100644
--- a/spec/lib/gitlab/key_fingerprint_spec.rb
+++ b/spec/lib/gitlab/key_fingerprint_spec.rb
@@ -30,8 +30,8 @@ describe Gitlab::KeyFingerprint, lib: true do
 
   MD5_FINGERPRINTS = {
     rsa: '06:b2:8a:92:df:0e:11:2c:ca:7b:8f:a4:ba:6e:4b:fd',
-    ecdsa: '45:ff:5b:98:9a:b6:8a:41:13:c1:30:8b:09:5e:7b:4e', 
-    ed25519: '2e:65:6a:c8:cf:bf:b2:8b:9a:bd:6d:9f:11:5c:12:16', 
+    ecdsa: '45:ff:5b:98:9a:b6:8a:41:13:c1:30:8b:09:5e:7b:4e',
+    ed25519: '2e:65:6a:c8:cf:bf:b2:8b:9a:bd:6d:9f:11:5c:12:16',
     dss: '57:98:86:02:5f:9c:f4:9b:ad:5a:1e:51:92:0e:fd:2b'
   }.freeze
 
diff --git a/spec/lib/gitlab/ldap/auth_hash_spec.rb b/spec/lib/gitlab/ldap/auth_hash_spec.rb
index 57a91193004..8370adf9211 100644
--- a/spec/lib/gitlab/ldap/auth_hash_spec.rb
+++ b/spec/lib/gitlab/ldap/auth_hash_spec.rb
@@ -4,8 +4,8 @@ describe Gitlab::LDAP::AuthHash do
   let(:auth_hash) do
     described_class.new(
       OmniAuth::AuthHash.new(
-        uid: '123456', 
-        provider: 'ldapmain', 
+        uid: '123456',
+        provider: 'ldapmain',
         info: info,
         extra: {
           raw_info: raw_info
@@ -33,11 +33,11 @@ describe Gitlab::LDAP::AuthHash do
 
   context "without overridden attributes" do
     it "has the correct username" do
-      expect(auth_hash.username).to eq("123456") 
+      expect(auth_hash.username).to eq("123456")
     end
 
     it "has the correct name" do
-      expect(auth_hash.name).to eq("Smith, J.") 
+      expect(auth_hash.name).to eq("Smith, J.")
     end
   end
 
@@ -54,11 +54,11 @@ describe Gitlab::LDAP::AuthHash do
     end
 
     it "has the correct username" do
-      expect(auth_hash.username).to eq("johnsmith@example.com") 
+      expect(auth_hash.username).to eq("johnsmith@example.com")
     end
 
     it "has the correct name" do
-      expect(auth_hash.name).to eq("John Smith") 
+      expect(auth_hash.name).to eq("John Smith")
     end
   end
 end
diff --git a/spec/lib/gitlab/o_auth/user_spec.rb b/spec/lib/gitlab/o_auth/user_spec.rb
index 15edb820908..2cf0f7516de 100644
--- a/spec/lib/gitlab/o_auth/user_spec.rb
+++ b/spec/lib/gitlab/o_auth/user_spec.rb
@@ -481,7 +481,7 @@ describe Gitlab::OAuth::User do
           email: 'admin@othermail.com'
         }
       end
-      
+
       it 'generates the username with a counter' do
         expect(gl_user.username).to eq('admin1')
       end
diff --git a/spec/lib/gitlab/prometheus/additional_metrics_parser_spec.rb b/spec/lib/gitlab/prometheus/additional_metrics_parser_spec.rb
index d7df4e35c31..5589db92b1d 100644
--- a/spec/lib/gitlab/prometheus/additional_metrics_parser_spec.rb
+++ b/spec/lib/gitlab/prometheus/additional_metrics_parser_spec.rb
@@ -24,7 +24,7 @@ describe Gitlab::Prometheus::AdditionalMetricsParser do
                 queries: [{ query_range: 'query_range_empty' }]
           - group: group_b
             priority: 1
-            metrics: 
+            metrics:
               - title: title
                 required_metrics: ['metric_a']
                 weight: 1
@@ -148,7 +148,7 @@ describe Gitlab::Prometheus::AdditionalMetricsParser do
             - group: group_a
               priority: 1
               metrics:
-              - title: 
+              - title:
                 required_metrics: []
                 weight: 1
                 queries: []
diff --git a/spec/lib/gitlab/redis/wrapper_spec.rb b/spec/lib/gitlab/redis/wrapper_spec.rb
index e1becd0a614..0c22a0d62cc 100644
--- a/spec/lib/gitlab/redis/wrapper_spec.rb
+++ b/spec/lib/gitlab/redis/wrapper_spec.rb
@@ -17,4 +17,11 @@ describe Gitlab::Redis::Wrapper do
   let(:class_redis_url) { Gitlab::Redis::Wrapper::DEFAULT_REDIS_URL }
 
   include_examples "redis_shared_examples"
+
+  describe '.config_file_path' do
+    it 'returns the absolute path to the configuration file' do
+      expect(described_class.config_file_path('foo.yml'))
+        .to eq Rails.root.join('config', 'foo.yml').to_s
+    end
+  end
 end
diff --git a/spec/lib/gitlab/shell_spec.rb b/spec/lib/gitlab/shell_spec.rb
index 2345874cf10..cfadee0bcf5 100644
--- a/spec/lib/gitlab/shell_spec.rb
+++ b/spec/lib/gitlab/shell_spec.rb
@@ -94,28 +94,41 @@ describe Gitlab::Shell do
   end
 
   describe 'projects commands' do
-    let(:projects_path) { 'tmp/tests/shell-projects-test/bin/gitlab-projects' }
+    let(:gitlab_shell_path) { File.expand_path('tmp/tests/gitlab-shell') }
+    let(:projects_path) { File.join(gitlab_shell_path, 'bin/gitlab-projects') }
+    let(:gitlab_shell_hooks_path) { File.join(gitlab_shell_path, 'hooks') }
 
     before do
-      allow(Gitlab.config.gitlab_shell).to receive(:path).and_return('tmp/tests/shell-projects-test')
+      allow(Gitlab.config.gitlab_shell).to receive(:path).and_return(gitlab_shell_path)
+      allow(Gitlab.config.gitlab_shell).to receive(:hooks_path).and_return(gitlab_shell_hooks_path)
       allow(Gitlab.config.gitlab_shell).to receive(:git_timeout).and_return(800)
     end
 
     describe '#add_repository' do
-      it 'returns true when the command succeeds' do
-        expect(Gitlab::Popen).to receive(:popen)
-          .with([projects_path, 'add-project', 'current/storage', 'project/path.git'],
-                nil, popen_vars).and_return([nil, 0])
+      it 'creates a repository' do
+        created_path = File.join(TestEnv.repos_path, 'project', 'path.git')
+        hooks_path = File.join(created_path, 'hooks')
+
+        begin
+          result = gitlab_shell.add_repository(TestEnv.repos_path, 'project/path')
+
+          repo_stat = File.stat(created_path) rescue nil
+          hooks_stat = File.lstat(hooks_path) rescue nil
+          hooks_dir = File.realpath(hooks_path)
+        ensure
+          FileUtils.rm_rf(created_path)
+        end
 
-        expect(gitlab_shell.add_repository('current/storage', 'project/path')).to be true
+        expect(result).to be_truthy
+        expect(repo_stat.mode & 0o777).to eq(0o770)
+        expect(hooks_stat.symlink?).to be_truthy
+        expect(hooks_dir).to eq(gitlab_shell_hooks_path)
       end
 
       it 'returns false when the command fails' do
-        expect(Gitlab::Popen).to receive(:popen)
-          .with([projects_path, 'add-project', 'current/storage', 'project/path.git'],
-                nil, popen_vars).and_return(["error", 1])
+        expect(FileUtils).to receive(:mkdir_p).and_raise(Errno::EEXIST)
 
-        expect(gitlab_shell.add_repository('current/storage', 'project/path')).to be false
+        expect(gitlab_shell.add_repository('current/storage', 'project/path')).to be_falsy
       end
     end
 
diff --git a/spec/lib/gitlab/string_range_marker_spec.rb b/spec/lib/gitlab/string_range_marker_spec.rb
index abeaa7f0ddb..6bc02459dbd 100644
--- a/spec/lib/gitlab/string_range_marker_spec.rb
+++ b/spec/lib/gitlab/string_range_marker_spec.rb
@@ -2,34 +2,39 @@ require 'spec_helper'
 
 describe Gitlab::StringRangeMarker do
   describe '#mark' do
+    def mark_diff(rich = nil)
+      raw = 'abc <def>'
+      inline_diffs = [2..5]
+
+      described_class.new(raw, rich).mark(inline_diffs) do |text, left:, right:|
+        "LEFT#{text}RIGHT"
+      end
+    end
+
     context "when the rich text is html safe" do
-      let(:raw)  { "abc <def>" }
       let(:rich) { %{<span class="abc">abc</span><span class="space"> </span><span class="def">&lt;def&gt;</span>}.html_safe }
-      let(:inline_diffs) { [2..5] }
-      subject do
-        described_class.new(raw, rich).mark(inline_diffs) do |text, left:, right:|
-          "LEFT#{text}RIGHT"
-        end
-      end
 
       it 'marks the inline diffs' do
-        expect(subject).to eq(%{<span class="abc">abLEFTcRIGHT</span><span class="space">LEFT RIGHT</span><span class="def">LEFT&lt;dRIGHTef&gt;</span>})
-        expect(subject).to be_html_safe
+        expect(mark_diff(rich)).to eq(%{<span class="abc">abLEFTcRIGHT</span><span class="space">LEFT RIGHT</span><span class="def">LEFT&lt;dRIGHTef&gt;</span>})
+        expect(mark_diff(rich)).to be_html_safe
       end
     end
 
     context "when the rich text is not html safe" do
-      let(:raw)  { "abc <def>" }
-      let(:inline_diffs) { [2..5] }
-      subject do
-        described_class.new(raw).mark(inline_diffs) do |text, left:, right:|
-          "LEFT#{text}RIGHT"
+      context 'when rich text equals raw text' do
+        it 'marks the inline diffs' do
+          expect(mark_diff).to eq(%{abLEFTc <dRIGHTef>})
+          expect(mark_diff).not_to be_html_safe
         end
       end
 
-      it 'marks the inline diffs' do
-        expect(subject).to eq(%{abLEFTc &lt;dRIGHTef&gt;})
-        expect(subject).to be_html_safe
+      context 'when rich text doeas not equal raw text' do
+        let(:rich)  { "abc <def> differs" }
+
+        it 'marks the inline diffs' do
+          expect(mark_diff(rich)).to eq(%{abLEFTc &lt;dRIGHTef&gt; differs})
+          expect(mark_diff(rich)).to be_html_safe
+        end
       end
     end
   end
diff --git a/spec/lib/gitlab/utils_spec.rb b/spec/lib/gitlab/utils_spec.rb
index 111c873f79c..92787bb262e 100644
--- a/spec/lib/gitlab/utils_spec.rb
+++ b/spec/lib/gitlab/utils_spec.rb
@@ -1,7 +1,21 @@
 require 'spec_helper'
 
 describe Gitlab::Utils do
-  delegate :to_boolean, :boolean_to_yes_no, to: :described_class
+  delegate :to_boolean, :boolean_to_yes_no, :slugify, to: :described_class
+
+  describe '.slugify' do
+    {
+      'TEST' => 'test',
+      'project_with_underscores' => 'project-with-underscores',
+      'namespace/project' =>  'namespace-project',
+      'a' * 70 => 'a' * 63,
+      'test_trailing_' => 'test-trailing'
+    }.each do |original, expected|
+      it "slugifies #{original} to #{expected}" do
+        expect(slugify(original)).to eq(expected)
+      end
+    end
+  end
 
   describe '.to_boolean' do
     it 'accepts booleans' do
diff --git a/spec/migrations/migrate_old_artifacts_spec.rb b/spec/migrations/migrate_old_artifacts_spec.rb
index cfe1ca481b2..81366d15b34 100644
--- a/spec/migrations/migrate_old_artifacts_spec.rb
+++ b/spec/migrations/migrate_old_artifacts_spec.rb
@@ -10,7 +10,7 @@ describe MigrateOldArtifacts do
   before do
     allow(Gitlab.config.artifacts).to receive(:path).and_return(directory)
   end
-  
+
   after do
     FileUtils.remove_entry_secure(directory)
   end
@@ -95,7 +95,7 @@ describe MigrateOldArtifacts do
       FileUtils.copy(
         Rails.root.join('spec/fixtures/ci_build_artifacts.zip'),
         File.join(legacy_path(build), "ci_build_artifacts.zip"))
-  
+
       FileUtils.copy(
         Rails.root.join('spec/fixtures/ci_build_artifacts_metadata.gz'),
         File.join(legacy_path(build), "ci_build_artifacts_metadata.gz"))
diff --git a/spec/migrations/remove_dot_git_from_usernames_spec.rb b/spec/migrations/remove_dot_git_from_usernames_spec.rb
index 8737e00eaeb..129374cb38c 100644
--- a/spec/migrations/remove_dot_git_from_usernames_spec.rb
+++ b/spec/migrations/remove_dot_git_from_usernames_spec.rb
@@ -51,7 +51,6 @@ describe RemoveDotGitFromUsernames do
     namespace.path = path
     namespace.save!(validate: false)
 
-    user.username = path
-    user.save!(validate: false)
+    user.update_column(:username, path)
   end
 end
diff --git a/spec/migrations/remove_duplicate_mr_events_spec.rb b/spec/migrations/remove_duplicate_mr_events_spec.rb
new file mode 100644
index 00000000000..e393374028f
--- /dev/null
+++ b/spec/migrations/remove_duplicate_mr_events_spec.rb
@@ -0,0 +1,26 @@
+require 'spec_helper'
+require Rails.root.join('db', 'post_migrate', '20170815060945_remove_duplicate_mr_events.rb')
+
+describe RemoveDuplicateMrEvents, truncate: true do
+  let(:migration) { described_class.new }
+
+  describe '#up' do
+    let(:user) { create(:user) }
+    let(:merge_requests) { create_list(:merge_request, 2) }
+    let(:issue) { create(:issue) }
+    let!(:events) do
+      [
+        create(:event, :created, author: user, target: merge_requests.first),
+        create(:event, :created, author: user, target: merge_requests.first),
+        create(:event, :updated, author: user, target: merge_requests.first),
+        create(:event, :created, author: user, target: merge_requests.second),
+        create(:event, :created, author: user, target: issue),
+        create(:event, :created, author: user, target: issue)
+      ]
+    end
+
+    it 'removes duplicated merge request create records' do
+      expect { migration.up }.to change { Event.count }.from(6).to(5)
+    end
+  end
+end
diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index 86afa856ea7..767f0ad9e65 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -1220,7 +1220,7 @@ describe Ci::Build do
         { key: 'CI_PROJECT_ID', value: project.id.to_s, public: true },
         { key: 'CI_PROJECT_NAME', value: project.path, public: true },
         { key: 'CI_PROJECT_PATH', value: project.full_path, public: true },
-        { key: 'CI_PROJECT_PATH_SLUG', value: project.full_path.parameterize, public: true },
+        { key: 'CI_PROJECT_PATH_SLUG', value: project.full_path_slug, public: true },
         { key: 'CI_PROJECT_NAMESPACE', value: project.namespace.full_path, public: true },
         { key: 'CI_PROJECT_URL', value: project.web_url, public: true },
         { key: 'CI_PIPELINE_ID', value: pipeline.id.to_s, public: true },
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index eba71ba2f72..5e60511f3a8 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -1610,8 +1610,7 @@ describe Project do
     it 'imports a project' do
       expect_any_instance_of(RepositoryImportWorker).to receive(:perform).and_call_original
 
-      project.import_schedule
-
+      expect { project.import_schedule }.to change { project.import_jid }
       expect(project.reload.import_status).to eq('finished')
     end
   end
@@ -1624,6 +1623,13 @@ describe Project do
         allow(Projects::HousekeepingService).to receive(:new) { housekeeping_service }
       end
 
+      it 'resets project import_error' do
+        error_message = 'Some error'
+        mirror = create(:project_empty_repo, :import_started, import_error: error_message)
+
+        expect { mirror.import_finish }.to change { mirror.import_error }.from(error_message).to(nil)
+      end
+
       it 'performs housekeeping when an import of a fresh project is completed' do
         project = create(:project_empty_repo, :import_started, import_type: :github)
 
@@ -1730,17 +1736,21 @@ describe Project do
   end
 
   describe '#add_import_job' do
+    let(:import_jid) { '123' }
+
     context 'forked' do
       let(:forked_project_link) { create(:forked_project_link, :forked_to_empty_project) }
       let(:forked_from_project) { forked_project_link.forked_from_project }
       let(:project) { forked_project_link.forked_to_project }
 
       it 'schedules a RepositoryForkWorker job' do
-        expect(RepositoryForkWorker).to receive(:perform_async)
-          .with(project.id, forked_from_project.repository_storage_path,
-              forked_from_project.disk_path, project.namespace.full_path)
+        expect(RepositoryForkWorker).to receive(:perform_async).with(
+          project.id,
+          forked_from_project.repository_storage_path,
+          forked_from_project.disk_path,
+          project.namespace.full_path).and_return(import_jid)
 
-        project.add_import_job
+        expect(project.add_import_job).to eq(import_jid)
       end
     end
 
@@ -1748,9 +1758,8 @@ describe Project do
       it 'schedules a RepositoryImportWorker job' do
         project = create(:project, import_url: generate(:url))
 
-        expect(RepositoryImportWorker).to receive(:perform_async).with(project.id)
-
-        project.add_import_job
+        expect(RepositoryImportWorker).to receive(:perform_async).with(project.id).and_return(import_jid)
+        expect(project.add_import_job).to eq(import_jid)
       end
     end
   end
@@ -2311,6 +2320,44 @@ describe Project do
     end
   end
 
+  describe '#remove_pages' do
+    let(:project) { create(:project) }
+    let(:namespace) { project.namespace }
+    let(:pages_path) { project.pages_path }
+
+    around do |example|
+      FileUtils.mkdir_p(pages_path)
+      begin
+        example.run
+      ensure
+        FileUtils.rm_rf(pages_path)
+      end
+    end
+
+    it 'removes the pages directory' do
+      expect_any_instance_of(Projects::UpdatePagesConfigurationService).to receive(:execute)
+      expect_any_instance_of(Gitlab::PagesTransfer).to receive(:rename_project).and_return(true)
+      expect(PagesWorker).to receive(:perform_in).with(5.minutes, :remove, namespace.full_path, anything)
+
+      project.remove_pages
+    end
+
+    it 'is a no-op when there is no namespace' do
+      project.update_column(:namespace_id, nil)
+
+      expect_any_instance_of(Projects::UpdatePagesConfigurationService).not_to receive(:execute)
+      expect_any_instance_of(Gitlab::PagesTransfer).not_to receive(:rename_project)
+
+      project.remove_pages
+    end
+
+    it 'is run when the project is destroyed' do
+      expect(project).to receive(:remove_pages).and_call_original
+
+      project.destroy
+    end
+  end
+
   describe '#forks_count' do
     it 'returns the number of forks' do
       project = build(:project)
diff --git a/spec/models/protectable_dropdown_spec.rb b/spec/models/protectable_dropdown_spec.rb
index 5c5dcd9f5c9..d4433a88a15 100644
--- a/spec/models/protectable_dropdown_spec.rb
+++ b/spec/models/protectable_dropdown_spec.rb
@@ -4,6 +4,13 @@ describe ProtectableDropdown do
   let(:project) { create(:project, :repository) }
   let(:subject) { described_class.new(project, :branches) }
 
+  describe 'initialize' do
+    it 'raises ArgumentError for invalid ref type' do
+      expect { described_class.new(double, :foo) }
+        .to raise_error(ArgumentError, "invalid ref type `foo`")
+    end
+  end
+
   describe '#protectable_ref_names' do
     before do
       project.protected_branches.create(name: 'master')
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 97bb91a6ac8..9a9e255f874 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -2024,4 +2024,65 @@ describe User do
       expect(user.projects_limit_left).to eq(5)
     end
   end
+
+  describe '#ensure_namespace_correct' do
+    context 'for a new user' do
+      let(:user) { build(:user) }
+
+      it 'creates the namespace' do
+        expect(user.namespace).to be_nil
+        user.save!
+        expect(user.namespace).not_to be_nil
+      end
+    end
+
+    context 'for an existing user' do
+      let(:username) { 'foo' }
+      let(:user) { create(:user, username: username) }
+
+      context 'when the user is updated' do
+        context 'when the username is changed' do
+          let(:new_username) { 'bar' }
+
+          it 'changes the namespace (just to compare to when username is not changed)' do
+            expect do
+              user.update_attributes!(username: new_username)
+            end.to change { user.namespace.updated_at }
+          end
+
+          it 'updates the namespace name' do
+            user.update_attributes!(username: new_username)
+            expect(user.namespace.name).to eq(new_username)
+          end
+
+          it 'updates the namespace path' do
+            user.update_attributes!(username: new_username)
+            expect(user.namespace.path).to eq(new_username)
+          end
+
+          context 'when there is a validation error (namespace name taken) while updating namespace' do
+            let!(:conflicting_namespace) { create(:group, name: new_username, path: 'quz') }
+
+            it 'causes the user save to fail' do
+              expect(user.update_attributes(username: new_username)).to be_falsey
+              expect(user.namespace.errors.messages[:name].first).to eq('has already been taken')
+            end
+
+            it 'adds the namespace errors to the user' do
+              user.update_attributes(username: new_username)
+              expect(user.errors.full_messages.first).to eq('Namespace name has already been taken')
+            end
+          end
+        end
+
+        context 'when the username is not changed' do
+          it 'does not change the namespace' do
+            expect do
+              user.update_attributes!(email: 'asdf@asdf.com')
+            end.not_to change { user.namespace.updated_at }
+          end
+        end
+      end
+    end
+  end
 end
diff --git a/spec/requests/api/commits_spec.rb b/spec/requests/api/commits_spec.rb
index 992a6e8d76a..dafe3f466a2 100644
--- a/spec/requests/api/commits_spec.rb
+++ b/spec/requests/api/commits_spec.rb
@@ -16,11 +16,13 @@ describe API::Commits do
   end
 
   describe 'GET /projects/:id/repository/commits' do
-    context 'authorized user' do
+    let(:route) { "/projects/#{project_id}/repository/commits" }
+
+    shared_examples_for 'project commits' do
       it "returns project commits" do
         commit = project.repository.commit
 
-        get api("/projects/#{project_id}/repository/commits", user)
+        get api(route, current_user)
 
         expect(response).to have_http_status(200)
         expect(response).to match_response_schema('public_api/v4/commits')
@@ -32,7 +34,7 @@ describe API::Commits do
       it 'include correct pagination headers' do
         commit_count = project.repository.count_commits(ref: 'master').to_s
 
-        get api("/projects/#{project_id}/repository/commits", user)
+        get api(route, current_user)
 
         expect(response).to include_pagination_headers
         expect(response.headers['X-Total']).to eq(commit_count)
@@ -40,140 +42,151 @@ describe API::Commits do
       end
     end
 
-    context "unauthorized user" do
-      it "does not return project commits" do
-        get api("/projects/#{project_id}/repository/commits")
+    context 'when unauthenticated', 'and project is public' do
+      let(:project) { create(:project, :public, :repository) }
+
+      it_behaves_like 'project commits'
+    end
 
-        expect(response).to have_http_status(404)
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { get api(route) }
+        let(:message) { '404 Project Not Found' }
       end
     end
 
-    context "since optional parameter" do
-      it "returns project commits since provided parameter" do
-        commits = project.repository.commits("master")
-        after = commits.second.created_at
+    context 'when authenticated', 'as a master' do
+      let(:current_user) { user }
 
-        get api("/projects/#{project_id}/repository/commits?since=#{after.utc.iso8601}", user)
+      it_behaves_like 'project commits'
 
-        expect(json_response.size).to eq 2
-        expect(json_response.first["id"]).to eq(commits.first.id)
-        expect(json_response.second["id"]).to eq(commits.second.id)
-      end
+      context "since optional parameter" do
+        it "returns project commits since provided parameter" do
+          commits = project.repository.commits("master")
+          after = commits.second.created_at
 
-      it 'include correct pagination headers' do
-        commits = project.repository.commits("master")
-        after = commits.second.created_at
-        commit_count = project.repository.count_commits(ref: 'master', after: after).to_s
+          get api("/projects/#{project_id}/repository/commits?since=#{after.utc.iso8601}", user)
 
-        get api("/projects/#{project_id}/repository/commits?since=#{after.utc.iso8601}", user)
+          expect(json_response.size).to eq 2
+          expect(json_response.first["id"]).to eq(commits.first.id)
+          expect(json_response.second["id"]).to eq(commits.second.id)
+        end
 
-        expect(response).to include_pagination_headers
-        expect(response.headers['X-Total']).to eq(commit_count)
-        expect(response.headers['X-Page']).to eql('1')
+        it 'include correct pagination headers' do
+          commits = project.repository.commits("master")
+          after = commits.second.created_at
+          commit_count = project.repository.count_commits(ref: 'master', after: after).to_s
+
+          get api("/projects/#{project_id}/repository/commits?since=#{after.utc.iso8601}", user)
+
+          expect(response).to include_pagination_headers
+          expect(response.headers['X-Total']).to eq(commit_count)
+          expect(response.headers['X-Page']).to eql('1')
+        end
       end
-    end
 
-    context "until optional parameter" do
-      it "returns project commits until provided parameter" do
-        commits = project.repository.commits("master")
-        before = commits.second.created_at
+      context "until optional parameter" do
+        it "returns project commits until provided parameter" do
+          commits = project.repository.commits("master")
+          before = commits.second.created_at
 
-        get api("/projects/#{project_id}/repository/commits?until=#{before.utc.iso8601}", user)
+          get api("/projects/#{project_id}/repository/commits?until=#{before.utc.iso8601}", user)
 
-        if commits.size >= 20
-          expect(json_response.size).to eq(20)
-        else
-          expect(json_response.size).to eq(commits.size - 1)
-        end
+          if commits.size >= 20
+            expect(json_response.size).to eq(20)
+          else
+            expect(json_response.size).to eq(commits.size - 1)
+          end
 
-        expect(json_response.first["id"]).to eq(commits.second.id)
-        expect(json_response.second["id"]).to eq(commits.third.id)
-      end
+          expect(json_response.first["id"]).to eq(commits.second.id)
+          expect(json_response.second["id"]).to eq(commits.third.id)
+        end
 
-      it 'include correct pagination headers' do
-        commits = project.repository.commits("master")
-        before = commits.second.created_at
-        commit_count = project.repository.count_commits(ref: 'master', before: before).to_s
+        it 'include correct pagination headers' do
+          commits = project.repository.commits("master")
+          before = commits.second.created_at
+          commit_count = project.repository.count_commits(ref: 'master', before: before).to_s
 
-        get api("/projects/#{project_id}/repository/commits?until=#{before.utc.iso8601}", user)
+          get api("/projects/#{project_id}/repository/commits?until=#{before.utc.iso8601}", user)
 
-        expect(response).to include_pagination_headers
-        expect(response.headers['X-Total']).to eq(commit_count)
-        expect(response.headers['X-Page']).to eql('1')
+          expect(response).to include_pagination_headers
+          expect(response.headers['X-Total']).to eq(commit_count)
+          expect(response.headers['X-Page']).to eql('1')
+        end
       end
-    end
 
-    context "invalid xmlschema date parameters" do
-      it "returns an invalid parameter error message" do
-        get api("/projects/#{project_id}/repository/commits?since=invalid-date", user)
+      context "invalid xmlschema date parameters" do
+        it "returns an invalid parameter error message" do
+          get api("/projects/#{project_id}/repository/commits?since=invalid-date", user)
 
-        expect(response).to have_http_status(400)
-        expect(json_response['error']).to eq('since is invalid')
+          expect(response).to have_http_status(400)
+          expect(json_response['error']).to eq('since is invalid')
+        end
       end
-    end
 
-    context "path optional parameter" do
-      it "returns project commits matching provided path parameter" do
-        path = 'files/ruby/popen.rb'
-        commit_count = project.repository.count_commits(ref: 'master', path: path).to_s
+      context "path optional parameter" do
+        it "returns project commits matching provided path parameter" do
+          path = 'files/ruby/popen.rb'
+          commit_count = project.repository.count_commits(ref: 'master', path: path).to_s
 
-        get api("/projects/#{project_id}/repository/commits?path=#{path}", user)
+          get api("/projects/#{project_id}/repository/commits?path=#{path}", user)
 
-        expect(json_response.size).to eq(3)
-        expect(json_response.first["id"]).to eq("570e7b2abdd848b95f2f578043fc23bd6f6fd24d")
-        expect(response).to include_pagination_headers
-        expect(response.headers['X-Total']).to eq(commit_count)
-      end
+          expect(json_response.size).to eq(3)
+          expect(json_response.first["id"]).to eq("570e7b2abdd848b95f2f578043fc23bd6f6fd24d")
+          expect(response).to include_pagination_headers
+          expect(response.headers['X-Total']).to eq(commit_count)
+        end
 
-      it 'include correct pagination headers' do
-        path = 'files/ruby/popen.rb'
-        commit_count = project.repository.count_commits(ref: 'master', path: path).to_s
+        it 'include correct pagination headers' do
+          path = 'files/ruby/popen.rb'
+          commit_count = project.repository.count_commits(ref: 'master', path: path).to_s
 
-        get api("/projects/#{project_id}/repository/commits?path=#{path}", user)
+          get api("/projects/#{project_id}/repository/commits?path=#{path}", user)
 
-        expect(response).to include_pagination_headers
-        expect(response.headers['X-Total']).to eq(commit_count)
-        expect(response.headers['X-Page']).to eql('1')
+          expect(response).to include_pagination_headers
+          expect(response.headers['X-Total']).to eq(commit_count)
+          expect(response.headers['X-Page']).to eql('1')
+        end
       end
-    end
 
-    context 'with pagination params' do
-      let(:page) { 1 }
-      let(:per_page) { 5 }
-      let(:ref_name) { 'master' }
-      let!(:request) do
-        get api("/projects/#{project_id}/repository/commits?page=#{page}&per_page=#{per_page}&ref_name=#{ref_name}", user)
-      end
+      context 'with pagination params' do
+        let(:page) { 1 }
+        let(:per_page) { 5 }
+        let(:ref_name) { 'master' }
+        let!(:request) do
+          get api("/projects/#{project_id}/repository/commits?page=#{page}&per_page=#{per_page}&ref_name=#{ref_name}", user)
+        end
 
-      it 'returns correct headers' do
-        commit_count = project.repository.count_commits(ref: ref_name).to_s
+        it 'returns correct headers' do
+          commit_count = project.repository.count_commits(ref: ref_name).to_s
 
-        expect(response).to include_pagination_headers
-        expect(response.headers['X-Total']).to eq(commit_count)
-        expect(response.headers['X-Page']).to eq('1')
-        expect(response.headers['Link']).to match(/page=1&per_page=5/)
-        expect(response.headers['Link']).to match(/page=2&per_page=5/)
-      end
+          expect(response).to include_pagination_headers
+          expect(response.headers['X-Total']).to eq(commit_count)
+          expect(response.headers['X-Page']).to eq('1')
+          expect(response.headers['Link']).to match(/page=1&per_page=5/)
+          expect(response.headers['Link']).to match(/page=2&per_page=5/)
+        end
 
-      context 'viewing the first page' do
-        it 'returns the first 5 commits' do
-          commit = project.repository.commit
+        context 'viewing the first page' do
+          it 'returns the first 5 commits' do
+            commit = project.repository.commit
 
-          expect(json_response.size).to eq(per_page)
-          expect(json_response.first['id']).to eq(commit.id)
-          expect(response.headers['X-Page']).to eq('1')
+            expect(json_response.size).to eq(per_page)
+            expect(json_response.first['id']).to eq(commit.id)
+            expect(response.headers['X-Page']).to eq('1')
+          end
         end
-      end
 
-      context 'viewing the third page' do
-        let(:page) { 3 }
+        context 'viewing the third page' do
+          let(:page) { 3 }
 
-        it 'returns the third 5 commits' do
-          commit = project.repository.commits('HEAD', offset: (page - 1) * per_page).first
+          it 'returns the third 5 commits' do
+            commit = project.repository.commits('HEAD', offset: (page - 1) * per_page).first
 
-          expect(json_response.size).to eq(per_page)
-          expect(json_response.first['id']).to eq(commit.id)
-          expect(response.headers['X-Page']).to eq('3')
+            expect(json_response.size).to eq(per_page)
+            expect(json_response.first['id']).to eq(commit.id)
+            expect(response.headers['X-Page']).to eq('3')
+          end
         end
       end
     end
diff --git a/spec/requests/api/protected_branches_spec.rb b/spec/requests/api/protected_branches_spec.rb
index e4f9c47fb33..1aa8a95780e 100644
--- a/spec/requests/api/protected_branches_spec.rb
+++ b/spec/requests/api/protected_branches_spec.rb
@@ -96,7 +96,7 @@ describe API::ProtectedBranches do
   describe 'POST /projects/:id/protected_branches' do
     let(:branch_name) { 'new_branch' }
 
-    context 'when authenticated as a master' do 
+    context 'when authenticated as a master' do
       before do
         project.add_master(user)
       end
@@ -221,7 +221,7 @@ describe API::ProtectedBranches do
 
     context 'when branch has a wildcard in its name' do
       let(:protected_name) { 'feature*' }
-      
+
       it "unprotects a wildcard branch" do
         delete api("/projects/#{project.id}/protected_branches/#{branch_name}", user)
 
diff --git a/spec/requests/api/settings_spec.rb b/spec/requests/api/settings_spec.rb
index 97275b80d03..737c028ad53 100644
--- a/spec/requests/api/settings_spec.rb
+++ b/spec/requests/api/settings_spec.rb
@@ -45,7 +45,7 @@ describe API::Settings, 'Settings' do
           help_page_hide_commercial_content: true,
           help_page_support_url: 'http://example.com/help',
           project_export_enabled: false
-          
+
         expect(response).to have_http_status(200)
         expect(json_response['default_projects_limit']).to eq(3)
         expect(json_response['password_authentication_enabled']).to be_falsey
diff --git a/spec/requests/ci/api/builds_spec.rb b/spec/requests/ci/api/builds_spec.rb
deleted file mode 100644
index ebd67eb1e94..00000000000
--- a/spec/requests/ci/api/builds_spec.rb
+++ /dev/null
@@ -1,912 +0,0 @@
-require 'spec_helper'
-
-describe Ci::API::Builds do
-  let(:runner) { FactoryGirl.create(:ci_runner, tag_list: %w(mysql ruby)) }
-  let(:project) { FactoryGirl.create(:project, shared_runners_enabled: false) }
-  let(:last_update) { nil }
-
-  describe "Builds API for runners" do
-    let(:pipeline) { create(:ci_pipeline_without_jobs, project: project, ref: 'master') }
-
-    before do
-      project.runners << runner
-    end
-
-    describe "POST /builds/register" do
-      let!(:build) { create(:ci_build, pipeline: pipeline, name: 'spinach', stage: 'test', stage_idx: 0) }
-      let(:user_agent) { 'gitlab-ci-multi-runner 1.5.2 (1-5-stable; go1.6.3; linux/amd64)' }
-      let!(:last_update) { }
-      let!(:new_update) { }
-
-      before do
-        stub_container_registry_config(enabled: false)
-      end
-
-      shared_examples 'no builds available' do
-        context 'when runner sends version in User-Agent' do
-          context 'for stable version' do
-            it 'gives 204 and set X-GitLab-Last-Update' do
-              expect(response).to have_http_status(204)
-              expect(response.header).to have_key('X-GitLab-Last-Update')
-            end
-          end
-
-          context 'when last_update is up-to-date' do
-            let(:last_update) { runner.ensure_runner_queue_value }
-
-            it 'gives 204 and set the same X-GitLab-Last-Update' do
-              expect(response).to have_http_status(204)
-              expect(response.header['X-GitLab-Last-Update'])
-                .to eq(last_update)
-            end
-          end
-
-          context 'when last_update is outdated' do
-            let(:last_update) { runner.ensure_runner_queue_value }
-            let(:new_update) { runner.tick_runner_queue }
-
-            it 'gives 204 and set a new X-GitLab-Last-Update' do
-              expect(response).to have_http_status(204)
-              expect(response.header['X-GitLab-Last-Update'])
-                .to eq(new_update)
-            end
-          end
-
-          context 'for beta version' do
-            let(:user_agent) { 'gitlab-ci-multi-runner 1.6.0~beta.167.g2b2bacc (1-5-stable; go1.6.3; linux/amd64)' }
-            it { expect(response).to have_http_status(204) }
-          end
-        end
-
-        context "when runner doesn't send version in User-Agent" do
-          let(:user_agent) { 'Go-http-client/1.1' }
-          it { expect(response).to have_http_status(404) }
-        end
-
-        context "when runner doesn't have a User-Agent" do
-          let(:user_agent) { nil }
-          it { expect(response).to have_http_status(404) }
-        end
-      end
-
-      context 'when an old image syntax is used' do
-        before do
-          build.update!(options: { image: 'codeclimate' })
-        end
-
-        it 'starts a build' do
-          register_builds info: { platform: :darwin }
-
-          expect(response).to have_http_status(201)
-          expect(json_response["options"]).to eq({ "image" => "codeclimate" })
-        end
-      end
-
-      context 'when a new image syntax is used' do
-        before do
-          build.update!(options: { image: { name: 'codeclimate' } })
-        end
-
-        it 'starts a build' do
-          register_builds info: { platform: :darwin }
-
-          expect(response).to have_http_status(201)
-          expect(json_response["options"]).to eq({ "image" => "codeclimate" })
-        end
-      end
-
-      context 'when an old service syntax is used' do
-        before do
-          build.update!(options: { services: ['mysql'] })
-        end
-
-        it 'starts a build' do
-          register_builds info: { platform: :darwin }
-
-          expect(response).to have_http_status(201)
-          expect(json_response["options"]).to eq({ "services" => ["mysql"] })
-        end
-      end
-
-      context 'when a new service syntax is used' do
-        before do
-          build.update!(options: { services: [name: 'mysql'] })
-        end
-
-        it 'starts a build' do
-          register_builds info: { platform: :darwin }
-
-          expect(response).to have_http_status(201)
-          expect(json_response["options"]).to eq({ "services" => ["mysql"] })
-        end
-      end
-
-      context 'when no image or service is defined' do
-        before do
-          build.update!(options: {})
-        end
-
-        it 'starts a build' do
-          register_builds info: { platform: :darwin }
-
-          expect(response).to have_http_status(201)
-      
-          expect(json_response["options"]).to be_empty
-        end
-      end
-
-      context 'when there is a pending build' do
-        it 'starts a build' do
-          register_builds info: { platform: :darwin }
-
-          expect(response).to have_http_status(201)
-          expect(response.headers).not_to have_key('X-GitLab-Last-Update')
-          expect(json_response['sha']).to eq(build.sha)
-          expect(runner.reload.platform).to eq("darwin")
-          expect(json_response["options"]).to eq({ "image" => "ruby:2.1", "services" => ["postgres"] })
-          expect(json_response["variables"]).to include(
-            { "key" => "CI_JOB_NAME", "value" => "spinach", "public" => true },
-            { "key" => "CI_JOB_STAGE", "value" => "test", "public" => true },
-            { "key" => "DB_NAME", "value" => "postgres", "public" => true }
-          )
-        end
-
-        it 'updates runner info' do
-          expect { register_builds }.to change { runner.reload.contacted_at }
-        end
-
-        context 'when concurrently updating build' do
-          before do
-            expect_any_instance_of(Ci::Build).to receive(:run!)
-              .and_raise(ActiveRecord::StaleObjectError.new(nil, nil))
-          end
-
-          it 'returns a conflict' do
-            register_builds info: { platform: :darwin }
-
-            expect(response).to have_http_status(409)
-            expect(response.headers).not_to have_key('X-GitLab-Last-Update')
-          end
-        end
-
-        context 'registry credentials' do
-          let(:registry_credentials) do
-            { 'type' => 'registry',
-              'url' => 'registry.example.com:5005',
-              'username' => 'gitlab-ci-token',
-              'password' => build.token }
-          end
-
-          context 'when registry is enabled' do
-            before do
-              stub_container_registry_config(enabled: true, host_port: 'registry.example.com:5005')
-            end
-
-            it 'sends registry credentials key' do
-              register_builds info: { platform: :darwin }
-
-              expect(json_response).to have_key('credentials')
-              expect(json_response['credentials']).to include(registry_credentials)
-            end
-          end
-
-          context 'when registry is disabled' do
-            before do
-              stub_container_registry_config(enabled: false, host_port: 'registry.example.com:5005')
-            end
-
-            it 'does not send registry credentials' do
-              register_builds info: { platform: :darwin }
-
-              expect(json_response).to have_key('credentials')
-              expect(json_response['credentials']).not_to include(registry_credentials)
-            end
-          end
-        end
-
-        context 'when docker configuration options are used' do
-          let!(:build) { create(:ci_build, :extended_options, pipeline: pipeline, name: 'spinach', stage: 'test', stage_idx: 0) }
-
-          it 'starts a build' do
-            register_builds info: { platform: :darwin }
-
-            expect(response).to have_http_status(201)
-            expect(json_response['options']['image']).to eq('ruby:2.1')
-            expect(json_response['options']['services']).to eq(['postgres', 'docker:dind'])
-          end
-        end
-      end
-
-      context 'when builds are finished' do
-        before do
-          build.success
-          register_builds
-        end
-
-        it_behaves_like 'no builds available'
-      end
-
-      context 'for other project with builds' do
-        before do
-          build.success
-          create(:ci_build, :pending)
-          register_builds
-        end
-
-        it_behaves_like 'no builds available'
-      end
-
-      context 'for shared runner' do
-        let!(:runner) { create(:ci_runner, :shared, token: "SharedRunner") }
-
-        before do
-          register_builds(runner.token)
-        end
-
-        it_behaves_like 'no builds available'
-      end
-
-      context 'for triggered build' do
-        before do
-          trigger = create(:ci_trigger, project: project)
-          create(:ci_trigger_request_with_variables, pipeline: pipeline, builds: [build], trigger: trigger)
-          project.variables << Ci::Variable.new(key: "SECRET_KEY", value: "secret_value")
-        end
-
-        it "returns variables for triggers" do
-          register_builds info: { platform: :darwin }
-
-          expect(response).to have_http_status(201)
-          expect(json_response["variables"]).to include(
-            { "key" => "CI_JOB_NAME", "value" => "spinach", "public" => true },
-            { "key" => "CI_JOB_STAGE", "value" => "test", "public" => true },
-            { "key" => "CI_PIPELINE_TRIGGERED", "value" => "true", "public" => true },
-            { "key" => "DB_NAME", "value" => "postgres", "public" => true },
-            { "key" => "SECRET_KEY", "value" => "secret_value", "public" => false },
-            { "key" => "TRIGGER_KEY_1", "value" => "TRIGGER_VALUE_1", "public" => false }
-          )
-        end
-      end
-
-      context 'with multiple builds' do
-        before do
-          build.success
-        end
-
-        let!(:test_build) { create(:ci_build, pipeline: pipeline, name: 'deploy', stage: 'deploy', stage_idx: 1) }
-
-        it "returns dependent builds" do
-          register_builds info: { platform: :darwin }
-
-          expect(response).to have_http_status(201)
-          expect(json_response["id"]).to eq(test_build.id)
-          expect(json_response["depends_on_builds"].count).to eq(1)
-          expect(json_response["depends_on_builds"][0]).to include('id' => build.id, 'name' => 'spinach')
-        end
-      end
-
-      %w(name version revision platform architecture).each do |param|
-        context "updates runner #{param}" do
-          let(:value) { "#{param}_value" }
-
-          subject { runner.read_attribute(param.to_sym) }
-
-          it do
-            register_builds info: { param => value }
-
-            expect(response).to have_http_status(201)
-            runner.reload
-            is_expected.to eq(value)
-          end
-        end
-      end
-
-      context 'when build has no tags' do
-        before do
-          build.update(tags: [])
-        end
-
-        context 'when runner is allowed to pick untagged builds' do
-          before do
-            runner.update_column(:run_untagged, true)
-          end
-
-          it 'picks build' do
-            register_builds
-
-            expect(response).to have_http_status 201
-          end
-        end
-
-        context 'when runner is not allowed to pick untagged builds' do
-          before do
-            runner.update_column(:run_untagged, false)
-            register_builds
-          end
-
-          it_behaves_like 'no builds available'
-        end
-      end
-
-      context 'when runner is paused' do
-        let(:runner) { create(:ci_runner, :inactive, token: 'InactiveRunner') }
-
-        it 'responds with 404' do
-          register_builds
-
-          expect(response).to have_http_status 404
-        end
-
-        it 'does not update runner info' do
-          expect { register_builds }
-            .not_to change { runner.reload.contacted_at }
-        end
-      end
-
-      def register_builds(token = runner.token, **params)
-        new_params = params.merge(token: token, last_update: last_update)
-
-        post ci_api("/builds/register"), new_params, { 'User-Agent' => user_agent }
-      end
-    end
-
-    describe "PUT /builds/:id" do
-      let(:build) { create(:ci_build, :pending, :trace, pipeline: pipeline, runner_id: runner.id) }
-
-      before do
-        build.run!
-        put ci_api("/builds/#{build.id}"), token: runner.token
-      end
-
-      it "updates a running build" do
-        expect(response).to have_http_status(200)
-      end
-
-      it 'does not override trace information when no trace is given' do
-        expect(build.reload.trace.raw).to eq 'BUILD TRACE'
-      end
-
-      context 'job has been erased' do
-        let(:build) { create(:ci_build, runner_id: runner.id, erased_at: Time.now) }
-
-        it 'responds with forbidden' do
-          expect(response.status).to eq 403
-        end
-      end
-    end
-
-    describe 'PATCH /builds/:id/trace.txt' do
-      let(:build) do
-        attributes = { runner_id: runner.id, pipeline: pipeline }
-        create(:ci_build, :running, :trace, attributes)
-      end
-
-      let(:headers) { { Ci::API::Helpers::BUILD_TOKEN_HEADER => build.token, 'Content-Type' => 'text/plain' } }
-      let(:headers_with_range) { headers.merge({ 'Content-Range' => '11-20' }) }
-      let(:update_interval) { 10.seconds.to_i }
-
-      def patch_the_trace(content = ' appended', request_headers = nil)
-        unless request_headers
-          build.trace.read do |stream|
-            offset = stream.size
-            limit = offset + content.length - 1
-            request_headers = headers.merge({ 'Content-Range' => "#{offset}-#{limit}" })
-          end
-        end
-
-        Timecop.travel(build.updated_at + update_interval) do
-          patch ci_api("/builds/#{build.id}/trace.txt"), content, request_headers
-          build.reload
-        end
-      end
-
-      def initial_patch_the_trace
-        patch_the_trace(' appended', headers_with_range)
-      end
-
-      def force_patch_the_trace
-        2.times { patch_the_trace('') }
-      end
-
-      before do
-        initial_patch_the_trace
-      end
-
-      context 'when request is valid' do
-        it 'gets correct response' do
-          expect(response.status).to eq 202
-          expect(build.reload.trace.raw).to eq 'BUILD TRACE appended'
-          expect(response.header).to have_key 'Range'
-          expect(response.header).to have_key 'Build-Status'
-        end
-
-        context 'when build has been updated recently' do
-          it { expect { patch_the_trace }.not_to change { build.updated_at }}
-
-          it 'changes the build trace' do
-            patch_the_trace
-
-            expect(build.reload.trace.raw).to eq 'BUILD TRACE appended appended'
-          end
-
-          context 'when Runner makes a force-patch' do
-            it { expect { force_patch_the_trace }.not_to change { build.updated_at }}
-
-            it "doesn't change the build.trace" do
-              force_patch_the_trace
-
-              expect(build.reload.trace.raw).to eq 'BUILD TRACE appended'
-            end
-          end
-        end
-
-        context 'when build was not updated recently' do
-          let(:update_interval) { 15.minutes.to_i }
-
-          it { expect { patch_the_trace }.to change { build.updated_at } }
-
-          it 'changes the build.trace' do
-            patch_the_trace
-
-            expect(build.reload.trace.raw).to eq 'BUILD TRACE appended appended'
-          end
-
-          context 'when Runner makes a force-patch' do
-            it { expect { force_patch_the_trace }.to change { build.updated_at } }
-
-            it "doesn't change the build.trace" do
-              force_patch_the_trace
-
-              expect(build.reload.trace.raw).to eq 'BUILD TRACE appended'
-            end
-          end
-        end
-
-        context 'when project for the build has been deleted' do
-          let(:build) do
-            attributes = { runner_id: runner.id, pipeline: pipeline }
-            create(:ci_build, :running, :trace, attributes) do |build|
-              build.project.update(pending_delete: true)
-            end
-          end
-
-          it 'responds with forbidden' do
-            expect(response.status).to eq(403)
-          end
-        end
-      end
-
-      context 'when Runner makes a force-patch' do
-        before do
-          force_patch_the_trace
-        end
-
-        it 'gets correct response' do
-          expect(response.status).to eq 202
-          expect(build.reload.trace.raw).to eq 'BUILD TRACE appended'
-          expect(response.header).to have_key 'Range'
-          expect(response.header).to have_key 'Build-Status'
-        end
-      end
-
-      context 'when content-range start is too big' do
-        let(:headers_with_range) { headers.merge({ 'Content-Range' => '15-20' }) }
-
-        it 'gets 416 error response with range headers' do
-          expect(response.status).to eq 416
-          expect(response.header).to have_key 'Range'
-          expect(response.header['Range']).to eq '0-11'
-        end
-      end
-
-      context 'when content-range start is too small' do
-        let(:headers_with_range) { headers.merge({ 'Content-Range' => '8-20' }) }
-
-        it 'gets 416 error response with range headers' do
-          expect(response.status).to eq 416
-          expect(response.header).to have_key 'Range'
-          expect(response.header['Range']).to eq '0-11'
-        end
-      end
-
-      context 'when Content-Range header is missing' do
-        let(:headers_with_range) { headers }
-
-        it { expect(response.status).to eq 400 }
-      end
-
-      context 'when build has been errased' do
-        let(:build) { create(:ci_build, runner_id: runner.id, erased_at: Time.now) }
-
-        it { expect(response.status).to eq 403 }
-      end
-    end
-
-    context "Artifacts" do
-      let(:file_upload) { fixture_file_upload(Rails.root + 'spec/fixtures/banana_sample.gif', 'image/gif') }
-      let(:file_upload2) { fixture_file_upload(Rails.root + 'spec/fixtures/dk.png', 'image/gif') }
-      let(:build) { create(:ci_build, :pending, pipeline: pipeline, runner_id: runner.id) }
-      let(:authorize_url) { ci_api("/builds/#{build.id}/artifacts/authorize") }
-      let(:post_url) { ci_api("/builds/#{build.id}/artifacts") }
-      let(:delete_url) { ci_api("/builds/#{build.id}/artifacts") }
-      let(:get_url) { ci_api("/builds/#{build.id}/artifacts") }
-      let(:jwt_token) { JWT.encode({ 'iss' => 'gitlab-workhorse' }, Gitlab::Workhorse.secret, 'HS256') }
-      let(:headers) { { "GitLab-Workhorse" => "1.0", Gitlab::Workhorse::INTERNAL_API_REQUEST_HEADER => jwt_token } }
-      let(:token) { build.token }
-      let(:headers_with_token) { headers.merge(Ci::API::Helpers::BUILD_TOKEN_HEADER => token) }
-
-      before do
-        build.run!
-      end
-
-      describe "POST /builds/:id/artifacts/authorize" do
-        context "authorizes posting artifact to running build" do
-          it "using token as parameter" do
-            post authorize_url, { token: build.token }, headers
-
-            expect(response).to have_http_status(200)
-            expect(response.content_type.to_s).to eq(Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE)
-            expect(json_response["TempPath"]).not_to be_nil
-          end
-
-          it "using token as header" do
-            post authorize_url, {}, headers_with_token
-
-            expect(response).to have_http_status(200)
-            expect(response.content_type.to_s).to eq(Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE)
-            expect(json_response["TempPath"]).not_to be_nil
-          end
-
-          it "using runners token" do
-            post authorize_url, { token: build.project.runners_token }, headers
-
-            expect(response).to have_http_status(200)
-            expect(response.content_type.to_s).to eq(Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE)
-            expect(json_response["TempPath"]).not_to be_nil
-          end
-
-          it "reject requests that did not go through gitlab-workhorse" do
-            headers.delete(Gitlab::Workhorse::INTERNAL_API_REQUEST_HEADER)
-
-            post authorize_url, { token: build.token }, headers
-
-            expect(response).to have_http_status(500)
-          end
-        end
-
-        context "fails to post too large artifact" do
-          it "using token as parameter" do
-            stub_application_setting(max_artifacts_size: 0)
-
-            post authorize_url, { token: build.token, filesize: 100 }, headers
-
-            expect(response).to have_http_status(413)
-          end
-
-          it "using token as header" do
-            stub_application_setting(max_artifacts_size: 0)
-
-            post authorize_url, { filesize: 100 }, headers_with_token
-
-            expect(response).to have_http_status(413)
-          end
-        end
-
-        context 'authorization token is invalid' do
-          before do
-            post authorize_url, { token: 'invalid', filesize: 100 }
-          end
-
-          it 'responds with forbidden' do
-            expect(response).to have_http_status(403)
-          end
-        end
-      end
-
-      describe "POST /builds/:id/artifacts" do
-        context "disable sanitizer" do
-          before do
-            # by configuring this path we allow to pass temp file from any path
-            allow(ArtifactUploader).to receive(:artifacts_upload_path).and_return('/')
-          end
-
-          describe 'build has been erased' do
-            let(:build) { create(:ci_build, erased_at: Time.now) }
-
-            before do
-              upload_artifacts(file_upload, headers_with_token)
-            end
-
-            it 'responds with forbidden' do
-              expect(response.status).to eq 403
-            end
-          end
-
-          describe 'uploading artifacts for a running build' do
-            shared_examples 'successful artifacts upload' do
-              it 'updates successfully' do
-                response_filename =
-                  json_response['artifacts_file']['filename']
-
-                expect(response).to have_http_status(201)
-                expect(response_filename).to eq(file_upload.original_filename)
-              end
-            end
-
-            context 'uses regular file post' do
-              before do
-                upload_artifacts(file_upload, headers_with_token, false)
-              end
-
-              it_behaves_like 'successful artifacts upload'
-            end
-
-            context 'uses accelerated file post' do
-              before do
-                upload_artifacts(file_upload, headers_with_token, true)
-              end
-
-              it_behaves_like 'successful artifacts upload'
-            end
-
-            context 'updates artifact' do
-              before do
-                upload_artifacts(file_upload2, headers_with_token)
-                upload_artifacts(file_upload, headers_with_token)
-              end
-
-              it_behaves_like 'successful artifacts upload'
-            end
-
-            context 'when using runners token' do
-              let(:token) { build.project.runners_token }
-
-              before do
-                upload_artifacts(file_upload, headers_with_token)
-              end
-
-              it_behaves_like 'successful artifacts upload'
-            end
-          end
-
-          context 'posts artifacts file and metadata file' do
-            let!(:artifacts) { file_upload }
-            let!(:metadata) { file_upload2 }
-
-            let(:stored_artifacts_file) { build.reload.artifacts_file.file }
-            let(:stored_metadata_file) { build.reload.artifacts_metadata.file }
-            let(:stored_artifacts_size) { build.reload.artifacts_size }
-
-            before do
-              post(post_url, post_data, headers_with_token)
-            end
-
-            context 'posts data accelerated by workhorse is correct' do
-              let(:post_data) do
-                { 'file.path' => artifacts.path,
-                  'file.name' => artifacts.original_filename,
-                  'metadata.path' => metadata.path,
-                  'metadata.name' => metadata.original_filename }
-              end
-
-              it 'stores artifacts and artifacts metadata' do
-                expect(response).to have_http_status(201)
-                expect(stored_artifacts_file.original_filename).to eq(artifacts.original_filename)
-                expect(stored_metadata_file.original_filename).to eq(metadata.original_filename)
-                expect(stored_artifacts_size).to eq(71759)
-              end
-            end
-
-            context 'no artifacts file in post data' do
-              let(:post_data) do
-                { 'metadata' => metadata }
-              end
-
-              it 'is expected to respond with bad request' do
-                expect(response).to have_http_status(400)
-              end
-
-              it 'does not store metadata' do
-                expect(stored_metadata_file).to be_nil
-              end
-            end
-          end
-
-          context 'with an expire date' do
-            let!(:artifacts) { file_upload }
-            let(:default_artifacts_expire_in) {}
-
-            let(:post_data) do
-              { 'file.path' => artifacts.path,
-                'file.name' => artifacts.original_filename,
-                'expire_in' => expire_in }
-            end
-
-            before do
-              stub_application_setting(
-                default_artifacts_expire_in: default_artifacts_expire_in)
-
-              post(post_url, post_data, headers_with_token)
-            end
-
-            context 'with an expire_in given' do
-              let(:expire_in) { '7 days' }
-
-              it 'updates when specified' do
-                build.reload
-                expect(response).to have_http_status(201)
-                expect(json_response['artifacts_expire_at']).not_to be_empty
-                expect(build.artifacts_expire_at)
-                  .to be_within(5.minutes).of(7.days.from_now)
-              end
-            end
-
-            context 'with no expire_in given' do
-              let(:expire_in) { nil }
-
-              it 'ignores if not specified' do
-                build.reload
-                expect(response).to have_http_status(201)
-                expect(json_response['artifacts_expire_at']).to be_nil
-                expect(build.artifacts_expire_at).to be_nil
-              end
-
-              context 'with application default' do
-                context 'default to 5 days' do
-                  let(:default_artifacts_expire_in) { '5 days' }
-
-                  it 'sets to application default' do
-                    build.reload
-                    expect(response).to have_http_status(201)
-                    expect(json_response['artifacts_expire_at'])
-                      .not_to be_empty
-                    expect(build.artifacts_expire_at)
-                      .to be_within(5.minutes).of(5.days.from_now)
-                  end
-                end
-
-                context 'default to 0' do
-                  let(:default_artifacts_expire_in) { '0' }
-
-                  it 'does not set expire_in' do
-                    build.reload
-                    expect(response).to have_http_status(201)
-                    expect(json_response['artifacts_expire_at']).to be_nil
-                    expect(build.artifacts_expire_at).to be_nil
-                  end
-                end
-              end
-            end
-          end
-
-          context "artifacts file is too large" do
-            it "fails to post too large artifact" do
-              stub_application_setting(max_artifacts_size: 0)
-              upload_artifacts(file_upload, headers_with_token)
-              expect(response).to have_http_status(413)
-            end
-          end
-
-          context "artifacts post request does not contain file" do
-            it "fails to post artifacts without file" do
-              post post_url, {}, headers_with_token
-              expect(response).to have_http_status(400)
-            end
-          end
-
-          context 'GitLab Workhorse is not configured' do
-            it "fails to post artifacts without GitLab-Workhorse" do
-              post post_url, { token: build.token }, {}
-              expect(response).to have_http_status(403)
-            end
-          end
-        end
-
-        context "artifacts are being stored outside of tmp path" do
-          before do
-            # by configuring this path we allow to pass file from @tmpdir only
-            # but all temporary files are stored in system tmp directory
-            @tmpdir = Dir.mktmpdir
-            allow(ArtifactUploader).to receive(:artifacts_upload_path).and_return(@tmpdir)
-          end
-
-          after do
-            FileUtils.remove_entry @tmpdir
-          end
-
-          it "fails to post artifacts for outside of tmp path" do
-            upload_artifacts(file_upload, headers_with_token)
-            expect(response).to have_http_status(400)
-          end
-        end
-
-        def upload_artifacts(file, headers = {}, accelerated = true)
-          if accelerated
-            post post_url, {
-              'file.path' => file.path,
-              'file.name' => file.original_filename
-            }, headers
-          else
-            post post_url, { file: file }, headers
-          end
-        end
-      end
-
-      describe 'DELETE /builds/:id/artifacts' do
-        let(:build) { create(:ci_build, :artifacts) }
-
-        before do
-          delete delete_url, token: build.token
-        end
-
-        shared_examples 'having removable artifacts' do
-          it 'removes build artifacts' do
-            build.reload
-
-            expect(response).to have_http_status(200)
-            expect(build.artifacts_file.exists?).to be_falsy
-            expect(build.artifacts_metadata.exists?).to be_falsy
-            expect(build.artifacts_size).to be_nil
-          end
-        end
-
-        context 'when using build token' do
-          before do
-            delete delete_url, token: build.token
-          end
-
-          it_behaves_like 'having removable artifacts'
-        end
-
-        context 'when using runnners token' do
-          before do
-            delete delete_url, token: build.project.runners_token
-          end
-
-          it_behaves_like 'having removable artifacts'
-        end
-      end
-
-      describe 'GET /builds/:id/artifacts' do
-        before do
-          get get_url, token: token
-        end
-
-        context 'build has artifacts' do
-          let(:build) { create(:ci_build, :artifacts) }
-          let(:download_headers) do
-            { 'Content-Transfer-Encoding' => 'binary',
-              'Content-Disposition' => 'attachment; filename=ci_build_artifacts.zip' }
-          end
-
-          shared_examples 'having downloadable artifacts' do
-            it 'download artifacts' do
-              expect(response).to have_http_status(200)
-              expect(response.headers).to include download_headers
-            end
-          end
-
-          context 'when using build token' do
-            let(:token) { build.token }
-
-            it_behaves_like 'having downloadable artifacts'
-          end
-
-          context 'when using runnners token' do
-            let(:token) { build.project.runners_token }
-
-            it_behaves_like 'having downloadable artifacts'
-          end
-        end
-
-        context 'build does not has artifacts' do
-          let(:token) { build.token }
-
-          it 'responds with not found' do
-            expect(response).to have_http_status(404)
-          end
-        end
-      end
-    end
-  end
-end
diff --git a/spec/requests/ci/api/runners_spec.rb b/spec/requests/ci/api/runners_spec.rb
deleted file mode 100644
index 75059dd20a0..00000000000
--- a/spec/requests/ci/api/runners_spec.rb
+++ /dev/null
@@ -1,127 +0,0 @@
-require 'spec_helper'
-
-describe Ci::API::Runners do
-  include StubGitlabCalls
-
-  let(:registration_token) { 'abcdefg123456' }
-
-  before do
-    stub_gitlab_calls
-    stub_application_setting(runners_registration_token: registration_token)
-  end
-
-  describe "POST /runners/register" do
-    context 'when runner token is provided' do
-      before do
-        post ci_api("/runners/register"), token: registration_token
-      end
-
-      it 'creates runner with default values' do
-        expect(response).to have_http_status 201
-        expect(Ci::Runner.first.run_untagged).to be true
-        expect(Ci::Runner.first.token).not_to eq(registration_token)
-      end
-    end
-
-    context 'when runner description is provided' do
-      before do
-        post ci_api("/runners/register"), token: registration_token,
-                                          description: "server.hostname"
-      end
-
-      it 'creates runner' do
-        expect(response).to have_http_status 201
-        expect(Ci::Runner.first.description).to eq("server.hostname")
-      end
-    end
-
-    context 'when runner tags are provided' do
-      before do
-        post ci_api("/runners/register"), token: registration_token,
-                                          tag_list: "tag1, tag2"
-      end
-
-      it 'creates runner' do
-        expect(response).to have_http_status 201
-        expect(Ci::Runner.first.tag_list.sort).to eq(%w(tag1 tag2))
-      end
-    end
-
-    context 'when option for running untagged jobs is provided' do
-      context 'when tags are provided' do
-        it 'creates runner' do
-          post ci_api("/runners/register"), token: registration_token,
-                                            run_untagged: false,
-                                            tag_list: ['tag']
-
-          expect(response).to have_http_status 201
-          expect(Ci::Runner.first.run_untagged).to be false
-        end
-      end
-
-      context 'when tags are not provided' do
-        it 'does not create runner' do
-          post ci_api("/runners/register"), token: registration_token,
-                                            run_untagged: false
-
-          expect(response).to have_http_status 404
-        end
-      end
-    end
-
-    context 'when project token is provided' do
-      let(:project) { FactoryGirl.create(:project) }
-
-      before do
-        post ci_api("/runners/register"), token: project.runners_token
-      end
-
-      it 'creates runner' do
-        expect(response).to have_http_status 201
-        expect(project.runners.size).to eq(1)
-        expect(Ci::Runner.first.token).not_to eq(registration_token)
-        expect(Ci::Runner.first.token).not_to eq(project.runners_token)
-      end
-    end
-
-    context 'when token is invalid' do
-      it 'returns 403 error' do
-        post ci_api("/runners/register"), token: 'invalid'
-
-        expect(response).to have_http_status 403
-      end
-    end
-
-    context 'when no token provided' do
-      it 'returns 400 error' do
-        post ci_api("/runners/register")
-
-        expect(response).to have_http_status 400
-      end
-    end
-
-    %w(name version revision platform architecture).each do |param|
-      context "creates runner with #{param} saved" do
-        let(:value) { "#{param}_value" }
-
-        subject { Ci::Runner.first.read_attribute(param.to_sym) }
-
-        it do
-          post ci_api("/runners/register"), token: registration_token, info: { param => value }
-          expect(response).to have_http_status 201
-          is_expected.to eq(value)
-        end
-      end
-    end
-  end
-
-  describe "DELETE /runners/delete" do
-    it 'returns 200' do
-      runner = FactoryGirl.create(:ci_runner)
-      delete ci_api("/runners/delete"), token: runner.token
-
-      expect(response).to have_http_status 200
-      expect(Ci::Runner.count).to eq(0)
-    end
-  end
-end
diff --git a/spec/requests/ci/api/triggers_spec.rb b/spec/requests/ci/api/triggers_spec.rb
deleted file mode 100644
index 7c77ebb69a2..00000000000
--- a/spec/requests/ci/api/triggers_spec.rb
+++ /dev/null
@@ -1,90 +0,0 @@
-require 'spec_helper'
-
-describe Ci::API::Triggers do
-  describe 'POST /projects/:project_id/refs/:ref/trigger' do
-    let!(:trigger_token) { 'secure token' }
-    let!(:project) { create(:project, :repository, ci_id: 10) }
-    let!(:project2) { create(:project, ci_id: 11) }
-
-    let!(:trigger) do
-      create(:ci_trigger,
-             project: project,
-             token: trigger_token,
-             owner: create(:user))
-    end
-
-    let(:options) do
-      {
-        token: trigger_token
-      }
-    end
-
-    before do
-      stub_ci_pipeline_to_return_yaml_file
-
-      project.add_developer(trigger.owner)
-    end
-
-    context 'Handles errors' do
-      it 'returns bad request if token is missing' do
-        post ci_api("/projects/#{project.ci_id}/refs/master/trigger")
-        expect(response).to have_http_status(400)
-      end
-
-      it 'returns not found if project is not found' do
-        post ci_api('/projects/0/refs/master/trigger'), options
-        expect(response).to have_http_status(404)
-      end
-
-      it 'returns unauthorized if token is for different project' do
-        post ci_api("/projects/#{project2.ci_id}/refs/master/trigger"), options
-        expect(response).to have_http_status(401)
-      end
-    end
-
-    context 'Have a commit' do
-      let(:pipeline) { project.pipelines.last }
-
-      it 'creates builds' do
-        post ci_api("/projects/#{project.ci_id}/refs/master/trigger"), options
-        expect(response).to have_http_status(201)
-        pipeline.builds.reload
-        expect(pipeline.builds.pending.size).to eq(2)
-        expect(pipeline.builds.size).to eq(5)
-      end
-
-      it 'returns bad request with no builds created if there\'s no commit for that ref' do
-        post ci_api("/projects/#{project.ci_id}/refs/other-branch/trigger"), options
-        expect(response).to have_http_status(400)
-        expect(json_response['message']['base'])
-          .to contain_exactly('Reference not found')
-      end
-
-      context 'Validates variables' do
-        let(:variables) do
-          { 'TRIGGER_KEY' => 'TRIGGER_VALUE' }
-        end
-
-        it 'validates variables to be a hash' do
-          post ci_api("/projects/#{project.ci_id}/refs/master/trigger"), options.merge(variables: 'value')
-          expect(response).to have_http_status(400)
-
-          expect(json_response['error']).to eq('variables is invalid')
-        end
-
-        it 'validates variables needs to be a map of key-valued strings' do
-          post ci_api("/projects/#{project.ci_id}/refs/master/trigger"), options.merge(variables: { key: %w(1 2) })
-          expect(response).to have_http_status(400)
-          expect(json_response['message']).to eq('variables needs to be a map of key-valued strings')
-        end
-
-        it 'creates trigger request with variables' do
-          post ci_api("/projects/#{project.ci_id}/refs/master/trigger"), options.merge(variables: variables)
-          expect(response).to have_http_status(201)
-          pipeline.builds.reload
-          expect(pipeline.builds.first.trigger_request.variables).to eq(variables)
-        end
-      end
-    end
-  end
-end
diff --git a/spec/services/git_push_service_spec.rb b/spec/services/git_push_service_spec.rb
index 8485605b398..e3c1bdce300 100644
--- a/spec/services/git_push_service_spec.rb
+++ b/spec/services/git_push_service_spec.rb
@@ -688,10 +688,38 @@ describe GitPushService, services: true do
       )
     end
 
-    it 'calls CreateGpgSignatureWorker.perform_async for each commit' do
-      expect(CreateGpgSignatureWorker).to receive(:perform_async).with(sample_commit.id, project.id)
+    context 'when the commit has a signature' do
+      context 'when the signature is already cached' do
+        before do
+          create(:gpg_signature, commit_sha: sample_commit.id)
+        end
 
-      execute_service(project, user, oldrev, newrev, ref)
+        it 'does not queue a CreateGpgSignatureWorker' do
+          expect(CreateGpgSignatureWorker).not_to receive(:perform_async).with(sample_commit.id, project.id)
+
+          execute_service(project, user, oldrev, newrev, ref)
+        end
+      end
+
+      context 'when the signature is not yet cached' do
+        it 'queues a CreateGpgSignatureWorker' do
+          expect(CreateGpgSignatureWorker).to receive(:perform_async).with(sample_commit.id, project.id)
+
+          execute_service(project, user, oldrev, newrev, ref)
+        end
+      end
+    end
+
+    context 'when the commit does not have a signature' do
+      before do
+        allow(Gitlab::Git::Commit).to receive(:shas_with_signatures).with(project.repository, [sample_commit.id]).and_return([])
+      end
+
+      it 'does not queue a CreateGpgSignatureWorker' do
+        expect(CreateGpgSignatureWorker).not_to receive(:perform_async).with(sample_commit.id, project.id)
+
+        execute_service(project, user, oldrev, newrev, ref)
+      end
     end
   end
 
diff --git a/spec/services/merge_requests/create_from_issue_service_spec.rb b/spec/services/merge_requests/create_from_issue_service_spec.rb
index 492b55cdece..313f87ae1f6 100644
--- a/spec/services/merge_requests/create_from_issue_service_spec.rb
+++ b/spec/services/merge_requests/create_from_issue_service_spec.rb
@@ -2,8 +2,10 @@ require 'spec_helper'
 
 describe MergeRequests::CreateFromIssueService do
   let(:project) { create(:project, :repository) }
-  let(:user)    { create(:user) }
-  let(:issue)   { create(:issue, project: project) }
+  let(:user) { create(:user) }
+  let(:label_ids) { create_pair(:label, project: project).map(&:id) }
+  let(:milestone_id) { create(:milestone, project: project).id }
+  let(:issue) { create(:issue, project: project, milestone_id: milestone_id) }
 
   subject(:service) { described_class.new(project, user, issue_iid: issue.iid) }
 
@@ -25,6 +27,20 @@ describe MergeRequests::CreateFromIssueService do
       described_class.new(project, user, issue_iid: -1).execute
     end
 
+    it "inherits labels" do
+      issue.assign_attributes(label_ids: label_ids)
+
+      result = service.execute
+
+      expect(result[:merge_request].label_ids).to eq(label_ids)
+    end
+
+    it "inherits milestones" do
+      result = service.execute
+
+      expect(result[:merge_request].milestone_id).to eq(milestone_id)
+    end
+
     it 'delegates the branch creation to CreateBranchService' do
       expect_any_instance_of(CreateBranchService).to receive(:execute).once.and_call_original
 
diff --git a/spec/services/merge_requests/create_service_spec.rb b/spec/services/merge_requests/create_service_spec.rb
index 8fef480274d..a1f3bec42cc 100644
--- a/spec/services/merge_requests/create_service_spec.rb
+++ b/spec/services/merge_requests/create_service_spec.rb
@@ -48,6 +48,16 @@ describe MergeRequests::CreateService do
         expect(Todo.where(attributes).count).to be_zero
       end
 
+      it 'creates exactly 1 create MR event' do
+        attributes = {
+          action: Event::CREATED,
+          target_id: @merge_request.id,
+          target_type: @merge_request.class.name
+        }
+
+        expect(Event.where(attributes).count).to eq(1)
+      end
+
       context 'when merge request is assigned to someone' do
         let(:opts) do
           {
diff --git a/spec/services/users/update_service_spec.rb b/spec/services/users/update_service_spec.rb
index 343804e3de0..985f6d94876 100644
--- a/spec/services/users/update_service_spec.rb
+++ b/spec/services/users/update_service_spec.rb
@@ -12,9 +12,22 @@ describe Users::UpdateService do
     end
 
     it 'returns an error result when record cannot be updated' do
+      result = {}
       expect do
-        update_user(user, { email: 'invalid' })
+        result = update_user(user, { email: 'invalid' })
       end.not_to change { user.reload.email }
+      expect(result[:status]).to eq(:error)
+      expect(result[:message]).to eq('Email is invalid')
+    end
+
+    it 'includes namespace error messages' do
+      create(:group, name: 'taken', path: 'something_else')
+      result = {}
+      expect do
+        result = update_user(user, { username: 'taken' })
+      end.not_to change { user.reload.username }
+      expect(result[:status]).to eq(:error)
+      expect(result[:message]).to eq('Namespace name has already been taken')
     end
 
     def update_user(user, opts)
diff --git a/spec/services/web_hook_service_spec.rb b/spec/services/web_hook_service_spec.rb
index 365cb6b8f09..0726e135b20 100644
--- a/spec/services/web_hook_service_spec.rb
+++ b/spec/services/web_hook_service_spec.rb
@@ -144,7 +144,7 @@ describe WebHookService do
 
   describe '#async_execute' do
     let(:system_hook) { create(:system_hook) }
-    
+
     it 'enqueue WebHookWorker' do
       expect(Sidekiq::Client).to receive(:enqueue).with(WebHookWorker, project_hook.id, data, 'push_hooks')
 
diff --git a/spec/support/filtered_search_helpers.rb b/spec/support/filtered_search_helpers.rb
index d21c4324d9e..99b8b6b7ea4 100644
--- a/spec/support/filtered_search_helpers.rb
+++ b/spec/support/filtered_search_helpers.rb
@@ -54,8 +54,8 @@ module FilteredSearchHelpers
   # Iterates through each visual token inside
   # .tokens-container to make sure the correct names and values are rendered
   def expect_tokens(tokens)
-    page.find '.filtered-search-box .tokens-container' do
-      page.all(:css, '.tokens-container li').each_with_index do |el, index|
+    page.within '.filtered-search-box .tokens-container' do
+      page.all(:css, '.tokens-container li .selectable').each_with_index do |el, index|
         token_name = tokens[index][:name]
         token_value = tokens[index][:value]
 
@@ -67,6 +67,28 @@ module FilteredSearchHelpers
     end
   end
 
+  def create_token(token_name, token_value = nil, symbol = nil)
+    { name: token_name, value: "#{symbol}#{token_value}" }
+  end
+
+  def author_token(author_name = nil)
+    create_token('Author', author_name)
+  end
+
+  def assignee_token(assignee_name = nil)
+    create_token('Assignee', assignee_name)
+  end
+
+  def milestone_token(milestone_name = nil, has_symbol = true)
+    symbol = has_symbol ? '%' : nil
+    create_token('Milestone', milestone_name, symbol)
+  end
+
+  def label_token(label_name = nil, has_symbol = true)
+    symbol = has_symbol ? '~' : nil
+    create_token('Label', label_name, symbol)
+  end
+
   def default_placeholder
     'Search or filter results...'
   end
diff --git a/spec/support/generate-seed-repo-rb b/spec/support/generate-seed-repo-rb
index c89389b90ca..ef3c8e7087f 100755
--- a/spec/support/generate-seed-repo-rb
+++ b/spec/support/generate-seed-repo-rb
@@ -1,16 +1,16 @@
 #!/usr/bin/env ruby
-# 
+#
 # # generate-seed-repo-rb
-# 
+#
 # This script generates the seed_repo.rb file used by lib/gitlab/git
 # tests. The seed_repo.rb file needs to be updated anytime there is a
 # Git push to https://gitlab.com/gitlab-org/gitlab-git-test.
-# 
+#
 # Usage:
-# 
+#
 #   ./spec/support/generate-seed-repo-rb > spec/support/seed_repo.rb
-# 
-# 
+#
+#
 
 require 'erb'
 require 'tempfile'
diff --git a/spec/support/matchers/access_matchers_for_controller.rb b/spec/support/matchers/access_matchers_for_controller.rb
index ff60bd0c0ae..bb6b7c63ee9 100644
--- a/spec/support/matchers/access_matchers_for_controller.rb
+++ b/spec/support/matchers/access_matchers_for_controller.rb
@@ -1,6 +1,6 @@
 # AccessMatchersForController
 #
-# For testing authorize_xxx in controller. 
+# For testing authorize_xxx in controller.
 module AccessMatchersForController
   extend RSpec::Matchers::DSL
   include Warden::Test::Helpers
diff --git a/spec/support/migrations_helpers.rb b/spec/support/migrations_helpers.rb
index 3e8c6b54c5a..255b3d96a62 100644
--- a/spec/support/migrations_helpers.rb
+++ b/spec/support/migrations_helpers.rb
@@ -36,16 +36,30 @@ module MigrationsHelpers
   end
 
   def schema_migrate_down!
-    ActiveRecord::Migrator
-      .migrate(migrations_paths, migration_schema_version)
+    disable_migrations_output do
+      ActiveRecord::Migrator.migrate(migrations_paths,
+                                     migration_schema_version)
+    end
+
     reset_column_in_migration_models
   end
 
   def schema_migrate_up!
-    ActiveRecord::Migrator.migrate(migrations_paths)
+    disable_migrations_output do
+      ActiveRecord::Migrator.migrate(migrations_paths)
+    end
+
     reset_column_in_migration_models
   end
 
+  def disable_migrations_output
+    ActiveRecord::Migration.verbose = false
+
+    yield
+  ensure
+    ActiveRecord::Migration.verbose = true
+  end
+
   def migrate!
     ActiveRecord::Migrator.up(migrations_paths) do |migration|
       migration.name == described_class.name
diff --git a/spec/support/stub_configuration.rb b/spec/support/stub_configuration.rb
index 37c89d37aa0..45c10e78789 100644
--- a/spec/support/stub_configuration.rb
+++ b/spec/support/stub_configuration.rb
@@ -39,14 +39,17 @@ module StubConfiguration
   end
 
   def stub_storage_settings(messages)
+    # Default storage is always required
+    messages['default'] ||= Gitlab.config.repositories.storages.default
     messages.each do |storage_name, storage_settings|
+      storage_settings['path'] ||= TestEnv.repos_path
       storage_settings['failure_count_threshold'] ||= 10
       storage_settings['failure_wait_time'] ||= 30
       storage_settings['failure_reset_time'] ||= 1800
       storage_settings['storage_timeout'] ||= 5
     end
 
-    allow(Gitlab.config.repositories).to receive(:storages).and_return(messages)
+    allow(Gitlab.config.repositories).to receive(:storages).and_return(Settingslogic.new(messages))
   end
 
   private
diff --git a/spec/tasks/gitlab/gitaly_rake_spec.rb b/spec/tasks/gitlab/gitaly_rake_spec.rb
index b29d63c7d67..1e9b20435ec 100644
--- a/spec/tasks/gitlab/gitaly_rake_spec.rb
+++ b/spec/tasks/gitlab/gitaly_rake_spec.rb
@@ -89,7 +89,7 @@ describe 'gitlab:gitaly namespace rake task' do
 
           it 'calls make in the gitaly directory without BUNDLE_PATH' do
             expect(main_object).to receive(:run_command!).with(command_preamble + ['make']).and_return(true)
-  
+
             run_rake_task('gitlab:gitaly:install', clone_path)
           end
         end
diff --git a/spec/workers/create_gpg_signature_worker_spec.rb b/spec/workers/create_gpg_signature_worker_spec.rb
index c6a17d77d73..54978baca88 100644
--- a/spec/workers/create_gpg_signature_worker_spec.rb
+++ b/spec/workers/create_gpg_signature_worker_spec.rb
@@ -1,34 +1,26 @@
 require 'spec_helper'
 
 describe CreateGpgSignatureWorker do
+  let(:project) { create(:project, :repository) }
+
   context 'when GpgKey is found' do
-    it 'calls Commit#signature' do
-      commit_sha = '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33'
-      project = create :project
-      commit = instance_double(Commit)
+    let(:commit_sha) { '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33' }
 
-      allow(Project).to receive(:find_by).with(id: project.id).and_return(project)
-      allow(project).to receive(:commit).with(commit_sha).and_return(commit)
+    it 'calls Gitlab::Gpg::Commit#signature' do
+      expect(Gitlab::Gpg::Commit).to receive(:new).with(project, commit_sha).and_call_original
 
-      expect(commit).to receive(:signature)
+      expect_any_instance_of(Gitlab::Gpg::Commit).to receive(:signature)
 
       described_class.new.perform(commit_sha, project.id)
     end
   end
 
   context 'when Commit is not found' do
-    let(:nonexisting_commit_sha) { 'bogus' }
-    let(:project) { create :project }
+    let(:nonexisting_commit_sha) { '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a34' }
 
     it 'does not raise errors' do
       expect { described_class.new.perform(nonexisting_commit_sha, project.id) }.not_to raise_error
     end
-
-    it 'does not call Commit#signature' do
-      expect_any_instance_of(Commit).not_to receive(:signature)
-
-      described_class.new.perform(nonexisting_commit_sha, project.id)
-    end
   end
 
   context 'when Project is not found' do
@@ -38,8 +30,8 @@ describe CreateGpgSignatureWorker do
       expect { described_class.new.perform(anything, nonexisting_project_id) }.not_to raise_error
     end
 
-    it 'does not call Commit#signature' do
-      expect_any_instance_of(Commit).not_to receive(:signature)
+    it 'does not call Gitlab::Gpg::Commit#signature' do
+      expect_any_instance_of(Gitlab::Gpg::Commit).not_to receive(:signature)
 
       described_class.new.perform(anything, nonexisting_project_id)
     end
diff --git a/spec/workers/repository_import_worker_spec.rb b/spec/workers/repository_import_worker_spec.rb
index ca904e512ac..100dfc32bbe 100644
--- a/spec/workers/repository_import_worker_spec.rb
+++ b/spec/workers/repository_import_worker_spec.rb
@@ -22,8 +22,8 @@ describe RepositoryImportWorker do
       it 'hide the credentials that were used in the import URL' do
         error = %q{remote: Not Found fatal: repository 'https://user:pass@test.com/root/repoC.git/' not found }
 
+        project.update_attributes(import_jid: '123')
         expect_any_instance_of(Projects::ImportService).to receive(:execute).and_return({ status: :error, message: error })
-        allow(subject).to receive(:jid).and_return('123')
 
         expect do
           subject.perform(project.id)
diff --git a/spec/workers/stuck_import_jobs_worker_spec.rb b/spec/workers/stuck_import_jobs_worker_spec.rb
index 2f5b685a332..a82eb54ffe4 100644
--- a/spec/workers/stuck_import_jobs_worker_spec.rb
+++ b/spec/workers/stuck_import_jobs_worker_spec.rb
@@ -8,29 +8,29 @@ describe StuckImportJobsWorker do
     allow_any_instance_of(Gitlab::ExclusiveLease).to receive(:try_obtain).and_return(exclusive_lease_uuid)
   end
 
-  describe 'long running import' do
-    let(:project) { create(:project, import_jid: '123', import_status: 'started') }
+  describe 'with started import_status' do
+    let(:project) { create(:project, :import_started, import_jid: '123') }
 
-    before do
-      allow(Gitlab::SidekiqStatus).to receive(:completed_jids).and_return(['123'])
-    end
+    describe 'long running import' do
+      it 'marks the project as failed' do
+        allow(Gitlab::SidekiqStatus).to receive(:completed_jids).and_return(['123'])
 
-    it 'marks the project as failed' do
-      expect { worker.perform }.to change { project.reload.import_status }.to('failed')
+        expect { worker.perform }.to change { project.reload.import_status }.to('failed')
+      end
     end
-  end
 
-  describe 'running import' do
-    let(:project) { create(:project, import_jid: '123', import_status: 'started') }
-
-    before do
-      allow(Gitlab::SidekiqStatus).to receive(:completed_jids).and_return([])
-    end
+    describe 'running import' do
+      it 'does not mark the project as failed' do
+        allow(Gitlab::SidekiqStatus).to receive(:completed_jids).and_return([])
 
-    it 'does not mark the project as failed' do
-      worker.perform
+        expect { worker.perform }.not_to change { project.reload.import_status }
+      end
 
-      expect(project.reload.import_status).to eq('started')
+      describe 'import without import_jid' do
+        it 'marks the project as failed' do
+          expect { worker.perform }.to change { project.reload.import_status }.to('failed')
+        end
+      end
     end
   end
 end
diff --git a/yarn.lock b/yarn.lock
index 5fc28f8b5ba..396737a64a7 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -14,8 +14,8 @@ accepts@1.3.3, accepts@~1.3.3:
     negotiator "0.6.1"
 
 acorn-dynamic-import@^2.0.0:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/acorn-dynamic-import/-/acorn-dynamic-import-2.0.1.tgz#23f671eb6e650dab277fef477c321b1178a8cca2"
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/acorn-dynamic-import/-/acorn-dynamic-import-2.0.2.tgz#c752bd210bef679501b6c6cb7fc84f8f47158cc4"
   dependencies:
     acorn "^4.0.3"
 
@@ -25,17 +25,17 @@ acorn-jsx@^3.0.0:
   dependencies:
     acorn "^3.0.4"
 
-acorn@4.0.4, acorn@^4.0.3:
-  version "4.0.4"
-  resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.4.tgz#17a8d6a7a6c4ef538b814ec9abac2779293bf30a"
-
 acorn@^3.0.4:
   version "3.3.0"
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-3.3.0.tgz#45e37fb39e8da3f25baee3ff5369e2bb5f22017a"
 
-acorn@^5.0.0, acorn@^5.0.3:
-  version "5.0.3"
-  resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.0.3.tgz#c460df08491463f028ccb82eab3730bf01087b3d"
+acorn@^4.0.3:
+  version "4.0.13"
+  resolved "https://registry.yarnpkg.com/acorn/-/acorn-4.0.13.tgz#105495ae5361d697bd195c825192e1ad7f253787"
+
+acorn@^5.0.0, acorn@^5.0.3, acorn@^5.1.1:
+  version "5.1.1"
+  resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.1.1.tgz#53fe161111f912ab999ee887a90a0bc52822fd75"
 
 after@0.8.2:
   version "0.8.2"
@@ -56,6 +56,13 @@ ajv@^4.7.0:
     co "^4.6.0"
     json-stable-stringify "^1.0.1"
 
+ajv@^4.9.1:
+  version "4.11.8"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-4.11.8.tgz#82ffb02b29e662ae53bdc20af15947706739c536"
+  dependencies:
+    co "^4.6.0"
+    json-stable-stringify "^1.0.1"
+
 ajv@^5.1.5:
   version "5.2.0"
   resolved "https://registry.yarnpkg.com/ajv/-/ajv-5.2.0.tgz#c1735024c5da2ef75cc190713073d44f098bf486"
@@ -102,11 +109,11 @@ ansi-styles@^2.2.1:
   resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-2.2.1.tgz#b432dd3358b634cf75e1e4664368240533c1ddbe"
 
 anymatch@^1.3.0:
-  version "1.3.0"
-  resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-1.3.0.tgz#a3e52fa39168c825ff57b0248126ce5a8ff95507"
+  version "1.3.2"
+  resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-1.3.2.tgz#553dcb8f91e3c889845dfdba34c77721b90b9d7a"
   dependencies:
-    arrify "^1.0.0"
     micromatch "^2.1.5"
+    normalize-path "^2.0.0"
 
 append-transform@^0.4.0:
   version "0.4.0"
@@ -115,15 +122,15 @@ append-transform@^0.4.0:
     default-require-extensions "^1.0.0"
 
 aproba@^1.0.3:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.1.0.tgz#4d8f047a318604e18e3c06a0e52230d3d19f147b"
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.1.2.tgz#45c6629094de4e96f693ef7eab74ae079c240fc1"
 
 are-we-there-yet@~1.1.2:
-  version "1.1.2"
-  resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.2.tgz#80e470e95a084794fe1899262c5667c6e88de1b3"
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.4.tgz#bb5dca382bb94f05e15194373d16fd3ba1ca110d"
   dependencies:
     delegates "^1.0.0"
-    readable-stream "^2.0.0 || ^1.1.13"
+    readable-stream "^2.0.6"
 
 argparse@^1.0.7:
   version "1.0.9"
@@ -195,14 +202,14 @@ asn1@~0.2.3:
   version "0.2.3"
   resolved "https://registry.yarnpkg.com/asn1/-/asn1-0.2.3.tgz#dac8787713c9966849fc8180777ebe9c1ddf3b86"
 
+assert-plus@1.0.0, assert-plus@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525"
+
 assert-plus@^0.2.0:
   version "0.2.0"
   resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-0.2.0.tgz#d74e1b87e7affc0db8aadb7021f3fe48101ab234"
 
-assert-plus@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/assert-plus/-/assert-plus-1.0.0.tgz#f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525"
-
 assert@^1.1.1:
   version "1.4.1"
   resolved "https://registry.yarnpkg.com/assert/-/assert-1.4.1.tgz#99912d591836b5a6f5b345c0f07eefc08fc65d91"
@@ -213,17 +220,19 @@ async-each@^1.0.0:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/async-each/-/async-each-1.0.1.tgz#19d386a1d9edc6e7c1c85d388aedbcc56d33602d"
 
-async@0.2.x:
-  version "0.2.10"
-  resolved "https://registry.yarnpkg.com/async/-/async-0.2.10.tgz#b6bbe0b0674b9d719708ca38de8c237cb526c3d1"
-
 async@1.x, async@^1.4.0, async@^1.4.2, async@^1.5.2:
   version "1.5.2"
   resolved "https://registry.yarnpkg.com/async/-/async-1.5.2.tgz#ec6a61ae56480c0c3cb241c95618e20892f9672a"
 
+async@2.4.1:
+  version "2.4.1"
+  resolved "https://registry.yarnpkg.com/async/-/async-2.4.1.tgz#62a56b279c98a11d0987096a01cc3eeb8eb7bbd7"
+  dependencies:
+    lodash "^4.14.0"
+
 async@^2.1.2, async@^2.1.4:
-  version "2.1.4"
-  resolved "https://registry.yarnpkg.com/async/-/async-2.1.4.tgz#2d2160c7788032e4dd6cbe2502f1f9a2c8f6cde4"
+  version "2.5.0"
+  resolved "https://registry.yarnpkg.com/async/-/async-2.5.0.tgz#843190fd6b7357a0b9e1c956edddd5ec8462b54d"
   dependencies:
     lodash "^4.14.0"
 
@@ -261,7 +270,7 @@ axios@^0.16.2:
     follow-redirects "^1.2.3"
     is-buffer "^1.1.5"
 
-babel-code-frame@^6.11.0, babel-code-frame@^6.16.0, babel-code-frame@^6.22.0:
+babel-code-frame@^6.11.0, babel-code-frame@^6.22.0:
   version "6.22.0"
   resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.22.0.tgz#027620bee567a88c32561574e7fd0801d33118e4"
   dependencies:
@@ -269,6 +278,14 @@ babel-code-frame@^6.11.0, babel-code-frame@^6.16.0, babel-code-frame@^6.22.0:
     esutils "^2.0.2"
     js-tokens "^3.0.0"
 
+babel-code-frame@^6.16.0:
+  version "6.26.0"
+  resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.26.0.tgz#63fd43f7dc1e3bb7ce35947db8fe369a3f58c74b"
+  dependencies:
+    chalk "^1.1.3"
+    esutils "^2.0.2"
+    js-tokens "^3.0.2"
+
 babel-core@^6.22.1, babel-core@^6.23.0:
   version "6.23.1"
   resolved "https://registry.yarnpkg.com/babel-core/-/babel-core-6.23.1.tgz#c143cb621bb2f621710c220c5d579d15b8a442df"
@@ -864,6 +881,10 @@ balanced-match@^0.4.1, balanced-match@^0.4.2:
   version "0.4.2"
   resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-0.4.2.tgz#cb3f3e3c732dc0f01ee70b403f302e61d7709838"
 
+balanced-match@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767"
+
 base64-arraybuffer@0.1.5:
   version "0.1.5"
   resolved "https://registry.yarnpkg.com/base64-arraybuffer/-/base64-arraybuffer-0.1.5.tgz#73926771923b5a19747ad666aa5cd4bf9c6e9ce8"
@@ -876,9 +897,9 @@ base64id@1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/base64id/-/base64id-1.0.0.tgz#47688cb99bb6804f0e06d3e763b1c32e57d8e6b6"
 
-batch@0.5.3:
-  version "0.5.3"
-  resolved "https://registry.yarnpkg.com/batch/-/batch-0.5.3.tgz#3f3414f380321743bfc1042f9a83ff1d5824d464"
+batch@0.6.1:
+  version "0.6.1"
+  resolved "https://registry.yarnpkg.com/batch/-/batch-0.6.1.tgz#dc34314f4e679318093fc760272525f94bf25c16"
 
 bcrypt-pbkdf@^1.0.0:
   version "1.0.1"
@@ -897,8 +918,8 @@ big.js@^3.1.3:
   resolved "https://registry.yarnpkg.com/big.js/-/big.js-3.1.3.tgz#4cada2193652eb3ca9ec8e55c9015669c9806978"
 
 binary-extensions@^1.0.0:
-  version "1.8.0"
-  resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.8.0.tgz#48ec8d16df4377eae5fa5884682480af4d95c774"
+  version "1.10.0"
+  resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-1.10.0.tgz#9aeb9a6c5e88638aad171e167f5900abe24835d0"
 
 blob@0.0.4:
   version "0.0.4"
@@ -914,10 +935,14 @@ bluebird@^2.10.2:
   version "2.11.0"
   resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-2.11.0.tgz#534b9033c022c9579c56ba3b3e5a5caafbb650e1"
 
-bluebird@^3.0.5, bluebird@^3.1.1, bluebird@^3.3.0:
+bluebird@^3.0.5, bluebird@^3.1.1:
   version "3.4.7"
   resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.4.7.tgz#f72d760be09b7f76d08ed8fae98b289a8d05fab3"
 
+bluebird@^3.3.0:
+  version "3.5.0"
+  resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.5.0.tgz#791420d7f551eea2897453a8a77653f96606d67c"
+
 bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.1.1, bn.js@^4.4.0:
   version "4.11.6"
   resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.11.6.tgz#53344adb14617a13f6e8dd2ce28905d1c0ba3215"
@@ -965,6 +990,13 @@ brace-expansion@^1.0.0:
     balanced-match "^0.4.1"
     concat-map "0.0.1"
 
+brace-expansion@^1.1.7:
+  version "1.1.8"
+  resolved "https://registry.yarnpkg.com/brace-expansion/-/brace-expansion-1.1.8.tgz#c07b211c7c952ec1f8efd51a77ef0d1d3990a292"
+  dependencies:
+    balanced-match "^1.0.0"
+    concat-map "0.0.1"
+
 braces@^0.1.2:
   version "0.1.5"
   resolved "https://registry.yarnpkg.com/braces/-/braces-0.1.5.tgz#c085711085291d8b75fdd74eab0f8597280711e6"
@@ -1069,14 +1101,14 @@ builtin-status-codes@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz#85982878e21b98e1c66425e03d0174788f569ee8"
 
-bytes@2.3.0:
-  version "2.3.0"
-  resolved "https://registry.yarnpkg.com/bytes/-/bytes-2.3.0.tgz#d5b680a165b6201739acb611542aabc2d8ceb070"
-
 bytes@2.4.0:
   version "2.4.0"
   resolved "https://registry.yarnpkg.com/bytes/-/bytes-2.4.0.tgz#7d97196f9d5baf7f6935e25985549edd2a6c2339"
 
+bytes@2.5.0:
+  version "2.5.0"
+  resolved "https://registry.yarnpkg.com/bytes/-/bytes-2.5.0.tgz#4c9423ea2d252c270c41b2bdefeff9bb6b62c06a"
+
 caller-path@^0.1.0:
   version "0.1.0"
   resolved "https://registry.yarnpkg.com/caller-path/-/caller-path-0.1.0.tgz#94085ef63581ecd3daa92444a8fe94e82577751f"
@@ -1127,9 +1159,9 @@ caniuse-db@^1.0.30000529, caniuse-db@^1.0.30000634, caniuse-db@^1.0.30000639:
   version "1.0.30000649"
   resolved "https://registry.yarnpkg.com/caniuse-db/-/caniuse-db-1.0.30000649.tgz#1ee1754a6df235450c8b7cd15e0ebf507221a86a"
 
-caseless@~0.11.0:
-  version "0.11.0"
-  resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.11.0.tgz#715b96ea9841593cc33067923f5ec60ebda4f7d7"
+caseless@~0.12.0:
+  version "0.12.0"
+  resolved "https://registry.yarnpkg.com/caseless/-/caseless-0.12.0.tgz#1b681c21ff84033c826543090689420d187151dc"
 
 center-align@^0.1.1:
   version "0.1.3"
@@ -1148,22 +1180,7 @@ chalk@1.1.3, chalk@^1.0.0, chalk@^1.1.0, chalk@^1.1.1, chalk@^1.1.3:
     strip-ansi "^3.0.0"
     supports-color "^2.0.0"
 
-chokidar@^1.4.1, chokidar@^1.4.3, chokidar@^1.6.0:
-  version "1.6.1"
-  resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-1.6.1.tgz#2f4447ab5e96e50fb3d789fd90d4c72e0e4c70c2"
-  dependencies:
-    anymatch "^1.3.0"
-    async-each "^1.0.0"
-    glob-parent "^2.0.0"
-    inherits "^2.0.1"
-    is-binary-path "^1.0.0"
-    is-glob "^2.0.0"
-    path-is-absolute "^1.0.0"
-    readdirp "^2.0.0"
-  optionalDependencies:
-    fsevents "^1.0.0"
-
-chokidar@^1.7.0:
+chokidar@^1.4.1, chokidar@^1.4.3, chokidar@^1.6.0, chokidar@^1.7.0:
   version "1.7.0"
   resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-1.7.0.tgz#798e689778151c8076b4b360e5edd28cda2bb468"
   dependencies:
@@ -1185,8 +1202,8 @@ cipher-base@^1.0.0, cipher-base@^1.0.1:
     inherits "^2.0.1"
 
 circular-json@^0.3.1:
-  version "0.3.1"
-  resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.1.tgz#be8b36aefccde8b3ca7aa2d6afc07a37242c0d2d"
+  version "0.3.3"
+  resolved "https://registry.yarnpkg.com/circular-json/-/circular-json-0.3.3.tgz#815c99ea84f6809529d2f45791bdf82711352d66"
 
 clap@^1.0.9:
   version "1.1.3"
@@ -1294,7 +1311,7 @@ combined-stream@^1.0.5, combined-stream@~1.0.5:
   dependencies:
     delayed-stream "~1.0.0"
 
-commander@^2.8.1, commander@^2.9.0:
+commander@^2.9.0:
   version "2.9.0"
   resolved "https://registry.yarnpkg.com/commander/-/commander-2.9.0.tgz#9c99094176e12240cb22d6c5146098400fe0f7d4"
   dependencies:
@@ -1320,37 +1337,36 @@ component-inherit@0.0.3:
   version "0.0.3"
   resolved "https://registry.yarnpkg.com/component-inherit/-/component-inherit-0.0.3.tgz#645fc4adf58b72b649d5cae65135619db26ff143"
 
-compressible@~2.0.8:
-  version "2.0.9"
-  resolved "https://registry.yarnpkg.com/compressible/-/compressible-2.0.9.tgz#6daab4e2b599c2770dd9e21e7a891b1c5a755425"
+compressible@~2.0.10:
+  version "2.0.11"
+  resolved "https://registry.yarnpkg.com/compressible/-/compressible-2.0.11.tgz#16718a75de283ed8e604041625a2064586797d8a"
   dependencies:
-    mime-db ">= 1.24.0 < 2"
+    mime-db ">= 1.29.0 < 2"
 
-compression-webpack-plugin@^0.3.2:
-  version "0.3.2"
-  resolved "https://registry.yarnpkg.com/compression-webpack-plugin/-/compression-webpack-plugin-0.3.2.tgz#1edfb0e749d7366d3e701670c463359b2c0cf704"
+compression-webpack-plugin@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/compression-webpack-plugin/-/compression-webpack-plugin-1.0.0.tgz#5c5eb6afd08ca6a5d66006eeef71da17b01bd676"
   dependencies:
-    async "0.2.x"
-    webpack-sources "^0.1.0"
-  optionalDependencies:
-    node-zopfli "^2.0.0"
+    async "2.4.1"
+    webpack-sources "^1.0.1"
 
 compression@^1.5.2:
-  version "1.6.2"
-  resolved "https://registry.yarnpkg.com/compression/-/compression-1.6.2.tgz#cceb121ecc9d09c52d7ad0c3350ea93ddd402bc3"
+  version "1.7.0"
+  resolved "https://registry.yarnpkg.com/compression/-/compression-1.7.0.tgz#030c9f198f1643a057d776a738e922da4373012d"
   dependencies:
     accepts "~1.3.3"
-    bytes "2.3.0"
-    compressible "~2.0.8"
-    debug "~2.2.0"
+    bytes "2.5.0"
+    compressible "~2.0.10"
+    debug "2.6.8"
     on-headers "~1.0.1"
-    vary "~1.1.0"
+    safe-buffer "5.1.1"
+    vary "~1.1.1"
 
 concat-map@0.0.1:
   version "0.0.1"
   resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b"
 
-concat-stream@^1.4.6:
+concat-stream@^1.5.2:
   version "1.6.0"
   resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.0.tgz#0aac662fd52be78964d5532f694784e70110acf7"
   dependencies:
@@ -1383,11 +1399,11 @@ connect-history-api-fallback@^1.3.0:
   resolved "https://registry.yarnpkg.com/connect-history-api-fallback/-/connect-history-api-fallback-1.3.0.tgz#e51d17f8f0ef0db90a64fdb47de3051556e9f169"
 
 connect@^3.6.0:
-  version "3.6.2"
-  resolved "https://registry.yarnpkg.com/connect/-/connect-3.6.2.tgz#694e8d20681bfe490282c8ab886be98f09f42fe7"
+  version "3.6.3"
+  resolved "https://registry.yarnpkg.com/connect/-/connect-3.6.3.tgz#f7320d46a25b4be7b483a2236517f24b1e27e301"
   dependencies:
-    debug "2.6.7"
-    finalhandler "1.0.3"
+    debug "2.6.8"
+    finalhandler "1.0.4"
     parseurl "~1.3.1"
     utils-merge "1.0.0"
 
@@ -1448,7 +1464,11 @@ copy-webpack-plugin@^4.0.1:
     minimatch "^3.0.0"
     node-dir "^0.1.10"
 
-core-js@^2.2.0, core-js@^2.4.0, core-js@^2.4.1:
+core-js@^2.2.0:
+  version "2.5.0"
+  resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.5.0.tgz#569c050918be6486b3837552028ae0466b717086"
+
+core-js@^2.4.0, core-js@^2.4.1:
   version "2.4.1"
   resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.4.1.tgz#4de911e667b0eae9124e34254b53aea6fc618d3e"
 
@@ -1456,7 +1476,7 @@ core-js@~2.3.0:
   version "2.3.0"
   resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.3.0.tgz#fab83fbb0b2d8dc85fa636c4b9d34c75420c6d65"
 
-core-util-is@~1.0.0:
+core-util-is@1.0.2, core-util-is@~1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
 
@@ -1654,7 +1674,7 @@ de-indent@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/de-indent/-/de-indent-1.0.2.tgz#b2038e846dc33baa5796128d0804b455b8c1e21d"
 
-debug@2.2.0, debug@~2.2.0:
+debug@2.2.0:
   version "2.2.0"
   resolved "https://registry.yarnpkg.com/debug/-/debug-2.2.0.tgz#f87057e995b1a1f6ae6a4960664137bc56f039da"
   dependencies:
@@ -1672,7 +1692,7 @@ debug@2.6.7:
   dependencies:
     ms "2.0.0"
 
-debug@^2.1.0, debug@^2.1.1, debug@^2.2.0, debug@^2.4.5, debug@^2.6.6, debug@^2.6.8:
+debug@2.6.8, debug@^2.1.0, debug@^2.1.1, debug@^2.2.0, debug@^2.4.5, debug@^2.6.6, debug@^2.6.8:
   version "2.6.8"
   resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc"
   dependencies:
@@ -1697,8 +1717,8 @@ deep-equal@^1.0.1:
   resolved "https://registry.yarnpkg.com/deep-equal/-/deep-equal-1.0.1.tgz#f5d260292b660e084eff4cdbc9f08ad3247448b5"
 
 deep-extend@~0.4.0:
-  version "0.4.1"
-  resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.4.1.tgz#efe4113d08085f4e6f9687759810f807469e2253"
+  version "0.4.2"
+  resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.4.2.tgz#48b699c27e334bf89f10892be432f6e4c7d34a7f"
 
 deep-is@~0.1.3:
   version "0.1.3"
@@ -1710,12 +1730,6 @@ default-require-extensions@^1.0.0:
   dependencies:
     strip-bom "^2.0.0"
 
-defaults@^1.0.2:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/defaults/-/defaults-1.0.3.tgz#c656051e9817d9ff08ed881477f3fe4019f3ef7d"
-  dependencies:
-    clone "^1.0.2"
-
 defined@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/defined/-/defined-1.0.0.tgz#c98d9bcef75674188e110969151199e39b1fa693"
@@ -1755,10 +1769,14 @@ delegates@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a"
 
-depd@1.1.0, depd@~1.1.0:
+depd@1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.0.tgz#e1bd82c6aab6ced965b97b88b17ed3e528ca18c3"
 
+depd@1.1.1, depd@~1.1.0, depd@~1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.1.tgz#5783b4e1c459f06fa5ca27f991f3d06e7a310359"
+
 des.js@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/des.js/-/des.js-1.0.0.tgz#c074d2e2aa6a8a9a07dbd61f9a15c2cd83ec8ecc"
@@ -1776,6 +1794,10 @@ detect-indent@^4.0.0:
   dependencies:
     repeating "^2.0.0"
 
+detect-node@^2.0.3:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/detect-node/-/detect-node-2.0.3.tgz#a2033c09cc8e158d37748fbde7507832bd6ce127"
+
 di@^0.0.1:
   version "0.0.1"
   resolved "https://registry.yarnpkg.com/di/-/di-0.0.1.tgz#806649326ceaa7caa3306d75d985ea2748ba913c"
@@ -1793,8 +1815,8 @@ dns-equal@^1.0.0:
   resolved "https://registry.yarnpkg.com/dns-equal/-/dns-equal-1.0.0.tgz#b39e7f1da6eb0a75ba9c17324b34753c47e0654d"
 
 dns-packet@^1.0.1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/dns-packet/-/dns-packet-1.1.1.tgz#2369d45038af045f3898e6fa56862aed3f40296c"
+  version "1.2.2"
+  resolved "https://registry.yarnpkg.com/dns-packet/-/dns-packet-1.2.2.tgz#a8a26bec7646438963fc86e06f8f8b16d6c8bf7a"
   dependencies:
     ip "^1.1.0"
     safe-buffer "^5.0.1"
@@ -1805,13 +1827,20 @@ dns-txt@^2.0.2:
   dependencies:
     buffer-indexof "^1.0.0"
 
-doctrine@1.5.0, doctrine@^1.2.2:
+doctrine@1.5.0:
   version "1.5.0"
   resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa"
   dependencies:
     esutils "^2.0.2"
     isarray "^1.0.0"
 
+doctrine@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-2.0.0.tgz#c73d8d2909d22291e1a007a395804da8b665fe63"
+  dependencies:
+    esutils "^2.0.2"
+    isarray "^1.0.0"
+
 document-register-element@^1.3.0:
   version "1.3.0"
   resolved "https://registry.yarnpkg.com/document-register-element/-/document-register-element-1.3.0.tgz#fb3babb523c74662be47be19c6bc33e71990d940"
@@ -1870,10 +1899,10 @@ duplexer@^0.1.1, duplexer@~0.1.1:
   resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.1.tgz#ace6ff808c1ce66b57d1ebf97977acb02334cfc1"
 
 duplexify@^3.2.0:
-  version "3.5.0"
-  resolved "https://registry.yarnpkg.com/duplexify/-/duplexify-3.5.0.tgz#1aa773002e1578457e9d9d4a50b0ccaaebcbd604"
+  version "3.5.1"
+  resolved "https://registry.yarnpkg.com/duplexify/-/duplexify-3.5.1.tgz#4e1516be68838bc90a49994f0b39a6e5960befcd"
   dependencies:
-    end-of-stream "1.0.0"
+    end-of-stream "^1.0.0"
     inherits "^2.0.1"
     readable-stream "^2.0.0"
     stream-shift "^1.0.0"
@@ -1926,11 +1955,11 @@ encodeurl@~1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.1.tgz#79e3d58655346909fe6f0f45a5de68103b294d20"
 
-end-of-stream@1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.0.0.tgz#d4596e702734a93e40e9af864319eabd99ff2f0e"
+end-of-stream@^1.0.0:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.4.0.tgz#7a90d833efda6cfa6eac0f4949dbb0fad3a63206"
   dependencies:
-    once "~1.3.0"
+    once "^1.4.0"
 
 engine.io-client@1.8.3:
   version "1.8.3"
@@ -2034,7 +2063,11 @@ es6-map@^0.1.3:
     es6-symbol "~3.1.1"
     event-emitter "~0.3.5"
 
-es6-promise@^3.0.2, es6-promise@~3.0.2:
+es6-promise@^3.0.2:
+  version "3.3.1"
+  resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.3.1.tgz#a08cdde84ccdbf34d027a1451bc91d4bcd28a613"
+
+es6-promise@~3.0.2:
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.0.2.tgz#010d5858423a5f118979665f46486a95c6ee2bb6"
 
@@ -2165,16 +2198,17 @@ eslint-plugin-promise@^3.5.0:
   resolved "https://registry.yarnpkg.com/eslint-plugin-promise/-/eslint-plugin-promise-3.5.0.tgz#78fbb6ffe047201627569e85a6c5373af2a68fca"
 
 eslint@^3.10.1:
-  version "3.15.0"
-  resolved "https://registry.yarnpkg.com/eslint/-/eslint-3.15.0.tgz#bdcc6a6c5ffe08160e7b93c066695362a91e30f2"
+  version "3.19.0"
+  resolved "https://registry.yarnpkg.com/eslint/-/eslint-3.19.0.tgz#c8fc6201c7f40dd08941b87c085767386a679acc"
   dependencies:
     babel-code-frame "^6.16.0"
     chalk "^1.1.3"
-    concat-stream "^1.4.6"
+    concat-stream "^1.5.2"
     debug "^2.1.1"
-    doctrine "^1.2.2"
+    doctrine "^2.0.0"
     escope "^3.6.0"
     espree "^3.4.0"
+    esquery "^1.0.0"
     estraverse "^4.2.0"
     esutils "^2.0.2"
     file-entry-cache "^2.0.0"
@@ -2204,10 +2238,10 @@ eslint@^3.10.1:
     user-home "^2.0.0"
 
 espree@^3.4.0:
-  version "3.4.0"
-  resolved "https://registry.yarnpkg.com/espree/-/espree-3.4.0.tgz#41656fa5628e042878025ef467e78f125cb86e1d"
+  version "3.5.0"
+  resolved "https://registry.yarnpkg.com/espree/-/espree-3.5.0.tgz#98358625bdd055861ea27e2867ea729faf463d8d"
   dependencies:
-    acorn "4.0.4"
+    acorn "^5.1.1"
     acorn-jsx "^3.0.0"
 
 esprima@2.7.x, esprima@^2.6.0, esprima@^2.7.1:
@@ -2218,6 +2252,16 @@ esprima@^3.1.1:
   version "3.1.3"
   resolved "https://registry.yarnpkg.com/esprima/-/esprima-3.1.3.tgz#fdca51cee6133895e3c88d535ce49dbff62a4633"
 
+esprima@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/esprima/-/esprima-4.0.0.tgz#4499eddcd1110e0b218bacf2fa7f7f59f55ca804"
+
+esquery@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/esquery/-/esquery-1.0.0.tgz#cfba8b57d7fba93f17298a8a006a04cda13d80fa"
+  dependencies:
+    estraverse "^4.0.0"
+
 esrecurse@^4.1.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.1.0.tgz#4713b6536adf7f2ac4f327d559e7756bff648220"
@@ -2229,7 +2273,7 @@ estraverse@^1.9.1:
   version "1.9.3"
   resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-1.9.3.tgz#af67f2dc922582415950926091a4005d29c9bb44"
 
-estraverse@^4.1.1, estraverse@^4.2.0:
+estraverse@^4.0.0, estraverse@^4.1.1, estraverse@^4.2.0:
   version "4.2.0"
   resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13"
 
@@ -2339,8 +2383,8 @@ exports-loader@^0.6.4:
     source-map "0.5.x"
 
 express@^4.13.3, express@^4.15.2:
-  version "4.15.3"
-  resolved "https://registry.yarnpkg.com/express/-/express-4.15.3.tgz#bab65d0f03aa80c358408972fc700f916944b662"
+  version "4.15.4"
+  resolved "https://registry.yarnpkg.com/express/-/express-4.15.4.tgz#032e2253489cf8fce02666beca3d11ed7a2daed1"
   dependencies:
     accepts "~1.3.3"
     array-flatten "1.1.1"
@@ -2348,23 +2392,23 @@ express@^4.13.3, express@^4.15.2:
     content-type "~1.0.2"
     cookie "0.3.1"
     cookie-signature "1.0.6"
-    debug "2.6.7"
-    depd "~1.1.0"
+    debug "2.6.8"
+    depd "~1.1.1"
     encodeurl "~1.0.1"
     escape-html "~1.0.3"
     etag "~1.8.0"
-    finalhandler "~1.0.3"
+    finalhandler "~1.0.4"
     fresh "0.5.0"
     merge-descriptors "1.0.1"
     methods "~1.1.2"
     on-finished "~2.3.0"
     parseurl "~1.3.1"
     path-to-regexp "0.1.7"
-    proxy-addr "~1.1.4"
-    qs "6.4.0"
+    proxy-addr "~1.1.5"
+    qs "6.5.0"
     range-parser "~1.2.0"
-    send "0.15.3"
-    serve-static "1.12.3"
+    send "0.15.4"
+    serve-static "1.12.4"
     setprototypeof "1.0.3"
     statuses "~1.3.1"
     type-is "~1.6.15"
@@ -2372,8 +2416,8 @@ express@^4.13.3, express@^4.15.2:
     vary "~1.1.1"
 
 extend@^3.0.0, extend@~3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.0.tgz#5a474353b9f3353ddd8176dfd37b91c83a46f1d4"
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/extend/-/extend-3.0.1.tgz#a755ea7bc1adfcc5a31ce7e762dbaadc5e636444"
 
 extglob@^0.3.1:
   version "0.3.2"
@@ -2381,9 +2425,9 @@ extglob@^0.3.1:
   dependencies:
     is-extglob "^1.0.0"
 
-extsprintf@1.0.2:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.0.2.tgz#e1080e0658e300b06294990cc70e1502235fd550"
+extsprintf@1.3.0, extsprintf@^1.2.0:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.3.0.tgz#96918440e3041a7a414f8c52e3c574eb3c3e1e05"
 
 fast-deep-equal@^0.1.0:
   version "0.1.0"
@@ -2464,11 +2508,11 @@ fill-range@^2.1.0:
     repeat-element "^1.1.2"
     repeat-string "^1.5.2"
 
-finalhandler@1.0.3, finalhandler@~1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.0.3.tgz#ef47e77950e999780e86022a560e3217e0d0cc89"
+finalhandler@1.0.4, finalhandler@~1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.0.4.tgz#18574f2e7c4b98b8ae3b230c21f201f31bdb3fb7"
   dependencies:
-    debug "2.6.7"
+    debug "2.6.8"
     encodeurl "~1.0.1"
     escape-html "~1.0.3"
     on-finished "~2.3.0"
@@ -2535,8 +2579,8 @@ forever-agent@~0.6.1:
   resolved "https://registry.yarnpkg.com/forever-agent/-/forever-agent-0.6.1.tgz#fbc71f0c41adeb37f96c577ad1ed42d8fdacca91"
 
 form-data@~2.1.1:
-  version "2.1.2"
-  resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.1.2.tgz#89c3534008b97eada4cbb157d58f6f5df025eae4"
+  version "2.1.4"
+  resolved "https://registry.yarnpkg.com/form-data/-/form-data-2.1.4.tgz#33c183acf193276ecaa98143a69e94bfee1750d1"
   dependencies:
     asynckit "^0.4.0"
     combined-stream "^1.0.5"
@@ -2575,13 +2619,13 @@ fs.realpath@^1.0.0:
   resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f"
 
 fsevents@^1.0.0:
-  version "1.0.17"
-  resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.0.17.tgz#8537f3f12272678765b4fd6528c0f1f66f8f4558"
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.1.2.tgz#3282b713fb3ad80ede0e9fcf4611b5aa6fc033f4"
   dependencies:
     nan "^2.3.0"
-    node-pre-gyp "^0.6.29"
+    node-pre-gyp "^0.6.36"
 
-fstream-ignore@~1.0.5:
+fstream-ignore@^1.0.5:
   version "1.0.5"
   resolved "https://registry.yarnpkg.com/fstream-ignore/-/fstream-ignore-1.0.5.tgz#9c31dae34767018fe1d249b24dada67d092da105"
   dependencies:
@@ -2589,9 +2633,9 @@ fstream-ignore@~1.0.5:
     inherits "2"
     minimatch "^3.0.0"
 
-fstream@^1.0.0, fstream@^1.0.2, fstream@~1.0.10:
-  version "1.0.10"
-  resolved "https://registry.yarnpkg.com/fstream/-/fstream-1.0.10.tgz#604e8a92fe26ffd9f6fae30399d4984e1ab22822"
+fstream@^1.0.0, fstream@^1.0.10, fstream@^1.0.2:
+  version "1.0.11"
+  resolved "https://registry.yarnpkg.com/fstream/-/fstream-1.0.11.tgz#5c1fb1f117477114f0632a0eb4b71b3cb0fd3171"
   dependencies:
     graceful-fs "^4.1.2"
     inherits "~2.0.0"
@@ -2602,9 +2646,9 @@ function-bind@^1.0.2:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.0.tgz#16176714c801798e4e8f2cf7f7529467bb4a5771"
 
-gauge@~2.7.1:
-  version "2.7.2"
-  resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.2.tgz#15cecc31b02d05345a5d6b0e171cdb3ad2307774"
+gauge@~2.7.3:
+  version "2.7.4"
+  resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.4.tgz#2c03405c7538c39d7eb37b317022e325fb018bf7"
   dependencies:
     aproba "^1.0.3"
     console-control-strings "^1.0.0"
@@ -2613,7 +2657,6 @@ gauge@~2.7.1:
     signal-exit "^3.0.0"
     string-width "^1.0.1"
     strip-ansi "^3.0.1"
-    supports-color "^0.2.0"
     wide-align "^1.1.0"
 
 generate-function@^2.0.0:
@@ -2639,8 +2682,8 @@ get-stream@^3.0.0:
   resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-3.0.0.tgz#8e943d1358dc37555054ecbe2edb05aa174ede14"
 
 getpass@^0.1.1:
-  version "0.1.6"
-  resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.6.tgz#283ffd9fc1256840875311c1b60e8c40187110e6"
+  version "0.1.7"
+  resolved "https://registry.yarnpkg.com/getpass/-/getpass-0.1.7.tgz#5eff8e3e684d569ae4cb2b1282604e8ba62149fa"
   dependencies:
     assert-plus "^1.0.0"
 
@@ -2677,7 +2720,18 @@ glob@^6.0.4:
     once "^1.3.0"
     path-is-absolute "^1.0.0"
 
-glob@^7.0.0, glob@^7.0.3, glob@^7.0.5, glob@^7.1.1:
+glob@^7.0.0, glob@^7.1.1:
+  version "7.1.2"
+  resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.2.tgz#c19c9df9a028702d678612384a6552404c636d15"
+  dependencies:
+    fs.realpath "^1.0.0"
+    inflight "^1.0.4"
+    inherits "2"
+    minimatch "^3.0.4"
+    once "^1.3.0"
+    path-is-absolute "^1.0.0"
+
+glob@^7.0.3, glob@^7.0.5:
   version "7.1.1"
   resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8"
   dependencies:
@@ -2688,10 +2742,14 @@ glob@^7.0.0, glob@^7.0.3, glob@^7.0.5, glob@^7.1.1:
     once "^1.3.0"
     path-is-absolute "^1.0.0"
 
-globals@^9.0.0, globals@^9.14.0:
+globals@^9.0.0:
   version "9.14.0"
   resolved "https://registry.yarnpkg.com/globals/-/globals-9.14.0.tgz#8859936af0038741263053b39d0e76ca241e4034"
 
+globals@^9.14.0:
+  version "9.18.0"
+  resolved "https://registry.yarnpkg.com/globals/-/globals-9.18.0.tgz#aa3896b3e69b487f17e31ed2143d69a8e30c2d8a"
+
 globby@^5.0.0:
   version "5.0.0"
   resolved "https://registry.yarnpkg.com/globby/-/globby-5.0.0.tgz#ebd84667ca0dbb330b99bcfc68eac2bc54370e0d"
@@ -2767,7 +2825,7 @@ gzip-size@3.0.0, gzip-size@^3.0.0:
   dependencies:
     duplexer "^0.1.1"
 
-handle-thing@^1.2.4:
+handle-thing@^1.2.5:
   version "1.2.5"
   resolved "https://registry.yarnpkg.com/handle-thing/-/handle-thing-1.2.5.tgz#fd7aad726bf1a5fd16dfc29b2f7a6601d27139c4"
 
@@ -2781,14 +2839,16 @@ handlebars@^4.0.1, handlebars@^4.0.3:
   optionalDependencies:
     uglify-js "^2.6"
 
-har-validator@~2.0.6:
-  version "2.0.6"
-  resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-2.0.6.tgz#cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d"
+har-schema@^1.0.5:
+  version "1.0.5"
+  resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-1.0.5.tgz#d263135f43307c02c602afc8fe95970c0151369e"
+
+har-validator@~4.2.1:
+  version "4.2.1"
+  resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-4.2.1.tgz#33481d0f1bbff600dd203d75812a6a5fba002e2a"
   dependencies:
-    chalk "^1.1.1"
-    commander "^2.9.0"
-    is-my-json-valid "^2.12.4"
-    pinkie-promise "^2.0.0"
+    ajv "^4.9.1"
+    har-schema "^1.0.5"
 
 has-ansi@^2.0.0:
   version "2.0.0"
@@ -2885,10 +2945,14 @@ html-comment-regex@^1.1.0:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/html-comment-regex/-/html-comment-regex-1.1.1.tgz#668b93776eaae55ebde8f3ad464b307a4963625e"
 
-html-entities@1.2.0, html-entities@^1.2.0:
+html-entities@1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/html-entities/-/html-entities-1.2.0.tgz#41948caf85ce82fed36e4e6a0ed371a6664379e2"
 
+html-entities@^1.2.0:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/html-entities/-/html-entities-1.2.1.tgz#0df29351f0721163515dfb9e5543e5f6eed5162f"
+
 htmlparser2@^3.8.2:
   version "3.9.2"
   resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-3.9.2.tgz#1bdf87acca0f3f9e53fa4fcceb0f4b4cbb00b338"
@@ -2900,18 +2964,10 @@ htmlparser2@^3.8.2:
     inherits "^2.0.1"
     readable-stream "^2.0.2"
 
-http-deceiver@^1.2.4:
+http-deceiver@^1.2.7:
   version "1.2.7"
   resolved "https://registry.yarnpkg.com/http-deceiver/-/http-deceiver-1.2.7.tgz#fa7168944ab9a519d337cb0bec7284dc3e723d87"
 
-http-errors@~1.5.0:
-  version "1.5.1"
-  resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.5.1.tgz#788c0d2c1de2c81b9e6e8c01843b6b97eb920750"
-  dependencies:
-    inherits "2.0.3"
-    setprototypeof "1.0.2"
-    statuses ">= 1.3.1 < 2"
-
 http-errors@~1.6.1:
   version "1.6.1"
   resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.6.1.tgz#5f8b8ed98aca545656bf572997387f904a722257"
@@ -2921,6 +2977,15 @@ http-errors@~1.6.1:
     setprototypeof "1.0.3"
     statuses ">= 1.3.1 < 2"
 
+http-errors@~1.6.2:
+  version "1.6.2"
+  resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.6.2.tgz#0a002cc85707192a7e7946ceedc11155f60ec736"
+  dependencies:
+    depd "1.1.1"
+    inherits "2.0.3"
+    setprototypeof "1.0.3"
+    statuses ">= 1.3.1 < 2"
+
 http-proxy-middleware@~0.17.4:
   version "0.17.4"
   resolved "https://registry.yarnpkg.com/http-proxy-middleware/-/http-proxy-middleware-0.17.4.tgz#642e8848851d66f09d4f124912846dbaeb41b833"
@@ -2966,8 +3031,8 @@ ignore-by-default@^1.0.0:
   resolved "https://registry.yarnpkg.com/ignore-by-default/-/ignore-by-default-1.0.1.tgz#48ca6d72f6c6a3af00a9ad4ae6876be3889e2b09"
 
 ignore@^3.2.0:
-  version "3.2.2"
-  resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.2.2.tgz#1c51e1ef53bab6ddc15db4d9ac4ec139eceb3410"
+  version "3.3.3"
+  resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.3.3.tgz#432352e57accd87ab3110e82d3fea0e47812156d"
 
 immediate@~3.0.5:
   version "3.0.6"
@@ -3009,7 +3074,7 @@ inflight@^1.0.4:
     once "^1.3.0"
     wrappy "1"
 
-inherits@2, inherits@2.0.3, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, inherits@~2.0.1:
+inherits@2, inherits@2.0.3, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.0, inherits@~2.0.1, inherits@~2.0.3:
   version "2.0.3"
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de"
 
@@ -3059,13 +3124,13 @@ invert-kv@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-1.0.0.tgz#104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6"
 
-ip@^1.1.0:
+ip@^1.1.0, ip@^1.1.5:
   version "1.1.5"
   resolved "https://registry.yarnpkg.com/ip/-/ip-1.1.5.tgz#bdded70114290828c0a039e72ef25f5aaec4354a"
 
-ipaddr.js@1.3.0:
-  version "1.3.0"
-  resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.3.0.tgz#1e03a52fdad83a8bbb2b25cbf4998b4cffcd3dec"
+ipaddr.js@1.4.0:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.4.0.tgz#296aca878a821816e5b85d0a285a99bcff4582f0"
 
 is-absolute-url@^2.0.0:
   version "2.1.0"
@@ -3148,9 +3213,9 @@ is-glob@^3.1.0:
   dependencies:
     is-extglob "^2.1.0"
 
-is-my-json-valid@^2.10.0, is-my-json-valid@^2.12.4:
-  version "2.15.0"
-  resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz#936edda3ca3c211fd98f3b2d3e08da43f7b2915b"
+is-my-json-valid@^2.10.0:
+  version "2.16.0"
+  resolved "https://registry.yarnpkg.com/is-my-json-valid/-/is-my-json-valid-2.16.0.tgz#f079dd9bfdae65ee2038aae8acbc86ab109e3693"
   dependencies:
     generate-function "^2.0.0"
     generate-object-property "^1.1.0"
@@ -3271,6 +3336,10 @@ isexe@^1.1.1:
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/isexe/-/isexe-1.1.2.tgz#36f3e22e60750920f5e7241a476a8c6a42275ad0"
 
+isexe@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/isexe/-/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10"
+
 isobject@^2.0.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/isobject/-/isobject-2.1.0.tgz#f065561096a3f1da2ef46272f815c840d87e0c89"
@@ -3383,12 +3452,6 @@ jed@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/jed/-/jed-1.1.1.tgz#7a549bbd9ffe1585b0cd0a191e203055bee574b4"
 
-jodid25519@^1.0.0:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/jodid25519/-/jodid25519-1.0.2.tgz#06d4912255093419477d425633606e0e90782967"
-  dependencies:
-    jsbn "~0.1.0"
-
 jquery-ujs@^1.2.1:
   version "1.2.1"
   resolved "https://registry.yarnpkg.com/jquery-ujs/-/jquery-ujs-1.2.1.tgz#6ee75b1ef4e9ac95e7124f8d71f7d351f5548e92"
@@ -3420,13 +3483,24 @@ js-tokens@^3.0.0:
   version "3.0.1"
   resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.1.tgz#08e9f132484a2c45a30907e9dc4d5567b7f114d7"
 
-js-yaml@3.x, js-yaml@^3.4.3, js-yaml@^3.5.1, js-yaml@^3.7.0:
+js-tokens@^3.0.2:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.2.tgz#9866df395102130e38f7f996bceb65443209c25b"
+
+js-yaml@3.x, js-yaml@^3.4.3, js-yaml@^3.7.0:
   version "3.8.1"
   resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.8.1.tgz#782ba50200be7b9e5a8537001b7804db3ad02628"
   dependencies:
     argparse "^1.0.7"
     esprima "^3.1.1"
 
+js-yaml@^3.5.1:
+  version "3.9.1"
+  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.9.1.tgz#08775cebdfdd359209f0d2acd383c8f86a6904a0"
+  dependencies:
+    argparse "^1.0.7"
+    esprima "^4.0.0"
+
 js-yaml@~3.7.0:
   version "3.7.0"
   resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.7.0.tgz#5c967ddd837a9bfdca5f2de84253abe8a1c03b80"
@@ -3435,8 +3509,8 @@ js-yaml@~3.7.0:
     esprima "^2.6.0"
 
 jsbn@~0.1.0:
-  version "0.1.0"
-  resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.0.tgz#650987da0dd74f4ebf5a11377a2aa2d273e97dfd"
+  version "0.1.1"
+  resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.1.tgz#a5e654c2e5a2deb5f201d96cefbca80c0ef2f513"
 
 jsesc@^1.3.0:
   version "1.3.0"
@@ -3447,12 +3521,12 @@ jsesc@~0.5.0:
   resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-0.5.0.tgz#e7dee66e35d6fc16f710fe91d5cf69f70f08911d"
 
 json-loader@^0.5.4:
-  version "0.5.4"
-  resolved "https://registry.yarnpkg.com/json-loader/-/json-loader-0.5.4.tgz#8baa1365a632f58a3c46d20175fc6002c96e37de"
+  version "0.5.7"
+  resolved "https://registry.yarnpkg.com/json-loader/-/json-loader-0.5.7.tgz#dca14a70235ff82f0ac9a3abeb60d337a365185d"
 
 json-schema-traverse@^0.3.0:
-  version "0.3.0"
-  resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.3.0.tgz#0016c0b1ca1efe46d44d37541bcdfc19dcfae0db"
+  version "0.3.1"
+  resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.3.1.tgz#349a6d44c53a51de89b40805c5d5e59b417d3340"
 
 json-schema@0.2.3:
   version "0.2.3"
@@ -3491,12 +3565,13 @@ jsonpointer@^4.0.0:
   resolved "https://registry.yarnpkg.com/jsonpointer/-/jsonpointer-4.0.1.tgz#4fd92cb34e0e9db3c89c8622ecf51f9b978c6cb9"
 
 jsprim@^1.2.2:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.3.1.tgz#2a7256f70412a29ee3670aaca625994c4dcff252"
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.4.1.tgz#313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2"
   dependencies:
-    extsprintf "1.0.2"
+    assert-plus "1.0.0"
+    extsprintf "1.3.0"
     json-schema "0.2.3"
-    verror "1.3.6"
+    verror "1.10.0"
 
 jszip-utils@^0.0.2:
   version "0.0.2"
@@ -3960,11 +4035,21 @@ miller-rabin@^4.0.0:
     bn.js "^4.0.0"
     brorand "^1.0.1"
 
-"mime-db@>= 1.24.0 < 2", mime-db@~1.27.0:
+"mime-db@>= 1.29.0 < 2", mime-db@~1.29.0:
+  version "1.29.0"
+  resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.29.0.tgz#48d26d235589651704ac5916ca06001914266878"
+
+mime-db@~1.27.0:
   version "1.27.0"
   resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.27.0.tgz#820f572296bbd20ec25ed55e5b5de869e5436eb1"
 
-mime-types@^2.1.12, mime-types@~2.1.11, mime-types@~2.1.15, mime-types@~2.1.7:
+mime-types@^2.1.12, mime-types@~2.1.7:
+  version "2.1.16"
+  resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.16.tgz#2b858a52e5ecd516db897ac2be87487830698e23"
+  dependencies:
+    mime-db "~1.29.0"
+
+mime-types@~2.1.11, mime-types@~2.1.15:
   version "2.1.15"
   resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.15.tgz#a4ebf5064094569237b8cf70046776d09fc92aed"
   dependencies:
@@ -3992,6 +4077,12 @@ minimalistic-assert@^1.0.0:
   dependencies:
     brace-expansion "^1.0.0"
 
+minimatch@^3.0.4:
+  version "3.0.4"
+  resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083"
+  dependencies:
+    brace-expansion "^1.1.7"
+
 minimist@0.0.8, minimist@~0.0.1:
   version "0.0.8"
   resolved "https://registry.yarnpkg.com/minimist/-/minimist-0.0.8.tgz#857fcabfc3397d2625b8228262e86aa7a011b05d"
@@ -4049,9 +4140,9 @@ name-all-modules-plugin@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/name-all-modules-plugin/-/name-all-modules-plugin-1.0.1.tgz#0abfb6ad835718b9fb4def0674e06657a954375c"
 
-nan@^2.0.0, nan@^2.3.0:
-  version "2.5.1"
-  resolved "https://registry.yarnpkg.com/nan/-/nan-2.5.1.tgz#d5b01691253326a97a2bbee9e61c55d8d60351e2"
+nan@^2.3.0:
+  version "2.6.2"
+  resolved "https://registry.yarnpkg.com/nan/-/nan-2.6.2.tgz#e4ff34e6c95fdfb5aecc08de6596f43605a7db45"
 
 natural-compare@^1.4.0:
   version "1.4.0"
@@ -4133,28 +4224,19 @@ node-libs-browser@^2.0.0:
     util "^0.10.3"
     vm-browserify "0.0.4"
 
-node-pre-gyp@^0.6.29, node-pre-gyp@^0.6.4:
-  version "0.6.33"
-  resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.33.tgz#640ac55198f6a925972e0c16c4ac26a034d5ecc9"
-  dependencies:
-    mkdirp "~0.5.1"
-    nopt "~3.0.6"
-    npmlog "^4.0.1"
-    rc "~1.1.6"
-    request "^2.79.0"
-    rimraf "~2.5.4"
-    semver "~5.3.0"
-    tar "~2.2.1"
-    tar-pack "~3.3.0"
-
-node-zopfli@^2.0.0:
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/node-zopfli/-/node-zopfli-2.0.2.tgz#a7a473ae92aaea85d4c68d45bbf2c944c46116b8"
+node-pre-gyp@^0.6.36:
+  version "0.6.36"
+  resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.6.36.tgz#db604112cb74e0d477554e9b505b17abddfab786"
   dependencies:
-    commander "^2.8.1"
-    defaults "^1.0.2"
-    nan "^2.0.0"
-    node-pre-gyp "^0.6.4"
+    mkdirp "^0.5.1"
+    nopt "^4.0.1"
+    npmlog "^4.0.2"
+    rc "^1.1.7"
+    request "^2.81.0"
+    rimraf "^2.6.1"
+    semver "^5.3.0"
+    tar "^2.2.1"
+    tar-pack "^3.4.0"
 
 nodemon@^1.11.0:
   version "1.11.0"
@@ -4171,19 +4253,26 @@ nodemon@^1.11.0:
     undefsafe "0.0.3"
     update-notifier "0.5.0"
 
-nopt@3.x, nopt@~3.0.1, nopt@~3.0.6:
+nopt@3.x, nopt@~3.0.1:
   version "3.0.6"
   resolved "https://registry.yarnpkg.com/nopt/-/nopt-3.0.6.tgz#c6465dbf08abcd4db359317f79ac68a646b28ff9"
   dependencies:
     abbrev "1"
 
+nopt@^4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/nopt/-/nopt-4.0.1.tgz#d0d4685afd5415193c8c7505602d0d17cd64474d"
+  dependencies:
+    abbrev "1"
+    osenv "^0.1.4"
+
 nopt@~1.0.10:
   version "1.0.10"
   resolved "https://registry.yarnpkg.com/nopt/-/nopt-1.0.10.tgz#6ddd21bd2a31417b92727dd585f8a6f37608ebee"
   dependencies:
     abbrev "1"
 
-normalize-package-data@^2.3.2, normalize-package-data@^2.3.4:
+normalize-package-data@^2.3.2:
   version "2.3.5"
   resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.3.5.tgz#8d924f142960e1777e7ffe170543631cc7cb02df"
   dependencies:
@@ -4192,9 +4281,20 @@ normalize-package-data@^2.3.2, normalize-package-data@^2.3.4:
     semver "2 || 3 || 4 || 5"
     validate-npm-package-license "^3.0.1"
 
-normalize-path@^2.0.1:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-2.0.1.tgz#47886ac1662760d4261b7d979d241709d3ce3f7a"
+normalize-package-data@^2.3.4:
+  version "2.4.0"
+  resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.4.0.tgz#12f95a307d58352075a04907b84ac8be98ac012f"
+  dependencies:
+    hosted-git-info "^2.1.4"
+    is-builtin-module "^1.0.0"
+    semver "2 || 3 || 4 || 5"
+    validate-npm-package-license "^3.0.1"
+
+normalize-path@^2.0.0, normalize-path@^2.0.1:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-2.1.1.tgz#1ab28b556e198363a8c1a6f7e6fa20137fe6aed9"
+  dependencies:
+    remove-trailing-separator "^1.0.1"
 
 normalize-range@^0.1.2:
   version "0.1.2"
@@ -4215,13 +4315,13 @@ npm-run-path@^2.0.0:
   dependencies:
     path-key "^2.0.0"
 
-npmlog@^4.0.1:
-  version "4.0.2"
-  resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.0.2.tgz#d03950e0e78ce1527ba26d2a7592e9348ac3e75f"
+npmlog@^4.0.2:
+  version "4.1.2"
+  resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.2.tgz#08a7f2a8bf734604779a9efa4ad5cc717abb954b"
   dependencies:
     are-we-there-yet "~1.1.2"
     console-control-strings "~1.1.0"
-    gauge "~2.7.1"
+    gauge "~2.7.3"
     set-blocking "~2.0.0"
 
 null-check@^1.0.0:
@@ -4263,7 +4363,7 @@ object.omit@^2.0.0:
     for-own "^0.1.4"
     is-extendable "^0.1.1"
 
-obuf@^1.0.0, obuf@^1.1.0:
+obuf@^1.0.0, obuf@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/obuf/-/obuf-1.1.1.tgz#104124b6c602c6796881a042541d36db43a5264e"
 
@@ -4277,18 +4377,12 @@ on-headers@~1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/on-headers/-/on-headers-1.0.1.tgz#928f5d0f470d49342651ea6794b0857c100693f7"
 
-once@1.x, once@^1.3.0, once@^1.4.0:
+once@1.x, once@^1.3.0, once@^1.3.3, once@^1.4.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1"
   dependencies:
     wrappy "1"
 
-once@~1.3.0, once@~1.3.3:
-  version "1.3.3"
-  resolved "https://registry.yarnpkg.com/once/-/once-1.3.3.tgz#b2e261557ce4c314ec8304f3fa82663e4297ca20"
-  dependencies:
-    wrappy "1"
-
 onetime@^1.0.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/onetime/-/onetime-1.1.0.tgz#a1f7838f8314c516f05ecefcbc4ccfe04b4ed789"
@@ -4354,11 +4448,11 @@ os-locale@^2.0.0:
     lcid "^1.0.0"
     mem "^1.1.0"
 
-os-tmpdir@^1.0.0, os-tmpdir@^1.0.1, os-tmpdir@~1.0.1:
+os-tmpdir@^1.0.0, os-tmpdir@^1.0.1, os-tmpdir@~1.0.1, os-tmpdir@~1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274"
 
-osenv@^0.1.0:
+osenv@^0.1.0, osenv@^0.1.4:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.4.tgz#42fe6d5953df06c8064be6f176c3d05aaaa34644"
   dependencies:
@@ -4515,6 +4609,10 @@ pbkdf2@^3.0.3:
   dependencies:
     create-hmac "^1.1.2"
 
+performance-now@^0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-0.2.0.tgz#33ef30c5c77d4ea21c5a53869d91b56d8f2555e5"
+
 pify@^2.0.0, pify@^2.3.0:
   version "2.3.0"
   resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c"
@@ -4868,12 +4966,12 @@ proto-list@~1.2.1:
   version "1.2.4"
   resolved "https://registry.yarnpkg.com/proto-list/-/proto-list-1.2.4.tgz#212d5bfe1318306a420f6402b8e26ff39647a849"
 
-proxy-addr@~1.1.4:
-  version "1.1.4"
-  resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-1.1.4.tgz#27e545f6960a44a627d9b44467e35c1b6b4ce2f3"
+proxy-addr@~1.1.5:
+  version "1.1.5"
+  resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-1.1.5.tgz#71c0ee3b102de3f202f3b64f608d173fcba1a918"
   dependencies:
     forwarded "~0.1.0"
-    ipaddr.js "1.3.0"
+    ipaddr.js "1.4.0"
 
 prr@~0.0.0:
   version "0.0.0"
@@ -4915,13 +5013,13 @@ qjobs@^1.1.4:
   version "1.1.5"
   resolved "https://registry.yarnpkg.com/qjobs/-/qjobs-1.1.5.tgz#659de9f2cf8dcc27a1481276f205377272382e73"
 
-qs@6.4.0:
+qs@6.4.0, qs@~6.4.0:
   version "6.4.0"
   resolved "https://registry.yarnpkg.com/qs/-/qs-6.4.0.tgz#13e26d28ad6b0ffaa91312cd3bf708ed351e7233"
 
-qs@~6.3.0:
-  version "6.3.0"
-  resolved "https://registry.yarnpkg.com/qs/-/qs-6.3.0.tgz#f403b264f23bc01228c74131b407f18d5ea5d442"
+qs@6.5.0:
+  version "6.5.0"
+  resolved "https://registry.yarnpkg.com/qs/-/qs-6.5.0.tgz#8d04954d364def3efc55b5a0793e1e2c8b1e6e49"
 
 query-string@^4.1.0:
   version "4.3.2"
@@ -4985,14 +5083,14 @@ raw-loader@^0.5.1:
   version "0.5.1"
   resolved "https://registry.yarnpkg.com/raw-loader/-/raw-loader-0.5.1.tgz#0c3d0beaed8a01c966d9787bf778281252a979aa"
 
-rc@^1.0.1, rc@~1.1.6:
-  version "1.1.6"
-  resolved "https://registry.yarnpkg.com/rc/-/rc-1.1.6.tgz#43651b76b6ae53b5c802f1151fa3fc3b059969c9"
+rc@^1.0.1, rc@^1.1.7:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.1.tgz#2e03e8e42ee450b8cb3dce65be1bf8974e1dfd95"
   dependencies:
     deep-extend "~0.4.0"
     ini "~1.3.0"
     minimist "^1.2.0"
-    strip-json-comments "~1.0.4"
+    strip-json-comments "~2.0.1"
 
 react-dev-utils@^0.5.2:
   version "0.5.2"
@@ -5046,16 +5144,16 @@ read-pkg@^2.0.0:
     normalize-package-data "^2.3.2"
     path-type "^2.0.0"
 
-readable-stream@^2.0.0, "readable-stream@^2.0.0 || ^1.1.13", readable-stream@^2.1.0, readable-stream@^2.2.2:
-  version "2.2.2"
-  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.2.tgz#a9e6fec3c7dda85f8bb1b3ba7028604556fc825e"
+readable-stream@^2.0.0, readable-stream@^2.0.6, readable-stream@^2.1.4, readable-stream@^2.2.2, readable-stream@^2.2.9:
+  version "2.3.3"
+  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.3.tgz#368f2512d79f9d46fdfc71349ae7878bbc1eb95c"
   dependencies:
-    buffer-shims "^1.0.0"
     core-util-is "~1.0.0"
-    inherits "~2.0.1"
+    inherits "~2.0.3"
     isarray "~1.0.0"
     process-nextick-args "~1.0.6"
-    string_decoder "~0.10.x"
+    safe-buffer "~5.1.1"
+    string_decoder "~1.0.3"
     util-deprecate "~1.0.1"
 
 readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.5, readable-stream@~2.0.6:
@@ -5069,26 +5167,26 @@ readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.5, readable
     string_decoder "~0.10.x"
     util-deprecate "~1.0.1"
 
-readable-stream@~1.0.2:
-  version "1.0.34"
-  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c"
+readable-stream@^2.1.0:
+  version "2.2.2"
+  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.2.2.tgz#a9e6fec3c7dda85f8bb1b3ba7028604556fc825e"
   dependencies:
+    buffer-shims "^1.0.0"
     core-util-is "~1.0.0"
     inherits "~2.0.1"
-    isarray "0.0.1"
+    isarray "~1.0.0"
+    process-nextick-args "~1.0.6"
     string_decoder "~0.10.x"
+    util-deprecate "~1.0.1"
 
-readable-stream@~2.1.4:
-  version "2.1.5"
-  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0"
+readable-stream@~1.0.2:
+  version "1.0.34"
+  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.0.34.tgz#125820e34bc842d2f2aaafafe4c2916ee32c157c"
   dependencies:
-    buffer-shims "^1.0.0"
     core-util-is "~1.0.0"
     inherits "~2.0.1"
-    isarray "~1.0.0"
-    process-nextick-args "~1.0.6"
+    isarray "0.0.1"
     string_decoder "~0.10.x"
-    util-deprecate "~1.0.1"
 
 readdirp@^2.0.0:
   version "2.1.0"
@@ -5195,6 +5293,10 @@ regjsparser@^0.1.4:
   dependencies:
     jsesc "~0.5.0"
 
+remove-trailing-separator@^1.0.1:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz#c24bce2a283adad5bc3f58e0d48249b92379d8ef"
+
 repeat-element@^1.1.2:
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/repeat-element/-/repeat-element-1.1.2.tgz#ef089a178d1483baae4d93eb98b4f9e4e11d990a"
@@ -5219,18 +5321,18 @@ repeating@^2.0.0:
   dependencies:
     is-finite "^1.0.0"
 
-request@^2.79.0:
-  version "2.79.0"
-  resolved "https://registry.yarnpkg.com/request/-/request-2.79.0.tgz#4dfe5bf6be8b8cdc37fcf93e04b65577722710de"
+request@^2.81.0:
+  version "2.81.0"
+  resolved "https://registry.yarnpkg.com/request/-/request-2.81.0.tgz#c6928946a0e06c5f8d6f8a9333469ffda46298a0"
   dependencies:
     aws-sign2 "~0.6.0"
     aws4 "^1.2.1"
-    caseless "~0.11.0"
+    caseless "~0.12.0"
     combined-stream "~1.0.5"
     extend "~3.0.0"
     forever-agent "~0.6.1"
     form-data "~2.1.1"
-    har-validator "~2.0.6"
+    har-validator "~4.2.1"
     hawk "~3.1.3"
     http-signature "~1.1.0"
     is-typedarray "~1.0.0"
@@ -5238,10 +5340,12 @@ request@^2.79.0:
     json-stringify-safe "~5.0.1"
     mime-types "~2.1.7"
     oauth-sign "~0.8.1"
-    qs "~6.3.0"
+    performance-now "^0.2.0"
+    qs "~6.4.0"
+    safe-buffer "^5.0.1"
     stringstream "~0.0.4"
     tough-cookie "~2.3.0"
-    tunnel-agent "~0.4.1"
+    tunnel-agent "^0.6.0"
     uuid "^3.0.0"
 
 require-directory@^2.1.1:
@@ -5292,18 +5396,12 @@ right-align@^0.1.1:
   dependencies:
     align-text "^0.1.1"
 
-rimraf@2, rimraf@^2.2.8, rimraf@^2.4.3, rimraf@^2.4.4, rimraf@^2.6.0:
+rimraf@2, rimraf@^2.2.8, rimraf@^2.4.3, rimraf@^2.4.4, rimraf@^2.5.1, rimraf@^2.6.0, rimraf@^2.6.1:
   version "2.6.1"
   resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.6.1.tgz#c2338ec643df7a1b7fe5c54fa86f57428a55f33d"
   dependencies:
     glob "^7.0.5"
 
-rimraf@~2.5.1, rimraf@~2.5.4:
-  version "2.5.4"
-  resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.5.4.tgz#96800093cbf1a0c86bd95b4625467535c29dfa04"
-  dependencies:
-    glob "^7.0.5"
-
 ripemd160@^1.0.0:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/ripemd160/-/ripemd160-1.0.1.tgz#93a4bbd4942bc574b69a8fa57c71de10ecca7d6e"
@@ -5318,6 +5416,10 @@ rx-lite@^3.1.2:
   version "3.1.2"
   resolved "https://registry.yarnpkg.com/rx-lite/-/rx-lite-3.1.2.tgz#19ce502ca572665f3b647b10939f97fd1615f102"
 
+safe-buffer@5.1.1, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
+  version "5.1.1"
+  resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.1.tgz#893312af69b2123def71f57889001671eeb2c853"
+
 safe-buffer@^5.0.1, safe-buffer@~5.0.1:
   version "5.0.1"
   resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.0.1.tgz#d263ca54696cd8a306b5ca6551e92de57918fbe7"
@@ -5339,8 +5441,8 @@ select@^1.1.2:
   resolved "https://registry.yarnpkg.com/select/-/select-1.1.2.tgz#0e7350acdec80b1108528786ec1d4418d11b396d"
 
 selfsigned@^1.9.1:
-  version "1.9.1"
-  resolved "https://registry.yarnpkg.com/selfsigned/-/selfsigned-1.9.1.tgz#cdda4492d70d486570f87c65546023558e1dfa5a"
+  version "1.10.1"
+  resolved "https://registry.yarnpkg.com/selfsigned/-/selfsigned-1.10.1.tgz#bf8cb7b83256c4551e31347c6311778db99eec52"
   dependencies:
     node-forge "0.6.33"
 
@@ -5350,26 +5452,30 @@ semver-diff@^2.0.0:
   dependencies:
     semver "^5.0.3"
 
-"semver@2 || 3 || 4 || 5", semver@^5.0.3, semver@^5.3.0, semver@~5.3.0:
+"semver@2 || 3 || 4 || 5", semver@^5.3.0:
   version "5.3.0"
   resolved "https://registry.yarnpkg.com/semver/-/semver-5.3.0.tgz#9b2ce5d3de02d17c6012ad326aa6b4d0cf54f94f"
 
+semver@^5.0.3:
+  version "5.4.1"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-5.4.1.tgz#e059c09d8571f0540823733433505d3a2f00b18e"
+
 semver@~4.3.3:
   version "4.3.6"
   resolved "https://registry.yarnpkg.com/semver/-/semver-4.3.6.tgz#300bc6e0e86374f7ba61068b5b1ecd57fc6532da"
 
-send@0.15.3:
-  version "0.15.3"
-  resolved "https://registry.yarnpkg.com/send/-/send-0.15.3.tgz#5013f9f99023df50d1bd9892c19e3defd1d53309"
+send@0.15.4:
+  version "0.15.4"
+  resolved "https://registry.yarnpkg.com/send/-/send-0.15.4.tgz#985faa3e284b0273c793364a35c6737bd93905b9"
   dependencies:
-    debug "2.6.7"
-    depd "~1.1.0"
+    debug "2.6.8"
+    depd "~1.1.1"
     destroy "~1.0.4"
     encodeurl "~1.0.1"
     escape-html "~1.0.3"
     etag "~1.8.0"
     fresh "0.5.0"
-    http-errors "~1.6.1"
+    http-errors "~1.6.2"
     mime "1.3.4"
     ms "2.0.0"
     on-finished "~2.3.0"
@@ -5377,25 +5483,25 @@ send@0.15.3:
     statuses "~1.3.1"
 
 serve-index@^1.7.2:
-  version "1.8.0"
-  resolved "https://registry.yarnpkg.com/serve-index/-/serve-index-1.8.0.tgz#7c5d96c13fb131101f93c1c5774f8516a1e78d3b"
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/serve-index/-/serve-index-1.9.0.tgz#d2b280fc560d616ee81b48bf0fa82abed2485ce7"
   dependencies:
     accepts "~1.3.3"
-    batch "0.5.3"
-    debug "~2.2.0"
+    batch "0.6.1"
+    debug "2.6.8"
     escape-html "~1.0.3"
-    http-errors "~1.5.0"
-    mime-types "~2.1.11"
+    http-errors "~1.6.1"
+    mime-types "~2.1.15"
     parseurl "~1.3.1"
 
-serve-static@1.12.3:
-  version "1.12.3"
-  resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.12.3.tgz#9f4ba19e2f3030c547f8af99107838ec38d5b1e2"
+serve-static@1.12.4:
+  version "1.12.4"
+  resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.12.4.tgz#9b6aa98eeb7253c4eedc4c1f6fdbca609901a961"
   dependencies:
     encodeurl "~1.0.1"
     escape-html "~1.0.3"
     parseurl "~1.3.1"
-    send "0.15.3"
+    send "0.15.4"
 
 set-blocking@^2.0.0, set-blocking@~2.0.0:
   version "2.0.0"
@@ -5409,10 +5515,6 @@ setimmediate@^1.0.4:
   version "1.0.5"
   resolved "https://registry.yarnpkg.com/setimmediate/-/setimmediate-1.0.5.tgz#290cbb232e306942d7d7ea9b83732ab7856f8285"
 
-setprototypeof@1.0.2:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.0.2.tgz#81a552141ec104b88e89ce383103ad5c66564d08"
-
 setprototypeof@1.0.3:
   version "1.0.3"
   resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.0.3.tgz#66567e37043eeb4f04d91bd658c0cbefb55b8e04"
@@ -5434,8 +5536,8 @@ shebang-regex@^1.0.0:
   resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3"
 
 shelljs@^0.7.5:
-  version "0.7.6"
-  resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.7.6.tgz#379cccfb56b91c8601e4793356eb5382924de9ad"
+  version "0.7.8"
+  resolved "https://registry.yarnpkg.com/shelljs/-/shelljs-0.7.8.tgz#decbcf874b0d1e5fb72e14b164a9683048e9acb3"
   dependencies:
     glob "^7.0.0"
     interpret "^1.0.0"
@@ -5546,7 +5648,7 @@ sort-keys@^1.0.0:
   dependencies:
     is-plain-obj "^1.0.0"
 
-source-list-map@^0.1.7, source-list-map@~0.1.7:
+source-list-map@^0.1.7:
   version "0.1.8"
   resolved "https://registry.yarnpkg.com/source-list-map/-/source-list-map-0.1.8.tgz#c550b2ab5427f6b3f21f5afead88c4f5587b2106"
 
@@ -5596,25 +5698,28 @@ spdx-license-ids@^1.0.2:
   version "1.2.2"
   resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-1.2.2.tgz#c9df7a3424594ade6bd11900d596696dc06bac57"
 
-spdy-transport@^2.0.15:
-  version "2.0.18"
-  resolved "https://registry.yarnpkg.com/spdy-transport/-/spdy-transport-2.0.18.tgz#43fc9c56be2cccc12bb3e2754aa971154e836ea6"
+spdy-transport@^2.0.18:
+  version "2.0.20"
+  resolved "https://registry.yarnpkg.com/spdy-transport/-/spdy-transport-2.0.20.tgz#735e72054c486b2354fe89e702256004a39ace4d"
   dependencies:
-    debug "^2.2.0"
+    debug "^2.6.8"
+    detect-node "^2.0.3"
     hpack.js "^2.1.6"
-    obuf "^1.1.0"
-    readable-stream "^2.0.1"
-    wbuf "^1.4.0"
+    obuf "^1.1.1"
+    readable-stream "^2.2.9"
+    safe-buffer "^5.0.1"
+    wbuf "^1.7.2"
 
 spdy@^3.4.1:
-  version "3.4.4"
-  resolved "https://registry.yarnpkg.com/spdy/-/spdy-3.4.4.tgz#e0406407ca90ff01b553eb013505442649f5a819"
+  version "3.4.7"
+  resolved "https://registry.yarnpkg.com/spdy/-/spdy-3.4.7.tgz#42ff41ece5cc0f99a3a6c28aabb73f5c3b03acbc"
   dependencies:
-    debug "^2.2.0"
-    handle-thing "^1.2.4"
-    http-deceiver "^1.2.4"
+    debug "^2.6.8"
+    handle-thing "^1.2.5"
+    http-deceiver "^1.2.7"
+    safe-buffer "^5.0.1"
     select-hose "^2.0.0"
-    spdy-transport "^2.0.15"
+    spdy-transport "^2.0.18"
 
 split@0.3:
   version "0.3.3"
@@ -5631,8 +5736,8 @@ sql.js@^0.4.0:
   resolved "https://registry.yarnpkg.com/sql.js/-/sql.js-0.4.0.tgz#23be9635520eb0ff43a741e7e830397266e88445"
 
 sshpk@^1.7.0:
-  version "1.10.2"
-  resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.10.2.tgz#d5a804ce22695515638e798dbe23273de070a5fa"
+  version "1.13.1"
+  resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.13.1.tgz#512df6da6287144316dc4c18fe1cf1d940739be3"
   dependencies:
     asn1 "~0.2.3"
     assert-plus "^1.0.0"
@@ -5641,7 +5746,6 @@ sshpk@^1.7.0:
   optionalDependencies:
     bcrypt-pbkdf "^1.0.0"
     ecc-jsbn "~0.1.1"
-    jodid25519 "^1.0.0"
     jsbn "~0.1.0"
     tweetnacl "~0.14.0"
 
@@ -5705,6 +5809,12 @@ string_decoder@^0.10.25, string_decoder@~0.10.x:
   version "0.10.31"
   resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94"
 
+string_decoder@~1.0.3:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.0.3.tgz#0fc67d7c141825de94282dd536bec6b9bce860ab"
+  dependencies:
+    safe-buffer "~5.1.0"
+
 stringstream@~0.0.4:
   version "0.0.5"
   resolved "https://registry.yarnpkg.com/stringstream/-/stringstream-0.0.5.tgz#4e484cd4de5a0bbbee18e46307710a8a81621878"
@@ -5735,18 +5845,10 @@ strip-indent@^1.0.1:
   dependencies:
     get-stdin "^4.0.1"
 
-strip-json-comments@~1.0.4:
-  version "1.0.4"
-  resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-1.0.4.tgz#1e15fbcac97d3ee99bf2d73b4c656b082bbafb91"
-
 strip-json-comments@~2.0.1:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a"
 
-supports-color@^0.2.0:
-  version "0.2.0"
-  resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-0.2.0.tgz#d92de2694eb3f67323973d7ae3d8b55b4c22190a"
-
 supports-color@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7"
@@ -5791,23 +5893,23 @@ tapable@^0.1.8:
   resolved "https://registry.yarnpkg.com/tapable/-/tapable-0.1.10.tgz#29c35707c2b70e50d07482b5d202e8ed446dafd4"
 
 tapable@^0.2.7:
-  version "0.2.7"
-  resolved "https://registry.yarnpkg.com/tapable/-/tapable-0.2.7.tgz#e46c0daacbb2b8a98b9b0cea0f4052105817ed5c"
+  version "0.2.8"
+  resolved "https://registry.yarnpkg.com/tapable/-/tapable-0.2.8.tgz#99372a5c999bf2df160afc0d74bed4f47948cd22"
 
-tar-pack@~3.3.0:
-  version "3.3.0"
-  resolved "https://registry.yarnpkg.com/tar-pack/-/tar-pack-3.3.0.tgz#30931816418f55afc4d21775afdd6720cee45dae"
-  dependencies:
-    debug "~2.2.0"
-    fstream "~1.0.10"
-    fstream-ignore "~1.0.5"
-    once "~1.3.3"
-    readable-stream "~2.1.4"
-    rimraf "~2.5.1"
-    tar "~2.2.1"
-    uid-number "~0.0.6"
-
-tar@~2.2.1:
+tar-pack@^3.4.0:
+  version "3.4.0"
+  resolved "https://registry.yarnpkg.com/tar-pack/-/tar-pack-3.4.0.tgz#23be2d7f671a8339376cbdb0b8fe3fdebf317984"
+  dependencies:
+    debug "^2.2.0"
+    fstream "^1.0.10"
+    fstream-ignore "^1.0.5"
+    once "^1.3.3"
+    readable-stream "^2.1.4"
+    rimraf "^2.5.1"
+    tar "^2.2.1"
+    uid-number "^0.0.6"
+
+tar@^2.2.1:
   version "2.2.1"
   resolved "https://registry.yarnpkg.com/tar/-/tar-2.2.1.tgz#8e4d2a256c0e2185c6b18ad694aec968b83cb1d1"
   dependencies:
@@ -5849,6 +5951,10 @@ thunky@^0.1.0:
   version "0.1.0"
   resolved "https://registry.yarnpkg.com/thunky/-/thunky-0.1.0.tgz#bf30146824e2b6e67b0f2d7a4ac8beb26908684e"
 
+time-stamp@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/time-stamp/-/time-stamp-2.0.0.tgz#95c6a44530e15ba8d6f4a3ecb8c3a3fac46da357"
+
 timeago.js@^2.0.5:
   version "2.0.5"
   resolved "https://registry.yarnpkg.com/timeago.js/-/timeago.js-2.0.5.tgz#730c74fbdb0b0917a553675a4460e3a7f80db86c"
@@ -5868,8 +5974,8 @@ timers-browserify@^1.4.2:
     process "~0.11.0"
 
 timers-browserify@^2.0.2:
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/timers-browserify/-/timers-browserify-2.0.2.tgz#ab4883cf597dcd50af211349a00fbca56ac86b86"
+  version "2.0.4"
+  resolved "https://registry.yarnpkg.com/timers-browserify/-/timers-browserify-2.0.4.tgz#96ca53f4b794a5e7c0e1bd7cc88a372298fa01e6"
   dependencies:
     setimmediate "^1.0.4"
 
@@ -5877,12 +5983,18 @@ tiny-emitter@^1.0.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/tiny-emitter/-/tiny-emitter-1.1.0.tgz#ab405a21ffed814a76c19739648093d70654fecb"
 
-tmp@0.0.31, tmp@0.0.x:
+tmp@0.0.31:
   version "0.0.31"
   resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.0.31.tgz#8f38ab9438e17315e5dbd8b3657e8bfb277ae4a7"
   dependencies:
     os-tmpdir "~1.0.1"
 
+tmp@0.0.x:
+  version "0.0.33"
+  resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.0.33.tgz#6d34335889768d21b2bcda0aa277ced3b1bfadf9"
+  dependencies:
+    os-tmpdir "~1.0.2"
+
 to-array@0.1.4:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/to-array/-/to-array-0.1.4.tgz#17e6c11f73dd4f3d74cda7a4ff3238e9ad9bf890"
@@ -5927,9 +6039,11 @@ tty-browserify@0.0.0:
   version "0.0.0"
   resolved "https://registry.yarnpkg.com/tty-browserify/-/tty-browserify-0.0.0.tgz#a157ba402da24e9bf957f9aa69d524eed42901a6"
 
-tunnel-agent@~0.4.1:
-  version "0.4.3"
-  resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.4.3.tgz#6373db76909fe570e08d73583365ed828a74eeeb"
+tunnel-agent@^0.6.0:
+  version "0.6.0"
+  resolved "https://registry.yarnpkg.com/tunnel-agent/-/tunnel-agent-0.6.0.tgz#27a5dea06b36b04a0a9966774b290868f0fc40fd"
+  dependencies:
+    safe-buffer "^5.0.1"
 
 tweetnacl@^0.14.3, tweetnacl@~0.14.0:
   version "0.14.5"
@@ -5973,7 +6087,7 @@ uglifyjs-webpack-plugin@^0.4.6:
     uglify-js "^2.8.29"
     webpack-sources "^1.0.1"
 
-uid-number@~0.0.6:
+uid-number@^0.0.6:
   version "0.0.6"
   resolved "https://registry.yarnpkg.com/uid-number/-/uid-number-0.0.6.tgz#0ea10e8035e8eb5b8e4449f06da1c730663baa81"
 
@@ -6079,8 +6193,8 @@ user-home@^2.0.0:
     os-homedir "^1.0.0"
 
 useragent@^2.1.12:
-  version "2.1.13"
-  resolved "https://registry.yarnpkg.com/useragent/-/useragent-2.1.13.tgz#bba43e8aa24d5ceb83c2937473e102e21df74c10"
+  version "2.2.1"
+  resolved "https://registry.yarnpkg.com/useragent/-/useragent-2.2.1.tgz#cf593ef4f2d175875e8bb658ea92e18a4fd06d8e"
   dependencies:
     lru-cache "2.2.x"
     tmp "0.0.x"
@@ -6104,8 +6218,8 @@ uuid@^2.0.1, uuid@^2.0.2:
   resolved "https://registry.yarnpkg.com/uuid/-/uuid-2.0.3.tgz#67e2e863797215530dff318e5bf9dcebfd47b21a"
 
 uuid@^3.0.0:
-  version "3.0.1"
-  resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.0.1.tgz#6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1"
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.1.0.tgz#3dd3d3e790abc24d7b0d3a034ffababe28ebbc04"
 
 validate-npm-package-license@^3.0.1:
   version "3.0.1"
@@ -6114,7 +6228,7 @@ validate-npm-package-license@^3.0.1:
     spdx-correct "~1.0.0"
     spdx-expression-parse "~1.0.0"
 
-vary@~1.1.0, vary@~1.1.1:
+vary@~1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.1.tgz#67535ebb694c1d52257457984665323f587e8d37"
 
@@ -6122,11 +6236,13 @@ vendors@^1.0.0:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/vendors/-/vendors-1.0.1.tgz#37ad73c8ee417fb3d580e785312307d274847f22"
 
-verror@1.3.6:
-  version "1.3.6"
-  resolved "https://registry.yarnpkg.com/verror/-/verror-1.3.6.tgz#cff5df12946d297d2baaefaa2689e25be01c005c"
+verror@1.10.0:
+  version "1.10.0"
+  resolved "https://registry.yarnpkg.com/verror/-/verror-1.10.0.tgz#3a105ca17053af55d6e270c1f8288682e18da400"
   dependencies:
-    extsprintf "1.0.2"
+    assert-plus "^1.0.0"
+    core-util-is "1.0.2"
+    extsprintf "^1.2.0"
 
 visibilityjs@^1.2.4:
   version "1.2.4"
@@ -6199,7 +6315,7 @@ watchpack@^1.4.0:
     chokidar "^1.7.0"
     graceful-fs "^4.1.2"
 
-wbuf@^1.1.0, wbuf@^1.4.0:
+wbuf@^1.1.0, wbuf@^1.7.2:
   version "1.7.2"
   resolved "https://registry.yarnpkg.com/wbuf/-/wbuf-1.7.2.tgz#d697b99f1f59512df2751be42769c1580b5801fe"
   dependencies:
@@ -6221,7 +6337,7 @@ webpack-bundle-analyzer@^2.8.2:
     opener "^1.4.3"
     ws "^2.3.1"
 
-webpack-dev-middleware@^1.0.11, webpack-dev-middleware@^1.11.0:
+webpack-dev-middleware@^1.0.11:
   version "1.11.0"
   resolved "https://registry.yarnpkg.com/webpack-dev-middleware/-/webpack-dev-middleware-1.11.0.tgz#09691d0973a30ad1f82ac73a12e2087f0a4754f9"
   dependencies:
@@ -6230,9 +6346,19 @@ webpack-dev-middleware@^1.0.11, webpack-dev-middleware@^1.11.0:
     path-is-absolute "^1.0.0"
     range-parser "^1.0.3"
 
+webpack-dev-middleware@^1.11.0:
+  version "1.12.0"
+  resolved "https://registry.yarnpkg.com/webpack-dev-middleware/-/webpack-dev-middleware-1.12.0.tgz#d34efefb2edda7e1d3b5dbe07289513219651709"
+  dependencies:
+    memory-fs "~0.4.1"
+    mime "^1.3.4"
+    path-is-absolute "^1.0.0"
+    range-parser "^1.0.3"
+    time-stamp "^2.0.0"
+
 webpack-dev-server@^2.6.1:
-  version "2.6.1"
-  resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-2.6.1.tgz#0b292a9da96daf80a65988f69f87b4166e5defe7"
+  version "2.7.1"
+  resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-2.7.1.tgz#21580f5a08cd065c71144cf6f61c345bca59a8b8"
   dependencies:
     ansi-html "0.0.7"
     bonjour "^3.5.0"
@@ -6244,6 +6370,7 @@ webpack-dev-server@^2.6.1:
     html-entities "^1.2.0"
     http-proxy-middleware "~0.17.4"
     internal-ip "^1.2.0"
+    ip "^1.1.5"
     loglevel "^1.4.1"
     opn "4.0.2"
     portfinder "^1.0.9"
@@ -6257,13 +6384,6 @@ webpack-dev-server@^2.6.1:
     webpack-dev-middleware "^1.11.0"
     yargs "^6.0.0"
 
-webpack-sources@^0.1.0:
-  version "0.1.4"
-  resolved "https://registry.yarnpkg.com/webpack-sources/-/webpack-sources-0.1.4.tgz#ccc2c817e08e5fa393239412690bb481821393cd"
-  dependencies:
-    source-list-map "~0.1.7"
-    source-map "~0.5.3"
-
 webpack-sources@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/webpack-sources/-/webpack-sources-1.0.1.tgz#c7356436a4d13123be2e2426a05d1dad9cbe65cf"
@@ -6275,9 +6395,9 @@ webpack-stats-plugin@^0.1.5:
   version "0.1.5"
   resolved "https://registry.yarnpkg.com/webpack-stats-plugin/-/webpack-stats-plugin-0.1.5.tgz#29e5f12ebfd53158d31d656a113ac1f7b86179d9"
 
-webpack@^3.5.4:
-  version "3.5.4"
-  resolved "https://registry.yarnpkg.com/webpack/-/webpack-3.5.4.tgz#5583eb263ed27b78b5bd17bfdfb0eb1b1cd1bf81"
+webpack@^3.5.5:
+  version "3.5.5"
+  resolved "https://registry.yarnpkg.com/webpack/-/webpack-3.5.5.tgz#3226f09fc8b3e435ff781e7af34f82b68b26996c"
   dependencies:
     acorn "^5.0.0"
     acorn-dynamic-import "^2.0.0"
@@ -6324,17 +6444,23 @@ which-module@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/which-module/-/which-module-2.0.0.tgz#d9ef07dce77b9902b8a3a8fa4b31c3e3f7e6e87a"
 
-which@^1.1.1, which@^1.2.1, which@^1.2.9:
+which@^1.1.1, which@^1.2.1:
   version "1.2.12"
   resolved "https://registry.yarnpkg.com/which/-/which-1.2.12.tgz#de67b5e450269f194909ef23ece4ebe416fa1192"
   dependencies:
     isexe "^1.1.1"
 
+which@^1.2.9:
+  version "1.3.0"
+  resolved "https://registry.yarnpkg.com/which/-/which-1.3.0.tgz#ff04bdfc010ee547d780bec38e1ac1c2777d253a"
+  dependencies:
+    isexe "^2.0.0"
+
 wide-align@^1.1.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.0.tgz#40edde802a71fea1f070da3e62dcda2e7add96ad"
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.2.tgz#571e0f1b0604636ebc0dfc21b0339bbe31341710"
   dependencies:
-    string-width "^1.0.1"
+    string-width "^1.0.2"
 
 window-size@0.1.0:
   version "0.1.0"
@@ -6364,8 +6490,8 @@ wrappy@1:
   resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"
 
 write-file-atomic@^1.1.2:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-1.3.1.tgz#7d45ba32316328dd1ec7d90f60ebc0d845bb759a"
+  version "1.3.4"
+  resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-1.3.4.tgz#f807a4f0b1d9e913ae7a48112e6cc3af1991b45f"
   dependencies:
     graceful-fs "^4.1.11"
     imurmurhash "^0.1.4"