771 files changed, 13507 insertions, 3840 deletions

diff --git a/.eslintrc b/.eslintrc
index c72a5e0335b..3e07edbccfe 100644
--- a/.eslintrc
+++ b/.eslintrc
@@ -30,6 +30,7 @@
     "filenames/match-regex": [2, "^[a-z0-9_]+$"],
     "import/no-commonjs": "error",
     "no-multiple-empty-lines": ["error", { "max": 1 }],
-    "promise/catch-or-return": "error"
+    "promise/catch-or-return": "error",
+    "no-underscore-dangle": ["error", { "allow": ["__"]}]
   }
 }
diff --git a/.flayignore b/.flayignore
index e2d0a2e50c5..b63ce4c4df0 100644
--- a/.flayignore
+++ b/.flayignore
@@ -3,4 +3,5 @@ lib/gitlab/sanitizers/svg/whitelist.rb
 lib/gitlab/diff/position_tracer.rb
 app/policies/project_policy.rb
 app/models/concerns/relative_positioning.rb
+app/workers/stuck_merge_jobs_worker.rb
 lib/gitlab/redis/*.rb
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index f55bdc19eec..cd19b6f47ff 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -27,6 +27,7 @@ variables:
   GET_SOURCES_ATTEMPTS: "3"
   KNAPSACK_RSPEC_SUITE_REPORT_PATH: knapsack/${CI_PROJECT_NAME}/rspec_report-master.json
   KNAPSACK_SPINACH_SUITE_REPORT_PATH: knapsack/${CI_PROJECT_NAME}/spinach_report-master.json
+  FLAKY_RSPEC_SUITE_REPORT_PATH: rspec_flaky/${CI_PROJECT_NAME}/report-master.json
 
 before_script:
   - bundle --version
@@ -45,16 +46,17 @@ stages:
   tags:
     - gitlab-org
 
-.knapsack-state: &knapsack-state
+.tests-metadata-state: &tests-metadata-state
   services: []
   variables:
     SETUP_DB: "false"
     USE_BUNDLE_INSTALL: "false"
-    KNAPSACK_S3_BUCKET: "gitlab-ce-cache"
+    TESTS_METADATA_S3_BUCKET: "gitlab-ce-cache"
   artifacts:
     expire_in: 31d
     paths:
       - knapsack/
+      - rspec_flaky/
 
 .use-pg: &use-pg
   services:
@@ -86,7 +88,7 @@ stages:
   except:
     - /(^docs[\/-].*|.*-docs$)/
 
-.rspec-knapsack: &rspec-knapsack
+.rspec-metadata: &rspec-metadata
   <<: *dedicated-runner
   <<: *pull-cache
   stage: test
@@ -96,8 +98,13 @@ stages:
     - export CI_NODE_TOTAL=${JOB_NAME[-1]}
     - export KNAPSACK_REPORT_PATH=knapsack/${CI_PROJECT_NAME}/${JOB_NAME[0]}_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
     - export KNAPSACK_GENERATE_REPORT=true
+    - export ALL_FLAKY_RSPEC_REPORT_PATH=rspec_flaky/${CI_PROJECT_NAME}/all_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
+    - export NEW_FLAKY_RSPEC_REPORT_PATH=rspec_flaky/${CI_PROJECT_NAME}/new_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
+    - export FLAKY_RSPEC_GENERATE_REPORT=true
     - export CACHE_CLASSES=true
     - cp ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} ${KNAPSACK_REPORT_PATH}
+    - cp ${FLAKY_RSPEC_SUITE_REPORT_PATH} ${ALL_FLAKY_RSPEC_REPORT_PATH}
+    - '[[ -f $NEW_FLAKY_RSPEC_REPORT_PATH ]] || echo "{}" > ${NEW_FLAKY_RSPEC_REPORT_PATH}'
     - scripts/gitaly-test-spawn
     - knapsack rspec "--color --format documentation"
   artifacts:
@@ -106,20 +113,21 @@ stages:
     paths:
       - coverage/
       - knapsack/
+      - rspec_flaky/
       - tmp/capybara/
 
-.rspec-knapsack-pg: &rspec-knapsack-pg
-  <<: *rspec-knapsack
+.rspec-metadata-pg: &rspec-metadata-pg
+  <<: *rspec-metadata
   <<: *use-pg
   <<: *except-docs
 
-.rspec-knapsack-mysql: &rspec-knapsack-mysql
-  <<: *rspec-knapsack
+.rspec-metadata-mysql: &rspec-metadata-mysql
+  <<: *rspec-metadata
   <<: *use-mysql
   <<: *only-if-want-mysql
   <<: *except-docs
 
-.spinach-knapsack: &spinach-knapsack
+.spinach-metadata: &spinach-metadata
   <<: *dedicated-runner
   <<: *pull-cache
   stage: test
@@ -140,13 +148,13 @@ stages:
       - knapsack/
       - tmp/capybara/
 
-.spinach-knapsack-pg: &spinach-knapsack-pg
-  <<: *spinach-knapsack
+.spinach-metadata-pg: &spinach-metadata-pg
+  <<: *spinach-metadata
   <<: *use-pg
   <<: *except-docs
 
-.spinach-knapsack-mysql: &spinach-knapsack-mysql
-  <<: *spinach-knapsack
+.spinach-metadata-mysql: &spinach-metadata-mysql
+  <<: *spinach-metadata
   <<: *use-mysql
   <<: *only-if-want-mysql
   <<: *except-docs
@@ -176,40 +184,71 @@ build-package:
     - //@gitlab-org/gitlab-ce
     - //@gitlab-org/gitlab-ee
 
-# Prepare and merge knapsack tests
-knapsack:
-  <<: *knapsack-state
+# Retrieve knapsack and rspec_flaky reports
+retrieve-tests-metadata:
+  <<: *tests-metadata-state
   <<: *dedicated-runner
   <<: *except-docs
   stage: prepare
   cache:
-    key: knapsack
-    paths:
-      - knapsack/
+    key: tests_metadata
     policy: pull
   script:
     - mkdir -p knapsack/${CI_PROJECT_NAME}/
-    - wget -O $KNAPSACK_RSPEC_SUITE_REPORT_PATH http://${KNAPSACK_S3_BUCKET}.s3.amazonaws.com/$KNAPSACK_RSPEC_SUITE_REPORT_PATH || rm $KNAPSACK_RSPEC_SUITE_REPORT_PATH
-    - wget -O $KNAPSACK_SPINACH_SUITE_REPORT_PATH http://${KNAPSACK_S3_BUCKET}.s3.amazonaws.com/$KNAPSACK_SPINACH_SUITE_REPORT_PATH || rm $KNAPSACK_SPINACH_SUITE_REPORT_PATH
+    - wget -O $KNAPSACK_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$KNAPSACK_RSPEC_SUITE_REPORT_PATH || rm $KNAPSACK_RSPEC_SUITE_REPORT_PATH
+    - wget -O $KNAPSACK_SPINACH_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$KNAPSACK_SPINACH_SUITE_REPORT_PATH || rm $KNAPSACK_SPINACH_SUITE_REPORT_PATH
     - '[[ -f $KNAPSACK_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${KNAPSACK_RSPEC_SUITE_REPORT_PATH}'
     - '[[ -f $KNAPSACK_SPINACH_SUITE_REPORT_PATH ]] || echo "{}" > ${KNAPSACK_SPINACH_SUITE_REPORT_PATH}'
+    - mkdir -p rspec_flaky/${CI_PROJECT_NAME}/
+    - wget -O $FLAKY_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$FLAKY_RSPEC_SUITE_REPORT_PATH || rm $FLAKY_RSPEC_SUITE_REPORT_PATH
+    - '[[ -f $FLAKY_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${FLAKY_RSPEC_SUITE_REPORT_PATH}'
 
-update-knapsack:
-  <<: *knapsack-state
+update-tests-metadata:
+  <<: *tests-metadata-state
   <<: *dedicated-runner
   <<: *only-canonical-masters
   stage: post-test
   cache:
-    key: knapsack
+    key: tests_metadata
     paths:
       - knapsack/
+      - rspec_flaky/
     policy: push
   script:
     - retry gem install fog-aws mime-types
     - scripts/merge-reports ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/rspec-pg_node_*.json
     - scripts/merge-reports ${KNAPSACK_SPINACH_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/spinach-pg_node_*.json
-    - '[[ -z ${KNAPSACK_S3_BUCKET} ]] || scripts/sync-reports put $KNAPSACK_S3_BUCKET $KNAPSACK_RSPEC_SUITE_REPORT_PATH $KNAPSACK_SPINACH_SUITE_REPORT_PATH'
+    - scripts/merge-reports ${FLAKY_RSPEC_SUITE_REPORT_PATH} rspec_flaky/${CI_PROJECT_NAME}/all_node_*.json
+    - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $KNAPSACK_RSPEC_SUITE_REPORT_PATH $KNAPSACK_SPINACH_SUITE_REPORT_PATH'
+    - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $FLAKY_RSPEC_SUITE_REPORT_PATH'
     - rm -f knapsack/${CI_PROJECT_NAME}/*_node_*.json
+    - rm -f rspec_flaky/${CI_PROJECT_NAME}/all_node_*.json
+
+flaky-examples-check:
+  <<: *dedicated-runner
+  <<: *except-docs
+  image: ruby:2.3-alpine
+  services: []
+  before_script: []
+  cache: {}
+  variables:
+    SETUP_DB: "false"
+    USE_BUNDLE_INSTALL: "false"
+    NEW_FLAKY_SPECS_REPORT: rspec_flaky/${CI_PROJECT_NAME}/new_rspec_flaky_examples.json
+  stage: post-test
+  allow_failure: yes
+  only:
+    - branches
+  except:
+    - master
+  artifacts:
+    expire_in: 30d
+    paths:
+      - rspec_flaky/
+  script:
+    - '[[ -f $NEW_FLAKY_SPECS_REPORT ]] || echo "{}" > ${NEW_FLAKY_SPECS_REPORT}'
+    - scripts/merge-reports $NEW_FLAKY_SPECS_REPORT rspec_flaky/${CI_PROJECT_NAME}/new_node_*.json
+    - scripts/detect-new-flaky-examples $NEW_FLAKY_SPECS_REPORT
 
 setup-test-env:
   <<: *use-pg
@@ -232,69 +271,69 @@ setup-test-env:
       - public/assets
       - tmp/tests
 
-rspec-pg 0 25: *rspec-knapsack-pg
-rspec-pg 1 25: *rspec-knapsack-pg
-rspec-pg 2 25: *rspec-knapsack-pg
-rspec-pg 3 25: *rspec-knapsack-pg
-rspec-pg 4 25: *rspec-knapsack-pg
-rspec-pg 5 25: *rspec-knapsack-pg
-rspec-pg 6 25: *rspec-knapsack-pg
-rspec-pg 7 25: *rspec-knapsack-pg
-rspec-pg 8 25: *rspec-knapsack-pg
-rspec-pg 9 25: *rspec-knapsack-pg
-rspec-pg 10 25: *rspec-knapsack-pg
-rspec-pg 11 25: *rspec-knapsack-pg
-rspec-pg 12 25: *rspec-knapsack-pg
-rspec-pg 13 25: *rspec-knapsack-pg
-rspec-pg 14 25: *rspec-knapsack-pg
-rspec-pg 15 25: *rspec-knapsack-pg
-rspec-pg 16 25: *rspec-knapsack-pg
-rspec-pg 17 25: *rspec-knapsack-pg
-rspec-pg 18 25: *rspec-knapsack-pg
-rspec-pg 19 25: *rspec-knapsack-pg
-rspec-pg 20 25: *rspec-knapsack-pg
-rspec-pg 21 25: *rspec-knapsack-pg
-rspec-pg 22 25: *rspec-knapsack-pg
-rspec-pg 23 25: *rspec-knapsack-pg
-rspec-pg 24 25: *rspec-knapsack-pg
-
-rspec-mysql 0 25: *rspec-knapsack-mysql
-rspec-mysql 1 25: *rspec-knapsack-mysql
-rspec-mysql 2 25: *rspec-knapsack-mysql
-rspec-mysql 3 25: *rspec-knapsack-mysql
-rspec-mysql 4 25: *rspec-knapsack-mysql
-rspec-mysql 5 25: *rspec-knapsack-mysql
-rspec-mysql 6 25: *rspec-knapsack-mysql
-rspec-mysql 7 25: *rspec-knapsack-mysql
-rspec-mysql 8 25: *rspec-knapsack-mysql
-rspec-mysql 9 25: *rspec-knapsack-mysql
-rspec-mysql 10 25: *rspec-knapsack-mysql
-rspec-mysql 11 25: *rspec-knapsack-mysql
-rspec-mysql 12 25: *rspec-knapsack-mysql
-rspec-mysql 13 25: *rspec-knapsack-mysql
-rspec-mysql 14 25: *rspec-knapsack-mysql
-rspec-mysql 15 25: *rspec-knapsack-mysql
-rspec-mysql 16 25: *rspec-knapsack-mysql
-rspec-mysql 17 25: *rspec-knapsack-mysql
-rspec-mysql 18 25: *rspec-knapsack-mysql
-rspec-mysql 19 25: *rspec-knapsack-mysql
-rspec-mysql 20 25: *rspec-knapsack-mysql
-rspec-mysql 21 25: *rspec-knapsack-mysql
-rspec-mysql 22 25: *rspec-knapsack-mysql
-rspec-mysql 23 25: *rspec-knapsack-mysql
-rspec-mysql 24 25: *rspec-knapsack-mysql
-
-spinach-pg 0 5: *spinach-knapsack-pg
-spinach-pg 1 5: *spinach-knapsack-pg
-spinach-pg 2 5: *spinach-knapsack-pg
-spinach-pg 3 5: *spinach-knapsack-pg
-spinach-pg 4 5: *spinach-knapsack-pg
-
-spinach-mysql 0 5: *spinach-knapsack-mysql
-spinach-mysql 1 5: *spinach-knapsack-mysql
-spinach-mysql 2 5: *spinach-knapsack-mysql
-spinach-mysql 3 5: *spinach-knapsack-mysql
-spinach-mysql 4 5: *spinach-knapsack-mysql
+rspec-pg 0 25: *rspec-metadata-pg
+rspec-pg 1 25: *rspec-metadata-pg
+rspec-pg 2 25: *rspec-metadata-pg
+rspec-pg 3 25: *rspec-metadata-pg
+rspec-pg 4 25: *rspec-metadata-pg
+rspec-pg 5 25: *rspec-metadata-pg
+rspec-pg 6 25: *rspec-metadata-pg
+rspec-pg 7 25: *rspec-metadata-pg
+rspec-pg 8 25: *rspec-metadata-pg
+rspec-pg 9 25: *rspec-metadata-pg
+rspec-pg 10 25: *rspec-metadata-pg
+rspec-pg 11 25: *rspec-metadata-pg
+rspec-pg 12 25: *rspec-metadata-pg
+rspec-pg 13 25: *rspec-metadata-pg
+rspec-pg 14 25: *rspec-metadata-pg
+rspec-pg 15 25: *rspec-metadata-pg
+rspec-pg 16 25: *rspec-metadata-pg
+rspec-pg 17 25: *rspec-metadata-pg
+rspec-pg 18 25: *rspec-metadata-pg
+rspec-pg 19 25: *rspec-metadata-pg
+rspec-pg 20 25: *rspec-metadata-pg
+rspec-pg 21 25: *rspec-metadata-pg
+rspec-pg 22 25: *rspec-metadata-pg
+rspec-pg 23 25: *rspec-metadata-pg
+rspec-pg 24 25: *rspec-metadata-pg
+
+rspec-mysql 0 25: *rspec-metadata-mysql
+rspec-mysql 1 25: *rspec-metadata-mysql
+rspec-mysql 2 25: *rspec-metadata-mysql
+rspec-mysql 3 25: *rspec-metadata-mysql
+rspec-mysql 4 25: *rspec-metadata-mysql
+rspec-mysql 5 25: *rspec-metadata-mysql
+rspec-mysql 6 25: *rspec-metadata-mysql
+rspec-mysql 7 25: *rspec-metadata-mysql
+rspec-mysql 8 25: *rspec-metadata-mysql
+rspec-mysql 9 25: *rspec-metadata-mysql
+rspec-mysql 10 25: *rspec-metadata-mysql
+rspec-mysql 11 25: *rspec-metadata-mysql
+rspec-mysql 12 25: *rspec-metadata-mysql
+rspec-mysql 13 25: *rspec-metadata-mysql
+rspec-mysql 14 25: *rspec-metadata-mysql
+rspec-mysql 15 25: *rspec-metadata-mysql
+rspec-mysql 16 25: *rspec-metadata-mysql
+rspec-mysql 17 25: *rspec-metadata-mysql
+rspec-mysql 18 25: *rspec-metadata-mysql
+rspec-mysql 19 25: *rspec-metadata-mysql
+rspec-mysql 20 25: *rspec-metadata-mysql
+rspec-mysql 21 25: *rspec-metadata-mysql
+rspec-mysql 22 25: *rspec-metadata-mysql
+rspec-mysql 23 25: *rspec-metadata-mysql
+rspec-mysql 24 25: *rspec-metadata-mysql
+
+spinach-pg 0 5: *spinach-metadata-pg
+spinach-pg 1 5: *spinach-metadata-pg
+spinach-pg 2 5: *spinach-metadata-pg
+spinach-pg 3 5: *spinach-metadata-pg
+spinach-pg 4 5: *spinach-metadata-pg
+
+spinach-mysql 0 5: *spinach-metadata-mysql
+spinach-mysql 1 5: *spinach-metadata-mysql
+spinach-mysql 2 5: *spinach-metadata-mysql
+spinach-mysql 3 5: *spinach-metadata-mysql
+spinach-mysql 4 5: *spinach-metadata-mysql
 
 # Static analysis jobs
 .ruby-static-analysis: &ruby-static-analysis
@@ -354,7 +393,7 @@ ee_compat_check:
   except:
     - master
     - tags
-    - /^[\d-]+-stable(-ee)?$/
+    - /^[\d-]+-stable(-ee)?/
   allow_failure: yes
   cache:
     key: "ee_compat_check_repo"
@@ -514,8 +553,11 @@ codeclimate:
   services:
     - docker:dind
   script:
+    - cp .rubocop.yml .rubocop.yml.bak
+    - grep -v "rubocop-gitlab-security" .rubocop.yml.bak > .rubocop.yml
     - docker run --env CODECLIMATE_CODE="$PWD" --volume "$PWD":/code --volume /var/run/docker.sock:/var/run/docker.sock --volume /tmp/cc:/tmp/cc codeclimate/codeclimate analyze -f json > raw_codeclimate.json
     - cat raw_codeclimate.json | docker run -i stedolan/jq -c 'map({check_name,fingerprint,location})' > codeclimate.json
+    - mv .rubocop.yml.bak .rubocop.yml
   artifacts:
     paths: [codeclimate.json]
 
diff --git a/.gitlab/merge_request_templates/Database Changes.md b/.gitlab/merge_request_templates/Database Changes.md
new file mode 100644
index 00000000000..2a5c8267872
--- /dev/null
+++ b/.gitlab/merge_request_templates/Database Changes.md
@@ -0,0 +1,73 @@
+Remove this section and replace it with a description of your MR. Also follow the
+checklist below and check off any tasks that are done. If a certain task can not
+be done you should explain so in the MR body. You are free to remove any
+sections that do not apply to your MR.
+
+When gathering statistics (e.g. the output of `EXPLAIN ANALYZE`) you should make
+sure your database has enough data. Having around 10 000 rows in the tables
+being queries should provide a reasonable estimate of how a query will behave.
+Also make sure that PostgreSQL uses the following settings:
+
+* `random_page_cost`: `1`
+* `work_mem`: `16MB`
+* `maintenance_work_mem`: at least `64MB`
+* `shared_buffers`: at least `256MB`
+
+If you have access to GitLab.com's staging environment you should also run your
+measurements there, and include the results in this MR.
+
+## Database Checklist
+
+When adding migrations:
+
+- [ ] Updated `db/schema.rb`
+- [ ] Added a `down` method so the migration can be reverted
+- [ ] Added the output of the migration(s) to the MR body
+- [ ] Added the execution time of the migration(s) to the MR body
+- [ ] Added tests for the migration in `spec/migrations` if necessary (e.g. when
+  migrating data)
+- [ ] Made sure the migration won't interfere with a running GitLab cluster,
+  for example by disabling transactions for long running migrations
+
+When adding or modifying queries to improve performance:
+
+- [ ] Included the raw SQL queries of the relevant queries
+- [ ] Included the output of `EXPLAIN ANALYZE` and execution timings of the
+  relevant queries
+- [ ] Added tests for the relevant changes
+
+When adding indexes:
+
+- [ ] Described the need for these indexes in the MR body
+- [ ] Made sure existing indexes can not be reused instead
+
+When adding foreign keys to existing tables:
+
+- [ ] Included a migration to remove orphaned rows in the source table
+- [ ] Removed any instances of `dependent: ...` that may no longer be necessary
+
+When adding tables:
+
+- [ ] Ordered columns based on their type sizes in descending order
+- [ ] Added foreign keys if necessary
+- [ ] Added indexes if necessary
+
+When removing columns, tables, indexes or other structures:
+
+- [ ] Removed these in a post-deployment migration
+- [ ] Made sure the application no longer uses (or ignores) these structures
+
+## General Checklist
+
+- [ ] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added, if necessary
+- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
+- [ ] API support added
+- [ ] Tests added for this feature/bug
+- Review
+  - [ ] Has been reviewed by UX
+  - [ ] Has been reviewed by Frontend
+  - [ ] Has been reviewed by Backend
+  - [ ] Has been reviewed by Database
+- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
+- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
+- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
diff --git a/.rubocop.yml b/.rubocop.yml
index a5ccec0437b..d25b4ac39c9 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -1,5 +1,6 @@
 require:
   - rubocop-rspec
+  - rubocop-gitlab-security
   - ./rubocop/rubocop
 
 inherit_from: .rubocop_todo.yml
@@ -206,6 +207,13 @@ Layout/SpaceAroundKeyword:
 Layout/SpaceAroundOperators:
   Enabled: true
 
+# Checks that block braces have or don't have a space before the opening
+# brace depending on configuration.
+# Configuration parameters: EnforcedStyle, SupportedStyles.
+# SupportedStyles: space, no_space
+Layout/SpaceBeforeBlockBraces:
+  Enabled: true
+
 # No spaces before commas.
 Layout/SpaceBeforeComma:
   Enabled: true
@@ -1037,7 +1045,7 @@ RSpec/BeforeAfterAll:
 RSpec/DescribeClass:
   Enabled: false
 
-# Use `described_class` for tested class / module.
+# Checks that the second argument to `describe` specifies a method.
 RSpec/DescribeMethod:
   Enabled: false
 
@@ -1045,8 +1053,7 @@ RSpec/DescribeMethod:
 RSpec/DescribeSymbol:
   Enabled: true
 
-# Checks that the second argument to top level describe is the tested method
-# name.
+# Checks that tests use `described_class`.
 RSpec/DescribedClass:
   Enabled: true
 
@@ -1091,6 +1098,11 @@ RSpec/FilePath:
 RSpec/Focus:
   Enabled: true
 
+# Checks the arguments passed to `before`, `around`, and `after`.
+RSpec/HookArgument:
+  Enabled: true
+  EnforcedStyle: implicit
+
 # Configuration parameters: EnforcedStyle, SupportedStyles.
 # SupportedStyles: is_expected, should
 RSpec/ImplicitExpect:
@@ -1156,3 +1168,35 @@ RSpec/SubjectStub:
 # Prefer using verifying doubles over normal doubles.
 RSpec/VerifiedDoubles:
   Enabled: false
+
+# GitlabSecurity ##############################################################
+
+GitlabSecurity/DeepMunge:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/**/*.rake'
+
+GitlabSecurity/PublicSend:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/**/*.rake'
+
+GitlabSecurity/RedirectToParamsUpdate:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/**/*.rake'
+
+GitlabSecurity/SqlInjection:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/**/*.rake'
+
+GitlabSecurity/SystemCommandInjection:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/**/*.rake'
diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
index 9caef3bde08..cf14285ec2a 100644
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@@ -26,13 +26,6 @@ Layout/IndentArray:
 Layout/IndentHash:
   Enabled: false
 
-# Offense count: 174
-# Cop supports --auto-correct.
-# Configuration parameters: EnforcedStyle, SupportedStyles.
-# SupportedStyles: space, no_space
-Layout/SpaceBeforeBlockBraces:
-  Enabled: false
-
 # Offense count: 8
 # Cop supports --auto-correct.
 # Configuration parameters: AllowForAlignment.
@@ -77,12 +70,6 @@ RSpec/EmptyLineAfterFinalLet:
 RSpec/EmptyLineAfterSubject:
   Enabled: false
 
-# Offense count: 78
-# Configuration parameters: EnforcedStyle, SupportedStyles.
-# SupportedStyles: implicit, each, example
-RSpec/HookArgument:
-  Enabled: false
-
 # Offense count: 9
 # Configuration parameters: EnforcedStyle, SupportedStyles.
 # SupportedStyles: it_behaves_like, it_should_behave_like
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7493f2562e8..3ecedd44c89 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,32 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 9.4.5 (2017-08-14)
+
+- Fix deletion of deploy keys linked to other projects. !13162
+- Allow any logged in users to read_users_list even if it's restricted. !13201
+- Make Delete Merged Branches handle wildcard protected branches correctly. !13251
+- Fix an order of operations for CI connection error message in merge request widget. !13252
+- Fix pipeline_schedules pages when active schedule has an abnormal state. !13286
+- Add missing validation error for username change with container registry tags. !13356
+- Fix destroy of case-insensitive conflicting redirects. !13357
+- Project pending delete no longer return 500 error in admins projects view. !13389
+- Fix search box losing focus when typing.
+- Use jQuery to control scroll behavior in job log for cross browser consistency.
+- Use project_ref_path to create the link to a branch to fix links that 404.
+- improve file upload/replace experience.
+- fix jump to next discussion button.
+- Fixes new issue button for failed job returning 404.
+- Fix links to group milestones from issue and merge request sidebar.
+- Fixed sign-in restrictions buttons not toggling active state.
+- Fix Mattermost integration.
+- Change project FK migration to skip existing FKs.
+
+## 9.4.4 (2017-08-09)
+
+- Remove hidden symlinks from project import files.
+- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character.
+
 ## 9.4.3 (2017-07-31)
 
 - Fix Prometheus client PID reuse bug. !13130
@@ -226,6 +252,11 @@ entry.
 - Log rescued exceptions to Sentry.
 - Remove remaining N+1 queries in merge requests API with emojis and labels.
 
+## 9.3.10 (2017-08-09)
+
+- Remove hidden symlinks from project import files.
+- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character.
+
 ## 9.3.9 (2017-07-20)
 
 - Fix an infinite loop when handling user-supplied regular expressions.
@@ -498,6 +529,11 @@ entry.
 - Remove foreigh key on ci_trigger_schedules only if it exists.
 - Allow translation of Pipeline Schedules.
 
+## 9.2.10 (2017-08-09)
+
+- Remove hidden symlinks from project import files.
+- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character.
+
 ## 9.2.9 (2017-07-20)
 
 - Fix an infinite loop when handling user-supplied regular expressions.
@@ -753,6 +789,11 @@ entry.
 - Fix preemptive scroll bar on user activity calendar.
 - Pipeline chat notifications convert seconds to minutes and hours.
 
+## 9.1.10 (2017-08-09)
+
+- Remove hidden symlinks from project import files.
+- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character.
+
 ## 9.1.9 (2017-07-20)
 
 - Fix an infinite loop when handling user-supplied regular expressions.
@@ -1076,6 +1117,11 @@ entry.
 - Only send chat notifications for the default branch.
 - Don't fill in the default kubernetes namespace.
 
+## 9.0.13 (2017-08-09)
+
+- Remove hidden symlinks from project import files.
+- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character.
+
 ## 9.0.12 (2017-07-20)
 
 - Fix an infinite loop when handling user-supplied regular expressions.
@@ -1456,6 +1502,11 @@ entry.
 - Change development tanuki favicon colors to match logo color order.
 - API issues - support filtering by iids.
 
+## 8.17.8 (2017-08-09)
+
+- Remove hidden symlinks from project import files.
+- Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric character.
+
 ## 8.17.7 (2017-07-19)
 
 - Renders 404 if given project is not readable by the user on Todos dashboard.
diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION
index ae6dd4e2032..c25c8e5b741 100644
--- a/GITALY_SERVER_VERSION
+++ b/GITALY_SERVER_VERSION
@@ -1 +1 @@
-0.29.0
+0.30.0
diff --git a/Gemfile b/Gemfile
index 08564ac0cae..a484cefb9a4 100644
--- a/Gemfile
+++ b/Gemfile
@@ -64,7 +64,7 @@ gem 'gpgme'
 # LDAP Auth
 # GitLab fork with several improvements to original library. For full list of changes
 # see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
-gem 'gitlab_omniauth-ldap', '~> 2.0.3', require: 'omniauth-ldap'
+gem 'gitlab_omniauth-ldap', '~> 2.0.4', require: 'omniauth-ldap'
 gem 'net-ldap'
 
 # Git Wiki
@@ -84,7 +84,7 @@ gem 'rack-cors', '~> 0.4.0', require: 'rack/cors'
 gem 'hashie-forbidden_attributes'
 
 # Pagination
-gem 'kaminari', '~> 0.17.0'
+gem 'kaminari', '~> 1.0'
 
 # HAML
 gem 'hamlit', '~> 2.6.1'
@@ -324,6 +324,7 @@ group :development, :test do
   gem 'spinach-rerun-reporter', '~> 0.0.2'
   gem 'rspec_profiling', '~> 0.0.5'
   gem 'rspec-set', '~> 0.1.3'
+  gem 'rspec-parameterized'
 
   # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826)
   gem 'minitest', '~> 5.7.0'
@@ -341,6 +342,7 @@ group :development, :test do
 
   gem 'rubocop', '~> 0.49.1', require: false
   gem 'rubocop-rspec', '~> 1.15.1', require: false
+  gem 'rubocop-gitlab-security', '~> 0.0.6', require: false
   gem 'scss_lint', '~> 0.54.0', require: false
   gem 'haml_lint', '~> 0.26.0', require: false
   gem 'simplecov', '~> 0.14.0', require: false
@@ -354,7 +356,7 @@ group :development, :test do
 
   gem 'activerecord_sane_schema_dumper', '0.2'
 
-  gem 'stackprof', '~> 0.2.10'
+  gem 'stackprof', '~> 0.2.10', require: false
 end
 
 group :test do
@@ -401,7 +403,7 @@ group :ed25519 do
 end
 
 # Gitaly GRPC client
-gem 'gitaly', '~> 0.26.0'
+gem 'gitaly', '~> 0.27.0'
 
 gem 'toml-rb', '~> 0.3.15', require: false
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 948ba02a72c..a93caba2393 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -2,6 +2,7 @@ GEM
   remote: https://rubygems.org/
   specs:
     RedCloth (4.3.2)
+    abstract_type (0.0.7)
     ace-rails-ap (4.1.2)
     actionmailer (4.2.8)
       actionpack (= 4.2.8)
@@ -41,6 +42,9 @@ GEM
       tzinfo (~> 1.1)
     acts-as-taggable-on (4.0.0)
       activerecord (>= 4.0)
+    adamantium (0.2.0)
+      ice_nine (~> 0.11.0)
+      memoizable (~> 0.4.0)
     addressable (2.3.8)
     after_commit_queue (1.3.0)
       activerecord (>= 3.0)
@@ -124,6 +128,9 @@ GEM
     coercible (1.0.0)
       descendants_tracker (~> 0.0.1)
     colorize (0.7.7)
+    concord (0.1.5)
+      adamantium (~> 0.2.0)
+      equalizer (~> 0.0.9)
     concurrent-ruby (1.0.5)
     concurrent-ruby-ext (1.0.5)
       concurrent-ruby (= 1.0.5)
@@ -270,7 +277,7 @@ GEM
       po_to_json (>= 1.0.0)
       rails (>= 3.2.0)
     gherkin-ruby (0.3.2)
-    gitaly (0.26.0)
+    gitaly (0.27.0)
       google-protobuf (~> 3.1)
       grpc (~> 1.0)
     github-linguist (4.7.6)
@@ -289,7 +296,7 @@ GEM
       mime-types (>= 1.16, < 3)
       posix-spawn (~> 0.3)
     gitlab-markup (1.5.1)
-    gitlab_omniauth-ldap (2.0.3)
+    gitlab_omniauth-ldap (2.0.4)
       net-ldap (~> 0.16)
       omniauth (~> 1.3)
       pyu-ruby-sasl (>= 0.0.3.3, < 0.1)
@@ -419,9 +426,18 @@ GEM
     json-schema (2.6.2)
       addressable (~> 2.3.8)
     jwt (1.5.6)
-    kaminari (0.17.0)
-      actionpack (>= 3.0.0)
-      activesupport (>= 3.0.0)
+    kaminari (1.0.1)
+      activesupport (>= 4.1.0)
+      kaminari-actionview (= 1.0.1)
+      kaminari-activerecord (= 1.0.1)
+      kaminari-core (= 1.0.1)
+    kaminari-actionview (1.0.1)
+      actionview
+      kaminari-core (= 1.0.1)
+    kaminari-activerecord (1.0.1)
+      activerecord
+      kaminari-core (= 1.0.1)
+    kaminari-core (1.0.1)
     kgio (2.10.0)
     knapsack (1.11.0)
       rake
@@ -461,6 +477,8 @@ GEM
       mime-types (>= 1.16, < 4)
     mail_room (0.9.1)
     memoist (0.15.0)
+    memoizable (0.4.2)
+      thread_safe (~> 0.3, >= 0.3.1)
     method_source (0.8.2)
     mime-types (2.99.3)
     mimemagic (0.3.0)
@@ -548,7 +566,7 @@ GEM
       rubypants (~> 0.2)
     orm_adapter (0.5.0)
     os (0.9.6)
-    parallel (1.11.2)
+    parallel (1.12.0)
     paranoia (2.3.1)
       activerecord (>= 4.0, < 5.2)
     parser (2.4.0.0)
@@ -601,6 +619,11 @@ GEM
     premailer-rails (1.9.7)
       actionmailer (>= 3, < 6)
       premailer (~> 1.7, >= 1.7.9)
+    proc_to_ast (0.1.0)
+      coderay
+      parser
+      unparser
+    procto (0.0.3)
     prometheus-client-mmap (0.7.0.beta11)
       mmap2 (~> 2.2, >= 2.2.7)
     pry (0.10.4)
@@ -709,6 +732,10 @@ GEM
       chunky_png
     rqrcode-rails3 (0.1.7)
       rqrcode (>= 0.4.2)
+    rspec (3.6.0)
+      rspec-core (~> 3.6.0)
+      rspec-expectations (~> 3.6.0)
+      rspec-mocks (~> 3.6.0)
     rspec-core (3.6.0)
       rspec-support (~> 3.6.0)
     rspec-expectations (3.6.0)
@@ -717,6 +744,12 @@ GEM
     rspec-mocks (3.6.0)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.6.0)
+    rspec-parameterized (0.4.0)
+      binding_of_caller
+      parser
+      proc_to_ast
+      rspec (>= 2.13, < 4)
+      unparser
     rspec-rails (3.6.0)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
@@ -741,6 +774,8 @@ GEM
       rainbow (>= 1.99.1, < 3.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (~> 1.0, >= 1.0.1)
+    rubocop-gitlab-security (0.0.6)
+      rubocop (>= 0.47.1)
     rubocop-rspec (1.15.1)
       rubocop (>= 0.42.0)
     ruby-fogbugz (0.2.1)
@@ -881,6 +916,14 @@ GEM
       get_process_mem (~> 0)
       unicorn (>= 4, < 6)
     uniform_notifier (1.10.0)
+    unparser (0.2.6)
+      abstract_type (~> 0.0.7)
+      adamantium (~> 0.2.0)
+      concord (~> 0.1.5)
+      diff-lcs (~> 1.3)
+      equalizer (~> 0.0.9)
+      parser (>= 2.3.1.2, < 2.5)
+      procto (~> 0.0.2)
     url_safe_base64 (0.2.2)
     validates_hostname (1.0.6)
       activerecord (>= 3.0)
@@ -982,11 +1025,11 @@ DEPENDENCIES
   gettext (~> 3.2.2)
   gettext_i18n_rails (~> 1.8.0)
   gettext_i18n_rails_js (~> 1.2.0)
-  gitaly (~> 0.26.0)
+  gitaly (~> 0.27.0)
   github-linguist (~> 4.7.0)
   gitlab-flowdock-git-hook (~> 1.0.1)
   gitlab-markup (~> 1.5.1)
-  gitlab_omniauth-ldap (~> 2.0.3)
+  gitlab_omniauth-ldap (~> 2.0.4)
   gollum-lib (~> 4.2)
   gollum-rugged_adapter (~> 0.4.4)
   gon (~> 6.1.0)
@@ -1009,7 +1052,7 @@ DEPENDENCIES
   jquery-rails (~> 4.1.0)
   json-schema (~> 2.6.2)
   jwt (~> 1.5.6)
-  kaminari (~> 0.17.0)
+  kaminari (~> 1.0)
   knapsack (~> 1.11.0)
   kubeclient (~> 2.2.0)
   letter_opener_web (~> 1.3.0)
@@ -1083,11 +1126,13 @@ DEPENDENCIES
   responders (~> 2.0)
   rouge (~> 2.0)
   rqrcode-rails3 (~> 0.1.7)
+  rspec-parameterized
   rspec-rails (~> 3.6.0)
   rspec-retry (~> 0.4.5)
   rspec-set (~> 0.1.3)
   rspec_profiling (~> 0.0.5)
   rubocop (~> 0.49.1)
+  rubocop-gitlab-security (~> 0.0.6)
   rubocop-rspec (~> 1.15.1)
   ruby-fogbugz (~> 0.2.1)
   ruby-prof (~> 0.16.2)
diff --git a/PROCESS.md b/PROCESS.md
index 2b3d142bf77..e5b17784d20 100644
--- a/PROCESS.md
+++ b/PROCESS.md
@@ -119,6 +119,12 @@ only be left until after the freeze if:
   are aware of it.
 * It is in the correct milestone, with the ~Deliverable label.
 
+If a merge request is not ready, but the developers and Product Manager
+responsible for the feature think it is essential that it is in the release,
+they can [ask for an exception](#asking-for-an-exception) in advance. This is
+preferable to merging something that we are not confident in, but should still
+be a rare case: most features can be allowed to slip a release.
+
 All Community Edition merge requests from GitLab team members merged on the
 freeze date (the 7th) should have a corresponding Enterprise Edition merge
 request, even if there are no conflicts. This is to reduce the size of the
@@ -128,11 +134,26 @@ information, see
 
 ### After the 7th
 
-Once the stable branch is frozen, only fixes for [regressions](#regressions)
-and security issues will be cherry-picked into the stable branch.
-Any merge requests cherry-picked into the stable branch for a previous release will also be picked into the latest stable branch.
-These fixes will be shipped in the next RC for that release if it is before the 22nd.
-If the fixes are are completed on or after the 22nd, they will be shipped in a patch for that release.
+Once the stable branch is frozen, the only MRs that can be cherry-picked into
+the stable branch are:
+
+* Fixes for [regressions](#regressions)
+* Fixes for security issues
+* New or updated translations (as long as they do not touch application code)
+
+Any merge requests cherry-picked into the stable branch for a previous release
+will also be picked into the latest stable branch. These fixes will be shipped
+in the next RC for that release if it is before the 22nd. If the fixes are are
+completed on or after the 22nd, they will be shipped in a patch for that
+release.
+
+During the feature freeze all merge requests that are meant to go into the upcoming
+release should have the correct milestone assigned _and_ have the label
+~"Pick into Stable" set, so that release managers can find and pick them.
+Merge requests without a milestone and this label will
+not be merged into any stable branches.
+
+### Asking for an exception
 
 If you think a merge request should go into an RC or patch even though it does not meet these requirements,
 you can ask for an exception to be made. Exceptions require sign-off from 3 people besides the developer:
@@ -152,11 +173,7 @@ When in doubt, we err on the side of _not_ cherry-picking.
 For example, it is likely that an exception will be made for a trivial 1-5 line performance improvement
 (e.g. adding a database index or adding `includes` to a query), but not for a new feature, no matter how relatively small or thoroughly tested.
 
-During the feature freeze all merge requests that are meant to go into the upcoming
-release should have the correct milestone assigned _and_ have the label
-~"Pick into Stable" set, so that release managers can find and pick them.
-Merge requests without a milestone and this label will
-not be merged into any stable branches.
+All MRs which have had exceptions granted must be merged by the 15th.
 
 ### Regressions
 
diff --git a/app/assets/images/new_repo.png b/app/assets/images/new_repo.png
new file mode 100644
index 00000000000..ed3af06ab1d
--- /dev/null
+++ b/app/assets/images/new_repo.png
diff --git a/app/assets/images/old_repo.png b/app/assets/images/old_repo.png
new file mode 100644
index 00000000000..c3c3b791ad9
--- /dev/null
+++ b/app/assets/images/old_repo.png
diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js
index 56fa0d71a9a..76b724e1bcb 100644
--- a/app/assets/javascripts/api.js
+++ b/app/assets/javascripts/api.js
@@ -13,6 +13,7 @@ const Api = {
   dockerfilePath: '/api/:version/templates/dockerfiles/:key',
   issuableTemplatePath: '/:namespace_path/:project_path/templates/:type/:key',
   usersPath: '/api/:version/users.json',
+  commitPath: '/api/:version/projects/:id/repository/commits',
 
   group(groupId, callback) {
     const url = Api.buildUrl(Api.groupPath)
@@ -95,6 +96,21 @@ const Api = {
       .done(projects => callback(projects));
   },
 
+  commitMultiple(id, data, callback) {
+    // see https://docs.gitlab.com/ce/api/commits.html#create-a-commit-with-multiple-files-and-actions
+    const url = Api.buildUrl(Api.commitPath)
+      .replace(':id', id);
+    return $.ajax({
+      url,
+      type: 'POST',
+      contentType: 'application/json; charset=utf-8',
+      data: JSON.stringify(data),
+      dataType: 'json',
+    })
+      .done(commitData => callback(commitData))
+      .fail(message => callback(message.responseJSON));
+  },
+
   // Return text for a specific license
   licenseText(key, data, callback) {
     const url = Api.buildUrl(Api.licensePath)
diff --git a/app/assets/javascripts/blob/blob_file_dropzone.js b/app/assets/javascripts/blob/blob_file_dropzone.js
index dc636050221..26d3419a162 100644
--- a/app/assets/javascripts/blob/blob_file_dropzone.js
+++ b/app/assets/javascripts/blob/blob_file_dropzone.js
@@ -1,9 +1,24 @@
 /* eslint-disable func-names, object-shorthand, prefer-arrow-callback */
 /* global Dropzone */
 
+import '../lib/utils/url_utility';
+import { HIDDEN_CLASS } from '../lib/utils/constants';
+
+function toggleLoading($el, $icon, loading) {
+  if (loading) {
+    $el.disable();
+    $icon.removeClass(HIDDEN_CLASS);
+  } else {
+    $el.enable();
+    $icon.addClass(HIDDEN_CLASS);
+  }
+}
 export default class BlobFileDropzone {
   constructor(form, method) {
     const formDropzone = form.find('.dropzone');
+    const submitButton = form.find('#submit-all');
+    const submitButtonLoadingIcon = submitButton.find('.js-loading-icon');
+    const dropzoneMessage = form.find('.dz-message');
     Dropzone.autoDiscover = false;
 
     const dropzone = formDropzone.dropzone({
@@ -26,12 +41,20 @@ export default class BlobFileDropzone {
       },
       init: function () {
         this.on('addedfile', function () {
+          toggleLoading(submitButton, submitButtonLoadingIcon, false);
+          dropzoneMessage.addClass(HIDDEN_CLASS);
           $('.dropzone-alerts').html('').hide();
         });
+        this.on('removedfile', function () {
+          toggleLoading(submitButton, submitButtonLoadingIcon, false);
+          dropzoneMessage.removeClass(HIDDEN_CLASS);
+        });
         this.on('success', function (header, response) {
-          window.location.href = response.filePath;
+          $('#modal-upload-blob').modal('hide');
+          window.gl.utils.visitUrl(response.filePath);
         });
         this.on('maxfilesexceeded', function (file) {
+          dropzoneMessage.addClass(HIDDEN_CLASS);
           this.removeFile(file);
         });
         this.on('sending', function (file, xhr, formData) {
@@ -48,14 +71,15 @@ export default class BlobFileDropzone {
       },
     });
 
-    const submitButton = form.find('#submit-all')[0];
-    submitButton.addEventListener('click', function (e) {
+    submitButton.on('click', (e) => {
       e.preventDefault();
       e.stopPropagation();
       if (dropzone[0].dropzone.getQueuedFiles().length === 0) {
         // eslint-disable-next-line no-alert
         alert('Please select a file');
+        return false;
       }
+      toggleLoading(submitButton, submitButtonLoadingIcon, true);
       dropzone[0].dropzone.processQueue();
       return false;
     });
diff --git a/app/assets/javascripts/boards/components/issue_card_inner.js b/app/assets/javascripts/boards/components/issue_card_inner.js
index daef01bc93d..d3de1830895 100644
--- a/app/assets/javascripts/boards/components/issue_card_inner.js
+++ b/app/assets/javascripts/boards/components/issue_card_inner.js
@@ -97,9 +97,8 @@ gl.issueBoards.IssueCardInner = Vue.extend({
       return `Avatar for ${assignee.name}`;
     },
     showLabel(label) {
-      if (!this.list) return true;
-
-      return !this.list.label || label.id !== this.list.label.id;
+      if (!this.list || !label) return true;
+      return true;
     },
     filterByLabel(label, e) {
       if (!this.updateFilters) return;
diff --git a/app/assets/javascripts/boards/components/modal/list.js b/app/assets/javascripts/boards/components/modal/list.js
index 363269c0d5d..b4a45feee4d 100644
--- a/app/assets/javascripts/boards/components/modal/list.js
+++ b/app/assets/javascripts/boards/components/modal/list.js
@@ -1,7 +1,7 @@
 /* global ListIssue */
-/* global bp */
 
 import Vue from 'vue';
+import bp from '../../../breakpoints';
 
 const ModalStore = gl.issueBoards.ModalStore;
 
diff --git a/app/assets/javascripts/breakpoints.js b/app/assets/javascripts/breakpoints.js
index 2c1f988d987..7951348d8b2 100644
--- a/app/assets/javascripts/breakpoints.js
+++ b/app/assets/javascripts/breakpoints.js
@@ -1,66 +1,19 @@
-/* eslint-disable func-names, space-before-function-paren, wrap-iife, one-var, no-var, one-var-declaration-per-line, quotes, no-shadow, prefer-arrow-callback, prefer-template, consistent-return, no-return-assign, new-parens, no-param-reassign, max-len */
+export const breakpoints = {
+  lg: 1200,
+  md: 992,
+  sm: 768,
+  xs: 0,
+};
 
-var Breakpoints = (function() {
-  var BreakpointInstance, instance;
+const BreakpointInstance = {
+  windowWidth: () => window.innerWidth,
+  getBreakpointSize() {
+    const windowWidth = this.windowWidth();
 
-  function Breakpoints() {}
+    const breakpoint = Object.keys(breakpoints).find(key => windowWidth > breakpoints[key]);
 
-  instance = null;
+    return breakpoint;
+  },
+};
 
-  BreakpointInstance = (function() {
-    var BREAKPOINTS;
-
-    BREAKPOINTS = ["xs", "sm", "md", "lg"];
-
-    function BreakpointInstance() {
-      this.setup();
-    }
-
-    BreakpointInstance.prototype.setup = function() {
-      var allDeviceSelector, els;
-      allDeviceSelector = BREAKPOINTS.map(function(breakpoint) {
-        return ".device-" + breakpoint;
-      });
-      if ($(allDeviceSelector.join(",")).length) {
-        return;
-      }
-      // Create all the elements
-      els = $.map(BREAKPOINTS, function(breakpoint) {
-        return "<div class='device-" + breakpoint + " visible-" + breakpoint + "'></div>";
-      });
-      return $("body").append(els.join(''));
-    };
-
-    BreakpointInstance.prototype.visibleDevice = function() {
-      var allDeviceSelector;
-      allDeviceSelector = BREAKPOINTS.map(function(breakpoint) {
-        return ".device-" + breakpoint;
-      });
-      return $(allDeviceSelector.join(",")).filter(":visible");
-    };
-
-    BreakpointInstance.prototype.getBreakpointSize = function() {
-      var $visibleDevice;
-      $visibleDevice = this.visibleDevice;
-      // TODO: Consider refactoring in light of turbolinks removal.
-      // the page refreshed via turbolinks
-      if (!$visibleDevice().length) {
-        this.setup();
-      }
-      $visibleDevice = this.visibleDevice();
-      return $visibleDevice.attr("class").split("visible-")[1];
-    };
-
-    return BreakpointInstance;
-  })();
-
-  Breakpoints.get = function() {
-    return instance != null ? instance : instance = new BreakpointInstance;
-  };
-
-  return Breakpoints;
-})();
-
-$(() => { window.bp = Breakpoints.get(); });
-
-window.Breakpoints = Breakpoints;
+export default BreakpointInstance;
diff --git a/app/assets/javascripts/build.js b/app/assets/javascripts/build.js
index 940326dcd33..ae1a23132a7 100644
--- a/app/assets/javascripts/build.js
+++ b/app/assets/javascripts/build.js
@@ -1,8 +1,7 @@
 /* eslint-disable func-names, wrap-iife, no-use-before-define,
 consistent-return, prefer-rest-params */
-/* global Breakpoints */
-
 import _ from 'underscore';
+import bp from './breakpoints';
 import { bytesToKiB } from './lib/utils/number_utils';
 
 window.Build = (function () {
@@ -34,8 +33,6 @@ window.Build = (function () {
     this.$scrollBottomBtn = $('.js-scroll-down');
 
     clearTimeout(Build.timeout);
-    // Init breakpoint checker
-    this.bp = Breakpoints.get();
 
     this.initSidebar();
     this.populateJobs(this.buildStage);
@@ -230,7 +227,7 @@ window.Build = (function () {
   };
 
   Build.prototype.shouldHideSidebarForViewport = function () {
-    const bootstrapBreakpoint = this.bp.getBreakpointSize();
+    const bootstrapBreakpoint = bp.getBreakpointSize();
     return bootstrapBreakpoint === 'xs' || bootstrapBreakpoint === 'sm';
   };
 
diff --git a/app/assets/javascripts/dispatcher.js b/app/assets/javascripts/dispatcher.js
index e95892a6189..de47485c9f2 100644
--- a/app/assets/javascripts/dispatcher.js
+++ b/app/assets/javascripts/dispatcher.js
@@ -75,6 +75,8 @@ import initNotes from './init_notes';
 import initLegacyFilters from './init_legacy_filters';
 import initIssuableSidebar from './init_issuable_sidebar';
 import GpgBadges from './gpg_badges';
+import UserFeatureHelper from './helpers/user_feature_helper';
+import initChangesDropdown from './init_changes_dropdown';
 
 (function() {
   var Dispatcher;
@@ -92,6 +94,7 @@ import GpgBadges from './gpg_badges';
       if (!page) {
         return false;
       }
+
       path = page.split(':');
       shortcut_handler = null;
 
@@ -226,6 +229,7 @@ import GpgBadges from './gpg_badges';
           break;
         case 'projects:compare:show':
           new gl.Diff();
+          initChangesDropdown();
           break;
         case 'projects:branches:new':
         case 'projects:branches:create':
@@ -318,6 +322,7 @@ import GpgBadges from './gpg_badges';
             container: '.js-commit-pipeline-graph',
           }).bindEvents();
           initNotes();
+          initChangesDropdown();
           $('.commit-info.branches').load(document.querySelector('.js-commit-box').dataset.commitPath);
           break;
         case 'projects:commit:pipelines':
@@ -338,12 +343,13 @@ import GpgBadges from './gpg_badges';
         case 'projects:show':
           shortcut_handler = new ShortcutsNavigation();
           new NotificationsForm();
-          if ($('#tree-slider').length) {
-            new TreeView();
-          }
-          if ($('.blob-viewer').length) {
-            new BlobViewer();
-          }
+
+          if ($('#tree-slider').length) new TreeView();
+          if ($('.blob-viewer').length) new BlobViewer();
+          if ($('.project-show-activity').length) new gl.Activities();
+          $('#tree-slider').waitForImages(function() {
+            gl.utils.ajaxGet(document.querySelector('.js-tree-content').dataset.logsPath);
+          });
           break;
         case 'projects:edit':
           setupProjectEdit();
@@ -407,6 +413,9 @@ import GpgBadges from './gpg_badges';
           break;
         case 'projects:tree:show':
           shortcut_handler = new ShortcutsNavigation();
+
+          if (UserFeatureHelper.isNewRepo()) break;
+
           new TreeView();
           new BlobViewer();
           new NewCommitForm($('.js-create-dir-form'));
@@ -425,6 +434,7 @@ import GpgBadges from './gpg_badges';
           shortcut_handler = true;
           break;
         case 'projects:blob:show':
+          if (UserFeatureHelper.isNewRepo()) break;
           new BlobViewer();
           initBlob();
           break;
diff --git a/app/assets/javascripts/due_date_select.js b/app/assets/javascripts/due_date_select.js
index 2856c8e2862..ee71728184f 100644
--- a/app/assets/javascripts/due_date_select.js
+++ b/app/assets/javascripts/due_date_select.js
@@ -1,7 +1,7 @@
 /* eslint-disable wrap-iife, func-names, space-before-function-paren, comma-dangle, prefer-template, consistent-return, class-methods-use-this, arrow-body-style, no-unused-vars, no-underscore-dangle, no-new, max-len, no-sequences, no-unused-expressions, no-param-reassign */
 /* global dateFormat */
-/* global Pikaday */
 
+import Pikaday from 'pikaday';
 import DateFix from './lib/utils/datefix';
 
 class DueDateSelect {
diff --git a/app/assets/javascripts/fly_out_nav.js b/app/assets/javascripts/fly_out_nav.js
index 301e82f4610..cbc3ad23990 100644
--- a/app/assets/javascripts/fly_out_nav.js
+++ b/app/assets/javascripts/fly_out_nav.js
@@ -1,7 +1,50 @@
-/* global bp */
-import './breakpoints';
+import Cookies from 'js-cookie';
+import bp from './breakpoints';
 
-export const canShowSubItems = () => bp.getBreakpointSize() === 'md' || bp.getBreakpointSize() === 'lg';
+const HIDE_INTERVAL_TIMEOUT = 300;
+const IS_OVER_CLASS = 'is-over';
+const IS_ABOVE_CLASS = 'is-above';
+const IS_SHOWING_FLY_OUT_CLASS = 'is-showing-fly-out';
+let currentOpenMenu = null;
+let menuCornerLocs;
+let timeoutId;
+
+export const mousePos = [];
+
+export const setOpenMenu = (menu = null) => { currentOpenMenu = menu; };
+
+export const slope = (a, b) => (b.y - a.y) / (b.x - a.x);
+
+export const canShowActiveSubItems = (el) => {
+  const isHiddenByMedia = bp.getBreakpointSize() === 'sm' || bp.getBreakpointSize() === 'md';
+
+  if (el.classList.contains('active') && !isHiddenByMedia) {
+    return Cookies.get('sidebar_collapsed') === 'true';
+  }
+
+  return true;
+};
+
+export const canShowSubItems = () => bp.getBreakpointSize() === 'sm' || bp.getBreakpointSize() === 'md' || bp.getBreakpointSize() === 'lg';
+
+export const getHideSubItemsInterval = () => {
+  if (!currentOpenMenu) return 0;
+
+  const currentMousePos = mousePos[mousePos.length - 1];
+  const prevMousePos = mousePos[0];
+  const currentMousePosY = currentMousePos.y;
+  const [menuTop, menuBottom] = menuCornerLocs;
+
+  if (currentMousePosY < menuTop.y ||
+      currentMousePosY > menuBottom.y) return 0;
+
+  if (slope(prevMousePos, menuBottom) < slope(currentMousePos, menuBottom) &&
+    slope(prevMousePos, menuTop) > slope(currentMousePos, menuTop)) {
+    return HIDE_INTERVAL_TIMEOUT;
+  }
+
+  return 0;
+};
 
 export const calculateTop = (boundingRect, outerHeight) => {
   const windowHeight = window.innerHeight;
@@ -11,42 +54,118 @@ export const calculateTop = (boundingRect, outerHeight) => {
     boundingRect.top;
 };
 
-export const showSubLevelItems = (el) => {
-  const subItems = el.querySelector('.sidebar-sub-level-items');
+export const hideMenu = (el) => {
+  if (!el) return;
 
-  if (!subItems || !canShowSubItems()) return;
+  const parentEl = el.parentNode;
 
-  subItems.style.display = 'block';
-  el.classList.add('is-over');
+  el.style.display = ''; // eslint-disable-line no-param-reassign
+  el.style.transform = ''; // eslint-disable-line no-param-reassign
+  el.classList.remove(IS_ABOVE_CLASS);
+  parentEl.classList.remove(IS_OVER_CLASS);
+  parentEl.classList.remove(IS_SHOWING_FLY_OUT_CLASS);
 
+  setOpenMenu();
+};
+
+export const moveSubItemsToPosition = (el, subItems) => {
   const boundingRect = el.getBoundingClientRect();
   const top = calculateTop(boundingRect, subItems.offsetHeight);
   const isAbove = top < boundingRect.top;
 
   subItems.classList.add('fly-out-list');
-  subItems.style.transform = `translate3d(0, ${Math.floor(top)}px, 0)`;
+  subItems.style.transform = `translate3d(0, ${Math.floor(top)}px, 0)`; // eslint-disable-line no-param-reassign
+
+  const subItemsRect = subItems.getBoundingClientRect();
+
+  menuCornerLocs = [
+    {
+      x: subItemsRect.left, // left position of the sub items
+      y: subItemsRect.top, // top position of the sub items
+    },
+    {
+      x: subItemsRect.left, // left position of the sub items
+      y: subItemsRect.top + subItemsRect.height, // bottom position of the sub items
+    },
+  ];
 
   if (isAbove) {
-    subItems.classList.add('is-above');
+    subItems.classList.add(IS_ABOVE_CLASS);
   }
 };
 
-export const hideSubLevelItems = (el) => {
+export const showSubLevelItems = (el) => {
   const subItems = el.querySelector('.sidebar-sub-level-items');
 
-  if (!subItems || !canShowSubItems()) return;
+  if (!canShowSubItems() || !canShowActiveSubItems(el)) return;
+
+  el.classList.add(IS_OVER_CLASS);
 
-  el.classList.remove('is-over');
-  subItems.style.display = 'none';
-  subItems.classList.remove('is-above');
+  if (!subItems) return;
+
+  subItems.style.display = 'block';
+  el.classList.add(IS_SHOWING_FLY_OUT_CLASS);
+
+  setOpenMenu(subItems);
+  moveSubItemsToPosition(el, subItems);
+};
+
+export const mouseEnterTopItems = (el) => {
+  clearTimeout(timeoutId);
+
+  timeoutId = setTimeout(() => {
+    if (currentOpenMenu) hideMenu(currentOpenMenu);
+
+    showSubLevelItems(el);
+  }, getHideSubItemsInterval());
+};
+
+export const mouseLeaveTopItem = (el) => {
+  const subItems = el.querySelector('.sidebar-sub-level-items');
+
+  if (!canShowSubItems() || !canShowActiveSubItems(el) ||
+      (subItems && subItems === currentOpenMenu)) return;
+
+  el.classList.remove(IS_OVER_CLASS);
+};
+
+export const documentMouseMove = (e) => {
+  mousePos.push({
+    x: e.clientX,
+    y: e.clientY,
+  });
+
+  if (mousePos.length > 6) mousePos.shift();
 };
 
 export default () => {
-  const items = [...document.querySelectorAll('.sidebar-top-level-items > li:not(.active)')]
-    .filter(el => el.querySelector('.sidebar-sub-level-items'));
+  const sidebar = document.querySelector('.sidebar-top-level-items');
+
+  if (!sidebar) return;
+
+  const items = [...sidebar.querySelectorAll('.sidebar-top-level-items > li')];
+
+  sidebar.addEventListener('mouseleave', () => {
+    clearTimeout(timeoutId);
+
+    timeoutId = setTimeout(() => {
+      if (currentOpenMenu) hideMenu(currentOpenMenu);
+    }, getHideSubItemsInterval());
+  });
 
   items.forEach((el) => {
-    el.addEventListener('mouseenter', e => showSubLevelItems(e.currentTarget));
-    el.addEventListener('mouseleave', e => hideSubLevelItems(e.currentTarget));
+    const subItems = el.querySelector('.sidebar-sub-level-items');
+
+    if (subItems) {
+      subItems.addEventListener('mouseleave', () => {
+        clearTimeout(timeoutId);
+        hideMenu(currentOpenMenu);
+      });
+    }
+
+    el.addEventListener('mouseenter', e => mouseEnterTopItems(e.currentTarget));
+    el.addEventListener('mouseleave', e => mouseLeaveTopItem(e.currentTarget));
   });
+
+  document.addEventListener('mousemove', documentMouseMove);
 };
diff --git a/app/assets/javascripts/gl_dropdown.js b/app/assets/javascripts/gl_dropdown.js
index 7d11cd0b6b2..b62acfcd445 100644
--- a/app/assets/javascripts/gl_dropdown.js
+++ b/app/assets/javascripts/gl_dropdown.js
@@ -1,9 +1,53 @@
-/* eslint-disable func-names, space-before-function-paren, no-var, one-var, one-var-declaration-per-line, prefer-rest-params, max-len, vars-on-top, wrap-iife, no-unused-vars, quotes, no-shadow, no-cond-assign, prefer-arrow-callback, no-return-assign, no-else-return, camelcase, comma-dangle, no-lonely-if, guard-for-in, no-restricted-syntax, consistent-return, prefer-template, no-param-reassign, no-loop-func, no-mixed-operators */
+/* eslint-disable func-names, no-underscore-dangle, space-before-function-paren, no-var, one-var, one-var-declaration-per-line, prefer-rest-params, max-len, vars-on-top, wrap-iife, no-unused-vars, quotes, no-shadow, no-cond-assign, prefer-arrow-callback, no-return-assign, no-else-return, camelcase, comma-dangle, no-lonely-if, guard-for-in, no-restricted-syntax, consistent-return, prefer-template, no-param-reassign, no-loop-func, no-mixed-operators */
 /* global fuzzaldrinPlus */
 import _ from 'underscore';
 import { isObject } from './lib/utils/type_utility';
 
-var GitLabDropdown, GitLabDropdownFilter, GitLabDropdownRemote;
+var GitLabDropdown, GitLabDropdownFilter, GitLabDropdownRemote, GitLabDropdownInput;
+
+GitLabDropdownInput = (function() {
+  function GitLabDropdownInput(input, options) {
+    var $inputContainer, $clearButton;
+    var _this = this;
+    this.input = input;
+    this.options = options;
+    this.fieldName = this.options.fieldName || 'field-name';
+    $inputContainer = this.input.parent();
+    $clearButton = $inputContainer.find('.js-dropdown-input-clear');
+    $clearButton.on('click', (function(_this) {
+      // Clear click
+      return function(e) {
+        e.preventDefault();
+        e.stopPropagation();
+        return _this.input.val('').trigger('input').focus();
+      };
+    })(this));
+
+    this.input
+    .on('keydown', function (e) {
+      var keyCode = e.which;
+      if (keyCode === 13 && !options.elIsInput) {
+        e.preventDefault();
+      }
+    })
+    .on('input', function(e) {
+      var val = e.currentTarget.value || _this.options.inputFieldName;
+      val = val.split(' ').join('-') // replaces space with dash
+        .replace(/[^a-zA-Z0-9 -]/g, '').toLowerCase() // replace non alphanumeric
+        .replace(/(-)\1+/g, '-'); // replace repeated dashes
+      _this.cb(_this.options.fieldName, val, {}, true);
+      _this.input.closest('.dropdown')
+        .find('.dropdown-toggle-text')
+        .text(val);
+    });
+  }
+
+  GitLabDropdownInput.prototype.onInput = function(cb) {
+    this.cb = cb;
+  };
+
+  return GitLabDropdownInput;
+})();
 
 GitLabDropdownFilter = (function() {
   var ARROW_KEY_CODES, BLUR_KEYCODES, HAS_VALUE_CLASS;
@@ -191,7 +235,7 @@ GitLabDropdownRemote = (function() {
 })();
 
 GitLabDropdown = (function() {
-  var ACTIVE_CLASS, FILTER_INPUT, INDETERMINATE_CLASS, LOADING_CLASS, PAGE_TWO_CLASS, NON_SELECTABLE_CLASSES, SELECTABLE_CLASSES, CURSOR_SELECT_SCROLL_PADDING, currentIndex;
+  var ACTIVE_CLASS, FILTER_INPUT, NO_FILTER_INPUT, INDETERMINATE_CLASS, LOADING_CLASS, PAGE_TWO_CLASS, NON_SELECTABLE_CLASSES, SELECTABLE_CLASSES, CURSOR_SELECT_SCROLL_PADDING, currentIndex;
 
   LOADING_CLASS = "is-loading";
 
@@ -209,7 +253,9 @@ GitLabDropdown = (function() {
 
   CURSOR_SELECT_SCROLL_PADDING = 5;
 
-  FILTER_INPUT = '.dropdown-input .dropdown-input-field';
+  FILTER_INPUT = '.dropdown-input .dropdown-input-field:not(.dropdown-no-filter)';
+
+  NO_FILTER_INPUT = '.dropdown-input .dropdown-input-field.dropdown-no-filter';
 
   function GitLabDropdown(el1, options) {
     var searchFields, selector, self;
@@ -224,6 +270,7 @@ GitLabDropdown = (function() {
     this.dropdown = selector != null ? $(selector) : $(this.el).parent();
     // Set Defaults
     this.filterInput = this.options.filterInput || this.getElement(FILTER_INPUT);
+    this.noFilterInput = this.options.noFilterInput || this.getElement(NO_FILTER_INPUT);
     this.highlight = !!this.options.highlight;
     this.filterInputBlur = this.options.filterInputBlur != null
       ? this.options.filterInputBlur
@@ -262,6 +309,10 @@ GitLabDropdown = (function() {
         });
       }
     }
+    if (this.noFilterInput.length) {
+      this.plainInput = new GitLabDropdownInput(this.noFilterInput, this.options);
+      this.plainInput.onInput(this.addInput.bind(this));
+    }
     // Init filterable
     if (this.options.filterable) {
       this.filter = new GitLabDropdownFilter(this.filterInput, {
@@ -753,9 +804,13 @@ GitLabDropdown = (function() {
     }
   };
 
-  GitLabDropdown.prototype.addInput = function(fieldName, value, selectedObject) {
+  GitLabDropdown.prototype.addInput = function(fieldName, value, selectedObject, single) {
     var $input;
     // Create hidden input for form
+    if (single) {
+      $('input[name="' + fieldName + '"]').remove();
+    }
+
     $input = $('<input>').attr('type', 'hidden').attr('name', fieldName).val(value);
     if (this.options.inputId != null) {
       $input.attr('id', this.options.inputId);
@@ -771,7 +826,7 @@ GitLabDropdown = (function() {
       $input.attr('data-meta', selectedObject[this.options.inputMeta]);
     }
 
-    return this.dropdown.before($input);
+    this.dropdown.before($input).trigger('change');
   };
 
   GitLabDropdown.prototype.selectRowAtIndex = function(index) {
diff --git a/app/assets/javascripts/gpg_badges.js b/app/assets/javascripts/gpg_badges.js
index 1c379e9bb67..7ac9dcd1112 100644
--- a/app/assets/javascripts/gpg_badges.js
+++ b/app/assets/javascripts/gpg_badges.js
@@ -1,12 +1,14 @@
 export default class GpgBadges {
   static fetch() {
+    const badges = $('.js-loading-gpg-badge');
     const form = $('.commits-search-form');
 
+    badges.html('<i class="fa fa-spinner fa-spin"></i>');
+
     $.get({
       url: form.data('signatures-path'),
       data: form.serialize(),
     }).done((response) => {
-      const badges = $('.js-loading-gpg-badge');
       response.signatures.forEach((signature) => {
         badges.filter(`[data-commit-sha="${signature.commit_sha}"]`).replaceWith(signature.html);
       });
diff --git a/app/assets/javascripts/graphs/graphs_charts.js b/app/assets/javascripts/graphs/graphs_charts.js
index 279ffef770f..ec6eab34989 100644
--- a/app/assets/javascripts/graphs/graphs_charts.js
+++ b/app/assets/javascripts/graphs/graphs_charts.js
@@ -1,4 +1,5 @@
 import Chart from 'vendor/Chart';
+import _ from 'underscore';
 
 document.addEventListener('DOMContentLoaded', () => {
   const projectChartData = JSON.parse(document.getElementById('projectChartData').innerHTML);
@@ -27,28 +28,25 @@ document.addEventListener('DOMContentLoaded', () => {
     return generateChart();
   };
 
-  const chartData = (keys, values) => {
-    const data = {
-      labels: keys,
-      datasets: [{
-        fillColor: 'rgba(220,220,220,0.5)',
-        strokeColor: 'rgba(220,220,220,1)',
-        barStrokeWidth: 1,
-        barValueSpacing: 1,
-        barDatasetSpacing: 1,
-        data: values,
-      }],
-    };
-    return data;
-  };
-
-  const hourData = chartData(projectChartData.hour.keys, projectChartData.hour.values);
+  const chartData = data => ({
+    labels: Object.keys(data),
+    datasets: [{
+      fillColor: 'rgba(220,220,220,0.5)',
+      strokeColor: 'rgba(220,220,220,1)',
+      barStrokeWidth: 1,
+      barValueSpacing: 1,
+      barDatasetSpacing: 1,
+      data: _.values(data),
+    }],
+  });
+
+  const hourData = chartData(projectChartData.hour);
   responsiveChart($('#hour-chart'), hourData);
 
-  const dayData = chartData(projectChartData.weekDays.keys, projectChartData.weekDays.values);
+  const dayData = chartData(projectChartData.weekDays);
   responsiveChart($('#weekday-chart'), dayData);
 
-  const monthData = chartData(projectChartData.month.keys, projectChartData.month.values);
+  const monthData = chartData(projectChartData.month);
   responsiveChart($('#month-chart'), monthData);
 
   const data = projectChartData.languages;
diff --git a/app/assets/javascripts/helpers/user_feature_helper.js b/app/assets/javascripts/helpers/user_feature_helper.js
new file mode 100644
index 00000000000..fcd8569819c
--- /dev/null
+++ b/app/assets/javascripts/helpers/user_feature_helper.js
@@ -0,0 +1,11 @@
+import Cookies from 'js-cookie';
+
+function isNewRepo() {
+  return Cookies.get('new_repo') === 'true';
+}
+
+const UserFeatureHelper = {
+  isNewRepo,
+};
+
+export default UserFeatureHelper;
diff --git a/app/assets/javascripts/init_changes_dropdown.js b/app/assets/javascripts/init_changes_dropdown.js
new file mode 100644
index 00000000000..f785ed29e6c
--- /dev/null
+++ b/app/assets/javascripts/init_changes_dropdown.js
@@ -0,0 +1,10 @@
+import stickyMonitor from './lib/utils/sticky';
+
+export default () => {
+  stickyMonitor(document.querySelector('.js-diff-files-changed'));
+
+  $('.js-diff-stats-dropdown').glDropdown({
+    filterable: true,
+    remoteFilter: false,
+  });
+};
diff --git a/app/assets/javascripts/issuable_context.js b/app/assets/javascripts/issuable_context.js
index 26392db4b5b..70c364e51fe 100644
--- a/app/assets/javascripts/issuable_context.js
+++ b/app/assets/javascripts/issuable_context.js
@@ -1,7 +1,6 @@
 /* eslint-disable func-names, space-before-function-paren, wrap-iife, no-new, comma-dangle, quotes, prefer-arrow-callback, consistent-return, one-var, no-var, one-var-declaration-per-line, no-underscore-dangle, max-len */
-/* global bp */
-
 import Cookies from 'js-cookie';
+import bp from './breakpoints';
 import UsersSelect from './users_select';
 
 const PARTICIPANTS_ROW_COUNT = 7;
diff --git a/app/assets/javascripts/issuable_form.js b/app/assets/javascripts/issuable_form.js
index 9ac1325fc95..3f848e0859b 100644
--- a/app/assets/javascripts/issuable_form.js
+++ b/app/assets/javascripts/issuable_form.js
@@ -2,8 +2,8 @@
 /* global GitLab */
 /* global Autosave */
 /* global dateFormat */
-/* global Pikaday */
 
+import Pikaday from 'pikaday';
 import UsersSelect from './users_select';
 import GfmAutoComplete from './gfm_auto_complete';
 import ZenMode from './zen_mode';
diff --git a/app/assets/javascripts/jobs/components/header.vue b/app/assets/javascripts/jobs/components/header.vue
index 5b9cf577189..3f6f40d47ba 100644
--- a/app/assets/javascripts/jobs/components/header.vue
+++ b/app/assets/javascripts/jobs/components/header.vue
@@ -40,7 +40,7 @@
             label: 'New issue',
             path: this.job.new_issue_path,
             cssClass: 'js-new-issue btn btn-new btn-inverted visible-md-block visible-lg-block',
-            type: 'ujs-link',
+            type: 'link',
           });
         }
 
diff --git a/app/assets/javascripts/lib/utils/constants.js b/app/assets/javascripts/lib/utils/constants.js
index 1e96c7ab5cd..7a72509d234 100644
--- a/app/assets/javascripts/lib/utils/constants.js
+++ b/app/assets/javascripts/lib/utils/constants.js
@@ -1,2 +1,3 @@
 /* eslint-disable import/prefer-default-export */
 export const BYTES_IN_KIB = 1024;
+export const HIDDEN_CLASS = 'hidden';
diff --git a/app/assets/javascripts/main.js b/app/assets/javascripts/main.js
index 42092a34c2f..37f531c78f4 100644
--- a/app/assets/javascripts/main.js
+++ b/app/assets/javascripts/main.js
@@ -1,5 +1,4 @@
 /* eslint-disable func-names, space-before-function-paren, no-var, quotes, consistent-return, prefer-arrow-callback, comma-dangle, object-shorthand, no-new, max-len, no-multi-spaces, import/newline-after-import, import/first */
-/* global bp */
 /* global Flash */
 /* global ConfirmDangerModal */
 /* global Aside */
@@ -7,7 +6,6 @@
 import jQuery from 'jquery';
 import _ from 'underscore';
 import Cookies from 'js-cookie';
-import Pikaday from 'pikaday';
 import Dropzone from 'dropzone';
 import Sortable from 'vendor/Sortable';
 
@@ -20,7 +18,6 @@ import 'vendor/fuzzaldrin-plus';
 window.jQuery = jQuery;
 window.$ = jQuery;
 window._ = _;
-window.Pikaday = Pikaday;
 window.Dropzone = Dropzone;
 window.Sortable = Sortable;
 
@@ -68,7 +65,7 @@ import './api';
 import './aside';
 import './autosave';
 import loadAwardsHandler from './awards_handler';
-import './breakpoints';
+import bp from './breakpoints';
 import './broadcast_message';
 import './build';
 import './build_artifacts';
diff --git a/app/assets/javascripts/member_expiration_date.js b/app/assets/javascripts/member_expiration_date.js
index e034729bd39..cc9016e74da 100644
--- a/app/assets/javascripts/member_expiration_date.js
+++ b/app/assets/javascripts/member_expiration_date.js
@@ -1,5 +1,7 @@
-/* global Pikaday */
 /* global dateFormat */
+
+import Pikaday from 'pikaday';
+
 (() => {
   // Add datepickers to all `js-access-expiration-date` elements. If those elements are
   // children of an element with the `clearable-input` class, and have a sibling
diff --git a/app/assets/javascripts/merge_request_tabs.js b/app/assets/javascripts/merge_request_tabs.js
index 4ffd71d9de5..5a9b3d19f84 100644
--- a/app/assets/javascripts/merge_request_tabs.js
+++ b/app/assets/javascripts/merge_request_tabs.js
@@ -1,13 +1,12 @@
 /* eslint-disable no-new, class-methods-use-this */
-/* global Breakpoints */
 /* global Flash */
 /* global notes */
 
 import Cookies from 'js-cookie';
-import './breakpoints';
 import './flash';
 import BlobForkSuggestion from './blob/blob_fork_suggestion';
-import stickyMonitor from './lib/utils/sticky';
+import initChangesDropdown from './init_changes_dropdown';
+import bp from './breakpoints';
 
 /* eslint-disable max-len */
 // MergeRequestTabs
@@ -134,7 +133,7 @@ import stickyMonitor from './lib/utils/sticky';
         this.destroyPipelinesView();
       } else if (this.isDiffAction(action)) {
         this.loadDiff($target.attr('href'));
-        if (Breakpoints.get().getBreakpointSize() !== 'lg') {
+        if (bp.getBreakpointSize() !== 'lg') {
           this.shrinkView();
         }
         if (this.diffViewType() === 'parallel') {
@@ -145,7 +144,7 @@ import stickyMonitor from './lib/utils/sticky';
         this.resetViewContainer();
         this.mountPipelinesView();
       } else {
-        if (Breakpoints.get().getBreakpointSize() !== 'xs') {
+        if (bp.getBreakpointSize() !== 'xs') {
           this.expandView();
         }
         this.resetViewContainer();
@@ -267,9 +266,7 @@ import stickyMonitor from './lib/utils/sticky';
           const $container = $('#diffs');
           $container.html(data.html);
 
-          this.initChangesDropdown();
-
-          stickyMonitor(document.querySelector('.js-diff-files-changed'));
+          initChangesDropdown();
 
           if (typeof gl.diffNotesCompileComponents !== 'undefined') {
             gl.diffNotesCompileComponents();
@@ -319,13 +316,6 @@ import stickyMonitor from './lib/utils/sticky';
       });
     }
 
-    initChangesDropdown() {
-      $('.js-diff-stats-dropdown').glDropdown({
-        filterable: true,
-        remoteFilter: false,
-      });
-    }
-
     // Show or hide the loading spinner
     //
     // status - Boolean, true to show, false to hide
@@ -401,7 +391,7 @@ import stickyMonitor from './lib/utils/sticky';
 
       // Screen space on small screens is usually very sparse
       // So we dont affix the tabs on these
-      if (Breakpoints.get().getBreakpointSize() === 'xs' || !$tabs.length) return;
+      if (bp.getBreakpointSize() === 'xs' || !$tabs.length) return;
 
       /**
         If the browser does not support position sticky, it returns the position as static.
diff --git a/app/assets/javascripts/monitoring/components/monitoring_column.vue b/app/assets/javascripts/monitoring/components/monitoring_column.vue
index c376baea79c..407af51cb7a 100644
--- a/app/assets/javascripts/monitoring/components/monitoring_column.vue
+++ b/app/assets/javascripts/monitoring/components/monitoring_column.vue
@@ -1,5 +1,4 @@
 <script>
-  /* global Breakpoints */
   import d3 from 'd3';
   import monitoringLegends from './monitoring_legends.vue';
   import monitoringFlag from './monitoring_flag.vue';
@@ -8,6 +7,7 @@
   import eventHub from '../event_hub';
   import measurements from '../utils/measurements';
   import { formatRelevantDigits } from '../../lib/utils/number_utils';
+  import bp from '../../breakpoints';
 
   const bisectDate = d3.bisector(d => d.time).left;
 
@@ -42,7 +42,6 @@
         yScale: {},
         margin: {},
         data: [],
-        breakpointHandler: Breakpoints.get(),
         unitOfDisplay: '',
         areaColorRgb: '#8fbce8',
         lineColorRgb: '#1f78d1',
@@ -96,7 +95,7 @@
 
     methods: {
       draw() {
-        const breakpointSize = this.breakpointHandler.getBreakpointSize();
+        const breakpointSize = bp.getBreakpointSize();
         const query = this.columnData.queries[0];
         this.margin = measurements.large.margin;
         if (breakpointSize === 'xs' || breakpointSize === 'sm') {
diff --git a/app/assets/javascripts/new_sidebar.js b/app/assets/javascripts/new_sidebar.js
index 930218dd1f5..b10b074f5ac 100644
--- a/app/assets/javascripts/new_sidebar.js
+++ b/app/assets/javascripts/new_sidebar.js
@@ -1,7 +1,6 @@
 import Cookies from 'js-cookie';
 import _ from 'underscore';
-/* global bp */
-import './breakpoints';
+import bp from './breakpoints';
 
 export default class NewNavSidebar {
   constructor() {
diff --git a/app/assets/javascripts/pipeline_schedules/components/pipeline_schedules_callout.js b/app/assets/javascripts/pipeline_schedules/components/pipeline_schedules_callout.js
deleted file mode 100644
index c827b7402dc..00000000000
--- a/app/assets/javascripts/pipeline_schedules/components/pipeline_schedules_callout.js
+++ /dev/null
@@ -1,50 +0,0 @@
-import Vue from 'vue';
-import Cookies from 'js-cookie';
-import Translate from '../../vue_shared/translate';
-import illustrationSvg from '../icons/intro_illustration.svg';
-
-Vue.use(Translate);
-
-const cookieKey = 'pipeline_schedules_callout_dismissed';
-
-export default {
-  name: 'PipelineSchedulesCallout',
-  data() {
-    return {
-      docsUrl: document.getElementById('pipeline-schedules-callout').dataset.docsUrl,
-      illustrationSvg,
-      calloutDismissed: Cookies.get(cookieKey) === 'true',
-    };
-  },
-  methods: {
-    dismissCallout() {
-      this.calloutDismissed = true;
-      Cookies.set(cookieKey, this.calloutDismissed, { expires: 365 });
-    },
-  },
-  template: `
-    <div v-if="!calloutDismissed" class="pipeline-schedules-user-callout user-callout">
-      <div class="bordered-box landing content-block">
-        <button
-          id="dismiss-callout-btn"
-          class="btn btn-default close"
-          @click="dismissCallout">
-          <i class="fa fa-times"></i>
-        </button>
-        <div class="svg-container" v-html="illustrationSvg"></div>
-        <div class="user-callout-copy">
-          <h4>{{ __('Scheduling Pipelines') }}</h4>
-          <p>
-              {{ __('The pipelines schedule runs pipelines in the future, repeatedly, for specific branches or tags. Those scheduled pipelines will inherit limited project access based on their associated user.') }}
-          </p>
-          <p> {{ __('Learn more in the') }}
-            <a
-              :href="docsUrl"
-              target="_blank"
-              rel="nofollow">{{ s__('Learn more in the|pipeline schedules documentation') }}</a>. <!-- oneline to prevent extra space before period -->
-          </p>
-        </div>
-      </div>
-    </div>
-  `,
-};
diff --git a/app/assets/javascripts/pipeline_schedules/components/pipeline_schedules_callout.vue b/app/assets/javascripts/pipeline_schedules/components/pipeline_schedules_callout.vue
new file mode 100644
index 00000000000..6e0bc2d697a
--- /dev/null
+++ b/app/assets/javascripts/pipeline_schedules/components/pipeline_schedules_callout.vue
@@ -0,0 +1,59 @@
+<script>
+  import Vue from 'vue';
+  import Cookies from 'js-cookie';
+  import Translate from '../../vue_shared/translate';
+  import illustrationSvg from '../icons/intro_illustration.svg';
+
+  Vue.use(Translate);
+
+  const cookieKey = 'pipeline_schedules_callout_dismissed';
+
+  export default {
+    name: 'PipelineSchedulesCallout',
+    data() {
+      return {
+        docsUrl: document.getElementById('pipeline-schedules-callout').dataset.docsUrl,
+        calloutDismissed: Cookies.get(cookieKey) === 'true',
+      };
+    },
+    methods: {
+      dismissCallout() {
+        this.calloutDismissed = true;
+        Cookies.set(cookieKey, this.calloutDismissed, { expires: 365 });
+      },
+    },
+    created() {
+      this.illustrationSvg = illustrationSvg;
+    },
+  };
+</script>
+<template>
+  <div
+    v-if="!calloutDismissed"
+    class="pipeline-schedules-user-callout user-callout">
+    <div class="bordered-box landing content-block">
+      <button
+        id="dismiss-callout-btn"
+        class="btn btn-default close"
+        @click="dismissCallout">
+        <i
+          aria-hidden="true"
+          class="fa fa-times">
+        </i>
+      </button>
+      <div class="svg-container" v-html="illustrationSvg"></div>
+      <div class="user-callout-copy">
+        <h4>{{ __('Scheduling Pipelines') }}</h4>
+        <p>
+            {{ __('The pipelines schedule runs pipelines in the future, repeatedly, for specific branches or tags. Those scheduled pipelines will inherit limited project access based on their associated user.') }}
+        </p>
+        <p> {{ __('Learn more in the') }}
+          <a
+            :href="docsUrl"
+            target="_blank"
+            rel="nofollow">{{ s__('Learn more in the|pipeline schedules documentation') }}</a>. <!-- oneline to prevent extra space before period -->
+        </p>
+      </div>
+    </div>
+  </div>
+</template>
diff --git a/app/assets/javascripts/pipeline_schedules/pipeline_schedules_index_bundle.js b/app/assets/javascripts/pipeline_schedules/pipeline_schedules_index_bundle.js
index 6584549ad06..a6c945e22b0 100644
--- a/app/assets/javascripts/pipeline_schedules/pipeline_schedules_index_bundle.js
+++ b/app/assets/javascripts/pipeline_schedules/pipeline_schedules_index_bundle.js
@@ -1,5 +1,5 @@
 import Vue from 'vue';
-import PipelineSchedulesCallout from './components/pipeline_schedules_callout';
+import PipelineSchedulesCallout from './components/pipeline_schedules_callout.vue';
 
 document.addEventListener('DOMContentLoaded', () => new Vue({
   el: '#pipeline-schedules-callout',
diff --git a/app/assets/javascripts/pipelines/components/graph/dropdown_job_component.vue b/app/assets/javascripts/pipelines/components/graph/dropdown_job_component.vue
index 2944689a5a7..7695b04db74 100644
--- a/app/assets/javascripts/pipelines/components/graph/dropdown_job_component.vue
+++ b/app/assets/javascripts/pipelines/components/graph/dropdown_job_component.vue
@@ -48,6 +48,27 @@
         return `${this.job.name} - ${this.job.status.label}`;
       },
     },
+
+    methods: {
+      /**
+     * When the user right clicks or cmd/ctrl + click in the job name
+     * the dropdown should not be closed and the link should open in another tab,
+     * so we stop propagation of the click event inside the dropdown.
+     *
+     * Since this component is rendered multiple times per page we need to guarantee we only
+     * target the click event of this component.
+     */
+      stopDropdownClickPropagation() {
+        $(this.$el.querySelectorAll('.js-grouped-pipeline-dropdown a.mini-pipeline-graph-dropdown-item'))
+          .on('click', (e) => {
+            e.stopPropagation();
+          });
+      },
+    },
+
+    mounted() {
+      this.stopDropdownClickPropagation();
+    },
   };
 </script>
 <template>
diff --git a/app/assets/javascripts/project.js b/app/assets/javascripts/project.js
index 6e1744e8e72..272e8e8c218 100644
--- a/app/assets/javascripts/project.js
+++ b/app/assets/javascripts/project.js
@@ -90,6 +90,7 @@ import Cookies from 'js-cookie';
           filterable: true,
           filterRemote: true,
           filterByText: true,
+          inputFieldName: $dropdown.data('input-field-name'),
           fieldName: $dropdown.data('field-name'),
           renderRow: function(ref) {
             var li = refListItem.cloneNode(false);
@@ -123,9 +124,14 @@ import Cookies from 'js-cookie';
             e.preventDefault();
             if ($('input[name="ref"]').length) {
               var $form = $dropdown.closest('form');
+
+              var $visit = $dropdown.data('visit');
+              var shouldVisit = typeof $visit === 'undefined' ? true : $visit;
               var action = $form.attr('action');
               var divider = action.indexOf('?') === -1 ? '?' : '&';
-              gl.utils.visitUrl(action + '' + divider + '' + $form.serialize());
+              if (shouldVisit) {
+                gl.utils.visitUrl(`${action}${divider}${$form.serialize()}`);
+              }
             }
           }
         });
diff --git a/app/assets/javascripts/projects/project_new.js b/app/assets/javascripts/projects/project_new.js
index 985521aef34..7f972b6f6ee 100644
--- a/app/assets/javascripts/projects/project_new.js
+++ b/app/assets/javascripts/projects/project_new.js
@@ -36,7 +36,7 @@ const bindEvents = () => {
 
   $('.how_to_import_link').on('click', (e) => {
     e.preventDefault();
-    $('.how_to_import_link').next('.modal').show();
+    $(e.currentTarget).next('.modal').show();
   });
 
   $('.modal-header .close').on('click', () => {
diff --git a/app/assets/javascripts/repo/components/repo.vue b/app/assets/javascripts/repo/components/repo.vue
new file mode 100644
index 00000000000..703da749ad3
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo.vue
@@ -0,0 +1,63 @@
+<script>
+import RepoSidebar from './repo_sidebar.vue';
+import RepoCommitSection from './repo_commit_section.vue';
+import RepoTabs from './repo_tabs.vue';
+import RepoFileButtons from './repo_file_buttons.vue';
+import RepoPreview from './repo_preview.vue';
+import RepoMixin from '../mixins/repo_mixin';
+import PopupDialog from '../../vue_shared/components/popup_dialog.vue';
+import Store from '../stores/repo_store';
+import Helper from '../helpers/repo_helper';
+import MonacoLoaderHelper from '../helpers/monaco_loader_helper';
+
+export default {
+  data: () => Store,
+  mixins: [RepoMixin],
+  components: {
+    'repo-sidebar': RepoSidebar,
+    'repo-tabs': RepoTabs,
+    'repo-file-buttons': RepoFileButtons,
+    'repo-editor': MonacoLoaderHelper.repoEditorLoader,
+    'repo-commit-section': RepoCommitSection,
+    'popup-dialog': PopupDialog,
+    'repo-preview': RepoPreview,
+  },
+
+  mounted() {
+    Helper.getContent().catch(Helper.loadingError);
+  },
+
+  methods: {
+    dialogToggled(toggle) {
+      this.dialog.open = toggle;
+    },
+
+    dialogSubmitted(status) {
+      this.dialog.open = false;
+      this.dialog.status = status;
+    },
+
+    toggleBlobView: Store.toggleBlobView,
+  },
+};
+</script>
+
+<template>
+<div class="repository-view tree-content-holder">
+  <repo-sidebar/><div class="panel-right" :class="{'edit-mode': editMode}">
+    <repo-tabs/>
+    <component :is="currentBlobView" class="blob-viewer-container"></component>
+    <repo-file-buttons/>
+  </div>
+  <repo-commit-section/>
+  <popup-dialog
+    :primary-button-label="__('Discard changes')"
+    :open="dialog.open"
+    kind="warning"
+    :title="__('Are you sure?')"
+    :body="__('Are you sure you want to discard your changes?')"
+    @toggle="dialogToggled"
+    @submit="dialogSubmitted"
+  />
+</div>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_commit_section.vue b/app/assets/javascripts/repo/components/repo_commit_section.vue
new file mode 100644
index 00000000000..344d40be131
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_commit_section.vue
@@ -0,0 +1,98 @@
+<script>
+/* global Flash */
+import Store from '../stores/repo_store';
+import RepoMixin from '../mixins/repo_mixin';
+import Helper from '../helpers/repo_helper';
+import Service from '../services/repo_service';
+
+export default {
+  data: () => Store,
+
+  mixins: [RepoMixin],
+
+  computed: {
+    branchPaths() {
+      const branch = Helper.getBranch();
+      return this.changedFiles.map(f => Helper.getFilePathFromFullPath(f.url, branch));
+    },
+
+    cantCommitYet() {
+      return !this.commitMessage || this.submitCommitsLoading;
+    },
+
+    filePluralize() {
+      return this.changedFiles.length > 1 ? 'files' : 'file';
+    },
+  },
+
+  methods: {
+    makeCommit() {
+      // see https://docs.gitlab.com/ce/api/commits.html#create-a-commit-with-multiple-files-and-actions
+      const branch = Helper.getBranch();
+      const commitMessage = this.commitMessage;
+      const actions = this.changedFiles.map(f => ({
+        action: 'update',
+        file_path: Helper.getFilePathFromFullPath(f.url, branch),
+        content: f.newContent,
+      }));
+      const payload = {
+        branch: Store.targetBranch,
+        commit_message: commitMessage,
+        actions,
+      };
+      Store.submitCommitsLoading = true;
+      Service.commitFiles(payload, this.resetCommitState);
+    },
+
+    resetCommitState() {
+      this.submitCommitsLoading = false;
+      this.changedFiles = [];
+      this.openedFiles = [];
+      this.commitMessage = '';
+      this.editMode = false;
+      $('html, body').animate({ scrollTop: 0 }, 'fast');
+    },
+  },
+};
+</script>
+
+<template>
+<div id="commit-area" v-if="isCommitable && changedFiles.length" >
+  <form class="form-horizontal">
+    <fieldset>
+      <div class="form-group">
+        <label class="col-md-4 control-label staged-files">Staged files ({{changedFiles.length}})</label>
+        <div class="col-md-4">
+          <ul class="list-unstyled changed-files">
+            <li v-for="file in branchPaths" :key="file.id">
+              <span class="help-block">{{file}}</span>
+            </li>
+          </ul>
+        </div>
+      </div>
+      <!-- Textarea
+      -->
+      <div class="form-group">
+        <label class="col-md-4 control-label" for="commit-message">Commit message</label>
+        <div class="col-md-4">
+          <textarea class="form-control" id="commit-message" name="commit-message" v-model="commitMessage"></textarea>
+        </div>
+      </div>
+      <!-- Button Drop Down
+      -->
+      <div class="form-group target-branch">
+        <label class="col-md-4 control-label" for="target-branch">Target branch</label>
+        <div class="col-md-4">
+          <span class="help-block">{{targetBranch}}</span>
+        </div>
+      </div>
+      <div class="col-md-offset-4 col-md-4">
+        <button type="submit" :disabled="cantCommitYet" class="btn btn-success submit-commit" @click.prevent="makeCommit">
+          <i class="fa fa-spinner fa-spin" v-if="submitCommitsLoading"></i>
+          <span class="commit-summary">Commit {{changedFiles.length}} {{filePluralize}}</span>
+        </button>
+      </div>
+    </fieldset>
+  </form>
+</div>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_edit_button.vue b/app/assets/javascripts/repo/components/repo_edit_button.vue
new file mode 100644
index 00000000000..e3820f7688b
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_edit_button.vue
@@ -0,0 +1,49 @@
+<script>
+import Store from '../stores/repo_store';
+import RepoMixin from '../mixins/repo_mixin';
+
+export default {
+  data: () => Store,
+  mixins: [RepoMixin],
+  computed: {
+    buttonLabel() {
+      return this.editMode ? this.__('Cancel edit') : this.__('Edit');
+    },
+
+    buttonIcon() {
+      return this.editMode ? [] : ['fa', 'fa-pencil'];
+    },
+  },
+  methods: {
+    editClicked() {
+      if (this.changedFiles.length) {
+        this.dialog.open = true;
+        return;
+      }
+      this.editMode = !this.editMode;
+      Store.toggleBlobView();
+    },
+    toggleProjectRefsForm() {
+      if (this.editMode) {
+        $('.project-refs-form').addClass('disabled-content');
+        $('.project-refs-target-form').show();
+      } else {
+        $('.project-refs-form').removeClass('disabled-content');
+        $('.project-refs-target-form').hide();
+      }
+    },
+  },
+  watch: {
+    editMode() {
+      this.toggleProjectRefsForm();
+    },
+  },
+};
+</script>
+
+<template>
+<button class="btn btn-default" @click.prevent="editClicked" v-cloak v-if="isCommitable && !activeFile.render_error" :disabled="binary">
+  <i :class="buttonIcon"></i>
+  <span>{{buttonLabel}}</span>
+</button>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_editor.vue b/app/assets/javascripts/repo/components/repo_editor.vue
new file mode 100644
index 00000000000..55a3af7aabb
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_editor.vue
@@ -0,0 +1,112 @@
+<script>
+/* global monaco */
+import Store from '../stores/repo_store';
+import Service from '../services/repo_service';
+import Helper from '../helpers/repo_helper';
+
+const RepoEditor = {
+  data: () => Store,
+
+  destroyed() {
+    // this.monacoInstance.getModels().forEach((m) => {
+    //   m.dispose();
+    // });
+    this.monacoInstance.destroy();
+  },
+
+  mounted() {
+    Service.getRaw(this.activeFile.raw_path)
+    .then((rawResponse) => {
+      Store.blobRaw = rawResponse.data;
+      Helper.findOpenedFileFromActive().plain = rawResponse.data;
+
+      const monacoInstance = this.monaco.editor.create(this.$el, {
+        model: null,
+        readOnly: false,
+        contextmenu: false,
+      });
+
+      Store.monacoInstance = monacoInstance;
+
+      this.addMonacoEvents();
+
+      const languages = this.monaco.languages.getLanguages();
+      const languageID = Helper.getLanguageIDForFile(this.activeFile, languages);
+      const newModel = this.monaco.editor.createModel(this.blobRaw, languageID);
+
+      this.monacoInstance.setModel(newModel);
+    }).catch(Helper.loadingError);
+  },
+
+  methods: {
+    addMonacoEvents() {
+      this.monacoInstance.onMouseUp(this.onMonacoEditorMouseUp);
+      this.monacoInstance.onKeyUp(this.onMonacoEditorKeysPressed.bind(this));
+    },
+
+    onMonacoEditorKeysPressed() {
+      Store.setActiveFileContents(this.monacoInstance.getValue());
+    },
+
+    onMonacoEditorMouseUp(e) {
+      const lineNumber = e.target.position.lineNumber;
+      if (e.target.element.className === 'line-numbers') {
+        location.hash = `L${lineNumber}`;
+        Store.activeLine = lineNumber;
+      }
+    },
+  },
+
+  watch: {
+    activeLine() {
+      this.monacoInstance.setPosition({
+        lineNumber: this.activeLine,
+        column: 1,
+      });
+    },
+    dialog: {
+      handler(obj) {
+        const newObj = obj;
+        if (newObj.status) {
+          newObj.status = false;
+          this.openedFiles.map((file) => {
+            const f = file;
+            if (f.active) {
+              this.blobRaw = f.plain;
+            }
+            f.changed = false;
+            delete f.newContent;
+
+            return f;
+          });
+          this.editMode = false;
+        }
+      },
+      deep: true,
+    },
+
+    blobRaw() {
+      if (this.isTree) return;
+
+      this.monacoInstance.setModel(null);
+
+      const languages = this.monaco.languages.getLanguages();
+      const languageID = Helper.getLanguageIDForFile(this.activeFile, languages);
+      const newModel = this.monaco.editor.createModel(this.blobRaw, languageID);
+
+      this.monacoInstance.setModel(newModel);
+    },
+  },
+  computed: {
+    shouldHideEditor() {
+      return !this.openedFiles.length || (this.binary && !this.activeFile.raw);
+    },
+  },
+};
+
+export default RepoEditor;
+</script>
+
+<template>
+<div id="ide" v-if='!shouldHideEditor'></div>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_file.vue b/app/assets/javascripts/repo/components/repo_file.vue
new file mode 100644
index 00000000000..f604bc22a26
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_file.vue
@@ -0,0 +1,66 @@
+<script>
+import TimeAgoMixin from '../../vue_shared/mixins/timeago';
+
+const RepoFile = {
+  mixins: [TimeAgoMixin],
+  props: {
+    file: {
+      type: Object,
+      required: true,
+    },
+    isMini: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+    loading: {
+      type: Object,
+      required: false,
+      default() { return { tree: false }; },
+    },
+    hasFiles: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+    activeFile: {
+      type: Object,
+      required: true,
+    },
+  },
+
+  computed: {
+    canShowFile() {
+      return !this.loading.tree || this.hasFiles;
+    },
+  },
+
+  methods: {
+    linkClicked(file) {
+      this.$emit('linkclicked', file);
+    },
+  },
+};
+
+export default RepoFile;
+</script>
+
+<template>
+<tr class="file" v-if="canShowFile" :class="{'active': activeFile.url === file.url}">
+  <td @click.prevent="linkClicked(file)">
+    <i class="fa file-icon" v-if="!file.loading" :class="file.icon" :style="{'margin-left': file.level * 10 + 'px'}"></i>
+    <i class="fa fa-spinner fa-spin" v-if="file.loading" :style="{'margin-left': file.level * 10 + 'px'}"></i>
+    <a :href="file.url" class="repo-file-name" :title="file.url">{{file.name}}</a>
+  </td>
+
+  <td v-if="!isMini" class="hidden-sm hidden-xs">
+    <div class="commit-message">
+      <a :href="file.lastCommitUrl">{{file.lastCommitMessage}}</a>
+    </div>
+  </td>
+
+  <td v-if="!isMini" class="hidden-xs">
+    <span class="commit-update" :title="tooltipTitle(file.lastCommitUpdate)">{{timeFormated(file.lastCommitUpdate)}}</span>
+  </td>
+</tr>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_file_buttons.vue b/app/assets/javascripts/repo/components/repo_file_buttons.vue
new file mode 100644
index 00000000000..628d02ca704
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_file_buttons.vue
@@ -0,0 +1,42 @@
+<script>
+import Store from '../stores/repo_store';
+import Helper from '../helpers/repo_helper';
+import RepoMixin from '../mixins/repo_mixin';
+
+const RepoFileButtons = {
+  data: () => Store,
+
+  mixins: [RepoMixin],
+
+  computed: {
+
+    rawDownloadButtonLabel() {
+      return this.binary ? 'Download' : 'Raw';
+    },
+
+    canPreview() {
+      return Helper.isKindaBinary();
+    },
+  },
+
+  methods: {
+    rawPreviewToggle: Store.toggleRawPreview,
+  },
+};
+
+export default RepoFileButtons;
+</script>
+
+<template>
+<div id="repo-file-buttons" v-if="isMini">
+  <a :href="activeFile.raw_path" target="_blank" class="btn btn-default raw" rel="noopener noreferrer">{{rawDownloadButtonLabel}}</a>
+
+  <div class="btn-group" role="group" aria-label="File actions">
+    <a :href="activeFile.blame_path" class="btn btn-default blame">Blame</a>
+    <a :href="activeFile.commits_path" class="btn btn-default history">History</a>
+    <a :href="activeFile.permalink" class="btn btn-default permalink">Permalink</a>
+  </div>
+
+  <a href="#" v-if="canPreview" @click.prevent="rawPreviewToggle" class="btn btn-default preview">{{activeFileLabel}}</a>
+</div>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_file_options.vue b/app/assets/javascripts/repo/components/repo_file_options.vue
new file mode 100644
index 00000000000..ba53ce0eecc
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_file_options.vue
@@ -0,0 +1,25 @@
+<script>
+const RepoFileOptions = {
+  props: {
+    isMini: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+    projectName: {
+      type: String,
+      required: true,
+    },
+  },
+};
+
+export default RepoFileOptions;
+</script>
+
+<template>
+<tr v-if="isMini" class="repo-file-options">
+    <td>
+      <span class="title">{{projectName}}</span>
+    </td>
+  </tr>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_loading_file.vue b/app/assets/javascripts/repo/components/repo_loading_file.vue
new file mode 100644
index 00000000000..38e9f16d041
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_loading_file.vue
@@ -0,0 +1,51 @@
+<script>
+const RepoLoadingFile = {
+  props: {
+    loading: {
+      type: Object,
+      required: false,
+      default: {},
+    },
+    hasFiles: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+    isMini: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+  },
+
+  methods: {
+    lineOfCode(n) {
+      return `line-of-code-${n}`;
+    },
+  },
+};
+
+export default RepoLoadingFile;
+</script>
+
+<template>
+<tr v-if="loading.tree && !hasFiles" class="loading-file">
+  <td>
+    <div class="animation-container animation-container-small">
+      <div v-for="n in 6" :class="lineOfCode(n)" :key="n"></div>
+    </div>
+  </td>
+
+  <td v-if="!isMini" class="hidden-sm hidden-xs">
+    <div class="animation-container">
+      <div v-for="n in 6" :class="lineOfCode(n)" :key="n"></div>
+    </div>
+  </td>
+
+  <td v-if="!isMini" class="hidden-xs">
+    <div class="animation-container animation-container-small">
+      <div v-for="n in 6" :class="lineOfCode(n)" :key="n"></div>
+    </div>
+  </td>
+</tr>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_prev_directory.vue b/app/assets/javascripts/repo/components/repo_prev_directory.vue
new file mode 100644
index 00000000000..6a0d684052f
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_prev_directory.vue
@@ -0,0 +1,26 @@
+<script>
+const RepoPreviousDirectory = {
+  props: {
+    prevUrl: {
+      type: String,
+      required: true,
+    },
+  },
+
+  methods: {
+    linkClicked(file) {
+      this.$emit('linkclicked', file);
+    },
+  },
+};
+
+export default RepoPreviousDirectory;
+</script>
+
+<template>
+<tr class="prev-directory">
+  <td colspan="3">
+    <a :href="prevUrl" @click.prevent="linkClicked(prevUrl)">..</a>
+  </td>
+</tr>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_preview.vue b/app/assets/javascripts/repo/components/repo_preview.vue
new file mode 100644
index 00000000000..2200754cbef
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_preview.vue
@@ -0,0 +1,52 @@
+<script>
+import Store from '../stores/repo_store';
+
+export default {
+  data: () => Store,
+  mounted() {
+    this.highlightFile();
+  },
+  computed: {
+    html() {
+      return this.activeFile.html;
+    },
+  },
+
+  methods: {
+    highlightFile() {
+      $(this.$el).find('.file-content').syntaxHighlight();
+    },
+  },
+
+  watch: {
+    html() {
+      this.$nextTick(() => {
+        this.highlightFile();
+      });
+    },
+  },
+};
+</script>
+
+<template>
+<div>
+  <div
+    v-if="!activeFile.render_error"
+    v-html="activeFile.html">
+  </div>
+  <div
+    v-else-if="activeFile.tooLarge"
+    class="vertical-center render-error">
+    <p class="text-center">
+      The source could not be displayed because it is too large. You can <a :href="activeFile.raw_path">download</a> it instead.
+    </p>
+  </div>
+  <div
+    v-else
+    class="vertical-center render-error">
+    <p class="text-center">
+      The source could not be displayed because a rendering error occured. You can <a :href="activeFile.raw_path">download</a> it instead.
+    </p>
+  </div>
+</div>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_sidebar.vue b/app/assets/javascripts/repo/components/repo_sidebar.vue
new file mode 100644
index 00000000000..8e9499adf88
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_sidebar.vue
@@ -0,0 +1,100 @@
+<script>
+import Service from '../services/repo_service';
+import Helper from '../helpers/repo_helper';
+import Store from '../stores/repo_store';
+import RepoPreviousDirectory from './repo_prev_directory.vue';
+import RepoFileOptions from './repo_file_options.vue';
+import RepoFile from './repo_file.vue';
+import RepoLoadingFile from './repo_loading_file.vue';
+import RepoMixin from '../mixins/repo_mixin';
+
+export default {
+  mixins: [RepoMixin],
+  components: {
+    'repo-file-options': RepoFileOptions,
+    'repo-previous-directory': RepoPreviousDirectory,
+    'repo-file': RepoFile,
+    'repo-loading-file': RepoLoadingFile,
+  },
+
+  created() {
+    this.addPopEventListener();
+  },
+
+  data: () => Store,
+
+  methods: {
+    addPopEventListener() {
+      window.addEventListener('popstate', () => {
+        if (location.href.indexOf('#') > -1) return;
+        this.linkClicked({
+          url: location.href,
+        });
+      });
+    },
+
+    fileClicked(clickedFile) {
+      let file = clickedFile;
+
+      file.loading = true;
+      if (file.type === 'tree' && file.opened) {
+        file = Store.removeChildFilesOfTree(file);
+        file.loading = false;
+      } else {
+        Service.url = file.url;
+        Helper.getContent(file)
+          .then(() => {
+            file.loading = false;
+            Helper.scrollTabsRight();
+          })
+          .catch(Helper.loadingError);
+      }
+    },
+
+    goToPreviousDirectoryClicked(prevURL) {
+      Service.url = prevURL;
+      Helper.getContent(null)
+        .then(() => Helper.scrollTabsRight())
+        .catch(Helper.loadingError);
+    },
+  },
+};
+</script>
+
+<template>
+<div id="sidebar" :class="{'sidebar-mini' : isMini}">
+  <table class="table">
+    <thead v-if="!isMini">
+      <tr>
+        <th class="name">Name</th>
+        <th class="hidden-sm hidden-xs last-commit">Last Commit</th>
+        <th class="hidden-xs last-update">Last Update</th>
+      </tr>
+    </thead>
+    <tbody>
+      <repo-file-options
+        :is-mini="isMini"
+        :project-name="projectName"/>
+      <repo-previous-directory
+        v-if="isRoot"
+        :prev-url="prevURL"
+        @linkclicked="goToPreviousDirectoryClicked(prevURL)"/>
+      <repo-loading-file
+        v-for="n in 5"
+        :key="n"
+        :loading="loading"
+        :has-files="!!files.length"
+        :is-mini="isMini"/>
+      <repo-file
+        v-for="file in files"
+        :key="file.id"
+        :file="file"
+        :is-mini="isMini"
+        @linkclicked="fileClicked(file)"
+        :is-tree="isTree"
+        :has-files="!!files.length"
+        :active-file="activeFile"/>
+    </tbody>
+  </table>
+</div>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_tab.vue b/app/assets/javascripts/repo/components/repo_tab.vue
new file mode 100644
index 00000000000..caabf5d4b1b
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_tab.vue
@@ -0,0 +1,63 @@
+<script>
+import Store from '../stores/repo_store';
+
+const RepoTab = {
+  props: {
+    tab: {
+      type: Object,
+      required: true,
+    },
+  },
+
+  computed: {
+    closeLabel() {
+      if (this.tab.changed) {
+        return `${this.tab.name} changed`;
+      }
+      return `Close ${this.tab.name}`;
+    },
+    changedClass() {
+      const tabChangedObj = {
+        'fa-times': !this.tab.changed,
+        'fa-circle': this.tab.changed,
+      };
+      return tabChangedObj;
+    },
+  },
+
+  methods: {
+    tabClicked: Store.setActiveFiles,
+
+    closeTab(file) {
+      if (file.changed) return;
+      this.$emit('tabclosed', file);
+    },
+  },
+};
+
+export default RepoTab;
+</script>
+
+<template>
+<li>
+  <a
+    href="#0"
+    class="close"
+    @click.prevent="closeTab(tab)"
+    :aria-label="closeLabel">
+    <i
+      class="fa"
+      :class="changedClass"
+      aria-hidden="true">
+    </i>
+  </a>
+
+  <a
+    href="#"
+    class="repo-tab"
+    :title="tab.url"
+    @click.prevent="tabClicked(tab)">
+    {{tab.name}}
+  </a>
+</li>
+</template>
diff --git a/app/assets/javascripts/repo/components/repo_tabs.vue b/app/assets/javascripts/repo/components/repo_tabs.vue
new file mode 100644
index 00000000000..841aa689594
--- /dev/null
+++ b/app/assets/javascripts/repo/components/repo_tabs.vue
@@ -0,0 +1,37 @@
+<script>
+import Store from '../stores/repo_store';
+import RepoTab from './repo_tab.vue';
+import RepoMixin from '../mixins/repo_mixin';
+
+const RepoTabs = {
+  mixins: [RepoMixin],
+
+  components: {
+    'repo-tab': RepoTab,
+  },
+
+  data: () => Store,
+
+  methods: {
+    tabClosed(file) {
+      Store.removeFromOpenedFiles(file);
+    },
+  },
+};
+
+export default RepoTabs;
+</script>
+
+<template>
+<ul id="tabs"
+    v-if="isMini">
+  <repo-tab
+    v-for="tab in openedFiles"
+    :key="tab.id"
+    :tab="tab"
+    :class="{'active' : tab.active}"
+    @tabclosed="tabClosed"
+  />
+  <li class="tabs-divider" />
+</ul>
+</template>
diff --git a/app/assets/javascripts/repo/helpers/monaco_loader_helper.js b/app/assets/javascripts/repo/helpers/monaco_loader_helper.js
new file mode 100644
index 00000000000..c1a0e80f8f3
--- /dev/null
+++ b/app/assets/javascripts/repo/helpers/monaco_loader_helper.js
@@ -0,0 +1,24 @@
+/* global monaco */
+import RepoEditor from '../components/repo_editor.vue';
+import Store from '../stores/repo_store';
+import monacoLoader from '../monaco_loader';
+
+function repoEditorLoader() {
+  Store.monacoLoading = true;
+  return new Promise((resolve, reject) => {
+    monacoLoader(['vs/editor/editor.main'], () => {
+      Store.monaco = monaco;
+      Store.monacoLoading = false;
+      resolve(RepoEditor);
+    }, () => {
+      Store.monacoLoading = false;
+      reject();
+    });
+  });
+}
+
+const MonacoLoaderHelper = {
+  repoEditorLoader,
+};
+
+export default MonacoLoaderHelper;
diff --git a/app/assets/javascripts/repo/helpers/repo_helper.js b/app/assets/javascripts/repo/helpers/repo_helper.js
new file mode 100644
index 00000000000..03d5e69af0f
--- /dev/null
+++ b/app/assets/javascripts/repo/helpers/repo_helper.js
@@ -0,0 +1,300 @@
+/* global Flash */
+import Service from '../services/repo_service';
+import Store from '../stores/repo_store';
+import '../../flash';
+
+const RepoHelper = {
+  getDefaultActiveFile() {
+    return {
+      active: true,
+      binary: false,
+      extension: '',
+      html: '',
+      mime_type: '',
+      name: '',
+      plain: '',
+      size: 0,
+      url: '',
+      raw: false,
+      newContent: '',
+      changed: false,
+      loading: false,
+    };
+  },
+
+  key: '',
+
+  isTree(data) {
+    return Object.hasOwnProperty.call(data, 'blobs');
+  },
+
+  Time: window.performance
+  && window.performance.now
+  ? window.performance
+  : Date,
+
+  getFileExtension(fileName) {
+    return fileName.split('.').pop();
+  },
+
+  getBranch() {
+    return $('button.dropdown-menu-toggle').attr('data-ref');
+  },
+
+  getLanguageIDForFile(file, langs) {
+    const ext = RepoHelper.getFileExtension(file.name);
+    const foundLang = RepoHelper.findLanguage(ext, langs);
+
+    return foundLang ? foundLang.id : 'plaintext';
+  },
+
+  getFilePathFromFullPath(fullPath, branch) {
+    return fullPath.split(`${Store.projectUrl}/blob/${branch}`)[1];
+  },
+
+  findLanguage(ext, langs) {
+    return langs.find(lang => lang.extensions && lang.extensions.indexOf(`.${ext}`) > -1);
+  },
+
+  setDirectoryOpen(tree) {
+    const file = tree;
+    if (!file) return undefined;
+
+    file.opened = true;
+    file.icon = 'fa-folder-open';
+    RepoHelper.updateHistoryEntry(file.url, file.name);
+    return file;
+  },
+
+  isKindaBinary() {
+    const okExts = ['md', 'svg'];
+    return okExts.indexOf(Store.activeFile.extension) > -1;
+  },
+
+  setBinaryDataAsBase64(file) {
+    Service.getBase64Content(file.raw_path)
+    .then((response) => {
+      Store.blobRaw = response;
+      file.base64 = response; // eslint-disable-line no-param-reassign
+    })
+    .catch(RepoHelper.loadingError);
+  },
+
+  toggleFakeTab(loading, file) {
+    if (loading) return Store.addPlaceholderFile();
+    return Store.removeFromOpenedFiles(file);
+  },
+
+  setLoading(loading, file) {
+    if (Service.url.indexOf('blob') > -1) {
+      Store.loading.blob = loading;
+      return RepoHelper.toggleFakeTab(loading, file);
+    }
+
+    if (Service.url.indexOf('tree') > -1) Store.loading.tree = loading;
+
+    return undefined;
+  },
+
+  getNewMergedList(inDirectory, currentList, newList) {
+    const newListSorted = newList.sort(this.compareFilesCaseInsensitive);
+    if (!inDirectory) return newListSorted;
+    const indexOfFile = currentList.findIndex(file => file.url === inDirectory.url);
+    if (!indexOfFile) return newListSorted;
+    return RepoHelper.mergeNewListToOldList(newListSorted, currentList, inDirectory, indexOfFile);
+  },
+
+  mergeNewListToOldList(newList, oldList, inDirectory, indexOfFile) {
+    newList.reverse().forEach((newFile) => {
+      const fileIndex = indexOfFile + 1;
+      const file = newFile;
+      file.level = inDirectory.level + 1;
+      oldList.splice(fileIndex, 0, file);
+    });
+
+    return oldList;
+  },
+
+  compareFilesCaseInsensitive(a, b) {
+    const aName = a.name.toLowerCase();
+    const bName = b.name.toLowerCase();
+    if (a.level > 0) return 0;
+    if (aName < bName) { return -1; }
+    if (aName > bName) { return 1; }
+    return 0;
+  },
+
+  isRoot(url) {
+    // the url we are requesting -> split by the project URL. Grab the right side.
+    const isRoot = !!url.split(Store.projectUrl)[1]
+    // remove the first "/"
+    .slice(1)
+    // split this by "/"
+    .split('/')
+    // remove the first two items of the array... usually /tree/master.
+    .slice(2)
+    // we want to know the length of the array.
+    // If greater than 0 not root.
+    .length;
+    return isRoot;
+  },
+
+  getContent(treeOrFile) {
+    let file = treeOrFile;
+    // const loadingData = RepoHelper.setLoading(true);
+    return Service.getContent()
+    .then((response) => {
+      const data = response.data;
+      // RepoHelper.setLoading(false, loadingData);
+      Store.isTree = RepoHelper.isTree(data);
+      if (!Store.isTree) {
+        if (!file) file = data;
+        Store.binary = data.binary;
+
+        if (data.binary) {
+          // file might be undefined
+          RepoHelper.setBinaryDataAsBase64(data);
+          Store.setViewToPreview();
+        } else if (!Store.isPreviewView()) {
+          if (!data.render_error) {
+            Service.getRaw(data.raw_path)
+            .then((rawResponse) => {
+              Store.blobRaw = rawResponse.data;
+              data.plain = rawResponse.data;
+              RepoHelper.setFile(data, file);
+            }).catch(RepoHelper.loadingError);
+          }
+        }
+
+        if (Store.isPreviewView()) {
+          RepoHelper.setFile(data, file);
+        }
+
+        // if the file tree is empty
+        if (Store.files.length === 0) {
+          const parentURL = Service.blobURLtoParentTree(Service.url);
+          Service.url = parentURL;
+          RepoHelper.getContent();
+        }
+      } else {
+        // it's a tree
+        if (!file) Store.isRoot = RepoHelper.isRoot(Service.url);
+        file = RepoHelper.setDirectoryOpen(file);
+        const newDirectory = RepoHelper.dataToListOfFiles(data);
+        Store.addFilesToDirectory(file, Store.files, newDirectory);
+        Store.prevURL = Service.blobURLtoParentTree(Service.url);
+      }
+    }).catch(RepoHelper.loadingError);
+  },
+
+  setFile(data, file) {
+    const newFile = data;
+
+    newFile.url = file.url;
+    if (newFile.render_error === 'too_large' || newFile.render_error === 'collapsed') {
+      newFile.tooLarge = true;
+    }
+    newFile.newContent = '';
+
+    Store.addToOpenedFiles(newFile);
+    Store.setActiveFiles(newFile);
+  },
+
+  serializeBlob(blob) {
+    const simpleBlob = RepoHelper.serializeRepoEntity('blob', blob);
+    simpleBlob.lastCommitMessage = blob.last_commit.message;
+    simpleBlob.lastCommitUpdate = blob.last_commit.committed_date;
+    simpleBlob.loading = false;
+
+    return simpleBlob;
+  },
+
+  serializeTree(tree) {
+    return RepoHelper.serializeRepoEntity('tree', tree);
+  },
+
+  serializeSubmodule(submodule) {
+    return RepoHelper.serializeRepoEntity('submodule', submodule);
+  },
+
+  serializeRepoEntity(type, entity) {
+    const { url, name, icon, last_commit } = entity;
+    const returnObj = {
+      type,
+      name,
+      url,
+      icon: `fa-${icon}`,
+      level: 0,
+      loading: false,
+    };
+
+    if (entity.last_commit) {
+      returnObj.lastCommitUrl = `${Store.projectUrl}/commit/${last_commit.id}`;
+    } else {
+      returnObj.lastCommitUrl = '';
+    }
+    return returnObj;
+  },
+
+  scrollTabsRight() {
+    // wait for the transition. 0.1 seconds.
+    setTimeout(() => {
+      const tabs = document.getElementById('tabs');
+      if (!tabs) return;
+      tabs.scrollLeft = tabs.scrollWidth;
+    }, 200);
+  },
+
+  dataToListOfFiles(data) {
+    const a = [];
+
+    // push in blobs
+    data.blobs.forEach((blob) => {
+      a.push(RepoHelper.serializeBlob(blob));
+    });
+
+    data.trees.forEach((tree) => {
+      a.push(RepoHelper.serializeTree(tree));
+    });
+
+    data.submodules.forEach((submodule) => {
+      a.push(RepoHelper.serializeSubmodule(submodule));
+    });
+
+    return a;
+  },
+
+  genKey() {
+    return RepoHelper.Time.now().toFixed(3);
+  },
+
+  getStateKey() {
+    return RepoHelper.key;
+  },
+
+  setStateKey(key) {
+    RepoHelper.key = key;
+  },
+
+  updateHistoryEntry(url, title) {
+    const history = window.history;
+
+    RepoHelper.key = RepoHelper.genKey();
+
+    history.pushState({ key: RepoHelper.key }, '', url);
+
+    if (title) {
+      document.title = `${title} · GitLab`;
+    }
+  },
+
+  findOpenedFileFromActive() {
+    return Store.openedFiles.find(openedFile => Store.activeFile.url === openedFile.url);
+  },
+
+  loadingError() {
+    Flash('Unable to load the file at this time.');
+  },
+};
+
+export default RepoHelper;
diff --git a/app/assets/javascripts/repo/index.js b/app/assets/javascripts/repo/index.js
new file mode 100644
index 00000000000..530aec3021a
--- /dev/null
+++ b/app/assets/javascripts/repo/index.js
@@ -0,0 +1,76 @@
+import $ from 'jquery';
+import Vue from 'vue';
+import Service from './services/repo_service';
+import Store from './stores/repo_store';
+import Repo from './components/repo.vue';
+import RepoEditButton from './components/repo_edit_button.vue';
+import Translate from '../vue_shared/translate';
+
+function initDropdowns() {
+  $('.js-tree-ref-target-holder').hide();
+}
+
+function addEventsForNonVueEls() {
+  $(document).on('change', '.dropdown', () => {
+    Store.targetBranch = $('.project-refs-target-form input[name="ref"]').val();
+  });
+
+  window.onbeforeunload = function confirmUnload(e) {
+    const hasChanged = Store.openedFiles
+      .some(file => file.changed);
+    if (!hasChanged) return undefined;
+    const event = e || window.event;
+    if (event) event.returnValue = 'Are you sure you want to lose unsaved changes?';
+    // For Safari
+    return 'Are you sure you want to lose unsaved changes?';
+  };
+}
+
+function setInitialStore(data) {
+  Store.service = Service;
+  Store.service.url = data.url;
+  Store.service.refsUrl = data.refsUrl;
+  Store.projectId = data.projectId;
+  Store.projectName = data.projectName;
+  Store.projectUrl = data.projectUrl;
+  Store.currentBranch = $('button.dropdown-menu-toggle').attr('data-ref');
+  Store.checkIsCommitable();
+}
+
+function initRepo(el) {
+  return new Vue({
+    el,
+    components: {
+      repo: Repo,
+    },
+    render(createElement) {
+      return createElement('repo');
+    },
+  });
+}
+
+function initRepoEditButton(el) {
+  return new Vue({
+    el,
+    components: {
+      repoEditButton: RepoEditButton,
+    },
+  });
+}
+
+function initRepoBundle() {
+  const repo = document.getElementById('repo');
+  const editButton = document.querySelector('.editable-mode');
+  setInitialStore(repo.dataset);
+  addEventsForNonVueEls();
+  initDropdowns();
+
+  Vue.use(Translate);
+
+  initRepo(repo);
+  initRepoEditButton(editButton);
+}
+
+$(initRepoBundle);
+
+export default initRepoBundle;
diff --git a/app/assets/javascripts/repo/mixins/repo_mixin.js b/app/assets/javascripts/repo/mixins/repo_mixin.js
new file mode 100644
index 00000000000..c8e8238a0d3
--- /dev/null
+++ b/app/assets/javascripts/repo/mixins/repo_mixin.js
@@ -0,0 +1,17 @@
+import Store from '../stores/repo_store';
+
+const RepoMixin = {
+  computed: {
+    isMini() {
+      return !!Store.openedFiles.length;
+    },
+
+    changedFiles() {
+      const changedFileList = this.openedFiles
+      .filter(file => file.changed);
+      return changedFileList;
+    },
+  },
+};
+
+export default RepoMixin;
diff --git a/app/assets/javascripts/repo/monaco_loader.js b/app/assets/javascripts/repo/monaco_loader.js
new file mode 100644
index 00000000000..ad1370a7730
--- /dev/null
+++ b/app/assets/javascripts/repo/monaco_loader.js
@@ -0,0 +1,13 @@
+/* eslint-disable no-underscore-dangle, camelcase */
+/* global __webpack_public_path__ */
+
+import monacoContext from 'monaco-editor/dev/vs/loader';
+
+monacoContext.require.config({
+  paths: {
+    vs: `${__webpack_public_path__}monaco-editor/vs`,
+  },
+});
+
+window.__monaco_context__ = monacoContext;
+export default monacoContext.require;
diff --git a/app/assets/javascripts/repo/services/repo_service.js b/app/assets/javascripts/repo/services/repo_service.js
new file mode 100644
index 00000000000..fbc24062140
--- /dev/null
+++ b/app/assets/javascripts/repo/services/repo_service.js
@@ -0,0 +1,86 @@
+/* global Flash */
+import axios from 'axios';
+import Store from '../stores/repo_store';
+import Api from '../../api';
+import Helper from '../helpers/repo_helper';
+
+const RepoService = {
+  url: '',
+  options: {
+    params: {
+      format: 'json',
+    },
+  },
+  richExtensionRegExp: /md/,
+
+  checkCurrentBranchIsCommitable() {
+    const url = Store.service.refsUrl;
+    return axios.get(url, {
+      params: {
+        ref: Store.currentBranch,
+        search: Store.currentBranch,
+      },
+    });
+  },
+
+  getRaw(url) {
+    return axios.get(url, {
+      // Stop Axios from parsing a JSON file into a JS object
+      transformResponse: [res => res],
+    });
+  },
+
+  buildParams(url = this.url) {
+    // shallow clone object without reference
+    const params = Object.assign({}, this.options.params);
+
+    if (this.urlIsRichBlob(url)) params.viewer = 'rich';
+
+    return params;
+  },
+
+  urlIsRichBlob(url = this.url) {
+    const extension = Helper.getFileExtension(url);
+
+    return this.richExtensionRegExp.test(extension);
+  },
+
+  getContent(url = this.url) {
+    const params = this.buildParams(url);
+
+    return axios.get(url, {
+      params,
+    });
+  },
+
+  getBase64Content(url = this.url) {
+    const request = axios.get(url, {
+      responseType: 'arraybuffer',
+    });
+
+    return request.then(response => this.bufferToBase64(response.data));
+  },
+
+  bufferToBase64(data) {
+    return new Buffer(data, 'binary').toString('base64');
+  },
+
+  blobURLtoParentTree(url) {
+    const urlArray = url.split('/');
+    urlArray.pop();
+    const blobIndex = urlArray.lastIndexOf('blob');
+
+    if (blobIndex > -1) urlArray[blobIndex] = 'tree';
+
+    return urlArray.join('/');
+  },
+
+  commitFiles(payload, cb) {
+    Api.commitMultiple(Store.projectId, payload, (data) => {
+      Flash(`Your changes have been committed. Commit ${data.short_id} with ${data.stats.additions} additions, ${data.stats.deletions} deletions.`, 'notice');
+      cb();
+    });
+  },
+};
+
+export default RepoService;
diff --git a/app/assets/javascripts/repo/stores/repo_store.js b/app/assets/javascripts/repo/stores/repo_store.js
new file mode 100644
index 00000000000..73b4e1b3c14
--- /dev/null
+++ b/app/assets/javascripts/repo/stores/repo_store.js
@@ -0,0 +1,225 @@
+/* global Flash */
+import Helper from '../helpers/repo_helper';
+import Service from '../services/repo_service';
+
+const RepoStore = {
+  monaco: {},
+  monacoLoading: false,
+  monacoInstance: {},
+  service: '',
+  editMode: false,
+  isTree: false,
+  isRoot: false,
+  prevURL: '',
+  projectId: '',
+  projectName: '',
+  projectUrl: '',
+  blobRaw: '',
+  currentBlobView: 'repo-preview',
+  openedFiles: [],
+  submitCommitsLoading: false,
+  dialog: {
+    open: false,
+    title: '',
+    status: false,
+  },
+  activeFile: Helper.getDefaultActiveFile(),
+  activeFileIndex: 0,
+  activeLine: 0,
+  activeFileLabel: 'Raw',
+  files: [],
+  isCommitable: false,
+  binary: false,
+  currentBranch: '',
+  targetBranch: 'new-branch',
+  commitMessage: '',
+  binaryTypes: {
+    png: false,
+    md: false,
+    svg: false,
+    unknown: false,
+  },
+  loading: {
+    tree: false,
+    blob: false,
+  },
+
+  resetBinaryTypes() {
+    Object.keys(RepoStore.binaryTypes).forEach((key) => {
+      RepoStore.binaryTypes[key] = false;
+    });
+  },
+
+  // mutations
+  checkIsCommitable() {
+    RepoStore.service.checkCurrentBranchIsCommitable()
+      .then((data) => {
+        // you shouldn't be able to make commits on commits or tags.
+        const { Branches, Commits, Tags } = data.data;
+        if (Branches && Branches.length) RepoStore.isCommitable = true;
+        if (Commits && Commits.length) RepoStore.isCommitable = false;
+        if (Tags && Tags.length) RepoStore.isCommitable = false;
+      }).catch(() => Flash('Failed to check if branch can be committed to.'));
+  },
+
+  addFilesToDirectory(inDirectory, currentList, newList) {
+    RepoStore.files = Helper.getNewMergedList(inDirectory, currentList, newList);
+  },
+
+  toggleRawPreview() {
+    RepoStore.activeFile.raw = !RepoStore.activeFile.raw;
+    RepoStore.activeFileLabel = RepoStore.activeFile.raw ? 'Display rendered file' : 'Display source';
+  },
+
+  setActiveFiles(file) {
+    if (RepoStore.isActiveFile(file)) return;
+    RepoStore.openedFiles = RepoStore.openedFiles
+      .map((openedFile, i) => RepoStore.setFileActivity(file, openedFile, i));
+
+    RepoStore.setActiveToRaw();
+
+    if (file.binary) {
+      RepoStore.blobRaw = file.base64;
+    } else if (file.newContent || file.plain) {
+      RepoStore.blobRaw = file.newContent || file.plain;
+    } else {
+      Service.getRaw(file.raw_path)
+        .then((rawResponse) => {
+          RepoStore.blobRaw = rawResponse.data;
+          Helper.findOpenedFileFromActive().plain = rawResponse.data;
+        }).catch(Helper.loadingError);
+    }
+
+    if (!file.loading) Helper.updateHistoryEntry(file.url, file.name);
+    RepoStore.binary = file.binary;
+  },
+
+  setFileActivity(file, openedFile, i) {
+    const activeFile = openedFile;
+    activeFile.active = file.url === activeFile.url;
+
+    if (activeFile.active) RepoStore.setActiveFile(activeFile, i);
+
+    return activeFile;
+  },
+
+  setActiveFile(activeFile, i) {
+    RepoStore.activeFile = Object.assign({}, RepoStore.activeFile, activeFile);
+    RepoStore.activeFileIndex = i;
+  },
+
+  setActiveToRaw() {
+    RepoStore.activeFile.raw = false;
+    // can't get vue to listen to raw for some reason so RepoStore for now.
+    RepoStore.activeFileLabel = 'Display source';
+  },
+
+  removeChildFilesOfTree(tree) {
+    let foundTree = false;
+    const treeToClose = tree;
+    let wereDone = false;
+    RepoStore.files = RepoStore.files.filter((file) => {
+      const isItTheTreeWeWant = file.url === treeToClose.url;
+      // if it's the next tree
+      if (foundTree && file.type === 'tree' && !isItTheTreeWeWant && file.level === treeToClose.level) {
+        wereDone = true;
+        return true;
+      }
+      if (wereDone) return true;
+
+      if (isItTheTreeWeWant) foundTree = true;
+
+      if (foundTree) return file.level <= treeToClose.level;
+      return true;
+    });
+
+    treeToClose.opened = false;
+    treeToClose.icon = 'fa-folder';
+    return treeToClose;
+  },
+
+  removeFromOpenedFiles(file) {
+    if (file.type === 'tree') return;
+    let foundIndex;
+    RepoStore.openedFiles = RepoStore.openedFiles.filter((openedFile, i) => {
+      if (openedFile.url === file.url) foundIndex = i;
+      return openedFile.url !== file.url;
+    });
+
+    // now activate the right tab based on what you closed.
+    if (RepoStore.openedFiles.length === 0) {
+      RepoStore.activeFile = {};
+      return;
+    }
+
+    if (RepoStore.openedFiles.length === 1 || foundIndex === 0) {
+      RepoStore.setActiveFiles(RepoStore.openedFiles[0]);
+      return;
+    }
+
+    if (foundIndex) {
+      if (foundIndex > 0) {
+        RepoStore.setActiveFiles(RepoStore.openedFiles[foundIndex - 1]);
+      }
+    }
+  },
+
+  addPlaceholderFile() {
+    const randomURL = Helper.Time.now();
+    const newFakeFile = {
+      active: false,
+      binary: true,
+      type: 'blob',
+      loading: true,
+      mime_type: 'loading',
+      name: 'loading',
+      url: randomURL,
+      fake: true,
+    };
+
+    RepoStore.openedFiles.push(newFakeFile);
+
+    return newFakeFile;
+  },
+
+  addToOpenedFiles(file) {
+    const openFile = file;
+
+    const openedFilesAlreadyExists = RepoStore.openedFiles
+      .some(openedFile => openedFile.url === openFile.url);
+
+    if (openedFilesAlreadyExists) return;
+
+    openFile.changed = false;
+    RepoStore.openedFiles.push(openFile);
+  },
+
+  setActiveFileContents(contents) {
+    if (!RepoStore.editMode) return;
+    const currentFile = RepoStore.openedFiles[RepoStore.activeFileIndex];
+    RepoStore.activeFile.newContent = contents;
+    RepoStore.activeFile.changed = RepoStore.activeFile.plain !== RepoStore.activeFile.newContent;
+    currentFile.changed = RepoStore.activeFile.changed;
+    currentFile.newContent = contents;
+  },
+
+  toggleBlobView() {
+    RepoStore.currentBlobView = RepoStore.isPreviewView() ? 'repo-editor' : 'repo-preview';
+  },
+
+  setViewToPreview() {
+    RepoStore.currentBlobView = 'repo-preview';
+  },
+
+  // getters
+
+  isActiveFile(file) {
+    return file && file.url === RepoStore.activeFile.url;
+  },
+
+  isPreviewView() {
+    return RepoStore.currentBlobView === 'repo-preview';
+  },
+};
+
+export default RepoStore;
diff --git a/app/assets/javascripts/sidebar/components/confidential/confidential_issue_sidebar.vue b/app/assets/javascripts/sidebar/components/confidential/confidential_issue_sidebar.vue
index 422c02c7b7e..cfacba09fad 100644
--- a/app/assets/javascripts/sidebar/components/confidential/confidential_issue_sidebar.vue
+++ b/app/assets/javascripts/sidebar/components/confidential/confidential_issue_sidebar.vue
@@ -71,7 +71,7 @@ export default {
       />
       <div v-if="!isConfidential" class="no-value confidential-value">
         <i class="fa fa-eye is-not-confidential"></i>
-        None
+        This issue is not confidential
       </div>
       <div v-else class="value confidential-value hide-collapsed">
         <i aria-hidden="true" data-hidden="true" class="fa fa-eye-slash is-confidential"></i>
diff --git a/app/assets/javascripts/sidebar_height_manager.js b/app/assets/javascripts/sidebar_height_manager.js
index df19d7305f8..2752fe2b911 100644
--- a/app/assets/javascripts/sidebar_height_manager.js
+++ b/app/assets/javascripts/sidebar_height_manager.js
@@ -1,8 +1,11 @@
 import _ from 'underscore';
+import Cookies from 'js-cookie';
 
 export default {
   init() {
     if (!this.initialized) {
+      if (Cookies.get('new_nav') === 'true' && $('.js-issuable-sidebar').length) return;
+
       this.$window = $(window);
       this.$rightSidebar = $('.js-right-sidebar');
       this.$navHeight = $('.navbar-gitlab').outerHeight() +
diff --git a/app/assets/javascripts/test_utils/index.js b/app/assets/javascripts/test_utils/index.js
index ef401abce2d..8875590f0f2 100644
--- a/app/assets/javascripts/test_utils/index.js
+++ b/app/assets/javascripts/test_utils/index.js
@@ -1,3 +1,5 @@
+import 'core-js/es6/map';
+import 'core-js/es6/set';
 import simulateDrag from './simulate_drag';
 
 // Export to global space for rspec to use
diff --git a/app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_locked.js b/app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_merging.js
index a12f418e1af..f6d1a4feeb2 100644
--- a/app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_locked.js
+++ b/app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_merging.js
@@ -1,7 +1,7 @@
 import statusIcon from '../mr_widget_status_icon';
 
 export default {
-  name: 'MRWidgetLocked',
+  name: 'MRWidgetMerging',
   props: {
     mr: { type: Object, required: true },
   },
@@ -13,7 +13,7 @@ export default {
       <status-icon status="loading" />
       <div class="media-body">
         <h4>
-          This merge request is in the process of being merged, during which time it is locked and cannot be closed
+          This merge request is in the process of being merged
         </h4>
         <section class="mr-info-list">
           <p>
diff --git a/app/assets/javascripts/vue_merge_request_widget/dependencies.js b/app/assets/javascripts/vue_merge_request_widget/dependencies.js
index 546a3f625c7..49340c232c8 100644
--- a/app/assets/javascripts/vue_merge_request_widget/dependencies.js
+++ b/app/assets/javascripts/vue_merge_request_widget/dependencies.js
@@ -19,7 +19,7 @@ export { default as WidgetRelatedLinks } from './components/mr_widget_related_li
 export { default as MergedState } from './components/states/mr_widget_merged';
 export { default as FailedToMerge } from './components/states/mr_widget_failed_to_merge';
 export { default as ClosedState } from './components/states/mr_widget_closed';
-export { default as LockedState } from './components/states/mr_widget_locked';
+export { default as MergingState } from './components/states/mr_widget_merging';
 export { default as WipState } from './components/states/mr_widget_wip';
 export { default as ArchivedState } from './components/states/mr_widget_archived';
 export { default as ConflictsState } from './components/states/mr_widget_conflicts';
diff --git a/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.js b/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.js
index 577d77f09a6..0042c48816f 100644
--- a/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.js
+++ b/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.js
@@ -8,7 +8,7 @@ import {
   WidgetRelatedLinks,
   MergedState,
   ClosedState,
-  LockedState,
+  MergingState,
   WipState,
   ArchivedState,
   ConflictsState,
@@ -212,7 +212,7 @@ export default {
     'mr-widget-related-links': WidgetRelatedLinks,
     'mr-widget-merged': MergedState,
     'mr-widget-closed': ClosedState,
-    'mr-widget-locked': LockedState,
+    'mr-widget-merging': MergingState,
     'mr-widget-failed-to-merge': FailedToMerge,
     'mr-widget-wip': WipState,
     'mr-widget-archived': ArchivedState,
diff --git a/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js b/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
index fddafb0ddfa..fbea764b739 100644
--- a/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
+++ b/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
@@ -73,6 +73,7 @@ export default class MergeRequestStore {
     this.canCancelAutomaticMerge = !!data.cancel_merge_when_pipeline_succeeds_path;
     this.hasSHAChanged = this.sha !== data.diff_head_sha;
     this.canBeMerged = data.can_be_merged || false;
+    this.mergeOngoing = data.merge_ongoing;
 
     // Cherry-pick and Revert actions related
     this.canCherryPickInCurrentMR = currentUser.can_cherry_pick_on_current_merge_request || false;
@@ -94,6 +95,11 @@ export default class MergeRequestStore {
   }
 
   setState(data) {
+    if (this.mergeOngoing) {
+      this.state = 'merging';
+      return;
+    }
+
     if (this.isOpen) {
       this.state = getStateKey.call(this, data);
     } else {
@@ -104,9 +110,6 @@ export default class MergeRequestStore {
         case 'closed':
           this.state = 'closed';
           break;
-        case 'locked':
-          this.state = 'locked';
-          break;
         default:
           this.state = null;
       }
diff --git a/app/assets/javascripts/vue_merge_request_widget/stores/state_maps.js b/app/assets/javascripts/vue_merge_request_widget/stores/state_maps.js
index 605dd3a1ff4..9074a064a6d 100644
--- a/app/assets/javascripts/vue_merge_request_widget/stores/state_maps.js
+++ b/app/assets/javascripts/vue_merge_request_widget/stores/state_maps.js
@@ -1,7 +1,7 @@
 const stateToComponentMap = {
   merged: 'mr-widget-merged',
   closed: 'mr-widget-closed',
-  locked: 'mr-widget-locked',
+  merging: 'mr-widget-merging',
   conflicts: 'mr-widget-conflicts',
   missingBranch: 'mr-widget-missing-branch',
   workInProgress: 'mr-widget-wip',
@@ -20,7 +20,7 @@ const stateToComponentMap = {
 };
 
 const statesToShowHelpWidget = [
-  'locked',
+  'merging',
   'conflicts',
   'workInProgress',
   'readyToMerge',
diff --git a/app/assets/javascripts/vue_shared/components/header_ci_component.vue b/app/assets/javascripts/vue_shared/components/header_ci_component.vue
index bdc059f4a03..d305bd6acdc 100644
--- a/app/assets/javascripts/vue_shared/components/header_ci_component.vue
+++ b/app/assets/javascripts/vue_shared/components/header_ci_component.vue
@@ -120,7 +120,7 @@ export default {
         </a>
 
         <a
-          v-if="action.type === 'ujs-link'"
+          v-else-if="action.type === 'ujs-link'"
           :href="action.path"
           data-method="post"
           rel="nofollow"
@@ -129,7 +129,7 @@ export default {
         </a>
 
         <button
-          v-else="action.type === 'button'"
+          v-else-if="action.type === 'button'"
           @click="onClickAction(action)"
           :disabled="action.isLoading"
           :class="action.cssClass"
diff --git a/app/assets/javascripts/vue_shared/components/popup_dialog.vue b/app/assets/javascripts/vue_shared/components/popup_dialog.vue
new file mode 100644
index 00000000000..87ae8d0c9f1
--- /dev/null
+++ b/app/assets/javascripts/vue_shared/components/popup_dialog.vue
@@ -0,0 +1,90 @@
+<script>
+export default {
+  name: 'popup-dialog',
+
+  props: {
+    open: {
+      type: Boolean,
+      required: true,
+    },
+    title: {
+      type: String,
+      required: true,
+    },
+    body: {
+      type: String,
+      required: true,
+    },
+    kind: {
+      type: String,
+      required: false,
+      default: 'primary',
+    },
+    closeButtonLabel: {
+      type: String,
+      required: false,
+      default: 'Cancel',
+    },
+    primaryButtonLabel: {
+      type: String,
+      required: true,
+    },
+  },
+
+  computed: {
+    btnKindClass() {
+      return {
+        [`btn-${this.kind}`]: true,
+      };
+    },
+  },
+
+  methods: {
+    close() {
+      this.$emit('toggle', false);
+    },
+    emitSubmit(status) {
+      this.$emit('submit', status);
+    },
+  },
+};
+</script>
+
+<template>
+<div
+  class="modal popup-dialog"
+  v-if="open"
+  role="dialog"
+  tabindex="-1">
+  <div class="modal-dialog" role="document">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button"
+          class="close"
+          @click="close"
+          aria-label="Close">
+          <span aria-hidden="true">&times;</span>
+        </button>
+        <h4 class="modal-title">{{this.title}}</h4>
+      </div>
+      <div class="modal-body">
+        <p>{{this.body}}</p>
+      </div>
+      <div class="modal-footer">
+        <button
+          type="button"
+          class="btn btn-default"
+          @click="emitSubmit(false)">
+            {{closeButtonLabel}}
+        </button>
+        <button type="button"
+          class="btn"
+          :class="btnKindClass"
+          @click="emitSubmit(true)">
+            {{primaryButtonLabel}}
+        </button>
+      </div>
+    </div>
+  </div>
+</div>
+</template>
diff --git a/app/assets/javascripts/wikis.js b/app/assets/javascripts/wikis.js
index 51ed2b4fd15..a0025ddb598 100644
--- a/app/assets/javascripts/wikis.js
+++ b/app/assets/javascripts/wikis.js
@@ -1,10 +1,7 @@
-/* global Breakpoints */
-
-import './breakpoints';
+import bp from './breakpoints';
 
 export default class Wikis {
   constructor() {
-    this.bp = Breakpoints.get();
     this.sidebarEl = document.querySelector('.js-wiki-sidebar');
     this.sidebarExpanded = false;
 
@@ -41,15 +38,15 @@ export default class Wikis {
     this.renderSidebar();
   }
 
-  sidebarCanCollapse() {
-    const bootstrapBreakpoint = this.bp.getBreakpointSize();
+  static sidebarCanCollapse() {
+    const bootstrapBreakpoint = bp.getBreakpointSize();
     return bootstrapBreakpoint === 'xs' || bootstrapBreakpoint === 'sm';
   }
 
   renderSidebar() {
     if (!this.sidebarEl) return;
     const { classList } = this.sidebarEl;
-    if (this.sidebarExpanded || !this.sidebarCanCollapse()) {
+    if (this.sidebarExpanded || !Wikis.sidebarCanCollapse()) {
       if (!classList.contains('right-sidebar-expanded')) {
         classList.remove('right-sidebar-collapsed');
         classList.add('right-sidebar-expanded');
diff --git a/app/assets/stylesheets/framework/common.scss b/app/assets/stylesheets/framework/common.scss
index 5e374360359..293aa194528 100644
--- a/app/assets/stylesheets/framework/common.scss
+++ b/app/assets/stylesheets/framework/common.scss
@@ -372,6 +372,10 @@ table {
   background: $gl-success !important;
 }
 
+.dz-message {
+  margin: 0;
+}
+
 .space-right {
   margin-right: 10px;
 }
diff --git a/app/assets/stylesheets/framework/dropdowns.scss b/app/assets/stylesheets/framework/dropdowns.scss
index 02e0ba74158..1bb04b59a2a 100644
--- a/app/assets/stylesheets/framework/dropdowns.scss
+++ b/app/assets/stylesheets/framework/dropdowns.scss
@@ -725,9 +725,9 @@
 }
 
 // TODO: change global style and remove mixin
-@mixin new-style-dropdown {
-  .dropdown-menu,
-  .dropdown-menu-nav {
+@mixin new-style-dropdown($selector: '') {
+  #{$selector}.dropdown-menu,
+  #{$selector}.dropdown-menu-nav {
     .divider {
       margin: 6px 0;
     }
@@ -773,7 +773,7 @@
     }
   }
 
-  .dropdown-menu-align-right {
+  #{$selector}.dropdown-menu-align-right {
     margin-top: 2px;
   }
 }
diff --git a/app/assets/stylesheets/framework/header.scss b/app/assets/stylesheets/framework/header.scss
index d9f92e93160..b677882eba4 100644
--- a/app/assets/stylesheets/framework/header.scss
+++ b/app/assets/stylesheets/framework/header.scss
@@ -26,7 +26,7 @@ header {
 
   &.navbar-gitlab {
     padding: 0 16px;
-    z-index: 2000;
+    z-index: 1000;
     margin-bottom: 0;
     min-height: $header-height;
     background-color: $gray-light;
diff --git a/app/assets/stylesheets/framework/highlight.scss b/app/assets/stylesheets/framework/highlight.scss
index 71d5949b023..c63114f85b4 100644
--- a/app/assets/stylesheets/framework/highlight.scss
+++ b/app/assets/stylesheets/framework/highlight.scss
@@ -47,7 +47,7 @@
       font-family: $monospace_font;
       display: block;
       font-size: $code_font_size !important;
-      line-height: 19px;
+      min-height: 19px;
       white-space: nowrap;
 
       i {
diff --git a/app/assets/stylesheets/framework/layout.scss b/app/assets/stylesheets/framework/layout.scss
index 0d8827bec11..bd0367f86dd 100644
--- a/app/assets/stylesheets/framework/layout.scss
+++ b/app/assets/stylesheets/framework/layout.scss
@@ -116,3 +116,13 @@ body {
 .with-performance-bar .page-with-sidebar {
   margin-top: $header-height + $performance-bar-height;
 }
+
+[v-cloak] {
+  display: none;
+}
+
+.vertical-center {
+  min-height: 100vh;
+  display: flex;
+  align-items: center;
+}
diff --git a/app/assets/stylesheets/framework/tw_bootstrap_variables.scss b/app/assets/stylesheets/framework/tw_bootstrap_variables.scss
index b666223b120..4c35e3a9c3c 100644
--- a/app/assets/stylesheets/framework/tw_bootstrap_variables.scss
+++ b/app/assets/stylesheets/framework/tw_bootstrap_variables.scss
@@ -162,3 +162,5 @@ $pre-color: $gl-text-color !default;
 $pre-border-color: $border-color;
 
 $table-bg-accent: $gray-light;
+
+$zindex-popover: 900;
diff --git a/app/assets/stylesheets/framework/typography.scss b/app/assets/stylesheets/framework/typography.scss
index bf5f124d142..96409b10b99 100644
--- a/app/assets/stylesheets/framework/typography.scss
+++ b/app/assets/stylesheets/framework/typography.scss
@@ -339,6 +339,8 @@ a > code {
   @extend .ref-name;
 }
 
+@include new-style-dropdown('.git-revision-dropdown');
+
 /**
  * Apply Markdown typography
  *
diff --git a/app/assets/stylesheets/framework/variables.scss b/app/assets/stylesheets/framework/variables.scss
index 7a1a89cd2f9..3c109a5a929 100644
--- a/app/assets/stylesheets/framework/variables.scss
+++ b/app/assets/stylesheets/framework/variables.scss
@@ -88,6 +88,7 @@ $indigo-950: #1a1a40;
 
 $black: #000;
 $black-transparent: rgba(0, 0, 0, 0.3);
+$almost-black: #242424;
 
 $border-white-light: darken($white-light, $darken-border-factor);
 $border-white-normal: darken($white-normal, $darken-border-factor);
@@ -619,6 +620,13 @@ $color-average-score: $orange-400;
 $color-low-score: $red-400;
 
 /*
+Repo editor
+*/
+$repo-editor-grey: #f6f7f9;
+$repo-editor-grey-darker: #e9ebee;
+$repo-editor-linear-gradient: linear-gradient(to right, $repo-editor-grey 0%, $repo-editor-grey-darker, 20%, $repo-editor-grey 40%, $repo-editor-grey 100%);
+
+/*
 Performance Bar
 */
 $perf-bar-text: #999;
diff --git a/app/assets/stylesheets/new_nav.scss b/app/assets/stylesheets/new_nav.scss
index 795ee91af8b..3e2f23e6b2a 100644
--- a/app/assets/stylesheets/new_nav.scss
+++ b/app/assets/stylesheets/new_nav.scss
@@ -403,6 +403,7 @@ header.navbar-gitlab-new {
 }
 
 .breadcrumbs-extra {
+  display: flex;
   flex: 0 0 auto;
   margin-left: auto;
 }
diff --git a/app/assets/stylesheets/new_sidebar.scss b/app/assets/stylesheets/new_sidebar.scss
index 76dccd2df56..faedd207e01 100644
--- a/app/assets/stylesheets/new_sidebar.scss
+++ b/app/assets/stylesheets/new_sidebar.scss
@@ -103,12 +103,16 @@ $new-sidebar-collapsed-width: 50px;
 
   &.sidebar-icons-only {
     width: $new-sidebar-collapsed-width;
+    overflow-x: hidden;
 
-    .nav-item-name,
     .badge,
     .project-title {
       display: none;
     }
+
+    .nav-item-name {
+      opacity: 0;
+    }
   }
 
   &.nav-sidebar-expanded {
@@ -182,7 +186,7 @@ $new-sidebar-collapsed-width: 50px;
 
   > li {
     a {
-      padding: 8px 16px 8px 50px;
+      padding: 8px 16px 8px 40px;
 
       &:hover,
       &:focus {
@@ -215,12 +219,15 @@ $new-sidebar-collapsed-width: 50px;
 
       &:hover {
         color: $gl-text-color;
+
+        svg {
+          fill: $gl-text-color;
+        }
       }
     }
 
-    &:not(.active) {
+    &.is-showing-fly-out {
       > a {
-        margin-left: 1px;
         margin-right: 2px;
       }
 
@@ -229,7 +236,7 @@ $new-sidebar-collapsed-width: 50px;
           position: fixed;
           top: 0;
           left: $new-sidebar-width;
-          width: 150px;
+          min-width: 150px;
           margin-top: -1px;
           padding: 8px 1px;
           background-color: $white-light;
@@ -243,31 +250,20 @@ $new-sidebar-collapsed-width: 50px;
             position: absolute;
             top: -30px;
             bottom: -30px;
-            left: 0;
+            left: -10px;
             right: -30px;
             z-index: -1;
           }
 
-          &::after {
-            content: "";
-            position: absolute;
-            top: 44px;
-            left: -30px;
-            right: 35px;
-            bottom: 0;
-            height: 100%;
-            max-height: 150px;
-            z-index: -1;
-            transform: skew(33deg);
-          }
-
           &.is-above {
             margin-top: 1px;
+          }
+
+          > .active {
+            box-shadow: none;
 
-            &::after {
-              top: auto;
-              bottom: 44px;
-              transform: skew(-30deg);
+            > a {
+              background-color: transparent;
             }
           }
 
@@ -294,6 +290,7 @@ $new-sidebar-collapsed-width: 50px;
 
       > a {
         margin-left: 4px;
+        padding-left: 12px;
       }
 
       .badge {
@@ -306,8 +303,7 @@ $new-sidebar-collapsed-width: 50px;
       }
     }
 
-    &:not(.active):hover > a,
-    > a:hover,
+    &.active > a:hover,
     &.is-over > a {
       background-color: $white-light;
     }
@@ -354,7 +350,7 @@ $new-sidebar-collapsed-width: 50px;
 
 .sidebar-icons-only {
   .context-header {
-    height: 60px;
+    height: 61px;
 
     a {
       padding: 10px 4px;
diff --git a/app/assets/stylesheets/pages/boards.scss b/app/assets/stylesheets/pages/boards.scss
index 6039cda96d8..e5b467a2691 100644
--- a/app/assets/stylesheets/pages/boards.scss
+++ b/app/assets/stylesheets/pages/boards.scss
@@ -165,6 +165,7 @@
 
     .board-title {
       padding-top: ($gl-padding - 3px);
+      padding-bottom: $gl-padding;
     }
   }
 }
@@ -178,6 +179,7 @@
   position: relative;
   margin: 0;
   padding: $gl-padding;
+  padding-bottom: ($gl-padding + 3px);
   font-size: 1em;
   border-bottom: 1px solid $border-color;
 }
diff --git a/app/assets/stylesheets/pages/commits.scss b/app/assets/stylesheets/pages/commits.scss
index cd9f2d787c5..46fbfe5f91e 100644
--- a/app/assets/stylesheets/pages/commits.scss
+++ b/app/assets/stylesheets/pages/commits.scss
@@ -286,6 +286,10 @@
 
 
 .gpg-status-box {
+  &:empty {
+    display: none;
+  }
+
   &.valid {
     @include green-status-color;
   }
diff --git a/app/assets/stylesheets/pages/diff.scss b/app/assets/stylesheets/pages/diff.scss
index da77346d8b2..913a1a95dca 100644
--- a/app/assets/stylesheets/pages/diff.scss
+++ b/app/assets/stylesheets/pages/diff.scss
@@ -560,9 +560,13 @@
 }
 
 .diff-files-changed {
+  .inline-parallel-buttons {
+    position: relative;
+    z-index: 1;
+  }
+
   .commit-stat-summary {
     @include new-style-dropdown;
-    z-index: -1;
 
     @media (min-width: $screen-sm-min) {
       margin-left: -$gl-padding;
@@ -574,10 +578,14 @@
   @media (min-width: $screen-sm-min) {
     position: -webkit-sticky;
     position: sticky;
-    top: 84px;
+    top: 34px;
     background-color: $white-light;
     z-index: 190;
 
+    &.diff-files-changed-merge-request {
+      top: 84px;
+    }
+
     + .files,
     + .alert {
       margin-top: 1px;
diff --git a/app/assets/stylesheets/pages/issuable.scss b/app/assets/stylesheets/pages/issuable.scss
index 7365f96d041..87eaf27663f 100644
--- a/app/assets/stylesheets/pages/issuable.scss
+++ b/app/assets/stylesheets/pages/issuable.scss
@@ -35,7 +35,7 @@
   .commit-box,
   .info-well,
   .commit-ci-menu,
-  .files-changed,
+  .files-changed-inner,
   .limited-header-width,
   .limited-width-notes {
     @extend .fixed-width-container;
diff --git a/app/assets/stylesheets/pages/note_form.scss b/app/assets/stylesheets/pages/note_form.scss
index c90642178fc..b4468d6d0a2 100644
--- a/app/assets/stylesheets/pages/note_form.scss
+++ b/app/assets/stylesheets/pages/note_form.scss
@@ -108,6 +108,7 @@
   background-color: $orange-50;
   border-radius: $border-radius-default $border-radius-default 0 0;
   border: 1px solid $border-gray-normal;
+  border-bottom: none;
   padding: 3px 12px;
   margin: auto;
   align-items: center;
@@ -132,22 +133,9 @@
   }
 }
 
-.not-confidential {
-  padding: 0;
-  border-top: none;
-}
-
-.right-sidebar-expanded {
-  .md-area {
-    border-radius: 0;
-    border-top: none;
-  }
-}
-
-.right-sidebar-collapsed {
-  .confidential-issue-warning {
-    border-bottom: none;
-  }
+.confidential-issue-warning + .md-area {
+  border-top-left-radius: 0;
+  border-top-right-radius: 0;
 }
 
 .discussion-form {
diff --git a/app/assets/stylesheets/pages/notes.scss b/app/assets/stylesheets/pages/notes.scss
index 2bb867052f6..0a194f3707f 100644
--- a/app/assets/stylesheets/pages/notes.scss
+++ b/app/assets/stylesheets/pages/notes.scss
@@ -453,7 +453,10 @@ ul.notes {
 }
 
 .note-actions {
+  align-self: flex-start;
   flex-shrink: 0;
+  display: inline-flex;
+  align-items: center;
   // For PhantomJS that does not support flex
   float: right;
   margin-left: 10px;
@@ -463,18 +466,12 @@ ul.notes {
     float: none;
     margin-left: 0;
   }
-
-  .note-action-button {
-    margin-left: 8px;
-  }
-
-  .more-actions-toggle {
-    margin-left: 2px;
-  }
 }
 
 .more-actions {
-  display: inline-block;
+  float: right; // phantomjs fallback
+  display: flex;
+  align-items: flex-end;
 
   .tooltip {
     white-space: nowrap;
@@ -482,16 +479,10 @@ ul.notes {
 }
 
 .more-actions-toggle {
-  padding: 0;
-
   &:hover .icon,
   &:focus .icon {
     color: $blue-600;
   }
-
-  .icon {
-    padding: 0 6px;
-  }
 }
 
 .more-actions-dropdown {
@@ -519,28 +510,42 @@ ul.notes {
   @include notes-media('max', $screen-md-max) {
     float: none;
     margin-left: 0;
+  }
+}
 
-    .note-action-button {
-      margin-left: 0;
-    }
+.note-actions-item {
+  margin-left: 15px;
+  display: flex;
+  align-items: center;
+
+  &.more-actions {
+    // compensate for narrow icon
+    margin-left: 10px;
   }
 }
 
 .note-action-button {
-  display: inline;
-  line-height: 20px;
+  line-height: 1;
+  padding: 0;
+  min-width: 16px;
+  color: $gray-darkest;
 
   .fa {
-    color: $gray-darkest;
     position: relative;
-    font-size: 17px;
+    font-size: 16px;
   }
 
+
+
   svg {
     height: 16px;
     width: 16px;
-    fill: $gray-darkest;
+    top: 0;
     vertical-align: text-top;
+
+    path {
+      fill: currentColor;
+    }
   }
 
   .award-control-icon-positive,
@@ -613,10 +618,7 @@ ul.notes {
 
 .note-role {
   position: relative;
-  top: -2px;
-  display: inline-block;
-  padding-left: 7px;
-  padding-right: 7px;
+  padding: 0 7px;
   color: $notes-role-color;
   font-size: 12px;
   line-height: 20px;
diff --git a/app/assets/stylesheets/pages/pipelines.scss b/app/assets/stylesheets/pages/pipelines.scss
index 6185342b495..85d1905ad40 100644
--- a/app/assets/stylesheets/pages/pipelines.scss
+++ b/app/assets/stylesheets/pages/pipelines.scss
@@ -824,6 +824,7 @@ button.mini-pipeline-graph-dropdown-toggle {
  * Top arrow in the dropdown in the mini pipeline graph
  */
 .mini-pipeline-graph-dropdown-menu {
+  z-index: 200;
 
   &::before,
   &::after {
diff --git a/app/assets/stylesheets/pages/projects.scss b/app/assets/stylesheets/pages/projects.scss
index 276465488e7..d01326637ea 100644
--- a/app/assets/stylesheets/pages/projects.scss
+++ b/app/assets/stylesheets/pages/projects.scss
@@ -566,14 +566,14 @@ a.deploy-project-label {
     &::before {
       content: "OR";
       position: absolute;
-      left: 0;
-      top: 40%;
+      left: -10px;
+      top: 50%;
       z-index: 10;
       padding: 8px 0;
       text-align: center;
       background-color: $white-light;
       color: $gl-text-color-tertiary;
-      transform: translateX(-50%);
+      transform: translateY(-50%);
       font-size: 12px;
       font-weight: bold;
       line-height: 20px;
@@ -581,8 +581,8 @@ a.deploy-project-label {
       // Mobile
       @media (max-width: $screen-xs-max) {
         left: 50%;
-        top: 10px;
-        transform: translateY(-50%);
+        top: 0;
+        transform: translateX(-50%);
         padding: 0 8px;
       }
     }
diff --git a/app/assets/stylesheets/pages/repo.scss b/app/assets/stylesheets/pages/repo.scss
new file mode 100644
index 00000000000..5ffd5a08216
--- /dev/null
+++ b/app/assets/stylesheets/pages/repo.scss
@@ -0,0 +1,407 @@
+.fade-enter-active,
+.fade-leave-active {
+  transition: opacity .5s;
+}
+
+.monaco-loader {
+  position: absolute;
+  top: 0;
+  left: 0;
+  right: 0;
+  bottom: 0;
+  background: $black-transparent;
+}
+
+.modal.popup-dialog {
+  display: block;
+  background-color: $black-transparent;
+  z-index: 2100;
+
+  @media (min-width: $screen-md-min) {
+    .modal-dialog {
+      width: 600px;
+      margin: 30px auto;
+    }
+  }
+}
+
+.project-refs-form,
+.project-refs-target-form {
+  display: inline-block;
+}
+
+.fade-enter,
+.fade-leave-to {
+  opacity: 0;
+}
+
+.commit-message {
+  @include str-truncated(250px);
+}
+
+.editable-mode {
+  display: inline-block;
+}
+
+.blob-viewer[data-type="rich"] {
+  margin: 20px;
+}
+
+.repository-view.tree-content-holder {
+  border: 1px solid $border-color;
+  border-radius: $border-radius-default;
+  color: $almost-black;
+
+  .panel-right {
+    display: inline-block;
+    width: 80%;
+
+    .monaco-editor.vs {
+      .line-numbers {
+        cursor: pointer;
+
+        &:hover {
+          text-decoration: underline;
+        }
+      }
+
+      .cursor {
+        display: none !important;
+      }
+    }
+
+    &.edit-mode {
+      .blob-viewer-container {
+        overflow: hidden;
+      }
+
+      .monaco-editor.vs {
+        .cursor {
+          background: $black;
+          border-color: $black;
+          display: block !important;
+        }
+      }
+    }
+
+    .blob-viewer-container {
+      height: calc(100vh - 63px);
+      overflow: auto;
+    }
+
+    #tabs {
+      padding-left: 0;
+      margin-bottom: 0;
+      display: flex;
+      white-space: nowrap;
+      width: 100%;
+      overflow-y: hidden;
+      overflow-x: auto;
+
+      li {
+        animation: swipeRightAppear ease-in 0.1s;
+        animation-iteration-count: 1;
+        transform-origin: 0% 50%;
+        list-style-type: none;
+        background: $gray-normal;
+        display: inline-block;
+        padding: 10px 18px;
+        border-right: 1px solid $white-dark;
+        border-bottom: 1px solid $white-dark;
+        white-space: nowrap;
+
+        &.remove {
+          animation: swipeRightDissapear ease-in 0.1s;
+          animation-iteration-count: 1;
+          transform-origin: 0% 50%;
+
+          a {
+            width: 0;
+          }
+        }
+
+        &.active {
+          background: $white-light;
+          border-bottom: none;
+        }
+
+        a {
+          @include str-truncated(100px);
+          color: $black;
+          width: 100px;
+          text-align: center;
+          vertical-align: middle;
+
+          &.close {
+            width: auto;
+            font-size: 15px;
+            opacity: 1;
+            margin-right: -6px;
+          }
+        }
+
+        i.fa.fa-times,
+        i.fa.fa-circle {
+          float: right;
+          margin-top: 3px;
+          margin-left: 15px;
+          color: $gray-darkest;
+        }
+
+        i.fa.fa-circle {
+          color: $brand-success;
+        }
+
+        &.tabs-divider {
+          width: 100%;
+          background-color: $white-light;
+          border-right: none;
+          border-top-right-radius: 2px;
+        }
+      }
+    }
+
+    #repo-file-buttons {
+      background-color: $white-light;
+      border-bottom: 1px solid $white-normal;
+      padding: 5px 10px;
+      position: relative;
+      border-top: 1px solid $white-normal;
+      margin-top: -5px;
+    }
+
+    #binary-viewer {
+      height: 80vh;
+      overflow: auto;
+      margin: 0;
+
+      .blob-viewer {
+        padding-top: 20px;
+        padding-left: 20px;
+      }
+
+      .binary-unknown {
+        text-align: center;
+        padding-top: 100px;
+        background: $gray-light;
+        height: 100%;
+        font-size: 17px;
+
+        span {
+          display: block;
+        }
+      }
+    }
+  }
+
+  #commit-area {
+    background: $gray-light;
+    padding: 20px;
+
+    span.help-block {
+      padding-top: 7px;
+      margin-top: 0;
+    }
+  }
+
+  #view-toggler {
+    height: 41px;
+    position: relative;
+    display: block;
+    border-bottom: 1px solid $white-normal;
+    background: $white-light;
+    margin-top: -5px;
+  }
+
+  #binary-viewer {
+    img {
+      max-width: 100%;
+    }
+  }
+
+  #sidebar {
+
+    &.sidebar-mini {
+      display: inline-block;
+      vertical-align: top;
+      width: 20%;
+      border-right: 1px solid $white-normal;
+      height: calc(100vh + 20px);
+      overflow: auto;
+    }
+
+    table {
+      margin-bottom: 0;
+    }
+
+    tr {
+      animation: fadein 0.5s;
+      cursor: pointer;
+
+      &.repo-file-options td {
+        padding: 0;
+        border-top: none;
+        background: $gray-light;
+        width: 100%;
+        display: inline-block;
+
+        &:first-child {
+          border-top-left-radius: 2px;
+        }
+
+        .title {
+          display: inline-block;
+          font-size: 10px;
+          text-transform: uppercase;
+          font-weight: bold;
+          color: $gray-darkest;
+          width: 185px;
+          white-space: nowrap;
+          overflow: hidden;
+          text-overflow: ellipsis;
+          vertical-align: middle;
+          padding: 2px 16px;
+        }
+      }
+
+      .fa {
+        margin-right: 5px;
+      }
+
+      td {
+        white-space: nowrap;
+      }
+    }
+
+    a {
+      color: $almost-black;
+      display: inline-block;
+      vertical-align: middle;
+    }
+
+    ul {
+      list-style-type: none;
+      padding: 0;
+
+      li {
+        border-bottom: 1px solid $border-gray-normal;
+        padding: 10px 20px;
+
+        a {
+          color: $almost-black;
+        }
+
+        .fa {
+          font-size: 12px;
+          margin-right: 5px;
+        }
+      }
+    }
+  }
+
+}
+
+.animation-container {
+  background: $repo-editor-grey;
+  height: 40px;
+  overflow: hidden;
+  position: relative;
+
+  &.animation-container-small {
+    height: 12px;
+  }
+
+  &::before {
+    animation-duration: 1s;
+    animation-fill-mode: forwards;
+    animation-iteration-count: infinite;
+    animation-name: blockTextShine;
+    animation-timing-function: linear;
+    background-image: $repo-editor-linear-gradient;
+    background-repeat: no-repeat;
+    background-size: 800px 45px;
+    content: ' ';
+    display: block;
+    height: 100%;
+    position: relative;
+  }
+
+  div {
+    background: $white-light;
+    height: 6px;
+    left: 0;
+    position: absolute;
+    right: 0;
+  }
+
+  .line-of-code-1 {
+    left: 0;
+    top: 8px;
+  }
+
+  .line-of-code-2 {
+    left: 150px;
+    top: 0;
+    height: 10px;
+  }
+
+  .line-of-code-3 {
+    left: 0;
+    top: 23px;
+  }
+
+  .line-of-code-4 {
+    left: 0;
+    top: 38px;
+  }
+
+  .line-of-code-5 {
+    left: 200px;
+    top: 28px;
+    height: 10px;
+  }
+
+  .line-of-code-6 {
+    top: 14px;
+    left: 230px;
+    height: 10px;
+  }
+}
+
+.render-error {
+  min-height: calc(100vh - 63px);
+
+  p {
+    width: 100%;
+  }
+}
+
+@keyframes blockTextShine {
+  0% {
+    transform: translateX(-468px);
+  }
+
+  100% {
+    transform: translateX(468px);
+  }
+}
+
+@keyframes swipeRightAppear {
+  0% {
+    transform: scaleX(0.00);
+  }
+
+  100% {
+    transform: scaleX(1.00);
+  }
+}
+
+@keyframes swipeRightDissapear {
+  0% {
+    transform: scaleX(1.00);
+  }
+
+  100% {
+    transform: scaleX(0.00);
+  }
+}
diff --git a/app/assets/stylesheets/pages/tree.scss b/app/assets/stylesheets/pages/tree.scss
index 44ab07a4367..0028e207f3e 100644
--- a/app/assets/stylesheets/pages/tree.scss
+++ b/app/assets/stylesheets/pages/tree.scss
@@ -29,6 +29,10 @@
         margin-right: 15px;
       }
 
+      .tree-ref-target-holder {
+        display: inline-block;
+      }
+
       .repo-breadcrumb {
         li:last-of-type {
           position: relative;
@@ -87,7 +91,7 @@
   }
 
   .add-to-tree {
-    vertical-align: top;
+    vertical-align: middle;
     padding: 6px 10px;
   }
 
@@ -216,6 +220,9 @@
 }
 
 .blob-upload-dropzone-previews {
+  display: flex;
+  justify-content: center;
+  align-items: center;
   text-align: center;
   border: 2px;
   border-style: dashed;
diff --git a/app/controllers/admin/appearances_controller.rb b/app/controllers/admin/appearances_controller.rb
index 4b0ec54b3f4..92df1c8dff0 100644
--- a/app/controllers/admin/appearances_controller.rb
+++ b/app/controllers/admin/appearances_controller.rb
@@ -45,7 +45,7 @@ class Admin::AppearancesController < Admin::ApplicationController
 
   # Use callbacks to share common setup or constraints between actions.
   def set_appearance
-    @appearance = Appearance.last || Appearance.new
+    @appearance = Appearance.current || Appearance.new
   end
 
   # Only allow a trusted parameter "white list" through.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 5b448008a1b..1d92ea11bda 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -117,7 +117,7 @@ class ApplicationController < ActionController::Base
     Raven.capture_exception(exception) if sentry_enabled?
 
     application_trace = ActionDispatch::ExceptionWrapper.new(env, exception).application_trace
-    application_trace.map!{ |t| "  #{t}\n" }
+    application_trace.map! { |t| "  #{t}\n" }
     logger.error "\n#{exception.class.name} (#{exception.message}):\n#{application_trace.join}"
   end
 
diff --git a/app/controllers/concerns/authenticates_with_two_factor.rb b/app/controllers/concerns/authenticates_with_two_factor.rb
index ea441b1736b..b75e401a8df 100644
--- a/app/controllers/concerns/authenticates_with_two_factor.rb
+++ b/app/controllers/concerns/authenticates_with_two_factor.rb
@@ -69,7 +69,7 @@ module AuthenticatesWithTwoFactor
     if U2fRegistration.authenticate(user, u2f_app_id, user_params[:device_response], session[:challenge])
       # Remove any lingering user data from login
       session.delete(:otp_user_id)
-      session.delete(:challenges)
+      session.delete(:challenge)
 
       remember_me(user) if user_params[:remember_me] == '1'
       sign_in(user)
diff --git a/app/controllers/concerns/cycle_analytics_params.rb b/app/controllers/concerns/cycle_analytics_params.rb
index 52e06f4945a..1ab107168c0 100644
--- a/app/controllers/concerns/cycle_analytics_params.rb
+++ b/app/controllers/concerns/cycle_analytics_params.rb
@@ -6,6 +6,13 @@ module CycleAnalyticsParams
   end
 
   def start_date(params)
-    params[:start_date] == '30' ? 30.days.ago : 90.days.ago
+    case params[:start_date]
+    when '7'
+      7.days.ago
+    when '30'
+      30.days.ago
+    else
+      90.days.ago
+    end
   end
 end
diff --git a/app/controllers/concerns/renders_blob.rb b/app/controllers/concerns/renders_blob.rb
index 54dcd7c61ce..ba7adcfea86 100644
--- a/app/controllers/concerns/renders_blob.rb
+++ b/app/controllers/concerns/renders_blob.rb
@@ -1,7 +1,7 @@
 module RendersBlob
   extend ActiveSupport::Concern
 
-  def render_blob_json(blob)
+  def blob_json(blob)
     viewer =
       case params[:viewer]
       when 'rich'
@@ -11,13 +11,21 @@ module RendersBlob
       else
         blob.simple_viewer
       end
-    return render_404 unless viewer
 
-    render json: {
+    return unless viewer
+
+    {
       html: view_to_html_string("projects/blob/_viewer", viewer: viewer, load_async: false)
     }
   end
 
+  def render_blob_json(blob)
+    json = blob_json(blob)
+    return render_404 unless json
+
+    render json: json
+  end
+
   def conditionally_expand_blob(blob)
     blob.expand! if params[:expanded] == 'true'
   end
diff --git a/app/controllers/dashboard/projects_controller.rb b/app/controllers/dashboard/projects_controller.rb
index 74fe45e1ff6..f71ab702e71 100644
--- a/app/controllers/dashboard/projects_controller.rb
+++ b/app/controllers/dashboard/projects_controller.rb
@@ -52,8 +52,10 @@ class Dashboard::ProjectsController < Dashboard::ApplicationController
   end
 
   def load_events
-    @events = Event.in_projects(load_projects(params.merge(non_public: true)))
-    @events = event_filter.apply_filter(@events).with_associations
-    @events = @events.limit(20).offset(params[:offset] || 0)
+    projects = load_projects(params.merge(non_public: true))
+
+    @events = EventCollection
+      .new(projects, offset: params[:offset].to_i, filter: event_filter)
+      .to_a
   end
 end
diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb
index f9c31920302..19a5db6fd17 100644
--- a/app/controllers/dashboard_controller.rb
+++ b/app/controllers/dashboard_controller.rb
@@ -29,9 +29,9 @@ class DashboardController < Dashboard::ApplicationController
         current_user.authorized_projects
       end
 
-    @events = Event.in_projects(projects)
-    @events = @event_filter.apply_filter(@events).with_associations
-    @events = @events.limit(20).offset(params[:offset] || 0)
+    @events = EventCollection
+      .new(projects, offset: params[:offset].to_i, filter: @event_filter)
+      .to_a
   end
 
   def set_show_full_reference
diff --git a/app/controllers/explore/projects_controller.rb b/app/controllers/explore/projects_controller.rb
index 741879dee35..762c6ebf3a3 100644
--- a/app/controllers/explore/projects_controller.rb
+++ b/app/controllers/explore/projects_controller.rb
@@ -6,7 +6,7 @@ class Explore::ProjectsController < Explore::ApplicationController
   def index
     params[:sort] ||= 'latest_activity_desc'
     @sort = params[:sort]
-    @projects = load_projects.page(params[:page])
+    @projects = load_projects
 
     respond_to do |format|
       format.html
@@ -21,7 +21,7 @@ class Explore::ProjectsController < Explore::ApplicationController
   def trending
     params[:trending] = true
     @sort = params[:sort]
-    @projects = load_projects.page(params[:page])
+    @projects = load_projects
 
     respond_to do |format|
       format.html
@@ -34,7 +34,7 @@ class Explore::ProjectsController < Explore::ApplicationController
   end
 
   def starred
-    @projects = load_projects.reorder('star_count DESC').page(params[:page])
+    @projects = load_projects.reorder('star_count DESC')
 
     respond_to do |format|
       format.html
@@ -50,6 +50,9 @@ class Explore::ProjectsController < Explore::ApplicationController
 
   def load_projects
     ProjectsFinder.new(current_user: current_user, params: params)
-      .execute.includes(:route, namespace: :route)
+      .execute
+      .includes(:route, namespace: :route)
+      .page(params[:page])
+      .without_count
   end
 end
diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index 27137ffde54..f76b3f69e9e 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -160,9 +160,9 @@ class GroupsController < Groups::ApplicationController
   end
 
   def load_events
-    @events = Event.in_projects(@projects)
-    @events = event_filter.apply_filter(@events).with_associations
-    @events = @events.limit(20).offset(params[:offset] || 0)
+    @events = EventCollection
+      .new(@projects, offset: params[:offset].to_i, filter: event_filter)
+      .to_a
   end
 
   def user_actions
diff --git a/app/controllers/import/github_controller.rb b/app/controllers/import/github_controller.rb
index 53a5981e564..baa6645e5ce 100644
--- a/app/controllers/import/github_controller.rb
+++ b/app/controllers/import/github_controller.rb
@@ -68,15 +68,15 @@ class Import::GithubController < Import::BaseController
   end
 
   def new_import_url
-    public_send("new_import_#{provider}_url")
+    public_send("new_import_#{provider}_url") # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def status_import_url
-    public_send("status_import_#{provider}_url")
+    public_send("status_import_#{provider}_url") # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def callback_import_url
-    public_send("callback_import_#{provider}_url")
+    public_send("callback_import_#{provider}_url") # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def provider_unauthorized
diff --git a/app/controllers/import/gitlab_controller.rb b/app/controllers/import/gitlab_controller.rb
index 73837ffbe67..407154e59a0 100644
--- a/app/controllers/import/gitlab_controller.rb
+++ b/app/controllers/import/gitlab_controller.rb
@@ -15,7 +15,7 @@ class Import::GitlabController < Import::BaseController
     @already_added_projects = current_user.created_projects.where(import_type: "gitlab")
     already_added_projects_names = @already_added_projects.pluck(:import_source)
 
-    @repos = @repos.to_a.reject{ |repo| already_added_projects_names.include? repo["path_with_namespace"] }
+    @repos = @repos.to_a.reject { |repo| already_added_projects_names.include? repo["path_with_namespace"] }
   end
 
   def jobs
diff --git a/app/controllers/projects/blob_controller.rb b/app/controllers/projects/blob_controller.rb
index 49ea2945675..a2e8c10857d 100644
--- a/app/controllers/projects/blob_controller.rb
+++ b/app/controllers/projects/blob_controller.rb
@@ -37,16 +37,11 @@ class Projects::BlobController < Projects::ApplicationController
 
     respond_to do |format|
       format.html do
-        environment_params = @repository.branch_exists?(@ref) ? { ref: @ref } : { commit: @commit }
-        @environment = EnvironmentsFinder.new(@project, current_user, environment_params).execute.last
-
-        @last_commit = @repository.last_commit_for_path(@commit.id, @blob.path)
-
-        render 'show'
+        show_html
       end
 
       format.json do
-        render_blob_json(@blob)
+        show_json
       end
     end
   end
@@ -190,4 +185,34 @@ class Projects::BlobController < Projects::ApplicationController
     @last_commit_sha = Gitlab::Git::Commit
       .last_for_path(@repository, @ref, @path).sha
   end
+
+  def show_html
+    environment_params = @repository.branch_exists?(@ref) ? { ref: @ref } : { commit: @commit }
+    @environment = EnvironmentsFinder.new(@project, current_user, environment_params).execute.last
+    @last_commit = @repository.last_commit_for_path(@commit.id, @blob.path)
+
+    render 'show'
+  end
+
+  def show_json
+    json = blob_json(@blob)
+    return render_404 unless json
+
+    render json: json.merge(
+      path: blob.path,
+      name: blob.name,
+      extension: blob.extension,
+      size: blob.raw_size,
+      mime_type: blob.mime_type,
+      binary: blob.raw_binary?,
+      simple_viewer: blob.simple_viewer&.class&.partial_name,
+      rich_viewer: blob.rich_viewer&.class&.partial_name,
+      show_viewer_switcher: !!blob.show_viewer_switcher?,
+      render_error: blob.simple_viewer&.render_error || blob.rich_viewer&.render_error,
+      raw_path: project_raw_path(project, @id),
+      blame_path: project_blame_path(project, @id),
+      commits_path: project_commits_path(project, @id),
+      permalink: project_blob_path(project, File.join(@commit.id, @path))
+    )
+  end
 end
diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index e2ccabb22db..8893a514207 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -212,7 +212,7 @@ class Projects::IssuesController < Projects::ApplicationController
   end
 
   def create_merge_request
-    result = MergeRequests::CreateFromIssueService.new(project, current_user, issue_iid: issue.iid).execute
+    result = ::MergeRequests::CreateFromIssueService.new(project, current_user, issue_iid: issue.iid).execute
 
     if result[:status] == :success
       render json: MergeRequestCreateSerializer.new.represent(result[:merge_request])
@@ -257,18 +257,6 @@ class Projects::IssuesController < Projects::ApplicationController
     return render_404 unless @project.feature_available?(:issues, current_user)
   end
 
-  def redirect_to_external_issue_tracker
-    external = @project.external_issue_tracker
-
-    return unless external
-
-    if action_name == 'new'
-      redirect_to external.new_issue_path
-    else
-      redirect_to external.issue_tracker_path
-    end
-  end
-
   def issue_params
     params.require(:issue).permit(*issue_params_attributes)
   end
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index d361e661d0e..4de814d0ca8 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -67,11 +67,6 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
         @noteable = @merge_request
         @commits_count = @merge_request.commits_count
 
-        if @merge_request.locked_long_ago?
-          @merge_request.unlock_mr
-          @merge_request.close
-        end
-
         labels
 
         set_pipeline_variables
diff --git a/app/controllers/projects/tree_controller.rb b/app/controllers/projects/tree_controller.rb
index 30181ac3bdf..1fc276b8c03 100644
--- a/app/controllers/projects/tree_controller.rb
+++ b/app/controllers/projects/tree_controller.rb
@@ -24,12 +24,19 @@ class Projects::TreeController < Projects::ApplicationController
       end
     end
 
-    @last_commit = @repository.last_commit_for_path(@commit.id, @tree.path) || @commit
-
     respond_to do |format|
-      format.html
-      # Disable cache so browser history works
-      format.js { no_cache_headers }
+      format.html do
+        @last_commit = @repository.last_commit_for_path(@commit.id, @tree.path) || @commit
+      end
+
+      format.js do
+        # Disable cache so browser history works
+        no_cache_headers
+      end
+
+      format.json do
+        render json: TreeSerializer.new(project: @project, repository: @repository, ref: @ref).represent(@tree)
+      end
     end
   end
 
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 0bffae6decd..1d24563a6a6 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -7,6 +7,7 @@ class ProjectsController < Projects::ApplicationController
   before_action :repository, except: [:index, :new, :create]
   before_action :assign_ref_vars, only: [:show], if: :repo_exists?
   before_action :tree, only: [:show], if: [:repo_exists?, :project_view_files?]
+  before_action :project_export_enabled, only: [:export, :download_export, :remove_export, :generate_new_export]
 
   # Authorize
   before_action :authorize_admin_project!, only: [:edit, :update, :housekeeping, :download_export, :export, :remove_export, :generate_new_export]
@@ -220,21 +221,34 @@ class ProjectsController < Projects::ApplicationController
   end
 
   def refs
-    branches = BranchesFinder.new(@repository, params).execute.map(&:name)
+    find_refs = params['find']
 
-    options = {
-      s_('RefSwitcher|Branches') => branches.take(100)
-    }
+    find_branches = true
+    find_tags = true
+    find_commits = true
+
+    unless find_refs.nil?
+      find_branches = find_refs.include?('branches')
+      find_tags = find_refs.include?('tags')
+      find_commits = find_refs.include?('commits')
+    end
 
-    unless @repository.tag_count.zero?
-      tags = TagsFinder.new(@repository, params).execute.map(&:name)
+    options = {}
 
-      options[s_('RefSwitcher|Tags')] = tags.take(100)
+    if find_branches
+      branches = BranchesFinder.new(@repository, params).execute.take(100).map(&:name)
+      options[s_('RefSwitcher|Branches')] = branches
+    end
+
+    if find_tags && @repository.tag_count.nonzero?
+      tags = TagsFinder.new(@repository, params).execute.take(100).map(&:name)
+
+      options[s_('RefSwitcher|Tags')] = tags
     end
 
     # If reference is commit id - we should add it to branch/tag selectbox
     ref = Addressable::URI.unescape(params[:ref])
-    if ref && options.flatten(2).exclude?(ref) && ref =~ /\A[0-9a-zA-Z]{6,52}\z/
+    if find_commits && ref && options.flatten(2).exclude?(ref) && ref =~ /\A[0-9a-zA-Z]{6,52}\z/
       options['Commits'] = [ref]
     end
 
@@ -288,10 +302,11 @@ class ProjectsController < Projects::ApplicationController
   end
 
   def load_events
-    @events = @project.events.recent
-    @events = event_filter.apply_filter(@events).with_associations
-    limit = (params[:limit] || 20).to_i
-    @events = @events.limit(limit).offset(params[:offset] || 0)
+    projects = Project.where(id: @project.id)
+
+    @events = EventCollection
+      .new(projects, offset: params[:offset].to_i, filter: event_filter)
+      .to_a
   end
 
   def project_params
@@ -376,4 +391,8 @@ class ProjectsController < Projects::ApplicationController
 
     url_for(params)
   end
+
+  def project_export_enabled
+    render_404 unless current_application_settings.project_export_enabled?
+  end
 end
diff --git a/app/controllers/unicorn_test_controller.rb b/app/controllers/unicorn_test_controller.rb
index b7a1a046be0..ed04bd1f77d 100644
--- a/app/controllers/unicorn_test_controller.rb
+++ b/app/controllers/unicorn_test_controller.rb
@@ -1,12 +1,14 @@
+# :nocov:
 if Rails.env.test?
   class UnicornTestController < ActionController::Base
     def pid
       render plain: Process.pid.to_s
     end
-  
+
     def kill
       Process.kill(params[:signal], Process.pid)
       render plain: 'Bye!'
     end
   end
 end
+# :nocov:
diff --git a/app/finders/admin/projects_finder.rb b/app/finders/admin/projects_finder.rb
index a5ba791a513..7176bfe22d6 100644
--- a/app/finders/admin/projects_finder.rb
+++ b/app/finders/admin/projects_finder.rb
@@ -18,7 +18,7 @@ class Admin::ProjectsFinder
   end
 
   def execute
-    items = Project.with_statistics
+    items = Project.without_deleted.with_statistics
     items = items.in_namespace(namespace_id) if namespace_id.present?
     items = items.where(visibility_level: visibility_level) if visibility_level.present?
     items = items.with_push if with_push.present?
diff --git a/app/helpers/appearances_helper.rb b/app/helpers/appearances_helper.rb
index 16136d02530..cdf5fa5d4b7 100644
--- a/app/helpers/appearances_helper.rb
+++ b/app/helpers/appearances_helper.rb
@@ -20,7 +20,7 @@ module AppearancesHelper
   end
 
   def brand_item
-    @appearance ||= Appearance.first
+    @appearance ||= Appearance.current
   end
 
   def brand_header_logo
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 0cfd7822d05..bcee81bdc15 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -309,4 +309,8 @@ module ApplicationHelper
   def collapsed_sidebar?
     cookies["sidebar_collapsed"] == "true"
   end
+
+  def show_new_repo?
+    cookies["new_repo"] == "true" && body_data_page != 'projects:show'
+  end
 end
diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb
index 6825adcb39f..150188f0b65 100644
--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@@ -146,6 +146,7 @@ module ApplicationSettingsHelper
       :plantuml_enabled,
       :plantuml_url,
       :polling_interval_multiplier,
+      :project_export_enabled,
       :prometheus_metrics_enabled,
       :recaptcha_enabled,
       :recaptcha_private_key,
diff --git a/app/helpers/blob_helper.rb b/app/helpers/blob_helper.rb
index e964d7a5e16..18075ee8be7 100644
--- a/app/helpers/blob_helper.rb
+++ b/app/helpers/blob_helper.rb
@@ -118,7 +118,7 @@ module BlobHelper
     icon("#{file_type_icon_class('file', mode, name)} fw")
   end
 
-  def blob_raw_url
+  def blob_raw_path
     if @build && @entry
       raw_project_job_artifacts_path(@project, @build, path: @entry.path)
     elsif @snippet
@@ -235,7 +235,7 @@ module BlobHelper
       title = 'Open raw'
     end
 
-    link_to icon, blob_raw_url, class: 'btn btn-sm has-tooltip', target: '_blank', rel: 'noopener noreferrer', title: title, data: { container: 'body' }
+    link_to icon, blob_raw_path, class: 'btn btn-sm has-tooltip', target: '_blank', rel: 'noopener noreferrer', title: title, data: { container: 'body' }
   end
 
   def blob_render_error_reason(viewer)
@@ -270,7 +270,7 @@ module BlobHelper
       options << link_to('view the source', '#', class: 'js-blob-viewer-switch-btn', data: { viewer: 'simple' })
     end
 
-    options << link_to('download it', blob_raw_url, target: '_blank', rel: 'noopener noreferrer')
+    options << link_to('download it', blob_raw_path, target: '_blank', rel: 'noopener noreferrer')
 
     options
   end
diff --git a/app/helpers/diff_helper.rb b/app/helpers/diff_helper.rb
index 087f7f88fb5..28f591a4e22 100644
--- a/app/helpers/diff_helper.rb
+++ b/app/helpers/diff_helper.rb
@@ -88,15 +88,15 @@ module DiffHelper
   end
 
   def submodule_link(blob, ref, repository = @repository)
-    tree, commit = submodule_links(blob, ref, repository)
-    commit_id = if commit.nil?
+    project_url, tree_url = submodule_links(blob, ref, repository)
+    commit_id = if tree_url.nil?
                   Commit.truncate_sha(blob.id)
                 else
-                  link_to Commit.truncate_sha(blob.id), commit
+                  link_to Commit.truncate_sha(blob.id), tree_url
                 end
 
     [
-      content_tag(:span, link_to(truncate(blob.name, length: 40), tree)),
+      content_tag(:span, link_to(truncate(blob.name, length: 40), project_url)),
       '@',
       content_tag(:span, commit_id, class: 'commit-sha')
     ].join(' ').html_safe
diff --git a/app/helpers/dropdowns_helper.rb b/app/helpers/dropdowns_helper.rb
index ac8c518ac84..ff305fa39b4 100644
--- a/app/helpers/dropdowns_helper.rb
+++ b/app/helpers/dropdowns_helper.rb
@@ -48,11 +48,11 @@ module DropdownsHelper
     end
   end
 
-  def dropdown_title(title, back: false)
+  def dropdown_title(title, options: {})
     content_tag :div, class: "dropdown-title" do
       title_output = ""
 
-      if back
+      if options.fetch(:back, false)
         title_output << content_tag(:button, class: "dropdown-title-button dropdown-menu-back", aria: { label: "Go back" }, type: "button") do
           icon('arrow-left')
         end
@@ -60,14 +60,25 @@ module DropdownsHelper
 
       title_output << content_tag(:span, title)
 
-      title_output << content_tag(:button, class: "dropdown-title-button dropdown-menu-close", aria: { label: "Close" }, type: "button") do
-        icon('times', class: 'dropdown-menu-close-icon')
+      if options.fetch(:close, true)
+        title_output << content_tag(:button, class: "dropdown-title-button dropdown-menu-close", aria: { label: "Close" }, type: "button") do
+          icon('times', class: 'dropdown-menu-close-icon')
+        end
       end
 
       title_output.html_safe
     end
   end
 
+  def dropdown_input(placeholder, input_id: nil)
+    content_tag :div, class: "dropdown-input" do
+      filter_output = text_field_tag input_id, nil, class: "dropdown-input-field dropdown-no-filter", placeholder: placeholder, autocomplete: 'off'
+      filter_output << icon('times', class: "dropdown-input-clear js-dropdown-input-clear", role: "button")
+
+      filter_output.html_safe
+    end
+  end
+
   def dropdown_filter(placeholder, search_id: nil)
     content_tag :div, class: "dropdown-input" do
       filter_output = search_field_tag search_id, nil, class: "dropdown-input-field", placeholder: placeholder, autocomplete: 'off'
diff --git a/app/helpers/graph_helper.rb b/app/helpers/graph_helper.rb
index 2e9b72e9613..c53ea4519da 100644
--- a/app/helpers/graph_helper.rb
+++ b/app/helpers/graph_helper.rb
@@ -3,7 +3,7 @@ module GraphHelper
     refs = ""
     # Commit::ref_names already strips the refs/XXX from important refs (e.g. refs/heads/XXX)
     # so anything leftover is internally used by GitLab
-    commit_refs = commit.ref_names(repo).reject{ |name| name.starts_with?('refs/') }
+    commit_refs = commit.ref_names(repo).reject { |name| name.starts_with?('refs/') }
     refs << commit_refs.join(' ')
 
     # append note count
diff --git a/app/helpers/groups_helper.rb b/app/helpers/groups_helper.rb
index 8cd61f738e1..4123a96911f 100644
--- a/app/helpers/groups_helper.rb
+++ b/app/helpers/groups_helper.rb
@@ -59,7 +59,7 @@ module GroupsHelper
   end
 
   def remove_group_message(group)
-    _("You are going to remove %{group_name}.\nRemoved groups CANNOT be restored!\nAre you ABSOLUTELY sure?") %
+    _("You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?") %
       { group_name: group.name }
   end
 
diff --git a/app/helpers/icons_helper.rb b/app/helpers/icons_helper.rb
index f29faeca22d..9a404832423 100644
--- a/app/helpers/icons_helper.rb
+++ b/app/helpers/icons_helper.rb
@@ -1,4 +1,5 @@
 module IconsHelper
+  extend self
   include FontAwesome::Rails::IconHelper
 
   # Creates an icon tag given icon name(s) and possible icon modifiers.
diff --git a/app/helpers/issuables_helper.rb b/app/helpers/issuables_helper.rb
index f4fad7150e8..70ea35fab1e 100644
--- a/app/helpers/issuables_helper.rb
+++ b/app/helpers/issuables_helper.rb
@@ -151,7 +151,7 @@ module IssuablesHelper
   end
 
   def issuable_labels_tooltip(labels, limit: 5)
-    first, last = labels.partition.with_index{ |_, i| i < limit  }
+    first, last = labels.partition.with_index { |_, i| i < limit  }
 
     label_names = first.collect(&:name)
     label_names << "and #{last.size} more" unless last.empty?
@@ -234,7 +234,7 @@ module IssuablesHelper
   end
 
   def issuables_count_for_state(issuable_type, state, finder: nil)
-    finder ||= public_send("#{issuable_type}_finder")
+    finder ||= public_send("#{issuable_type}_finder") # rubocop:disable GitlabSecurity/PublicSend
     cache_key = finder.state_counter_cache_key
 
     @counts ||= {}
@@ -329,7 +329,7 @@ module IssuablesHelper
   end
 
   def selected_template(issuable)
-    params[:issuable_template] if issuable_templates(issuable).any?{ |template| template[:name] == params[:issuable_template] }
+    params[:issuable_template] if issuable_templates(issuable).any? { |template| template[:name] == params[:issuable_template] }
   end
 
   def issuable_todo_button_data(issuable, todo, is_collapsed)
diff --git a/app/helpers/labels_helper.rb b/app/helpers/labels_helper.rb
index 4b99de1b6a5..e60513b35c7 100644
--- a/app/helpers/labels_helper.rb
+++ b/app/helpers/labels_helper.rb
@@ -43,11 +43,11 @@ module LabelsHelper
   def label_filter_path(subject, label, type: :issue)
     case subject
     when Group
-      send("#{type.to_s.pluralize}_group_path",
+      send("#{type.to_s.pluralize}_group_path", # rubocop:disable GitlabSecurity/PublicSend
                   subject,
                   label_name: [label.name])
     when Project
-      send("namespace_project_#{type.to_s.pluralize}_path",
+      send("namespace_project_#{type.to_s.pluralize}_path", # rubocop:disable GitlabSecurity/PublicSend
                   subject.namespace,
                   subject,
                   label_name: [label.name])
diff --git a/app/helpers/pagination_helper.rb b/app/helpers/pagination_helper.rb
new file mode 100644
index 00000000000..83dd76a01dd
--- /dev/null
+++ b/app/helpers/pagination_helper.rb
@@ -0,0 +1,21 @@
+module PaginationHelper
+  def paginate_collection(collection, remote: nil)
+    if collection.is_a?(Kaminari::PaginatableWithoutCount)
+      paginate_without_count(collection)
+    elsif collection.respond_to?(:total_pages)
+      paginate_with_count(collection, remote: remote)
+    end
+  end
+
+  def paginate_without_count(collection)
+    render(
+      'kaminari/gitlab/without_count',
+      previous_path: path_to_prev_page(collection),
+      next_path: path_to_next_page(collection)
+    )
+  end
+
+  def paginate_with_count(collection, remote: nil)
+    paginate(collection, remote: remote, theme: 'gitlab')
+  end
+end
diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb
index a268413e84f..278d394bc03 100644
--- a/app/helpers/projects_helper.rb
+++ b/app/helpers/projects_helper.rb
@@ -80,7 +80,7 @@ module ProjectsHelper
   end
 
   def remove_project_message(project)
-    _("You are going to remove %{project_name_with_namespace}.\nRemoved project CANNOT be restored!\nAre you ABSOLUTELY sure?") %
+    _("You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?") %
       { project_name_with_namespace: project.name_with_namespace }
   end
 
@@ -234,6 +234,8 @@ module ProjectsHelper
   # If no limit is applied we'll just issue a COUNT since the result set could
   # be too large to load into memory.
   def any_projects?(projects)
+    return projects.any? if projects.is_a?(Array)
+
     if projects.limit_value
       projects.to_a.any?
     else
diff --git a/app/helpers/submodule_helper.rb b/app/helpers/submodule_helper.rb
index b24039fb349..88f7702db1e 100644
--- a/app/helpers/submodule_helper.rb
+++ b/app/helpers/submodule_helper.rb
@@ -1,5 +1,5 @@
 module SubmoduleHelper
-  include Gitlab::ShellAdapter
+  extend self
 
   VALID_SUBMODULE_PROTOCOLS = %w[http https git ssh].freeze
 
@@ -59,7 +59,7 @@ module SubmoduleHelper
     return true if url_no_dotgit == [Gitlab.config.gitlab.url, '/', namespace, '/',
                                      project].join('')
     url_with_dotgit = url_no_dotgit + '.git'
-    url_with_dotgit == gitlab_shell.url_to_repo([namespace, '/', project].join(''))
+    url_with_dotgit == Gitlab::Shell.new.url_to_repo([namespace, '/', project].join(''))
   end
 
   def relative_self_url?(url)
diff --git a/app/mailers/emails/members.rb b/app/mailers/emails/members.rb
index 7b617b359ea..d76c61c369f 100644
--- a/app/mailers/emails/members.rb
+++ b/app/mailers/emails/members.rb
@@ -11,11 +11,11 @@ module Emails
       @member_source_type = member_source_type
       @member_id = member_id
 
-      admins = member_source.members.owners_and_masters.includes(:user).pluck(:notification_email)
+      admins = member_source.members.owners_and_masters.pluck(:notification_email)
       # A project in a group can have no explicit owners/masters, in that case
       # we fallbacks to the group's owners/masters.
       if admins.empty? && member_source.respond_to?(:group) && member_source.group
-        admins = member_source.group.members.owners_and_masters.includes(:user).pluck(:notification_email)
+        admins = member_source.group.members.owners_and_masters.pluck(:notification_email)
       end
 
       mail(to: admins,
diff --git a/app/models/appearance.rb b/app/models/appearance.rb
index f9c48482be7..ff15689ecac 100644
--- a/app/models/appearance.rb
+++ b/app/models/appearance.rb
@@ -8,7 +8,27 @@ class Appearance < ActiveRecord::Base
   validates :logo,        file_size: { maximum: 1.megabyte }
   validates :header_logo, file_size: { maximum: 1.megabyte }
 
+  validate :single_appearance_row, on: :create
+
   mount_uploader :logo,         AttachmentUploader
   mount_uploader :header_logo,  AttachmentUploader
   has_many :uploads, as: :model, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
+
+  CACHE_KEY = 'current_appearance'.freeze
+
+  after_commit :flush_redis_cache
+
+  def self.current
+    Rails.cache.fetch(CACHE_KEY) { first }
+  end
+
+  def flush_redis_cache
+    Rails.cache.delete(CACHE_KEY)
+  end
+
+  def single_appearance_row
+    if self.class.any?
+      errors.add(:single_appearance_row, 'Only 1 appearances row can exist')
+    end
+  end
 end
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index bd7c4cd45ea..8e446ff6dd8 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -241,6 +241,7 @@ class ApplicationSetting < ActiveRecord::Base
       performance_bar_allowed_group_id: nil,
       plantuml_enabled: false,
       plantuml_url: nil,
+      project_export_enabled: true,
       recaptcha_enabled: false,
       repository_checks_enabled: true,
       repository_storages: ['default'],
diff --git a/app/models/blob_viewer/base.rb b/app/models/blob_viewer/base.rb
index 35965d01692..bf3453b3063 100644
--- a/app/models/blob_viewer/base.rb
+++ b/app/models/blob_viewer/base.rb
@@ -82,7 +82,7 @@ module BlobViewer
     # format of the blob.
     #
     # Prefer to implement a client-side viewer, where the JS component loads the
-    # binary from `blob_raw_url` and does its own format validation and error
+    # binary from `blob_raw_path` and does its own format validation and error
     # rendering, especially for potentially large binary formats.
     def render_error
       if too_large?
diff --git a/app/models/blob_viewer/server_side.rb b/app/models/blob_viewer/server_side.rb
index fbc1b520c01..86afcc86aa0 100644
--- a/app/models/blob_viewer/server_side.rb
+++ b/app/models/blob_viewer/server_side.rb
@@ -17,7 +17,7 @@ module BlobViewer
       # build artifacts, can only be rendered using a client-side viewer,
       # since we do not want to read large amounts of data into memory on the
       # server side. Client-side viewers use JS and can fetch the file from
-      # `blob_raw_url` using AJAX.
+      # `blob_raw_path` using AJAX.
       return :server_side_but_stored_externally if blob.stored_externally?
 
       super
diff --git a/app/models/broadcast_message.rb b/app/models/broadcast_message.rb
index 944725d91c3..3692bcc680d 100644
--- a/app/models/broadcast_message.rb
+++ b/app/models/broadcast_message.rb
@@ -14,9 +14,15 @@ class BroadcastMessage < ActiveRecord::Base
   default_value_for :color, '#E75E40'
   default_value_for :font,  '#FFFFFF'
 
+  CACHE_KEY = 'broadcast_message_current'.freeze
+
+  after_commit :flush_redis_cache
+
   def self.current
-    Rails.cache.fetch("broadcast_message_current", expires_in: 1.minute) do
-      where('ends_at > :now AND starts_at <= :now', now: Time.zone.now).order([:created_at, :id]).to_a
+    Rails.cache.fetch(CACHE_KEY) do
+      where('ends_at > :now AND starts_at <= :now', now: Time.zone.now)
+        .reorder(id: :asc)
+        .to_a
     end
   end
 
@@ -31,4 +37,8 @@ class BroadcastMessage < ActiveRecord::Base
   def ended?
     ends_at < Time.zone.now
   end
+
+  def flush_redis_cache
+    Rails.cache.delete(CACHE_KEY)
+  end
 end
diff --git a/app/models/commit.rb b/app/models/commit.rb
index 7940733f557..638fddc5d3d 100644
--- a/app/models/commit.rb
+++ b/app/models/commit.rb
@@ -55,7 +55,8 @@ class Commit
     end
 
     def from_hash(hash, project)
-      new(Gitlab::Git::Commit.new(hash), project)
+      raw_commit = Gitlab::Git::Commit.new(project.repository.raw, hash)
+      new(raw_commit, project)
     end
 
     def valid_hash?(key)
@@ -320,21 +321,11 @@ class Commit
   end
 
   def raw_diffs(*args)
-    if Gitlab::GitalyClient.feature_enabled?(:commit_raw_diffs)
-      Gitlab::GitalyClient::CommitService.new(project.repository).diff_from_parent(self, *args)
-    else
-      raw.diffs(*args)
-    end
+    raw.diffs(*args)
   end
 
   def raw_deltas
-    @deltas ||= Gitlab::GitalyClient.migrate(:commit_deltas) do |is_enabled|
-      if is_enabled
-        Gitlab::GitalyClient::CommitService.new(project.repository).commit_deltas(self)
-      else
-        raw.deltas
-      end
-    end
+    @deltas ||= raw.deltas
   end
 
   def diffs(diff_options = nil)
diff --git a/app/models/concerns/spammable.rb b/app/models/concerns/spammable.rb
index bd75f25a210..f2707022a4b 100644
--- a/app/models/concerns/spammable.rb
+++ b/app/models/concerns/spammable.rb
@@ -58,7 +58,7 @@ module Spammable
       options.fetch(:spam_title, false)
     end
 
-    public_send(attr.first) if attr && respond_to?(attr.first.to_sym)
+    public_send(attr.first) if attr && respond_to?(attr.first.to_sym) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def spam_description
@@ -66,12 +66,12 @@ module Spammable
       options.fetch(:spam_description, false)
     end
 
-    public_send(attr.first) if attr && respond_to?(attr.first.to_sym)
+    public_send(attr.first) if attr && respond_to?(attr.first.to_sym) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def spammable_text
     result = self.class.spammable_attrs.map do |attr|
-      public_send(attr.first)
+      public_send(attr.first) # rubocop:disable GitlabSecurity/PublicSend
     end
 
     result.reject(&:blank?).join("\n")
diff --git a/app/models/concerns/token_authenticatable.rb b/app/models/concerns/token_authenticatable.rb
index 1ca7f91dc03..a7d5de48c66 100644
--- a/app/models/concerns/token_authenticatable.rb
+++ b/app/models/concerns/token_authenticatable.rb
@@ -44,7 +44,8 @@ module TokenAuthenticatable
       end
 
       define_method("ensure_#{token_field}!") do
-        send("reset_#{token_field}!") if read_attribute(token_field).blank?
+        send("reset_#{token_field}!") if read_attribute(token_field).blank? # rubocop:disable GitlabSecurity/PublicSend
+
         read_attribute(token_field)
       end
 
diff --git a/app/models/event.rb b/app/models/event.rb
index 8d93a228494..f2a560a6b56 100644
--- a/app/models/event.rb
+++ b/app/models/event.rb
@@ -48,6 +48,7 @@ class Event < ActiveRecord::Base
   belongs_to :author, class_name: "User"
   belongs_to :project
   belongs_to :target, polymorphic: true # rubocop:disable Cop/PolymorphicAssociations
+  has_one :push_event_payload, foreign_key: :event_id
 
   # For Hash only
   serialize :data # rubocop:disable Cop/ActiveRecordSerialize
@@ -55,19 +56,51 @@ class Event < ActiveRecord::Base
   # Callbacks
   after_create :reset_project_activity
   after_create :set_last_repository_updated_at, if: :push?
+  after_create :replicate_event_for_push_events_migration
 
   # Scopes
   scope :recent, -> { reorder(id: :desc) }
   scope :code_push, -> { where(action: PUSHED) }
 
-  scope :in_projects, ->(projects) do
-    where(project_id: projects.pluck(:id)).recent
+  scope :in_projects, -> (projects) do
+    sub_query = projects
+      .except(:order)
+      .select(1)
+      .where('projects.id = events.project_id')
+
+    where('EXISTS (?)', sub_query).recent
+  end
+
+  scope :with_associations, -> do
+    # We're using preload for "push_event_payload" as otherwise the association
+    # is not always available (depending on the query being built).
+    includes(:author, :project, project: :namespace)
+      .preload(:target, :push_event_payload)
   end
 
-  scope :with_associations, -> { includes(:author, :project, project: :namespace).preload(:target) }
   scope :for_milestone_id, ->(milestone_id) { where(target_type: "Milestone", target_id: milestone_id) }
 
+  self.inheritance_column = 'action'
+
   class << self
+    def find_sti_class(action)
+      if action.to_i == PUSHED
+        PushEvent
+      else
+        Event
+      end
+    end
+
+    def subclass_from_attributes(attrs)
+      # Without this Rails will keep calling this method on the returned class,
+      # resulting in an infinite loop.
+      return unless self == Event
+
+      action = attrs.with_indifferent_access[inheritance_column].to_i
+
+      PushEvent if action == PUSHED
+    end
+
     # Update Gitlab::ContributionsCalendar#activity_dates if this changes
     def contributions
       where("action = ? OR (target_type IN (?) AND action IN (?)) OR (target_type = ? AND action = ?)",
@@ -290,6 +323,16 @@ class Event < ActiveRecord::Base
     @commits ||= (data[:commits] || []).reverse
   end
 
+  def commit_title
+    commit = commits.last
+
+    commit[:message] if commit
+  end
+
+  def commit_id
+    commit_to || commit_from
+  end
+
   def commits_count
     data[:total_commits_count] || commits.count || 0
   end
@@ -385,6 +428,16 @@ class Event < ActiveRecord::Base
     user ? author_id == user.id : false
   end
 
+  # We're manually replicating data into the new table since database triggers
+  # are not dumped to db/schema.rb. This could mean that a new installation
+  # would not have the triggers in place, thus losing events data in GitLab
+  # 10.0.
+  def replicate_event_for_push_events_migration
+    new_attributes = attributes.with_indifferent_access.except(:title, :data)
+
+    EventForMigration.create!(new_attributes)
+  end
+
   private
 
   def recent_update?
diff --git a/app/models/event_collection.rb b/app/models/event_collection.rb
new file mode 100644
index 00000000000..8b8244314af
--- /dev/null
+++ b/app/models/event_collection.rb
@@ -0,0 +1,98 @@
+# A collection of events to display in an event list.
+#
+# An EventCollection is meant to be used for displaying events to a user (e.g.
+# in a controller), it's not suitable for building queries that are used for
+# building other queries.
+class EventCollection
+  # To prevent users from putting too much pressure on the database by cycling
+  # through thousands of events we put a limit on the number of pages.
+  MAX_PAGE = 10
+
+  # projects - An ActiveRecord::Relation object that returns the projects for
+  #            which to retrieve events.
+  # filter - An EventFilter instance to use for filtering events.
+  def initialize(projects, limit: 20, offset: 0, filter: nil)
+    @projects = projects
+    @limit = limit
+    @offset = offset
+    @filter = filter
+  end
+
+  # Returns an Array containing the events.
+  def to_a
+    return [] if current_page > MAX_PAGE
+
+    relation = if Gitlab::Database.join_lateral_supported?
+                 relation_with_join_lateral
+               else
+                 relation_without_join_lateral
+               end
+
+    relation.with_associations.to_a
+  end
+
+  private
+
+  # Returns the events relation to use when JOIN LATERAL is not supported.
+  #
+  # This relation simply gets all the events for all authorized projects, then
+  # limits that set.
+  def relation_without_join_lateral
+    events = filtered_events.in_projects(projects)
+
+    paginate_events(events)
+  end
+
+  # Returns the events relation to use when JOIN LATERAL is supported.
+  #
+  # This relation is built using JOIN LATERAL, producing faster queries than a
+  # regular LIMIT + OFFSET approach.
+  def relation_with_join_lateral
+    projects_for_lateral = projects.select(:id).to_sql
+
+    lateral = filtered_events
+      .limit(limit_for_join_lateral)
+      .where('events.project_id = projects_for_lateral.id')
+      .to_sql
+
+    # The outer query does not need to re-apply the filters since the JOIN
+    # LATERAL body already takes care of this.
+    outer = base_relation
+      .from("(#{projects_for_lateral}) projects_for_lateral")
+      .joins("JOIN LATERAL (#{lateral}) AS #{Event.table_name} ON true")
+
+    paginate_events(outer)
+  end
+
+  def filtered_events
+    @filter ? @filter.apply_filter(base_relation) : base_relation
+  end
+
+  def paginate_events(events)
+    events.limit(@limit).offset(@offset)
+  end
+
+  def base_relation
+    # We want to have absolute control over the event queries being built, thus
+    # we're explicitly opting out of any default scopes that may be set.
+    Event.unscoped.recent
+  end
+
+  def limit_for_join_lateral
+    # Applying the OFFSET on the inside of a JOIN LATERAL leads to incorrect
+    # results. To work around this we need to increase the inner limit for every
+    # page.
+    #
+    # This means that on page 1 we use LIMIT 20, and an outer OFFSET of 0. On
+    # page 2 we use LIMIT 40 and an outer OFFSET of 20.
+    @limit + @offset
+  end
+
+  def current_page
+    (@offset / @limit) + 1
+  end
+
+  def projects
+    @projects.except(:order)
+  end
+end
diff --git a/app/models/event_for_migration.rb b/app/models/event_for_migration.rb
new file mode 100644
index 00000000000..a1672da5eec
--- /dev/null
+++ b/app/models/event_for_migration.rb
@@ -0,0 +1,5 @@
+# This model is used to replicate events between the old "events" table and the
+# new "events_for_migration" table that will replace "events" in GitLab 10.0.
+class EventForMigration < ActiveRecord::Base
+  self.table_name = 'events_for_migration'
+end
diff --git a/app/models/group.rb b/app/models/group.rb
index bd5735ed82e..2816a68257c 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -212,21 +212,39 @@ class Group < Namespace
   end
 
   def user_ids_for_project_authorizations
-    users_with_parents.pluck(:id)
+    members_with_parents.pluck(:user_id)
   end
 
   def members_with_parents
-    GroupMember.active.where(source_id: ancestors.pluck(:id).push(id)).where.not(user_id: nil)
+    # Avoids an unnecessary SELECT when the group has no parents
+    source_ids =
+      if parent_id
+        self_and_ancestors.reorder(nil).select(:id)
+      else
+        id
+      end
+
+    GroupMember
+      .active_without_invites
+      .where(source_id: source_ids)
+  end
+
+  def members_with_descendants
+    GroupMember
+      .active_without_invites
+      .where(source_id: self_and_descendants.reorder(nil).select(:id))
   end
 
   def users_with_parents
-    User.where(id: members_with_parents.select(:user_id))
+    User
+      .where(id: members_with_parents.select(:user_id))
+      .reorder(nil)
   end
 
   def users_with_descendants
-    members_with_descendants = GroupMember.non_request.where(source_id: descendants.pluck(:id).push(id))
-
-    User.where(id: members_with_descendants.select(:user_id))
+    User
+      .where(id: members_with_descendants.select(:user_id))
+      .reorder(nil)
   end
 
   def max_member_access_for_user(user)
diff --git a/app/models/member.rb b/app/models/member.rb
index dc9247bc9a0..ee2cb13697b 100644
--- a/app/models/member.rb
+++ b/app/models/member.rb
@@ -41,9 +41,20 @@ class Member < ActiveRecord::Base
     is_external_invite = arel_table[:user_id].eq(nil).and(arel_table[:invite_token].not_eq(nil))
     user_is_active = User.arel_table[:state].eq(:active)
 
-    includes(:user).references(:users)
-      .where(is_external_invite.or(user_is_active))
+    user_ok = Arel::Nodes::Grouping.new(is_external_invite).or(user_is_active)
+
+    left_join_users
+      .where(user_ok)
       .where(requested_at: nil)
+      .reorder(nil)
+  end
+
+  # Like active, but without invites. For when a User is required.
+  scope :active_without_invites, -> do
+    left_join_users
+      .where(users: { state: 'active' })
+      .where(requested_at: nil)
+      .reorder(nil)
   end
 
   scope :invite, -> { where.not(invite_token: nil) }
@@ -276,6 +287,13 @@ class Member < ActiveRecord::Base
     @notification_setting ||= user.notification_settings_for(source)
   end
 
+  def notifiable?(type, opts = {})
+    # always notify when there isn't a user yet
+    return true if user.blank?
+
+    NotificationRecipientService.notifiable?(user, type, notifiable_options.merge(opts))
+  end
+
   private
 
   def send_invite
@@ -332,4 +350,8 @@ class Member < ActiveRecord::Base
   def notification_service
     NotificationService.new
   end
+
+  def notifiable_options
+    {}
+  end
 end
diff --git a/app/models/members/group_member.rb b/app/models/members/group_member.rb
index 47040f95533..661e668dbf9 100644
--- a/app/models/members/group_member.rb
+++ b/app/models/members/group_member.rb
@@ -30,6 +30,10 @@ class GroupMember < Member
     'Group'
   end
 
+  def notifiable_options
+    { group: group }
+  end
+
   private
 
   def send_invite
diff --git a/app/models/members/project_member.rb b/app/models/members/project_member.rb
index c0e17f4bfc8..b6f1dd272cd 100644
--- a/app/models/members/project_member.rb
+++ b/app/models/members/project_member.rb
@@ -87,6 +87,10 @@ class ProjectMember < Member
     project.owner == user
   end
 
+  def notifiable_options
+    { project: project }
+  end
+
   private
 
   def delete_member_todos
diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb
index 8ca850b6d96..ac08dc0ee1f 100644
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -8,6 +8,7 @@ class MergeRequest < ActiveRecord::Base
   include CreatedAtFilterable
 
   ignore_column :position
+  ignore_column :locked_at
 
   belongs_to :target_project, class_name: "Project"
   belongs_to :source_project, class_name: "Project"
@@ -61,16 +62,6 @@ class MergeRequest < ActiveRecord::Base
       transition locked: :opened
     end
 
-    after_transition any => :locked do |merge_request, transition|
-      merge_request.locked_at = Time.now
-      merge_request.save
-    end
-
-    after_transition locked: (any - :locked) do |merge_request, transition|
-      merge_request.locked_at = nil
-      merge_request.save
-    end
-
     state :opened
     state :closed
     state :merged
@@ -171,7 +162,7 @@ class MergeRequest < ActiveRecord::Base
     target = unscoped.where(target_project_id: relation).select(:id)
     union  = Gitlab::SQL::Union.new([source, target])
 
-    where("merge_requests.id IN (#{union.to_sql})")
+    where("merge_requests.id IN (#{union.to_sql})") # rubocop:disable GitlabSecurity/SqlInjection
   end
 
   WIP_REGEX = /\A\s*(\[WIP\]\s*|WIP:\s*|WIP\s+)+\s*/i.freeze
@@ -392,6 +383,12 @@ class MergeRequest < ActiveRecord::Base
                'Source project is not a fork of the target project'
   end
 
+  def merge_ongoing?
+    return false unless merge_jid
+
+    Gitlab::SidekiqStatus.num_running([merge_jid]) > 0
+  end
+
   def closed_without_fork?
     closed? && source_project_missing?
   end
@@ -446,7 +443,8 @@ class MergeRequest < ActiveRecord::Base
   end
 
   def reload_diff_if_branch_changed
-    if source_branch_changed? || target_branch_changed?
+    if (source_branch_changed? || target_branch_changed?) &&
+        (source_branch_head && target_branch_head)
       reload_diff
     end
   end
@@ -725,12 +723,6 @@ class MergeRequest < ActiveRecord::Base
     end
   end
 
-  def locked_long_ago?
-    return false unless locked?
-
-    locked_at.nil? || locked_at < (Time.now - 1.day)
-  end
-
   def has_ci?
     has_ci_integration = source_project.try(:ci_service)
     uses_gitlab_ci = all_pipelines.any?
@@ -801,11 +793,7 @@ class MergeRequest < ActiveRecord::Base
   end
 
   def fetch_ref
-    target_project.repository.fetch_ref(
-      source_project.repository.path_to_repo,
-      "refs/heads/#{source_branch}",
-      ref_path
-    )
+    write_ref
     update_column(:ref_fetched, true)
   end
 
@@ -948,4 +936,17 @@ class MergeRequest < ActiveRecord::Base
 
     true
   end
+
+  private
+
+  def write_ref
+    target_project.repository.with_repo_branch_commit(
+      source_project.repository, source_branch) do |commit|
+        if commit
+          target_project.repository.write_ref(ref_path, commit.sha)
+        else
+          raise Rugged::ReferenceError, 'source repository is empty'
+        end
+      end
+  end
 end
diff --git a/app/models/merge_request_diff.rb b/app/models/merge_request_diff.rb
index d9d746ccf41..58050e1f438 100644
--- a/app/models/merge_request_diff.rb
+++ b/app/models/merge_request_diff.rb
@@ -282,9 +282,7 @@ class MergeRequestDiff < ActiveRecord::Base
   def load_commits
     commits = st_commits.presence || merge_request_diff_commits
 
-    commits.map do |commit|
-      Commit.new(Gitlab::Git::Commit.new(commit.to_hash), merge_request.source_project)
-    end
+    commits.map { |commit| Commit.from_hash(commit.to_hash, project) }
   end
 
   def save_diffs
diff --git a/app/models/merge_request_diff_commit.rb b/app/models/merge_request_diff_commit.rb
index cafdbe11849..670b26d4ca3 100644
--- a/app/models/merge_request_diff_commit.rb
+++ b/app/models/merge_request_diff_commit.rb
@@ -26,7 +26,7 @@ class MergeRequestDiffCommit < ActiveRecord::Base
 
   def to_hash
     Gitlab::Git::Commit::SERIALIZE_KEYS.each_with_object({}) do |key, hash|
-      hash[key] = public_send(key)
+      hash[key] = public_send(key) # rubocop:disable GitlabSecurity/PublicSend
     end
   end
 
diff --git a/app/models/namespace.rb b/app/models/namespace.rb
index 6073fb94a3f..e7bc1d1b080 100644
--- a/app/models/namespace.rb
+++ b/app/models/namespace.rb
@@ -156,6 +156,14 @@ class Namespace < ActiveRecord::Base
       .base_and_ancestors
   end
 
+  def self_and_ancestors
+    return self.class.where(id: id) unless parent_id
+
+    Gitlab::GroupHierarchy
+      .new(self.class.where(id: id))
+      .base_and_ancestors
+  end
+
   # Returns all the descendants of the current namespace.
   def descendants
     Gitlab::GroupHierarchy
@@ -163,6 +171,12 @@ class Namespace < ActiveRecord::Base
       .base_and_descendants
   end
 
+  def self_and_descendants
+    Gitlab::GroupHierarchy
+      .new(self.class.where(id: id))
+      .base_and_descendants
+  end
+
   def user_ids_for_project_authorizations
     [owner_id]
   end
diff --git a/app/models/network/graph.rb b/app/models/network/graph.rb
index 2bc00a082df..0e5acb22d50 100644
--- a/app/models/network/graph.rb
+++ b/app/models/network/graph.rb
@@ -206,7 +206,7 @@ module Network
 
       # Visit branching chains
       leaves.each do |l|
-        parents = l.parents(@map).select{|p| p.space.zero?}
+        parents = l.parents(@map).select {|p| p.space.zero?}
         parents.each do |p|
           place_chain(p, l.time)
         end
diff --git a/app/models/note.rb b/app/models/note.rb
index d0e3bc0bfed..a752c897d63 100644
--- a/app/models/note.rb
+++ b/app/models/note.rb
@@ -77,20 +77,20 @@ class Note < ActiveRecord::Base
 
   # Scopes
   scope :for_commit_id, ->(commit_id) { where(noteable_type: "Commit", commit_id: commit_id) }
-  scope :system, ->{ where(system: true) }
-  scope :user, ->{ where(system: false) }
-  scope :common, ->{ where(noteable_type: ["", nil]) }
-  scope :fresh, ->{ order(created_at: :asc, id: :asc) }
-  scope :updated_after, ->(time){ where('updated_at > ?', time) }
-  scope :inc_author_project, ->{ includes(:project, :author) }
-  scope :inc_author, ->{ includes(:author) }
+  scope :system, -> { where(system: true) }
+  scope :user, -> { where(system: false) }
+  scope :common, -> { where(noteable_type: ["", nil]) }
+  scope :fresh, -> { order(created_at: :asc, id: :asc) }
+  scope :updated_after, ->(time) { where('updated_at > ?', time) }
+  scope :inc_author_project, -> { includes(:project, :author) }
+  scope :inc_author, -> { includes(:author) }
   scope :inc_relations_for_view, -> do
     includes(:project, :author, :updated_by, :resolved_by, :award_emoji, :system_note_metadata)
   end
 
-  scope :diff_notes, ->{ where(type: %w(LegacyDiffNote DiffNote)) }
-  scope :new_diff_notes, ->{ where(type: 'DiffNote') }
-  scope :non_diff_notes, ->{ where(type: ['Note', 'DiscussionNote', nil]) }
+  scope :diff_notes, -> { where(type: %w(LegacyDiffNote DiffNote)) }
+  scope :new_diff_notes, -> { where(type: 'DiffNote') }
+  scope :non_diff_notes, -> { where(type: ['Note', 'DiscussionNote', nil]) }
 
   scope :with_associations, -> do
     # FYI noteable cannot be loaded for LegacyDiffNote for commits
diff --git a/app/models/notification_recipient.rb b/app/models/notification_recipient.rb
index 418b42d8f1d..dc862565a71 100644
--- a/app/models/notification_recipient.rb
+++ b/app/models/notification_recipient.rb
@@ -5,14 +5,22 @@ class NotificationRecipient
     custom_action: nil,
     target: nil,
     acting_user: nil,
-    project: nil
+    project: nil,
+    group: nil,
+    skip_read_ability: false
   )
+    unless NotificationSetting.levels.key?(type) || type == :subscription
+      raise ArgumentError, "invalid type: #{type.inspect}"
+    end
+
     @custom_action = custom_action
     @acting_user = acting_user
     @target = target
-    @project = project || @target&.project
+    @project = project || default_project
+    @group = group || @project&.group
     @user = user
     @type = type
+    @skip_read_ability = skip_read_ability
   end
 
   def notification_setting
@@ -77,6 +85,8 @@ class NotificationRecipient
   def has_access?
     DeclarativePolicy.subject_scope do
       return false unless user.can?(:receive_notifications)
+      return true if @skip_read_ability
+
       return false if @project && !user.can?(:read_project, @project)
 
       return true unless read_ability
@@ -96,6 +106,7 @@ class NotificationRecipient
   private
 
   def read_ability
+    return nil if @skip_read_ability
     return @read_ability if instance_variable_defined?(:@read_ability)
 
     @read_ability =
@@ -111,12 +122,18 @@ class NotificationRecipient
       end
   end
 
+  def default_project
+    return nil if @target.nil?
+    return @target if @target.is_a?(Project)
+    return @target.project if @target.respond_to?(:project)
+  end
+
   def find_notification_setting
     project_setting = @project && user.notification_settings_for(@project)
 
     return project_setting unless project_setting.nil? || project_setting.global?
 
-    group_setting = @project&.group && user.notification_settings_for(@project.group)
+    group_setting = @group && user.notification_settings_for(@group)
 
     return group_setting unless group_setting.nil? || group_setting.global?
 
diff --git a/app/models/notification_setting.rb b/app/models/notification_setting.rb
index 9b1cac64c44..245f8dddcf9 100644
--- a/app/models/notification_setting.rb
+++ b/app/models/notification_setting.rb
@@ -66,6 +66,6 @@ class NotificationSetting < ActiveRecord::Base
   alias_method :failed_pipeline?, :failed_pipeline
 
   def event_enabled?(event)
-    respond_to?(event) && !!public_send(event)
+    respond_to?(event) && !!public_send(event) # rubocop:disable GitlabSecurity/PublicSend
   end
 end
diff --git a/app/models/project.rb b/app/models/project.rb
index e7baba2ef08..0de7da0ddaa 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -196,7 +196,6 @@ class Project < ActiveRecord::Base
   accepts_nested_attributes_for :import_data
 
   delegate :name, to: :owner, allow_nil: true, prefix: true
-  delegate :count, to: :forks, prefix: true
   delegate :members, to: :team, prefix: true
   delegate :add_user, :add_users, to: :team
   delegate :add_guest, :add_reporter, :add_developer, :add_master, to: :team
@@ -415,7 +414,7 @@ class Project < ActiveRecord::Base
 
       union = Gitlab::SQL::Union.new([projects, namespaces])
 
-      where("projects.id IN (#{union.to_sql})")
+      where("projects.id IN (#{union.to_sql})") # rubocop:disable GitlabSecurity/SqlInjection
     end
 
     def search_by_title(query)
@@ -825,7 +824,7 @@ class Project < ActiveRecord::Base
 
         if template.nil?
           # If no template, we should create an instance. Ex `build_gitlab_ci_service`
-          public_send("build_#{service_name}_service")
+          public_send("build_#{service_name}_service") # rubocop:disable GitlabSecurity/PublicSend
         else
           Service.build_from_template(id, template)
         end
@@ -1046,13 +1045,16 @@ class Project < ActiveRecord::Base
   end
 
   def change_head(branch)
-    repository.before_change_head
-    repository.rugged.references.create('HEAD',
-                                        "refs/heads/#{branch}",
-                                        force: true)
-    repository.copy_gitattributes(branch)
-    repository.after_change_head
-    reload_default_branch
+    if repository.branch_exists?(branch)
+      repository.before_change_head
+      repository.write_ref('HEAD', "refs/heads/#{branch}")
+      repository.copy_gitattributes(branch)
+      repository.after_change_head
+      reload_default_branch
+    else
+      errors.add(:base, "Could not change HEAD: branch '#{branch}' does not exist")
+      false
+    end
   end
 
   def forked_from?(project)
@@ -1326,7 +1328,7 @@ class Project < ActiveRecord::Base
   end
 
   def append_or_update_attribute(name, value)
-    old_values = public_send(name.to_s)
+    old_values = public_send(name.to_s) # rubocop:disable GitlabSecurity/PublicSend
 
     if Project.reflect_on_association(name).try(:macro) == :has_many && old_values.any?
       update_attribute(name, old_values + value)
@@ -1393,6 +1395,10 @@ class Project < ActiveRecord::Base
   # @deprecated cannot remove yet because it has an index with its name in elasticsearch
   alias_method :path_with_namespace, :full_path
 
+  def forks_count
+    Projects::ForksCountService.new(self).count
+  end
+
   private
 
   def cross_namespace_reference?(from)
diff --git a/app/models/project_feature.rb b/app/models/project_feature.rb
index c8fabb16dc1..fb1db0255aa 100644
--- a/app/models/project_feature.rb
+++ b/app/models/project_feature.rb
@@ -55,7 +55,7 @@ class ProjectFeature < ActiveRecord::Base
   end
 
   def access_level(feature)
-    public_send(ProjectFeature.access_level_attribute(feature))
+    public_send(ProjectFeature.access_level_attribute(feature)) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def builds_enabled?
@@ -80,7 +80,7 @@ class ProjectFeature < ActiveRecord::Base
   # which cannot be higher than repository access level
   def repository_children_level
     validator = lambda do |field|
-      level = public_send(field) || ProjectFeature::ENABLED
+      level = public_send(field) || ProjectFeature::ENABLED # rubocop:disable GitlabSecurity/PublicSend
       not_allowed = level > repository_access_level
       self.errors.add(field, "cannot have higher visibility level than repository access level") if not_allowed
     end
diff --git a/app/models/project_statistics.rb b/app/models/project_statistics.rb
index aeaf63abab9..715b215d1db 100644
--- a/app/models/project_statistics.rb
+++ b/app/models/project_statistics.rb
@@ -14,7 +14,7 @@ class ProjectStatistics < ActiveRecord::Base
   def refresh!(only: nil)
     STATISTICS_COLUMNS.each do |column, generator|
       if only.blank? || only.include?(column)
-        public_send("update_#{column}")
+        public_send("update_#{column}") # rubocop:disable GitlabSecurity/PublicSend
       end
     end
 
diff --git a/app/models/push_event.rb b/app/models/push_event.rb
new file mode 100644
index 00000000000..3f1ff979de6
--- /dev/null
+++ b/app/models/push_event.rb
@@ -0,0 +1,126 @@
+class PushEvent < Event
+  # This validation exists so we can't accidentally use PushEvent with a
+  # different "action" value.
+  validate :validate_push_action
+
+  # Authors are required as they're used to display who pushed data.
+  #
+  # We're just validating the presence of the ID here as foreign key constraints
+  # should ensure the ID points to a valid user.
+  validates :author_id, presence: true
+
+  # The project is required to build links to commits, commit ranges, etc.
+  #
+  # We're just validating the presence of the ID here as foreign key constraints
+  # should ensure the ID points to a valid project.
+  validates :project_id, presence: true
+
+  # The "data" field must not be set for push events since it's not used and a
+  # waste of space.
+  validates :data, absence: true
+
+  # These fields are also not used for push events, thus storing them would be a
+  # waste.
+  validates :target_id, absence: true
+  validates :target_type, absence: true
+
+  def self.sti_name
+    PUSHED
+  end
+
+  def push?
+    true
+  end
+
+  def push_with_commits?
+    !!(commit_from && commit_to)
+  end
+
+  def tag?
+    return super unless push_event_payload
+
+    push_event_payload.tag?
+  end
+
+  def branch?
+    return super unless push_event_payload
+
+    push_event_payload.branch?
+  end
+
+  def valid_push?
+    return super unless push_event_payload
+
+    push_event_payload.ref.present?
+  end
+
+  def new_ref?
+    return super unless push_event_payload
+
+    push_event_payload.created?
+  end
+
+  def rm_ref?
+    return super unless push_event_payload
+
+    push_event_payload.removed?
+  end
+
+  def commit_from
+    return super unless push_event_payload
+
+    push_event_payload.commit_from
+  end
+
+  def commit_to
+    return super unless push_event_payload
+
+    push_event_payload.commit_to
+  end
+
+  def ref_name
+    return super unless push_event_payload
+
+    push_event_payload.ref
+  end
+
+  def ref_type
+    return super unless push_event_payload
+
+    push_event_payload.ref_type
+  end
+
+  def branch_name
+    return super unless push_event_payload
+
+    ref_name
+  end
+
+  def tag_name
+    return super unless push_event_payload
+
+    ref_name
+  end
+
+  def commit_title
+    return super unless push_event_payload
+
+    push_event_payload.commit_title
+  end
+
+  def commit_id
+    commit_to || commit_from
+  end
+
+  def commits_count
+    return super unless push_event_payload
+
+    push_event_payload.commit_count
+  end
+
+  def validate_push_action
+    return if action == PUSHED
+
+    errors.add(:action, "the action #{action.inspect} is not valid")
+  end
+end
diff --git a/app/models/push_event_payload.rb b/app/models/push_event_payload.rb
new file mode 100644
index 00000000000..6cdb1cd4fe9
--- /dev/null
+++ b/app/models/push_event_payload.rb
@@ -0,0 +1,22 @@
+class PushEventPayload < ActiveRecord::Base
+  include ShaAttribute
+
+  belongs_to :event, inverse_of: :push_event_payload
+
+  validates :event_id, :commit_count, :action, :ref_type, presence: true
+  validates :commit_title, length: { maximum: 70 }
+
+  sha_attribute :commit_from
+  sha_attribute :commit_to
+
+  enum action: {
+    created: 0,
+    removed: 1,
+    pushed: 2
+  }
+
+  enum ref_type: {
+    branch: 0,
+    tag: 1
+  }
+end
diff --git a/app/models/redirect_route.rb b/app/models/redirect_route.rb
index 964175ddab8..090fbd61e6f 100644
--- a/app/models/redirect_route.rb
+++ b/app/models/redirect_route.rb
@@ -8,5 +8,13 @@ class RedirectRoute < ActiveRecord::Base
     presence: true,
     uniqueness: { case_sensitive: false }
 
-  scope :matching_path_and_descendants, -> (path) { where('redirect_routes.path = ? OR redirect_routes.path LIKE ?', path, "#{sanitize_sql_like(path)}/%") }
+  scope :matching_path_and_descendants, -> (path) do
+    wheres = if Gitlab::Database.postgresql?
+               'LOWER(redirect_routes.path) = LOWER(?) OR LOWER(redirect_routes.path) LIKE LOWER(?)'
+             else
+               'redirect_routes.path = ? OR redirect_routes.path LIKE ?'
+             end
+             
+    where(wheres, path, "#{sanitize_sql_like(path)}/%")
+  end
 end
diff --git a/app/models/repository.rb b/app/models/repository.rb
index 3b5d0e00c70..a761302b06b 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -64,6 +64,8 @@ class Repository
     @raw_repository ||= initialize_raw_repository
   end
 
+  alias_method :raw, :raw_repository
+
   # Return absolute path to repository
   def path_to_repo
     @path_to_repo ||= File.expand_path(
@@ -222,7 +224,7 @@ class Repository
 
     # This will still fail if the file is corrupted (e.g. 0 bytes)
     begin
-      rugged.references.create(keep_around_ref_name(sha), sha, force: true)
+      write_ref(keep_around_ref_name(sha), sha)
     rescue Rugged::ReferenceError => ex
       Rails.logger.error "Unable to create keep-around reference for repository #{path}: #{ex}"
     rescue Rugged::OSError => ex
@@ -235,6 +237,10 @@ class Repository
     ref_exists?(keep_around_ref_name(sha))
   end
 
+  def write_ref(ref_path, sha)
+    rugged.references.create(ref_path, sha, force: true)
+  end
+
   def diverging_commit_counts(branch)
     root_ref_hash = raw_repository.rev_parse_target(root_ref).oid
     cache.fetch(:"diverging_commit_counts_#{branch.name}") do
@@ -298,7 +304,7 @@ class Repository
 
     expire_method_caches(to_refresh)
 
-    to_refresh.each { |method| send(method) }
+    to_refresh.each { |method| send(method) } # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def expire_branch_cache(branch_name = nil)
@@ -763,7 +769,7 @@ class Repository
       index = Gitlab::Git::Index.new(raw_repository)
 
       if start_commit
-        index.read_tree(start_commit.raw_commit.tree)
+        index.read_tree(start_commit.rugged_commit.tree)
         parents = [start_commit.sha]
       else
         parents = []
@@ -983,12 +989,10 @@ class Repository
       if start_repository == self
         start_branch_name
       else
-        tmp_ref = "refs/tmp/#{SecureRandom.hex}/head"
-
-        fetch_ref(
+        tmp_ref = fetch_ref(
           start_repository.path_to_repo,
           "#{Gitlab::Git::BRANCH_REF_PREFIX}#{start_branch_name}",
-          tmp_ref
+          "refs/tmp/#{SecureRandom.hex}/head"
         )
 
         start_repository.commit(start_branch_name).sha
@@ -1019,7 +1023,12 @@ class Repository
 
   def fetch_ref(source_path, source_ref, target_ref)
     args = %W(fetch --no-tags -f #{source_path} #{source_ref}:#{target_ref})
-    run_git(args)
+    message, status = run_git(args)
+
+    # Make sure ref was created, and raise Rugged::ReferenceError when not
+    raise Rugged::ReferenceError, message if status != 0
+
+    target_ref
   end
 
   def create_ref(ref, ref_path)
diff --git a/app/models/user.rb b/app/models/user.rb
index 5148886eed7..2b25736bb26 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -148,6 +148,8 @@ class User < ActiveRecord::Base
     uniqueness: { case_sensitive: false }
 
   validate :namespace_uniq, if: :username_changed?
+  validate :namespace_move_dir_allowed, if: :username_changed?
+
   validate :avatar_type, if: ->(user) { user.avatar.present? && user.avatar_changed? }
   validate :unique_email, if: :email_changed?
   validate :owns_notification_email, if: :notification_email_changed?
@@ -487,6 +489,12 @@ class User < ActiveRecord::Base
     end
   end
 
+  def namespace_move_dir_allowed
+    if namespace&.any_project_has_container_registry_tags?
+      errors.add(:username, 'cannot be changed if a personal project has container registry tags.')
+    end
+  end
+
   def avatar_type
     unless avatar.image?
       errors.add :avatar, "only images allowed"
@@ -528,7 +536,7 @@ class User < ActiveRecord::Base
     union = Gitlab::SQL::Union
       .new([groups.select(:id), authorized_projects.select(:namespace_id)])
 
-    Group.where("namespaces.id IN (#{union.to_sql})")
+    Group.where("namespaces.id IN (#{union.to_sql})") # rubocop:disable GitlabSecurity/SqlInjection
   end
 
   # Returns a relation of groups the user has access to, including their parent
@@ -718,9 +726,9 @@ class User < ActiveRecord::Base
   end
 
   def sanitize_attrs
-    %w[username skype linkedin twitter].each do |attr|
-      value = public_send(attr)
-      public_send("#{attr}=", Sanitize.clean(value)) if value.present?
+    %i[skype linkedin twitter].each do |attr|
+      value = self[attr]
+      self[attr] = Sanitize.clean(value) if value.present?
     end
   end
 
@@ -779,7 +787,7 @@ class User < ActiveRecord::Base
 
   def with_defaults
     User.defaults.each do |k, v|
-      public_send("#{k}=", v)
+      public_send("#{k}=", v) # rubocop:disable GitlabSecurity/PublicSend
     end
 
     self
@@ -825,7 +833,7 @@ class User < ActiveRecord::Base
     {
       name: name,
       username: username,
-      avatar_url: avatar_url
+      avatar_url: avatar_url(only_path: false)
     }
   end
 
@@ -919,7 +927,7 @@ class User < ActiveRecord::Base
   def ci_authorized_runners
     @ci_authorized_runners ||= begin
       runner_ids = Ci::RunnerProject
-        .where("ci_runner_projects.project_id IN (#{ci_projects_union.to_sql})")
+        .where("ci_runner_projects.project_id IN (#{ci_projects_union.to_sql})") # rubocop:disable GitlabSecurity/SqlInjection
         .select(:runner_id)
       Ci::Runner.specific.where(id: runner_ids)
     end
@@ -1061,6 +1069,7 @@ class User < ActiveRecord::Base
 
   # Added according to https://github.com/plataformatec/devise/blob/7df57d5081f9884849ca15e4fde179ef164a575f/README.md#activejob-integration
   def send_devise_notification(notification, *args)
+    return true unless can?(:receive_notifications)
     devise_mailer.send(notification, self, *args).deliver_later
   end
 
diff --git a/app/serializers/analytics_build_entity.rb b/app/serializers/analytics_build_entity.rb
index ad7ad020b03..bdc22d71202 100644
--- a/app/serializers/analytics_build_entity.rb
+++ b/app/serializers/analytics_build_entity.rb
@@ -35,6 +35,6 @@ class AnalyticsBuildEntity < Grape::Entity
   private
 
   def url_to(route, build, id = nil)
-    public_send("#{route}_url", build.project.namespace, build.project, id || build)
+    public_send("#{route}_url", build.project.namespace, build.project, id || build) # rubocop:disable GitlabSecurity/PublicSend
   end
 end
diff --git a/app/serializers/analytics_issue_entity.rb b/app/serializers/analytics_issue_entity.rb
index 44c50f18613..b7d95ea020f 100644
--- a/app/serializers/analytics_issue_entity.rb
+++ b/app/serializers/analytics_issue_entity.rb
@@ -24,6 +24,6 @@ class AnalyticsIssueEntity < Grape::Entity
   private
 
   def url_to(route, id)
-    public_send("#{route}_url", request.project.namespace, request.project, id)
+    public_send("#{route}_url", request.project.namespace, request.project, id) # rubocop:disable GitlabSecurity/PublicSend
   end
 end
diff --git a/app/serializers/blob_entity.rb b/app/serializers/blob_entity.rb
new file mode 100644
index 00000000000..56f173e5a27
--- /dev/null
+++ b/app/serializers/blob_entity.rb
@@ -0,0 +1,17 @@
+class BlobEntity < Grape::Entity
+  include RequestAwareEntity
+
+  expose :id, :path, :name, :mode
+
+  expose :last_commit do |blob|
+    request.project.repository.last_commit_for_path(blob.commit_id, blob.path)
+  end
+
+  expose :icon do |blob|
+    IconsHelper.file_type_icon_class('file', blob.mode, blob.name)
+  end
+
+  expose :url do |blob|
+    project_blob_path(request.project, File.join(request.ref, blob.path))
+  end
+end
diff --git a/app/serializers/job_entity.rb b/app/serializers/job_entity.rb
index d6de43bcbcb..72e56a2c77f 100644
--- a/app/serializers/job_entity.rb
+++ b/app/serializers/job_entity.rb
@@ -46,6 +46,6 @@ class JobEntity < Grape::Entity
   end
 
   def path_to(route, build)
-    send("#{route}_path", build.project.namespace, build.project, build)
+    send("#{route}_path", build.project.namespace, build.project, build) # rubocop:disable GitlabSecurity/PublicSend
   end
 end
diff --git a/app/serializers/merge_request_entity.rb b/app/serializers/merge_request_entity.rb
index 7f17f2bf604..07650ce6f20 100644
--- a/app/serializers/merge_request_entity.rb
+++ b/app/serializers/merge_request_entity.rb
@@ -2,7 +2,6 @@ class MergeRequestEntity < IssuableEntity
   include RequestAwareEntity
 
   expose :in_progress_merge_commit_sha
-  expose :locked_at
   expose :merge_commit_sha
   expose :merge_error
   expose :merge_params
@@ -32,6 +31,7 @@ class MergeRequestEntity < IssuableEntity
   expose :head_pipeline, with: PipelineDetailsEntity, as: :pipeline
 
   # Booleans
+  expose :merge_ongoing?, as: :merge_ongoing
   expose :work_in_progress?, as: :work_in_progress
   expose :source_branch_exists?, as: :source_branch_exists
   expose :mergeable_discussions_state?, as: :mergeable_discussions_state
diff --git a/app/serializers/submodule_entity.rb b/app/serializers/submodule_entity.rb
new file mode 100644
index 00000000000..9a7eb5e7880
--- /dev/null
+++ b/app/serializers/submodule_entity.rb
@@ -0,0 +1,23 @@
+class SubmoduleEntity < Grape::Entity
+  include RequestAwareEntity
+
+  expose :id, :path, :name, :mode
+
+  expose :icon do |blob|
+    'archive'
+  end
+
+  expose :project_url do |blob|
+    submodule_links(blob, request).first
+  end
+
+  expose :tree_url do |blob|
+    submodule_links(blob, request).last
+  end
+
+  private
+
+  def submodule_links(blob, request)
+    @submodule_links ||= SubmoduleHelper.submodule_links(blob, request.ref, request.repository)
+  end
+end
diff --git a/app/serializers/tree_entity.rb b/app/serializers/tree_entity.rb
new file mode 100644
index 00000000000..555e5cf83bd
--- /dev/null
+++ b/app/serializers/tree_entity.rb
@@ -0,0 +1,17 @@
+class TreeEntity < Grape::Entity
+  include RequestAwareEntity
+
+  expose :id, :path, :name, :mode
+
+  expose :last_commit do |tree|
+    request.project.repository.last_commit_for_path(tree.commit_id, tree.path)
+  end
+
+  expose :icon do |tree|
+    IconsHelper.file_type_icon_class('folder', tree.mode, tree.name)
+  end
+
+  expose :url do |tree|
+    project_tree_path(request.project, File.join(request.ref, tree.path))
+  end
+end
diff --git a/app/serializers/tree_root_entity.rb b/app/serializers/tree_root_entity.rb
new file mode 100644
index 00000000000..23b65aa4a4c
--- /dev/null
+++ b/app/serializers/tree_root_entity.rb
@@ -0,0 +1,8 @@
+# TODO: Inherit from TreeEntity, when `Tree` implements `id` and `name` like `Gitlab::Git::Tree`.
+class TreeRootEntity < Grape::Entity
+  expose :path
+  
+  expose :trees, using: TreeEntity
+  expose :blobs, using: BlobEntity
+  expose :submodules, using: SubmoduleEntity
+end
diff --git a/app/serializers/tree_serializer.rb b/app/serializers/tree_serializer.rb
new file mode 100644
index 00000000000..713ade23bc9
--- /dev/null
+++ b/app/serializers/tree_serializer.rb
@@ -0,0 +1,3 @@
+class TreeSerializer < BaseSerializer
+  entity TreeRootEntity
+end
diff --git a/app/services/ci/register_job_service.rb b/app/services/ci/register_job_service.rb
index fc87bd6a659..414f672cc6a 100644
--- a/app/services/ci/register_job_service.rb
+++ b/app/services/ci/register_job_service.rb
@@ -85,13 +85,13 @@ module Ci
     end
 
     def register_failure
-      failed_attempt_counter.increase
-      attempt_counter.increase
+      failed_attempt_counter.increment
+      attempt_counter.increment
     end
 
     def register_success(job)
       job_queue_duration_seconds.observe({ shared_runner: @runner.shared? }, Time.now - job.created_at)
-      attempt_counter.increase
+      attempt_counter.increment
     end
 
     def failed_attempt_counter
diff --git a/app/services/event_create_service.rb b/app/services/event_create_service.rb
index 0f3a485a3fd..0b7e4f187f7 100644
--- a/app/services/event_create_service.rb
+++ b/app/services/event_create_service.rb
@@ -71,7 +71,14 @@ class EventCreateService
   end
 
   def push(project, current_user, push_data)
-    create_event(project, current_user, Event::PUSHED, data: push_data)
+    # We're using an explicit transaction here so that any errors that may occur
+    # when creating push payload data will result in the event creation being
+    # rolled back as well.
+    Event.transaction do
+      event = create_event(project, current_user, Event::PUSHED)
+
+      PushEventPayloadService.new(event, push_data).execute
+    end
 
     Users::ActivityService.new(current_user, 'push').execute
   end
diff --git a/app/services/issues/create_service.rb b/app/services/issues/create_service.rb
index 9114f0ccc81..234fcbede03 100644
--- a/app/services/issues/create_service.rb
+++ b/app/services/issues/create_service.rb
@@ -16,6 +16,7 @@ module Issues
       spam_check(issue, current_user)
       issue.move_to_end
 
+      # current_user (defined in BaseService) is not available within run_after_commit block
       user = current_user
       issue.run_after_commit do
         NewIssueWorker.perform_async(issue.id, user.id)
diff --git a/app/services/labels/transfer_service.rb b/app/services/labels/transfer_service.rb
index d2ece354efc..775efed48eb 100644
--- a/app/services/labels/transfer_service.rb
+++ b/app/services/labels/transfer_service.rb
@@ -37,7 +37,7 @@ module Labels
 
       union = Gitlab::SQL::Union.new(label_ids)
 
-      Label.where("labels.id IN (#{union.to_sql})").reorder(nil).uniq
+      Label.where("labels.id IN (#{union.to_sql})").reorder(nil).uniq # rubocop:disable GitlabSecurity/SqlInjection
     end
 
     def group_labels_applied_to_issues
diff --git a/app/services/merge_requests/create_service.rb b/app/services/merge_requests/create_service.rb
index 7d539fa49e6..fa0c0b7175c 100644
--- a/app/services/merge_requests/create_service.rb
+++ b/app/services/merge_requests/create_service.rb
@@ -17,6 +17,7 @@ module MergeRequests
     end
 
     def before_create(merge_request)
+      # current_user (defined in BaseService) is not available within run_after_commit block
       user = current_user
       merge_request.run_after_commit do
         NewMergeRequestWorker.perform_async(merge_request.id, user.id)
diff --git a/app/services/notification_service.rb b/app/services/notification_service.rb
index df04b1a4fe3..4267879b03d 100644
--- a/app/services/notification_service.rb
+++ b/app/services/notification_service.rb
@@ -10,9 +10,11 @@ class NotificationService
   # only if ssh key is not deploy key
   #
   # This is security email so it will be sent
-  # even if user disabled notifications
+  # even if user disabled notifications. However,
+  # it won't be sent to internal users like the
+  # ghost user or the EE support bot.
   def new_key(key)
-    if key.user
+    if key.user&.can?(:receive_notifications)
       mailer.new_ssh_key_email(key.id).deliver_later
     end
   end
@@ -22,14 +24,14 @@ class NotificationService
   # This is a security email so it will be sent even if the user user disabled
   # notifications
   def new_gpg_key(gpg_key)
-    if gpg_key.user
+    if gpg_key.user&.can?(:receive_notifications)
       mailer.new_gpg_key_email(gpg_key.id).deliver_later
     end
   end
 
   # Always notify user about email added to profile
   def new_email(email)
-    if email.user
+    if email.user&.can?(:receive_notifications)
       mailer.new_email_email(email.id).deliver_later
     end
   end
@@ -185,6 +187,8 @@ class NotificationService
 
   # Notify new user with email after creation
   def new_user(user, token = nil)
+    return true unless notifiable?(user, :mention)
+
     # Don't email omniauth created users
     mailer.new_user_email(user.id, token).deliver_later unless user.identities.any?
   end
@@ -206,19 +210,27 @@ class NotificationService
 
   # Members
   def new_access_request(member)
+    return true unless member.notifiable?(:subscription)
+
     mailer.member_access_requested_email(member.real_source_type, member.id).deliver_later
   end
 
   def decline_access_request(member)
+    return true unless member.notifiable?(:subscription)
+
     mailer.member_access_denied_email(member.real_source_type, member.source_id, member.user_id).deliver_later
   end
 
   # Project invite
   def invite_project_member(project_member, token)
+    return true unless project_member.notifiable?(:subscription)
+
     mailer.member_invited_email(project_member.real_source_type, project_member.id, token).deliver_later
   end
 
   def accept_project_invite(project_member)
+    return true unless project_member.notifiable?(:subscription)
+
     mailer.member_invite_accepted_email(project_member.real_source_type, project_member.id).deliver_later
   end
 
@@ -232,10 +244,14 @@ class NotificationService
   end
 
   def new_project_member(project_member)
+    return true unless project_member.notifiable?(:mention, skip_read_ability: true)
+
     mailer.member_access_granted_email(project_member.real_source_type, project_member.id).deliver_later
   end
 
   def update_project_member(project_member)
+    return true unless project_member.notifiable?(:mention)
+
     mailer.member_access_granted_email(project_member.real_source_type, project_member.id).deliver_later
   end
 
@@ -249,6 +265,9 @@ class NotificationService
   end
 
   def decline_group_invite(group_member)
+    # always send this one, since it's a response to the user's own
+    # action
+
     mailer.member_invite_declined_email(
       group_member.real_source_type,
       group_member.group.id,
@@ -258,15 +277,19 @@ class NotificationService
   end
 
   def new_group_member(group_member)
+    return true unless group_member.notifiable?(:mention)
+
     mailer.member_access_granted_email(group_member.real_source_type, group_member.id).deliver_later
   end
 
   def update_group_member(group_member)
+    return true unless group_member.notifiable?(:mention)
+
     mailer.member_access_granted_email(group_member.real_source_type, group_member.id).deliver_later
   end
 
   def project_was_moved(project, old_path_with_namespace)
-    recipients = NotificationRecipientService.notifiable_users(project.team.members, :mention, project: project)
+    recipients = notifiable_users(project.team.members, :mention, project: project)
 
     recipients.each do |recipient|
       mailer.project_was_moved_email(
@@ -288,10 +311,14 @@ class NotificationService
   end
 
   def project_exported(project, current_user)
+    return true unless notifiable?(current_user, :mention, project: project)
+
     mailer.project_was_exported_email(current_user, project).deliver_later
   end
 
   def project_not_exported(project, current_user, errors)
+    return true unless notifiable?(current_user, :mention, project: project)
+
     mailer.project_was_not_exported_email(current_user, project, errors).deliver_later
   end
 
@@ -300,7 +327,7 @@ class NotificationService
 
     return unless mailer.respond_to?(email_template)
 
-    recipients ||= NotificationRecipientService.notifiable_users(
+    recipients ||= notifiable_users(
       [pipeline.user], :watch,
       custom_action: :"#{pipeline.status}_pipeline",
       target: pipeline
@@ -369,7 +396,7 @@ class NotificationService
 
   def relabeled_resource_email(target, labels, current_user, method)
     recipients = labels.flat_map { |l| l.subscribers(target.project) }
-    recipients = NotificationRecipientService.notifiable_users(
+    recipients = notifiable_users(
       recipients, :subscription,
       target: target,
       acting_user: current_user
@@ -401,4 +428,14 @@ class NotificationService
       object.previous_changes[attribute].first
     end
   end
+
+  private
+
+  def notifiable?(*args)
+    NotificationRecipientService.notifiable?(*args)
+  end
+
+  def notifiable_users(*args)
+    NotificationRecipientService.notifiable_users(*args)
+  end
 end
diff --git a/app/services/projects/destroy_service.rb b/app/services/projects/destroy_service.rb
index 11ad4838471..54eb75ab9bf 100644
--- a/app/services/projects/destroy_service.rb
+++ b/app/services/projects/destroy_service.rb
@@ -128,6 +128,8 @@ module Projects
       project.repository.before_delete
 
       Repository.new(wiki_path, project, disk_path: repo_path).before_delete
+
+      Projects::ForksCountService.new(project).delete_cache
     end
   end
 end
diff --git a/app/services/projects/fork_service.rb b/app/services/projects/fork_service.rb
index a2b23ea6171..ad67e68a86a 100644
--- a/app/services/projects/fork_service.rb
+++ b/app/services/projects/fork_service.rb
@@ -21,11 +21,17 @@ module Projects
       builds_access_level = @project.project_feature.builds_access_level
       new_project.project_feature.update_attributes(builds_access_level: builds_access_level)
 
+      refresh_forks_count
+
       new_project
     end
 
     private
 
+    def refresh_forks_count
+      Projects::ForksCountService.new(@project).refresh_cache
+    end
+
     def allowed_visibility_level
       project_level = @project.visibility_level
 
diff --git a/app/services/projects/forks_count_service.rb b/app/services/projects/forks_count_service.rb
new file mode 100644
index 00000000000..e2e2b1da91d
--- /dev/null
+++ b/app/services/projects/forks_count_service.rb
@@ -0,0 +1,30 @@
+module Projects
+  # Service class for getting and caching the number of forks of a project.
+  class ForksCountService
+    def initialize(project)
+      @project = project
+    end
+
+    def count
+      Rails.cache.fetch(cache_key) { uncached_count }
+    end
+
+    def refresh_cache
+      Rails.cache.write(cache_key, uncached_count)
+    end
+
+    def delete_cache
+      Rails.cache.delete(cache_key)
+    end
+
+    private
+
+    def uncached_count
+      @project.forks.count
+    end
+
+    def cache_key
+      ['projects', @project.id, 'forks_count']
+    end
+  end
+end
diff --git a/app/services/projects/unlink_fork_service.rb b/app/services/projects/unlink_fork_service.rb
index f385e426827..f30b40423c8 100644
--- a/app/services/projects/unlink_fork_service.rb
+++ b/app/services/projects/unlink_fork_service.rb
@@ -13,7 +13,13 @@ module Projects
         ::MergeRequests::CloseService.new(@project, @current_user).execute(mr)
       end
 
+      refresh_forks_count(@project.forked_from_project)
+
       @project.forked_project_link.destroy
     end
+
+    def refresh_forks_count(project)
+      Projects::ForksCountService.new(project).refresh_cache
+    end
   end
 end
diff --git a/app/services/projects/update_pages_service.rb b/app/services/projects/update_pages_service.rb
index 5038155ca31..394b336a638 100644
--- a/app/services/projects/update_pages_service.rb
+++ b/app/services/projects/update_pages_service.rb
@@ -172,11 +172,11 @@ module Projects
     end
 
     def register_attempt
-      pages_deployments_total_counter.increase
+      pages_deployments_total_counter.increment
     end
 
     def register_failure
-      pages_deployments_failed_total_counter.increase
+      pages_deployments_failed_total_counter.increment
     end
 
     def pages_deployments_total_counter
diff --git a/app/services/projects/update_service.rb b/app/services/projects/update_service.rb
index d81035e4eba..cf69007bc3b 100644
--- a/app/services/projects/update_service.rb
+++ b/app/services/projects/update_service.rb
@@ -10,7 +10,7 @@ module Projects
       end
 
       if changing_default_branch?
-        project.change_head(params[:default_branch])
+        return error("Could not set the default branch") unless project.change_head(params[:default_branch])
       end
 
       if project.update_attributes(params.except(:default_branch))
diff --git a/app/services/push_event_payload_service.rb b/app/services/push_event_payload_service.rb
new file mode 100644
index 00000000000..b0a389c85f9
--- /dev/null
+++ b/app/services/push_event_payload_service.rb
@@ -0,0 +1,120 @@
+# Service class for creating push event payloads as stored in the
+# "push_event_payloads" table.
+#
+# Example:
+#
+#     data = Gitlab::DataBuilder::Push.build(...)
+#     event = Event.create(...)
+#
+#     PushEventPayloadService.new(event, data).execute
+class PushEventPayloadService
+  # event - The event this push payload belongs to.
+  # push_data - A Hash produced by `Gitlab::DataBuilder::Push.build` to use for
+  #             building the push payload.
+  def initialize(event, push_data)
+    @event = event
+    @push_data = push_data
+  end
+
+  # Creates and returns a new PushEventPayload row.
+  #
+  # This method will raise upon encountering validation errors.
+  #
+  # Returns an instance of PushEventPayload.
+  def execute
+    @event.build_push_event_payload(
+      commit_count: commit_count,
+      action: action,
+      ref_type: ref_type,
+      commit_from: commit_from_id,
+      commit_to: commit_to_id,
+      ref: trimmed_ref,
+      commit_title: commit_title,
+      event_id: @event.id
+    )
+
+    @event.push_event_payload.save!
+    @event.push_event_payload
+  end
+
+  # Returns the commit title to use.
+  #
+  # The commit title is limited to the first line and a maximum of 70
+  # characters.
+  def commit_title
+    commit = @push_data.fetch(:commits).last
+
+    return nil unless commit && commit[:message]
+
+    raw_msg = commit[:message]
+
+    # Find where the first line ends, without turning the entire message into an
+    # Array of lines (this is a waste of memory for large commit messages).
+    index = raw_msg.index("\n")
+    message = index ? raw_msg[0..index] : raw_msg
+
+    message.strip.truncate(70)
+  end
+
+  def commit_from_id
+    if create?
+      nil
+    else
+      revision_before
+    end
+  end
+
+  def commit_to_id
+    if remove?
+      nil
+    else
+      revision_after
+    end
+  end
+
+  def commit_count
+    @push_data.fetch(:total_commits_count)
+  end
+
+  def ref
+    @push_data.fetch(:ref)
+  end
+
+  def revision_before
+    @push_data.fetch(:before)
+  end
+
+  def revision_after
+    @push_data.fetch(:after)
+  end
+
+  def trimmed_ref
+    Gitlab::Git.ref_name(ref)
+  end
+
+  def create?
+    Gitlab::Git.blank_ref?(revision_before)
+  end
+
+  def remove?
+    Gitlab::Git.blank_ref?(revision_after)
+  end
+
+  def action
+    if create?
+      :created
+    elsif remove?
+      :removed
+    else
+      :pushed
+    end
+  end
+
+  def ref_type
+    if Gitlab::Git.tag_ref?(ref)
+      :tag
+    else
+      :branch
+    end
+  end
+end
diff --git a/app/uploaders/personal_file_uploader.rb b/app/uploaders/personal_file_uploader.rb
index ef70871624b..3298ad104ec 100644
--- a/app/uploaders/personal_file_uploader.rb
+++ b/app/uploaders/personal_file_uploader.rb
@@ -4,7 +4,7 @@ class PersonalFileUploader < FileUploader
   end
 
   def self.base_dir
-    File.join(root_dir, 'system')
+    File.join(root_dir, '-', 'system')
   end
 
   private
diff --git a/app/views/admin/application_settings/_form.html.haml b/app/views/admin/application_settings/_form.html.haml
index a4f49d3f6d7..8bf6556079b 100644
--- a/app/views/admin/application_settings/_form.html.haml
+++ b/app/views/admin/application_settings/_form.html.haml
@@ -48,6 +48,12 @@
         = select(:application_setting, :enabled_git_access_protocol, [['Both SSH and HTTP(S)', nil], ['Only SSH', 'ssh'], ['Only HTTP(S)', 'http']], {}, class: 'form-control')
         %span.help-block#clone-protocol-help
           Allow only the selected protocols to be used for Git access.
+    .form-group
+      .col-sm-offset-2.col-sm-10
+        .checkbox
+          = f.label :project_export_enabled do
+            = f.check_box :project_export_enabled
+            Project export enabled
 
   %fieldset
     %legend Account and Limit Settings
diff --git a/app/views/dashboard/projects/_blank_state_admin_welcome.html.haml b/app/views/dashboard/projects/_blank_state_admin_welcome.html.haml
index 209afd4aab4..57544559824 100644
--- a/app/views/dashboard/projects/_blank_state_admin_welcome.html.haml
+++ b/app/views/dashboard/projects/_blank_state_admin_welcome.html.haml
@@ -28,6 +28,6 @@
       %h3.blank-state-title
         Create a group
       %p.blank-state-text
-        Groups are a great way to organise projects and people.
+        Groups are a great way to organize projects and people.
       = link_to new_group_path, class: "btn btn-new" do
         New group
diff --git a/app/views/events/_commit.html.haml b/app/views/events/_commit.html.haml
index ad434a64556..98cdcca3ecc 100644
--- a/app/views/events/_commit.html.haml
+++ b/app/views/events/_commit.html.haml
@@ -1,5 +1,5 @@
 %li.commit
   .commit-row-title
-    = link_to truncate_sha(commit[:id]), project_commit_path(project, commit[:id]), class: "commit-sha", alt: '', title: truncate_sha(commit[:id])
+    = link_to truncate_sha(event.commit_id), project_commit_path(project, event.commit_id), class: "commit-sha", alt: '', title: truncate_sha(event.commit_id)
     &middot;
-    = markdown event_commit_title(commit[:message]), project: project, pipeline: :single_line, author: event.author
+    = markdown event_commit_title(event.commit_title), project: project, pipeline: :single_line, author: event.author
diff --git a/app/views/events/_event_push.atom.haml b/app/views/events/_event_push.atom.haml
index 9fcacfbbf36..bf655f9d21a 100644
--- a/app/views/events/_event_push.atom.haml
+++ b/app/views/events/_event_push.atom.haml
@@ -1,14 +1,13 @@
 %div{ xmlns: "http://www.w3.org/1999/xhtml" }
-  - event.commits.first(15).each do |commit|
-    %p
-      %strong= commit[:author][:name]
-      = link_to "(##{truncate_sha(commit[:id])})", project_commit_path(event.project, id: commit[:id])
-      %i
-        at
-        = commit[:timestamp].to_time.to_s(:short)
-    %blockquote= markdown(escape_once(commit[:message]), pipeline: :atom, project: event.project, author: event.author)
-  - if event.commits_count > 15
+  %p
+    %strong= event.author_name
+    = link_to "(#{truncate_sha(event.commit_id)})", project_commit_path(event.project, event.commit_id)
+    %i
+      at
+      = event.created_at.to_s(:short)
+  %blockquote= markdown(escape_once(event.commit_title), pipeline: :atom, project: event.project, author: event.author)
+  - if event.commits_count > 1
     %p
       %i
         \... and
-        = pluralize(event.commits_count - 15, "more commit")
+        = pluralize(event.commits_count - 1, "more commit")
diff --git a/app/views/events/event/_push.html.haml b/app/views/events/event/_push.html.haml
index 54b414cc62a..973c652ad88 100644
--- a/app/views/events/event/_push.html.haml
+++ b/app/views/events/event/_push.html.haml
@@ -14,9 +14,7 @@
 - if event.push_with_commits?
   .event-body
     %ul.well-list.event_commits
-      - few_commits = event.commits[0...2]
-      - few_commits.each do |commit|
-        = render "events/commit", commit: commit, project: project, event: event
+      = render "events/commit", project: project, event: event
 
       - create_mr = event.new_ref? && create_mr_button?(project.default_branch, event.ref_name, project) && event.authored_by?(current_user)
       - if event.commits_count > 1
@@ -44,9 +42,6 @@
           = link_to create_mr_path(project.default_branch, event.ref_name, project) do
             Create Merge Request
 - elsif event.rm_ref?
-  - repository = project.repository
-  - last_commit = repository.commit(event.commit_from)
-  - if last_commit
-    .event-body
-      %ul.well-list.event_commits
-        = render "events/commit", commit: last_commit, project: project, event: event
+  .event-body
+    %ul.well-list.event_commits
+      = render "events/commit", project: project, event: event
diff --git a/app/views/import/fogbugz/new_user_map.html.haml b/app/views/import/fogbugz/new_user_map.html.haml
index c52a515226e..84e0009487f 100644
--- a/app/views/import/fogbugz/new_user_map.html.haml
+++ b/app/views/import/fogbugz/new_user_map.html.haml
@@ -10,7 +10,7 @@
     Customize how FogBugz email addresses and usernames are imported into GitLab.
     In the next step, you'll be able to select the projects you want to import.
   %p
-    The user map is a mapping of the FogBugz users that participated on your projects to the way their email address and usernames wil be imported into GitLab. You can change this by populating the table below.
+    The user map is a mapping of the FogBugz users that participated on your projects to the way their email address and usernames will be imported into GitLab. You can change this by populating the table below.
   %ul
     %li
       %strong Default: Map a FogBugz account ID to a full name
diff --git a/app/views/kaminari/gitlab/_without_count.html.haml b/app/views/kaminari/gitlab/_without_count.html.haml
new file mode 100644
index 00000000000..250029c4475
--- /dev/null
+++ b/app/views/kaminari/gitlab/_without_count.html.haml
@@ -0,0 +1,8 @@
+.gl-pagination
+  %ul.pagination.clearfix
+    - if previous_path
+      %li.prev
+        = link_to(t('views.pagination.previous'), previous_path, rel: 'prev')
+    - if next_path
+      %li.next
+        = link_to(t('views.pagination.next'), next_path, rel: 'next')
diff --git a/app/views/projects/_export.html.haml b/app/views/projects/_export.html.haml
new file mode 100644
index 00000000000..623d3bc91c6
--- /dev/null
+++ b/app/views/projects/_export.html.haml
@@ -0,0 +1,41 @@
+- return unless current_application_settings.project_export_enabled?
+
+- project = local_assigns.fetch(:project)
+- expanded = Rails.env.test?
+
+%section.settings
+  .settings-header
+    %h4
+      Export project
+    %button.btn.js-settings-toggle
+      = expanded ? 'Collapse' : 'Expand'
+    %p
+      Export this project with all its related data in order to move your project to a new GitLab instance. Once the export is finished, you can import the file from the "New Project" page.
+  .settings-content.no-animate{ class: ('expanded' if expanded) }
+    .bs-callout.bs-callout-info
+      %p.append-bottom-0
+        %p
+          The following items will be exported:
+        %ul
+          %li Project and wiki repositories
+          %li Project uploads
+          %li Project configuration including web hooks and services
+          %li Issues with comments, merge requests with diffs and comments, labels, milestones, snippets, and other project entities
+        %p
+          The following items will NOT be exported:
+        %ul
+          %li Job traces and artifacts
+          %li LFS objects
+          %li Container registry images
+          %li CI variables
+          %li Any encrypted tokens
+    %p
+      Once the exported file is ready, you will receive a notification email with a download link.
+    - if project.export_project_path
+      = link_to 'Download export',  download_export_project_path(project),
+              rel: 'nofollow', download: '', method: :get, class: "btn btn-default"
+      = link_to 'Generate new export',  generate_new_export_project_path(project),
+              method: :post, class: "btn btn-default"
+    - else
+      = link_to 'Export project', export_project_path(project),
+              method: :post, class: "btn btn-default"
diff --git a/app/views/projects/_files.html.haml b/app/views/projects/_files.html.haml
index 398d9306bed..3a7a99462a6 100644
--- a/app/views/projects/_files.html.haml
+++ b/app/views/projects/_files.html.haml
@@ -1,14 +1,13 @@
 - commit = local_assigns.fetch(:commit) { @repository.commit }
 - ref = local_assigns.fetch(:ref) { current_ref }
 - project = local_assigns.fetch(:project) { @project }
-.tree-holder.clearfix
+- content_url = local_assigns.fetch(:content_url) { @tree.readme ? project_blob_path(@project, tree_join(@ref, @tree.readme.path)) : project_tree_path(@project, @ref) }
+
+#tree-holder.tree-holder.clearfix
   .nav-block
     = render 'projects/tree/tree_header', tree: @tree
 
-  - if commit
-    .info-well.hidden-xs.project-last-commit.append-bottom-default
-      .well-segment
-        %ul.blob-commit-info
-          = render 'projects/commits/commit', commit: commit, ref: ref, project: project
+  - if !show_new_repo? && commit
+    = render 'shared/commit_well', commit: commit, ref: ref, project: project
 
-  = render 'projects/tree/tree_content', tree: @tree
+  = render 'projects/tree/tree_content', tree: @tree, content_url: content_url
diff --git a/app/views/projects/_md_preview.html.haml b/app/views/projects/_md_preview.html.haml
index 6e13bf47ff6..97041b87c48 100644
--- a/app/views/projects/_md_preview.html.haml
+++ b/app/views/projects/_md_preview.html.haml
@@ -1,11 +1,9 @@
 - referenced_users = local_assigns.fetch(:referenced_users, nil)
 
 - if defined?(@issue) && @issue.confidential?
-  %li.confidential-issue-warning
+  .confidential-issue-warning
     = confidential_icon(@issue)
     %span This is a confidential issue. Your comment will not be visible to the public.
-- else
-  %li.confidential-issue-warning.not-confidential
 
 .md-area
   .md-header
diff --git a/app/views/projects/blob/_blob.html.haml b/app/views/projects/blob/_blob.html.haml
index 8bd336269ff..849716a679b 100644
--- a/app/views/projects/blob/_blob.html.haml
+++ b/app/views/projects/blob/_blob.html.haml
@@ -9,5 +9,5 @@
 
 #blob-content-holder.blob-content-holder
   %article.file-holder
-    = render "projects/blob/header", blob: blob
+    = render 'projects/blob/header', blob: blob
     = render 'projects/blob/content', blob: blob
diff --git a/app/views/projects/blob/_upload.html.haml b/app/views/projects/blob/_upload.html.haml
index 32dbc1b3417..05b7dfe2872 100644
--- a/app/views/projects/blob/_upload.html.haml
+++ b/app/views/projects/blob/_upload.html.haml
@@ -19,7 +19,9 @@
           = render 'shared/new_commit_form', placeholder: placeholder
 
           .form-actions
-            = button_tag button_title, class: 'btn btn-small btn-create btn-upload-file', id: 'submit-all'
+            = button_tag class: 'btn btn-create btn-upload-file', id: 'submit-all', type: 'button' do
+              = icon('spin spinner', class: 'js-loading-icon hidden' )
+              = button_title
             = link_to _("Cancel"), '#', class: "btn btn-cancel", "data-dismiss" => "modal"
 
             - unless can?(current_user, :push_code, @project)
diff --git a/app/views/projects/blob/_viewer.html.haml b/app/views/projects/blob/_viewer.html.haml
index 013f1c267c8..cc85e5de40f 100644
--- a/app/views/projects/blob/_viewer.html.haml
+++ b/app/views/projects/blob/_viewer.html.haml
@@ -17,3 +17,4 @@
     - viewer = BlobViewer::Download.new(viewer.blob) if viewer.binary_detected_after_load?
 
     = render viewer.partial_path, viewer: viewer
+
diff --git a/app/views/projects/blob/show.html.haml b/app/views/projects/blob/show.html.haml
index 278f4201bba..240e62d5ac5 100644
--- a/app/views/projects/blob/show.html.haml
+++ b/app/views/projects/blob/show.html.haml
@@ -5,16 +5,23 @@
 = render "projects/commits/head"
 
 - content_for :page_specific_javascripts do
-  = page_specific_javascript_bundle_tag('blob')
+  = webpack_bundle_tag 'blob'
+
+  - if show_new_repo?
+    = webpack_bundle_tag 'common_vue'
+    = webpack_bundle_tag 'repo'
 
 = render 'projects/last_push'
 
 %div{ class: container_class }
-  .tree-holder
-    = render 'blob', blob: @blob
+  - if show_new_repo?
+    = render 'projects/files', commit: @last_commit, project: @project, ref: @ref, content_url: project_blob_path(@project, @id)
+  - else
+    #tree-holder.tree-holder
+      = render 'blob', blob: @blob
 
-  - if can_modify_blob?(@blob)
-    = render 'projects/blob/remove'
+    - if can_modify_blob?(@blob)
+      = render 'projects/blob/remove'
 
-    - title = "Replace #{@blob.name}"
-    = render 'projects/blob/upload', title: title, placeholder: title, button_title: 'Replace file', form_path: project_update_blob_path(@project, @id), method: :put
+      - title = "Replace #{@blob.name}"
+      = render 'projects/blob/upload', title: title, placeholder: title, button_title: 'Replace file', form_path: project_update_blob_path(@project, @id), method: :put
diff --git a/app/views/projects/blob/viewers/_balsamiq.html.haml b/app/views/projects/blob/viewers/_balsamiq.html.haml
index 28670e7de97..1e7c461f02e 100644
--- a/app/views/projects/blob/viewers/_balsamiq.html.haml
+++ b/app/views/projects/blob/viewers/_balsamiq.html.haml
@@ -1,4 +1,4 @@
 - content_for :page_specific_javascripts do
   = page_specific_javascript_bundle_tag('balsamiq_viewer')
 
-.file-content.balsamiq-viewer#js-balsamiq-viewer{ data: { endpoint: blob_raw_url } }
+.file-content.balsamiq-viewer#js-balsamiq-viewer{ data: { endpoint: blob_raw_path } }
diff --git a/app/views/projects/blob/viewers/_download.html.haml b/app/views/projects/blob/viewers/_download.html.haml
index 684240d02c7..6d1138f7959 100644
--- a/app/views/projects/blob/viewers/_download.html.haml
+++ b/app/views/projects/blob/viewers/_download.html.haml
@@ -1,6 +1,6 @@
 .file-content.blob_file.blob-no-preview
   .center
-    = link_to blob_raw_url do
+    = link_to blob_raw_path do
       %h1.light
         = icon('download')
       %h4
diff --git a/app/views/projects/blob/viewers/_image.html.haml b/app/views/projects/blob/viewers/_image.html.haml
index 5fd22a59217..26ea028c5d7 100644
--- a/app/views/projects/blob/viewers/_image.html.haml
+++ b/app/views/projects/blob/viewers/_image.html.haml
@@ -1,2 +1,2 @@
 .file-content.image_file
-  = image_tag(blob_raw_url, alt: viewer.blob.name)
+  = image_tag(blob_raw_path, alt: viewer.blob.name)
diff --git a/app/views/projects/blob/viewers/_notebook.html.haml b/app/views/projects/blob/viewers/_notebook.html.haml
index 2399fb16265..8a41bc53004 100644
--- a/app/views/projects/blob/viewers/_notebook.html.haml
+++ b/app/views/projects/blob/viewers/_notebook.html.haml
@@ -2,4 +2,4 @@
   = page_specific_javascript_bundle_tag('common_vue')
   = page_specific_javascript_bundle_tag('notebook_viewer')
 
-.file-content#js-notebook-viewer{ data: { endpoint: blob_raw_url } }
+.file-content#js-notebook-viewer{ data: { endpoint: blob_raw_path } }
diff --git a/app/views/projects/blob/viewers/_pdf.html.haml b/app/views/projects/blob/viewers/_pdf.html.haml
index 1dd179c4fdc..ec2b18bd4ab 100644
--- a/app/views/projects/blob/viewers/_pdf.html.haml
+++ b/app/views/projects/blob/viewers/_pdf.html.haml
@@ -2,4 +2,4 @@
   = page_specific_javascript_bundle_tag('common_vue')
   = page_specific_javascript_bundle_tag('pdf_viewer')
 
-.file-content#js-pdf-viewer{ data: { endpoint: blob_raw_url } }
+.file-content#js-pdf-viewer{ data: { endpoint: blob_raw_path } }
diff --git a/app/views/projects/blob/viewers/_sketch.html.haml b/app/views/projects/blob/viewers/_sketch.html.haml
index 49f716c2c59..775e4584f77 100644
--- a/app/views/projects/blob/viewers/_sketch.html.haml
+++ b/app/views/projects/blob/viewers/_sketch.html.haml
@@ -2,6 +2,6 @@
   = page_specific_javascript_bundle_tag('common_vue')
   = page_specific_javascript_bundle_tag('sketch_viewer')
 
-.file-content#js-sketch-viewer{ data: { endpoint: blob_raw_url } }
+.file-content#js-sketch-viewer{ data: { endpoint: blob_raw_path } }
   .js-loading-icon.text-center.prepend-top-default.append-bottom-default.js-loading-icon{ 'aria-label' => 'Loading Sketch preview' }
     = icon('spinner spin 2x', 'aria-hidden' => 'true');
diff --git a/app/views/projects/blob/viewers/_stl.html.haml b/app/views/projects/blob/viewers/_stl.html.haml
index e4e9d746176..6578d826ace 100644
--- a/app/views/projects/blob/viewers/_stl.html.haml
+++ b/app/views/projects/blob/viewers/_stl.html.haml
@@ -2,7 +2,7 @@
   = page_specific_javascript_bundle_tag('stl_viewer')
 
 .file-content.is-stl-loading
-  .text-center#js-stl-viewer{ data: { endpoint: blob_raw_url } }
+  .text-center#js-stl-viewer{ data: { endpoint: blob_raw_path } }
     = icon('spinner spin 2x', class: 'prepend-top-default append-bottom-default', 'aria-hidden' => 'true', 'aria-label' => 'Loading')
   .text-center.prepend-top-default.append-bottom-default.stl-controls
     .btn-group
diff --git a/app/views/projects/blob/viewers/_video.html.haml b/app/views/projects/blob/viewers/_video.html.haml
index 595a890a27d..36039c08d52 100644
--- a/app/views/projects/blob/viewers/_video.html.haml
+++ b/app/views/projects/blob/viewers/_video.html.haml
@@ -1,2 +1,2 @@
 .file-content.video
-  %video{ src: blob_raw_url, controls: true, data: { setup: '{}' } }
+  %video{ src: blob_raw_path, controls: true, data: { setup: '{}' } }
diff --git a/app/views/projects/boards/components/_board.html.haml b/app/views/projects/boards/components/_board.html.haml
index 539ee087b14..64f5f6d7ba0 100644
--- a/app/views/projects/boards/components/_board.html.haml
+++ b/app/views/projects/boards/components/_board.html.haml
@@ -6,8 +6,16 @@
         %i.fa.fa-fw.board-title-expandable-toggle{ "v-if": "list.isExpandable",
           ":class": "{ \"fa-caret-down\": list.isExpanded, \"fa-caret-right\": !list.isExpanded && list.position === -1, \"fa-caret-left\": !list.isExpanded && list.position !== -1 }",
           "aria-hidden": "true" }
-        %span.has-tooltip{ ":title" => '(list.label ? list.label.description : "")',
-          data: { container: "body", placement: "bottom" } }
+
+        %span.has-tooltip{ "v-if": "list.type !== \"label\"",
+          ":title" => '(list.label ? list.label.description : "")' }
+          {{ list.title }}
+
+        %span.has-tooltip{ "v-if": "list.type === \"label\"",
+          ":title" => '(list.label ? list.label.description : "")',
+          data: { container: "body", placement: "bottom" },
+          class: "label color-label title",
+          ":style" => "{ backgroundColor: (list.label && list.label.color ? list.label.color : null), color: (list.label && list.label.color ? list.label.text_color : \"#2e2e2e\") }" }
           {{ list.title }}
         .issue-count-badge.pull-right.clearfix{ "v-if" => 'list.type !== "blank"' }
           %span.issue-count-badge-count.pull-left{ ":class" => '{ "has-btn": list.type !== "closed" && !disabled }' }
diff --git a/app/views/projects/commit/_ajax_signature.html.haml b/app/views/projects/commit/_ajax_signature.html.haml
index 22674b671c9..83821326aec 100644
--- a/app/views/projects/commit/_ajax_signature.html.haml
+++ b/app/views/projects/commit/_ajax_signature.html.haml
@@ -1,3 +1,2 @@
 - if commit.has_signature?
   %button{ class: commit_signature_badge_classes('js-loading-gpg-badge'), data: { toggle: 'tooltip', placement: 'auto top', title: 'GPG signature (loading...)', 'commit-sha' => commit.sha } }
-    %i.fa.fa-spinner.fa-spin
diff --git a/app/views/projects/cycle_analytics/show.html.haml b/app/views/projects/cycle_analytics/show.html.haml
index c704635ead3..3467e357c49 100644
--- a/app/views/projects/cycle_analytics/show.html.haml
+++ b/app/views/projects/cycle_analytics/show.html.haml
@@ -40,6 +40,9 @@
                   %i.fa.fa-chevron-down
                 %ul.dropdown-menu.dropdown-menu-align-right
                   %li
+                    %a{ "href" => "#", "data-value" => "7" }
+                      {{ n__('Last %d day', 'Last %d days', 7) }}
+                  %li
                     %a{ "href" => "#", "data-value" => "30" }
                       {{ n__('Last %d day', 'Last %d days', 30) }}
                   %li
diff --git a/app/views/projects/diffs/_diffs.html.haml b/app/views/projects/diffs/_diffs.html.haml
index 8c8aa4c78f5..376f672f424 100644
--- a/app/views/projects/diffs/_diffs.html.haml
+++ b/app/views/projects/diffs/_diffs.html.haml
@@ -2,22 +2,24 @@
 - show_whitespace_toggle = local_assigns.fetch(:show_whitespace_toggle, true)
 - can_create_note = !@diff_notes_disabled && can?(current_user, :create_note, diffs.project)
 - diff_files = diffs.diff_files
+- merge_request = local_assigns.fetch(:merge_request, false)
 
-.content-block.oneline-block.files-changed.diff-files-changed.js-diff-files-changed
-  .inline-parallel-buttons
-    - if !diffs_expanded? && diff_files.any? { |diff_file| diff_file.collapsed? }
-      = link_to 'Expand all', url_for(params.merge(expanded: 1, format: nil)), class: 'btn btn-default'
-    - if show_whitespace_toggle
-      - if current_controller?(:commit)
-        = commit_diff_whitespace_link(diffs.project, @commit, class: 'hidden-xs')
-      - elsif current_controller?('projects/merge_requests/diffs')
-        = diff_merge_request_whitespace_link(diffs.project, @merge_request, class: 'hidden-xs')
-      - elsif current_controller?(:compare)
-        = diff_compare_whitespace_link(diffs.project, params[:from], params[:to], class: 'hidden-xs')
-    .btn-group
-      = inline_diff_btn
-      = parallel_diff_btn
-  = render 'projects/diffs/stats', diff_files: diff_files
+.content-block.oneline-block.files-changed.diff-files-changed.js-diff-files-changed{ class: ("diff-files-changed-merge-request" if merge_request) }
+  .files-changed-inner
+    .inline-parallel-buttons.hidden-xs.hidden-sm
+      - if !diffs_expanded? && diff_files.any? { |diff_file| diff_file.collapsed? }
+        = link_to 'Expand all', url_for(params.merge(expanded: 1, format: nil)), class: 'btn btn-default'
+      - if show_whitespace_toggle
+        - if current_controller?(:commit)
+          = commit_diff_whitespace_link(diffs.project, @commit, class: 'hidden-xs')
+        - elsif current_controller?('projects/merge_requests/diffs')
+          = diff_merge_request_whitespace_link(diffs.project, @merge_request, class: 'hidden-xs')
+        - elsif current_controller?(:compare)
+          = diff_compare_whitespace_link(diffs.project, params[:from], params[:to], class: 'hidden-xs')
+      .btn-group
+        = inline_diff_btn
+        = parallel_diff_btn
+    = render 'projects/diffs/stats', diff_files: diff_files
 
 - if render_overflow_warning?(diff_files)
   = render 'projects/diffs/warning', diff_files: diffs
diff --git a/app/views/projects/diffs/_stats.html.haml b/app/views/projects/diffs/_stats.html.haml
index efc0ea31917..02fd54c97fb 100644
--- a/app/views/projects/diffs/_stats.html.haml
+++ b/app/views/projects/diffs/_stats.html.haml
@@ -10,7 +10,7 @@
     %strong.cgreen #{sum_added_lines} additions
     and
     %strong.cred #{sum_removed_lines} deletions
-  .diff-stats-additions-deletions-collapsed.pull-right{ "aria-hidden": "true", "aria-describedby": "diff-stats" }
+  .diff-stats-additions-deletions-collapsed.pull-right.hidden-xs.hidden-sm{ "aria-hidden": "true", "aria-describedby": "diff-stats" }
     %strong.cgreen<
       +#{sum_added_lines}
     %strong.cred<
diff --git a/app/views/projects/edit.html.haml b/app/views/projects/edit.html.haml
index 20fceda26dc..6178abe9160 100644
--- a/app/views/projects/edit.html.haml
+++ b/app/views/projects/edit.html.haml
@@ -161,42 +161,7 @@
         = render 'merge_request_settings', form: f
         = f.submit 'Save changes', class: "btn btn-save"
 
-  %section.settings
-    .settings-header
-      %h4
-        Export project
-      %button.btn.js-settings-toggle
-        = expanded ? 'Collapse' : 'Expand'
-      %p
-        Export this project with all its related data in order to move your project to a new GitLab instance. Once the export is finished, you can import the file from the "New Project" page.
-    .settings-content.no-animate{ class: ('expanded' if expanded) }
-      .bs-callout.bs-callout-info
-        %p.append-bottom-0
-          %p
-            The following items will be exported:
-          %ul
-            %li Project and wiki repositories
-            %li Project uploads
-            %li Project configuration including web hooks and services
-            %li Issues with comments, merge requests with diffs and comments, labels, milestones, snippets, and other project entities
-          %p
-            The following items will NOT be exported:
-          %ul
-            %li Job traces and artifacts
-            %li LFS objects
-            %li Container registry images
-            %li CI variables
-            %li Any encrypted tokens
-      %p
-        Once the exported file is ready, you will receive a notification email with a download link.
-      - if @project.export_project_path
-        = link_to 'Download export',  download_export_project_path(@project),
-                rel: 'nofollow', download: '', method: :get, class: "btn btn-default"
-        = link_to 'Generate new export',  generate_new_export_project_path(@project),
-                method: :post, class: "btn btn-default"
-      - else
-        = link_to 'Export project', export_project_path(@project),
-                method: :post, class: "btn btn-default"
+  = render 'export', project: @project
 
   %section.settings.advanced-settings
     .settings-header
@@ -205,7 +170,7 @@
       %button.btn.js-settings-toggle
         = expanded ? 'Collapse' : 'Expand'
       %p
-        Perform advanced options such as housekeeping, exporting, archiveing, renameing, transfering, or removeing your project.
+        Perform advanced options such as housekeeping, exporting, archiving, renaming, transferring, or removing your project.
     .settings-content.no-animate{ class: ('expanded' if expanded) }
       .sub-section
         %h4 Housekeeping
@@ -274,7 +239,7 @@
                 %li Be careful. Changing the project's namespace can have unintended side effects.
                 %li You can only transfer the project to namespaces you manage.
                 %li You will need to update your local repositories to point to the new location.
-                %li Project visibility level will be changed to match namespace rules when transfering to a group.
+                %li Project visibility level will be changed to match namespace rules when transferring to a group.
             = f.submit 'Transfer project', class: "btn btn-remove js-confirm-danger", data: { "confirm-danger-message" => transfer_project_message(@project) }
       - if @project.forked? && can?(current_user, :remove_fork_project, @project)
         .sub-section
diff --git a/app/views/projects/graphs/charts.html.haml b/app/views/projects/graphs/charts.html.haml
index 228c8c84792..9f5a1239a82 100644
--- a/app/views/projects/graphs/charts.html.haml
+++ b/app/views/projects/graphs/charts.html.haml
@@ -78,8 +78,8 @@
 
 %script#projectChartData{ type: "application/json" }
   - projectChartData = {};
-  - projectChartData['hour'] = { 'keys' => @commits_per_time.keys, 'values' => @commits_per_time.values }
-  - projectChartData['weekDays'] = { 'keys' => @commits_per_week_days.keys, 'values' => @commits_per_week_days.values }
-  - projectChartData['month'] = { 'keys' => @commits_per_month.keys, 'values' => @commits_per_month.values }
+  - projectChartData['hour'] = @commits_per_time
+  - projectChartData['weekDays'] = @commits_per_week_days
+  - projectChartData['month'] = @commits_per_month
   - projectChartData['languages'] = @languages
   = projectChartData.to_json.html_safe
diff --git a/app/views/projects/issues/_nav_btns.html.haml b/app/views/projects/issues/_nav_btns.html.haml
index 756faf4625e..13809da6523 100644
--- a/app/views/projects/issues/_nav_btns.html.haml
+++ b/app/views/projects/issues/_nav_btns.html.haml
@@ -1,7 +1,7 @@
 = link_to params.merge(rss_url_options), class: 'btn btn-default append-right-10 has-tooltip', title: 'Subscribe' do
   = icon('rss')
 - if @can_bulk_update
-  = button_tag "Edit Issues", class: "btn btn-default append-right-10 js-bulk-update-toggle"
+  = button_tag "Edit issues", class: "btn btn-default append-right-10 js-bulk-update-toggle"
 = link_to "New issue", new_project_issue_path(@project,
                                               issue: { assignee_id: issues_finder.assignee.try(:id),
                                                        milestone_id: issues_finder.milestones.first.try(:id) }),
diff --git a/app/views/projects/jobs/_sidebar.html.haml b/app/views/projects/jobs/_sidebar.html.haml
index 99f4b30d085..f5d5bc7eda9 100644
--- a/app/views/projects/jobs/_sidebar.html.haml
+++ b/app/views/projects/jobs/_sidebar.html.haml
@@ -75,7 +75,7 @@
             Pipeline
             = link_to "##{@build.pipeline.id}", project_pipeline_path(@project, @build.pipeline), class: 'link-commit'
             from
-            = link_to "#{@build.pipeline.ref}", project_branch_path(@project, @build.pipeline.ref), class: 'link-commit'
+            = link_to "#{@build.pipeline.ref}", project_ref_path(@project, @build.pipeline.ref), class: 'link-commit ref-name'
           %button.dropdown-menu-toggle{ type: 'button', 'data-toggle' => 'dropdown' }
             %span.stage-selection More
             = icon('chevron-down')
diff --git a/app/views/projects/merge_requests/_nav_btns.html.haml b/app/views/projects/merge_requests/_nav_btns.html.haml
index e92f2712347..e73dab8ad4a 100644
--- a/app/views/projects/merge_requests/_nav_btns.html.haml
+++ b/app/views/projects/merge_requests/_nav_btns.html.haml
@@ -1,5 +1,5 @@
 - if @can_bulk_update
-  = button_tag "Edit Merge Requests", class: "btn js-bulk-update-toggle"
+  = button_tag "Edit merge requests", class: "btn append-right-10 js-bulk-update-toggle"
 - if merge_project
   = link_to new_merge_request_path, class: "btn btn-new", title: "New merge request" do
     New merge request
diff --git a/app/views/projects/merge_requests/diffs/_diffs.html.haml b/app/views/projects/merge_requests/diffs/_diffs.html.haml
index fb31e2fef00..0d30d6da68f 100644
--- a/app/views/projects/merge_requests/diffs/_diffs.html.haml
+++ b/app/views/projects/merge_requests/diffs/_diffs.html.haml
@@ -1,5 +1,5 @@
 - if @merge_request_diff.collected? || @merge_request_diff.overflow?
   = render 'projects/merge_requests/diffs/versions'
-  = render "projects/diffs/diffs", diffs: @diffs, environment: @environment
+  = render "projects/diffs/diffs", diffs: @diffs, environment: @environment, merge_request: true
 - elsif @merge_request_diff.empty?
   .nothing-here-block Nothing to merge from #{@merge_request.source_branch} into #{@merge_request.target_branch}
diff --git a/app/views/projects/notes/_actions.html.haml b/app/views/projects/notes/_actions.html.haml
index 9c42be4e0ff..cb737d129f0 100644
--- a/app/views/projects/notes/_actions.html.haml
+++ b/app/views/projects/notes/_actions.html.haml
@@ -17,24 +17,32 @@
       "inline-template" => true,
       "ref" => "note_#{note.id}" }
 
-    %button.note-action-button.line-resolve-btn{ type: "button",
-        class: ("is-disabled" unless can_resolve),
-        ":class" => "{ 'is-active': isResolved }",
-        ":aria-label" => "buttonText",
-        "@click" => "resolve",
-        ":title" => "buttonText",
-        ":ref" => "'button'" }
+    .note-actions-item
+      %button.note-action-button.line-resolve-btn{ type: "button",
+          class: ("is-disabled" unless can_resolve),
+          ":class" => "{ 'is-active': isResolved }",
+          ":aria-label" => "buttonText",
+          "@click" => "resolve",
+          ":title" => "buttonText",
+          ":ref" => "'button'" }
 
-      = icon('spin spinner', 'v-show' => 'loading', class: 'loading', 'aria-hidden' => 'true', 'aria-label' => 'Loading')
-      %div{ 'v-show' => '!loading' }= render 'shared/icons/icon_status_success.svg'
+        = icon('spin spinner', 'v-show' => 'loading', class: 'loading', 'aria-hidden' => 'true', 'aria-label' => 'Loading')
+        %div{ 'v-show' => '!loading' }= render 'shared/icons/icon_status_success.svg'
 
 - if current_user
   - if note.emoji_awardable?
     - user_authored = note.user_authored?(current_user)
-    = link_to '#', title: 'Add reaction', class: "note-action-button note-emoji-button js-add-award js-note-emoji #{'js-user-authored' if user_authored} has-tooltip", data: { position: 'right' } do
-      = icon('spinner spin')
-      %span{ class: 'link-highlight award-control-icon-neutral' }= custom_icon('emoji_slightly_smiling_face')
-      %span{ class: 'link-highlight award-control-icon-positive' }= custom_icon('emoji_smiley')
-      %span{ class: 'link-highlight award-control-icon-super-positive' }= custom_icon('emoji_smile')
+    .note-actions-item
+      = button_tag title: 'Add reaction', class: "note-action-button note-emoji-button js-add-award js-note-emoji #{'js-user-authored' if user_authored} has-tooltip btn btn-transparent", data: { position: 'right', container: 'body' } do
+        = icon('spinner spin')
+        %span{ class: 'link-highlight award-control-icon-neutral' }= custom_icon('emoji_slightly_smiling_face')
+        %span{ class: 'link-highlight award-control-icon-positive' }= custom_icon('emoji_smiley')
+        %span{ class: 'link-highlight award-control-icon-super-positive' }= custom_icon('emoji_smile')
 
-    = render 'projects/notes/more_actions_dropdown', note: note, note_editable: note_editable
+  - if note_editable
+    .note-actions-item
+      = button_tag title: 'Edit comment', class: 'note-action-button js-note-edit has-tooltip btn btn-transparent', data: { container: 'body' } do
+        %span.link-highlight
+          = custom_icon('icon_pencil')
+
+  = render 'projects/notes/more_actions_dropdown', note: note, note_editable: note_editable
diff --git a/app/views/projects/notes/_more_actions_dropdown.html.haml b/app/views/projects/notes/_more_actions_dropdown.html.haml
index 75a4687e1e3..5930209a682 100644
--- a/app/views/projects/notes/_more_actions_dropdown.html.haml
+++ b/app/views/projects/notes/_more_actions_dropdown.html.haml
@@ -1,14 +1,11 @@
 - is_current_user = current_user == note.author
 
 - if note_editable || !is_current_user
-  .dropdown.more-actions
+  .dropdown.more-actions.note-actions-item
     = button_tag title: 'More actions', class: 'note-action-button more-actions-toggle has-tooltip btn btn-transparent', data: { toggle: 'dropdown', container: 'body' } do
-      = icon('ellipsis-v', class: 'icon')
+      %span.icon
+        = custom_icon('ellipsis_v')
     %ul.dropdown-menu.more-actions-dropdown.dropdown-open-left
-      - if note_editable
-        %li
-          = button_tag 'Edit comment', class: 'js-note-edit btn btn-transparent'
-        %li.divider
       - unless is_current_user
         %li
           = link_to new_abuse_report_path(user_id: note.author.id, ref_url: noteable_note_url(note)) do
diff --git a/app/views/projects/tree/_old_tree_content.html.haml b/app/views/projects/tree/_old_tree_content.html.haml
new file mode 100644
index 00000000000..820b947804e
--- /dev/null
+++ b/app/views/projects/tree/_old_tree_content.html.haml
@@ -0,0 +1,24 @@
+.tree-content-holder.js-tree-content{ 'data-logs-path': @logs_path }
+  .table-holder
+    %table.table#tree-slider{ class: "table_#{@hex_path} tree-table" }
+      %thead
+        %tr
+          %th= s_('ProjectFileTree|Name')
+          %th.hidden-xs
+            .pull-left= _('Last commit')
+          %th.text-right= _('Last Update')
+      - if @path.present?
+        %tr.tree-item
+          %td.tree-item-file-name
+            = link_to "..", project_tree_path(@project, up_dir_path), class: 'prepend-left-10'
+          %td
+          %td.hidden-xs
+
+      = render_tree(tree)
+
+  - if tree.readme
+    = render "projects/tree/readme", readme: tree.readme
+
+- if can_edit_tree?
+  = render 'projects/blob/upload', title: _('Upload New File'), placeholder: _('Upload New File'), button_title: _('Upload file'), form_path: project_create_blob_path(@project, @id), method: :post
+  = render 'projects/blob/new_dir'
diff --git a/app/views/projects/tree/_old_tree_header.html.haml b/app/views/projects/tree/_old_tree_header.html.haml
new file mode 100644
index 00000000000..13705ca303b
--- /dev/null
+++ b/app/views/projects/tree/_old_tree_header.html.haml
@@ -0,0 +1,70 @@
+%ul.breadcrumb.repo-breadcrumb
+  %li
+    = link_to project_tree_path(@project, @ref) do
+      = @project.path
+  - path_breadcrumbs do |title, path|
+    %li
+      = link_to truncate(title, length: 40), project_tree_path(@project, tree_join(@ref, path))
+
+  - if current_user
+    %li
+      - if !on_top_of_branch?
+        %span.btn.add-to-tree.disabled.has-tooltip{ title: _("You can only add files when you are on a branch"), data: { container: 'body' } }
+          = icon('plus')
+      - else
+        %span.dropdown
+          %a.dropdown-toggle.btn.add-to-tree{ href: '#', "data-toggle" => "dropdown", "data-target" => ".add-to-tree-dropdown" }
+            = icon('plus')
+        .add-to-tree-dropdown
+          %ul.dropdown-menu
+            - if can_edit_tree?
+              %li
+                = link_to project_new_blob_path(@project, @id) do
+                  = icon('pencil fw')
+                  #{ _('New file') }
+              %li
+                = link_to '#modal-upload-blob', { 'data-target' => '#modal-upload-blob', 'data-toggle' => 'modal' } do
+                  = icon('file fw')
+                  #{ _('Upload file') }
+              %li
+                = link_to '#modal-create-new-dir', { 'data-target' => '#modal-create-new-dir', 'data-toggle' => 'modal' } do
+                  = icon('folder fw')
+                  #{ _('New directory') }
+            - elsif can?(current_user, :fork_project, @project)
+              %li
+                - continue_params = { to:         project_new_blob_path(@project, @id),
+                                      notice:     edit_in_new_fork_notice,
+                                      notice_now: edit_in_new_fork_notice_now }
+                - fork_path = project_forks_path(@project, namespace_key:  current_user.namespace.id,
+                                                                                        continue:       continue_params)
+                = link_to fork_path, method: :post do
+                  = icon('pencil fw')
+                  #{ _('New file') }
+              %li
+                - continue_params = { to:         request.fullpath,
+                                      notice:     edit_in_new_fork_notice + " Try to upload a file again.",
+                                      notice_now: edit_in_new_fork_notice_now }
+                - fork_path = project_forks_path(@project, namespace_key:  current_user.namespace.id,
+                                                                                        continue:       continue_params)
+                = link_to fork_path, method: :post do
+                  = icon('file fw')
+                  #{ _('Upload file') }
+              %li
+                - continue_params = { to:         request.fullpath,
+                                      notice:     edit_in_new_fork_notice + " Try to create a new directory again.",
+                                      notice_now: edit_in_new_fork_notice_now }
+                - fork_path = project_forks_path(@project, namespace_key:  current_user.namespace.id,
+                                                                                        continue:       continue_params)
+                = link_to fork_path, method: :post do
+                  = icon('folder fw')
+                  #{ _('New directory') }
+
+            %li.divider
+            %li
+              = link_to new_project_branch_path(@project) do
+                = icon('code-fork fw')
+                #{ _('New branch') }
+            %li
+              = link_to new_project_tag_path(@project) do
+                = icon('tags fw')
+                #{ _('New tag') }
diff --git a/app/views/projects/tree/_tree_content.html.haml b/app/views/projects/tree/_tree_content.html.haml
index 820b947804e..a4bdd67209d 100644
--- a/app/views/projects/tree/_tree_content.html.haml
+++ b/app/views/projects/tree/_tree_content.html.haml
@@ -1,24 +1,5 @@
-.tree-content-holder.js-tree-content{ 'data-logs-path': @logs_path }
-  .table-holder
-    %table.table#tree-slider{ class: "table_#{@hex_path} tree-table" }
-      %thead
-        %tr
-          %th= s_('ProjectFileTree|Name')
-          %th.hidden-xs
-            .pull-left= _('Last commit')
-          %th.text-right= _('Last Update')
-      - if @path.present?
-        %tr.tree-item
-          %td.tree-item-file-name
-            = link_to "..", project_tree_path(@project, up_dir_path), class: 'prepend-left-10'
-          %td
-          %td.hidden-xs
-
-      = render_tree(tree)
-
-  - if tree.readme
-    = render "projects/tree/readme", readme: tree.readme
-
-- if can_edit_tree?
-  = render 'projects/blob/upload', title: _('Upload New File'), placeholder: _('Upload New File'), button_title: _('Upload file'), form_path: project_create_blob_path(@project, @id), method: :post
-  = render 'projects/blob/new_dir'
+- content_url = local_assigns.fetch(:content_url, nil)
+- if show_new_repo?
+  = render 'shared/repo/repo', project: @project, content_url: content_url
+- else
+  = render 'projects/tree/old_tree_content', tree: tree
diff --git a/app/views/projects/tree/_tree_header.html.haml b/app/views/projects/tree/_tree_header.html.haml
index 858418ff8df..853e2a6e7ec 100644
--- a/app/views/projects/tree/_tree_header.html.haml
+++ b/app/views/projects/tree/_tree_header.html.haml
@@ -1,81 +1,20 @@
 .tree-ref-container
   .tree-ref-holder
     = render 'shared/ref_switcher', destination: 'tree', path: @path
+    - if show_new_repo?
+      .tree-ref-target-holder.js-tree-ref-target-holder
+        = icon('long-arrow-right', title: 'to target branch')
+        = render 'shared/target_switcher', destination: 'tree', path: @path
 
-  %ul.breadcrumb.repo-breadcrumb
-    %li
-      = link_to project_tree_path(@project, @ref) do
-        = @project.path
-    - path_breadcrumbs do |title, path|
-      %li
-        = link_to truncate(title, length: 40), project_tree_path(@project, tree_join(@ref, path))
-
-    - if current_user
-      %li
-        - if !on_top_of_branch?
-          %span.btn.add-to-tree.disabled.has-tooltip{ title: _("You can only add files when you are on a branch"), data: { container: 'body' } }
-            = icon('plus')
-        - else
-          %span.dropdown
-            %a.dropdown-toggle.btn.add-to-tree{ href: '#', "data-toggle" => "dropdown", "data-target" => ".add-to-tree-dropdown" }
-              = icon('plus')
-          .add-to-tree-dropdown
-            %ul.dropdown-menu
-              - if can_edit_tree?
-                %li
-                  = link_to project_new_blob_path(@project, @id) do
-                    = icon('pencil fw')
-                    #{ _('New file') }
-                %li
-                  = link_to '#modal-upload-blob', { 'data-target' => '#modal-upload-blob', 'data-toggle' => 'modal' } do
-                    = icon('file fw')
-                    #{ _('Upload file') }
-                %li
-                  = link_to '#modal-create-new-dir', { 'data-target' => '#modal-create-new-dir', 'data-toggle' => 'modal' } do
-                    = icon('folder fw')
-                    #{ _('New directory') }
-              - elsif can?(current_user, :fork_project, @project)
-                %li
-                  - continue_params = { to:         project_new_blob_path(@project, @id),
-                                        notice:     edit_in_new_fork_notice,
-                                        notice_now: edit_in_new_fork_notice_now }
-                  - fork_path = project_forks_path(@project, namespace_key:  current_user.namespace.id,
-                                                                                          continue:       continue_params)
-                  = link_to fork_path, method: :post do
-                    = icon('pencil fw')
-                    #{ _('New file') }
-                %li
-                  - continue_params = { to:         request.fullpath,
-                                        notice:     edit_in_new_fork_notice + " Try to upload a file again.",
-                                        notice_now: edit_in_new_fork_notice_now }
-                  - fork_path = project_forks_path(@project, namespace_key:  current_user.namespace.id,
-                                                                                          continue:       continue_params)
-                  = link_to fork_path, method: :post do
-                    = icon('file fw')
-                    #{ _('Upload file') }
-                %li
-                  - continue_params = { to:         request.fullpath,
-                                        notice:     edit_in_new_fork_notice + " Try to create a new directory again.",
-                                        notice_now: edit_in_new_fork_notice_now }
-                  - fork_path = project_forks_path(@project, namespace_key:  current_user.namespace.id,
-                                                                                          continue:       continue_params)
-                  = link_to fork_path, method: :post do
-                    = icon('folder fw')
-                    #{ _('New directory') }
-
-              %li.divider
-              %li
-                = link_to new_project_branch_path(@project) do
-                  = icon('code-fork fw')
-                  #{ _('New branch') }
-              %li
-                = link_to new_project_tag_path(@project) do
-                  = icon('tags fw')
-                  #{ _('New tag') }
+  - unless show_new_repo?
+    = render 'projects/tree/old_tree_header'
 
 .tree-controls
-  = render 'projects/find_file_link'
+  - if show_new_repo?
+    = render 'shared/repo/editable_mode'
+  - else
+    = link_to s_('Commits|History'), project_commits_path(@project, @id), class: 'btn'
 
-  = link_to s_('Commits|History'), project_commits_path(@project, @id), class: 'btn'
+  = render 'projects/find_file_link'
 
   = render 'projects/buttons/download', project: @project, ref: @ref
diff --git a/app/views/projects/tree/show.html.haml b/app/views/projects/tree/show.html.haml
index c8587245f88..375e6764add 100644
--- a/app/views/projects/tree/show.html.haml
+++ b/app/views/projects/tree/show.html.haml
@@ -5,8 +5,14 @@
 - page_title @path.presence || _("Files"), @ref
 = content_for :meta_tags do
   = auto_discovery_link_tag(:atom, project_commits_url(@project, @ref, rss_url_options), title: "#{@project.name}:#{@ref} commits")
+
+- if show_new_repo?
+  - content_for :page_specific_javascripts do
+    = webpack_bundle_tag 'common_vue'
+    = webpack_bundle_tag 'repo'
+
 = render "projects/commits/head"
 
 %div{ class: [container_class, ("limit-container-width" unless fluid_layout)] }
   = render 'projects/last_push'
-  = render 'projects/files', commit: @last_commit, project: @project, ref: @ref
+  = render 'projects/files', commit: @last_commit, project: @project, ref: @ref, content_url: project_tree_path(@project, @id)
diff --git a/app/views/shared/_commit_well.html.haml b/app/views/shared/_commit_well.html.haml
new file mode 100644
index 00000000000..50e3d80a84d
--- /dev/null
+++ b/app/views/shared/_commit_well.html.haml
@@ -0,0 +1,4 @@
+.info-well.hidden-xs.project-last-commit.append-bottom-default
+  .well-segment
+    %ul.blob-commit-info
+      = render 'projects/commits/commit', commit: commit, ref: ref, project: project
diff --git a/app/views/shared/_target_switcher.html.haml b/app/views/shared/_target_switcher.html.haml
new file mode 100644
index 00000000000..3672b552f10
--- /dev/null
+++ b/app/views/shared/_target_switcher.html.haml
@@ -0,0 +1,20 @@
+- dropdown_toggle_text = @ref || @project.default_branch
+= form_tag nil, method: :get, class: "project-refs-target-form" do
+  = hidden_field_tag :destination, destination
+  - if defined?(path)
+    = hidden_field_tag :path, path
+  - @options && @options.each do |key, value|
+    = hidden_field_tag key, value, id: nil
+  .dropdown
+    = dropdown_toggle dropdown_toggle_text, { toggle: "dropdown", selected: dropdown_toggle_text, ref: @ref, refs_url: refs_project_path(@project, find: ['branches']), field_name: 'ref', input_field_name: 'new-branch', submit_form_on_click: true, visit: false }, { toggle_class: "js-project-refs-dropdown" }
+    %ul.dropdown-menu.dropdown-menu-selectable.git-revision-dropdown{ class: ("dropdown-menu-align-right" if local_assigns[:align_right]) }
+      %li
+        = dropdown_title _("Create a new branch")
+      %li
+        = dropdown_input _("Create a new branch")
+      %li
+        = dropdown_title _("Select existing branch"), options: {close: false}
+      %li
+        = dropdown_filter _("Search branches and tags")
+        = dropdown_content
+        = dropdown_loading
diff --git a/app/views/shared/icons/_ellipsis_v.svg b/app/views/shared/icons/_ellipsis_v.svg
new file mode 100644
index 00000000000..9117a9bb9ec
--- /dev/null
+++ b/app/views/shared/icons/_ellipsis_v.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1600 1600"><path d="M1088 1248v192q0 40-28 68t-68 28H800q-40 0-68-28t-28-68v-192q0-40 28-68t68-28h192q40 0 68 28t28 68zm0-512v192q0 40-28 68t-68 28H800q-40 0-68-28t-28-68V736q0-40 28-68t68-28h192q40 0 68 28t28 68zm0-512v192q0 40-28 68t-68 28H800q-40 0-68-28t-28-68V224q0-40 28-68t68-28h192q40 0 68 28t28 68z"/></svg>
diff --git a/app/views/shared/icons/_node_express.svg b/app/views/shared/icons/_express.svg
index f2c94319f19..f2c94319f19 100644
--- a/app/views/shared/icons/_node_express.svg
+++ b/app/views/shared/icons/_express.svg
diff --git a/app/views/shared/icons/_java_spring.svg b/app/views/shared/icons/_spring.svg
index 508349aa456..508349aa456 100644
--- a/app/views/shared/icons/_java_spring.svg
+++ b/app/views/shared/icons/_spring.svg
diff --git a/app/views/shared/issuable/_label_page_create.html.haml b/app/views/shared/issuable/_label_page_create.html.haml
index bd66f39fa59..0a692d9653f 100644
--- a/app/views/shared/issuable/_label_page_create.html.haml
+++ b/app/views/shared/issuable/_label_page_create.html.haml
@@ -1,5 +1,5 @@
 .dropdown-page-two.dropdown-new-label
-  = dropdown_title("Create new label", back: true)
+  = dropdown_title("Create new label", options: { back: true })
   = dropdown_content do
     .dropdown-labels-error.js-label-error
     %input#new_label_name.default-dropdown-input{ type: "text", placeholder: "Name new label" }
diff --git a/app/views/shared/issuable/_sidebar.html.haml b/app/views/shared/issuable/_sidebar.html.haml
index c2de6926460..c3f25c9d255 100644
--- a/app/views/shared/issuable/_sidebar.html.haml
+++ b/app/views/shared/issuable/_sidebar.html.haml
@@ -3,7 +3,7 @@
   = page_specific_javascript_bundle_tag('common_vue')
   = page_specific_javascript_bundle_tag('sidebar')
 
-%aside.right-sidebar.js-right-sidebar{ data: { "offset-top" => "50", "spy" => "affix", signed: { in: current_user.present? } }, class: sidebar_gutter_collapsed_class, 'aria-live' => 'polite' }
+%aside.right-sidebar.js-right-sidebar.js-issuable-sidebar{ data: { "offset-top" => ("50" unless show_new_nav?), "spy" => ("affix" unless show_new_nav?), signed: { in: current_user.present? } }, class: sidebar_gutter_collapsed_class, 'aria-live' => 'polite' }
   .issuable-sidebar{ data: { endpoint: "#{issuable_json_path(issuable)}" } }
     - can_edit_issuable = can?(current_user, :"admin_#{issuable.to_ability_name}", @project)
     .block.issuable-sidebar-header
diff --git a/app/views/shared/projects/_list.html.haml b/app/views/shared/projects/_list.html.haml
index 914506bf0ce..0bedfea3502 100644
--- a/app/views/shared/projects/_list.html.haml
+++ b/app/views/shared/projects/_list.html.haml
@@ -23,6 +23,6 @@
           = icon('lock fw', base: 'circle', class: 'fa-lg private-fork-icon')
           %strong= pluralize(@private_forks_count, 'private fork')
           %span &nbsp;you have no access to.
-    = paginate(projects, remote: remote, theme: "gitlab") if projects.respond_to? :total_pages
+    = paginate_collection(projects, remote: remote)
   - else
     .nothing-here-block No projects found
diff --git a/app/views/shared/repo/_editable_mode.html.haml b/app/views/shared/repo/_editable_mode.html.haml
new file mode 100644
index 00000000000..73fdb8b523f
--- /dev/null
+++ b/app/views/shared/repo/_editable_mode.html.haml
@@ -0,0 +1,2 @@
+.editable-mode
+  %repo-edit-button
diff --git a/app/views/shared/repo/_repo.html.haml b/app/views/shared/repo/_repo.html.haml
new file mode 100644
index 00000000000..051a5783516
--- /dev/null
+++ b/app/views/shared/repo/_repo.html.haml
@@ -0,0 +1 @@
+#repo{ data: { url: content_url, project_name: project.name, refs_url: refs_project_path(project, format: :json), project_url: project_path(project), project_id: project.id, can_commit: (!!can_push_branch?(project, @ref)).to_s } }
diff --git a/app/views/snippets/notes/_actions.html.haml b/app/views/snippets/notes/_actions.html.haml
index 098a88c48c5..3a50324770d 100644
--- a/app/views/snippets/notes/_actions.html.haml
+++ b/app/views/snippets/notes/_actions.html.haml
@@ -1,10 +1,17 @@
 - if current_user
   - if note.emoji_awardable?
     - user_authored = note.user_authored?(current_user)
-    = link_to '#', title: 'Add reaction', class: "note-action-button note-emoji-button js-add-award js-note-emoji #{'js-user-authored' if user_authored} has-tooltip", data: { position: 'right' } do
-      = icon('spinner spin')
-      %span{ class: 'link-highlight award-control-icon-neutral' }= custom_icon('emoji_slightly_smiling_face')
-      %span{ class: 'link-highlight award-control-icon-positive' }= custom_icon('emoji_smiley')
-      %span{ class: 'link-highlight award-control-icon-super-positive' }= custom_icon('emoji_smile')
+    .note-actions-item
+      = link_to '#', title: 'Add reaction', class: "note-action-button note-emoji-button js-add-award js-note-emoji #{'js-user-authored' if user_authored} has-tooltip", data: { position: 'right' } do
+        = icon('spinner spin')
+        %span{ class: 'link-highlight award-control-icon-neutral' }= custom_icon('emoji_slightly_smiling_face')
+        %span{ class: 'link-highlight award-control-icon-positive' }= custom_icon('emoji_smiley')
+        %span{ class: 'link-highlight award-control-icon-super-positive' }= custom_icon('emoji_smile')
+
+  - if note_editable
+    .note-actions-item
+      = button_tag title: 'Edit comment', class: 'note-action-button js-note-edit has-tooltip btn btn-transparent', data: { container: 'body' } do
+        %span.link-highlight
+          = custom_icon('icon_pencil')
 
   = render 'projects/notes/more_actions_dropdown', note: note, note_editable: note_editable
diff --git a/app/workers/concerns/new_issuable.rb b/app/workers/concerns/new_issuable.rb
index 3fd472bf0c1..eb0d6c9c36c 100644
--- a/app/workers/concerns/new_issuable.rb
+++ b/app/workers/concerns/new_issuable.rb
@@ -1,20 +1,23 @@
 module NewIssuable
   attr_reader :issuable, :user
 
-  def ensure_objects_found(issuable_id, user_id)
-    @issuable = issuable_class.find_by(id: issuable_id)
-    unless @issuable
-      log_error(issuable_class, issuable_id)
-      return false
-    end
+  def objects_found?(issuable_id, user_id)
+    set_user(user_id)
+    set_issuable(issuable_id)
+
+    user && issuable
+  end
 
+  def set_user(user_id)
     @user = User.find_by(id: user_id)
-    unless @user
-      log_error(User, user_id)
-      return false
-    end
 
-    true
+    log_error(User, user_id) unless @user
+  end
+
+  def set_issuable(issuable_id)
+    @issuable = issuable_class.find_by(id: issuable_id)
+
+    log_error(issuable_class, issuable_id) unless @issuable
   end
 
   def log_error(record_class, record_id)
diff --git a/app/workers/merge_worker.rb b/app/workers/merge_worker.rb
index 48e2da338f6..c3b58df92c1 100644
--- a/app/workers/merge_worker.rb
+++ b/app/workers/merge_worker.rb
@@ -7,6 +7,8 @@ class MergeWorker
     current_user = User.find(current_user_id)
     merge_request = MergeRequest.find(merge_request_id)
 
+    merge_request.update_column(:merge_jid, jid)
+
     MergeRequests::MergeService.new(merge_request.target_project, current_user, params)
       .execute(merge_request)
   end
diff --git a/app/workers/new_issue_worker.rb b/app/workers/new_issue_worker.rb
index 19a778ad522..d9a8e892e90 100644
--- a/app/workers/new_issue_worker.rb
+++ b/app/workers/new_issue_worker.rb
@@ -4,7 +4,7 @@ class NewIssueWorker
   include NewIssuable
 
   def perform(issue_id, user_id)
-    return unless ensure_objects_found(issue_id, user_id)
+    return unless objects_found?(issue_id, user_id)
 
     EventCreateService.new.open_issue(issuable, user)
     NotificationService.new.new_issue(issuable, user)
diff --git a/app/workers/new_merge_request_worker.rb b/app/workers/new_merge_request_worker.rb
index 3c8a68016ff..1910c490159 100644
--- a/app/workers/new_merge_request_worker.rb
+++ b/app/workers/new_merge_request_worker.rb
@@ -4,7 +4,7 @@ class NewMergeRequestWorker
   include NewIssuable
 
   def perform(merge_request_id, user_id)
-    return unless ensure_objects_found(merge_request_id, user_id)
+    return unless objects_found?(merge_request_id, user_id)
 
     EventCreateService.new.open_mr(issuable, user)
     NotificationService.new.new_merge_request(issuable, user)
diff --git a/app/workers/pages_worker.rb b/app/workers/pages_worker.rb
index 4eeb9666bb0..64788da7299 100644
--- a/app/workers/pages_worker.rb
+++ b/app/workers/pages_worker.rb
@@ -4,7 +4,7 @@ class PagesWorker
   sidekiq_options queue: :pages, retry: false
 
   def perform(action, *arg)
-    send(action, *arg)
+    send(action, *arg) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def deploy(build_id)
diff --git a/app/workers/stuck_merge_jobs_worker.rb b/app/workers/stuck_merge_jobs_worker.rb
new file mode 100644
index 00000000000..7843179d77c
--- /dev/null
+++ b/app/workers/stuck_merge_jobs_worker.rb
@@ -0,0 +1,34 @@
+class StuckMergeJobsWorker
+  include Sidekiq::Worker
+  include CronjobQueue
+
+  def perform
+    stuck_merge_requests.find_in_batches(batch_size: 100) do |group|
+      jids = group.map(&:merge_jid)
+
+      # Find the jobs that aren't currently running or that exceeded the threshold.
+      completed_jids = Gitlab::SidekiqStatus.completed_jids(jids)
+
+      if completed_jids.any?
+        completed_ids = group.select { |merge_request| completed_jids.include?(merge_request.merge_jid) }.map(&:id)
+
+        apply_current_state!(completed_jids, completed_ids)
+      end
+    end
+  end
+
+  private
+
+  def apply_current_state!(completed_jids, completed_ids)
+    merge_requests = MergeRequest.where(id: completed_ids)
+
+    merge_requests.where.not(merge_commit_sha: nil).update_all(state: :merged)
+    merge_requests.where(merge_commit_sha: nil).update_all(state: :opened)
+
+    Rails.logger.info("Updated state of locked merge jobs. JIDs: #{completed_jids.join(', ')}")
+  end
+
+  def stuck_merge_requests
+    MergeRequest.select('id, merge_jid').with_state(:locked).where.not(merge_jid: nil).reorder(nil)
+  end
+end
diff --git a/bin/changelog b/bin/changelog
index 4c894f8ff5b..61d4de06e90 100755
--- a/bin/changelog
+++ b/bin/changelog
@@ -14,54 +14,107 @@ Options = Struct.new(
   :dry_run,
   :force,
   :merge_request,
-  :title
+  :title,
+  :type
 )
+INVALID_TYPE = -1
 
 class ChangelogOptionParser
-  def self.parse(argv)
-    options = Options.new
+  Type = Struct.new(:name, :description)
+  TYPES = [
+    Type.new('added', 'New feature'),
+    Type.new('fixed', 'Bug fix'),
+    Type.new('changed', 'Feature change'),
+    Type.new('deprecated', 'New deprecation'),
+    Type.new('removed', 'Feature removal'),
+    Type.new('security', 'Security fix'),
+    Type.new('other', 'Other')
+  ].freeze
+  TYPES_OFFSET = 1
+
+  class << self
+    def parse(argv)
+      options = Options.new
+
+      parser = OptionParser.new do |opts|
+        opts.banner = "Usage: #{__FILE__} [options] [title]\n\n"
+
+        # Note: We do not provide a shorthand for this in order to match the `git
+        # commit` interface
+        opts.on('--amend', 'Amend the previous commit') do |value|
+          options.amend = value
+        end
+
+        opts.on('-f', '--force', 'Overwrite an existing entry') do |value|
+          options.force = value
+        end
+
+        opts.on('-m', '--merge-request [integer]', Integer, 'Merge Request ID') do |value|
+          options.merge_request = value
+        end
+
+        opts.on('-n', '--dry-run', "Don't actually write anything, just print") do |value|
+          options.dry_run = value
+        end
+
+        opts.on('-u', '--git-username', 'Use Git user.name configuration as the author') do |value|
+          options.author = git_user_name if value
+        end
+
+        opts.on('-t', '--type [string]', String, "The category of the change, valid options are: #{TYPES.map(&:name).join(', ')}") do |value|
+          options.type = parse_type(value)
+        end
+
+        opts.on('-h', '--help', 'Print help message') do
+          $stdout.puts opts
+          exit
+        end
+      end
 
-    parser = OptionParser.new do |opts|
-      opts.banner = "Usage: #{__FILE__} [options] [title]\n\n"
+      parser.parse!(argv)
 
-      # Note: We do not provide a shorthand for this in order to match the `git
-      # commit` interface
-      opts.on('--amend', 'Amend the previous commit') do |value|
-        options.amend = value
-      end
+      # Title is everything that remains, but let's clean it up a bit
+      options.title = argv.join(' ').strip.squeeze(' ').tr("\r\n", '')
 
-      opts.on('-f', '--force', 'Overwrite an existing entry') do |value|
-        options.force = value
-      end
+      options
+    end
 
-      opts.on('-m', '--merge-request [integer]', Integer, 'Merge Request ID') do |value|
-        options.merge_request = value
-      end
+    def read_type
+      read_type_message
 
-      opts.on('-n', '--dry-run', "Don't actually write anything, just print") do |value|
-        options.dry_run = value
-      end
+      type = TYPES[$stdin.getc.to_i - TYPES_OFFSET]
+      assert_valid_type!(type)
 
-      opts.on('-u', '--git-username', 'Use Git user.name configuration as the author') do |value|
-        options.author = git_user_name if value
-      end
+      type.name
+    end
+
+    private
 
-      opts.on('-h', '--help', 'Print help message') do
-        $stdout.puts opts
-        exit
+    def parse_type(name)
+      type_found = TYPES.find do |type|
+        type.name == name
       end
+      type_found ? type_found.name : INVALID_TYPE
     end
 
-    parser.parse!(argv)
-
-    # Title is everything that remains, but let's clean it up a bit
-    options.title = argv.join(' ').strip.squeeze(' ').tr("\r\n", '')
+    def read_type_message
+      $stdout.puts "\n>> Please specify the index for the category of your change:"
+      TYPES.each_with_index do |type, index|
+        $stdout.puts "#{index + TYPES_OFFSET}. #{type.description}"
+      end
+      $stdout.print "\n?> "
+    end
 
-    options
-  end
+    def assert_valid_type!(type)
+      unless type
+        $stderr.puts "Invalid category index, please select an index between 1 and #{TYPES.length}"
+        exit 1
+      end
+    end
 
-  def self.git_user_name
-    %x{git config user.name}.strip
+    def git_user_name
+      %x{git config user.name}.strip
+    end
   end
 end
 
@@ -72,8 +125,12 @@ class ChangelogEntry
     @options = options
 
     assert_feature_branch!
-    assert_new_file!
     assert_title!
+    assert_new_file!
+
+    # Read type from $stdin unless is already set
+    options.type ||= ChangelogOptionParser.read_type
+    assert_valid_type!
 
     $stdout.puts "\e[32mcreate\e[0m #{file_path}"
     $stdout.puts contents
@@ -90,7 +147,8 @@ class ChangelogEntry
     yaml_content = YAML.dump(
       'title'         => title,
       'merge_request' => options.merge_request,
-      'author'        => options.author
+      'author'        => options.author,
+      'type'          => options.type
     )
     remove_trailing_whitespace(yaml_content)
   end
@@ -129,6 +187,12 @@ class ChangelogEntry
       " to use the title from the previous commit."
   end
 
+  def assert_valid_type!
+    return unless options.type && options.type == INVALID_TYPE
+
+    fail_with 'Invalid category given!'
+  end
+
   def title
     if options.title.empty?
       last_commit_subject
diff --git a/bin/rspec-stackprof b/bin/rspec-stackprof
index df79feb201d..810863ea4a0 100755
--- a/bin/rspec-stackprof
+++ b/bin/rspec-stackprof
@@ -1,5 +1,6 @@
 #!/usr/bin/env ruby
 
+require 'bundler/setup'
 require 'stackprof'
 $:.unshift 'spec'
 require 'rails_helper'
@@ -13,4 +14,4 @@ StackProf.run(mode: :wall, out: output_file, interval: interval) do
   RSpec::Core::Runner.run(ARGV, $stderr, $stdout)
 end
 
-system("stackprof #{output_file} --text --limit #{limit}")
+system("bundle exec stackprof #{output_file} --text --limit #{limit}")
diff --git a/changelogs/unreleased/13265-project_events_noteable_iid.yml b/changelogs/unreleased/13265-project_events_noteable_iid.yml
new file mode 100644
index 00000000000..54d538bb548
--- /dev/null
+++ b/changelogs/unreleased/13265-project_events_noteable_iid.yml
@@ -0,0 +1,4 @@
+---
+title: Expose noteable_iid in Note
+merge_request: 13265
+author: sue445
diff --git a/changelogs/unreleased/13325-bugfix-silence-on-disabled-notifications.yml b/changelogs/unreleased/13325-bugfix-silence-on-disabled-notifications.yml
new file mode 100644
index 00000000000..90b169390d2
--- /dev/null
+++ b/changelogs/unreleased/13325-bugfix-silence-on-disabled-notifications.yml
@@ -0,0 +1,6 @@
+---
+title: disabling notifications globally now properly turns off group/project added
+  emails
+merge_request: 13325
+author: @jneen
+type: fixed
diff --git a/changelogs/unreleased/21949-add-type-to-changelog.yml b/changelogs/unreleased/21949-add-type-to-changelog.yml
new file mode 100644
index 00000000000..a20f6b7ad4e
--- /dev/null
+++ b/changelogs/unreleased/21949-add-type-to-changelog.yml
@@ -0,0 +1,4 @@
+---
+title: Added type to CHANGELOG entries
+merge_request:
+author: Jacopo Beschi @jacopo-beschi
diff --git a/changelogs/unreleased/29811-fix-line-number-alignment.yml b/changelogs/unreleased/29811-fix-line-number-alignment.yml
new file mode 100644
index 00000000000..94b3328a7f2
--- /dev/null
+++ b/changelogs/unreleased/29811-fix-line-number-alignment.yml
@@ -0,0 +1,4 @@
+---
+title: Fix the alignment of line numbers to lines of code in code viewer 
+merge_request: 13403
+author: Trevor Flynn
\ No newline at end of file
diff --git a/changelogs/unreleased/31207-clean-locked-merge-requests.yml b/changelogs/unreleased/31207-clean-locked-merge-requests.yml
new file mode 100644
index 00000000000..1f52987baef
--- /dev/null
+++ b/changelogs/unreleased/31207-clean-locked-merge-requests.yml
@@ -0,0 +1,4 @@
+---
+title: Unlock stuck merge request and set the proper state
+merge_request: 13207
+author:
diff --git a/changelogs/unreleased/34339-user_avatar-url-in-push-event-webhook-json-payload-is-relative-should-be-absolute.yml b/changelogs/unreleased/34339-user_avatar-url-in-push-event-webhook-json-payload-is-relative-should-be-absolute.yml
new file mode 100644
index 00000000000..13f28da8577
--- /dev/null
+++ b/changelogs/unreleased/34339-user_avatar-url-in-push-event-webhook-json-payload-is-relative-should-be-absolute.yml
@@ -0,0 +1,4 @@
+---
+title: Use full path of user's avatar in webhooks
+merge_request: 13401
+author: Vitaliy @blackst0ne Klachkov
diff --git a/changelogs/unreleased/34371-pipeline-schedule-vue-files.yml b/changelogs/unreleased/34371-pipeline-schedule-vue-files.yml
new file mode 100644
index 00000000000..7de30d82601
--- /dev/null
+++ b/changelogs/unreleased/34371-pipeline-schedule-vue-files.yml
@@ -0,0 +1,6 @@
+---
+title: Improves performance of vue code by using vue files and moving svg out of data
+  function in pipeline schedule callout
+merge_request:
+author:
+type: other
diff --git a/changelogs/unreleased/34492-firefox-job.yml b/changelogs/unreleased/34492-firefox-job.yml
deleted file mode 100644
index 881b8f649ea..00000000000
--- a/changelogs/unreleased/34492-firefox-job.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-title: Use jQuery to control scroll behavior in job log for cross browser consistency
-merge_request:
-author:
diff --git a/changelogs/unreleased/34527-make-edit-comment-button-always-available-outside-of-dropdown.yml b/changelogs/unreleased/34527-make-edit-comment-button-always-available-outside-of-dropdown.yml
new file mode 100644
index 00000000000..08171f6bcec
--- /dev/null
+++ b/changelogs/unreleased/34527-make-edit-comment-button-always-available-outside-of-dropdown.yml
@@ -0,0 +1,4 @@
+---
+title: move edit comment button outside of dropdown
+merge_request:
+author:
diff --git a/changelogs/unreleased/34533-speed-up-group-project-authorizations.yml b/changelogs/unreleased/34533-speed-up-group-project-authorizations.yml
new file mode 100644
index 00000000000..ddaaf4a2507
--- /dev/null
+++ b/changelogs/unreleased/34533-speed-up-group-project-authorizations.yml
@@ -0,0 +1,5 @@
+---
+title: Fix timeouts when creating projects in groups with many members
+merge_request: 13508
+author:
+type: fixed
diff --git a/changelogs/unreleased/35098-raise-encoding-confidence-threshold.yml b/changelogs/unreleased/35098-raise-encoding-confidence-threshold.yml
new file mode 100644
index 00000000000..3cdb3011f5b
--- /dev/null
+++ b/changelogs/unreleased/35098-raise-encoding-confidence-threshold.yml
@@ -0,0 +1,4 @@
+---
+title: Raise guessed encoding confidence threshold to 50
+merge_request: 12990
+author:
diff --git a/changelogs/unreleased/35136-barchart-not-display-label-at-0-hour.yml b/changelogs/unreleased/35136-barchart-not-display-label-at-0-hour.yml
new file mode 100644
index 00000000000..ea8f31cca9d
--- /dev/null
+++ b/changelogs/unreleased/35136-barchart-not-display-label-at-0-hour.yml
@@ -0,0 +1,4 @@
+---
+title: Fix bar chart does not display label at 0 hour
+merge_request: 35136
+author: Jason Dai
diff --git a/changelogs/unreleased/35232-next-unresolved.yml b/changelogs/unreleased/35232-next-unresolved.yml
deleted file mode 100644
index 45f3fb429a8..00000000000
--- a/changelogs/unreleased/35232-next-unresolved.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-title: fix jump to next discussion button
-merge_request:
-author:
diff --git a/changelogs/unreleased/35697-allow-logged-in-user-to-read-user-list.yml b/changelogs/unreleased/35697-allow-logged-in-user-to-read-user-list.yml
deleted file mode 100644
index 54b2e71bef9..00000000000
--- a/changelogs/unreleased/35697-allow-logged-in-user-to-read-user-list.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-title: Allow any logged in users to read_users_list even if it's restricted
-merge_request: 13201
-author:
diff --git a/changelogs/unreleased/36010-api-v4-allows-setting-a-branch-that-doesn-t-exist-as-the-default-one.yml b/changelogs/unreleased/36010-api-v4-allows-setting-a-branch-that-doesn-t-exist-as-the-default-one.yml
new file mode 100644
index 00000000000..04791e09b84
--- /dev/null
+++ b/changelogs/unreleased/36010-api-v4-allows-setting-a-branch-that-doesn-t-exist-as-the-default-one.yml
@@ -0,0 +1,4 @@
+---
+title: Add checks for branch existence before changing HEAD
+merge_request: 13359
+author: Vitaliy @blackst0ne Klachkov
diff --git a/changelogs/unreleased/36119-issuable-workers.yml b/changelogs/unreleased/36119-issuable-workers.yml
new file mode 100644
index 00000000000..beb01ae5b1a
--- /dev/null
+++ b/changelogs/unreleased/36119-issuable-workers.yml
@@ -0,0 +1,4 @@
+---
+title: Simplify checking if objects exist code in new issaubles workers
+merge_request:
+author:
diff --git a/changelogs/unreleased/36185-or-separator.yml b/changelogs/unreleased/36185-or-separator.yml
new file mode 100644
index 00000000000..4e46e60ea1b
--- /dev/null
+++ b/changelogs/unreleased/36185-or-separator.yml
@@ -0,0 +1,4 @@
+---
+title: Align OR separator to center in new project page
+merge_request:
+author:
diff --git a/changelogs/unreleased/36213-return-is_admin-in-users-api-when-current_user-is-admin.yml b/changelogs/unreleased/36213-return-is_admin-in-users-api-when-current_user-is-admin.yml
new file mode 100644
index 00000000000..b51b5e58b39
--- /dev/null
+++ b/changelogs/unreleased/36213-return-is_admin-in-users-api-when-current_user-is-admin.yml
@@ -0,0 +1,6 @@
+---
+title: Include the `is_admin` field in the `GET /users/:id` API when current user
+  is an admin
+merge_request:
+author:
+type: fixed
diff --git a/changelogs/unreleased/36385-pipeline-graph-dropdown.yml b/changelogs/unreleased/36385-pipeline-graph-dropdown.yml
new file mode 100644
index 00000000000..1a43c66debd
--- /dev/null
+++ b/changelogs/unreleased/36385-pipeline-graph-dropdown.yml
@@ -0,0 +1,5 @@
+---
+title: Prevents jobs dropdown from closing in pipeline graph
+merge_request:
+author:
+type: fixed
diff --git a/changelogs/unreleased/appearances-caching-and-schema.yml b/changelogs/unreleased/appearances-caching-and-schema.yml
new file mode 100644
index 00000000000..5743f6e0f2d
--- /dev/null
+++ b/changelogs/unreleased/appearances-caching-and-schema.yml
@@ -0,0 +1,4 @@
+---
+title: Cache Appearance instances in Redis
+merge_request:
+author:
diff --git a/changelogs/unreleased/broadcast-messages-cache.yml b/changelogs/unreleased/broadcast-messages-cache.yml
new file mode 100644
index 00000000000..a3c9e1ff465
--- /dev/null
+++ b/changelogs/unreleased/broadcast-messages-cache.yml
@@ -0,0 +1,4 @@
+---
+title: Better caching and indexing of broadcast messages
+merge_request:
+author:
diff --git a/changelogs/unreleased/bump-omniauth-ldap-gem-version-2-0-4.yml b/changelogs/unreleased/bump-omniauth-ldap-gem-version-2-0-4.yml
new file mode 100644
index 00000000000..7571999fa75
--- /dev/null
+++ b/changelogs/unreleased/bump-omniauth-ldap-gem-version-2-0-4.yml
@@ -0,0 +1,4 @@
+---
+title: Bumps omniauth-ldap gem version to 2.0.4
+merge_request: 13465
+author:
diff --git a/changelogs/unreleased/bvl-rollback-renamed-system-namespace.yml b/changelogs/unreleased/bvl-rollback-renamed-system-namespace.yml
new file mode 100644
index 00000000000..a24cc7a1c43
--- /dev/null
+++ b/changelogs/unreleased/bvl-rollback-renamed-system-namespace.yml
@@ -0,0 +1,4 @@
+---
+title: Don't rename namespace called system when upgrading from 9.1.x to 9.5
+merge_request: 13228
+author:
diff --git a/changelogs/unreleased/disable-project-export.yml b/changelogs/unreleased/disable-project-export.yml
new file mode 100644
index 00000000000..d7ca9f46193
--- /dev/null
+++ b/changelogs/unreleased/disable-project-export.yml
@@ -0,0 +1,4 @@
+---
+title: Add option to disable project export on instance
+merge_request: 13211
+author: Robin Bobbitt
diff --git a/changelogs/unreleased/fix-btn-alignment.yml b/changelogs/unreleased/fix-btn-alignment.yml
new file mode 100644
index 00000000000..e5dce3d3a0e
--- /dev/null
+++ b/changelogs/unreleased/fix-btn-alignment.yml
@@ -0,0 +1,5 @@
+---
+title: Fix inconsistent spacing for edit buttons on issues and merge request page
+merge_request:
+author:
+type: fixed
diff --git a/changelogs/unreleased/fix-edit-merge-request-button-case.yml b/changelogs/unreleased/fix-edit-merge-request-button-case.yml
new file mode 100644
index 00000000000..8550f3e3c1b
--- /dev/null
+++ b/changelogs/unreleased/fix-edit-merge-request-button-case.yml
@@ -0,0 +1,5 @@
+---
+title: Fix edit merge request and issues button inconsistent letter casing
+merge_request:
+author:
+type: fixed
diff --git a/changelogs/unreleased/fix-group-milestone-link-in-issuable-sidebar.yml b/changelogs/unreleased/fix-group-milestone-link-in-issuable-sidebar.yml
deleted file mode 100644
index 1558e575e6d..00000000000
--- a/changelogs/unreleased/fix-group-milestone-link-in-issuable-sidebar.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-title: Fix links to group milestones from issue and merge request sidebar
-merge_request:
-author:
diff --git a/changelogs/unreleased/fix-import-symbolink-links.yml b/changelogs/unreleased/fix-import-symbolink-links.yml
new file mode 100644
index 00000000000..36e73821bdc
--- /dev/null
+++ b/changelogs/unreleased/fix-import-symbolink-links.yml
@@ -0,0 +1,4 @@
+---
+title: Remove hidden symlinks from project import files
+merge_request:
+author:
diff --git a/changelogs/unreleased/fix-oauth-checkboxes.yml b/changelogs/unreleased/fix-oauth-checkboxes.yml
deleted file mode 100644
index 2839ccc42cb..00000000000
--- a/changelogs/unreleased/fix-oauth-checkboxes.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-title: Fixed sign-in restrictions buttons not toggling active state
-merge_request:
-author:
diff --git a/changelogs/unreleased/fix-sm-34547-cannot-connect-to-ci-server-error-messages.yml b/changelogs/unreleased/fix-sm-34547-cannot-connect-to-ci-server-error-messages.yml
deleted file mode 100644
index ddaec4f19f9..00000000000
--- a/changelogs/unreleased/fix-sm-34547-cannot-connect-to-ci-server-error-messages.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix an order of operations for CI connection error message in merge request
-  widget
-merge_request: 13252
-author:
diff --git a/changelogs/unreleased/fix-sm-35931-active-ci-pipelineschedule-have-nullified-next_run_at.yml b/changelogs/unreleased/fix-sm-35931-active-ci-pipelineschedule-have-nullified-next_run_at.yml
deleted file mode 100644
index 07840205b6e..00000000000
--- a/changelogs/unreleased/fix-sm-35931-active-ci-pipelineschedule-have-nullified-next_run_at.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-title: Fix pipeline_schedules pages when active schedule has an abnormal state
-merge_request: 13286
-author:
diff --git a/changelogs/unreleased/fix-thread-safe-gpgme-tmp-directory.yml b/changelogs/unreleased/fix-thread-safe-gpgme-tmp-directory.yml
new file mode 100644
index 00000000000..66b5b6b4f47
--- /dev/null
+++ b/changelogs/unreleased/fix-thread-safe-gpgme-tmp-directory.yml
@@ -0,0 +1,4 @@
+---
+title: Make GPGME temporary directory handling thread safe
+merge_request: 13481
+author: Alexis Reigel
diff --git a/changelogs/unreleased/forks-count-cache.yml b/changelogs/unreleased/forks-count-cache.yml
new file mode 100644
index 00000000000..da8c53c2abd
--- /dev/null
+++ b/changelogs/unreleased/forks-count-cache.yml
@@ -0,0 +1,5 @@
+---
+title: Cache the number of forks of a project
+merge_request: 13535
+author:
+type: other
diff --git a/changelogs/unreleased/issue_31790.yml b/changelogs/unreleased/issue_31790.yml
new file mode 100644
index 00000000000..df02cad423a
--- /dev/null
+++ b/changelogs/unreleased/issue_31790.yml
@@ -0,0 +1,4 @@
+---
+title: Fix API responses when dealing with txt files
+merge_request:
+author:
diff --git a/changelogs/unreleased/mattermost_fixes.yml b/changelogs/unreleased/mattermost_fixes.yml
deleted file mode 100644
index 667109a0bb4..00000000000
--- a/changelogs/unreleased/mattermost_fixes.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-title: Fix Mattermost integration
-merge_request:
-author:
diff --git a/changelogs/unreleased/migrate-events-into-a-new-format.yml b/changelogs/unreleased/migrate-events-into-a-new-format.yml
new file mode 100644
index 00000000000..8a29f75323f
--- /dev/null
+++ b/changelogs/unreleased/migrate-events-into-a-new-format.yml
@@ -0,0 +1,4 @@
+---
+title: Migrate events into a new format to reduce the storage necessary and improve performance
+merge_request:
+author:
diff --git a/changelogs/unreleased/mk-fix-deploy-key-deletion.yml b/changelogs/unreleased/mk-fix-deploy-key-deletion.yml
deleted file mode 100644
index 9ff2e49b14c..00000000000
--- a/changelogs/unreleased/mk-fix-deploy-key-deletion.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-title: Fix deletion of deploy keys linked to other projects
-merge_request: 13162
-author:
diff --git a/changelogs/unreleased/pagination-projects-explore.yml b/changelogs/unreleased/pagination-projects-explore.yml
new file mode 100644
index 00000000000..dc9c4218793
--- /dev/null
+++ b/changelogs/unreleased/pagination-projects-explore.yml
@@ -0,0 +1,4 @@
+---
+title: Use Prev/Next pagination for exploring projects
+merge_request:
+author:
diff --git a/changelogs/unreleased/project-foreign-keys-without-errors.yml b/changelogs/unreleased/project-foreign-keys-without-errors.yml
deleted file mode 100644
index 63c53c8ad8f..00000000000
--- a/changelogs/unreleased/project-foreign-keys-without-errors.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-title: Change project FK migration to skip existing FKs
-merge_request:
-author:
diff --git a/changelogs/unreleased/rc-fix-branches-api-endpoint.yml b/changelogs/unreleased/rc-fix-branches-api-endpoint.yml
index a8f49298258..b36663bbe91 100644
--- a/changelogs/unreleased/rc-fix-branches-api-endpoint.yml
+++ b/changelogs/unreleased/rc-fix-branches-api-endpoint.yml
@@ -1,5 +1,5 @@
 ---
 title: Fix the /projects/:id/repository/branches endpoint to handle dots in the branch
-  name when the project full patch contains a `/`
+  name when the project full path contains a `/`
 merge_request: 13115
 author:
diff --git a/changelogs/unreleased/rc-fix-commits-api.yml b/changelogs/unreleased/rc-fix-commits-api.yml
new file mode 100644
index 00000000000..215429eaf6b
--- /dev/null
+++ b/changelogs/unreleased/rc-fix-commits-api.yml
@@ -0,0 +1,5 @@
+---
+title: Fix the /projects/:id/repository/commits endpoint to handle dots in the ref
+  name when the project full path contains a `/`
+merge_request: 13370
+author:
diff --git a/changelogs/unreleased/rc-fix-tags-api.yml b/changelogs/unreleased/rc-fix-tags-api.yml
new file mode 100644
index 00000000000..0a7dd5ca6ab
--- /dev/null
+++ b/changelogs/unreleased/rc-fix-tags-api.yml
@@ -0,0 +1,5 @@
+---
+title: Fix the /projects/:id/repository/tags endpoint to handle dots in the tag name
+  when the project full path contains a `/`
+merge_request: 13368
+author:
diff --git a/changelogs/unreleased/rs-alphanumeric-ssh-params.yml b/changelogs/unreleased/rs-alphanumeric-ssh-params.yml
new file mode 100644
index 00000000000..426b01cafad
--- /dev/null
+++ b/changelogs/unreleased/rs-alphanumeric-ssh-params.yml
@@ -0,0 +1,5 @@
+---
+title: Disallow Git URLs that include a username or hostname beginning with a non-alphanumeric
+  character
+merge_request:
+author:
diff --git a/changelogs/unreleased/search-flickering.yml b/changelogs/unreleased/search-flickering.yml
deleted file mode 100644
index 951a5a0292a..00000000000
--- a/changelogs/unreleased/search-flickering.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-title: Fix search box losing focus when typing
-merge_request:
-author:
diff --git a/changelogs/unreleased/seven-days-cycle-analytics.yml b/changelogs/unreleased/seven-days-cycle-analytics.yml
new file mode 100644
index 00000000000..ff660bdd603
--- /dev/null
+++ b/changelogs/unreleased/seven-days-cycle-analytics.yml
@@ -0,0 +1,5 @@
+---
+title: Add a `Last 7 days` option for Cycle Analytics view
+merge_request: 13443
+author: Mehdi Lahmam (@mehlah)
+type: added
diff --git a/changelogs/unreleased/tc-fix-wildcard-protected-delete-merged.yml b/changelogs/unreleased/tc-fix-wildcard-protected-delete-merged.yml
deleted file mode 100644
index 9ca5f81cf79..00000000000
--- a/changelogs/unreleased/tc-fix-wildcard-protected-delete-merged.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-title: Make Delete Merged Branches handle wildcard protected branches correctly
-merge_request: 13251
-author:
diff --git a/changelogs/unreleased/use-a-specialized-class-for-querying-events.yml b/changelogs/unreleased/use-a-specialized-class-for-querying-events.yml
new file mode 100644
index 00000000000..6c1ec10aa12
--- /dev/null
+++ b/changelogs/unreleased/use-a-specialized-class-for-querying-events.yml
@@ -0,0 +1,4 @@
+---
+title: Use a specialized class for querying events to improve performance
+merge_request:
+author:
diff --git a/config/application.rb b/config/application.rb
index 47887bf8596..f69dab4de39 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -176,7 +176,7 @@ module Gitlab
           next unless name.include?('namespace_project')
 
           define_method(name.sub('namespace_project', 'project')) do |project, *args|
-            send(name, project&.namespace, project, *args)
+            send(name, project&.namespace, project, *args) # rubocop:disable GitlabSecurity/PublicSend
           end
         end
       end
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index e24cf33adb5..5c6578d3531 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -71,7 +71,7 @@ class Settings < Settingslogic
 
     # check that `current` (string or integer) is a contant in `modul`.
     def verify_constant(modul, current, default)
-      constant = modul.constants.find{ |name| modul.const_get(name) == current }
+      constant = modul.constants.find { |name| modul.const_get(name) == current }
       value = constant.nil? ? default : modul.const_get(constant)
       if current.is_a? String
         value = modul.const_get(current.upcase) rescue default
@@ -395,6 +395,10 @@ Settings.cron_jobs['remove_old_web_hook_logs_worker'] ||= Settingslogic.new({})
 Settings.cron_jobs['remove_old_web_hook_logs_worker']['cron'] ||= '40 0 * * *'
 Settings.cron_jobs['remove_old_web_hook_logs_worker']['job_class'] = 'RemoveOldWebHookLogsWorker'
 
+Settings.cron_jobs['stuck_merge_jobs_worker'] ||= Settingslogic.new({})
+Settings.cron_jobs['stuck_merge_jobs_worker']['cron'] ||= '0 */2 * * *'
+Settings.cron_jobs['stuck_merge_jobs_worker']['job_class'] = 'StuckMergeJobsWorker'
+
 #
 # GitLab Shell
 #
diff --git a/config/initializers/active_record_locking.rb b/config/initializers/active_record_locking.rb
index 9266ff0f615..150aaa2a8c2 100644
--- a/config/initializers/active_record_locking.rb
+++ b/config/initializers/active_record_locking.rb
@@ -18,7 +18,7 @@ module ActiveRecord
 
         lock_col = self.class.locking_column
 
-        previous_lock_value = send(lock_col).to_i
+        previous_lock_value = send(lock_col).to_i # rubocop:disable GitlabSecurity/PublicSend
 
         # This line is added as a patch
         previous_lock_value = nil if previous_lock_value == '0' || previous_lock_value == 0
@@ -48,7 +48,7 @@ module ActiveRecord
 
         # If something went wrong, revert the version.
         rescue Exception
-          send(lock_col + '=', previous_lock_value)
+          send(lock_col + '=', previous_lock_value)  # rubocop:disable GitlabSecurity/PublicSend
           raise
         end
       end
diff --git a/config/prometheus/additional_metrics.yml b/config/prometheus/additional_metrics.yml
index 5eb01d62924..0642a0b2fe9 100644
--- a/config/prometheus/additional_metrics.yml
+++ b/config/prometheus/additional_metrics.yml
@@ -1,3 +1,33 @@
+- group: Response metrics (NGINX Ingress)
+  priority: 10
+  metrics:
+  - title: "Throughput"
+    y_label: "Requests / Sec"
+    required_metrics:
+      - nginx_upstream_requests_total
+    weight: 1
+    queries:
+    - query_range: 'sum(rate(nginx_upstream_requests_total{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m]))'
+      label: Total
+      unit: req / sec
+  - title: "Latency"
+    y_label: "Latency (ms)"
+    required_metrics:
+      - nginx_upstream_response_msecs_avg
+    weight: 1
+    queries:
+    - query_range: 'avg(nginx_upstream_response_msecs_avg{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"})'
+      label: Average
+      unit: ms
+  - title: "HTTP Error Rate"
+    y_label: "HTTP 500 Errors / Sec"
+    required_metrics:
+      - nginx_upstream_responses_total
+    weight: 1
+    queries:
+    - query_range: 'sum(rate(nginx_upstream_responses_total{status_code="5xx", upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m]))'
+      label: HTTP Errors
+      unit: "errors / sec"
 - group: Response metrics (HA Proxy)
   priority: 10
   metrics:
@@ -68,18 +98,18 @@
       - nginx_upstream_response_msecs_avg
     weight: 1
     queries:
-    - query_range: 'avg(nginx_upstream_response_msecs_avg{%{environment_filter}}) * 1000'
+    - query_range: 'avg(nginx_upstream_response_msecs_avg{%{environment_filter}})'
       label: Upstream
       unit: ms
   - title: "HTTP Error Rate"
-    y_label: "Error Rate (%)"
+    y_label: "HTTP 500 Errors / Sec"
     required_metrics:
       - nginx_responses_total
     weight: 1
     queries:
-    - query_range: 'sum(rate(nginx_responses_total{status_code="5xx", %{environment_filter}}[2m])) / sum(rate(nginx_requests_total{server_zone!="*", server_zone!="_", %{environment_filter}}[2m]))'
+    - query_range: 'sum(rate(nginx_responses_total{status_code="5xx", %{environment_filter}}[2m]))'
       label: HTTP Errors
-      unit: "%"
+      unit: "errors / sec"
 - group: System metrics (Kubernetes)
   priority: 5
   metrics:
diff --git a/config/routes/repository.rb b/config/routes/repository.rb
index 2ba16035ece..57b7c55423d 100644
--- a/config/routes/repository.rb
+++ b/config/routes/repository.rb
@@ -3,6 +3,9 @@
 resource :repository, only: [:create] do
   member do
     get ':ref/archive', constraints: { format: Gitlab::PathRegex.archive_formats_regex, ref: /.+/ }, action: 'archive', as: 'archive'
+    
+    # deprecated since GitLab 9.5
+    get 'archive', constraints: { format: Gitlab::PathRegex.archive_formats_regex }, as: 'archive_alternative'
   end
 end
 
diff --git a/config/routes/uploads.rb b/config/routes/uploads.rb
index e9c9aa8b2f9..d7bca8310e4 100644
--- a/config/routes/uploads.rb
+++ b/config/routes/uploads.rb
@@ -5,12 +5,12 @@ scope path: :uploads do
       constraints:  { model: /note|user|group|project/, mounted_as: /avatar|attachment/, filename: /[^\/]+/ }
 
   # show uploads for models, snippets (notes) available for now
-  get 'system/:model/:id/:secret/:filename',
+  get '-/system/:model/:id/:secret/:filename',
     to: 'uploads#show',
     constraints: { model: /personal_snippet/, id: /\d+/, filename: /[^\/]+/ }
 
   # show temporary uploads
-  get 'system/temp/:secret/:filename',
+  get '-/system/temp/:secret/:filename',
     to: 'uploads#show',
     constraints: { filename: /[^\/]+/ }
 
diff --git a/config/webpack.config.js b/config/webpack.config.js
index d856806e5bd..6a347c2e660 100644
--- a/config/webpack.config.js
+++ b/config/webpack.config.js
@@ -4,6 +4,7 @@ var fs = require('fs');
 var path = require('path');
 var webpack = require('webpack');
 var StatsWriterPlugin = require('webpack-stats-plugin').StatsWriterPlugin;
+var CopyWebpackPlugin = require('copy-webpack-plugin');
 var CompressionPlugin = require('compression-webpack-plugin');
 var NameAllModulesPlugin = require('name-all-modules-plugin');
 var BundleAnalyzerPlugin = require('webpack-bundle-analyzer').BundleAnalyzerPlugin;
@@ -65,6 +66,7 @@ var config = {
     prometheus_metrics:   './prometheus_metrics',
     protected_branches:   './protected_branches',
     protected_tags:       './protected_tags',
+    repo:                 './repo/index.js',
     sidebar:              './sidebar/sidebar_bundle.js',
     schedule_form:        './pipeline_schedules/pipeline_schedule_form_bundle.js',
     schedules_index:      './pipeline_schedules/pipeline_schedules_index_bundle.js',
@@ -122,7 +124,16 @@ var config = {
         test: /locale\/\w+\/(.*)\.js$/,
         loader: 'exports-loader?locales',
       },
-    ]
+      {
+        test: /monaco-editor\/\w+\/vs\/loader\.js$/,
+        use: [
+          { loader: 'exports-loader', options: 'l.global' },
+          { loader: 'imports-loader', options: 'l=>{},this=>l,AMDLoader=>this,module=>undefined' },
+        ],
+      }
+    ],
+
+    noParse: [/monaco-editor\/\w+\/vs\//],
   },
 
   plugins: [
@@ -187,6 +198,7 @@ var config = {
         'pdf_viewer',
         'pipelines',
         'pipelines_details',
+        'repo',
         'schedule_form',
         'schedules_index',
         'sidebar',
@@ -210,6 +222,29 @@ var config = {
     new webpack.optimize.CommonsChunkPlugin({
       names: ['main', 'locale', 'common', 'webpack_runtime'],
     }),
+
+    // enable scope hoisting
+    new webpack.optimize.ModuleConcatenationPlugin(),
+
+    // copy pre-compiled vendor libraries verbatim
+    new CopyWebpackPlugin([
+      {
+        from: path.join(ROOT_PATH, `node_modules/monaco-editor/${IS_PRODUCTION ? 'min' : 'dev'}/vs`),
+        to: 'monaco-editor/vs',
+        transform: function(content, path) {
+          if (/\.js$/.test(path) && !/worker/i.test(path)) {
+            return (
+              '(function(){\n' +
+              'var define = this.define, require = this.require;\n' +
+              'window.define = define; window.require = require;\n' +
+              content +
+              '\n}.call(window.__monaco_context__ || (window.__monaco_context__ = {})));'
+            );
+          }
+          return content;
+        }
+      }
+    ]),
   ],
 
   resolve: {
diff --git a/db/fixtures/development/10_merge_requests.rb b/db/fixtures/development/10_merge_requests.rb
index c304e0706dc..30244ee4431 100644
--- a/db/fixtures/development/10_merge_requests.rb
+++ b/db/fixtures/development/10_merge_requests.rb
@@ -28,6 +28,8 @@ Gitlab::Seeder.quiet do
 
   project = Project.find_by_full_path('gitlab-org/gitlab-test')
 
+  next if project.empty_repo? # We don't have repository on CI
+
   params = {
     source_branch: 'feature',
     target_branch: 'master',
diff --git a/db/migrate/20160713205315_add_domain_blacklist_to_application_settings.rb b/db/migrate/20160713205315_add_domain_blacklist_to_application_settings.rb
index ecdd1bd7e5e..f64dfa7675f 100644
--- a/db/migrate/20160713205315_add_domain_blacklist_to_application_settings.rb
+++ b/db/migrate/20160713205315_add_domain_blacklist_to_application_settings.rb
@@ -1,6 +1,7 @@
 # See http://doc.gitlab.com/ce/development/migration_style_guide.html
 # for more information on how to write migrations for GitLab.
 
+# rubocop:disable Migration/SaferBooleanColumn
 class AddDomainBlacklistToApplicationSettings < ActiveRecord::Migration
   include Gitlab::Database::MigrationHelpers
 
diff --git a/db/migrate/20160817133006_add_koding_to_application_settings.rb b/db/migrate/20160817133006_add_koding_to_application_settings.rb
index 915d3d78e40..46120652d8e 100644
--- a/db/migrate/20160817133006_add_koding_to_application_settings.rb
+++ b/db/migrate/20160817133006_add_koding_to_application_settings.rb
@@ -1,3 +1,4 @@
+# rubocop:disable Migration/SaferBooleanColumn
 class AddKodingToApplicationSettings < ActiveRecord::Migration
   include Gitlab::Database::MigrationHelpers
 
diff --git a/db/migrate/20161017125927_add_unique_index_to_labels.rb b/db/migrate/20161017125927_add_unique_index_to_labels.rb
index b8f6a803a0a..fcdd79d3b02 100644
--- a/db/migrate/20161017125927_add_unique_index_to_labels.rb
+++ b/db/migrate/20161017125927_add_unique_index_to_labels.rb
@@ -10,7 +10,7 @@ class AddUniqueIndexToLabels < ActiveRecord::Migration
   def up
     select_all('SELECT title, project_id, COUNT(id) as cnt FROM labels GROUP BY project_id, title HAVING COUNT(id) > 1').each do |label|
       label_title = quote_string(label['title'])
-      duplicated_ids = select_all("SELECT id FROM labels WHERE project_id = #{label['project_id']} AND title = '#{label_title}' ORDER BY id ASC").map{ |label| label['id'] }
+      duplicated_ids = select_all("SELECT id FROM labels WHERE project_id = #{label['project_id']} AND title = '#{label_title}' ORDER BY id ASC").map { |label| label['id'] }
       label_id = duplicated_ids.first
       duplicated_ids.delete(label_id)
 
diff --git a/db/migrate/20161103191444_add_sidekiq_throttling_to_application_settings.rb b/db/migrate/20161103191444_add_sidekiq_throttling_to_application_settings.rb
index e644a174964..522437b92b4 100644
--- a/db/migrate/20161103191444_add_sidekiq_throttling_to_application_settings.rb
+++ b/db/migrate/20161103191444_add_sidekiq_throttling_to_application_settings.rb
@@ -1,6 +1,7 @@
 # See http://doc.gitlab.com/ce/development/migration_style_guide.html
 # for more information on how to write migrations for GitLab.
 
+# rubocop:disable Migration/SaferBooleanColumn
 class AddSidekiqThrottlingToApplicationSettings < ActiveRecord::Migration
   include Gitlab::Database::MigrationHelpers
 
diff --git a/db/migrate/20161128161412_add_html_emails_enabled_to_application_settings.rb b/db/migrate/20161128161412_add_html_emails_enabled_to_application_settings.rb
index 1c59241d0fe..38f5781745b 100644
--- a/db/migrate/20161128161412_add_html_emails_enabled_to_application_settings.rb
+++ b/db/migrate/20161128161412_add_html_emails_enabled_to_application_settings.rb
@@ -1,6 +1,7 @@
 # See http://doc.gitlab.com/ce/development/migration_style_guide.html
 # for more information on how to write migrations for GitLab.
 
+# rubocop:disable Migration/SaferBooleanColumn
 class AddHtmlEmailsEnabledToApplicationSettings < ActiveRecord::Migration
   include Gitlab::Database::MigrationHelpers
 
diff --git a/db/migrate/20161206003819_add_plant_uml_enabled_to_application_settings.rb b/db/migrate/20161206003819_add_plant_uml_enabled_to_application_settings.rb
index 3677f978cc2..7f56ecf4c9e 100644
--- a/db/migrate/20161206003819_add_plant_uml_enabled_to_application_settings.rb
+++ b/db/migrate/20161206003819_add_plant_uml_enabled_to_application_settings.rb
@@ -1,6 +1,7 @@
 # See http://doc.gitlab.com/ce/development/migration_style_guide.html
 # for more information on how to write migrations for GitLab.
 
+# rubocop:disable Migration/SaferBooleanColumn
 class AddPlantUmlEnabledToApplicationSettings < ActiveRecord::Migration
   include Gitlab::Database::MigrationHelpers
 
diff --git a/db/migrate/20170316163800_rename_system_namespaces.rb b/db/migrate/20170316163800_rename_system_namespaces.rb
deleted file mode 100644
index 9e9fb5ac225..00000000000
--- a/db/migrate/20170316163800_rename_system_namespaces.rb
+++ /dev/null
@@ -1,231 +0,0 @@
-# See http://doc.gitlab.com/ce/development/migration_style_guide.html
-# for more information on how to write migrations for GitLab.
-class RenameSystemNamespaces < ActiveRecord::Migration
-  include Gitlab::Database::MigrationHelpers
-  include Gitlab::ShellAdapter
-  disable_ddl_transaction!
-
-  class User < ActiveRecord::Base
-    self.table_name = 'users'
-  end
-
-  class Namespace < ActiveRecord::Base
-    self.table_name = 'namespaces'
-    belongs_to :parent, class_name: 'RenameSystemNamespaces::Namespace'
-    has_one :route, as: :source
-    has_many :children, class_name: 'RenameSystemNamespaces::Namespace', foreign_key: :parent_id
-    belongs_to :owner, class_name: 'RenameSystemNamespaces::User'
-
-    # Overridden to have the correct `source_type` for the `route` relation
-    def self.name
-      'Namespace'
-    end
-
-    def full_path
-      if route && route.path.present?
-        @full_path ||= route.path
-      else
-        update_route if persisted?
-
-        build_full_path
-      end
-    end
-
-    def build_full_path
-      if parent && path
-        parent.full_path + '/' + path
-      else
-        path
-      end
-    end
-
-    def update_route
-      prepare_route
-      route.save
-    end
-
-    def prepare_route
-      route || build_route(source: self)
-      route.path = build_full_path
-      route.name = build_full_name
-      @full_path = nil
-      @full_name = nil
-    end
-
-    def build_full_name
-      if parent && name
-        parent.human_name + ' / ' + name
-      else
-        name
-      end
-    end
-
-    def human_name
-      owner&.name
-    end
-  end
-
-  class Route < ActiveRecord::Base
-    self.table_name = 'routes'
-    belongs_to :source, polymorphic: true
-  end
-
-  class Project < ActiveRecord::Base
-    self.table_name = 'projects'
-
-    def repository_storage_path
-      Gitlab.config.repositories.storages[repository_storage]['path']
-    end
-  end
-
-  DOWNTIME = false
-
-  def up
-    return unless system_namespace
-
-    old_path = system_namespace.path
-    old_full_path = system_namespace.full_path
-    # Only remove the last occurrence of the path name to get the parent namespace path
-    namespace_path = remove_last_occurrence(old_full_path, old_path)
-    new_path = rename_path(namespace_path, old_path)
-    new_full_path = join_namespace_path(namespace_path, new_path)
-
-    Namespace.where(id: system_namespace).update_all(path: new_path) # skips callbacks & validations
-
-    replace_statement = replace_sql(Route.arel_table[:path], old_full_path, new_full_path)
-    route_matches = [old_full_path, "#{old_full_path}/%"]
-
-    update_column_in_batches(:routes, :path, replace_statement) do |table, query|
-      query.where(Route.arel_table[:path].matches_any(route_matches))
-    end
-
-    clear_cache_for_namespace(system_namespace)
-
-    # tasks here are based on `Namespace#move_dir`
-    move_repositories(system_namespace, old_full_path, new_full_path)
-    move_namespace_folders(uploads_dir, old_full_path, new_full_path) if file_storage?
-    move_namespace_folders(pages_dir, old_full_path, new_full_path)
-  end
-
-  def down
-    # nothing to do
-  end
-
-  def remove_last_occurrence(string, pattern)
-    string.reverse.sub(pattern.reverse, "").reverse
-  end
-
-  def move_namespace_folders(directory, old_relative_path, new_relative_path)
-    old_path = File.join(directory, old_relative_path)
-    return unless File.directory?(old_path)
-
-    new_path = File.join(directory, new_relative_path)
-    FileUtils.mv(old_path, new_path)
-  end
-
-  def move_repositories(namespace, old_full_path, new_full_path)
-    repo_paths_for_namespace(namespace).each do |repository_storage_path|
-      # Ensure old directory exists before moving it
-      gitlab_shell.add_namespace(repository_storage_path, old_full_path)
-
-      unless gitlab_shell.mv_namespace(repository_storage_path, old_full_path, new_full_path)
-        say "Exception moving path #{repository_storage_path} from #{old_full_path} to #{new_full_path}"
-      end
-    end
-  end
-
-  def rename_path(namespace_path, path_was)
-    counter = 0
-    path = "#{path_was}#{counter}"
-
-    while route_exists?(join_namespace_path(namespace_path, path))
-      counter += 1
-      path = "#{path_was}#{counter}"
-    end
-
-    path
-  end
-
-  def route_exists?(full_path)
-    Route.where(Route.arel_table[:path].matches(full_path)).any?
-  end
-
-  def join_namespace_path(namespace_path, path)
-    if namespace_path.present?
-      File.join(namespace_path, path)
-    else
-      path
-    end
-  end
-
-  def system_namespace
-    @system_namespace ||= Namespace.where(parent_id: nil)
-                            .where(arel_table[:path].matches(system_namespace_path))
-                            .first
-  end
-
-  def system_namespace_path
-    "system"
-  end
-
-  def clear_cache_for_namespace(namespace)
-    project_ids = projects_for_namespace(namespace).pluck(:id)
-
-    update_column_in_batches(:projects, :description_html, nil) do |table, query|
-      query.where(table[:id].in(project_ids))
-    end
-
-    update_column_in_batches(:issues, :description_html, nil) do |table, query|
-      query.where(table[:project_id].in(project_ids))
-    end
-
-    update_column_in_batches(:merge_requests, :description_html, nil) do |table, query|
-      query.where(table[:target_project_id].in(project_ids))
-    end
-
-    update_column_in_batches(:notes, :note_html, nil) do |table, query|
-      query.where(table[:project_id].in(project_ids))
-    end
-
-    update_column_in_batches(:milestones, :description_html, nil) do |table, query|
-      query.where(table[:project_id].in(project_ids))
-    end
-  end
-
-  def projects_for_namespace(namespace)
-    namespace_ids = child_ids_for_parent(namespace, ids: [namespace.id])
-    namespace_or_children = Project.arel_table[:namespace_id].in(namespace_ids)
-    Project.unscoped.where(namespace_or_children)
-  end
-
-  # This won't scale to huge trees, but it should do for a handful of namespaces
-  # called `system`.
-  def child_ids_for_parent(namespace, ids: [])
-    namespace.children.each do |child|
-      ids << child.id
-      child_ids_for_parent(child, ids: ids) if child.children.any?
-    end
-    ids
-  end
-
-  def repo_paths_for_namespace(namespace)
-    projects_for_namespace(namespace).distinct
-      .select(:repository_storage).map(&:repository_storage_path)
-  end
-
-  def uploads_dir
-    File.join(Rails.root, "public", "uploads")
-  end
-
-  def pages_dir
-    Settings.pages.path
-  end
-
-  def file_storage?
-    CarrierWave::Uploader::Base.storage == CarrierWave::Storage::File
-  end
-
-  def arel_table
-    Namespace.arel_table
-  end
-end
diff --git a/db/migrate/20170316163845_move_uploads_to_system_dir.rb b/db/migrate/20170316163845_move_uploads_to_system_dir.rb
index 564ee10b5ab..cfcb909ddaf 100644
--- a/db/migrate/20170316163845_move_uploads_to_system_dir.rb
+++ b/db/migrate/20170316163845_move_uploads_to_system_dir.rb
@@ -54,6 +54,6 @@ class MoveUploadsToSystemDir < ActiveRecord::Migration
   end
 
   def new_upload_dir
-    File.join(base_directory, "public", "uploads", "system")
+    File.join(base_directory, "public", "uploads", "-", "system")
   end
 end
diff --git a/db/migrate/20170602154736_add_help_page_hide_commercial_content_to_application_settings.rb b/db/migrate/20170602154736_add_help_page_hide_commercial_content_to_application_settings.rb
index 5e8b667b86d..d358020d182 100644
--- a/db/migrate/20170602154736_add_help_page_hide_commercial_content_to_application_settings.rb
+++ b/db/migrate/20170602154736_add_help_page_hide_commercial_content_to_application_settings.rb
@@ -1,3 +1,4 @@
+# rubocop:disable Migration/SaferBooleanColumn
 class AddHelpPageHideCommercialContentToApplicationSettings < ActiveRecord::Migration
   include Gitlab::Database::MigrationHelpers
 
diff --git a/db/migrate/20170608152747_prepare_events_table_for_push_events_migration.rb b/db/migrate/20170608152747_prepare_events_table_for_push_events_migration.rb
new file mode 100644
index 00000000000..f4f03bbabaf
--- /dev/null
+++ b/db/migrate/20170608152747_prepare_events_table_for_push_events_migration.rb
@@ -0,0 +1,51 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class PrepareEventsTableForPushEventsMigration < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    # The order of these columns is deliberate and results in the following
+    # columns and sizes:
+    #
+    # * id (4 bytes)
+    # * project_id (4 bytes)
+    # * author_id (4 bytes)
+    # * target_id (4 bytes)
+    # * created_at (8 bytes)
+    # * updated_at (8 bytes)
+    # * action (2 bytes)
+    # * target_type (variable)
+    #
+    # Unfortunately we can't make the "id" column a bigint/bigserial as Rails 4
+    # does not support this properly.
+    create_table :events_for_migration do |t|
+      t.references :project,
+                   index: true,
+                   foreign_key: { on_delete: :cascade }
+
+      t.integer :author_id, index: true, null: false
+      t.integer :target_id
+
+      t.timestamps_with_timezone null: false
+
+      t.integer :action, null: false, limit: 2, index: true
+      t.string :target_type
+
+      t.index %i[target_type target_id]
+    end
+
+    # t.references doesn't like it when the column name doesn't make the table
+    # name so we have to add the foreign key separately.
+    add_concurrent_foreign_key(:events_for_migration, :users, column: :author_id)
+  end
+
+  def down
+    drop_table :events_for_migration
+  end
+end
diff --git a/db/migrate/20170608152748_create_push_event_payloads_tables.rb b/db/migrate/20170608152748_create_push_event_payloads_tables.rb
new file mode 100644
index 00000000000..6c55ad1f2f7
--- /dev/null
+++ b/db/migrate/20170608152748_create_push_event_payloads_tables.rb
@@ -0,0 +1,46 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class CreatePushEventPayloadsTables < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    create_table :push_event_payloads, id: false do |t|
+      t.bigint :commit_count, null: false
+
+      t.integer :event_id, null: false
+      t.integer :action, null: false, limit: 2
+      t.integer :ref_type, null: false, limit: 2
+
+      t.binary :commit_from
+      t.binary :commit_to
+
+      t.text :ref
+      t.string :commit_title, limit: 70
+
+      t.index :event_id, unique: true
+    end
+
+    # We're adding a foreign key to the _shadow_ table, and this is deliberate.
+    # By using the shadow table we don't have to recreate/revalidate this
+    # foreign key after swapping the "events_for_migration" and "events" tables.
+    #
+    # The "events_for_migration" table has a foreign key to "projects.id"
+    # ensuring that project removals also remove events from the shadow table
+    # (and thus also from this table).
+    add_concurrent_foreign_key(
+      :push_event_payloads,
+      :events_for_migration,
+      column: :event_id
+    )
+  end
+
+  def down
+    drop_table :push_event_payloads
+  end
+end
diff --git a/db/migrate/20170717074009_move_system_upload_folder.rb b/db/migrate/20170717074009_move_system_upload_folder.rb
index cce31794115..d3caa53a7a4 100644
--- a/db/migrate/20170717074009_move_system_upload_folder.rb
+++ b/db/migrate/20170717074009_move_system_upload_folder.rb
@@ -15,6 +15,11 @@ class MoveSystemUploadFolder < ActiveRecord::Migration
       return
     end
 
+    if File.directory?(new_directory)
+      say "#{new_directory} already exists. No need to redo the move."
+      return
+    end
+
     FileUtils.mkdir_p(File.join(base_directory, '-'))
 
     say "Moving #{old_directory} -> #{new_directory}"
@@ -33,6 +38,11 @@ class MoveSystemUploadFolder < ActiveRecord::Migration
       return
     end
 
+    if !File.symlink?(old_directory) && File.directory?(old_directory)
+      say "#{old_directory} already exists and is not a symlink, no need to revert."
+      return
+    end
+
     if File.symlink?(old_directory)
       say "Removing #{old_directory} -> #{new_directory} symlink"
       FileUtils.rm(old_directory)
diff --git a/db/migrate/20170727123534_add_index_on_events_project_id_id.rb b/db/migrate/20170727123534_add_index_on_events_project_id_id.rb
new file mode 100644
index 00000000000..1c4aaaf9dd6
--- /dev/null
+++ b/db/migrate/20170727123534_add_index_on_events_project_id_id.rb
@@ -0,0 +1,37 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddIndexOnEventsProjectIdId < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  COLUMNS = %i[project_id id].freeze
+  TABLES = %i[events events_for_migration].freeze
+
+  disable_ddl_transaction!
+
+  def up
+    TABLES.each do |table|
+      add_concurrent_index(table, COLUMNS) unless index_exists?(table, COLUMNS)
+
+      # We remove the index _after_ adding the new one since MySQL doesn't let
+      # you remove an index when a foreign key exists for the same column.
+      if index_exists?(table, :project_id)
+        remove_concurrent_index(table, :project_id)
+      end
+    end
+  end
+
+  def down
+    TABLES.each do |table|
+      unless index_exists?(table, :project_id)
+        add_concurrent_index(table, :project_id)
+      end
+
+      unless index_exists?(table, COLUMNS)
+        remove_concurrent_index(table, COLUMNS)
+      end
+    end
+  end
+end
diff --git a/db/migrate/20170731183033_add_merge_jid_to_merge_requests.rb b/db/migrate/20170731183033_add_merge_jid_to_merge_requests.rb
new file mode 100644
index 00000000000..a7d8f2f3604
--- /dev/null
+++ b/db/migrate/20170731183033_add_merge_jid_to_merge_requests.rb
@@ -0,0 +1,7 @@
+class AddMergeJidToMergeRequests < ActiveRecord::Migration
+  DOWNTIME = false
+
+  def change
+    add_column :merge_requests, :merge_jid, :string
+  end
+end
diff --git a/db/migrate/20170809133343_add_broadcast_messages_index.rb b/db/migrate/20170809133343_add_broadcast_messages_index.rb
new file mode 100644
index 00000000000..4ab2ddb059d
--- /dev/null
+++ b/db/migrate/20170809133343_add_broadcast_messages_index.rb
@@ -0,0 +1,21 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddBroadcastMessagesIndex < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  COLUMNS = %i[starts_at ends_at id].freeze
+
+  def up
+    add_concurrent_index :broadcast_messages, COLUMNS
+  end
+
+  def down
+    remove_concurrent_index :broadcast_messages, COLUMNS
+  end
+end
diff --git a/db/migrate/20170809134534_add_broadcast_message_not_null_constraints.rb b/db/migrate/20170809134534_add_broadcast_message_not_null_constraints.rb
new file mode 100644
index 00000000000..5551fb51a6e
--- /dev/null
+++ b/db/migrate/20170809134534_add_broadcast_message_not_null_constraints.rb
@@ -0,0 +1,29 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddBroadcastMessageNotNullConstraints < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  COLUMNS = %i[starts_at ends_at created_at updated_at message_html]
+
+  class BroadcastMessage < ActiveRecord::Base
+    self.table_name = 'broadcast_messages'
+  end
+
+  def up
+    COLUMNS.each do |column|
+      BroadcastMessage.where(column => nil).delete_all
+
+      change_column_null :broadcast_messages, column, false
+    end
+  end
+
+  def down
+    COLUMNS.each do |column|
+      change_column_null :broadcast_messages, column, true
+    end
+  end
+end
diff --git a/db/migrate/20170809142252_cleanup_appearances_schema.rb b/db/migrate/20170809142252_cleanup_appearances_schema.rb
new file mode 100644
index 00000000000..90d12925ba2
--- /dev/null
+++ b/db/migrate/20170809142252_cleanup_appearances_schema.rb
@@ -0,0 +1,33 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class CleanupAppearancesSchema < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  NOT_NULL_COLUMNS = %i[title description description_html created_at updated_at]
+
+  TIME_COLUMNS = %i[created_at updated_at]
+
+  def up
+    NOT_NULL_COLUMNS.each do |column|
+      change_column_null :appearances, column, false
+    end
+
+    TIME_COLUMNS.each do |column|
+      change_column :appearances, column, :datetime_with_timezone
+    end
+  end
+
+  def down
+    NOT_NULL_COLUMNS.each do |column|
+      change_column_null :appearances, column, true
+    end
+
+    TIME_COLUMNS.each do |column|
+      change_column :appearances, column, :datetime # rubocop: disable Migration/Datetime
+    end
+  end
+end
diff --git a/db/migrate/20170809161910_add_project_export_enabled_to_application_settings.rb b/db/migrate/20170809161910_add_project_export_enabled_to_application_settings.rb
new file mode 100644
index 00000000000..4baba1ade6d
--- /dev/null
+++ b/db/migrate/20170809161910_add_project_export_enabled_to_application_settings.rb
@@ -0,0 +1,14 @@
+class AddProjectExportEnabledToApplicationSettings < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+  disable_ddl_transaction!
+
+  DOWNTIME = false
+
+  def up
+    add_column_with_default(:application_settings, :project_export_enabled, :boolean, default: true)
+  end
+
+  def down
+    remove_column(:application_settings, :project_export_enabled)
+  end
+end
diff --git a/db/post_migrate/20170317162059_update_upload_paths_to_system.rb b/db/post_migrate/20170317162059_update_upload_paths_to_system.rb
index ca2912f8dce..92e33848bf0 100644
--- a/db/post_migrate/20170317162059_update_upload_paths_to_system.rb
+++ b/db/post_migrate/20170317162059_update_upload_paths_to_system.rb
@@ -48,7 +48,7 @@ class UpdateUploadPathsToSystem < ActiveRecord::Migration
   end
 
   def new_upload_dir
-    File.join(base_directory, "system")
+    File.join(base_directory, "-",  "system")
   end
 
   def arel_table
diff --git a/db/post_migrate/20170406111121_clean_upload_symlinks.rb b/db/post_migrate/20170406111121_clean_upload_symlinks.rb
index fc3a4acc0bb..f2ce25d4524 100644
--- a/db/post_migrate/20170406111121_clean_upload_symlinks.rb
+++ b/db/post_migrate/20170406111121_clean_upload_symlinks.rb
@@ -47,6 +47,6 @@ class CleanUploadSymlinks < ActiveRecord::Migration
   end
 
   def new_upload_dir
-    File.join(base_directory, "public", "uploads", "system")
+    File.join(base_directory, "public", "uploads", "-", "system")
   end
 end
diff --git a/db/post_migrate/20170502101023_cleanup_namespaceless_pending_delete_projects.rb b/db/post_migrate/20170502101023_cleanup_namespaceless_pending_delete_projects.rb
index c1e64f20109..5238a2ba1b7 100644
--- a/db/post_migrate/20170502101023_cleanup_namespaceless_pending_delete_projects.rb
+++ b/db/post_migrate/20170502101023_cleanup_namespaceless_pending_delete_projects.rb
@@ -30,7 +30,7 @@ class CleanupNamespacelessPendingDeleteProjects < ActiveRecord::Migration
   private
 
   def pending_delete_batch
-    connection.exec_query(find_batch).map{ |row| row['id'].to_i }
+    connection.exec_query(find_batch).map { |row| row['id'].to_i }
   end
 
   BATCH_SIZE = 5000
diff --git a/db/post_migrate/20170606202615_move_appearance_to_system_dir.rb b/db/post_migrate/20170606202615_move_appearance_to_system_dir.rb
index 561de59ec69..07935ab8a52 100644
--- a/db/post_migrate/20170606202615_move_appearance_to_system_dir.rb
+++ b/db/post_migrate/20170606202615_move_appearance_to_system_dir.rb
@@ -52,6 +52,6 @@ class MoveAppearanceToSystemDir < ActiveRecord::Migration
   end
 
   def new_upload_dir
-    File.join(base_directory, "public", "uploads", "system")
+    File.join(base_directory, "public", "uploads", "-", "system")
   end
 end
diff --git a/db/post_migrate/20170612071012_move_personal_snippets_files.rb b/db/post_migrate/20170612071012_move_personal_snippets_files.rb
index 33043364bde..2b79a87ccd8 100644
--- a/db/post_migrate/20170612071012_move_personal_snippets_files.rb
+++ b/db/post_migrate/20170612071012_move_personal_snippets_files.rb
@@ -10,7 +10,7 @@ class MovePersonalSnippetsFiles < ActiveRecord::Migration
     return unless file_storage?
 
     @source_relative_location = File.join('/uploads', 'personal_snippet')
-    @destination_relative_location = File.join('/uploads', 'system', 'personal_snippet')
+    @destination_relative_location = File.join('/uploads', '-', 'system', 'personal_snippet')
 
     move_personal_snippet_files
   end
@@ -18,7 +18,7 @@ class MovePersonalSnippetsFiles < ActiveRecord::Migration
   def down
     return unless file_storage?
 
-    @source_relative_location = File.join('/uploads', 'system', 'personal_snippet')
+    @source_relative_location = File.join('/uploads', '-', 'system', 'personal_snippet')
     @destination_relative_location = File.join('/uploads', 'personal_snippet')
 
     move_personal_snippet_files
diff --git a/db/post_migrate/20170627101016_schedule_event_migrations.rb b/db/post_migrate/20170627101016_schedule_event_migrations.rb
new file mode 100644
index 00000000000..1f34375ff0d
--- /dev/null
+++ b/db/post_migrate/20170627101016_schedule_event_migrations.rb
@@ -0,0 +1,40 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class ScheduleEventMigrations < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+  BUFFER_SIZE = 1000
+
+  disable_ddl_transaction!
+
+  class Event < ActiveRecord::Base
+    include EachBatch
+
+    self.table_name = 'events'
+  end
+
+  def up
+    jobs = []
+
+    Event.each_batch(of: 1000) do |relation|
+      min, max = relation.pluck('MIN(id), MAX(id)').first
+
+      if jobs.length == BUFFER_SIZE
+        # We push multiple jobs at a time to reduce the time spent in
+        # Sidekiq/Redis operations. We're using this buffer based approach so we
+        # don't need to run additional queries for every range.
+        BackgroundMigrationWorker.perform_bulk(jobs)
+        jobs.clear
+      end
+
+      jobs << ['MigrateEventsToPushEventPayloads', [min, max]]
+    end
+
+    BackgroundMigrationWorker.perform_bulk(jobs) unless jobs.empty?
+  end
+
+  def down
+  end
+end
diff --git a/db/post_migrate/20170807160457_remove_locked_at_column_from_merge_requests.rb b/db/post_migrate/20170807160457_remove_locked_at_column_from_merge_requests.rb
new file mode 100644
index 00000000000..ea3d1fb3e02
--- /dev/null
+++ b/db/post_migrate/20170807160457_remove_locked_at_column_from_merge_requests.rb
@@ -0,0 +1,11 @@
+class RemoveLockedAtColumnFromMergeRequests < ActiveRecord::Migration
+  DOWNTIME = false
+
+  def up
+    remove_column :merge_requests, :locked_at
+  end
+
+  def down
+    add_column :merge_requests, :locked_at, :datetime_with_timezone
+  end
+end
diff --git a/db/post_migrate/20170807190736_move_personal_snippet_files_into_correct_folder.rb b/db/post_migrate/20170807190736_move_personal_snippet_files_into_correct_folder.rb
new file mode 100644
index 00000000000..e3d2446b897
--- /dev/null
+++ b/db/post_migrate/20170807190736_move_personal_snippet_files_into_correct_folder.rb
@@ -0,0 +1,29 @@
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class MovePersonalSnippetFilesIntoCorrectFolder < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+  disable_ddl_transaction!
+
+  DOWNTIME = false
+  NEW_DIRECTORY = File.join('/uploads', '-', 'system', 'personal_snippet')
+  OLD_DIRECTORY = File.join('/uploads', 'system', 'personal_snippet')
+
+  def up
+    return unless file_storage?
+
+    BackgroundMigrationWorker.perform_async('MovePersonalSnippetFiles',
+                                            [OLD_DIRECTORY, NEW_DIRECTORY])
+  end
+
+  def down
+    return unless file_storage?
+
+    BackgroundMigrationWorker.perform_async('MovePersonalSnippetFiles',
+                                            [NEW_DIRECTORY, OLD_DIRECTORY])
+  end
+
+  def file_storage?
+    CarrierWave::Uploader::Base.storage == CarrierWave::Storage::File
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index dc5640ad2ca..3206e106552 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20170803130232) do
+ActiveRecord::Schema.define(version: 20170809161910) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -28,13 +28,13 @@ ActiveRecord::Schema.define(version: 20170803130232) do
   end
 
   create_table "appearances", force: :cascade do |t|
-    t.string "title"
-    t.text "description"
+    t.string "title", null: false
+    t.text "description", null: false
     t.string "header_logo"
     t.string "logo"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.text "description_html"
+    t.text "description_html", null: false
     t.integer "cached_markdown_version"
   end
 
@@ -127,6 +127,7 @@ ActiveRecord::Schema.define(version: 20170803130232) do
     t.string "help_page_support_url"
     t.integer "performance_bar_allowed_group_id"
     t.boolean "password_authentication_enabled"
+    t.boolean "project_export_enabled", default: true, null: false
   end
 
   create_table "audit_events", force: :cascade do |t|
@@ -163,16 +164,18 @@ ActiveRecord::Schema.define(version: 20170803130232) do
 
   create_table "broadcast_messages", force: :cascade do |t|
     t.text "message", null: false
-    t.datetime "starts_at"
-    t.datetime "ends_at"
-    t.datetime "created_at"
-    t.datetime "updated_at"
+    t.datetime "starts_at", null: false
+    t.datetime "ends_at", null: false
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
     t.string "color"
     t.string "font"
-    t.text "message_html"
+    t.text "message_html", null: false
     t.integer "cached_markdown_version"
   end
 
+  add_index "broadcast_messages", ["starts_at", "ends_at", "id"], name: "index_broadcast_messages_on_starts_at_and_ends_at_and_id", using: :btree
+
   create_table "chat_names", force: :cascade do |t|
     t.integer "user_id", null: false
     t.integer "service_id", null: false
@@ -530,10 +533,25 @@ ActiveRecord::Schema.define(version: 20170803130232) do
   add_index "events", ["action"], name: "index_events_on_action", using: :btree
   add_index "events", ["author_id"], name: "index_events_on_author_id", using: :btree
   add_index "events", ["created_at"], name: "index_events_on_created_at", using: :btree
-  add_index "events", ["project_id"], name: "index_events_on_project_id", using: :btree
+  add_index "events", ["project_id", "id"], name: "index_events_on_project_id_and_id", using: :btree
   add_index "events", ["target_id"], name: "index_events_on_target_id", using: :btree
   add_index "events", ["target_type"], name: "index_events_on_target_type", using: :btree
 
+  create_table "events_for_migration", force: :cascade do |t|
+    t.integer "project_id"
+    t.integer "author_id", null: false
+    t.integer "target_id"
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.integer "action", limit: 2, null: false
+    t.string "target_type"
+  end
+
+  add_index "events_for_migration", ["action"], name: "index_events_for_migration_on_action", using: :btree
+  add_index "events_for_migration", ["author_id"], name: "index_events_for_migration_on_author_id", using: :btree
+  add_index "events_for_migration", ["project_id", "id"], name: "index_events_for_migration_on_project_id_and_id", using: :btree
+  add_index "events_for_migration", ["target_type", "target_id"], name: "index_events_for_migration_on_target_type_and_target_id", using: :btree
+
   create_table "feature_gates", force: :cascade do |t|
     t.string "feature_key", null: false
     t.string "key", null: false
@@ -850,7 +868,6 @@ ActiveRecord::Schema.define(version: 20170803130232) do
     t.integer "target_project_id", null: false
     t.integer "iid"
     t.text "description"
-    t.datetime "locked_at"
     t.integer "updated_by_id"
     t.text "merge_error"
     t.text "merge_params"
@@ -868,6 +885,7 @@ ActiveRecord::Schema.define(version: 20170803130232) do
     t.integer "last_edited_by_id"
     t.integer "head_pipeline_id"
     t.boolean "ref_fetched"
+    t.string "merge_jid"
   end
 
   add_index "merge_requests", ["assignee_id"], name: "index_merge_requests_on_assignee_id", using: :btree
@@ -1254,6 +1272,19 @@ ActiveRecord::Schema.define(version: 20170803130232) do
 
   add_index "protected_tags", ["project_id"], name: "index_protected_tags_on_project_id", using: :btree
 
+  create_table "push_event_payloads", id: false, force: :cascade do |t|
+    t.integer "commit_count", limit: 8, null: false
+    t.integer "event_id", null: false
+    t.integer "action", limit: 2, null: false
+    t.integer "ref_type", limit: 2, null: false
+    t.binary "commit_from"
+    t.binary "commit_to"
+    t.text "ref"
+    t.string "commit_title", limit: 70
+  end
+
+  add_index "push_event_payloads", ["event_id"], name: "index_push_event_payloads_on_event_id", unique: true, using: :btree
+
   create_table "redirect_routes", force: :cascade do |t|
     t.integer "source_id", null: false
     t.string "source_type", null: false
@@ -1654,6 +1685,8 @@ ActiveRecord::Schema.define(version: 20170803130232) do
   add_foreign_key "deployments", "projects", name: "fk_b9a3851b82", on_delete: :cascade
   add_foreign_key "environments", "projects", name: "fk_d1c8c1da6a", on_delete: :cascade
   add_foreign_key "events", "projects", name: "fk_0434b48643", on_delete: :cascade
+  add_foreign_key "events_for_migration", "projects", on_delete: :cascade
+  add_foreign_key "events_for_migration", "users", column: "author_id", name: "fk_edfd187b6f", on_delete: :cascade
   add_foreign_key "forked_project_links", "projects", column: "forked_to_project_id", name: "fk_434510edb0", on_delete: :cascade
   add_foreign_key "gpg_keys", "users", on_delete: :cascade
   add_foreign_key "gpg_signatures", "gpg_keys", on_delete: :nullify
@@ -1696,6 +1729,7 @@ ActiveRecord::Schema.define(version: 20170803130232) do
   add_foreign_key "protected_tag_create_access_levels", "protected_tags"
   add_foreign_key "protected_tag_create_access_levels", "users"
   add_foreign_key "protected_tags", "projects", name: "fk_8e4af87648", on_delete: :cascade
+  add_foreign_key "push_event_payloads", "events_for_migration", column: "event_id", name: "fk_36c74129da", on_delete: :cascade
   add_foreign_key "releases", "projects", name: "fk_47fe2a0596", on_delete: :cascade
   add_foreign_key "services", "projects", name: "fk_71cce407f9", on_delete: :cascade
   add_foreign_key "snippets", "projects", name: "fk_be41fd4bb7", on_delete: :cascade
diff --git a/doc/README.md b/doc/README.md
index 8bb8e147cd1..547541c4876 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -1,9 +1,13 @@
+---
+toc: false
+---
+
 # GitLab Documentation
 
 Welcome to [GitLab](https://about.gitlab.com/), a Git-based fully featured
 platform for software development!
 
-We offer four different products for you and your company:
+GitLab offers the most scalable Git-based fully integrated platform for software development, with flexible products and subscription plans:
 
 - **GitLab Community Edition (CE)** is an [opensource product](https://gitlab.com/gitlab-org/gitlab-ce/),
 self-hosted, free to use. Every feature available in GitLab CE is also available on GitLab Enterprise Edition (Starter and Premium) and GitLab.com.
@@ -26,6 +30,10 @@ Shortcuts to GitLab's most visited docs:
 | [Configuring `.gitlab-ci.yml`](ci/yaml/README.md) | [SSH authentication](ssh/README.md) |
 | [Using Docker images](ci/docker/using_docker_images.md) | [GitLab Pages](user/project/pages/index.md) |
 
+- [User documentation](user/index.md)
+- [Administrator documentation](#administrator-documentation)
+- [Technical Articles](articles/index.md)
+
 ## Getting started with GitLab
 
 - [GitLab Basics](gitlab-basics/README.md): Start working on your command line and on GitLab.
@@ -36,7 +44,6 @@ Shortcuts to GitLab's most visited docs:
 
 ### User account
 
-- [User documentation](user/index.md): Learn how to use GitLab and explore its features
 - [User account](user/profile/index.md): Manage your account
   - [Authentication](topics/authentication/index.md): Account security with two-factor authentication, setup your ssh keys and deploy keys for secure access to your projects.
   - [Profile settings](user/profile/index.md#profile-settings): Manage your profile settings, two factor authentication and more.
diff --git a/doc/administration/high_availability/nfs.md b/doc/administration/high_availability/nfs.md
index 90a2e9298bf..e09ccaba08c 100644
--- a/doc/administration/high_availability/nfs.md
+++ b/doc/administration/high_availability/nfs.md
@@ -42,6 +42,10 @@ GitLab does not recommend using EFS with GitLab.
   are allocated. For smaller volumes, users may experience decent performance
   for a period of time due to 'Burst Credits'. Over a period of weeks to months
   credits may run out and performance will bottom out.
+- To keep "Burst Credits" available, it may be necessary to provision more space
+  with 'dummy data'.  However, this may get expensive.
+- Another option to maintain "Burst Credits" is to use FS Cache on the server so
+  that AWS doesn't always have to go into EFS to access files.
 - For larger volumes, allocated IOPS may not be the problem. Workloads where
   many small files are written in a serialized manner are not well-suited for EFS.
   EBS with an NFS server on top will perform much better.
diff --git a/doc/administration/logs.md b/doc/administration/logs.md
index 4b8d5c5cc87..76e071dc673 100644
--- a/doc/administration/logs.md
+++ b/doc/administration/logs.md
@@ -9,6 +9,33 @@ documentation](http://docs.gitlab.com/ee/administration/audit_events.html)
 System log files are typically plain text in a standard log file format.
 This guide talks about how to read and use these system log files.
 
+## `production_json.log`
+
+This file lives in `/var/log/gitlab/gitlab-rails/production_json.log` for
+Omnibus GitLab packages or in `/home/git/gitlab/log/production_json.log` for
+installations from source. (When Gitlab is running in an environment
+other than production, the corresponding logfile is shown here.)
+
+It contains a structured log for Rails controller requests received from
+GitLab, thanks to [Lograge](https://github.com/roidrage/lograge/). Note that
+requests from the API [are not yet logged to this
+file](https://gitlab.com/gitlab-org/gitlab-ce/issues/36189).
+
+Each line contains a JSON line that can be ingested by Elasticsearch, Splunk, etc. For example:
+
+```json
+{"method":"GET","path":"/gitlab/gitlab-ce/issues/1234","format":"html","controller":"Projects::IssuesController","action":"show","status":200,"duration":229.03,"view":174.07,"db":13.24,"time":"2017-08-08T20:15:54.821Z","params":{"namespace_id":"gitlab","project_id":"gitlab-ce","id":"1234"},"remote_ip":"18.245.0.1","user_id":1,"username":"admin"}
+```
+
+In this example, you can see this was a GET request for a specific issue. Notice each line also contains performance data:
+
+1. `duration`: the total time taken to retrieve the request
+2. `view`: total time taken inside the Rails views
+3. `db`: total time to retrieve data from the database
+
+In addition, the log contains the IP address from which the request originated
+(`remote_ip`) as well as the user's ID (`user_id`), and username (`username`).
+
 ## `production.log`
 
 This file lives in `/var/log/gitlab/gitlab-rails/production.log` for
diff --git a/doc/api/commits.md b/doc/api/commits.md
index c91f9ecbdaf..2a78553782f 100644
--- a/doc/api/commits.md
+++ b/doc/api/commits.md
@@ -69,8 +69,9 @@ POST /projects/:id/repository/commits
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
 | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) |
-| `branch` | string | yes | The name of a branch |
+| `branch` | string | yes | Name of the branch to commit into. To create a new branch, also provide `start_branch`. |
 | `commit_message` | string | yes | Commit message |
+| `start_branch` | string | no | Name of the branch to start the new commit from |
 | `actions[]` | array | yes | An array of action hashes to commit as a batch. See the next table for what attributes it can take. |
 | `author_email` | string | no | Specify the commit author's email address |
 | `author_name` | string | no | Specify the commit author's name |
diff --git a/doc/api/events.md b/doc/api/events.md
index 6e530317f6c..129af0afa35 100644
--- a/doc/api/events.md
+++ b/doc/api/events.md
@@ -79,7 +79,6 @@ Example response:
     "target_id":160,
     "target_type":"Issue",
     "author_id":25,
-    "data":null,
     "target_title":"Qui natus eos odio tempore et quaerat consequuntur ducimus cupiditate quis.",
     "created_at":"2017-02-09T10:43:19.667Z",
     "author":{
@@ -99,7 +98,6 @@ Example response:
     "target_id":159,
     "target_type":"Issue",
     "author_id":21,
-    "data":null,
     "target_title":"Nostrum enim non et sed optio illo deleniti non.",
     "created_at":"2017-02-09T10:43:19.426Z",
     "author":{
@@ -151,7 +149,6 @@ Example response:
     "target_id": 830,
     "target_type": "Issue",
     "author_id": 1,
-    "data": null,
     "target_title": "Public project search field",
     "author": {
       "name": "Dmitriy Zaporozhets",
@@ -166,7 +163,7 @@ Example response:
   {
     "title": null,
     "project_id": 15,
-    "action_name": "opened",
+    "action_name": "pushed",
     "target_id": null,
     "target_type": null,
     "author_id": 1,
@@ -179,31 +176,14 @@ Example response:
       "web_url": "http://localhost:3000/root"
     },
     "author_username": "john",
-    "data": {
-      "before": "50d4420237a9de7be1304607147aec22e4a14af7",
-      "after": "c5feabde2d8cd023215af4d2ceeb7a64839fc428",
-      "ref": "refs/heads/master",
-      "user_id": 1,
-      "user_name": "Dmitriy Zaporozhets",
-      "repository": {
-        "name": "gitlabhq",
-        "url": "git@dev.gitlab.org:gitlab/gitlabhq.git",
-        "description": "GitLab: self hosted Git management software. \r\nDistributed under the MIT License.",
-        "homepage": "https://dev.gitlab.org/gitlab/gitlabhq"
-      },
-      "commits": [
-        {
-          "id": "c5feabde2d8cd023215af4d2ceeb7a64839fc428",
-          "message": "Add simple search to projects in public area",
-          "timestamp": "2013-05-13T18:18:08+00:00",
-          "url": "https://dev.gitlab.org/gitlab/gitlabhq/commit/c5feabde2d8cd023215af4d2ceeb7a64839fc428",
-          "author": {
-            "name": "Dmitriy Zaporozhets",
-            "email": "dmitriy.zaporozhets@gmail.com"
-          }
-        }
-      ],
-      "total_commits_count": 1
+    "push_data": {
+      "commit_count": 1,
+      "action": "pushed",
+      "ref_type": "branch",
+      "commit_from": "50d4420237a9de7be1304607147aec22e4a14af7",
+      "commit_to": "c5feabde2d8cd023215af4d2ceeb7a64839fc428",
+      "ref": "master",
+      "commit_title": "Add simple search to projects in public area"
     },
     "target_title": null
   },
@@ -214,7 +194,6 @@ Example response:
     "target_id": 840,
     "target_type": "Issue",
     "author_id": 1,
-    "data": null,
     "target_title": "Finish & merge Code search PR",
     "author": {
       "name": "Dmitriy Zaporozhets",
@@ -233,7 +212,6 @@ Example response:
     "target_id": 1312,
     "target_type": "Note",
     "author_id": 1,
-    "data": null,
     "target_title": null,
     "created_at": "2015-12-04T10:33:58.089Z",
     "note": {
@@ -305,7 +283,6 @@ Example response:
     "target_iid":160,
     "target_type":"Issue",
     "author_id":25,
-    "data":null,
     "target_title":"Qui natus eos odio tempore et quaerat consequuntur ducimus cupiditate quis.",
     "created_at":"2017-02-09T10:43:19.667Z",
     "author":{
@@ -326,7 +303,6 @@ Example response:
     "target_iid":159,
     "target_type":"Issue",
     "author_id":21,
-    "data":null,
     "target_title":"Nostrum enim non et sed optio illo deleniti non.",
     "created_at":"2017-02-09T10:43:19.426Z",
     "author":{
@@ -338,6 +314,45 @@ Example response:
       "web_url":"https://gitlab.example.com/ted"
     },
     "author_username":"ted"
+  },
+  {
+    "title": null,
+    "project_id": 1,
+    "action_name": "commented on",
+    "target_id": 1312,
+    "target_iid": 1312,
+    "target_type": "Note",
+    "author_id": 1,
+    "data": null,
+    "target_title": null,
+    "created_at": "2015-12-04T10:33:58.089Z",
+    "note": {
+      "id": 1312,
+      "body": "What an awesome day!",
+      "attachment": null,
+      "author": {
+        "name": "Dmitriy Zaporozhets",
+        "username": "root",
+        "id": 1,
+        "state": "active",
+        "avatar_url": "http://localhost:3000/uploads/user/avatar/1/fox_avatar.png",
+        "web_url": "http://localhost:3000/root"
+      },
+      "created_at": "2015-12-04T10:33:56.698Z",
+      "system": false,
+      "noteable_id": 377,
+      "noteable_type": "Issue",
+      "noteable_iid": 377
+    },
+    "author": {
+      "name": "Dmitriy Zaporozhets",
+      "username": "root",
+      "id": 1,
+      "state": "active",
+      "avatar_url": "http://localhost:3000/uploads/user/avatar/1/fox_avatar.png",
+      "web_url": "http://localhost:3000/root"
+    },
+    "author_username": "root"
   }
 ]
 ```
diff --git a/doc/api/group_milestones.md b/doc/api/group_milestones.md
index 086fba7e91d..dbfc7529125 100644
--- a/doc/api/group_milestones.md
+++ b/doc/api/group_milestones.md
@@ -6,7 +6,7 @@ Returns a list of group milestones.
 
 ```
 GET /groups/:id/milestones
-GET /groups/:id/milestones?iids=42
+GET /groups/:id/milestones?iids[]=42
 GET /groups/:id/milestones?iids[]=42&iids[]=43
 GET /groups/:id/milestones?state=active
 GET /groups/:id/milestones?state=closed
@@ -18,7 +18,7 @@ Parameters:
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
 | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user |
-| `iids` | Array[integer] | optional | Return only the milestones having the given `iids` |
+| `iids[]` | Array[integer] | optional | Return only the milestones having the given `iid` |
 | `state` | string | optional | Return only `active` or `closed` milestones` |
 | `search` | string | optional | Return only milestones with a title or description matching the provided string |
 
diff --git a/doc/api/issues.md b/doc/api/issues.md
index 6bac2927339..f30ed08d0fa 100644
--- a/doc/api/issues.md
+++ b/doc/api/issues.md
@@ -40,7 +40,7 @@ GET /issues?assignee_id=5
 | `scope`     | string         | no       | Return issues for the given scope: `created-by-me`, `assigned-to-me` or `all`. Defaults to `created-by-me` _([Introduced][ce-13004] in GitLab 9.5)_ |
 | `author_id` | integer        | no       | Return issues created by the given user `id`. Combine with `scope=all` or `scope=assigned-to-me`. _([Introduced][ce-13004] in GitLab 9.5)_ |
 | `assignee_id` | integer      | no       | Return issues assigned to the given user `id` _([Introduced][ce-13004] in GitLab 9.5)_                                      |
-| `iids`      | Array[integer] | no       | Return only the issues having the given `iid`                                                                               |
+| `iids[]`    | Array[integer] | no       | Return only the issues having the given `iid`                                                                               |
 | `order_by`  | string         | no       | Return issues ordered by `created_at` or `updated_at` fields. Default is `created_at`                                       |
 | `sort`      | string         | no       | Return issues sorted in `asc` or `desc` order. Default is `desc`                                                            |
 | `search`    | string         | no       | Search issues against their `title` and `description`                                                                       |
@@ -132,7 +132,7 @@ GET /groups/:id/issues?assignee_id=5
 | `id`        | integer/string | yes      | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user  |
 | `state`     | string         | no       | Return all issues or just those that are `opened` or `closed`                                                               |
 | `labels`    | string         | no       | Comma-separated list of label names, issues must have all labels to be returned. `No+Label` lists all issues with no labels |
-| `iids`      | Array[integer] | no       | Return only the issues having the given `iid`                                                                               |
+| `iids[]`    | Array[integer] | no       | Return only the issues having the given `iid`                                                                               |
 | `milestone` | string         | no       | The milestone title                                                                                                         |
 | `scope`     | string         | no       | Return issues for the given scope: `created-by-me`, `assigned-to-me` or `all` _([Introduced][ce-13004] in GitLab 9.5)_      |
 | `author_id` | integer        | no       | Return issues created by the given user `id` _([Introduced][ce-13004] in GitLab 9.5)_                                       |
@@ -227,7 +227,7 @@ GET /projects/:id/issues?assignee_id=5
 | Attribute   | Type           | Required | Description                                                                                                                 |
 |-------------|----------------|----------|-----------------------------------------------------------------------------------------------------------------------------|
 | `id`        | integer/string        | yes      | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user      |
-| `iids`      | Array[integer] | no       | Return only the milestone having the given `iid`                                                                            |
+| `iids[]`    | Array[integer] | no       | Return only the milestone having the given `iid`                                                                            |
 | `state`     | string         | no       | Return all issues or just those that are `opened` or `closed`                                                               |
 | `labels`    | string         | no       | Comma-separated list of label names, issues must have all labels to be returned. `No+Label` lists all issues with no labels |
 | `milestone` | string         | no       | The milestone title                                                                                                         |
diff --git a/doc/api/merge_requests.md b/doc/api/merge_requests.md
index d0725b5e06e..802e5362d70 100644
--- a/doc/api/merge_requests.md
+++ b/doc/api/merge_requests.md
@@ -117,7 +117,7 @@ Parameters:
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
 | `id` | integer | yes | The ID of a project |
-| `iids` | Array[integer] | no | Return the request having the given `iid` |
+| `iids[]` | Array[integer] | no | Return the request having the given `iid` |
 | `state`   | string  | no    | Return all merge requests or just those that are `opened`, `closed`, or `merged`|
 | `order_by`| string  | no    | Return requests ordered by `created_at` or `updated_at` fields. Default is `created_at` |
 | `sort`    | string  | no    | Return requests sorted in `asc` or `desc` order. Default is `desc`  |
diff --git a/doc/api/milestones.md b/doc/api/milestones.md
index a082d548499..84930f0bdc9 100644
--- a/doc/api/milestones.md
+++ b/doc/api/milestones.md
@@ -6,7 +6,7 @@ Returns a list of project milestones.
 
 ```
 GET /projects/:id/milestones
-GET /projects/:id/milestones?iids=42
+GET /projects/:id/milestones?iids[]=42
 GET /projects/:id/milestones?iids[]=42&iids[]=43
 GET /projects/:id/milestones?state=active
 GET /projects/:id/milestones?state=closed
@@ -18,7 +18,7 @@ Parameters:
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
 | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
-| `iids` | Array[integer] | optional | Return only the milestones having the given `iids` |
+| `iids[]` | Array[integer] | optional | Return only the milestones having the given `iid` |
 | `state` | string | optional | Return only `active` or `closed` milestones` |
 | `search` | string | optional | Return only milestones with a title or description matching the provided string |
 
diff --git a/doc/api/notes.md b/doc/api/notes.md
index 388e6989df2..e627369e17b 100644
--- a/doc/api/notes.md
+++ b/doc/api/notes.md
@@ -35,7 +35,8 @@ Parameters:
     "updated_at": "2013-10-02T10:22:45Z",
     "system": true,
     "noteable_id": 377,
-    "noteable_type": "Issue"
+    "noteable_type": "Issue",
+    "noteable_iid": 377
   },
   {
     "id": 305,
@@ -53,7 +54,8 @@ Parameters:
     "updated_at": "2013-10-02T09:56:03Z",
     "system": true,
     "noteable_id": 121,
-    "noteable_type": "Issue"
+    "noteable_type": "Issue",
+    "noteable_iid": 121
   }
 ]
 ```
@@ -267,7 +269,8 @@ Parameters:
   "updated_at": "2013-10-02T08:57:14Z",
   "system": false,
   "noteable_id": 2,
-  "noteable_type": "MergeRequest"
+  "noteable_type": "MergeRequest",
+  "noteable_iid": 2
 }
 ```
 
diff --git a/doc/api/repository_files.md b/doc/api/repository_files.md
index 1fc577561a0..c517a38a8ba 100644
--- a/doc/api/repository_files.md
+++ b/doc/api/repository_files.md
@@ -76,7 +76,8 @@ Example response:
 Parameters:
 
 - `file_path` (required) - Url encoded full path to new file. Ex. lib%2Fclass%2Erb
-- `branch` (required) - The name of branch
+- `branch` (required) - Name of the branch
+- `start_branch` (optional) - Name of the branch to start the new commit from
 - `encoding` (optional) - Change encoding to 'base64'. Default is text.
 - `author_email` (optional) - Specify the commit author's email address
 - `author_name` (optional) - Specify the commit author's name
@@ -105,7 +106,8 @@ Example response:
 Parameters:
 
 - `file_path` (required) - Url encoded full path to new file. Ex. lib%2Fclass%2Erb
-- `branch` (required) - The name of branch
+- `branch` (required) - Name of the branch
+- `start_branch` (optional) - Name of the branch to start the new commit from
 - `encoding` (optional) - Change encoding to 'base64'. Default is text.
 - `author_email` (optional) - Specify the commit author's email address
 - `author_name` (optional) - Specify the commit author's name
@@ -144,7 +146,8 @@ Example response:
 Parameters:
 
 - `file_path` (required) - Url encoded full path to new file. Ex. lib%2Fclass%2Erb
-- `branch` (required) - The name of branch
+- `branch` (required) - Name of the branch
+- `start_branch` (optional) - Name of the branch to start the new commit from
 - `author_email` (optional) - Specify the commit author's email address
 - `author_name` (optional) - Specify the commit author's name
 - `commit_message` (required) - Commit message
diff --git a/doc/api/tags.md b/doc/api/tags.md
index 54f092d1d30..32fe5eea692 100644
--- a/doc/api/tags.md
+++ b/doc/api/tags.md
@@ -18,17 +18,20 @@ Parameters:
 [
   {
     "commit": {
+      "id": "2695effb5807a22ff3d138d593fd856244e155e7",
+      "short_id": "2695effb",
+      "title": "Initial commit",
+      "created_at": "2017-07-26T11:08:53.000+02:00",
+      "parent_ids": [
+        "2a4b78934375d7f53875269ffd4f45fd83a84ebe"
+      ],
+      "message": "Initial commit",
       "author_name": "John Smith",
       "author_email": "john@example.com",
       "authored_date": "2012-05-28T04:42:42-07:00",
-      "committed_date": "2012-05-28T04:42:42-07:00",
       "committer_name": "Jack Smith",
       "committer_email": "jack@example.com",
-      "id": "2695effb5807a22ff3d138d593fd856244e155e7",
-      "message": "Initial commit",
-      "parent_ids": [
-        "2a4b78934375d7f53875269ffd4f45fd83a84ebe"
-      ]
+      "committed_date": "2012-05-28T04:42:42-07:00"
     },
     "release": {
       "tag_name": "1.0.0",
@@ -68,16 +71,19 @@ Example Response:
   "message": null,
   "commit": {
     "id": "60a8ff033665e1207714d6670fcd7b65304ec02f",
-    "message": "v5.0.0\n",
+    "short_id": "60a8ff03",
+    "title": "Initial commit",
+    "created_at": "2017-07-26T11:08:53.000+02:00",
     "parent_ids": [
       "f61c062ff8bcbdb00e0a1b3317a91aed6ceee06b"
     ],
-    "authored_date": "2015-02-01T21:56:31.000+01:00",
+    "message": "v5.0.0\n",
     "author_name": "Arthur Verschaeve",
     "author_email": "contact@arthurverschaeve.be",
-    "committed_date": "2015-02-01T21:56:31.000+01:00",
+    "authored_date": "2015-02-01T21:56:31.000+01:00",
     "committer_name": "Arthur Verschaeve",
-    "committer_email": "contact@arthurverschaeve.be"
+    "committer_email": "contact@arthurverschaeve.be",
+    "committed_date": "2015-02-01T21:56:31.000+01:00"
   },
   "release": null
 }
@@ -102,17 +108,20 @@ Parameters:
 ```json
 {
   "commit": {
+    "id": "2695effb5807a22ff3d138d593fd856244e155e7",
+    "short_id": "2695effb",
+    "title": "Initial commit",
+    "created_at": "2017-07-26T11:08:53.000+02:00",
+    "parent_ids": [
+      "2a4b78934375d7f53875269ffd4f45fd83a84ebe"
+    ],
+    "message": "Initial commit",
     "author_name": "John Smith",
     "author_email": "john@example.com",
     "authored_date": "2012-05-28T04:42:42-07:00",
-    "committed_date": "2012-05-28T04:42:42-07:00",
     "committer_name": "Jack Smith",
     "committer_email": "jack@example.com",
-    "id": "2695effb5807a22ff3d138d593fd856244e155e7",
-    "message": "Initial commit",
-    "parent_ids": [
-      "2a4b78934375d7f53875269ffd4f45fd83a84ebe"
-    ]
+    "committed_date": "2012-05-28T04:42:42-07:00"
   },
   "release": {
     "tag_name": "1.0.0",
diff --git a/doc/articles/artifactory_and_gitlab/index.md b/doc/articles/artifactory_and_gitlab/index.md
new file mode 100644
index 00000000000..c64851bad2b
--- /dev/null
+++ b/doc/articles/artifactory_and_gitlab/index.md
@@ -0,0 +1,278 @@
+# How to deploy Maven projects to Artifactory with GitLab CI/CD
+
+> **Article [Type](../../development/writing_documentation.md#types-of-technical-articles):** tutorial ||
+> **Level:** intermediary ||
+> **Author:** [Fabio Busatto](https://gitlab.com/bikebilly) ||
+> **Publication date:** 2017-08-15
+
+## Introduction
+
+In this article, we will show how you can leverage the power of [GitLab CI/CD](https://about.gitlab.com/features/gitlab-ci-cd/)
+to build a [Maven](https://maven.apache.org/) project, deploy it to [Artifactory](https://www.jfrog.com/artifactory/), and then use it from another Maven application as a dependency.
+
+You'll create two different projects:
+
+- `simple-maven-dep`: the app built and deployed to Artifactory (available at https://gitlab.com/gitlab-examples/maven/simple-maven-dep)
+- `simple-maven-app`: the app using the previous one as a dependency (available at https://gitlab.com/gitlab-examples/maven/simple-maven-app)
+
+We assume that you already have a GitLab account on [GitLab.com](https://gitlab.com/), and that you know the basic usage of Git and [GitLab CI/CD](https://about.gitlab.com/features/gitlab-ci-cd/).
+We also assume that an Artifactory instance is available and reachable from the internet, and that you have valid credentials to deploy on it.
+
+## Create the simple Maven dependency
+
+First of all, you need an application to work with: in this specific case we will
+use a simple one, but it could be any Maven application. This will be the
+dependency you want to package and deploy to Artifactory, in order to be
+available to other projects.
+
+### Prepare the dependency application
+
+For this article you'll use a Maven app that can be cloned from our example
+project:
+
+1. Log in to your GitLab account
+1. Create a new project by selecting **Import project from âž” Repo by URL**
+1. Add the following URL:
+
+    ```
+    https://gitlab.com/gitlab-examples/maven/simple-maven-dep.git
+    ```
+1. Click **Create project**
+
+This application is nothing more than a basic class with a stub for a JUnit based test suite.
+It exposes a method called `hello` that accepts a string as input, and prints a hello message on the screen.
+
+The project structure is really simple, and you should consider these two resources:
+
+- `pom.xml`: project object model (POM) configuration file
+- `src/main/java/com/example/dep/Dep.java`: source of our application
+
+### Configure the Artifactory deployment
+
+The application is ready to use, but you need some additional steps to deploy it to Artifactory:
+
+1. Log in to Artifactory with your user's credentials.
+1. From the main screen, click on the `libs-release-local` item in the **Set Me Up** panel.
+1. Copy to clipboard the configuration snippet under the **Deploy** paragraph.
+1. Change the `url` value in order to have it configurable via secret variables.
+1. Copy the snippet in the `pom.xml` file for your project, just after the
+   `dependencies` section. The snippet should look like this:
+
+    ```xml
+    <distributionManagement>
+      <repository>
+        <id>central</id>
+        <name>83d43b5afeb5-releases</name>
+        <url>${env.MAVEN_REPO_URL}/libs-release-local</url>
+      </repository>
+    </distributionManagement>
+    ```
+
+Another step you need to do before you can deploy the dependency to Artifactory
+is to configure the authentication data. It is a simple task, but Maven requires
+it to stay in a file called `settings.xml` that has to be in the `.m2` subdirectory
+in the user's homedir.
+
+Since you want to use GitLab Runner to automatically deploy the application, you
+should create the file in the project's home directory and set a command line
+parameter in `.gitlab-ci.yml` to use the custom location instead of the default one:
+
+1. Create a folder called `.m2` in the root of your repository
+1. Create a file called `settings.xml` in the `.m2` folder
+1. Copy the following content into a `settings.xml` file:
+
+    ```xml
+    <settings xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd"
+        xmlns="http://maven.apache.org/SETTINGS/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+      <servers>
+        <server>
+          <id>central</id>
+          <username>${env.MAVEN_REPO_USER}</username>
+          <password>${env.MAVEN_REPO_PASS}</password>
+        </server>
+      </servers>
+    </settings>
+    ```
+
+    Username and password will be replaced by the correct values using secret variables.
+
+### Configure GitLab CI/CD for `simple-maven-dep`
+
+Now it's time we set up [GitLab CI/CD](https://about.gitlab.com/features/gitlab-ci-cd/) to automatically build, test and deploy the dependency!
+
+GitLab CI/CD uses a file in the root of the repo, named `.gitlab-ci.yml`, to read the definitions for jobs
+that will be executed by the configured GitLab Runners. You can read more about this file in the [GitLab Documentation](https://docs.gitlab.com/ee/ci/yaml/).
+
+First of all, remember to set up secret variables for your deployment. Navigate to your project's **Settings > CI/CD** page
+and add the following secret variables (replace them with your current values, of course):
+
+- **MAVEN_REPO_URL**: `http://artifactory.example.com:8081/artifactory` (your Artifactory URL)
+- **MAVEN_REPO_USER**: `gitlab` (your Artifactory username)
+- **MAVEN_REPO_PASS**: `AKCp2WXr3G61Xjz1PLmYa3arm3yfBozPxSta4taP3SeNu2HPXYa7FhNYosnndFNNgoEds8BCS` (your Artifactory Encrypted Password)
+
+Now it's time to define jobs in `.gitlab-ci.yml` and push it to the repo:
+
+```yaml
+image: maven:latest
+
+variables:
+  MAVEN_CLI_OPTS: "-s .m2/settings.xml --batch-mode"
+  MAVEN_OPTS: "-Dmaven.repo.local=.m2/repository"
+
+cache:
+  paths:
+    - .m2/repository/
+    - target/
+
+build:
+  stage: build
+  script:
+    - mvn $MAVEN_CLI_OPTS compile
+
+test:
+  stage: test
+  script:
+    - mvn $MAVEN_CLI_OPTS test
+
+deploy:
+  stage: deploy
+  script:
+    - mvn $MAVEN_CLI_OPTS deploy
+  only:
+    - master
+```
+
+GitLab Runner will use the latest [Maven Docker image](https://hub.docker.com/_/maven/), which already contains all the tools and the dependencies you need to manage the project,
+in order to run the jobs.
+
+Environment variables are set to instruct Maven to use the `homedir` of the repo instead of the user's home when searching for configuration and dependencies.
+
+Caching the `.m2/repository folder` (where all the Maven files are stored), and the `target` folder (where our application will be created), is useful for speeding up the process
+by running all Maven phases in a sequential order, therefore, executing `mvn test` will automatically run `mvn compile` if necessary.
+
+Both `build` and `test` jobs leverage the `mvn` command to compile the application and to test it as defined in the test suite that is part of the application.
+
+Deploy to Artifactory is done as defined by the secret variables we have just set up.
+The deployment occurs only if we're pushing or merging to `master` branch, so that the development versions are tested but not published.
+
+Done! Now you have all the changes in the GitLab repo, and a pipeline has already been started for this commit. In the **Pipelines** tab you can see what's happening.
+If the deployment has been successful, the deploy job log will output:
+
+```
+[INFO] ------------------------------------------------------------------------
+[INFO] BUILD SUCCESS
+[INFO] ------------------------------------------------------------------------
+[INFO] Total time: 1.983 s
+```
+
+>**Note**:
+the `mvn` command downloads a lot of files from the internet, so you'll see a lot of extra activity in the log the first time you run it.
+
+Yay! You did it! Checking in Artifactory will confirm that you have a new artifact available in the `libs-release-local` repo.
+
+## Create the main Maven application
+
+Now that you have the dependency available on Artifactory, it's time to use it!
+Let's see how we can have it as a dependency to our main application.
+
+### Prepare the main application
+
+We'll use again a Maven app that can be cloned from our example project:
+
+1. Create a new project by selecting **Import project from âž” Repo by URL**
+1. Add the following URL:
+
+    ```
+    https://gitlab.com/gitlab-examples/maven/simple-maven-app.git
+    ```
+1. Click **Create project**
+
+This one is a simple app as well. If you look at the `src/main/java/com/example/app/App.java`
+file you can see that it imports the `com.example.dep.Dep` class and calls the `hello` method passing `GitLab` as a parameter.
+
+Since Maven doesn't know how to resolve the dependency, you need to modify the configuration:
+
+1. Go back to Artifactory
+1. Browse the `libs-release-local` repository
+1. Select the `simple-maven-dep-1.0.jar` file
+1. Find the configuration snippet from the **Dependency Declaration** section of the main panel
+1. Copy the snippet in the `dependencies` section of the `pom.xml` file.
+   The snippet should look like this:
+
+    ```xml
+    <dependency>
+      <groupId>com.example.dep</groupId>
+      <artifactId>simple-maven-dep</artifactId>
+      <version>1.0</version>
+    </dependency>
+    ```
+
+### Configure the Artifactory repository location
+
+At this point you defined the dependency for the application, but you still miss where you can find the required files.
+You need to create a `.m2/settings.xml` file as you did for the dependency project, and let Maven know the location using environment variables.
+
+Here is how you can get the content of the file directly from Artifactory:
+
+1. From the main screen, click on the `libs-release-local` item in the **Set Me Up** panel
+1. Click on **Generate Maven Settings**
+1. Click on **Generate Settings**
+1. Copy to clipboard the configuration file
+1. Save the file as `.m2/settings.xml` in your repo
+
+Now you are ready to use the Artifactory repository to resolve dependencies and use `simple-maven-dep` in your main application!
+
+### Configure GitLab CI/CD for `simple-maven-app`
+
+You need a last step to have everything in place: configure the `.gitlab-ci.yml` file for this project, as you already did for `simple-maven-dep`.
+
+You want to leverage [GitLab CI/CD](https://about.gitlab.com/features/gitlab-ci-cd/) to automatically build, test and run your awesome application,
+and see if you can get the greeting as expected!
+
+All you need to do is to add the following `.gitlab-ci.yml` to the repo:
+
+```yaml
+image: maven:latest
+
+stages:
+  - build
+  - test
+  - run
+
+variables:
+  MAVEN_CLI_OPTS: "-s .m2/settings.xml --batch-mode"
+  MAVEN_OPTS: "-Dmaven.repo.local=.m2/repository"
+
+cache:
+  paths:
+    - .m2/repository/
+    - target/
+
+build:
+  stage: build
+  script:
+    - mvn $MAVEN_CLI_OPTS compile
+
+test:
+  stage: test
+  script:
+    - mvn $MAVEN_CLI_OPTS test
+
+run:
+  stage: run
+  script:
+    - mvn $MAVEN_CLI_OPTS package
+    - mvn $MAVEN_CLI_OPTS exec:java -Dexec.mainClass="com.example.app.App"
+```
+
+It is very similar to the configuration used for `simple-maven-dep`, but instead of the `deploy` job there is a `run` job.
+Probably something that you don't want to use in real projects, but here it is useful to see the application executed automatically.
+
+And that's it! In the `run` job output log you will find a friendly hello to GitLab!
+
+## Conclusion
+
+In this article we covered the basic steps to use an Artifactory Maven repository to automatically publish and consume artifacts.
+
+A similar approach could be used to interact with any other Maven compatible Binary Repository Manager.
+Obviously, you can improve these examples, optimizing the `.gitlab-ci.yml` file to better suit your needs, and adapting to your workflow.
diff --git a/doc/articles/how_to_configure_ldap_gitlab_ce/index.md b/doc/articles/how_to_configure_ldap_gitlab_ce/index.md
index 130e8f542b4..25a24bc1d32 100644
--- a/doc/articles/how_to_configure_ldap_gitlab_ce/index.md
+++ b/doc/articles/how_to_configure_ldap_gitlab_ce/index.md
@@ -3,7 +3,7 @@
 > **Article [Type](../../development/writing_documentation.html#types-of-technical-articles):** admin guide ||
 > **Level:** intermediary ||
 > **Author:** [Chris Wilson](https://gitlab.com/MrChrisW) ||
-> **Publication date:** 2017/05/03
+> **Publication date:** 2017-05-03
 
 ## Introduction
 
diff --git a/doc/articles/how_to_install_git/index.md b/doc/articles/how_to_install_git/index.md
index 66d866b2d09..37b60501ce2 100644
--- a/doc/articles/how_to_install_git/index.md
+++ b/doc/articles/how_to_install_git/index.md
@@ -3,7 +3,7 @@
 > **Article [Type](../../development/writing_documentation.html#types-of-technical-articles):** user guide ||
 > **Level:** beginner ||
 > **Author:** [Sean Packham](https://gitlab.com/SeanPackham) ||
-> **Publication date:** 2017/05/15
+> **Publication date:** 2017-05-15
 
 To begin contributing to GitLab projects
 you will need to install the Git client on your computer.
diff --git a/doc/articles/index.md b/doc/articles/index.md
index 558c624fe39..3039faca411 100644
--- a/doc/articles/index.md
+++ b/doc/articles/index.md
@@ -26,6 +26,7 @@ Build, test, and deploy the software you develop with [GitLab CI/CD](../ci/READM
 
 | Article title | Category | Publishing date |
 | :------------ | :------: | --------------: |
+| [How to deploy Maven projects to Artifactory with GitLab CI/CD](artifactory_and_gitlab/index.md) | Tutorial | 2017-08-15 |
 | [Making CI Easier with GitLab](https://about.gitlab.com/2017/07/13/making-ci-easier-with-gitlab/) | Concepts | 2017/07/13 |
 | [Dockerizing GitLab Review Apps](https://about.gitlab.com/2017/07/11/dockerizing-review-apps/) | Concepts | 2017/07/11 |
 | [Continuous Integration: From Jenkins to GitLab Using Docker](https://about.gitlab.com/2017/07/27/docker-my-precious/) | Concepts | 2017/07/27 |
diff --git a/doc/articles/openshift_and_gitlab/index.md b/doc/articles/openshift_and_gitlab/index.md
index 7f76e577efa..c0bbcfe2a8a 100644
--- a/doc/articles/openshift_and_gitlab/index.md
+++ b/doc/articles/openshift_and_gitlab/index.md
@@ -3,7 +3,7 @@
 > **Article [Type](../../development/writing_documentation.html#types-of-technical-articles):** tutorial ||
 > **Level:** intermediary ||
 > **Author:** [Achilleas Pipinellis](https://gitlab.com/axil) ||
-> **Publication date:** 2016/06/28
+> **Publication date:** 2016-06-28
 
 ## Introduction
 
diff --git a/doc/ci/README.md b/doc/ci/README.md
index 10ea9467942..c722d895f42 100644
--- a/doc/ci/README.md
+++ b/doc/ci/README.md
@@ -111,7 +111,8 @@ Here is an collection of tutorials and guides on setting up your CI pipeline.
   - [Phoenix](examples/test-phoenix-application.md)
   - [Run PHP Composer & NPM scripts then deploy them to a staging server](examples/deployment/composer-npm-deploy.md)
   - [Analyze code quality with the Code Climate CLI](examples/code_climate.md)
-- **Blog posts**
+- **Articles**
+  - [How to deploy Maven projects to Artifactory with GitLab CI/CD](../articles/artifactory_and_gitlab/index.md)
   - [Automated Debian packaging](https://about.gitlab.com/2016/10/12/automated-debian-package-build-with-gitlab-ci/)
   - [Spring boot application with GitLab CI and Kubernetes](https://about.gitlab.com/2016/12/14/continuous-delivery-of-a-spring-boot-application-with-gitlab-ci-and-kubernetes/)
   - [Setting up GitLab CI for iOS projects](https://about.gitlab.com/2016/03/10/setting-up-gitlab-ci-for-ios-projects/)
diff --git a/doc/ci/autodeploy/img/auto_monitoring.png b/doc/ci/autodeploy/img/auto_monitoring.png
new file mode 100644
index 00000000000..5661b50841b
--- /dev/null
+++ b/doc/ci/autodeploy/img/auto_monitoring.png
diff --git a/doc/ci/autodeploy/index.md b/doc/ci/autodeploy/index.md
index 9fa2b2c4969..a714689ebd5 100644
--- a/doc/ci/autodeploy/index.md
+++ b/doc/ci/autodeploy/index.md
@@ -69,3 +69,28 @@ PostgreSQL provisioning can be disabled by setting the variable `DISABLE_POSTGRE
 [review-app]: ../review_apps/index.md
 [container-registry]: https://docs.gitlab.com/ce/user/project/container_registry.html
 [postgresql]: https://www.postgresql.org/
+
+## Auto Monitoring
+
+> Introduced in [GitLab 9.5](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13438).
+
+Apps auto-deployed using one the [Kubernetes templates](#supported-templates) can also be automatically monitored for:
+
+* Response Metrics: latency, throughput, error rate
+* System Metrics: CPU utilization, memory utilization
+
+Metrics are gathered from [nginx-ingress](../../user/project/integrations/prometheus_library/nginx_ingress.md) and [Kubernetes](../../user/project/integrations/prometheus_library/kubernetes.md).
+
+To view the metrics, open the [Monitoring dashboard for a deployed environment](../environments.md#monitoring-environments).
+
+![Auto Metrics](img/auto_monitoring.png)
+
+### Configuring Auto Monitoring
+
+If GitLab has been deployed using the [omnibus-gitlab](../../install/kubernetes/gitlab_omnibus.md) Helm chart, no configuration is required.
+
+If you have installed GitLab using a different method:
+
+1. [Deploy Prometheus](../../user/project/integrations/prometheus.md#configuring-your-own-prometheus-server-within-kubernetes) into your Kubernetes cluster
+1. If you would like response metrics, ensure you are running at least version 0.9.0 of NGINX Ingress and [enable Prometheus metrics](https://github.com/kubernetes/ingress/blob/master/examples/customization/custom-vts-metrics/nginx/nginx-vts-metrics-conf.yaml).
+1. Finally, [annotate](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) the NGINX Ingress deployment to be scraped by Prometheus using `prometheus.io/scrape: "true"` and `prometheus.io/port: "10254"`.
diff --git a/doc/ci/environments.md b/doc/ci/environments.md
index 6a7f694d705..28b27921f8b 100644
--- a/doc/ci/environments.md
+++ b/doc/ci/environments.md
@@ -607,10 +607,9 @@ exist, you should see something like:
 - With GitLab 9.2, all deployments to an environment are shown directly on the
   monitoring dashboard
 
-If you have enabled Prometheus for collecting metrics, you can monitor the performance behavior of your app
-through the environments.
+If you have enabled [Prometheus for monitoring system and response metrics](https://docs.gitlab.com/ee/user/project/integrations/prometheus.html), you can monitor the performance behavior of your app running in each environment.
 
-Once configured, GitLab will attempt to retrieve performance metrics for any
+Once configured, GitLab will attempt to retrieve [supported performance metrics](https://docs.gitlab.com/ee/user/project/integrations/prometheus_library/metrics.html) for any
 environment which has had a successful deployment. If monitoring data was
 successfully retrieved, a Monitoring button will appear on the environment's
 detail page.
diff --git a/doc/development/changelog.md b/doc/development/changelog.md
index ce39a379a0e..f869938fe11 100644
--- a/doc/development/changelog.md
+++ b/doc/development/changelog.md
@@ -15,11 +15,14 @@ following format:
 title: "Going through change[log]s"
 merge_request: 1972
 author: Ozzy Osbourne
+type: added
 ```
 
 The `merge_request` value is a reference to a merge request that adds this
 entry, and the `author` key is used to give attribution to community
 contributors. **Both are optional**.
+The `type` field maps the category of the change,
+valid options are: added, fixed, changed, deprecated, removed, security, other. **Type field is mandatory**.
 
 Community contributors and core team members are encouraged to add their name to
 the `author` field. GitLab team members **should not**.
@@ -94,6 +97,19 @@ Its simplest usage is to provide the value for `title`:
 $ bin/changelog 'Hey DZ, I added a feature to GitLab!'
 ```
 
+At this point the script would ask you to select the category of the change (mapped to the `type` field in the entry):
+
+```text
+>> Please specify the category of your change:
+1. New feature
+2. Bug fix
+3. Feature change
+4. New deprecation
+5. Feature removal
+6. Security fix
+7. Other
+```
+
 The entry filename is based on the name of the current Git branch. If you run
 the command above on a branch called `feature/hey-dz`, it will generate a
 `changelogs/unreleased/feature-hey-dz.yml` file.
@@ -106,26 +122,29 @@ create changelogs/unreleased/my-feature.yml
 title: Hey DZ, I added a feature to GitLab!
 merge_request:
 author:
+type:
 ```
 If you're working on the GitLab EE repository, the entry will be added to
 `changelogs/unreleased-ee/` instead.
 
 #### Arguments
 
-| Argument            | Shorthand | Purpose                                       |
-| -----------------   | --------- | --------------------------------------------- |
-| [`--amend`]         |           | Amend the previous commit                     |
-| [`--force`]         | `-f`      | Overwrite an existing entry                   |
-| [`--merge-request`] | `-m`      | Set merge request ID                          |
-| [`--dry-run`]       | `-n`      | Don't actually write anything, just print     |
-| [`--git-username`]  | `-u`      | Use Git user.name configuration as the author |
-| [`--help`]          | `-h`      | Print help message                            |
+| Argument            | Shorthand | Purpose                                                                                                    |
+| -----------------   | --------- | ---------------------------------------------------------------------------------------------------------- |
+| [`--amend`]         |           | Amend the previous commit                                                                                  |
+| [`--force`]         | `-f`      | Overwrite an existing entry                                                                                |
+| [`--merge-request`] | `-m`      | Set merge request ID                                                                                       |
+| [`--dry-run`]       | `-n`      | Don't actually write anything, just print                                                                  |
+| [`--git-username`]  | `-u`      | Use Git user.name configuration as the author                                                              |
+| [`--type`]          | `-t`      | The category of the change, valid options are: added, fixed, changed, deprecated, removed, security, other |
+| [`--help`]          | `-h`      | Print help message                                                                                         |
 
 [`--amend`]: #-amend
 [`--force`]: #-force-or-f
 [`--merge-request`]: #-merge-request-or-m
 [`--dry-run`]: #-dry-run-or-n
 [`--git-username`]: #-git-username-or-u
+[`--type`]: #-type-or-t
 [`--help`]: #-help
 
 ##### `--amend`
@@ -147,6 +166,7 @@ create changelogs/unreleased/feature-hey-dz.yml
 title: Added an awesome new feature to GitLab
 merge_request:
 author:
+type:
 ```
 
 ##### `--force` or `-f`
@@ -164,6 +184,7 @@ create changelogs/unreleased/feature-hey-dz.yml
 title: Hey DZ, I added a feature to GitLab!
 merge_request: 1983
 author:
+type:
 ```
 
 ##### `--merge-request` or `-m`
@@ -178,6 +199,7 @@ create changelogs/unreleased/feature-hey-dz.yml
 title: Hey DZ, I added a feature to GitLab!
 merge_request: 1983
 author:
+type:
 ```
 
 ##### `--dry-run` or `-n`
@@ -192,6 +214,7 @@ create changelogs/unreleased/feature-hey-dz.yml
 title: Added an awesome new feature to GitLab
 merge_request:
 author:
+type:
 
 $ ls changelogs/unreleased/
 ```
@@ -211,6 +234,21 @@ create changelogs/unreleased/feature-hey-dz.yml
 title: Hey DZ, I added a feature to GitLab!
 merge_request:
 author: Jane Doe
+type:
+```
+
+##### `--type` or `-t`
+
+Use the **`--type`** or **`-t`** argument to provide the `type` value:
+
+```text
+$ bin/changelog 'Hey DZ, I added a feature to GitLab!' -t added
+create changelogs/unreleased/feature-hey-dz.yml
+---
+title: Hey DZ, I added a feature to GitLab!
+merge_request:
+author:
+type: added
 ```
 
 ### History and Reasoning
diff --git a/doc/development/fe_guide/style_guide_js.md b/doc/development/fe_guide/style_guide_js.md
index 6ade3231fac..9c72fda0229 100644
--- a/doc/development/fe_guide/style_guide_js.md
+++ b/doc/development/fe_guide/style_guide_js.md
@@ -511,7 +511,24 @@ A forEach will cause side effects, it will be mutating the array being iterated.
 
     $('span').tooltip('fixTitle');
   ```
+### The Javascript/Vue Accord
+The goal of this accord is to make sure we are all on the same page. 
 
+1. When writing Vue, you may not use jQuery in your application. 
+1.1 If you need to grab data from the DOM, you may query the DOM 1 time while bootstrapping your application to grab data attributes using `dataset`. You can do this without jQuery.
+1.2 You may use a jQuery dependency in Vue.js following [this example from the docs](https://vuejs.org/v2/examples/select2.html). 
+1.3 If an outside jQuery Event needs to be listen to inside the Vue application, you may use jQuery event listeners.
+1.4 We will avoid adding new jQuery events when they are not required. Instead of adding new jQuery events take a look at [different methods to do the same task](https://vuejs.org/v2/api/#vm-emit).
+
+1. You may query the `window` object 1 time, while bootstrapping your application for application specific data (e.g. `scrollTo` is ok to access anytime). Do this access during the bootstrapping of your application.
+
+1. You may have a temporary but immediate need to create technical debt by writing code that does not follow our standards, to be refactored later. Maintainers need to be ok with the tech debt in the first place. An issue should be created for that tech debt to evaluate it further and discuss. In the coming months you should fix that tech debt, with it's priority to be determined by maintainers.
+
+1. When creating tech debt you must write the tests for that code before hand and those tests may not be rewritten. e.g. jQuery tests rewritten to Vue tests.
+
+1. You may choose to use VueX as a centralized state management. If you choose not to use VueX, you must use the *store pattern* which can be found in the [Vue.js documentation](https://vuejs.org/v2/guide/state-management.html#Simple-State-Management-from-Scratch).
+
+1. Once you have chosen a centralized state management solution you must use it for your entire application. i.e. Don't mix and match your state management solutions.
 
 ## SCSS
 - [SCSS](style_guide_scss.md)
diff --git a/doc/development/testing.md b/doc/development/testing.md
index 3d5aa3d45e9..efd56484b12 100644
--- a/doc/development/testing.md
+++ b/doc/development/testing.md
@@ -157,8 +157,9 @@ trade-off:
 
 - Unit tests are usually cheap, and you should consider them like the basement
   of your house: you need them to be confident that your code is behaving
-  correctly. However if you run only unit tests without integration / system tests, you might [miss] the [big] [picture]!
-- Integration tests are a bit more expensive, but don't abuse them. A feature test
+  correctly. However if you run only unit tests without integration / system
+  tests, you might [miss] the [big] [picture]!
+- Integration tests are a bit more expensive, but don't abuse them. A system test
   is often better than an integration test that is stubbing a lot of internals.
 - System tests are expensive (compared to unit tests), even more if they require
   a JavaScript driver. Make sure to follow the guidelines in the [Speed](#test-speed)
@@ -188,24 +189,34 @@ Please consult the [dedicated "Frontend testing" guide](./fe_guide/testing.md).
 ### General Guidelines
 
 - Use a single, top-level `describe ClassName` block.
-- Use `described_class` instead of repeating the class name being described
-  (_this is enforced by RuboCop_).
 - Use `.method` to describe class methods and `#method` to describe instance
   methods.
 - Use `context` to test branching logic.
-- Use multi-line `do...end` blocks for `before` and `after`, even when it would
-  fit on a single line.
 - Don't assert against the absolute value of a sequence-generated attribute (see [Gotchas](gotchas.md#dont-assert-against-the-absolute-value-of-a-sequence-generated-attribute)).
-- Don't supply the `:each` argument to hooks since it's the default.
-- Prefer `not_to` to `to_not` (_this is enforced by RuboCop_).
 - Try to match the ordering of tests to the ordering within the class.
 - Try to follow the [Four-Phase Test][four-phase-test] pattern, using newlines
   to separate phases.
-- Try to use `Gitlab.config.gitlab.host` rather than hard coding `'localhost'`
+- Use `Gitlab.config.gitlab.host` rather than hard coding `'localhost'`
+- Don't assert against the absolute value of a sequence-generated attribute (see
+  [Gotchas](gotchas.md#dont-assert-against-the-absolute-value-of-a-sequence-generated-attribute)).
+- Don't supply the `:each` argument to hooks since it's the default.
 - On `before` and `after` hooks, prefer it scoped to `:context` over `:all`
 
 [four-phase-test]: https://robots.thoughtbot.com/four-phase-test
 
+### Automatic retries and flaky tests detection
+
+On our CI, we use [rspec-retry] to automatically retry a failing example a few
+times (see [`spec/spec_helper.rb`] for the precise retries count).
+
+We also use a home-made `RspecFlaky::Listener` listener which records flaky
+examples in a JSON report file on `master` (`retrieve-tests-metadata` and `update-tests-metadata` jobs), and warns when a new flaky example
+is detected in any other branch (`flaky-examples-check` job). In the future, the
+`flaky-examples-check` job will not be allowed to fail.
+
+[rspec-retry]: https://github.com/NoRedInk/rspec-retry
+[`spec/spec_helper.rb`]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/spec/spec_helper.rb
+
 ### `let` variables
 
 GitLab's RSpec suite has made extensive use of `let` variables to reduce
@@ -268,6 +279,43 @@ end
 - Avoid scenario titles that add no information, such as "successfully".
 - Avoid scenario titles that repeat the feature title.
 
+### Table-based / Parameterized tests
+
+This style of testing is used to exercise one piece of code with a comprehensive
+range of inputs. By specifying the test case once, alongside a table of inputs
+and the expected output for each, your tests can be made easier to read and more
+compact.
+
+We use the [rspec-parameterized](https://github.com/tomykaira/rspec-parameterized)
+gem. A short example, using the table syntax and checking Ruby equality for a
+range of inputs, might look like this:
+
+```ruby
+describe "#==" do
+  using Rspec::Parameterized::TableSyntax
+
+  let(:project1) { create(:project) }
+  let(:project2) { create(:project) }
+  where(:a, :b, :result) do
+    1         | 1        | true
+    1         | 2        | false
+    true      | true     | true
+    true      | false    | false
+    project1  | project1 | true
+    project2  | project2 | true
+    project 1 | project2 | false
+  end
+
+  with_them do
+    it { expect(a == b).to eq(result) }
+
+    it 'is isomorphic' do
+      expect(b == a).to eq(result)
+    end
+  end
+end
+```
+
 ### Matchers
 
 Custom matchers should be created to clarify the intent and/or hide the
@@ -276,6 +324,15 @@ complexity of RSpec expectations.They should be placed under
 a certain type of specs only (e.g. features, requests etc.) but shouldn't be if
 they apply to multiple type of specs.
 
+#### have_gitlab_http_status
+
+Prefer `have_gitlab_http_status` over `have_http_status` because the former
+could also show the response body whenever the status mismatched. This would
+be very useful whenever some tests start breaking and we would love to know
+why without editing the source and rerun the tests.
+
+This is especially useful whenever it's showing 500 internal server error.
+
 ### Shared contexts
 
 All shared contexts should be be placed under `spec/support/shared_contexts/`.
diff --git a/doc/install/installation.md b/doc/install/installation.md
index 22aedb5403e..b14cb2d44c4 100644
--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -66,6 +66,9 @@ Install the required packages (needed to compile Ruby and native extensions to R
 
     sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libre2-dev libreadline-dev libncurses5-dev libffi-dev curl openssh-server checkinstall libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev logrotate python-docutils pkg-config cmake
 
+Ubuntu 14.04 (Trusty Tahr) doesn't have the `libre2-dev` package available, but
+you can [install re2 manually](https://github.com/google/re2/wiki/Install).
+
 If you want to use Kerberos for user authentication, then install libkrb5-dev:
 
     sudo apt-get install libkrb5-dev
@@ -296,9 +299,9 @@ sudo usermod -aG redis git
 ### Clone the Source
 
     # Clone GitLab repository
-    sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 9-4-stable gitlab
+    sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 9-5-stable gitlab
 
-**Note:** You can change `9-4-stable` to `master` if you want the *bleeding edge* version, but never install master on a production server!
+**Note:** You can change `9-5-stable` to `master` if you want the *bleeding edge* version, but never install master on a production server!
 
 ### Configure It
 
@@ -507,15 +510,17 @@ Check if GitLab and its environment are configured correctly:
 
     sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
 
+
+### Compile GetText PO files
+
+    sudo -u git -H bundle exec rake gettext:pack RAILS_ENV=production
+    sudo -u git -H bundle exec rake gettext:po_to_json RAILS_ENV=production
+
 ### Compile Assets
 
     sudo -u git -H yarn install --production --pure-lockfile
     sudo -u git -H bundle exec rake gitlab:assets:compile RAILS_ENV=production NODE_ENV=production
 
-### Compile GetText PO files
-
-    sudo -u git -H bundle exec rake gettext:compile RAILS_ENV=production
-
 ### Start Your GitLab Instance
 
     sudo service gitlab start
diff --git a/doc/install/kubernetes/gitlab_chart.md b/doc/install/kubernetes/gitlab_chart.md
index d2442a4fbde..0fad181f59e 100644
--- a/doc/install/kubernetes/gitlab_chart.md
+++ b/doc/install/kubernetes/gitlab_chart.md
@@ -1,7 +1,7 @@
 # GitLab Helm Chart
-> Officially supported cloud providers are Google Container Service and Azure Container Service.
+> These Helm charts are in beta. GitLab is working on a [cloud-native](http://docs.gitlab.com/omnibus/package-information/cloud_native.html) set of [Charts](https://gitlab.com/charts/helm.gitlab.io) which will replace these.
 
-> Officially supported schedulers are Kubernetes and Terraform.
+> Officially supported cloud providers are Google Container Service and Azure Container Service.
 
 The `gitlab` Helm chart deploys GitLab into your Kubernetes cluster.
 
@@ -207,7 +207,7 @@ its class in an annotation.
 >**Note:**
 The Ingress alone doesn't expose GitLab externally. You need to have a Ingress controller setup to do that.
 Setting up an Ingress controller can be done by installing the `nginx-ingress` helm chart. But be sure
-to read the [documentation](https://github.com/kubernetes/charts/blob/master/stable/nginx-ingress/README.md). 
+to read the [documentation](https://github.com/kubernetes/charts/blob/master/stable/nginx-ingress/README.md).
 >**Note:**
 If you would like to use the Registry, you will also need to ensure your Ingress supports a [sufficiently large request size](http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size).
 
diff --git a/doc/install/kubernetes/gitlab_omnibus.md b/doc/install/kubernetes/gitlab_omnibus.md
new file mode 100644
index 00000000000..bd3a85272d0
--- /dev/null
+++ b/doc/install/kubernetes/gitlab_omnibus.md
@@ -0,0 +1,171 @@
+# GitLab-Omnibus Helm Chart
+> These Helm charts are in beta. GitLab is working on a [cloud-native](http://docs.gitlab.com/omnibus/package-information/cloud_native.html) set of [Charts](https://gitlab.com/charts/helm.gitlab.io) which will replace these.
+
+> Officially supported cloud providers are Google Container Service and Azure Container Service.
+
+This work is based partially on: https://github.com/lwolf/kubernetes-gitlab/. GitLab would like to thank Sergey Nuzhdin for his work.
+
+## Introduction
+
+This chart provides an easy way to get started with GitLab, provisioning an installation with nearly all functionality enabled. SSL is automatically provisioned as well via [Let's Encrypt](https://letsencrypt.org/).
+
+The deployment includes:
+
+- A [GitLab Omnibus](https://docs.gitlab.com/omnibus/) Pod, including Mattermost, Container Registry, and Prometheus
+- An auto-scaling [GitLab Runner](https://docs.gitlab.com/runner/) using the Kubernetes executor
+- [Redis](https://github.com/kubernetes/charts/tree/master/stable/redis)
+- [PostgreSQL](https://github.com/kubernetes/charts/tree/master/stable/postgresql)
+- [NGINX Ingress](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress)
+- Persistent Volume Claims for Data, Registry, Postgres, and Redis
+
+A video demonstration of GitLab utilizing this chart [is available](https://about.gitlab.com/handbook/sales/demo/).
+
+Terms:
+
+-  Google Cloud Platform (**GCP**)
+-  Google Container Engine (**GKE**)
+-  Azure Container Service (**ACS**)
+-  Kubernetes (**k8s**)
+
+## Prerequisites
+
+- _At least_ 4 GB of RAM available on your cluster, in chunks of 1 GB. 41GB of storage and 2 CPU are also required.
+- Kubernetes 1.4+ with Beta APIs enabled
+- [Persistent Volume](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) provisioner support in the underlying infrastructure
+- An [external IP address](#networking-prerequisites)
+- A [wildcard DNS entry](#networking-prerequisites), which resolves to the external IP address
+- The `kubectl` CLI installed locally and authenticated for the cluster
+- The Helm Client installed locally
+- The Helm Server (Tiller) already installed and running in the cluster, by running `helm init`
+- The GitLab Helm Repo [added to your Helm Client](index.md#add-the-gitlab-helm-repository)
+
+### Networking Prerequisites
+
+This chart configures a GitLab server and Kubernetes cluster which can support dynamic [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/index.html), as well as services like the integrated [Container Registry](https://docs.gitlab.com/ee/user/project/container_registry.html) and [Mattermost](https://docs.gitlab.com/omnibus/gitlab-mattermost/).
+
+To support the GitLab services and dynamic environments, a wildcard DNS entry is required which resolves to the external Load Balancer IP.
+
+To provision an external IP on GCP and Azure, simply request a new address from the Networking section. Ensure that the region matches the region your container cluster is created in. Note, it is important that the IP is not assigned at this point in time. It will be automatically assigned once the Helm chart is installed, and assigned to the Load Balancer.
+
+Now that an external IP address has been allocated, ensure that the wildcard DNS entry you would like to use resolves to this IP. Please consult the documentation for your DNS service for more information on creating DNS records.
+
+## Configuring and Installing GitLab
+
+For most installations, only two parameters are required:
+- `baseIP`: the desired [external IP address](#networking-prerequisites)
+- `baseDomain`: the [base domain](#networking-prerequisites) with the wildcard host entry resolving to the `baseIP`. For example, `mycompany.io`.
+
+Other common configuration options:
+- `gitlab`: Choose the [desired edition](https://about.gitlab.com/products), either `ee` or `ce`. `ce` is the default.
+- `gitlabEELicense`: For Enterprise Edition, the [license](https://docs.gitlab.com/ee/user/admin_area/license.html) can be installed directly via the Chart
+- `provider`: Optimizes the deployment for a cloud provider. The default is `gke` for GCP, with `acs` also supported for Azure.
+- `legoEmail`: Email address to use when requesting new SSL certificates from Let's Encrypt
+
+For additional configuration options, consult the [values.yaml](https://gitlab.com/charts/charts.gitlab.io/blob/master/charts/gitlab-omnibus/values.yaml).
+
+These settings can either be passed directly on the command line:
+```bash
+helm install --name gitlab --set baseDomain=gitlab.io,baseIP=1.1.1.1,gitlab=ee,gitlabEELicense=$LICENSE,legoEmail=email@gitlab.com gitlab/gitlab-omnibus
+```
+
+or within a YAML file:
+```bash
+helm install --name gitlab -f values.yaml gitlab/gitlab-omnibus
+```
+
+> **Note:**
+If you are using a machine type with support for less than 4 attached disks, like an Azure trial, you should disable dedicated storage for [Postgres and Redis](#persistent-storage).
+
+### Choosing a different GitLab release version
+
+The version of GitLab installed is based on the `gitlab` setting (see [section](#choosing-gitlab-edition) above), and
+the value of the corresponding helm setting: `gitlabCEImage` or `gitabEEImage`.
+
+```yaml
+gitlab: CE
+gitlabCEImage: gitlab/gitlab-ce:9.1.2-ce.0
+gitlabEEImage: gitlab/gitlab-ee:9.1.2-ee.0
+```
+
+The different images can be found in the [gitlab-ce](https://hub.docker.com/r/gitlab/gitlab-ce/tags/) and [gitlab-ee](https://hub.docker.com/r/gitlab/gitlab-ee/tags/)
+repositories on Docker Hub.
+
+> **Note:**
+There is no guarantee that other release versions of GitLab, other than what are
+used by default in the chart, will be supported by a chart install.
+
+### Persistent storage
+
+By default, persistent storage is enabled for GitLab and the charts it depends
+on (Redis and PostgreSQL).
+
+Components can have their claim size set from your `values.yaml`, along with whether to provision separate storage for Postgres and Redis.
+
+Basic configuration:
+
+```yaml
+redisImage: redis:3.2.10
+redisDedicatedStorage: true
+redisStorageSize: 5Gi
+postgresImage: postgres:9.6.3
+# If you disable postgresDedicatedStorage, you should consider bumping up gitlabRailsStorageSize
+postgresDedicatedStorage: true
+postgresStorageSize: 30Gi
+gitlabRailsStorageSize: 30Gi
+gitlabRegistryStorageSize: 30Gi
+gitlabConfigStorageSize: 1Gi
+```
+
+### Routing and SSL
+
+Ingress routing and SSL are automatically configured within this Chart. An NGINX ingress is provisioned and configured, and will route traffic to any service. SSL certificates are automatically created and configured by [kube-lego](https://github.com/kubernetes/charts/tree/master/stable/kube-lego).
+
+> **Note:**
+Let's Encrypt limits a single TLD to five certificate requests within a single week. This means that common DNS wildcard services like [xip.io](http://xip.io) and [nip.io](http://nip.io) are unlikely to work.
+
+## Installing GitLab using the Helm Chart
+> You may see a temporary error message `SchedulerPredicates failed due to PersistentVolumeClaim is not bound` while storage provisions. Once the storage provisions, the pods will automatically restart. This may take a couple minutes depending on your cloud provider. If the error persists, please review the [prerequisites](#prerequisites) to ensure you have enough RAM, CPU, and storage.
+
+Once you have reviewed the [configuration settings](#configuring-and-installing-gitlab) and [added the Helm repository](index.md#add-the-gitlab-helm-repository), you can install the chart. We recommending saving your configuration options in a `values.yaml` file for easier upgrades in the future.
+
+For example:
+```bash
+helm install --name gitlab -f values.yaml gitlab/gitlab-omnibus
+```
+
+or passing them on the command line:
+```bash
+helm install --name gitlab --set baseDomain=gitlab.io,baseIP=1.1.1.1,gitlab=ee,gitlabEELicense=$LICENSE,legoEmail=email@gitlab.com gitlab/gitlab-omnibus
+```
+
+## Updating GitLab using the Helm Chart
+
+Once your GitLab Chart is installed, configuration changes and chart updates
+should we done using `helm upgrade`
+
+```bash
+helm upgrade -f <CONFIG_VALUES_FILE> <RELEASE-NAME> gitlab/gitlab
+```
+
+where:
+
+- `<CONFIG_VALUES_FILE>` is the path to values file containing your custom
+  [configuration] (#configuring-and-installing-gitlab).
+- `<RELEASE-NAME>` is the name you gave the chart when installing it.
+  In the [Install section](#installing-gitlab-using-the-helm-chart) we called it `gitlab`.
+
+## Uninstalling GitLab using the Helm Chart
+
+To uninstall the GitLab Chart, run the following:
+
+```bash
+helm delete <RELEASE-NAME>
+```
+
+where:
+
+- `<RELEASE-NAME>` is the name you gave the chart when installing it.
+  In the [Install section](#installing) we called it `gitlab`.
+
+[kube-srv]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types
+[storageclass]: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#storageclasses
diff --git a/doc/install/kubernetes/gitlab_runner_chart.md b/doc/install/kubernetes/gitlab_runner_chart.md
index 515b2841d08..b0fe91d6337 100644
--- a/doc/install/kubernetes/gitlab_runner_chart.md
+++ b/doc/install/kubernetes/gitlab_runner_chart.md
@@ -1,7 +1,7 @@
 # GitLab Runner Helm Chart
-> Officially supported cloud providers are Google Container Service and Azure Container Service.
+> These Helm charts are in beta. GitLab is working on a [cloud-native](http://docs.gitlab.com/omnibus/package-information/cloud_native.html) set of [Charts](https://gitlab.com/charts/helm.gitlab.io) which will replace these.
 
-> Officially supported schedulers are Kubernetes and Terraform.
+> Officially supported cloud providers are Google Container Service and Azure Container Service.
 
 The `gitlab-runner` Helm chart deploys a GitLab Runner instance into your
 Kubernetes cluster.
diff --git a/doc/install/kubernetes/index.md b/doc/install/kubernetes/index.md
index 5ea08869a9b..3608aa6b2d6 100644
--- a/doc/install/kubernetes/index.md
+++ b/doc/install/kubernetes/index.md
@@ -1,7 +1,7 @@
 # Installing GitLab on Kubernetes
-> Officially supported cloud providers are Google Container Service and Azure Container Service.
+> These Helm charts are in beta. GitLab is working on a [cloud-native](http://docs.gitlab.com/omnibus/package-information/cloud_native.html) set of [Charts](https://gitlab.com/charts/helm.gitlab.io) which will replace these.
 
-> Officially supported schedulers are Kubernetes, Terraform and Tectonic.
+> Officially supported cloud providers are Google Container Service and Azure Container Service.
 
 The easiest method to deploy GitLab in [Kubernetes](https://kubernetes.io/) is
 to take advantage of the official GitLab Helm charts. [Helm] is a package
@@ -35,12 +35,11 @@ helm init
 
 ## Using the GitLab Helm Charts
 
-GitLab makes available two Helm Charts, one for the GitLab server and another
-for the Runner. More detailed information on installing and configuring each
-Chart can be found below:
+GitLab makes available three Helm Charts: an easy to use bundled chart, and a specific chart for GitLab itself and the Runner.
 
-- [Install GitLab](gitlab_chart.md)
-- [Install GitLab Runner](gitlab_runner_chart.md)
+- [gitlab-omnibus](gitlab_omnibus.md): The easiest way to get started. Includes everything needed to run GitLab, including: a Runner, Container Registry, automatic SSL, and an Ingress.
+- [gitlab](gitlab_chart.md): Just the GitLab service, with optional Postgres and Redis.
+- [gitlab-runner](gitlab_runner_chart.md): GitLab Runner, to process CI jobs.
 
 [chart]: https://github.com/kubernetes/charts
 [helm-quick]: https://github.com/kubernetes/helm/blob/master/docs/quickstart.md
diff --git a/doc/install/requirements.md b/doc/install/requirements.md
index 141df55f6bc..175dfc62096 100644
--- a/doc/install/requirements.md
+++ b/doc/install/requirements.md
@@ -104,6 +104,10 @@ features of GitLab work with MySQL/MariaDB:
    See [issue #30472][30472] for more information.
 1. GitLab Geo does [not support MySQL](https://docs.gitlab.com/ee/gitlab-geo/database.html#mysql-replication).
 1. [Zero downtime migrations][zero] do not work with MySQL
+1. GitLab [optimizes the loading of dashboard events](https://gitlab.com/gitlab-org/gitlab-ce/issues/31806) using [PostgreSQL LATERAL JOINs](https://blog.heapanalytics.com/postgresqls-powerful-new-join-type-lateral/).
+1. In general, SQL optimized for PostgreSQL may run much slower in MySQL due to
+   differences in query planners. For example, subqueries that work well in PostgreSQL
+   may not be [performant in MySQL](https://dev.mysql.com/doc/refman/5.7/en/optimizing-subqueries.html)
 1. We expect this list to grow over time.
 
 Existing users using GitLab with MySQL/MariaDB are advised to
diff --git a/doc/system_hooks/system_hooks.md b/doc/system_hooks/system_hooks.md
index 583ec5522fd..0399ebec86a 100644
--- a/doc/system_hooks/system_hooks.md
+++ b/doc/system_hooks/system_hooks.md
@@ -31,7 +31,7 @@ X-Gitlab-Event: System Hook
                 "path": "storecloud",
  "path_with_namespace": "jsmith/storecloud",
           "project_id": 74,
-  "project_visibility": "private",
+  "project_visibility": "private"
 }
 ```
 
@@ -48,7 +48,7 @@ X-Gitlab-Event: System Hook
                 "path": "underscore",
  "path_with_namespace": "jsmith/underscore",
           "project_id": 73,
-  "project_visibility": "internal",
+  "project_visibility": "internal"
 }
 ```
 
@@ -66,7 +66,7 @@ X-Gitlab-Event: System Hook
                "owner_name": "John Smith",
               "owner_email": "johnsmith@gmail.com",
        "project_visibility": "internal",
-  "old_path_with_namespace": "jsmith/overscore",
+  "old_path_with_namespace": "jsmith/overscore"
 }
 ```
 
@@ -84,7 +84,7 @@ X-Gitlab-Event: System Hook
                "owner_name": "John Smith",
               "owner_email": "johnsmith@gmail.com",
        "project_visibility": "internal",
-  "old_path_with_namespace": "jsmith/overscore",
+  "old_path_with_namespace": "jsmith/overscore"
 }
 ```
 
@@ -101,7 +101,7 @@ X-Gitlab-Event: System Hook
                 "path": "storecloud",
  "path_with_namespace": "jsmith/storecloud",
           "project_id": 74,
-  "project_visibility": "private",
+  "project_visibility": "private"
 }
 ```
 
@@ -121,7 +121,7 @@ X-Gitlab-Event: System Hook
                    "user_name": "John Smith",
                "user_username": "johnsmith",
                      "user_id": 41,
-          "project_visibility": "private",
+          "project_visibility": "private"
 }
 ```
 
@@ -141,7 +141,7 @@ X-Gitlab-Event: System Hook
                    "user_name": "John Smith",
                "user_username": "johnsmith",
                      "user_id": 41,
-          "project_visibility": "private",
+          "project_visibility": "private"
 }
 ```
 
diff --git a/doc/update/8.17-to-9.0.md b/doc/update/8.17-to-9.0.md
index 4d3ababaa41..2abc57da1a0 100644
--- a/doc/update/8.17-to-9.0.md
+++ b/doc/update/8.17-to-9.0.md
@@ -264,6 +264,16 @@ sudo systemctl daemon-reload
 
 ### 9. Install libs, migrations, etc.
 
+GitLab 9.0.11 [introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/24570)
+a dependency on on the `re2` regular expression library. To install this dependency:
+
+```bash
+sudo apt-get install libre2-dev
+```
+
+Ubuntu 14.04 (Trusty Tahr) doesn't have the `libre2-dev` package available, but
+you can [install re2 manually](https://github.com/google/re2/wiki/Install).
+
 ```bash
 cd /home/git/gitlab
 
diff --git a/doc/update/9.0-to-9.1.md b/doc/update/9.0-to-9.1.md
index 2b4a7bed27f..3fd1d023d2a 100644
--- a/doc/update/9.0-to-9.1.md
+++ b/doc/update/9.0-to-9.1.md
@@ -264,6 +264,16 @@ sudo systemctl daemon-reload
 
 ### 9. Install libs, migrations, etc.
 
+GitLab 9.1.8 [introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/24570)
+a dependency on on the `re2` regular expression library. To install this dependency:
+
+```bash
+sudo apt-get install libre2-dev
+```
+
+Ubuntu 14.04 (Trusty Tahr) doesn't have the `libre2-dev` package available, but
+you can [install re2 manually](https://github.com/google/re2/wiki/Install).
+
 ```bash
 cd /home/git/gitlab
 
diff --git a/doc/update/9.1-to-9.2.md b/doc/update/9.1-to-9.2.md
index f38547bba1a..5f7a616cc7d 100644
--- a/doc/update/9.1-to-9.2.md
+++ b/doc/update/9.1-to-9.2.md
@@ -100,6 +100,7 @@ cd /home/git/gitlab
 
 sudo -u git -H git fetch --all
 sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
+sudo -u git -H git checkout -- locale
 ```
 
 For GitLab Community Edition:
@@ -221,6 +222,16 @@ sudo systemctl daemon-reload
 
 ### 10. Install libs, migrations, etc.
 
+GitLab 9.2.8 [introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/24570)
+a dependency on on the `re2` regular expression library. To install this dependency:
+
+```bash
+sudo apt-get install libre2-dev
+```
+
+Ubuntu 14.04 (Trusty Tahr) doesn't have the `libre2-dev` package available, but
+you can [install re2 manually](https://github.com/google/re2/wiki/Install).
+
 ```bash
 cd /home/git/gitlab
 
@@ -236,6 +247,11 @@ sudo -u git -H bundle clean
 # Run database migrations
 sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
 
+# Compile GetText PO files
+
+sudo -u git -H bundle exec rake gettext:pack RAILS_ENV=production
+sudo -u git -H bundle exec rake gettext:po_to_json RAILS_ENV=production
+
 # Update node dependencies and recompile assets
 sudo -u git -H bundle exec rake yarn:install gitlab:assets:clean gitlab:assets:compile RAILS_ENV=production NODE_ENV=production
 
diff --git a/doc/update/9.2-to-9.3.md b/doc/update/9.2-to-9.3.md
index 373f43eb3bb..9d0b0da7edb 100644
--- a/doc/update/9.2-to-9.3.md
+++ b/doc/update/9.2-to-9.3.md
@@ -100,6 +100,7 @@ cd /home/git/gitlab
 
 sudo -u git -H git fetch --all
 sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
+sudo -u git -H git checkout -- locale
 ```
 
 For GitLab Community Edition:
@@ -257,6 +258,16 @@ sudo systemctl daemon-reload
 
 ### 12. Install libs, migrations, etc.
 
+GitLab 9.3.8 [introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/24570)
+a dependency on on the `re2` regular expression library. To install this dependency:
+
+```bash
+sudo apt-get install libre2-dev
+```
+
+Ubuntu 14.04 (Trusty Tahr) doesn't have the `libre2-dev` package available, but
+you can [install re2 manually](https://github.com/google/re2/wiki/Install).
+
 ```bash
 cd /home/git/gitlab
 
@@ -272,6 +283,10 @@ sudo -u git -H bundle clean
 # Run database migrations
 sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
 
+# Compile GetText PO files
+
+sudo -u git -H bundle exec rake gettext:compile RAILS_ENV=production
+
 # Update node dependencies and recompile assets
 sudo -u git -H bundle exec rake yarn:install gitlab:assets:clean gitlab:assets:compile RAILS_ENV=production NODE_ENV=production
 
diff --git a/doc/update/9.3-to-9.4.md b/doc/update/9.3-to-9.4.md
index b167f0737aa..9ee01bc9c51 100644
--- a/doc/update/9.3-to-9.4.md
+++ b/doc/update/9.3-to-9.4.md
@@ -100,6 +100,7 @@ cd /home/git/gitlab
 
 sudo -u git -H git fetch --all
 sudo -u git -H git checkout -- db/schema.rb # local changes will be restored automatically
+sudo -u git -H git checkout -- locale
 ```
 
 For GitLab Community Edition:
@@ -270,6 +271,16 @@ sudo systemctl daemon-reload
 
 ### 12. Install libs, migrations, etc.
 
+GitLab 9.4 [introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/24570)
+a dependency on on the `re2` regular expression library. To install this dependency:
+
+```bash
+sudo apt-get install libre2-dev
+```
+
+Ubuntu 14.04 (Trusty Tahr) doesn't have the `libre2-dev` package available, but
+you can [install re2 manually](https://github.com/google/re2/wiki/Install).
+
 ```bash
 cd /home/git/gitlab
 
@@ -285,6 +296,10 @@ sudo -u git -H bundle clean
 # Run database migrations
 sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
 
+# Compile GetText PO files
+
+sudo -u git -H bundle exec rake gettext:compile RAILS_ENV=production
+
 # Update node dependencies and recompile assets
 sudo -u git -H bundle exec rake yarn:install gitlab:assets:clean gitlab:assets:compile RAILS_ENV=production NODE_ENV=production
 
diff --git a/doc/update/9.4-to-9.5.md b/doc/update/9.4-to-9.5.md
index fc87b2d0f1e..1b5a15589af 100644
--- a/doc/update/9.4-to-9.5.md
+++ b/doc/update/9.4-to-9.5.md
@@ -295,6 +295,10 @@ sudo -u git -H bundle clean
 # Run database migrations
 sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
 
+# Compile GetText PO files
+
+sudo -u git -H bundle exec rake gettext:compile RAILS_ENV=production
+
 # Update node dependencies and recompile assets
 sudo -u git -H bundle exec rake yarn:install gitlab:assets:clean gitlab:assets:compile RAILS_ENV=production NODE_ENV=production
 
diff --git a/doc/update/patch_versions.md b/doc/update/patch_versions.md
index ac1bcb8f241..30107360446 100644
--- a/doc/update/patch_versions.md
+++ b/doc/update/patch_versions.md
@@ -35,7 +35,7 @@ current version with `cat VERSION`).
 cd /home/git/gitlab
 
 sudo -u git -H git fetch --all
-sudo -u git -H git checkout -- Gemfile.lock db/schema.rb
+sudo -u git -H git checkout -- Gemfile.lock db/schema.rb locale
 sudo -u git -H git checkout LATEST_TAG -b LATEST_TAG
 ```
 
@@ -56,6 +56,12 @@ sudo -u git -H bundle clean
 # Run database migrations
 sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
 
+# Compile GetText PO files
+# Internationalization was added in `v9.2.0` so these commands are only
+# required for versions equal or major to it.
+sudo -u git -H bundle exec rake gettext:pack RAILS_ENV=production
+sudo -u git -H bundle exec rake gettext:po_to_json RAILS_ENV=production
+
 # Clean up assets and cache
 sudo -u git -H bundle exec rake yarn:install gitlab:assets:clean gitlab:assets:compile cache:clear RAILS_ENV=production NODE_ENV=production
 ```
diff --git a/doc/user/group/index.md b/doc/user/group/index.md
index 08da721c71d..ceec8b74373 100644
--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -153,6 +153,14 @@ Find this option under your project's settings.
 
 GitLab administrators can use the admin interface to move any project to any namespace if needed.
 
+## Sharing a project with a group
+
+You can [share your projects with a group](../project/members/share_project_with_groups.md)
+and give your group members access to the project all at once.
+
+Alternatively, with [GitLab Enterprise Edition Starter](https://about.gitlab.com/gitlab-ee/),
+you can [lock the sharing with group feature](#share-with-group-lock-ees-eep).
+
 ## Manage group memberships via LDAP
 
 In GitLab Enterprise Edition it is possible to manage GitLab group memberships using LDAP groups.
@@ -189,7 +197,7 @@ Learn more about [Member Lock](https://docs.gitlab.com/ee/user/group/index.html#
 
 In [GitLab Enterprise Edition Starter](https://about.gitlab.com/gitlab-ee/)
 it is possible to prevent projects in a group from [sharing
-a project with another group](../../workflow/share_projects_with_other_groups.md).
+a project with another group](../project/members/share_project_with_groups.md).
 This allows for tighter control over project access.
 
 Learn more about [Share with group lock](https://docs.gitlab.com/ee/user/group/index.html#share-with-group-lock-ees-eep).
diff --git a/doc/user/index.md b/doc/user/index.md
index 1281cc6e4f0..d664fd62754 100644
--- a/doc/user/index.md
+++ b/doc/user/index.md
@@ -71,80 +71,44 @@ your code, use it as an issue tracker, collaborate on code, and continuously
 build, test, and deploy your app with built-in GitLab CI/CD. Or, you can do
 it all at once, from one single project.
 
-### Repository
-
-Host your codebase in [GitLab repositories](project/repository/index.md) with version control
-and as part of a fully integrated platform.
-
-### Issues
-
-Explore the best of GitLab [Issues](project/issues/index.md).
-
-### Merge Requests
-
-Collanorate on code, gather reviews, live preview changes per branch, and
-request approvals with [Merge Requests](project/merge_requests/index.md).
-
-### Milestones
-
-Work on multiple issues and merge requests towards the same target date
-with [Milestones](project/milestones/index.md).
-
-### GitLab Pages
-
-Publish your static site directly from GitLab with [GitLab Pages](project/pages/index.md). You
-can [build, test, and deploy any Static Site Generator](https://about.gitlab.com/2016/06/17/ssg-overview-gitlab-pages-part-3-examples-ci/) with Pages.
-
-### Container Registry
-
-Build and deploy Docker images with [GitLab Container Registry](project/container_registry.md).
+- [Repositories](project/repository/index.md): Host your codebase in
+repositories with version control and as part of a fully integrated platform.
+- [Issues](project/issues/index.md): Explore the best of GitLab Issues' features.
+- [Merge Requests](project/merge_requests/index.md): Collaborate on code,
+reviews, live preview changes per branch, and request approvals with Merge Requests.
+- [Milestones](project/milestones/index.md): Work on multiple issues and merge
+requests towards the same target date with Milestones.
 
 ## GitLab CI/CD
 
 Use built-in [GitLab CI/CD](../ci/README.md) to test, build, and deploy your applications
 directly from GitLab. No third-party integrations needed.
 
-### Auto Deploy
-
-Deploy your application out-of-the-box with [GitLab Auto Deploy](../ci/autodeploy/index.md).
-
-### Review Apps
-
-Live-preview the changes introduced by a merge request with [Review Apps](../ci/review_apps/index.md).
-
-## Groups
-
-With GitLab [Groups](group/index.md) you can assemble related projects together
-and grant members access to several projects at once.
-
-### Subgroups
-
-Groups can also be nested in [subgroups](group/subgroups/index.md).
+- [GitLab Auto Deploy](../ci/autodeploy/index.md): Deploy your application out-of-the-box with GitLab Auto Deploy.
+- [Review Apps](../ci/review_apps/index.md): Live-preview the changes introduced by a merge request with Review Apps.
+- [GitLab Pages](project/pages/index.md): Publish your static site directly from
+GitLab with Gitlab Pages. You can build, test, and deploy any Static Site Generator with Pages.
+- [GitLab Container Registry](project/container_registry.md): Build and deploy Docker
+images with Container Registry.
 
 ## Account
 
 There is a lot you can customize and configure
 to enjoy the best of GitLab.
 
-[Manage your user settings](profile/index.md) to change your personal info,
+- [Settings](profile/index.md): Manage your user settings to change your personal info,
 personal access tokens, authorized applications, etc.
+- [Authentication](../topics/authentication/index.md): Read through the authentication
+methods available in GitLab.
+- [Permissions](permissions.md): Learn the different set of permissions levels for each
+user type (guest, reporter, developer, master, owner).
 
-### Authentication
-
-Read through the [authentication](../topics/authentication/index.md) methods available in GitLab.
-
-### Permissions
-
-Learn the different set of [permissions](permissions.md) for user type (guest, reporter, developer, master, owner).
-
-## Integrations
-
-[Integrate GitLab](../integration/README.md) with your preferred tool,
-such as Trello, JIRA, etc.
+## Groups
 
-## Git and GitLab
+With GitLab [Groups](group/index.md) you can assemble related projects together
+and grant members access to several projects at once.
 
-Learn what is [Git](../topics/git/index.md) and its best practices.
+Groups can also be nested in [subgroups](group/subgroups/index.md).
 
 ## Discussions
 
@@ -168,6 +132,11 @@ requests you're assigned to.
 you have quick access to. You can also gather feedback on them through
 [discussions](#discussions).
 
+## Integrations
+
+[Integrate GitLab](../integration/README.md) with your preferred tool,
+such as Trello, JIRA, etc.
+
 ## Webhooks
 
 Configure [webhooks](project/integrations/webhooks.html) to listen for
@@ -178,3 +147,6 @@ POST request with data to the webhook URL.
 
 Automate GitLab via [API](../api/README.html).
 
+## Git and GitLab
+
+Learn what is [Git](../topics/git/index.md) and its best practices.
diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 3d47e644ad2..dcf210e1085 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -5,17 +5,17 @@ particular group or project. If a user is both in a group's project and the
 project itself, the highest permission level is used.
 
 On public and internal projects the Guest role is not enforced. All users will
-be able to create issues, leave comments, and pull or download the project code.
+be able to create issues, leave comments, and clone or download the project code.
 
-When a member leaves the team the all assigned Issues and Merge Requests
+When a member leaves the team all the assigned [Issues](project/issues/index.md) and [Merge Requests](project/merge_requests/index.md)
 will be unassigned automatically.
 
-GitLab administrators receive all permissions.
+GitLab [administrators](../README.md#administrator-documentation) receive all permissions.
 
-To add or import a user, you can follow the [project users and members
-documentation](../workflow/add-user/add-user.md).
+To add or import a user, you can follow the
+[project members documentation](../user/project/members/index.md).
 
-## Project
+## Project members permissions
 
 The following table depicts the various user permission levels in a project.
 
@@ -75,7 +75,58 @@ The following table depicts the various user permission levels in a project.
 | Remove protected branches [^3]        |         |            |             |          |        |
 | Remove pages                          |         |            |             |          | ✓      |
 
-## Group
+## Project features permissions
+
+### Wiki and issues
+
+Project features like wiki and issues can be hidden from users depending on
+which visibility level you select on project settings.
+
+- Disabled: disabled for everyone
+- Only team members: only team members will see even if your project is public or internal
+- Everyone with access: everyone can see depending on your project visibility level
+
+### Protected branches
+
+To prevent people from messing with history or pushing code without
+review, we've created protected branches. Read through the documentation on
+[protected branches](project/protected_branches.md)
+to learn more.
+
+Additionally, you can allow or forbid users with Master and/or
+Developer permissions to push to a protected branch. Read through the documentation on
+[Allowed to Merge and Allowed to Push settings](project/protected_branches.md#using-the-allowed-to-merge-and-allowed-to-push-settings)
+to learn more.
+
+### Cycle Analytics permissions
+
+Find the current permissions on the Cycle Analytics dashboard on
+the [documentation on Cycle Analytics permissions](project/cycle_analytics.md#permissions).
+
+### Issue Board permissions
+
+Developers and users with higher permission level can use all
+the functionality of the Issue Board, that is create/delete lists
+and drag issues around. Read though the
+[documentation on Issue Boards permissions](project/issue_board.md#permissions)
+to learn more.
+
+### File Locking permissions (EEP)
+
+The user that locks a file or directory is the only one that can edit and push their changes back to the repository where the locked objects are located.
+
+Read through the documentation on [permissions for File Locking](https://docs.gitlab.com/ee/user/project/file_lock.html#permissions-on-file-locking) to learn more.
+
+File Locking is available in
+[GitLab Enterprise Edition Premium](https://about.gitlab.com/gitlab-ee/) only.
+
+### Confidential Issues permissions
+
+Confidential issues can be accessed by reporters and higher permission levels,
+as well as by guest users that create a confidential issue. To learn more,
+read through the documentation on [permissions and access to confidential issues](project/issues/confidential_issues.md#permissions-and-access-to-confidential-issues).
+
+## Group members permissions
 
 Any user can remove themselves from a group, unless they are the last Owner of
 the group. The following table depicts the various user permission levels in a
@@ -91,7 +142,16 @@ group.
 | Remove group            |       |          |           |        | ✓     |
 | Manage group labels     |       | ✓        | ✓         | ✓      | ✓     |
 
-## External Users
+### Subgroup permissions
+
+When you add a member to a subgroup, they inherit the membership and
+permission level from the parent group. This model allows access to
+nested groups if you have membership in one of its parents.
+
+To learn more, read through the documentation on
+[subgroups memberships](group/subgroups/index.md#membership).
+
+## External users permissions
 
 In cases where it is desired that a user has access only to some internal or
 private projects, there is the option of creating **External Users**. This
@@ -115,18 +175,9 @@ will find the option to flag the user as external.
 By default new users are not set as external users. This behavior can be changed
 by an administrator under **Admin > Application Settings**.
 
-## Project features
-
-Project features like wiki and issues can be hidden from users depending on
-which visibility level you select on project settings.
-
-- Disabled: disabled for everyone
-- Only team members: only team members will see even if your project is public or internal
-- Everyone with access: everyone can see depending on your project visibility level
-
-## GitLab CI
+## GitLab CI/CD permissions
 
-GitLab CI permissions rely on the role the user has in GitLab. There are four
+GitLab CI/CD permissions rely on the role the user has in GitLab. There are four
 permission levels in total:
 
 - admin
@@ -134,7 +185,7 @@ permission levels in total:
 - developer
 - guest/reporter
 
-The admin user can perform any action on GitLab CI in scope of the GitLab
+The admin user can perform any action on GitLab CI/CD in scope of the GitLab
 instance and project. In addition, all admins can use the admin interface under
 `/admin/runners`.
 
@@ -150,7 +201,7 @@ instance and project. In addition, all admins can use the admin interface under
 | See events in the system              |                 |             |          | ✓      |
 | Admin interface                       |                 |             |          | ✓      |
 
-### Jobs permissions
+### Job permissions
 
 >**Note:**
 GitLab 8.12 has a completely redesigned job permissions system.
@@ -174,6 +225,26 @@ users:
 | Push container images to current project    |                 | ✓           | ✓        | ✓      |
 | Push container images to other projects     |                 |             |          |        |
 
+### New CI job permissions model
+
+GitLab 8.12 has a completely redesigned job permissions system. To learn more,
+read through the documentation on the [new CI/CD permissions model](project/new_ci_build_permissions_model.md#new-ci-job-permissions-model).
+
+## LDAP users permissions
+
+Since GitLab 8.15, LDAP user permissions can now be manually overridden by an admin user.
+Read through the documentation on [LDAP users permissions](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/index.html#updating-user-permissions-new-feature) to learn more.
+
+## Auditor users permissions (EEP)
+
+An Auditor user should be able to access all projects and groups of a GitLab instance
+with the permissions described on the documentation on [auditor users permissions](https://docs.gitlab.com/ee/administration/auditor_users.html#permissions-and-restrictions-of-an-auditor-user).
+
+Auditor users are available in [GitLab Enterprise Edition Premium](https://about.gitlab.com/gitlab-ee/)
+only.
+
+----
+
 [^1]: Guest users can only view the confidential issues they created themselves
 [^2]: If **Public pipelines** is enabled in **Project Settings > Pipelines**
 [^3]: Not allowed for Guest, Reporter, Developer, Master, or Owner
diff --git a/doc/user/project/index.md b/doc/user/project/index.md
index 91a19600951..0dd0faf35e9 100644
--- a/doc/user/project/index.md
+++ b/doc/user/project/index.md
@@ -98,7 +98,11 @@ from your fork to the upstream project
 - [Export a project from GitLab](settings/import_export.md#exporting-a-project-and-its-data)
 - [Importing and exporting projects between GitLab instances](settings/import_export.md)
 
-## Leave a project
+## Project's members
+
+Learn how to [add members to your projects](members/index.md).
+
+### Leave a project
 
 **Leave project** will only display on the project's dashboard
 when a project is part of a group (under a
diff --git a/doc/user/project/integrations/img/jira_service_page.png b/doc/user/project/integrations/img/jira_service_page.png
index e69376f74c4..63aa0e99a50 100644
--- a/doc/user/project/integrations/img/jira_service_page.png
+++ b/doc/user/project/integrations/img/jira_service_page.png
diff --git a/doc/user/project/integrations/jira.md b/doc/user/project/integrations/jira.md
index 4f583879a4e..93aec56f8dc 100644
--- a/doc/user/project/integrations/jira.md
+++ b/doc/user/project/integrations/jira.md
@@ -10,7 +10,12 @@ JIRA](https://www.programmableweb.com/news/how-and-why-to-integrate-gitlab-jira/
 
 ## Configuration
 
-Each GitLab project can be configured to connect to a different JIRA instance.
+Each GitLab project can be configured to connect to a different JIRA instance. That
+means one GitLab project maps to _all_ JIRA projects in that JIRA instance once
+the configuration is set up. Therefore, you don't have to explicitly associate 
+one GitLab project to any JIRA project. Once the configuration is set up, any JIRA
+projects in the JIRA instance are already mapped to the GitLab project.
+
 If you have one JIRA instance you can pre-fill the settings page with a default
 template, see the [Services Templates][services-templates] docs.
 
@@ -103,7 +108,6 @@ in the table below.
 | ----- | ----------- |
 | `Web URL` | The base URL to the JIRA instance web interface which is being linked to this GitLab project. E.g., `https://jira.example.com`. |
 | `JIRA API URL` | The base URL to the JIRA instance API. Web URL value will be used if not set. E.g., `https://jira-api.example.com`. |
-| `Project key` | Put a JIRA project key (in uppercase), e.g. `MARS` in this field. This is only for testing the configuration settings. JIRA integration in GitLab works with _all_ JIRA projects in your JIRA instance. This field will be removed in a future release. |
 | `Username` | The user name created in [configuring JIRA step](#configuring-jira). |
 | `Password` |The password of the user created in [configuring JIRA step](#configuring-jira). |
 | `Transition ID` | This is the ID of a transition that moves issues to a closed state. You can find this number under JIRA workflow administration ([see screenshot](img/jira_workflow_screenshot.png)). **Closing JIRA issues via commits or Merge Requests won't work if you don't set the ID correctly.** |
diff --git a/doc/user/project/integrations/prometheus.md b/doc/user/project/integrations/prometheus.md
index 6f15765751c..5fefb3b69c4 100644
--- a/doc/user/project/integrations/prometheus.md
+++ b/doc/user/project/integrations/prometheus.md
@@ -40,7 +40,7 @@ Installing and configuring Prometheus to monitor applications is fairly straight
 ### Configuring Omnibus GitLab Prometheus to monitor Kubernetes deployments
 
 With Omnibus GitLab running inside of Kubernetes, you can leverage the bundled
-version of Prometheus to collect the supported metrics. Once enabled, Prometheus will automatically begin monitoring Kubernetes Nodes and any [annotated Pods](https://prometheus.io/docs/operating/configuration/#<kubernetes_sd_config>). 
+version of Prometheus to collect the supported metrics. Once enabled, Prometheus will automatically begin monitoring Kubernetes Nodes and any [annotated Pods](https://prometheus.io/docs/operating/configuration/#<kubernetes_sd_config>).
 
 1. Read how to configure the bundled Prometheus server in the
    [Administration guide][gitlab-prometheus-k8s-monitor].
@@ -133,6 +133,8 @@ to integrate with.
 Once configured, GitLab will attempt to retrieve performance metrics for any
 environment which has had a successful deployment.
 
+GitLab will automatically scan the Prometheus server for known metrics and attempt to identify the metrics for a particular environment. The supported metrics and scan process is detailed in our [Prometheus Metric Library documentation](prometheus_library/metrics.html).
+
 [Learn more about monitoring environments.](../../../ci/environments.md#monitoring-environments)
 
 ## Determining the performance impact of a merge
@@ -174,7 +176,7 @@ If the "Attempting to load performance data" screen continues to appear, it coul
 [prometheus-docker-image]: https://hub.docker.com/r/prom/prometheus/
 [prometheus-yml]:samples/prometheus.yml
 [gitlab.com-ip-range]: https://gitlab.com/gitlab-com/infrastructure/issues/434
-[ci-environment-slug]: https://docs.gitlab.com/ce/ci/variables/#predefined-variables-environment-variables
+[ci-environment-slug]: ../../../ci/variables/#predefined-variables-environment-variables
 [ce-8935]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/8935
 [ce-10408]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10408
 [promgldocs]: ../../../administration/monitoring/prometheus/index.md
diff --git a/doc/user/project/integrations/prometheus_library/metrics.md b/doc/user/project/integrations/prometheus_library/metrics.md
index 6bdffce9c55..f09ecf9ff2d 100644
--- a/doc/user/project/integrations/prometheus_library/metrics.md
+++ b/doc/user/project/integrations/prometheus_library/metrics.md
@@ -4,6 +4,7 @@
 GitLab offers automatic detection of select [Prometheus exporters](https://prometheus.io/docs/instrumenting/exporters/). Currently supported exporters are:
 * [Kubernetes](kubernetes.md)
 * [NGINX](nginx.md)
+* [NGINX Ingress Controller](nginx_ingress.md)
 * [HAProxy](haproxy.md)
 * [Amazon Cloud Watch](cloudwatch.md)
 
@@ -14,10 +15,7 @@ We have tried to surface the most important metrics for each exporter, and will
 GitLab retrieves performance data from the configured Prometheus server, and attempts to identifying the presence of known metrics. Once identified, GitLab then needs to be able to map the data to a particular environment.
 
 In order to isolate and only display relevant metrics for a given environment, GitLab needs a method to detect which labels are associated. To do that,
-GitLab will look for the required metrics which have a label that
-matches the [$CI_ENVIRONMENT_SLUG][ci-environment-slug].
-
-For example if you are deploying to an environment named `production`, there must be a label for the metric with the value of `production`.
+GitLab uses the defined queries and fills in the environment specific variables. Typically this involves looking for the [$CI_ENVIRONMENT_SLUG](https://docs.gitlab.com/ee/ci/variables/#predefined-variables-environment-variables), but may also include other information such as the project's Kubernetes namespace. Each search query is defined in the [exporter specific documentation](#prometheus-metrics-library).
 
 ## Adding to the library
 
diff --git a/doc/user/project/integrations/prometheus_library/nginx.md b/doc/user/project/integrations/prometheus_library/nginx.md
index b3470773996..12e3321f5f3 100644
--- a/doc/user/project/integrations/prometheus_library/nginx.md
+++ b/doc/user/project/integrations/prometheus_library/nginx.md
@@ -8,8 +8,8 @@ GitLab has support for automatically detecting and monitoring NGINX. This is pro
 | Name | Query |
 | ---- | ----- |
 | Throughput (req/sec) | sum(rate(nginx_requests_total{server_zone!="*", server_zone!="_", %{environment_filter}}[2m])) |
-| Latency (ms) | avg(nginx_upstream_response_msecs_avg{%{environment_filter}}) * 1000 |
-| HTTP Error Rate (%) | sum(rate(haproxy_frontend_http_responses_total{code="5xx",%{environment_filter}}[2m])) / sum(rate(haproxy_frontend_http_responses_total{%{environment_filter}}[2m])) |
+| Latency (ms) | avg(nginx_upstream_response_msecs_avg{%{environment_filter}}) |
+| HTTP Error Rate (HTTP Errors / sec) | rate(nginx_responses_total{status_code="5xx", %{environment_filter}}[2m])) |
 
 ## Configuring Prometheus to monitor for NGINX metrics
 
diff --git a/doc/user/project/integrations/prometheus_library/nginx_ingress.md b/doc/user/project/integrations/prometheus_library/nginx_ingress.md
new file mode 100644
index 00000000000..84ee8bc45e5
--- /dev/null
+++ b/doc/user/project/integrations/prometheus_library/nginx_ingress.md
@@ -0,0 +1,25 @@
+# Monitoring NGINX Ingress Controller
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13438) in GitLab 9.5
+
+GitLab has support for automatically detecting and monitoring the Kubernetes NGINX ingress controller. This is provided by leveraging the built in Prometheus metrics included in [version 0.9.0](https://github.com/kubernetes/ingress/blob/master/controllers/nginx/Changelog.md#09-beta1) of the ingress.
+
+## Metrics supported
+
+| Name | Query |
+| ---- | ----- |
+| Throughput (req/sec) | sum(rate(nginx_upstream_requests_total{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m])) |
+| Latency (ms) | avg(nginx_upstream_response_msecs_avg{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}) |
+| HTTP Error Rate (HTTP Errors / sec) | sum(rate(nginx_upstream_responses_total{status_code="5xx", upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m])) |
+
+## Configuring Prometheus to monitor for NGINX ingress metrics
+
+The easiest way to get started is to use at least version 0.9.0 of [NGINX ingress](https://github.com/kubernetes/ingress/tree/master/controllers/nginx). If you are using NGINX as your Kubernetes ingress, there is [direct support](https://github.com/kubernetes/ingress/pull/423) for enabling Prometheus monitoring in the 0.9.0 release.
+
+If you have deployed with the [gitlab-omnibus](https://docs.gitlab.com/ee/install/kubernetes/gitlab_omnibus.md) Helm chart, these metrics will be automatically enabled and annotated for Prometheus monitoring.
+
+## Specifying the Environment label
+
+In order to isolate and only display relevant metrics for a given environment
+however, GitLab needs a method to detect which labels are associated. To do this, GitLab will search metrics with appropriate labels. In this case, the `upstream` label must be of the form `<Kubernetes Namespace>-<CI_ENVIRONMENT_SLUG>-*`.
+
+If you have used [Auto Deploy](https://docs.gitlab.com/ee/ci/autodeploy/index.html) to deploy your app, this format will be used automatically and metrics will be detected with no action on your part.
diff --git a/doc/user/project/integrations/webhooks.md b/doc/user/project/integrations/webhooks.md
index c03a2df9a72..47eb0b34f66 100644
--- a/doc/user/project/integrations/webhooks.md
+++ b/doc/user/project/integrations/webhooks.md
@@ -438,7 +438,6 @@ X-Gitlab-Event: Note Hook
     "iid": 1,
     "description": "Et voluptas corrupti assumenda temporibus. Architecto cum animi eveniet amet asperiores. Vitae numquam voluptate est natus sit et ad id.",
     "position": 0,
-    "locked_at": null,
     "source":{
       "name":"Gitlab Test",
       "description":"Aut reprehenderit ut est.",
diff --git a/doc/workflow/add-user/img/access_requests_management.png b/doc/user/project/members/img/access_requests_management.png
index 3693bed869b..3693bed869b 100644
--- a/doc/workflow/add-user/img/access_requests_management.png
+++ b/doc/user/project/members/img/access_requests_management.png
diff --git a/doc/workflow/add-user/img/add_new_user_to_project_settings.png b/doc/user/project/members/img/add_new_user_to_project_settings.png
index 40db600455f..40db600455f 100644
--- a/doc/workflow/add-user/img/add_new_user_to_project_settings.png
+++ b/doc/user/project/members/img/add_new_user_to_project_settings.png
diff --git a/doc/workflow/add-user/img/add_user_email_accept.png b/doc/user/project/members/img/add_user_email_accept.png
index 763b3ff463d..763b3ff463d 100644
--- a/doc/workflow/add-user/img/add_user_email_accept.png
+++ b/doc/user/project/members/img/add_user_email_accept.png
diff --git a/doc/workflow/add-user/img/add_user_email_ready.png b/doc/user/project/members/img/add_user_email_ready.png
index 0066eb3427b..0066eb3427b 100644
--- a/doc/workflow/add-user/img/add_user_email_ready.png
+++ b/doc/user/project/members/img/add_user_email_ready.png
diff --git a/doc/workflow/add-user/img/add_user_email_search.png b/doc/user/project/members/img/add_user_email_search.png
index 66bcd6aad80..66bcd6aad80 100644
--- a/doc/workflow/add-user/img/add_user_email_search.png
+++ b/doc/user/project/members/img/add_user_email_search.png
diff --git a/doc/workflow/add-user/img/add_user_give_permissions.png b/doc/user/project/members/img/add_user_give_permissions.png
index 376a3eefccc..376a3eefccc 100644
--- a/doc/workflow/add-user/img/add_user_give_permissions.png
+++ b/doc/user/project/members/img/add_user_give_permissions.png
diff --git a/doc/workflow/add-user/img/add_user_import_members_from_another_project.png b/doc/user/project/members/img/add_user_import_members_from_another_project.png
index 0c32001098e..0c32001098e 100644
--- a/doc/workflow/add-user/img/add_user_import_members_from_another_project.png
+++ b/doc/user/project/members/img/add_user_import_members_from_another_project.png
diff --git a/doc/workflow/add-user/img/add_user_imported_members.png b/doc/user/project/members/img/add_user_imported_members.png
index 51fd7688890..51fd7688890 100644
--- a/doc/workflow/add-user/img/add_user_imported_members.png
+++ b/doc/user/project/members/img/add_user_imported_members.png
diff --git a/doc/workflow/add-user/img/add_user_list_members.png b/doc/user/project/members/img/add_user_list_members.png
index e0fa404288d..e0fa404288d 100644
--- a/doc/workflow/add-user/img/add_user_list_members.png
+++ b/doc/user/project/members/img/add_user_list_members.png
diff --git a/doc/workflow/add-user/img/add_user_members_menu.png b/doc/user/project/members/img/add_user_members_menu.png
index 8e61d15fe65..8e61d15fe65 100644
--- a/doc/workflow/add-user/img/add_user_members_menu.png
+++ b/doc/user/project/members/img/add_user_members_menu.png
diff --git a/doc/workflow/add-user/img/add_user_search_people.png b/doc/user/project/members/img/add_user_search_people.png
index 41767a9167c..41767a9167c 100644
--- a/doc/workflow/add-user/img/add_user_search_people.png
+++ b/doc/user/project/members/img/add_user_search_people.png
diff --git a/doc/workflow/groups/max_access_level.png b/doc/user/project/members/img/max_access_level.png
index 63f33f9d91d..63f33f9d91d 100644
--- a/doc/workflow/groups/max_access_level.png
+++ b/doc/user/project/members/img/max_access_level.png
diff --git a/doc/workflow/groups/other_group_sees_shared_project.png b/doc/user/project/members/img/other_group_sees_shared_project.png
index 67af27043eb..67af27043eb 100644
--- a/doc/workflow/groups/other_group_sees_shared_project.png
+++ b/doc/user/project/members/img/other_group_sees_shared_project.png
diff --git a/doc/workflow/add-user/img/request_access_button.png b/doc/user/project/members/img/request_access_button.png
index 608baccb0ca..608baccb0ca 100644
--- a/doc/workflow/add-user/img/request_access_button.png
+++ b/doc/user/project/members/img/request_access_button.png
diff --git a/doc/workflow/groups/share_project_with_groups.png b/doc/user/project/members/img/share_project_with_groups.png
index 3cb4796f9f7..3cb4796f9f7 100644
--- a/doc/workflow/groups/share_project_with_groups.png
+++ b/doc/user/project/members/img/share_project_with_groups.png
diff --git a/doc/workflow/add-user/img/withdraw_access_request_button.png b/doc/user/project/members/img/withdraw_access_request_button.png
index 6edd786b151..6edd786b151 100644
--- a/doc/workflow/add-user/img/withdraw_access_request_button.png
+++ b/doc/user/project/members/img/withdraw_access_request_button.png
diff --git a/doc/user/project/members/index.md b/doc/user/project/members/index.md
new file mode 100644
index 00000000000..b8dd96087f1
--- /dev/null
+++ b/doc/user/project/members/index.md
@@ -0,0 +1,116 @@
+# Project's members
+
+You can manage the groups and users and their access levels in all of your
+projects. You can also personalize the access level you give each user,
+per-project.
+
+You should have `master` or `owner` [permissions](../../permissions.md) to add
+or import a new user to your project.
+
+To view, edit, add, and remove project's members, go to your
+project's **Settings > Members**.
+
+---
+
+## Add a user
+
+Right next to **People**, start typing the name or username of the user you
+want to add.
+
+![Search for people](img/add_user_search_people.png)
+
+---
+
+Select the user and the [permission level](../../user/permissions.md)
+that you'd like to give the user. Note that you can select more than one user.
+
+![Give user permissions](img/add_user_give_permissions.png)
+
+---
+
+Once done, hit **Add users to project** and they will be immediately added to
+your project with the permissions you gave them above.
+
+![List members](img/add_user_list_members.png)
+
+---
+
+From there on, you can either remove an existing user or change their access
+level to the project.
+
+## Import users from another project
+
+You can import another project's users in your own project by hitting the
+**Import members** button on the upper right corner of the **Members** menu.
+
+In the dropdown menu, you can see only the projects you are Master on.
+
+![Import members from another project](img/add_user_import_members_from_another_project.png)
+
+---
+
+Select the one you want and hit **Import project members**. A flash message
+notifying you that the import was successful will appear, and the new members
+are now in the project's members list. Notice that the permissions that they
+had on the project you imported from are retained.
+
+![Members list of new members](img/add_user_imported_members.png)
+
+---
+
+## Invite people using their e-mail address
+
+If a user you want to give access to doesn't have an account on your GitLab
+instance, you can invite them just by typing their e-mail address in the
+user search field.
+
+![Invite user by mail](img/add_user_email_search.png)
+
+---
+
+As you can imagine, you can mix inviting multiple people and adding existing
+GitLab users to the project.
+
+![Invite user by mail ready to submit](img/add_user_email_ready.png)
+
+---
+
+Once done, hit **Add users to project** and watch that there is a new member
+with the e-mail address we used above. From there on, you can resend the
+invitation, change their access level or even delete them.
+
+![Invite user members list](img/add_user_email_accept.png)
+
+---
+
+Once the user accepts the invitation, they will be prompted to create a new
+GitLab account using the same e-mail address the invitation was sent to.
+
+## Request access to a project
+
+As a project owner you can enable or disable non members to request access to
+your project. Go to the project settings and click on **Allow users to request access**.
+
+As a user, you can request to be a member of a project. Go to the project you'd
+like to be a member of, and click the **Request Access** button on the right
+side of your screen.
+
+![Request access button](img/request_access_button.png)
+
+---
+
+Project owners & masters will be notified of your request and will be able to approve or
+decline it on the members page.
+
+![Manage access requests](img/access_requests_management.png)
+
+---
+
+If you change your mind before your request is approved, just click the
+**Withdraw Access Request** button.
+
+![Withdraw access request button](img/withdraw_access_request_button.png)
+
+## Share project with group
+
+Alternatively, you can [share a project with an entire group](share_project_with_groups.md) instead of adding users one by one.
diff --git a/doc/user/project/members/share_project_with_groups.md b/doc/user/project/members/share_project_with_groups.md
new file mode 100644
index 00000000000..4c1ddcdcba8
--- /dev/null
+++ b/doc/user/project/members/share_project_with_groups.md
@@ -0,0 +1,41 @@
+# Share Projects with other Groups
+
+You can share projects with other [groups](../../group/index.md). This makes it
+possible to add a group of users to a project with a single action.
+
+## Groups as collections of users
+
+Groups are used primarily to [create collections of projects](../user/group/index.md), but you can also
+take advantage of the fact that groups define collections of _users_, namely the group
+members.
+
+## Sharing a project with a group of users
+
+The primary mechanism to give a group of users, say 'Engineering', access to a project,
+say 'Project Acme', in GitLab is to make the 'Engineering' group the owner of 'Project
+Acme'.  But what if 'Project Acme' already belongs to another group, say 'Open Source'?
+This is where the group sharing feature can be of use.
+
+To share 'Project Acme' with the 'Engineering' group, go to the project settings page for 'Project Acme' and use the left navigation menu to go to the 'Groups' section.
+
+![The 'Groups' section in the project settings screen](img/share_project_with_groups.png)
+
+Now you can add the 'Engineering' group with the maximum access level of your choice.
+After sharing 'Project Acme' with 'Engineering', the project is listed on the group dashboard.
+
+!['Project Acme' is listed as a shared project for 'Engineering'](img/other_group_sees_shared_project.png)
+
+## Maximum access level
+
+!['Project Acme' is shared with 'Engineering' with a maximum access level of 'Developer'](img/max_access_level.png)
+
+In the screenshot above, the maximum access level of 'Developer' for members from 'Engineering' means that users with higher access levels in 'Engineering' ('Master' or 'Owner') will only have 'Developer' access to 'Project Acme'.
+
+## Share project with group lock (EES/EEP)
+
+In [GitLab Enterprise Edition Starter](https://about.gitlab.com/gitlab-ee/)
+it is possible to prevent projects in a group from [sharing
+a project with another group](../members/share_project_with_groups.md).
+This allows for tighter control over project access.
+
+Learn more about [Share with group lock](https://docs.gitlab.com/ee/user/group/index.html#share-with-group-lock-ees-eep).
diff --git a/doc/user/project/repository/index.md b/doc/user/project/repository/index.md
index 4b2c435a120..5e5ae880518 100644
--- a/doc/user/project/repository/index.md
+++ b/doc/user/project/repository/index.md
@@ -20,6 +20,8 @@ documentation.
 For security reasons, when using the command line, we strongly recommend
 you to [connect with GitLab via SSH](../../../ssh/README.md).
 
+## Files
+
 ## Create and edit files
 
 Host your codebase in GitLab repositories by pushing your files to GitLab.
@@ -47,6 +49,10 @@ it's easier to do so [via GitLab UI](web_editor.md):
 To get started with the command line, please read through the
 [command line basics documentation](../../../gitlab-basics/command-line-commands.md).
 
+### Find files
+
+Use GitLab's [file finder](../../../workflow/file_finder.md) to search for files in a repository.
+
 ## Branches
 
 When you submit changes in a new branch, you create a new version
diff --git a/doc/user/project/settings/import_export.md b/doc/user/project/settings/import_export.md
index 35960ade3d4..97cca3007b1 100644
--- a/doc/user/project/settings/import_export.md
+++ b/doc/user/project/settings/import_export.md
@@ -9,6 +9,9 @@
 >    application settings (`/admin/application_settings`) under 'Import sources'.
 >    Ask your administrator if you don't see the **GitLab export** button when
 >    creating a new project.
+>  - Starting with GitLab 10.0, administrators can disable the project export option
+>    on the GitLab instance in application settings (`/admin/application_settings`)
+>    under 'Visibility and Access Controls'.
 >  - You can find some useful raketasks if you are an administrator in the
 >    [import_export](../../../administration/raketasks/project_import_export.md)
 >    raketask.
diff --git a/doc/user/snippets.md b/doc/user/snippets.md
index 78861625f8a..2170b079f62 100644
--- a/doc/user/snippets.md
+++ b/doc/user/snippets.md
@@ -16,7 +16,7 @@ Comments on snippets was [introduced](https://gitlab.com/gitlab-org/gitlab-ce/is
 
 ## Project snippets
 
-Project snippets are always related to a specific project - see [Project features](../workflow/project_features.md) for more information.
+Project snippets are always related to a specific project - see [Project's features](project/index.md#project-39-s-features) for more information.
 
 ## Personal snippets
 
diff --git a/doc/workflow/README.md b/doc/workflow/README.md
index 925bbf76d49..673e08287a3 100644
--- a/doc/workflow/README.md
+++ b/doc/workflow/README.md
@@ -16,14 +16,13 @@
 - [File finder](file_finder.md)
 - [Labels](../user/project/labels.md)
 - [Notification emails](notifications.md)
-- [Project Features](project_features.md)
+- [Projects](../user/project/index.md)
 - [Project forking workflow](forking_workflow.md)
-- [Project users](add-user/add-user.md)
+- [Project users](../user/project/members/index.md)
 - [Protected branches](../user/project/protected_branches.md)
 - [Protected tags](../user/project/protected_tags.md)
 - [Quick Actions](../user/project/quick_actions.md)
-- [Sharing a project with a group](share_with_group.md)
-- [Share projects with other groups](share_projects_with_other_groups.md)
+- [Sharing projects with groups](../user/project/members/share_project_with_groups.md)
 - [Time tracking](time_tracking.md)
 - [Web Editor](../user/project/repository/web_editor.md)
 - [Releases](releases.md)
diff --git a/doc/workflow/add-user/add-user.md b/doc/workflow/add-user/add-user.md
index e541111d7b3..35cc080d2b7 100644
--- a/doc/workflow/add-user/add-user.md
+++ b/doc/workflow/add-user/add-user.md
@@ -1,114 +1 @@
-# Project users
-
-You can manage the groups and users and their access levels in all of your
-projects. You can also personalize the access level you give each user,
-per-project.
-
-You should have `master` or `owner` permissions to add or import a new user
-to your project.
-
-The first step to add or import a user, go to your project and click on
-**Members** in the drop-down menu on the right side of your screen.
-
-![Members](img/add_user_members_menu.png)
-
----
-
-## Add a user
-
-Right next to **People**, start typing the name or username of the user you
-want to add.
-
-![Search for people](img/add_user_search_people.png)
-
----
-
-Select the user and the [permission level](../../user/permissions.md)
-that you'd like to give the user. Note that you can select more than one user.
-
-![Give user permissions](img/add_user_give_permissions.png)
-
----
-
-Once done, hit **Add users to project** and they will be immediately added to
-your project with the permissions you gave them above.
-
-![List members](img/add_user_list_members.png)
-
----
-
-From there on, you can either remove an existing user or change their access
-level to the project.
-
-## Import users from another project
-
-You can import another project's users in your own project by hitting the
-**Import members** button on the upper right corner of the **Members** menu.
-
-In the dropdown menu, you can see only the projects you are Master on.
-
-![Import members from another project](img/add_user_import_members_from_another_project.png)
-
----
-
-Select the one you want and hit **Import project members**. A flash message
-notifying you that the import was successful will appear, and the new members
-are now in the project's members list. Notice that the permissions that they
-had on the project you imported from are retained.
-
-![Members list of new members](img/add_user_imported_members.png)
-
----
-
-## Invite people using their e-mail address
-
-If a user you want to give access to doesn't have an account on your GitLab
-instance, you can invite them just by typing their e-mail address in the
-user search field.
-
-![Invite user by mail](img/add_user_email_search.png)
-
----
-
-As you can imagine, you can mix inviting multiple people and adding existing
-GitLab users to the project.
-
-![Invite user by mail ready to submit](img/add_user_email_ready.png)
-
----
-
-Once done, hit **Add users to project** and watch that there is a new member
-with the e-mail address we used above. From there on, you can resend the
-invitation, change their access level or even delete them.
-
-![Invite user members list](img/add_user_email_accept.png)
-
----
-
-Once the user accepts the invitation, they will be prompted to create a new
-GitLab account using the same e-mail address the invitation was sent to.
-
-## Request access to a project
-
-As a project owner you can enable or disable non members to request access to
-your project. Go to the project settings and click on **Allow users to request access**.
-
-As a user, you can request to be a member of a project. Go to the project you'd
-like to be a member of, and click the **Request Access** button on the right
-side of your screen.
-
-![Request access button](img/request_access_button.png)
-
----
-
-Project owners & masters will be notified of your request and will be able to approve or
-decline it on the members page.
-
-![Manage access requests](img/access_requests_management.png)
-
----
-
-If you change your mind before your request is approved, just click the
-**Withdraw Access Request** button.
-
-![Withdraw access request button](img/withdraw_access_request_button.png)
+This document was moved to [../../user/project/members/index.md](../../user/project/members/index.md)
diff --git a/doc/workflow/project_features.md b/doc/workflow/project_features.md
index 3f5de2bd4b1..feb88712f5a 100644
--- a/doc/workflow/project_features.md
+++ b/doc/workflow/project_features.md
@@ -1,45 +1 @@
-# Project features
-
-When in a Project -> Settings, you will find Features on the bottom of the page that you can toggle.
-
-Below you will find a more elaborate explanation of each of these.
-
-## Issues
-
-Issues is a really powerful, but lightweight issue tracking system.
-
-You can make tickets, assign them to people, file them under milestones, order them with labels and have discussion in them.
-
-They integrate deeply into GitLab and are easily referenced from anywhere by using `#` and the issue number.
-
-## Merge Requests
-
-Using a merge request, you can review and discuss code before it is merged in the branch of your code.
-
-As with issues, it can be assigned; people, issues, etc. can be referenced; milestones attached.
-
-We see it as an integral part of working together on code and couldn't work without it.
-
-## Wiki
-
-This is a separate system for documentation, built right into GitLab.
-
-It is source controlled and is very convenient if you don't want to keep you documentation in your source code, but you do want to keep it in your GitLab project.
-
-[Read more about Wikis.](../user/project/wiki/index.md)
-
-## Snippets
-
-Snippets are little bits of code or text.
-
-This is a nice place to put code or text that is used semi-regularly within the project, but does not belong in source control.
-
-For example, a specific config file that is used by the team that is only valid for the people that work on the code.
-
-## Git LFS
-
->**Note:** Project-specific LFS setting was added on 8.12 and is available only to admins.
-
-Git Large File Storage allows you to easily manage large binary files with Git.
-With this setting admins can better control which projects are allowed to use 
-LFS. 
+This document was moved to [../user/project/index.md](../user/project/index.md)
diff --git a/doc/workflow/share_projects_with_other_groups.md b/doc/workflow/share_projects_with_other_groups.md
index 40d756bc199..2eb4d24958a 100644
--- a/doc/workflow/share_projects_with_other_groups.md
+++ b/doc/workflow/share_projects_with_other_groups.md
@@ -1,32 +1 @@
-# Share Projects with other Groups
-
-You can share projects with other groups. This makes it possible to add a group of users
-to a project with a single action.
-
-## Groups as collections of users
-
-Groups are used primarily to [create collections of projects](../user/group/index.md), but you can also
-take advantage of the fact that groups define collections of _users_, namely the group
-members.
-
-## Sharing a project with a group of users
-
-The primary mechanism to give a group of users, say 'Engineering', access to a project,
-say 'Project Acme', in GitLab is to make the 'Engineering' group the owner of 'Project
-Acme'.  But what if 'Project Acme' already belongs to another group, say 'Open Source'?
-This is where the group sharing feature can be of use.
-
-To share 'Project Acme' with the 'Engineering' group, go to the project settings page for 'Project Acme' and use the left navigation menu to go to the 'Groups' section.
-
-![The 'Groups' section in the project settings screen](groups/share_project_with_groups.png)
-
-Now you can add the 'Engineering' group with the maximum access level of your choice.
-After sharing 'Project Acme' with 'Engineering', the project is listed on the group dashboard.
-
-!['Project Acme' is listed as a shared project for 'Engineering'](groups/other_group_sees_shared_project.png)
-
-## Maximum access level
-
-!['Project Acme' is shared with 'Engineering' with a maximum access level of 'Developer'](groups/max_access_level.png)
-
-In the screenshot above, the maximum access level of 'Developer' for members from 'Engineering' means that users with higher access levels in 'Engineering' ('Master' or 'Owner') will only have 'Developer' access to 'Project Acme'.
+This document was moved to [../user/project/members/share_project_with_groups.md](../user/project/members/share_project_with_groups.md)
diff --git a/doc/workflow/share_with_group.md b/doc/workflow/share_with_group.md
index 3b7690973cb..2eb4d24958a 100644
--- a/doc/workflow/share_with_group.md
+++ b/doc/workflow/share_with_group.md
@@ -1,13 +1 @@
-# Sharing a project with a group
-
-If you want to share a single project in a group with another group,
-you can do so easily. By setting the permission you can quickly
-give a select group of users access to a project in a restricted manner.
-
-In a project go to the project settings -> groups.
-
-Now you can select a group that you want to share this project with and with
-which maximum access level. Users in that group are able to access this project
-with their set group access level, up to the maximum level that you've set.
-
-![Share a project with a group](share_with_group.png)
+This document was moved to [../user/project/members/share_project_with_groups.md](../user/project/members/share_project_with_groups.md)
diff --git a/features/steps/project/merge_requests.rb b/features/steps/project/merge_requests.rb
index 810cd75591b..7254fbc2e4e 100644
--- a/features/steps/project/merge_requests.rb
+++ b/features/steps/project/merge_requests.rb
@@ -299,9 +299,6 @@ class Spinach::Features::ProjectMergeRequests < Spinach::FeatureSteps
 
   step 'I change the comment "Line is wrong" to "Typo, please fix" on diff' do
     page.within('.diff-file:nth-of-type(5) .note') do
-      find('.more-actions').click
-      find('.more-actions .dropdown-menu li', match: :first)
-
       find('.js-note-edit').click
 
       page.within('.current-note-edit-form', visible: true) do
diff --git a/features/steps/shared/note.rb b/features/steps/shared/note.rb
index 80187b83fee..492da38355c 100644
--- a/features/steps/shared/note.rb
+++ b/features/steps/shared/note.rb
@@ -11,8 +11,8 @@ module SharedNote
       note = find('.note')
       note.hover
 
-      note.find('.more-actions').click
-      note.find('.more-actions .dropdown-menu li', match: :first)
+      find('.more-actions').click
+      find('.more-actions .dropdown-menu li', match: :first)
 
       find(".js-note-delete").click
     end
@@ -147,9 +147,6 @@ module SharedNote
       note = find('.note')
       note.hover
 
-      note.find('.more-actions').click
-      note.find('.more-actions .dropdown-menu li', match: :first)
-
       note.find('.js-note-edit').click
     end
 
diff --git a/features/steps/shared/project.rb b/features/steps/shared/project.rb
index 00f7cded2ae..605c9a3ab71 100644
--- a/features/steps/shared/project.rb
+++ b/features/steps/shared/project.rb
@@ -71,28 +71,14 @@ module SharedProject
 
   step 'project "Shop" has push event' do
     @project = Project.find_by(name: "Shop")
-
-    data = {
-      before: Gitlab::Git::BLANK_SHA,
-      after: "6d394385cf567f80a8fd85055db1ab4c5295806f",
-      ref: "refs/heads/fix",
-      user_id: @user.id,
-      user_name: @user.name,
-      repository: {
-        name: @project.name,
-        url: "localhost/rubinius",
-        description: "",
-        homepage: "localhost/rubinius",
-        private: true
-      }
-    }
-
-    @event = Event.create(
-      project: @project,
-      action: Event::PUSHED,
-      data: data,
-      author_id: @user.id
-    )
+    @event = create(:push_event, project: @project, author: @user)
+
+    create(:push_event_payload,
+           event: @event,
+           action: :created,
+           commit_to: '6d394385cf567f80a8fd85055db1ab4c5295806f',
+           ref: 'fix',
+           commit_count: 1)
   end
 
   step 'I should see project "Shop" activity feed' do
diff --git a/lib/api/commits.rb b/lib/api/commits.rb
index bcb842b9211..ea78737288a 100644
--- a/lib/api/commits.rb
+++ b/lib/api/commits.rb
@@ -4,13 +4,14 @@ module API
   class Commits < Grape::API
     include PaginationParams
 
-    before { authenticate! }
+    COMMIT_ENDPOINT_REQUIREMENTS = API::PROJECT_ENDPOINT_REQUIREMENTS.merge(sha: API::NO_SLASH_URL_PART_REGEX)
+
     before { authorize! :download_code, user_project }
 
     params do
       requires :id, type: String, desc: 'The ID of a project'
     end
-    resource :projects, requirements: { id: %r{[^/]+} } do
+    resource :projects, requirements: API::PROJECT_ENDPOINT_REQUIREMENTS do
       desc 'Get a project repository commits' do
         success Entities::RepoCommit
       end
@@ -21,7 +22,7 @@ module API
         optional :path,     type: String, desc: 'The file path'
         use :pagination
       end
-      get ":id/repository/commits" do
+      get ':id/repository/commits' do
         path   = params[:path]
         before = params[:until]
         after  = params[:since]
@@ -53,16 +54,19 @@ module API
         detail 'This feature was introduced in GitLab 8.13'
       end
       params do
-        requires :branch, type: String, desc: 'The name of branch'
+        requires :branch, type: String, desc: 'Name of the branch to commit into. To create a new branch, also provide `start_branch`.'
         requires :commit_message, type: String, desc: 'Commit message'
         requires :actions, type: Array[Hash], desc: 'Actions to perform in commit'
+        optional :start_branch, type: String, desc: 'Name of the branch to start the new commit from'
         optional :author_email, type: String, desc: 'Author email for commit'
         optional :author_name, type: String, desc: 'Author name for commit'
       end
-      post ":id/repository/commits" do
+      post ':id/repository/commits' do
         authorize! :push_code, user_project
 
-        attrs = declared_params.merge(start_branch: declared_params[:branch], branch_name: declared_params[:branch])
+        attrs = declared_params
+        attrs[:branch_name] = attrs.delete(:branch)
+        attrs[:start_branch] ||= attrs[:branch_name]
 
         result = ::Files::MultiService.new(user_project, current_user, attrs).execute
 
@@ -76,42 +80,42 @@ module API
 
       desc 'Get a specific commit of a project' do
         success Entities::RepoCommitDetail
-        failure [[404, 'Not Found']]
+        failure [[404, 'Commit Not Found']]
       end
       params do
         requires :sha, type: String, desc: 'A commit sha, or the name of a branch or tag'
       end
-      get ":id/repository/commits/:sha" do
+      get ':id/repository/commits/:sha', requirements: COMMIT_ENDPOINT_REQUIREMENTS do
         commit = user_project.commit(params[:sha])
 
-        not_found! "Commit" unless commit
+        not_found! 'Commit' unless commit
 
         present commit, with: Entities::RepoCommitDetail
       end
 
       desc 'Get the diff for a specific commit of a project' do
-        failure [[404, 'Not Found']]
+        failure [[404, 'Commit Not Found']]
       end
       params do
         requires :sha, type: String, desc: 'A commit sha, or the name of a branch or tag'
       end
-      get ":id/repository/commits/:sha/diff" do
+      get ':id/repository/commits/:sha/diff', requirements: COMMIT_ENDPOINT_REQUIREMENTS do
         commit = user_project.commit(params[:sha])
 
-        not_found! "Commit" unless commit
+        not_found! 'Commit' unless commit
 
         commit.raw_diffs.to_a
       end
 
       desc "Get a commit's comments" do
         success Entities::CommitNote
-        failure [[404, 'Not Found']]
+        failure [[404, 'Commit Not Found']]
       end
       params do
         use :pagination
         requires :sha, type: String, desc: 'A commit sha, or the name of a branch or tag'
       end
-      get ':id/repository/commits/:sha/comments' do
+      get ':id/repository/commits/:sha/comments', requirements: COMMIT_ENDPOINT_REQUIREMENTS do
         commit = user_project.commit(params[:sha])
 
         not_found! 'Commit' unless commit
@@ -125,10 +129,10 @@ module API
         success Entities::RepoCommit
       end
       params do
-        requires :sha, type: String, desc: 'A commit sha to be cherry picked'
+        requires :sha, type: String, desc: 'A commit sha, or the name of a branch or tag to be cherry picked'
         requires :branch, type: String, desc: 'The name of the branch'
       end
-      post ':id/repository/commits/:sha/cherry_pick' do
+      post ':id/repository/commits/:sha/cherry_pick', requirements: COMMIT_ENDPOINT_REQUIREMENTS do
         authorize! :push_code, user_project
 
         commit = user_project.commit(params[:sha])
@@ -157,7 +161,7 @@ module API
         success Entities::CommitNote
       end
       params do
-        requires :sha, type: String, regexp: /\A\h{6,40}\z/, desc: "The commit's SHA"
+        requires :sha, type: String, desc: 'A commit sha, or the name of a branch or tag on which to post a comment'
         requires :note, type: String, desc: 'The text of the comment'
         optional :path, type: String, desc: 'The file path'
         given :path do
@@ -165,7 +169,7 @@ module API
           requires :line_type, type: String, values: %w(new old), default: 'new', desc: 'The type of the line'
         end
       end
-      post ':id/repository/commits/:sha/comments' do
+      post ':id/repository/commits/:sha/comments', requirements: COMMIT_ENDPOINT_REQUIREMENTS do
         commit = user_project.commit(params[:sha])
         not_found! 'Commit' unless commit
 
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 94b438db499..18cd604a216 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -132,7 +132,7 @@ module API
       expose :lfs_enabled?, as: :lfs_enabled
       expose :creator_id
       expose :namespace, using: 'API::Entities::Namespace'
-      expose :forked_from_project, using: Entities::BasicProjectDetails, if: lambda{ |project, options| project.forked? }
+      expose :forked_from_project, using: Entities::BasicProjectDetails, if: lambda { |project, options| project.forked? }
       expose :import_status
       expose :import_error, if: lambda { |_project, options| options[:user_can_admin_project] }
       expose :avatar_url do |user, options|
@@ -454,6 +454,9 @@ module API
     end
 
     class Note < Grape::Entity
+      # Only Issue and MergeRequest have iid
+      NOTEABLE_TYPES_WITH_IID = %w(Issue MergeRequest).freeze
+
       expose :id
       expose :note, as: :body
       expose :attachment_identifier, as: :attachment
@@ -461,6 +464,9 @@ module API
       expose :created_at, :updated_at
       expose :system?, as: :system
       expose :noteable_id, :noteable_type
+
+      # Avoid N+1 queries as much as possible
+      expose(:noteable_iid) { |note| note.noteable.iid if NOTEABLE_TYPES_WITH_IID.include?(note.noteable_type) }
     end
 
     class AwardEmoji < Grape::Entity
@@ -491,14 +497,24 @@ module API
       expose :author, using: Entities::UserBasic
     end
 
+    class PushEventPayload < Grape::Entity
+      expose :commit_count, :action, :ref_type, :commit_from, :commit_to
+      expose :ref, :commit_title
+    end
+
     class Event < Grape::Entity
       expose :title, :project_id, :action_name
       expose :target_id, :target_iid, :target_type, :author_id
-      expose :data, :target_title
+      expose :target_title
       expose :created_at
       expose :note, using: Entities::Note, if: ->(event, options) { event.note? }
       expose :author, using: Entities::UserBasic, if: ->(event, options) { event.author }
 
+      expose :push_event_payload,
+        as: :push_data,
+        using: PushEventPayload,
+        if: -> (event, _) { event.push? }
+
       expose :author_username do |event, options|
         event.author&.username
       end
@@ -699,7 +715,7 @@ module API
     class RepoTag < Grape::Entity
       expose :name, :message
 
-      expose :commit do |repo_tag, options|
+      expose :commit, using: Entities::RepoCommit do |repo_tag, options|
         options[:project].repository.commit(repo_tag.dereferenced_target)
       end
 
diff --git a/lib/api/files.rb b/lib/api/files.rb
index 521287ee2b4..e2ac7142bc4 100644
--- a/lib/api/files.rb
+++ b/lib/api/files.rb
@@ -1,10 +1,13 @@
 module API
   class Files < Grape::API
+    # Prevents returning plain/text responses for files with .txt extension
+    after_validation { content_type "application/json" }
+
     helpers do
       def commit_params(attrs)
         {
           file_path: attrs[:file_path],
-          start_branch: attrs[:branch],
+          start_branch: attrs[:start_branch] || attrs[:branch],
           branch_name: attrs[:branch],
           commit_message: attrs[:commit_message],
           file_content: attrs[:content],
@@ -37,8 +40,9 @@ module API
 
       params :simple_file_params do
         requires :file_path, type: String, desc: 'The url encoded path to the file. Ex. lib%2Fclass%2Erb'
-        requires :branch, type: String, desc: 'The name of branch'
-        requires :commit_message, type: String, desc: 'Commit Message'
+        requires :branch, type: String, desc: 'Name of the branch to commit into. To create a new branch, also provide `start_branch`.'
+        requires :commit_message, type: String, desc: 'Commit message'
+        optional :start_branch, type: String, desc: 'Name of the branch to start the new commit from'
         optional :author_email, type: String, desc: 'The email of the author'
         optional :author_name, type: String, desc: 'The name of the author'
       end
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 99b8b62691f..3582ed81b0f 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -257,7 +257,15 @@ module API
       message << "  " << trace.join("\n  ")
 
       API.logger.add Logger::FATAL, message
-      rack_response({ 'message' => '500 Internal Server Error' }.to_json, 500)
+
+      response_message =
+        if Rails.env.test?
+          message
+        else
+          '500 Internal Server Error'
+        end
+
+      rack_response({ 'message' => response_message }.to_json, 500)
     end
 
     # project helpers
diff --git a/lib/api/helpers/members_helpers.rb b/lib/api/helpers/members_helpers.rb
index d9cae1501f8..a50ea0b52aa 100644
--- a/lib/api/helpers/members_helpers.rb
+++ b/lib/api/helpers/members_helpers.rb
@@ -1,8 +1,10 @@
+# rubocop:disable GitlabSecurity/PublicSend
+
 module API
   module Helpers
     module MembersHelpers
       def find_source(source_type, id)
-        public_send("find_#{source_type}!", id)
+        public_send("find_#{source_type}!", id) # rubocop:disable GitlabSecurity/PublicSend
       end
 
       def authorize_admin_source!(source_type, source)
diff --git a/lib/api/notes.rb b/lib/api/notes.rb
index 65ff89edf65..4e4e473994b 100644
--- a/lib/api/notes.rb
+++ b/lib/api/notes.rb
@@ -139,7 +139,7 @@ module API
 
     helpers do
       def find_project_noteable(noteables_str, noteable_id)
-        public_send("find_project_#{noteables_str.singularize}", noteable_id)
+        public_send("find_project_#{noteables_str.singularize}", noteable_id) # rubocop:disable GitlabSecurity/PublicSend
       end
 
       def noteable_read_ability_name(noteable)
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index 89dda88d3f5..15c3832b032 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -351,6 +351,8 @@ module API
 
         if user_project.forked_from_project.nil?
           user_project.create_forked_project_link(forked_to_project_id: user_project.id, forked_from_project_id: forked_from_project.id)
+
+          ::Projects::ForksCountService.new(forked_from_project).refresh_cache
         else
           render_api_error!("Project already forked", 409)
         end
diff --git a/lib/api/settings.rb b/lib/api/settings.rb
index d55a61fa638..667ba468ce6 100644
--- a/lib/api/settings.rb
+++ b/lib/api/settings.rb
@@ -29,6 +29,7 @@ module API
                                 desc: 'Enabled sources for code import during project creation. OmniAuth must be configured for GitHub, Bitbucket, and GitLab.com'
       optional :disabled_oauth_sign_in_sources, type: Array[String], desc: 'Disable certain OAuth sign-in sources'
       optional :enabled_git_access_protocol, type: String, values: %w[ssh http nil], desc: 'Allow only the selected protocols to be used for Git access.'
+      optional :project_export_enabled, type: Boolean, desc: 'Enable project export'
       optional :gravatar_enabled, type: Boolean, desc: 'Flag indicating if the Gravatar service is enabled'
       optional :default_projects_limit, type: Integer, desc: 'The maximum number of personal projects'
       optional :max_attachment_size, type: Integer, desc: 'Maximum attachment size in MB'
diff --git a/lib/api/tags.rb b/lib/api/tags.rb
index 633a858f8c7..1333747cced 100644
--- a/lib/api/tags.rb
+++ b/lib/api/tags.rb
@@ -2,19 +2,21 @@ module API
   class Tags < Grape::API
     include PaginationParams
 
+    TAG_ENDPOINT_REQUIREMENTS = API::PROJECT_ENDPOINT_REQUIREMENTS.merge(tag_name: API::NO_SLASH_URL_PART_REGEX)
+
     before { authorize! :download_code, user_project }
 
     params do
       requires :id, type: String, desc: 'The ID of a project'
     end
-    resource :projects, requirements: { id: %r{[^/]+} } do
+    resource :projects, requirements: API::PROJECT_ENDPOINT_REQUIREMENTS do
       desc 'Get a project repository tags' do
         success Entities::RepoTag
       end
       params do
         use :pagination
       end
-      get ":id/repository/tags" do
+      get ':id/repository/tags' do
         tags = ::Kaminari.paginate_array(user_project.repository.tags.sort_by(&:name).reverse)
         present paginate(tags), with: Entities::RepoTag, project: user_project
       end
@@ -25,7 +27,7 @@ module API
       params do
         requires :tag_name, type: String, desc: 'The name of the tag'
       end
-      get ":id/repository/tags/:tag_name", requirements: { tag_name: /.+/ } do
+      get ':id/repository/tags/:tag_name', requirements: TAG_ENDPOINT_REQUIREMENTS do
         tag = user_project.repository.find_tag(params[:tag_name])
         not_found!('Tag') unless tag
 
@@ -60,7 +62,7 @@ module API
       params do
         requires :tag_name, type: String, desc: 'The name of the tag'
       end
-      delete ":id/repository/tags/:tag_name", requirements: { tag_name: /.+/ } do
+      delete ':id/repository/tags/:tag_name', requirements: TAG_ENDPOINT_REQUIREMENTS do
         authorize_push_project
 
         result = ::Tags::DestroyService.new(user_project, current_user)
@@ -78,7 +80,7 @@ module API
         requires :tag_name,    type: String, desc: 'The name of the tag'
         requires :description, type: String, desc: 'Release notes with markdown support'
       end
-      post ':id/repository/tags/:tag_name/release', requirements: { tag_name: /.+/ } do
+      post ':id/repository/tags/:tag_name/release', requirements: TAG_ENDPOINT_REQUIREMENTS do
         authorize_push_project
 
         result = CreateReleaseService.new(user_project, current_user)
@@ -98,7 +100,7 @@ module API
         requires :tag_name,    type: String, desc: 'The name of the tag'
         requires :description, type: String, desc: 'Release notes with markdown support'
       end
-      put ':id/repository/tags/:tag_name/release', requirements: { tag_name: /.+/ } do
+      put ':id/repository/tags/:tag_name/release', requirements: TAG_ENDPOINT_REQUIREMENTS do
         authorize_push_project
 
         result = UpdateReleaseService.new(user_project, current_user)
diff --git a/lib/api/users.rb b/lib/api/users.rb
index a590f2692a2..e2019d6d512 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -79,22 +79,17 @@ module API
       end
 
       desc 'Get a single user' do
-        success Entities::UserBasic
+        success Entities::User
       end
       params do
         requires :id, type: Integer, desc: 'The ID of the user'
       end
       get ":id" do
         user = User.find_by(id: params[:id])
-        not_found!('User') unless user
+        not_found!('User') unless user && can?(current_user, :read_user, user)
 
-        if current_user && current_user.admin?
-          present user, with: Entities::UserPublic
-        elsif can?(current_user, :read_user, user)
-          present user, with: Entities::User
-        else
-          render_api_error!("User not found.", 404)
-        end
+        opts = current_user&.admin? ? { with: Entities::UserWithAdmin } : {}
+        present user, opts
       end
 
       desc 'Create a user. Available only for admins.' do
diff --git a/lib/api/v3/entities.rb b/lib/api/v3/entities.rb
index 773f667abe0..a9a35f2a4bd 100644
--- a/lib/api/v3/entities.rb
+++ b/lib/api/v3/entities.rb
@@ -25,14 +25,24 @@ module API
         expose(:downvote?)  { |note| false }
       end
 
+      class PushEventPayload < Grape::Entity
+        expose :commit_count, :action, :ref_type, :commit_from, :commit_to
+        expose :ref, :commit_title
+      end
+
       class Event < Grape::Entity
         expose :title, :project_id, :action_name
         expose :target_id, :target_type, :author_id
-        expose :data, :target_title
+        expose :target_title
         expose :created_at
         expose :note, using: Entities::Note, if: ->(event, options) { event.note? }
         expose :author, using: ::API::Entities::UserBasic, if: ->(event, options) { event.author }
 
+        expose :push_event_payload,
+          as: :push_data,
+          using: PushEventPayload,
+          if: -> (event, _) { event.push? }
+
         expose :author_username do |event, options|
           event.author&.username
         end
@@ -68,7 +78,7 @@ module API
         expose :lfs_enabled?, as: :lfs_enabled
         expose :creator_id
         expose :namespace, using: 'API::Entities::Namespace'
-        expose :forked_from_project, using: ::API::Entities::BasicProjectDetails, if: lambda{ |project, options| project.forked? }
+        expose :forked_from_project, using: ::API::Entities::BasicProjectDetails, if: lambda { |project, options| project.forked? }
         expose :avatar_url do |user, options|
           user.avatar_url(only_path: false)
         end
diff --git a/lib/api/v3/projects.rb b/lib/api/v3/projects.rb
index eb090453b48..449876c10d9 100644
--- a/lib/api/v3/projects.rb
+++ b/lib/api/v3/projects.rb
@@ -388,6 +388,8 @@ module API
 
           if user_project.forked_from_project.nil?
             user_project.create_forked_project_link(forked_to_project_id: user_project.id, forked_from_project_id: forked_from_project.id)
+
+            ::Projects::ForksCountService.new(forked_from_project).refresh_cache
           else
             render_api_error!("Project already forked", 409)
           end
diff --git a/lib/backup/manager.rb b/lib/backup/manager.rb
index ca6d6848d41..b9a573d3542 100644
--- a/lib/backup/manager.rb
+++ b/lib/backup/manager.rb
@@ -198,11 +198,11 @@ module Backup
     end
 
     def archives_to_backup
-      ARCHIVES_TO_BACKUP.map{ |name| (name + ".tar.gz") unless skipped?(name) }.compact
+      ARCHIVES_TO_BACKUP.map { |name| (name + ".tar.gz") unless skipped?(name) }.compact
     end
 
     def folders_to_backup
-      FOLDERS_TO_BACKUP.reject{ |name| skipped?(name) }
+      FOLDERS_TO_BACKUP.reject { |name| skipped?(name) }
     end
 
     def disabled_features
diff --git a/lib/ci/ansi2html.rb b/lib/ci/ansi2html.rb
index 55402101e43..8354fc8d595 100644
--- a/lib/ci/ansi2html.rb
+++ b/lib/ci/ansi2html.rb
@@ -254,7 +254,7 @@ module Ci
 
       def state
         state = STATE_PARAMS.inject({}) do |h, param|
-          h[param] = send(param)
+          h[param] = send(param) # rubocop:disable GitlabSecurity/PublicSend
           h
         end
         Base64.urlsafe_encode64(state.to_json)
@@ -266,7 +266,7 @@ module Ci
         return if state[:offset].to_i > stream.size
 
         STATE_PARAMS.each do |param|
-          send("#{param}=".to_sym, state[param])
+          send("#{param}=".to_sym, state[param]) # rubocop:disable GitlabSecurity/PublicSend
         end
       end
 
diff --git a/lib/ci/charts.rb b/lib/ci/charts.rb
index 872e418c788..76a69bf8a83 100644
--- a/lib/ci/charts.rb
+++ b/lib/ci/charts.rb
@@ -47,7 +47,7 @@ module Ci
 
       def collect
         query = project.pipelines
-          .where("? > #{Ci::Pipeline.table_name}.created_at AND #{Ci::Pipeline.table_name}.created_at > ?", @to, @from)
+          .where("? > #{Ci::Pipeline.table_name}.created_at AND #{Ci::Pipeline.table_name}.created_at > ?", @to, @from) # rubocop:disable GitlabSecurity/SqlInjection
 
         totals_count  = grouped_count(query)
         success_count = grouped_count(query.success)
diff --git a/lib/constraints/project_url_constrainer.rb b/lib/constraints/project_url_constrainer.rb
index 4c0aee6c48f..fd7b97d3167 100644
--- a/lib/constraints/project_url_constrainer.rb
+++ b/lib/constraints/project_url_constrainer.rb
@@ -6,6 +6,8 @@ class ProjectUrlConstrainer
 
     return false unless DynamicPathValidator.valid_project_path?(full_path)
 
+    # We intentionally allow SELECT(*) here so result of this query can be used
+    # as cache for further Project.find_by_full_path calls within request 
     Project.find_by_full_path(full_path, follow_redirects: request.get?).present?
   end
 end
diff --git a/lib/file_streamer.rb b/lib/file_streamer.rb
deleted file mode 100644
index 4e3c6d3c773..00000000000
--- a/lib/file_streamer.rb
+++ /dev/null
@@ -1,16 +0,0 @@
-class FileStreamer #:nodoc:
-  attr_reader :to_path
-
-  def initialize(path)
-    @to_path = path
-  end
-
-  # Stream the file's contents if Rack::Sendfile isn't present.
-  def each
-    File.open(to_path, 'rb') do |file|
-      while chunk = file.read(16384)
-        yield chunk
-      end
-    end
-  end
-end
diff --git a/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb b/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb
index 0fbc6b70989..310a69a4bd4 100644
--- a/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb
+++ b/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb
@@ -85,6 +85,8 @@ module Gitlab
           diff_hash.tap do |hash|
             diff_text = hash[:diff]
 
+            hash[:too_large] = !!hash[:too_large]
+
             if diff_text.encoding == Encoding::BINARY && !diff_text.ascii_only?
               hash[:binary] = true
               hash[:diff] = [diff_text].pack('m0')
diff --git a/lib/gitlab/background_migration/migrate_events_to_push_event_payloads.rb b/lib/gitlab/background_migration/migrate_events_to_push_event_payloads.rb
new file mode 100644
index 00000000000..432f7c3e706
--- /dev/null
+++ b/lib/gitlab/background_migration/migrate_events_to_push_event_payloads.rb
@@ -0,0 +1,176 @@
+module Gitlab
+  module BackgroundMigration
+    # Class that migrates events for the new push event payloads setup. All
+    # events are copied to a shadow table, and push events will also have a row
+    # created in the push_event_payloads table.
+    class MigrateEventsToPushEventPayloads
+      class Event < ActiveRecord::Base
+        self.table_name = 'events'
+
+        serialize :data
+
+        BLANK_REF = ('0' * 40).freeze
+        TAG_REF_PREFIX = 'refs/tags/'.freeze
+        MAX_INDEX = 69
+        PUSHED = 5
+
+        def push_event?
+          action == PUSHED && data.present?
+        end
+
+        def commit_title
+          commit = commits.last
+
+          return nil unless commit && commit[:message]
+
+          index = commit[:message].index("\n")
+          message = index ? commit[:message][0..index] : commit[:message]
+
+          message.strip.truncate(70)
+        end
+
+        def commit_from_sha
+          if create?
+            nil
+          else
+            data[:before]
+          end
+        end
+
+        def commit_to_sha
+          if remove?
+            nil
+          else
+            data[:after]
+          end
+        end
+
+        def data
+          super || {}
+        end
+
+        def commits
+          data[:commits] || []
+        end
+
+        def commit_count
+          data[:total_commits_count] || 0
+        end
+
+        def ref
+          data[:ref]
+        end
+
+        def trimmed_ref_name
+          if ref_type == :tag
+            ref[10..-1]
+          else
+            ref[11..-1]
+          end
+        end
+
+        def create?
+          data[:before] == BLANK_REF
+        end
+
+        def remove?
+          data[:after] == BLANK_REF
+        end
+
+        def push_action
+          if create?
+            :created
+          elsif remove?
+            :removed
+          else
+            :pushed
+          end
+        end
+
+        def ref_type
+          if ref.start_with?(TAG_REF_PREFIX)
+            :tag
+          else
+            :branch
+          end
+        end
+      end
+
+      class EventForMigration < ActiveRecord::Base
+        self.table_name = 'events_for_migration'
+      end
+
+      class PushEventPayload < ActiveRecord::Base
+        self.table_name = 'push_event_payloads'
+
+        enum action: {
+          created: 0,
+          removed: 1,
+          pushed: 2
+        }
+
+        enum ref_type: {
+          branch: 0,
+          tag: 1
+        }
+      end
+
+      # start_id - The start ID of the range of events to process
+      # end_id - The end ID of the range to process.
+      def perform(start_id, end_id)
+        return unless migrate?
+
+        find_events(start_id, end_id).each { |event| process_event(event) }
+      end
+
+      def process_event(event)
+        replicate_event(event)
+        create_push_event_payload(event) if event.push_event?
+      end
+
+      def replicate_event(event)
+        new_attributes = event.attributes
+          .with_indifferent_access.except(:title, :data)
+
+        EventForMigration.create!(new_attributes)
+      rescue ActiveRecord::InvalidForeignKey
+        # A foreign key error means the associated event was removed. In this
+        # case we'll just skip migrating the event.
+      end
+
+      def create_push_event_payload(event)
+        commit_from = pack(event.commit_from_sha)
+        commit_to = pack(event.commit_to_sha)
+
+        PushEventPayload.create!(
+          event_id: event.id,
+          commit_count: event.commit_count,
+          ref_type: event.ref_type,
+          action: event.push_action,
+          commit_from: commit_from,
+          commit_to: commit_to,
+          ref: event.trimmed_ref_name,
+          commit_title: event.commit_title
+        )
+      rescue ActiveRecord::InvalidForeignKey
+        # A foreign key error means the associated event was removed. In this
+        # case we'll just skip migrating the event.
+      end
+
+      def find_events(start_id, end_id)
+        Event
+          .where('NOT EXISTS (SELECT true FROM events_for_migration WHERE events_for_migration.id = events.id)')
+          .where(id: start_id..end_id)
+      end
+
+      def migrate?
+        Event.table_exists? && PushEventPayload.table_exists? &&
+          EventForMigration.table_exists?
+      end
+
+      def pack(value)
+        value ? [value].pack('H*') : nil
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/background_migration/move_personal_snippet_files.rb b/lib/gitlab/background_migration/move_personal_snippet_files.rb
new file mode 100644
index 00000000000..07cec96bcc3
--- /dev/null
+++ b/lib/gitlab/background_migration/move_personal_snippet_files.rb
@@ -0,0 +1,79 @@
+module Gitlab
+  module BackgroundMigration
+    class MovePersonalSnippetFiles
+      delegate :select_all, :execute, :quote_string, to: :connection
+
+      def perform(relative_source, relative_destination)
+        @source_relative_location = relative_source
+        @destination_relative_location = relative_destination
+
+        move_personal_snippet_files
+      end
+
+      def move_personal_snippet_files
+        query = "SELECT uploads.path, uploads.model_id FROM uploads "\
+                "INNER JOIN snippets ON snippets.id = uploads.model_id WHERE uploader = 'PersonalFileUploader'"
+        select_all(query).each do |upload|
+          secret = upload['path'].split('/')[0]
+          file_name = upload['path'].split('/')[1]
+
+          move_file(upload['model_id'], secret, file_name)
+          update_markdown(upload['model_id'], secret, file_name)
+        end
+      end
+
+      def move_file(snippet_id, secret, file_name)
+        source_dir = File.join(base_directory, @source_relative_location, snippet_id.to_s, secret)
+        destination_dir = File.join(base_directory, @destination_relative_location, snippet_id.to_s, secret)
+
+        source_file_path = File.join(source_dir, file_name)
+        destination_file_path = File.join(destination_dir, file_name)
+
+        unless File.exist?(source_file_path)
+          say "Source file `#{source_file_path}` doesn't exist. Skipping."
+          return
+        end
+
+        say "Moving file #{source_file_path} -> #{destination_file_path}"
+
+        FileUtils.mkdir_p(destination_dir)
+        FileUtils.move(source_file_path, destination_file_path)
+      end
+
+      def update_markdown(snippet_id, secret, file_name)
+        source_markdown_path = File.join(@source_relative_location, snippet_id.to_s, secret, file_name)
+        destination_markdown_path = File.join(@destination_relative_location, snippet_id.to_s, secret, file_name)
+
+        source_markdown = "](#{source_markdown_path})"
+        destination_markdown = "](#{destination_markdown_path})"
+        quoted_source = quote_string(source_markdown)
+        quoted_destination = quote_string(destination_markdown)
+
+        execute("UPDATE snippets "\
+                "SET description = replace(snippets.description, '#{quoted_source}', '#{quoted_destination}'), description_html = NULL "\
+                "WHERE id = #{snippet_id}")
+
+        query = "SELECT id, note FROM notes WHERE noteable_id = #{snippet_id} "\
+                "AND noteable_type = 'Snippet' AND note IS NOT NULL"
+        select_all(query).each do |note|
+          text = note['note'].gsub(source_markdown, destination_markdown)
+          quoted_text = quote_string(text)
+
+          execute("UPDATE notes SET note = '#{quoted_text}', note_html = NULL WHERE id = #{note['id']}")
+        end
+      end
+
+      def base_directory
+        File.join(Rails.root, 'public')
+      end
+
+      def connection
+        ActiveRecord::Base.connection
+      end
+
+      def say(message)
+        Rails.logger.debug(message)
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/checks/force_push.rb b/lib/gitlab/checks/force_push.rb
index 1e73f89158d..714464fd5e7 100644
--- a/lib/gitlab/checks/force_push.rb
+++ b/lib/gitlab/checks/force_push.rb
@@ -5,12 +5,19 @@ module Gitlab
         return false if project.empty_repo?
 
         # Created or deleted branch
-        if Gitlab::Git.blank_ref?(oldrev) || Gitlab::Git.blank_ref?(newrev)
-          false
-        else
-          Gitlab::Git::RevList.new(
-            path_to_repo: project.repository.path_to_repo,
-            oldrev: oldrev, newrev: newrev).missed_ref.present?
+        return false if Gitlab::Git.blank_ref?(oldrev) || Gitlab::Git.blank_ref?(newrev)
+
+        GitalyClient.migrate(:force_push) do |is_enabled|
+          if is_enabled
+            !project
+              .repository
+              .gitaly_commit_client
+              .is_ancestor(oldrev, newrev)
+          else
+            Gitlab::Git::RevList.new(
+              path_to_repo: project.repository.path_to_repo,
+              oldrev: oldrev, newrev: newrev).missed_ref.present?
+          end
         end
       end
     end
diff --git a/lib/gitlab/conflict/file_collection.rb b/lib/gitlab/conflict/file_collection.rb
index 1611eba31da..d671867e7c7 100644
--- a/lib/gitlab/conflict/file_collection.rb
+++ b/lib/gitlab/conflict/file_collection.rb
@@ -77,8 +77,8 @@ EOM
 
       def initialize(merge_request, project)
         @merge_request = merge_request
-        @our_commit = merge_request.source_branch_head.raw.raw_commit
-        @their_commit = merge_request.target_branch_head.raw.raw_commit
+        @our_commit = merge_request.source_branch_head.raw.rugged_commit
+        @their_commit = merge_request.target_branch_head.raw.rugged_commit
         @project = project
       end
     end
diff --git a/lib/gitlab/cycle_analytics/plan_event_fetcher.rb b/lib/gitlab/cycle_analytics/plan_event_fetcher.rb
index b260822788d..2479b4a7706 100644
--- a/lib/gitlab/cycle_analytics/plan_event_fetcher.rb
+++ b/lib/gitlab/cycle_analytics/plan_event_fetcher.rb
@@ -54,7 +54,7 @@ module Gitlab
       end
 
       def serialize_commit(event, commit, query)
-        commit = Commit.new(Gitlab::Git::Commit.new(commit.to_hash), @project)
+        commit = Commit.from_hash(commit.to_hash, @project)
 
         AnalyticsCommitSerializer.new(project: @project, total_time: event['total_time']).represent(commit)
       end
diff --git a/lib/gitlab/database.rb b/lib/gitlab/database.rb
index d7dab584a44..e001d25e7b7 100644
--- a/lib/gitlab/database.rb
+++ b/lib/gitlab/database.rb
@@ -25,6 +25,10 @@ module Gitlab
       database_version.match(/\A(?:PostgreSQL |)([^\s]+).*\z/)[1]
     end
 
+    def self.join_lateral_supported?
+      postgresql? && version.to_f >= 9.3
+    end
+
     def self.nulls_last_order(field, direction = 'ASC')
       order = "#{field} #{direction}"
 
diff --git a/lib/gitlab/diff/line.rb b/lib/gitlab/diff/line.rb
index 2d89ccfc354..0603141e441 100644
--- a/lib/gitlab/diff/line.rb
+++ b/lib/gitlab/diff/line.rb
@@ -21,7 +21,7 @@ module Gitlab
 
       def to_hash
         hash = {}
-        serialize_keys.each { |key| hash[key] = send(key) }
+        serialize_keys.each { |key| hash[key] = send(key) } # rubocop:disable GitlabSecurity/PublicSend
         hash
       end
 
diff --git a/lib/gitlab/ee_compat_check.rb b/lib/gitlab/ee_compat_check.rb
index 72d7d4f84d1..abd401224d8 100644
--- a/lib/gitlab/ee_compat_check.rb
+++ b/lib/gitlab/ee_compat_check.rb
@@ -98,10 +98,11 @@ module Gitlab
 
       if status.zero?
         @ee_branch_found = ee_branch_prefix
-      else
-        _, status = step("Fetching origin/#{ee_branch_suffix}", %W[git fetch origin #{ee_branch_suffix}])
+        return
       end
 
+      _, status = step("Fetching origin/#{ee_branch_suffix}", %W[git fetch origin #{ee_branch_suffix}])
+
       if status.zero?
         @ee_branch_found = ee_branch_suffix
       else
diff --git a/lib/gitlab/encoding_helper.rb b/lib/gitlab/encoding_helper.rb
index 781f9c56a42..8ddc91e341d 100644
--- a/lib/gitlab/encoding_helper.rb
+++ b/lib/gitlab/encoding_helper.rb
@@ -11,7 +11,7 @@ module Gitlab
     # obscure encoding with low confidence.
     # There is a lot more info with this merge request:
     # https://gitlab.com/gitlab-org/gitlab_git/merge_requests/77#note_4754193
-    ENCODING_CONFIDENCE_THRESHOLD = 40
+    ENCODING_CONFIDENCE_THRESHOLD = 50
 
     def encode!(message)
       return nil unless message.respond_to? :force_encoding
diff --git a/lib/gitlab/git/blame.rb b/lib/gitlab/git/blame.rb
index 8dbe25e55f6..31effdba292 100644
--- a/lib/gitlab/git/blame.rb
+++ b/lib/gitlab/git/blame.rb
@@ -16,7 +16,7 @@ module Gitlab
       def each
         @blames.each do |blame|
           yield(
-            Gitlab::Git::Commit.new(blame.commit),
+            Gitlab::Git::Commit.new(@repo, blame.commit),
             blame.line
           )
         end
diff --git a/lib/gitlab/git/commit.rb b/lib/gitlab/git/commit.rb
index 600d886e818..fd4dfdb09a2 100644
--- a/lib/gitlab/git/commit.rb
+++ b/lib/gitlab/git/commit.rb
@@ -14,7 +14,7 @@ module Gitlab
 
       attr_accessor *SERIALIZE_KEYS # rubocop:disable Lint/AmbiguousOperator
 
-      delegate :tree, to: :raw_commit
+      delegate :tree, to: :rugged_commit
 
       def ==(other)
         return false unless other.is_a?(Gitlab::Git::Commit)
@@ -50,19 +50,29 @@ module Gitlab
         #
         # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/321
         def find(repo, commit_id = "HEAD")
+          # Already a commit?
           return commit_id if commit_id.is_a?(Gitlab::Git::Commit)
-          return decorate(commit_id) if commit_id.is_a?(Rugged::Commit)
 
-          obj = if commit_id.is_a?(String)
-                  repo.rev_parse_target(commit_id)
-                else
-                  Gitlab::Git::Ref.dereference_object(commit_id)
-                end
+          # A rugged reference?
+          commit_id = Gitlab::Git::Ref.dereference_object(commit_id)
+          return decorate(repo, commit_id) if commit_id.is_a?(Rugged::Commit)
 
-          return nil unless obj.is_a?(Rugged::Commit)
+          # Some weird thing?
+          return nil unless commit_id.is_a?(String)
 
-          decorate(obj)
-        rescue Rugged::ReferenceError, Rugged::InvalidError, Rugged::ObjectError, Gitlab::Git::Repository::NoRepository
+          commit = repo.gitaly_migrate(:find_commit) do |is_enabled|
+            if is_enabled
+              repo.gitaly_commit_client.find_commit(commit_id)
+            else
+              obj = repo.rev_parse_target(commit_id)
+
+              obj.is_a?(Rugged::Commit) ? obj : nil
+            end
+          end
+
+          decorate(repo, commit) if commit
+        rescue Rugged::ReferenceError, Rugged::InvalidError, Rugged::ObjectError,
+               Gitlab::Git::CommandError, Gitlab::Git::Repository::NoRepository
           nil
         end
 
@@ -102,7 +112,7 @@ module Gitlab
             if is_enabled
               repo.gitaly_commit_client.between(base, head)
             else
-              repo.rugged_commits_between(base, head).map { |c| decorate(c) }
+              repo.rugged_commits_between(base, head).map { |c| decorate(repo, c) }
             end
           end
         rescue Rugged::ReferenceError
@@ -169,7 +179,7 @@ module Gitlab
           offset = actual_options[:skip]
           limit = actual_options[:max_count]
           walker.each(offset: offset, limit: limit) do |commit|
-            commits.push(decorate(commit))
+            commits.push(decorate(repo, commit))
           end
 
           walker.reset
@@ -183,27 +193,8 @@ module Gitlab
           Gitlab::GitalyClient::CommitService.new(repo).find_all_commits(options)
         end
 
-        def decorate(commit, ref = nil)
-          Gitlab::Git::Commit.new(commit, ref)
-        end
-
-        # Returns a diff object for the changes introduced by +rugged_commit+.
-        # If +rugged_commit+ doesn't have a parent, then the diff is between
-        # this commit and an empty repo.  See Repository#diff for the keys
-        # allowed in the +options+ hash.
-        def diff_from_parent(rugged_commit, options = {})
-          options ||= {}
-          break_rewrites = options[:break_rewrites]
-          actual_options = Gitlab::Git::Diff.filter_diff_options(options)
-
-          diff = if rugged_commit.parents.empty?
-                   rugged_commit.diff(actual_options.merge(reverse: true))
-                 else
-                   rugged_commit.parents[0].diff(rugged_commit, actual_options)
-                 end
-
-          diff.find_similar!(break_rewrites: break_rewrites)
-          diff
+        def decorate(repository, commit, ref = nil)
+          Gitlab::Git::Commit.new(repository, commit, ref)
         end
 
         # Returns the `Rugged` sorting type constant for one or more given
@@ -221,7 +212,7 @@ module Gitlab
         end
       end
 
-      def initialize(raw_commit, head = nil)
+      def initialize(repository, raw_commit, head = nil)
         raise "Nil as raw commit passed" unless raw_commit
 
         case raw_commit
@@ -229,12 +220,13 @@ module Gitlab
           init_from_hash(raw_commit)
         when Rugged::Commit
           init_from_rugged(raw_commit)
-        when Gitlab::GitalyClient::Commit
+        when Gitaly::GitCommit
           init_from_gitaly(raw_commit)
         else
           raise "Invalid raw commit type: #{raw_commit.class}"
         end
 
+        @repository = repository
         @head = head
       end
 
@@ -269,19 +261,50 @@ module Gitlab
       #
       # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/324
       def to_diff
-        diff_from_parent.patch
+        rugged_diff_from_parent.patch
       end
 
       # Returns a diff object for the changes from this commit's first parent.
       # If there is no parent, then the diff is between this commit and an
-      # empty repo.  See Repository#diff for keys allowed in the +options+
+      # empty repo. See Repository#diff for keys allowed in the +options+
       # hash.
       def diff_from_parent(options = {})
-        Commit.diff_from_parent(raw_commit, options)
+        Gitlab::GitalyClient.migrate(:commit_raw_diffs) do |is_enabled|
+          if is_enabled
+            @repository.gitaly_commit_client.diff_from_parent(self, options)
+          else
+            rugged_diff_from_parent(options)
+          end
+        end
+      end
+
+      def rugged_diff_from_parent(options = {})
+        options ||= {}
+        break_rewrites = options[:break_rewrites]
+        actual_options = Gitlab::Git::Diff.filter_diff_options(options)
+
+        diff = if rugged_commit.parents.empty?
+                 rugged_commit.diff(actual_options.merge(reverse: true))
+               else
+                 rugged_commit.parents[0].diff(rugged_commit, actual_options)
+               end
+
+        diff.find_similar!(break_rewrites: break_rewrites)
+        diff
       end
 
       def deltas
-        @deltas ||= diff_from_parent.each_delta.map { |d| Gitlab::Git::Diff.new(d) }
+        @deltas ||= begin
+          deltas = Gitlab::GitalyClient.migrate(:commit_deltas) do |is_enabled|
+            if is_enabled
+              @repository.gitaly_commit_client.commit_deltas(self)
+            else
+              rugged_diff_from_parent.each_delta
+            end
+          end
+
+          deltas.map { |delta| Gitlab::Git::Diff.new(delta) }
+        end
       end
 
       def has_zero_stats?
@@ -296,7 +319,7 @@ module Gitlab
 
       def to_hash
         serialize_keys.map.with_object({}) do |key, hash|
-          hash[key] = send(key)
+          hash[key] = send(key) # rubocop:disable GitlabSecurity/PublicSend
         end
       end
 
@@ -309,14 +332,7 @@ module Gitlab
       end
 
       def parents
-        case raw_commit
-        when Rugged::Commit
-          raw_commit.parents.map { |c| Gitlab::Git::Commit.new(c) }
-        when Gitlab::GitalyClient::Commit
-          parent_ids.map { |oid| self.class.find(raw_commit.repository, oid) }.compact
-        else
-          raise NotImplementedError, "commit source doesn't support #parents"
-        end
+        parent_ids.map { |oid| self.class.find(@repository, oid) }.compact
       end
 
       # Get the gpg signature of this commit.
@@ -334,7 +350,7 @@ module Gitlab
 
       def to_patch(options = {})
         begin
-          raw_commit.to_mbox(options)
+          rugged_commit.to_mbox(options)
         rescue Rugged::InvalidError => ex
           if ex.message =~ /commit \w+ is a merge commit/i
             'Patch format is not currently supported for merge commits.'
@@ -382,13 +398,21 @@ module Gitlab
         encode! @committer_email
       end
 
+      def rugged_commit
+        @rugged_commit ||= if raw_commit.is_a?(Rugged::Commit)
+                             raw_commit
+                           else
+                             @repository.rev_parse_target(id)
+                           end
+      end
+
       private
 
       def init_from_hash(hash)
         raw_commit = hash.symbolize_keys
 
         serialize_keys.each do |key|
-          send("#{key}=", raw_commit[key])
+          send("#{key}=", raw_commit[key]) # rubocop:disable GitlabSecurity/PublicSend
         end
       end
 
@@ -415,10 +439,10 @@ module Gitlab
         # subject from the message to make it clearer when there's one
         # available but not the other.
         @message = (commit.body.presence || commit.subject).dup
-        @authored_date = Time.at(commit.author.date.seconds)
+        @authored_date = Time.at(commit.author.date.seconds).utc
         @author_name = commit.author.name.dup
         @author_email = commit.author.email.dup
-        @committed_date = Time.at(commit.committer.date.seconds)
+        @committed_date = Time.at(commit.committer.date.seconds).utc
         @committer_name = commit.committer.name.dup
         @committer_email = commit.committer.email.dup
         @parent_ids = commit.parent_ids
diff --git a/lib/gitlab/git/commit_stats.rb b/lib/gitlab/git/commit_stats.rb
index 57c29ad112c..00acb4763e9 100644
--- a/lib/gitlab/git/commit_stats.rb
+++ b/lib/gitlab/git/commit_stats.rb
@@ -16,7 +16,7 @@ module Gitlab
         @deletions = 0
         @total = 0
 
-        diff = commit.diff_from_parent
+        diff = commit.rugged_diff_from_parent
 
         diff.each_patch do |p|
           # TODO: Use the new Rugged convenience methods when they're released
diff --git a/lib/gitlab/git/diff.rb b/lib/gitlab/git/diff.rb
index 9e00abefd02..ce3d65062e8 100644
--- a/lib/gitlab/git/diff.rb
+++ b/lib/gitlab/git/diff.rb
@@ -143,7 +143,7 @@ module Gitlab
         hash = {}
 
         SERIALIZE_KEYS.each do |key|
-          hash[key] = send(key)
+          hash[key] = send(key) # rubocop:disable GitlabSecurity/PublicSend
         end
 
         hash
@@ -221,7 +221,7 @@ module Gitlab
         raw_diff = hash.symbolize_keys
 
         SERIALIZE_KEYS.each do |key|
-          send(:"#{key}=", raw_diff[key.to_sym])
+          send(:"#{key}=", raw_diff[key.to_sym]) # rubocop:disable GitlabSecurity/PublicSend
         end
       end
 
diff --git a/lib/gitlab/git/diff_collection.rb b/lib/gitlab/git/diff_collection.rb
index 87ed9c3ea26..6a601561c2a 100644
--- a/lib/gitlab/git/diff_collection.rb
+++ b/lib/gitlab/git/diff_collection.rb
@@ -28,7 +28,6 @@ module Gitlab
         @limits = self.class.collection_limits(options)
         @enforce_limits = !!options.fetch(:limits, true)
         @expanded = !!options.fetch(:expanded, true)
-        @from_gitaly = options.fetch(:from_gitaly, false)
 
         @line_count = 0
         @byte_count = 0
@@ -44,7 +43,7 @@ module Gitlab
         return if @iterator.nil?
 
         Gitlab::GitalyClient.migrate(:commit_raw_diffs) do |is_enabled|
-          if is_enabled && @from_gitaly
+          if is_enabled && @iterator.is_a?(Gitlab::GitalyClient::DiffStitcher)
             each_gitaly_patch(&block)
           else
             each_rugged_patch(&block)
diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index f246393cfbc..38772d06dbd 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -321,7 +321,24 @@ module Gitlab
         options[:limit] ||= 0
         options[:offset] ||= 0
 
-        raw_log(options).map { |c| Commit.decorate(c) }
+        raw_log(options).map { |c| Commit.decorate(self, c) }
+      end
+
+      # Used in gitaly-ruby
+      def raw_log(options)
+        actual_ref = options[:ref] || root_ref
+        begin
+          sha = sha_from_ref(actual_ref)
+        rescue Rugged::OdbError, Rugged::InvalidError, Rugged::ReferenceError
+          # Return an empty array if the ref wasn't found
+          return []
+        end
+
+        if log_using_shell?(options)
+          log_by_shell(sha, options)
+        else
+          log_by_walk(sha, options)
+        end
       end
 
       def count_commits(options)
@@ -603,29 +620,13 @@ module Gitlab
       #
       # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/327
       def ls_files(ref)
-        actual_ref = ref || root_ref
-
-        begin
-          sha_from_ref(actual_ref)
-        rescue Rugged::OdbError, Rugged::InvalidError, Rugged::ReferenceError
-          # Return an empty array if the ref wasn't found
-          return []
-        end
-
-        cmd = %W(#{Gitlab.config.git.bin_path} --git-dir=#{path} ls-tree)
-        cmd += %w(-r)
-        cmd += %w(--full-tree)
-        cmd += %w(--full-name)
-        cmd += %W(-- #{actual_ref})
-
-        raw_output = IO.popen(cmd, &:read).split("\n").map do |f|
-          stuff, path = f.split("\t")
-          _mode, type, _sha = stuff.split(" ")
-          path if type == "blob"
-          # Contain only blob type
+        gitaly_migrate(:ls_files) do |is_enabled|
+          if is_enabled
+            gitaly_ls_files(ref)
+          else
+            git_ls_files(ref)
+          end
         end
-
-        raw_output.compact
       end
 
       # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/328
@@ -733,22 +734,6 @@ module Gitlab
         sort_branches(branches, sort_by)
       end
 
-      def raw_log(options)
-        actual_ref = options[:ref] || root_ref
-        begin
-          sha = sha_from_ref(actual_ref)
-        rescue Rugged::OdbError, Rugged::InvalidError, Rugged::ReferenceError
-          # Return an empty array if the ref wasn't found
-          return []
-        end
-
-        if log_using_shell?(options)
-          log_by_shell(sha, options)
-        else
-          log_by_walk(sha, options)
-        end
-      end
-
       def log_using_shell?(options)
         options[:path].present? ||
           options[:disable_walk] ||
@@ -826,6 +811,8 @@ module Gitlab
         return unless commit_object && commit_object.type == :COMMIT
 
         gitmodules = gitaly_commit_client.tree_entry(ref, '.gitmodules', Gitlab::Git::Blob::MAX_DATA_DISPLAY_SIZE)
+        return unless gitmodules
+
         found_module = GitmodulesParser.new(gitmodules.data).parse[path]
 
         found_module && found_module['url']
@@ -973,6 +960,36 @@ module Gitlab
 
         raw_output.to_i
       end
+
+      def gitaly_ls_files(ref)
+        gitaly_commit_client.ls_files(ref)
+      end
+
+      def git_ls_files(ref)
+        actual_ref = ref || root_ref
+
+        begin
+          sha_from_ref(actual_ref)
+        rescue Rugged::OdbError, Rugged::InvalidError, Rugged::ReferenceError
+          # Return an empty array if the ref wasn't found
+          return []
+        end
+
+        cmd = %W(#{Gitlab.config.git.bin_path} --git-dir=#{path} ls-tree)
+        cmd += %w(-r)
+        cmd += %w(--full-tree)
+        cmd += %w(--full-name)
+        cmd += %W(-- #{actual_ref})
+
+        raw_output = IO.popen(cmd, &:read).split("\n").map do |f|
+          stuff, path = f.split("\t")
+          _mode, type, _sha = stuff.split(" ")
+          path if type == "blob"
+          # Contain only blob type
+        end
+
+        raw_output.compact
+      end
     end
   end
 end
diff --git a/lib/gitlab/gitaly_client.rb b/lib/gitlab/gitaly_client.rb
index c90ef282fdd..70177cd0fec 100644
--- a/lib/gitlab/gitaly_client.rb
+++ b/lib/gitlab/gitaly_client.rb
@@ -100,5 +100,9 @@ module Gitlab
       path = Rails.root.join(SERVER_VERSION_FILE)
       path.read.chomp
     end
+
+    def self.encode(s)
+      s.dup.force_encoding(Encoding::ASCII_8BIT)
+    end
   end
 end
diff --git a/lib/gitlab/gitaly_client/commit.rb b/lib/gitlab/gitaly_client/commit.rb
deleted file mode 100644
index 61fe462d762..00000000000
--- a/lib/gitlab/gitaly_client/commit.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-module Gitlab
-  module GitalyClient
-    class Commit
-      attr_reader :repository, :gitaly_commit
-
-      delegate :id, :subject, :body, :author, :committer, :parent_ids, to: :gitaly_commit
-
-      def initialize(repository, gitaly_commit)
-        @repository = repository
-        @gitaly_commit = gitaly_commit
-      end
-    end
-  end
-end
diff --git a/lib/gitlab/gitaly_client/commit_service.rb b/lib/gitlab/gitaly_client/commit_service.rb
index 3f577ac8530..93268d9f33c 100644
--- a/lib/gitlab/gitaly_client/commit_service.rb
+++ b/lib/gitlab/gitaly_client/commit_service.rb
@@ -10,6 +10,18 @@ module Gitlab
         @repository = repository
       end
 
+      def ls_files(revision)
+        request = Gitaly::ListFilesRequest.new(
+          repository: @gitaly_repo,
+          revision: GitalyClient.encode(revision)
+        )
+
+        response = GitalyClient.call(@repository.storage, :commit_service, :list_files, request)
+        response.flat_map do |msg|
+          msg.paths.map { |d| d.dup.force_encoding(Encoding::UTF_8) }
+        end
+      end
+
       def is_ancestor(ancestor_id, child_id)
         request = Gitaly::CommitIsAncestorRequest.new(
           repository: @gitaly_repo,
@@ -29,22 +41,21 @@ module Gitlab
 
         request = Gitaly::CommitDiffRequest.new(request_params)
         response = GitalyClient.call(@repository.storage, :diff_service, :commit_diff, request)
-        Gitlab::Git::DiffCollection.new(GitalyClient::DiffStitcher.new(response), options.merge(from_gitaly: true))
+        GitalyClient::DiffStitcher.new(response)
       end
 
       def commit_deltas(commit)
         request = Gitaly::CommitDeltaRequest.new(commit_diff_request_params(commit))
         response = GitalyClient.call(@repository.storage, :diff_service, :commit_delta, request)
-        response.flat_map do |msg|
-          msg.deltas.map { |d| Gitlab::Git::Diff.new(d) }
-        end
+
+        response.flat_map { |msg| msg.deltas }
       end
 
       def tree_entry(ref, path, limit = nil)
         request = Gitaly::TreeEntryRequest.new(
           repository: @gitaly_repo,
           revision: ref,
-          path: path.dup.force_encoding(Encoding::ASCII_8BIT),
+          path: GitalyClient.encode(path),
           limit: limit.to_i
         )
 
@@ -100,15 +111,14 @@ module Gitlab
       def last_commit_for_path(revision, path)
         request = Gitaly::LastCommitForPathRequest.new(
           repository: @gitaly_repo,
-          revision: revision.force_encoding(Encoding::ASCII_8BIT),
-          path: path.to_s.force_encoding(Encoding::ASCII_8BIT)
+          revision: GitalyClient.encode(revision),
+          path: GitalyClient.encode(path.to_s)
         )
 
         gitaly_commit = GitalyClient.call(@repository.storage, :commit_service, :last_commit_for_path, request).commit
         return unless gitaly_commit
 
-        commit = GitalyClient::Commit.new(@repository, gitaly_commit)
-        Gitlab::Git::Commit.new(commit)
+        Gitlab::Git::Commit.new(@repository, gitaly_commit)
       end
 
       def between(from, to)
@@ -167,10 +177,21 @@ module Gitlab
         response.reduce("") { |memo, msg| memo << msg.data }
       end
 
+      def find_commit(revision)
+        request = Gitaly::FindCommitRequest.new(
+          repository: @gitaly_repo,
+          revision: GitalyClient.encode(revision)
+        )
+
+        response = GitalyClient.call(@repository.storage, :commit_service, :find_commit, request)
+
+        response.commit
+      end
+
       private
 
       def commit_diff_request_params(commit, options = {})
-        parent_id = commit.parents[0]&.id || EMPTY_TREE_ID
+        parent_id = commit.parent_ids.first || EMPTY_TREE_ID
 
         {
           repository: @gitaly_repo,
@@ -183,8 +204,7 @@ module Gitlab
       def consume_commits_response(response)
         response.flat_map do |message|
           message.commits.map do |gitaly_commit|
-            commit = GitalyClient::Commit.new(@repository, gitaly_commit)
-            Gitlab::Git::Commit.new(commit)
+            Gitlab::Git::Commit.new(@repository, gitaly_commit)
           end
         end
       end
diff --git a/lib/gitlab/gitaly_client/diff.rb b/lib/gitlab/gitaly_client/diff.rb
index d459c9a88fb..54df6304865 100644
--- a/lib/gitlab/gitaly_client/diff.rb
+++ b/lib/gitlab/gitaly_client/diff.rb
@@ -7,13 +7,13 @@ module Gitlab
 
       def initialize(params)
         params.each do |key, val|
-          public_send(:"#{key}=", val)
+          public_send(:"#{key}=", val) # rubocop:disable GitlabSecurity/PublicSend
         end
       end
 
       def ==(other)
         FIELDS.all? do |field|
-          public_send(field) == other.public_send(field)
+          public_send(field) == other.public_send(field) # rubocop:disable GitlabSecurity/PublicSend
         end
       end
     end
diff --git a/lib/gitlab/gitaly_client/ref_service.rb b/lib/gitlab/gitaly_client/ref_service.rb
index b0f7548b7dc..919fb68b8c7 100644
--- a/lib/gitlab/gitaly_client/ref_service.rb
+++ b/lib/gitlab/gitaly_client/ref_service.rb
@@ -16,8 +16,7 @@ module Gitlab
 
         response.flat_map do |message|
           message.branches.map do |branch|
-            gitaly_commit = GitalyClient::Commit.new(@repository, branch.target)
-            target_commit = Gitlab::Git::Commit.decorate(gitaly_commit)
+            target_commit = Gitlab::Git::Commit.decorate(@repository, branch.target)
             Gitlab::Git::Branch.new(@repository, branch.name, branch.target.id, target_commit)
           end
         end
@@ -102,8 +101,7 @@ module Gitlab
         response.flat_map do |message|
           message.tags.map do |gitaly_tag|
             if gitaly_tag.target_commit.present?
-              commit = GitalyClient::Commit.new(@repository, gitaly_tag.target_commit)
-              gitaly_commit = Gitlab::Git::Commit.new(commit)
+              gitaly_commit = Gitlab::Git::Commit.decorate(@repository, gitaly_tag.target_commit)
             end
 
             Gitlab::Git::Tag.new(
@@ -141,7 +139,7 @@ module Gitlab
           committer_email: response.commit_committer.email.dup
         }
 
-        Gitlab::Git::Commit.decorate(hash)
+        Gitlab::Git::Commit.decorate(@repository, hash)
       end
     end
   end
diff --git a/lib/gitlab/gitaly_client/repository_service.rb b/lib/gitlab/gitaly_client/repository_service.rb
index 79ce784f2f2..6ad97e62941 100644
--- a/lib/gitlab/gitaly_client/repository_service.rb
+++ b/lib/gitlab/gitaly_client/repository_service.rb
@@ -10,7 +10,7 @@ module Gitlab
       def exists?
         request = Gitaly::RepositoryExistsRequest.new(repository: @gitaly_repo)
 
-        GitalyClient.call(@storage, :repository_service, :exists, request).exists
+        GitalyClient.call(@storage, :repository_service, :repository_exists, request).exists
       end
 
       def garbage_collect(create_bitmap)
diff --git a/lib/gitlab/gitaly_client/util.rb b/lib/gitlab/gitaly_client/util.rb
index f5a4c5493ef..8fc937496af 100644
--- a/lib/gitlab/gitaly_client/util.rb
+++ b/lib/gitlab/gitaly_client/util.rb
@@ -5,7 +5,9 @@ module Gitlab
         def repository(repository_storage, relative_path)
           Gitaly::Repository.new(
             storage_name: repository_storage,
-            relative_path: relative_path
+            relative_path: relative_path,
+            git_object_directory: Gitlab::Git::Env['GIT_OBJECT_DIRECTORY'].to_s,
+            git_alternate_object_directories: Array.wrap(Gitlab::Git::Env['GIT_ALTERNATE_OBJECT_DIRECTORIES'])
           )
         end
       end
diff --git a/lib/gitlab/gitlab_import/client.rb b/lib/gitlab/gitlab_import/client.rb
index 86fb6c51765..f1007daab5d 100644
--- a/lib/gitlab/gitlab_import/client.rb
+++ b/lib/gitlab/gitlab_import/client.rb
@@ -71,7 +71,7 @@ module Gitlab
       end
 
       def config
-        Gitlab.config.omniauth.providers.find{|provider| provider.name == "gitlab"}
+        Gitlab.config.omniauth.providers.find {|provider| provider.name == "gitlab"}
       end
 
       def gitlab_options
diff --git a/lib/gitlab/gpg.rb b/lib/gitlab/gpg.rb
index e1d1724295a..45e9f9d65ae 100644
--- a/lib/gitlab/gpg.rb
+++ b/lib/gitlab/gpg.rb
@@ -2,6 +2,8 @@ module Gitlab
   module Gpg
     extend self
 
+    MUTEX = Mutex.new
+
     module CurrentKeyChain
       extend self
 
@@ -42,21 +44,37 @@ module Gitlab
       end
     end
 
-    def using_tmp_keychain
-      Dir.mktmpdir do |dir|
-        @original_dirs ||= [GPGME::Engine.dirinfo('homedir')]
-        @original_dirs.push(dir)
-
-        GPGME::Engine.home_dir = dir
-
-        return_value = yield
+    # Allows thread safe switching of temporary keychain files
+    #
+    # 1. The current thread may use nesting of temporary keychain
+    # 2. Another thread needs to wait for the lock to be released
+    def using_tmp_keychain(&block)
+      if MUTEX.locked? && MUTEX.owned?
+        optimistic_using_tmp_keychain(&block)
+      else
+        MUTEX.synchronize do
+          optimistic_using_tmp_keychain(&block)
+        end
+      end
+    end
 
-        @original_dirs.pop
+    # 1. Returns the custom home directory if one has been set by calling
+    #    `GPGME::Engine.home_dir=`
+    # 2. Returns the default home directory otherwise
+    def current_home_dir
+      GPGME::Engine.info.first.home_dir || GPGME::Engine.dirinfo('homedir')
+    end
 
-        GPGME::Engine.home_dir = @original_dirs[-1]
+    private
 
-        return_value
+    def optimistic_using_tmp_keychain
+      previous_dir = current_home_dir
+      Dir.mktmpdir do |dir|
+        GPGME::Engine.home_dir = dir
+        yield
       end
+    ensure
+      GPGME::Engine.home_dir = previous_dir
     end
   end
 end
diff --git a/lib/gitlab/import_export/file_importer.rb b/lib/gitlab/import_export/file_importer.rb
index ffd17118c91..989342389bc 100644
--- a/lib/gitlab/import_export/file_importer.rb
+++ b/lib/gitlab/import_export/file_importer.rb
@@ -47,12 +47,16 @@ module Gitlab
       end
 
       def remove_symlinks!
-        Dir["#{@shared.export_path}/**/*"].each do |path|
+        extracted_files.each do |path|
           FileUtils.rm(path) if File.lstat(path).symlink?
         end
 
         true
       end
+
+      def extracted_files
+        Dir.glob("#{@shared.export_path}/**/*", File::FNM_DOTMATCH).reject { |f| f =~ /.*\/\.{1,2}$/ }
+      end
     end
   end
 end
diff --git a/lib/gitlab/import_export/import_export.yml b/lib/gitlab/import_export/import_export.yml
index c8ad3a7a5e0..9d9ebcb389a 100644
--- a/lib/gitlab/import_export/import_export.yml
+++ b/lib/gitlab/import_export/import_export.yml
@@ -3,18 +3,22 @@ project_tree:
   - labels:
       :priorities
   - milestones:
-    - :events
+    - events:
+      - :push_event_payload
   - issues:
-    - :events
+    - events:
+      - :push_event_payload
     - :timelogs
     - notes:
       - :author
-      - :events
+      - events:
+        - :push_event_payload
     - label_links:
       - label:
           :priorities
     - milestone:
-      - :events
+      - events:
+        - :push_event_payload
   - snippets:
     - :award_emoji
     - notes:
@@ -25,21 +29,25 @@ project_tree:
   - merge_requests:
     - notes:
       - :author
-      - :events
+      - events:
+        - :push_event_payload
     - merge_request_diff:
       - :merge_request_diff_commits
       - :merge_request_diff_files
-    - :events
+    - events:
+      - :push_event_payload
     - :timelogs
     - label_links:
       - label:
           :priorities
     - milestone:
-      - :events
+      - events:
+        - :push_event_payload
   - pipelines:
     - notes:
       - :author
-      - :events
+      - events:
+        - :push_event_payload
     - :stages
     - :statuses
   - :triggers
@@ -101,11 +109,14 @@ excluded_attributes:
   merge_requests:
     - :milestone_id
     - :ref_fetched
+    - :merge_jid
   award_emoji:
     - :awardable_id
   statuses:
     - :trace
     - :token
+  push_event_payload:
+    - :event_id
 
 methods:
   labels:
diff --git a/lib/gitlab/middleware/webpack_proxy.rb b/lib/gitlab/middleware/webpack_proxy.rb
index 6105d165810..6aecf63231f 100644
--- a/lib/gitlab/middleware/webpack_proxy.rb
+++ b/lib/gitlab/middleware/webpack_proxy.rb
@@ -1,6 +1,7 @@
 # This Rack middleware is intended to proxy the webpack assets directory to the
 # webpack-dev-server.  It is only intended for use in development.
 
+# :nocov:
 module Gitlab
   module Middleware
     class WebpackProxy < Rack::Proxy
@@ -22,3 +23,4 @@ module Gitlab
     end
   end
 end
+# :nocov:
diff --git a/lib/gitlab/o_auth/session.rb b/lib/gitlab/o_auth/session.rb
index f33bfd0bd0e..30739f2a2c5 100644
--- a/lib/gitlab/o_auth/session.rb
+++ b/lib/gitlab/o_auth/session.rb
@@ -1,3 +1,4 @@
+# :nocov:
 module Gitlab
   module OAuth
     module Session
@@ -15,3 +16,4 @@ module Gitlab
     end
   end
 end
+# :nocov:
diff --git a/lib/gitlab/project_template.rb b/lib/gitlab/project_template.rb
index cf461adf697..732fbf68dad 100644
--- a/lib/gitlab/project_template.rb
+++ b/lib/gitlab/project_template.rb
@@ -25,7 +25,9 @@ module Gitlab
     end
 
     TEMPLATES_TABLE = [
-      ProjectTemplate.new('rails', 'Ruby on Rails')
+      ProjectTemplate.new('rails', 'Ruby on Rails'),
+      ProjectTemplate.new('spring', 'Spring'),
+      ProjectTemplate.new('express', 'NodeJS Express')
     ].freeze
 
     class << self
diff --git a/lib/gitlab/reference_extractor.rb b/lib/gitlab/reference_extractor.rb
index f5b757ace77..bc836dcc08d 100644
--- a/lib/gitlab/reference_extractor.rb
+++ b/lib/gitlab/reference_extractor.rb
@@ -45,7 +45,7 @@ module Gitlab
     end
 
     def all
-      REFERABLES.each { |referable| send(referable.to_s.pluralize) }
+      REFERABLES.each { |referable| send(referable.to_s.pluralize) } # rubocop:disable GitlabSecurity/PublicSend
       @references.values.flatten
     end
 
diff --git a/lib/gitlab/seeder.rb b/lib/gitlab/seeder.rb
index 823f697f51c..f9ab9bd466f 100644
--- a/lib/gitlab/seeder.rb
+++ b/lib/gitlab/seeder.rb
@@ -1,3 +1,4 @@
+# :nocov:
 module DeliverNever
   def deliver_later
     self
@@ -21,3 +22,4 @@ module Gitlab
     end
   end
 end
+# :nocov:
diff --git a/lib/gitlab/url_blocker.rb b/lib/gitlab/url_blocker.rb
index 7e14a566696..fee1a127fd7 100644
--- a/lib/gitlab/url_blocker.rb
+++ b/lib/gitlab/url_blocker.rb
@@ -19,6 +19,8 @@ module Gitlab
           return false if internal?(uri)
 
           return true if blocked_port?(uri.port)
+          return true if blocked_user_or_hostname?(uri.user)
+          return true if blocked_user_or_hostname?(uri.hostname)
 
           server_ips = Resolv.getaddresses(uri.hostname)
           return true if (blocked_ips & server_ips).any?
@@ -37,6 +39,12 @@ module Gitlab
         port < 1024 && !VALID_PORTS.include?(port)
       end
 
+      def blocked_user_or_hostname?(value)
+        return false if value.blank?
+
+        value !~ /\A\p{Alnum}/
+      end
+
       def internal?(uri)
         internal_web?(uri) || internal_shell?(uri)
       end
diff --git a/lib/gitlab/workhorse.rb b/lib/gitlab/workhorse.rb
index 3f25e463412..a362a3a0bc6 100644
--- a/lib/gitlab/workhorse.rb
+++ b/lib/gitlab/workhorse.rb
@@ -45,7 +45,6 @@ module Gitlab
                             raise "Unsupported action: #{action}"
                           end
         if feature_enabled
-          params[:GitalyAddress] = server[:address] # This field will be deprecated
           params[:GitalyServer] = server
         end
 
diff --git a/lib/haml_lint/inline_javascript.rb b/lib/haml_lint/inline_javascript.rb
index f3ddcbb9c95..05668c69006 100644
--- a/lib/haml_lint/inline_javascript.rb
+++ b/lib/haml_lint/inline_javascript.rb
@@ -1,14 +1,16 @@
-require 'haml_lint/haml_visitor'
-require 'haml_lint/linter'
-require 'haml_lint/linter_registry'
+unless Rails.env.production?
+  require 'haml_lint/haml_visitor'
+  require 'haml_lint/linter'
+  require 'haml_lint/linter_registry'
 
-module HamlLint
-  class Linter::InlineJavaScript < Linter
-    include LinterRegistry
+  module HamlLint
+    class Linter::InlineJavaScript < Linter
+      include LinterRegistry
 
-    def visit_filter(node)
-      return unless node.filter_type == 'javascript'
-      record_lint(node, 'Inline JavaScript is discouraged (https://docs.gitlab.com/ee/development/gotchas.html#do-not-use-inline-javascript-in-views)')
+      def visit_filter(node)
+        return unless node.filter_type == 'javascript'
+        record_lint(node, 'Inline JavaScript is discouraged (https://docs.gitlab.com/ee/development/gotchas.html#do-not-use-inline-javascript-in-views)')
+      end
     end
   end
 end
diff --git a/lib/rspec_flaky/example.rb b/lib/rspec_flaky/example.rb
new file mode 100644
index 00000000000..b6e790cbbab
--- /dev/null
+++ b/lib/rspec_flaky/example.rb
@@ -0,0 +1,46 @@
+module RspecFlaky
+  # This is a wrapper class for RSpec::Core::Example
+  class Example
+    delegate :status, :exception, to: :execution_result
+
+    def initialize(rspec_example)
+      @rspec_example = rspec_example.try(:example) || rspec_example
+    end
+
+    def uid
+      @uid ||= Digest::MD5.hexdigest("#{description}-#{file}")
+    end
+
+    def example_id
+      rspec_example.id
+    end
+
+    def file
+      metadata[:file_path]
+    end
+
+    def line
+      metadata[:line_number]
+    end
+
+    def description
+      metadata[:full_description]
+    end
+
+    def attempts
+      rspec_example.try(:attempts) || 1
+    end
+
+    private
+
+    attr_reader :rspec_example
+
+    def metadata
+      rspec_example.metadata
+    end
+
+    def execution_result
+      rspec_example.execution_result
+    end
+  end
+end
diff --git a/lib/rspec_flaky/flaky_example.rb b/lib/rspec_flaky/flaky_example.rb
new file mode 100644
index 00000000000..f81fb90e870
--- /dev/null
+++ b/lib/rspec_flaky/flaky_example.rb
@@ -0,0 +1,39 @@
+module RspecFlaky
+  # This represents a flaky RSpec example and is mainly meant to be saved in a JSON file
+  class FlakyExample < OpenStruct
+    def initialize(example)
+      if example.respond_to?(:example_id)
+        super(
+          example_id: example.example_id,
+          file: example.file,
+          line: example.line,
+          description: example.description,
+          last_attempts_count: example.attempts,
+          flaky_reports: 1)
+      else
+        super
+      end
+    end
+
+    def first_flaky_at
+      self[:first_flaky_at] || Time.now
+    end
+
+    def last_flaky_at
+      Time.now
+    end
+
+    def last_flaky_job
+      return unless ENV['CI_PROJECT_URL'] && ENV['CI_JOB_ID']
+
+      "#{ENV['CI_PROJECT_URL']}/-/jobs/#{ENV['CI_JOB_ID']}"
+    end
+
+    def to_h
+      super.merge(
+        first_flaky_at: first_flaky_at,
+        last_flaky_at: last_flaky_at,
+        last_flaky_job: last_flaky_job)
+    end
+  end
+end
diff --git a/lib/rspec_flaky/listener.rb b/lib/rspec_flaky/listener.rb
new file mode 100644
index 00000000000..ec2fbd9e36c
--- /dev/null
+++ b/lib/rspec_flaky/listener.rb
@@ -0,0 +1,75 @@
+require 'json'
+
+module RspecFlaky
+  class Listener
+    attr_reader :all_flaky_examples, :new_flaky_examples
+
+    def initialize
+      @new_flaky_examples = {}
+      @all_flaky_examples = init_all_flaky_examples
+    end
+
+    def example_passed(notification)
+      current_example = RspecFlaky::Example.new(notification.example)
+
+      return unless current_example.attempts > 1
+
+      flaky_example_hash = all_flaky_examples[current_example.uid]
+
+      all_flaky_examples[current_example.uid] =
+        if flaky_example_hash
+          FlakyExample.new(flaky_example_hash).tap do |ex|
+            ex.last_attempts_count = current_example.attempts
+            ex.flaky_reports += 1
+          end
+        else
+          FlakyExample.new(current_example).tap do |ex|
+            new_flaky_examples[current_example.uid] = ex
+          end
+        end
+    end
+
+    def dump_summary(_)
+      write_report_file(all_flaky_examples, all_flaky_examples_report_path)
+
+      if new_flaky_examples.any?
+        Rails.logger.warn "\nNew flaky examples detected:\n"
+        Rails.logger.warn JSON.pretty_generate(to_report(new_flaky_examples))
+
+        write_report_file(new_flaky_examples, new_flaky_examples_report_path)
+      end
+    end
+
+    def to_report(examples)
+      Hash[examples.map { |k, ex| [k, ex.to_h] }]
+    end
+
+    private
+
+    def init_all_flaky_examples
+      return {} unless File.exist?(all_flaky_examples_report_path)
+
+      all_flaky_examples = JSON.parse(File.read(all_flaky_examples_report_path))
+
+      Hash[(all_flaky_examples || {}).map { |k, ex| [k, FlakyExample.new(ex)] }]
+    end
+
+    def write_report_file(examples, file_path)
+      return unless ENV['FLAKY_RSPEC_GENERATE_REPORT'] == 'true'
+
+      report_path_dir = File.dirname(file_path)
+      FileUtils.mkdir_p(report_path_dir) unless Dir.exist?(report_path_dir)
+      File.write(file_path, JSON.pretty_generate(to_report(examples)))
+    end
+
+    def all_flaky_examples_report_path
+      @all_flaky_examples_report_path ||= ENV['ALL_FLAKY_RSPEC_REPORT_PATH'] ||
+        Rails.root.join("rspec_flaky/all-report.json")
+    end
+
+    def new_flaky_examples_report_path
+      @new_flaky_examples_report_path ||= ENV['NEW_FLAKY_RSPEC_REPORT_PATH'] ||
+        Rails.root.join("rspec_flaky/new-report.json")
+    end
+  end
+end
diff --git a/lib/static_model.rb b/lib/static_model.rb
index 185921d8fbe..60e2dd82e4e 100644
--- a/lib/static_model.rb
+++ b/lib/static_model.rb
@@ -18,7 +18,7 @@ module StaticModel
   #
   # Pass it along if we respond to it.
   def [](key)
-    send(key) if respond_to?(key)
+    send(key) if respond_to?(key) # rubocop:disable GitlabSecurity/PublicSend
   end
 
   def to_param
diff --git a/lib/support/nginx/gitlab b/lib/support/nginx/gitlab
index f25e66d54c8..54f51d9d633 100644
--- a/lib/support/nginx/gitlab
+++ b/lib/support/nginx/gitlab
@@ -25,6 +25,39 @@ map $http_upgrade $connection_upgrade_gitlab {
     ''      close;
 }
 
+## NGINX 'combined' log format with filtered query strings
+log_format gitlab_access $remote_addr - $remote_user [$time_local] "$request_method $gitlab_filtered_request_uri $server_protocol" $status $body_bytes_sent "$gitlab_filtered_http_referer" "$http_user_agent";
+
+## Remove private_token from the request URI
+# In:  /foo?private_token=unfiltered&authenticity_token=unfiltered&rss_token=unfiltered&...
+# Out: /foo?private_token=[FILTERED]&authenticity_token=unfiltered&rss_token=unfiltered&...
+map $request_uri $gitlab_temp_request_uri_1 {
+  default $request_uri;
+  ~(?i)^(?<start>.*)(?<temp>[\?&]private[\-_]token)=[^&]*(?<rest>.*)$ "$start$temp=[FILTERED]$rest";
+}
+
+## Remove authenticity_token from the request URI
+# In:  /foo?private_token=[FILTERED]&authenticity_token=unfiltered&rss_token=unfiltered&...
+# Out: /foo?private_token=[FILTERED]&authenticity_token=[FILTERED]&rss_token=unfiltered&...
+map $gitlab_temp_request_uri_1 $gitlab_temp_request_uri_2 {
+  default $gitlab_temp_request_uri_1;
+  ~(?i)^(?<start>.*)(?<temp>[\?&]authenticity[\-_]token)=[^&]*(?<rest>.*)$ "$start$temp=[FILTERED]$rest";
+}
+
+## Remove rss_token from the request URI
+# In:  /foo?private_token=[FILTERED]&authenticity_token=[FILTERED]&rss_token=unfiltered&...
+# Out: /foo?private_token=[FILTERED]&authenticity_token=[FILTERED]&rss_token=[FILTERED]&...
+map $gitlab_temp_request_uri_2 $gitlab_filtered_request_uri {
+  default $gitlab_temp_request_uri_2;
+  ~(?i)^(?<start>.*)(?<temp>[\?&]rss[\-_]token)=[^&]*(?<rest>.*)$ "$start$temp=[FILTERED]$rest";
+}
+
+## A version of the referer without the query string
+map $http_referer $gitlab_filtered_http_referer {
+  default $http_referer;
+  ~^(?<temp>.*)\? $temp;
+}
+
 ## Normal HTTP host
 server {
   ## Either remove "default_server" from the listen line below,
@@ -46,7 +79,7 @@ server {
   # set_real_ip_from YOUR_TRUSTED_ADDRESS; ## Replace this with something like 192.168.1.0/24
 
   ## Individual nginx logs for this GitLab vhost
-  access_log  /var/log/nginx/gitlab_access.log;
+  access_log  /var/log/nginx/gitlab_access.log gitlab_access;
   error_log   /var/log/nginx/gitlab_error.log;
 
   location / {
diff --git a/lib/support/nginx/gitlab-pages b/lib/support/nginx/gitlab-pages
index d9746c5c1aa..875c8bcbf3c 100644
--- a/lib/support/nginx/gitlab-pages
+++ b/lib/support/nginx/gitlab-pages
@@ -18,8 +18,11 @@ server {
     proxy_set_header    X-Real-IP           $remote_addr;
     proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
     proxy_set_header    X-Forwarded-Proto   $scheme;
+
+    proxy_cache off;
+
     # The same address as passed to GitLab Pages: `-listen-proxy`
-    proxy_pass          http://localhost:8090/;
+    proxy_pass http://localhost:8090/;
   }
 
   # Define custom error pages
diff --git a/lib/support/nginx/gitlab-pages-ssl b/lib/support/nginx/gitlab-pages-ssl
index a1ccf266835..62ed482e2bf 100644
--- a/lib/support/nginx/gitlab-pages-ssl
+++ b/lib/support/nginx/gitlab-pages-ssl
@@ -67,8 +67,11 @@ server {
     proxy_set_header    X-Real-IP           $remote_addr;
     proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
     proxy_set_header    X-Forwarded-Proto   $scheme;
+
+    proxy_cache off;
+
     # The same address as passed to GitLab Pages: `-listen-proxy`
-    proxy_pass          http://localhost:8090/;
+    proxy_pass http://localhost:8090/;
   }
 
   # Define custom error pages
diff --git a/lib/support/nginx/gitlab-ssl b/lib/support/nginx/gitlab-ssl
index 2b40da18bab..ed8131ef24f 100644
--- a/lib/support/nginx/gitlab-ssl
+++ b/lib/support/nginx/gitlab-ssl
@@ -29,6 +29,41 @@ map $http_upgrade $connection_upgrade_gitlab_ssl {
     ''      close;
 }
 
+
+## NGINX 'combined' log format with filtered query strings
+log_format gitlab_ssl_access $remote_addr - $remote_user [$time_local] "$request_method $gitlab_ssl_filtered_request_uri $server_protocol" $status $body_bytes_sent "$gitlab_ssl_filtered_http_referer" "$http_user_agent";
+
+## Remove private_token from the request URI
+# In:  /foo?private_token=unfiltered&authenticity_token=unfiltered&rss_token=unfiltered&...
+# Out: /foo?private_token=[FILTERED]&authenticity_token=unfiltered&rss_token=unfiltered&...
+map $request_uri $gitlab_ssl_temp_request_uri_1 {
+  default $request_uri;
+  ~(?i)^(?<start>.*)(?<temp>[\?&]private[\-_]token)=[^&]*(?<rest>.*)$ "$start$temp=[FILTERED]$rest";
+}
+
+## Remove authenticity_token from the request URI
+# In:  /foo?private_token=[FILTERED]&authenticity_token=unfiltered&rss_token=unfiltered&...
+# Out: /foo?private_token=[FILTERED]&authenticity_token=[FILTERED]&rss_token=unfiltered&...
+map $gitlab_ssl_temp_request_uri_1 $gitlab_ssl_temp_request_uri_2 {
+  default $gitlab_ssl_temp_request_uri_1;
+  ~(?i)^(?<start>.*)(?<temp>[\?&]authenticity[\-_]token)=[^&]*(?<rest>.*)$ "$start$temp=[FILTERED]$rest";
+}
+
+## Remove rss_token from the request URI
+# In:  /foo?private_token=[FILTERED]&authenticity_token=[FILTERED]&rss_token=unfiltered&...
+# Out: /foo?private_token=[FILTERED]&authenticity_token=[FILTERED]&rss_token=[FILTERED]&...
+map $gitlab_ssl_temp_request_uri_2 $gitlab_ssl_filtered_request_uri {
+  default $gitlab_ssl_temp_request_uri_2;
+  ~(?i)^(?<start>.*)(?<temp>[\?&]rss[\-_]token)=[^&]*(?<rest>.*)$ "$start$temp=[FILTERED]$rest";
+}
+
+## A version of the referer without the query string
+map $http_referer $gitlab_ssl_filtered_http_referer {
+  default $http_referer;
+  ~^(?<temp>.*)\? $temp;
+}
+
+
 ## Redirects all HTTP traffic to the HTTPS host
 server {
   ## Either remove "default_server" from the listen line below,
@@ -40,7 +75,7 @@ server {
   server_name YOUR_SERVER_FQDN; ## Replace this with something like gitlab.example.com
   server_tokens off; ## Don't show the nginx version number, a security best practice
   return 301 https://$http_host$request_uri;
-  access_log  /var/log/nginx/gitlab_access.log;
+  access_log  /var/log/nginx/gitlab_access.log gitlab_ssl_access;
   error_log   /var/log/nginx/gitlab_error.log;
 }
 
@@ -93,7 +128,7 @@ server {
   # set_real_ip_from YOUR_TRUSTED_ADDRESS; ## Replace this with something like 192.168.1.0/24
 
   ## Individual nginx logs for this GitLab vhost
-  access_log  /var/log/nginx/gitlab_access.log;
+  access_log  /var/log/nginx/gitlab_access.log gitlab_ssl_access;
   error_log   /var/log/nginx/gitlab_error.log;
 
   location / {
diff --git a/lib/tasks/gitlab/check.rake b/lib/tasks/gitlab/check.rake
index dbb3b827b9a..1bd36bbe20a 100644
--- a/lib/tasks/gitlab/check.rake
+++ b/lib/tasks/gitlab/check.rake
@@ -41,8 +41,6 @@ namespace :gitlab do
   end
 
   namespace :gitlab_shell do
-    include SystemCheck::Helpers
-
     desc "GitLab | Check the configuration of GitLab Shell"
     task check: :environment  do
       warn_user_is_not_gitlab
@@ -249,8 +247,6 @@ namespace :gitlab do
   end
 
   namespace :sidekiq do
-    include SystemCheck::Helpers
-
     desc "GitLab | Check the configuration of Sidekiq"
     task check: :environment  do
       warn_user_is_not_gitlab
@@ -309,8 +305,6 @@ namespace :gitlab do
   end
 
   namespace :incoming_email do
-    include SystemCheck::Helpers
-
     desc "GitLab | Check the configuration of Reply by email"
     task check: :environment  do
       warn_user_is_not_gitlab
@@ -444,8 +438,6 @@ namespace :gitlab do
   end
 
   namespace :ldap do
-    include SystemCheck::Helpers
-
     task :check, [:limit] => :environment do |_, args|
       # Only show up to 100 results because LDAP directories can be very big.
       # This setting only affects the `rake gitlab:check` script.
@@ -501,8 +493,6 @@ namespace :gitlab do
   end
 
   namespace :repo do
-    include SystemCheck::Helpers
-
     desc "GitLab | Check the integrity of the repositories managed by GitLab"
     task check: :environment do
       Gitlab.config.repositories.storages.each do |name, repository_storage|
@@ -517,8 +507,6 @@ namespace :gitlab do
   end
 
   namespace :user do
-    include SystemCheck::Helpers
-
     desc "GitLab | Check the integrity of a specific user's repositories"
     task :check_repos, [:username] => :environment do |t, args|
       username = args[:username] || prompt("Check repository integrity for fsername? ".color(:blue))
diff --git a/lib/tasks/gitlab/gitaly.rake b/lib/tasks/gitlab/gitaly.rake
index 7d35e0df53a..e337c67a0f5 100644
--- a/lib/tasks/gitlab/gitaly.rake
+++ b/lib/tasks/gitlab/gitaly.rake
@@ -15,13 +15,17 @@ namespace :gitlab do
       checkout_or_clone_version(version: version, repo: args.repo, target_dir: args.dir)
 
       _, status = Gitlab::Popen.popen(%w[which gmake])
-      command = status.zero? ? 'gmake' : 'make'
+      command = status.zero? ? ['gmake'] : ['make']
+
+      if Rails.env.test?
+        command += %W[BUNDLE_PATH=#{Bundler.bundle_path}] 
+      end
 
       Dir.chdir(args.dir) do
         create_gitaly_configuration
         # In CI we run scripts/gitaly-test-build instead of this command
         unless ENV['CI'].present?
-          Bundler.with_original_env { run_command!([command]) }
+          Bundler.with_original_env { run_command!(%w[/usr/bin/env -u RUBYOPT -u BUNDLE_GEMFILE] + command) }
         end
       end
     end
diff --git a/lib/tasks/gitlab/helpers.rake b/lib/tasks/gitlab/helpers.rake
index dd2d5861481..b0a24790c4a 100644
--- a/lib/tasks/gitlab/helpers.rake
+++ b/lib/tasks/gitlab/helpers.rake
@@ -4,5 +4,5 @@ require 'tasks/gitlab/task_helpers'
 StateMachines::Machine.ignore_method_conflicts = true if ENV['CRON']
 
 namespace :gitlab do
-  include Gitlab::TaskHelpers
+  extend SystemCheck::Helpers
 end
diff --git a/lib/tasks/gitlab/task_helpers.rb b/lib/tasks/gitlab/task_helpers.rb
index 28b2d86eed2..d85b810ac66 100644
--- a/lib/tasks/gitlab/task_helpers.rb
+++ b/lib/tasks/gitlab/task_helpers.rb
@@ -5,6 +5,8 @@ module Gitlab
   TaskAbortedByUserError = Class.new(StandardError)
 
   module TaskHelpers
+    extend self
+
     # Ask if the user wants to continue
     #
     # Returns "yes" the user chose to continue
diff --git a/lib/tasks/gitlab/update_templates.rake b/lib/tasks/gitlab/update_templates.rake
index a7e30423c7a..f44abc2b81b 100644
--- a/lib/tasks/gitlab/update_templates.rake
+++ b/lib/tasks/gitlab/update_templates.rake
@@ -21,13 +21,18 @@ namespace :gitlab do
       params = {
         import_url: template.clone_url,
         namespace_id: admin.namespace.id,
-        path: template.title,
+        path: template.name,
         skip_wiki: true
       }
 
-      puts "Creating project for #{template.name}"
+      puts "Creating project for #{template.title}"
       project = Projects::CreateService.new(admin, params).execute
 
+      unless project.persisted?
+        puts project.errors.messages
+        exit(1)
+      end
+
       loop do
         if project.finished?
           puts "Import finished for #{template.name}"
diff --git a/locale/bg/gitlab.po b/locale/bg/gitlab.po
index 85d806e6f20..5c531f0cd7d 100644
--- a/locale/bg/gitlab.po
+++ b/locale/bg/gitlab.po
@@ -1163,22 +1163,11 @@ msgstr "��ма до�татъчно данни за този етап."
 msgid "Withdraw Access Request"
 msgstr "Оттегл�не на за�вката за до�тъп"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"�а път �те да премахнете „%{group_name}“.\n"
-"�ко � премахнете, групата �Е може да бъде въз�тановена!\n"
-"��ИСТИ�� ли и�кате това?"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "�а път �те да премахнете „%{group_name}“. �ко � премахнете, групата �Е може да бъде въз�тановена! ��ИСТИ�� ли и�кате това?"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"�а път �те да премахнете „%{project_name_with_namespace}“.\n"
-"�ко го премахнете, той �Е може да бъде въз�тановен!\n"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "�а път �те да премахнете „%{project_name_with_namespace}“. �ко го премахнете, той �Е може да бъде въз�тановен!"
 "��ИСТИ�� ли и�кате това?"
 
 msgid ""
diff --git a/locale/en/gitlab.po b/locale/en/gitlab.po
index 46bf4e33997..0ac591d4927 100644
--- a/locale/en/gitlab.po
+++ b/locale/en/gitlab.po
@@ -17,17 +17,34 @@ msgstr ""
 "Plural-Forms: nplurals=2; plural=n != 1;\n"
 "\n"
 
+msgid "%d commit"
+msgid_plural "%d commits"
+msgstr[0] ""
+msgstr[1] ""
+
 msgid "%s additional commit has been omitted to prevent performance issues."
 msgid_plural "%s additional commits have been omitted to prevent performance issues."
 msgstr[0] ""
 msgstr[1] ""
 
-msgid "%d commit"
-msgid_plural "%d commits"
+msgid "%{commit_author_link} committed %{commit_timeago}"
+msgstr ""
+
+msgid "%{number_of_failures} of %{maximum_failures} failures. GitLab will allow access on the next attempt."
+msgstr ""
+
+msgid "%{number_of_failures} of %{maximum_failures} failures. GitLab will block access for %{number_of_seconds} seconds."
+msgstr ""
+
+msgid "%{number_of_failures} of %{maximum_failures} failures. GitLab will not retry automatically. Reset storage information when the problem is resolved."
+msgstr ""
+
+msgid "%{storage_name}: failed storage access attempt on host:"
+msgid_plural "%{storage_name}: %{failed_attempts} failed storage access attempts:"
 msgstr[0] ""
 msgstr[1] ""
 
-msgid "%{commit_author_link} committed %{commit_timeago}"
+msgid "(checkout the %{link} for information on how to install it)."
 msgstr ""
 
 msgid "1 pipeline"
@@ -41,6 +58,9 @@ msgstr ""
 msgid "About auto deploy"
 msgstr ""
 
+msgid "Access to failing storages has been temporarily disabled to allow the mount to recover. Reset storage information after the issue has been resolved to allow access again."
+msgstr ""
+
 msgid "Active"
 msgstr ""
 
@@ -68,6 +88,18 @@ msgstr ""
 msgid "Are you sure you want to delete this pipeline schedule?"
 msgstr ""
 
+msgid "Are you sure you want to discard your changes?"
+msgstr ""
+
+msgid "Are you sure you want to reset registration token?"
+msgstr ""
+
+msgid "Are you sure you want to reset the health check token?"
+msgstr ""
+
+msgid "Are you sure?"
+msgstr ""
+
 msgid "Attach a file by drag &amp; drop or %{upload_link}"
 msgstr ""
 
@@ -109,6 +141,9 @@ msgstr ""
 msgid "Cancel"
 msgstr ""
 
+msgid "Cancel edit"
+msgstr ""
+
 msgid "ChangeTypeActionLabel|Pick into branch"
 msgstr ""
 
@@ -234,6 +269,9 @@ msgstr ""
 msgid "Create New Directory"
 msgstr ""
 
+msgid "Create a new branch"
+msgstr ""
+
 msgid "Create a personal access token on your account to pull or push via %{protocol}."
 msgstr ""
 
@@ -311,9 +349,15 @@ msgstr[1] ""
 msgid "Description"
 msgstr ""
 
+msgid "Details"
+msgstr ""
+
 msgid "Directory name"
 msgstr ""
 
+msgid "Discard changes"
+msgstr ""
+
 msgid "Don't show again"
 msgstr ""
 
@@ -397,12 +441,36 @@ msgstr ""
 msgid "From merge request merge until deploy to production"
 msgstr ""
 
+msgid "Git storage health information has been reset"
+msgstr ""
+
+msgid "GitLab Runner section"
+msgstr ""
+
 msgid "Go to your fork"
 msgstr ""
 
 msgid "GoToYourFork|Fork"
 msgstr ""
 
+msgid "Health Check"
+msgstr ""
+
+msgid "Health information can be retrieved from the following endpoints. More information is available"
+msgstr ""
+
+msgid "HealthCheck|Access token is"
+msgstr ""
+
+msgid "HealthCheck|Healthy"
+msgstr ""
+
+msgid "HealthCheck|No Health Problems Detected"
+msgstr ""
+
+msgid "HealthCheck|Unhealthy"
+msgstr ""
+
 msgid "Home"
 msgstr ""
 
@@ -412,6 +480,9 @@ msgstr ""
 msgid "Import repository"
 msgstr ""
 
+msgid "Install a Runner compatible with GitLab CI"
+msgstr ""
+
 msgid "Interval Pattern"
 msgstr ""
 
@@ -470,6 +541,9 @@ msgstr ""
 msgid "MissingSSHKeyWarningLink|add an SSH key"
 msgstr ""
 
+msgid "More information is available|here"
+msgstr ""
+
 msgid "New Issue"
 msgid_plural "New Issues"
 msgstr[0] ""
@@ -682,6 +756,9 @@ msgstr ""
 msgid "Project access must be granted explicitly to each user."
 msgstr ""
 
+msgid "Project details"
+msgstr ""
+
 msgid "Project export could not be deleted."
 msgstr ""
 
@@ -754,9 +831,21 @@ msgstr ""
 msgid "Remove project"
 msgstr ""
 
+msgid "Repository"
+msgstr ""
+
 msgid "Request Access"
 msgstr ""
 
+msgid "Reset git storage health information"
+msgstr ""
+
+msgid "Reset health check access token"
+msgstr ""
+
+msgid "Reset runners registration token"
+msgstr ""
+
 msgid "Revert this commit"
 msgstr ""
 
@@ -781,6 +870,9 @@ msgstr ""
 msgid "Select a timezone"
 msgstr ""
 
+msgid "Select existing branch"
+msgstr ""
+
 msgid "Select target branch"
 msgstr ""
 
@@ -807,12 +899,18 @@ msgstr[1] ""
 msgid "Source code"
 msgstr ""
 
+msgid "Specify the following URL during the Runner setup:"
+msgstr ""
+
 msgid "StarProject|Star"
 msgstr ""
 
 msgid "Start a %{new_merge_request} with these changes"
 msgstr ""
 
+msgid "Start the Runner!"
+msgstr ""
+
 msgid "Switch branch/tag"
 msgstr ""
 
@@ -875,6 +973,9 @@ msgstr ""
 msgid "The value lying at the midpoint of a series of observed values. E.g., between 3, 5, 9, the median is 5. Between 3, 5, 7, 8, the median is (5+7)/2 = 6."
 msgstr ""
 
+msgid "There are problems accessing Git storage: "
+msgstr ""
+
 msgid "This means you can not push code until you create an empty repository or import existing one."
 msgstr ""
 
@@ -1044,6 +1145,9 @@ msgstr ""
 msgid "UploadLink|click to upload"
 msgstr ""
 
+msgid "Use the following registration token during setup:"
+msgstr ""
+
 msgid "Use your global notification setting"
 msgstr ""
 
@@ -1059,6 +1163,9 @@ msgstr ""
 msgid "VisibilityLevel|Public"
 msgstr ""
 
+msgid "VisibilityLevel|Unknown"
+msgstr ""
+
 msgid "Want to see the data? Please ask an administrator for access."
 msgstr ""
 
@@ -1068,16 +1175,10 @@ msgstr ""
 msgid "Withdraw Access Request"
 msgstr ""
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
 msgstr ""
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
 msgstr ""
 
 msgid "You are going to remove the fork relationship to source project %{forked_from_project}. Are you ABSOLUTELY sure?"
diff --git a/locale/eo/gitlab.po b/locale/eo/gitlab.po
index d688478972d..94ae131186b 100644
--- a/locale/eo/gitlab.po
+++ b/locale/eo/gitlab.po
@@ -1165,30 +1165,14 @@ msgstr "Ne estas sufiĉe da datenoj por montri ĉi tiun etapon."
 msgid "Withdraw Access Request"
 msgstr "Nuligi la peton pri atingeblo"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Vi forigos „%{group_name}“.\n"
-"Oni NE POVAS malfari la forigon de grupo!\n"
-"Ĉu vi estas ABSOLUTE certa?"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Vi forigos „%{group_name}“. Oni NE POVAS malfari la forigon de grupo! Ĉu vi estas ABSOLUTE certa?"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Vi forigos „%{project_name_with_namespace}“.\n"
-"Oni NE POVAS malfari la forigon de projekto!\n"
-"Ĉu vi estas ABSOLUTE certa?"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Vi forigos „%{project_name_with_namespace}“. Oni NE POVAS malfari la forigon de projekto! Ĉu vi estas ABSOLUTE certa?"
 
-msgid ""
-"You are going to remove the fork relationship to source project "
-"%{forked_from_project}. Are you ABSOLUTELY sure?"
-msgstr ""
-"Vi forigos la rilaton de la disbranĉigo al la originala projekto, "
-"„%{forked_from_project}“. Ĉu vi estas ABSOLUTE certa?"
+msgid "You are going to remove the fork relationship to source project %{forked_from_project}. Are you ABSOLUTELY sure?"
+msgstr "Vi forigos la rilaton de la disbranĉigo al la originala projekto, „%{forked_from_project}“. Ĉu vi estas ABSOLUTE certa?"
 
 msgid ""
 "You are going to transfer %{project_name_with_namespace} to another owner. "
diff --git a/locale/es/gitlab.po b/locale/es/gitlab.po
index 5c669d51a68..e43fd5fea15 100644
--- a/locale/es/gitlab.po
+++ b/locale/es/gitlab.po
@@ -1071,23 +1071,11 @@ msgstr "No hay suficientes datos para mostrar en esta etapa."
 msgid "Withdraw Access Request"
 msgstr "Retirar Solicitud de Acceso"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Va a eliminar %{group_name}.\n"
-"¡El grupo eliminado NO puede ser restaurado!\n"
-"¿Estás TOTALMENTE seguro?"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Va a eliminar %{group_name}. ¡El grupo eliminado NO puede ser restaurado! ¿Estás TOTALMENTE seguro?"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Va a eliminar %{project_name_with_namespace}.\n"
-"¡El proyecto eliminado NO puede ser restaurado!\n"
-"¿Estás TOTALMENTE seguro?"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Va a eliminar %{project_name_with_namespace}. ¡El proyecto eliminado NO puede ser restaurado! ¿Estás TOTALMENTE seguro?"
 
 msgid "You are going to remove the fork relationship to source project %{forked_from_project}. Are you ABSOLUTELY sure?"
 msgstr "Vas a eliminar el enlace de la bifurcación con el proyecto original %{forked_from_project}. ¿Estás TOTALMENTE seguro?"
diff --git a/locale/fr/gitlab.po b/locale/fr/gitlab.po
index c490933c6d4..83f31f7a3b2 100644
--- a/locale/fr/gitlab.po
+++ b/locale/fr/gitlab.po
@@ -417,7 +417,7 @@ msgstr[0] "Fourche"
 msgstr[1] "Fourches"
 
 msgid "ForkedFromProjectPath|Forked from"
-msgstr "Fouché depuis"
+msgstr "Fourché depuis"
 
 msgid "From issue creation until deploy to production"
 msgstr "Depuis la création de l'incident jusqu'au déploiement en production"
@@ -1175,22 +1175,11 @@ msgstr "Nous n'avons pas suffisamment de données pour afficher cette étape."
 msgid "Withdraw Access Request"
 msgstr "Retirer la demande d'accès"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Vous êtes sur le point de supprimer %{group_name}. Les groupes supprimés NE "
-"PEUVENT PAS être restaurés ! Êtes vous ABSOLUMENT sûr ?"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Vous êtes sur le point de supprimer %{group_name}. Les groupes supprimés NE PEUVENT PAS être restaurés ! Êtes vous ABSOLUMENT sûr ?"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Vous êtes sur le point de supprimer %{project_name_with_namespace}.\n"
-"Les projets supprimés NE PEUVENT PAS être restaurés !\n"
-"Êtes vous ABSOLUMENT sûr ?  "
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Vous êtes sur le point de supprimer %{project_name_with_namespace}. Les projets supprimés NE PEUVENT PAS être restaurés ! Êtes vous ABSOLUMENT sûr ?"
 
 msgid ""
 "You are going to remove the fork relationship to source project "
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index babef3ed0af..e60504e1395 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -1072,16 +1072,10 @@ msgstr ""
 msgid "Withdraw Access Request"
 msgstr ""
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
 msgstr ""
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
 msgstr ""
 
 msgid "You are going to remove the fork relationship to source project %{forked_from_project}. Are you ABSOLUTELY sure?"
diff --git a/locale/it/gitlab.po b/locale/it/gitlab.po
index d4fac6ab34e..e719a3988e3 100644
--- a/locale/it/gitlab.po
+++ b/locale/it/gitlab.po
@@ -4,13 +4,13 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gitlab 1.0.0\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2017-06-28 13:32+0200\n"
+"POT-Creation-Date: 2017-07-13 12:07-0500\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"PO-Revision-Date: 2017-07-12 05:45-0400\n"
-"Last-Translator: Paolo Falomo <info@paolofalomo.it>\n"
 "Language-Team: Italian (https://translate.zanata.org/project/view/GitLab)\n"
+"PO-Revision-Date: 2017-08-07 10:15-0400\n"
+"Last-Translator: Paolo Falomo <info@paolofalomo.it>\n"
 "Language: it\n"
 "X-Generator: Zanata 3.9.6\n"
 "Plural-Forms: nplurals=2; plural=(n != 1)\n"
@@ -647,6 +647,12 @@ msgstr "Tutto"
 msgid "PipelineSchedules|Inactive"
 msgstr "Inattiva"
 
+msgid "PipelineSchedules|Input variable key"
+msgstr "Chiave della variabile"
+
+msgid "PipelineSchedules|Input variable value"
+msgstr "Valore della variabile"
+
 msgid "PipelineSchedules|Next Run"
 msgstr "Prossima esecuzione"
 
@@ -656,12 +662,18 @@ msgstr "Nessuna"
 msgid "PipelineSchedules|Provide a short description for this pipeline"
 msgstr "Fornisci una breve descrizione per questa pipeline"
 
+msgid "PipelineSchedules|Remove variable row"
+msgstr "Rimuovi riga della variabile"
+
 msgid "PipelineSchedules|Take ownership"
 msgstr "Prendi possesso"
 
 msgid "PipelineSchedules|Target"
 msgstr "Target"
 
+msgid "PipelineSchedules|Variables"
+msgstr "Variabili"
+
 msgid "PipelineSheduleIntervalPattern|Custom"
 msgstr "Personalizzato"
 
@@ -1144,6 +1156,9 @@ msgstr "Privato"
 msgid "VisibilityLevel|Public"
 msgstr "Pubblico"
 
+msgid "VisibilityLevel|Unknown"
+msgstr "Sconosciuto"
+
 msgid "Want to see the data? Please ask an administrator for access."
 msgstr ""
 "Vuoi visualizzare i dati? Richiedi l'accesso ad un amministratore, grazie."
@@ -1154,14 +1169,11 @@ msgstr "Non ci sono sufficienti dati da mostrare su questo stadio"
 msgid "Withdraw Access Request"
 msgstr "Ritira richiesta d'accesso"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Stai per rimuovere %{project_name_with_namespace}.\n"
-"I progetti rimossi NON POSSONO essere ripristinati\n"
-"Sei assolutamente sicuro?"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Stai per rimuovere il gruppo %{group_name}. I gruppi rimossi NON POSSONO esser ripristinati! Sei ASSOLUTAMENTE sicuro?"
+
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Stai per rimuovere %{project_name_with_namespace}. I progetti rimossi NON POSSONO essere ripristinati! Sei assolutamente sicuro?"
 
 msgid ""
 "You are going to remove the fork relationship to source project "
diff --git a/locale/ja/gitlab.po b/locale/ja/gitlab.po
index 0b1db651c11..bfa97aa21d7 100644
--- a/locale/ja/gitlab.po
+++ b/locale/ja/gitlab.po
@@ -1119,22 +1119,11 @@ msgstr "データ�足������ステージ�表示�����ん
 msgid "Withdraw Access Request"
 msgstr "アクセスリクエストを�り消�"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr "%{group_name} グループを削除�よ�������。\n"
-"削除�れ�グループ�絶対�元�戻���ん�\n"
-"本当�よ������？"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "%{group_name} グループを削除�よ�������。 削除�れ�グループ�絶対�元�戻���ん�本当�よ������？"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"%{project_name_with_namespace} プロジェクトを削除�よ�������。\n"
-"削除�れ�プロジェクト�絶対�元��戻���ん�\n"
-"本当�よ������？"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "%{project_name_with_namespace} プロジェクトを削除�よ�������。削除�れ�プロジェクト�絶対�元��戻���ん�本当�よ������？"
 
 msgid ""
 "You are going to remove the fork relationship to source project "
diff --git a/locale/ko/gitlab.po b/locale/ko/gitlab.po
index 97a844ada7f..340c8955d20 100644
--- a/locale/ko/gitlab.po
+++ b/locale/ko/gitlab.po
@@ -1,4 +1,7 @@
-# chang-ho,cha <changho.cha@gmail.com>, 2017. #zanata
+# Korean translations for gitlab package.
+# Copyright (C) 2017 THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the gitlab package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, 2017.
 # Huang Tao <htve@outlook.com>, 2017. #zanata
 msgid ""
 msgstr ""
@@ -8,12 +11,12 @@ msgstr ""
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"PO-Revision-Date: 2017-08-06 09:40-0400\n"
+"PO-Revision-Date: 2017-08-08 08:32-0400\n"
 "Last-Translator: chang-ho,cha <changho.cha@gmail.com>\n"
 "Language-Team: Korean (https://translate.zanata.org/project/view/GitLab)\n"
 "Language: ko\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
 "X-Generator: Zanata 3.9.6\n"
-"Plural-Forms: nplurals=1; plural=0\n"
 
 msgid "%d commit"
 msgid_plural "%d commits"
@@ -25,7 +28,7 @@ msgid_plural ""
 msgstr[0] "%s 추가 커밋� 성능 �슈를 방지하기 위해 �략�었습니다."
 
 msgid "%{commit_author_link} committed %{commit_timeago}"
-msgstr "%{commit_timeago} � %{commit_author_link} �(가) 커밋하였습니다. "
+msgstr "%{commit_timeago} � %{commit_author_link} 님� 커밋하였습니다. "
 
 msgid "1 pipeline"
 msgid_plural "%d pipelines"
@@ -791,7 +794,7 @@ msgid "Select target branch"
 msgstr "대� 브랜치 선�"
 
 msgid "Set a password on your account to pull or push via %{protocol}."
-msgstr "%{protocol}�(를) 통해 Pull 하거나 Push하려면 계정� 패스워드를 설정하십시오."
+msgstr "%{protocol} 프로토콜� 통해 Pull 하거나 Push하려면 계정� 패스워드를 설정하십시오."
 
 msgid "Set up CI"
 msgstr "CI 설정"
@@ -1118,21 +1121,11 @@ msgstr "� 단계를 보여주기� 충분한 ��터가 없습니다."
 msgid "Withdraw Access Request"
 msgstr "액세스 요청 철회"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr "%{group_name}�(를) 제거하려고합니다.\n"
-"\"정�로\" 확실합니까?"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "%{group_name} 그룹� 제거하려고합니다. \"정�로\" 확실합니까?"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"%{project_name_with_namespace}�(를) 삭제하려고합니다.\n"
-"삭제� 프로�트를 복� 할 수 없습니다!\n"
-"\"정�로\" 확실합니까?"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "%{project_name_with_namespace} 프로�트를 삭제하려고합니다. "삭제� 프로�트를 복� 할 수 없습니다! \"정�로\" 확실합니까?"
 
 msgid ""
 "You are going to remove the fork relationship to source project "
@@ -1185,7 +1178,7 @@ msgid ""
 "You won't be able to pull or push project code via SSH until you "
 "%{add_ssh_key_link} to your profile"
 msgstr ""
-"당신� 프로필� %{add_ssh_key_link} �(를) 하기 전�는 SSH를 통해 프로�트 코드를 Pull 하거나 Push 할 수 "
+"당신� 프로필� %{add_ssh_key_link} 를 하기 전�는 SSH를 통해 프로�트 코드를 Pull 하거나 Push 할 수 "
 "없습니다"
 
 msgid "Your name"
diff --git a/locale/pt_BR/gitlab.po b/locale/pt_BR/gitlab.po
index 2eaadb64124..a2df8ea549c 100644
--- a/locale/pt_BR/gitlab.po
+++ b/locale/pt_BR/gitlab.po
@@ -1164,30 +1164,12 @@ msgstr "Esta etapa não possui dados suficientes para exibição."
 msgid "Withdraw Access Request"
 msgstr "Remover Requisição de Acesso"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Você vai remover %{group_name}.\n"
-"Grupos removidos NÃO PODEM ser restaurados!\n"
-"Você está ABSOLUTAMENTE certo?"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Você irá remover %{project_name_with_namespace}.\n"
-"O projeto removido NÃO PODE ser restaurado!\n"
-"Tem certeza ABSOLUTA?"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Você vai remover %{group_name}. Grupos removidos NÃO PODEM ser restaurados! Você está ABSOLUTAMENTE certo?"
 
-msgid ""
-"You are going to remove the fork relationship to source project "
-"%{forked_from_project}. Are you ABSOLUTELY sure?"
-msgstr ""
-"Você ira remover o relacionamento de fork com o projeto original "
-"%{forked_from_project}. Tem certeza ABSOLUTA?"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Você irá remover %{project_name_with_namespace}. O projeto removido NÃO PODE ser restaurado! Tem certeza ABSOLUTA?"
 
 msgid ""
 "You are going to transfer %{project_name_with_namespace} to another owner. "
diff --git a/locale/ru/gitlab.po b/locale/ru/gitlab.po
index 78f7b059077..6661232850a 100644
--- a/locale/ru/gitlab.po
+++ b/locale/ru/gitlab.po
@@ -1179,23 +1179,11 @@ msgstr "Информаци� по �тапу от�ут�твует."
 msgid "Withdraw Access Request"
 msgstr "Отменить запро� до�тупа"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Вы �обираете�ь удалить %{group_name}.\n"
-"Удаленные группы �Е МОГУТ быть во��тановлены!\n"
-"Вы �БСОЛЮТ�О уверены?"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Вы �обираете�ь удалить %{group_name}. Удаленные группы �Е МОГУТ быть во��тановлены! Вы �БСОЛЮТ�О уверены?"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Вы хотите удалить %{project_name_with_namespace}.\n"
-"Удаленный проект �Е МОЖЕТ быть во��тановлен!\n"
-"Вы �БСОЛЮТ�О уверены?"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Вы хотите удалить %{project_name_with_namespace}. Удаленный проект �Е МОЖЕТ быть во��тановлен! Вы �БСОЛЮТ�О уверены?"
 
 msgid ""
 "You are going to remove the fork relationship to source project "
diff --git a/locale/uk/gitlab.po b/locale/uk/gitlab.po
index 78144d3755d..0ac0499e315 100644
--- a/locale/uk/gitlab.po
+++ b/locale/uk/gitlab.po
@@ -1173,23 +1173,11 @@ msgstr "Ми не маємо доÑ�татньо даних длÑ� показу Ñ
 msgid "Withdraw Access Request"
 msgstr "Ска�увати запит до�тупу"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Ви хочете видалити %{group_name}.\n"
-"Видалені групи �Е МОЖ�� буду відновити!\n"
-"Ви �БСОЛЮТ�О впевнені?"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Ви хочете видалити %{group_name}. Видалені групи �Е МОЖ�� буду відновити! Ви �БСОЛЮТ�О впевнені?"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr ""
-"Ви хочете видалити %{project_name_with_namespace}.\n"
-"Видалений проект �Е МОЖЕ бути відновлений!\n"
-"Ви �БСОЛЮТ�О впевнені?"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "Ви хочете видалити %{project_name_with_namespace}. Видалений проект �Е МОЖЕ бути відновлений! Ви �БСОЛЮТ�О впевнені?"
 
 msgid ""
 "You are going to remove the fork relationship to source project "
diff --git a/locale/zh_CN/gitlab.po b/locale/zh_CN/gitlab.po
index 4a550db55d2..a3d0027212c 100644
--- a/locale/zh_CN/gitlab.po
+++ b/locale/zh_CN/gitlab.po
@@ -1101,18 +1101,10 @@ msgstr "该阶段的数��足，无法显示。"
 msgid "Withdraw Access Request"
 msgstr "�消��申请"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr "�将删除 %{group_name}。\n"
-"已删除的群组无法���\n"
-"确定继续�？"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "�将删除 %{group_name}。已删除的群组无法���确定继续�？"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
 msgstr "�将�删除 %{project_name_with_namespace}。已删除的项目无法���确定继续�？"
 
 msgid ""
diff --git a/locale/zh_HK/gitlab.po b/locale/zh_HK/gitlab.po
index 69b2bf80dbf..f4d33862a36 100644
--- a/locale/zh_HK/gitlab.po
+++ b/locale/zh_HK/gitlab.po
@@ -1100,18 +1100,10 @@ msgstr "該階段的數據�足，無法顯示。"
 msgid "Withdraw Access Request"
 msgstr "�消權�申请"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr "�將刪除 %{group_name}。\n"
-"已刪除的群組無法�復�\n"
-"確定繼續嗎？"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "�將刪除 %{group_name}。已刪除的群組無法�復�確定繼續嗎？"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
 msgstr "�將�刪除 %{project_name_with_namespace}。已刪除的項目無法�複�確定繼續嗎？"
 
 msgid ""
diff --git a/locale/zh_TW/gitlab.po b/locale/zh_TW/gitlab.po
index 4fd728659c6..205d4712316 100644
--- a/locale/zh_TW/gitlab.po
+++ b/locale/zh_TW/gitlab.po
@@ -1111,18 +1111,10 @@ msgstr "因該階段的資料�足而無法顯示相關資訊"
 msgid "Withdraw Access Request"
 msgstr "�消權�申請"
 
-msgid ""
-"You are going to remove %{group_name}.\n"
-"Removed groups CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
-msgstr "�將�刪除 %{group_name}。\n"
-"被刪除的群組完全無法救回來喔�\n"
-"真的「100%確定��這麼�嗎？"
+msgid "You are going to remove %{group_name}. Removed groups CANNOT be restored! Are you ABSOLUTELY sure?"
+msgstr "�將�刪除 %{group_name}。被刪除的群組完全無法救回來喔�真的「100%確定��這麼�嗎？"
 
-msgid ""
-"You are going to remove %{project_name_with_namespace}.\n"
-"Removed project CANNOT be restored!\n"
-"Are you ABSOLUTELY sure?"
+msgid "You are going to remove %{project_name_with_namespace}. Removed project CANNOT be restored! Are you ABSOLUTELY sure?"
 msgstr "�將�刪除 %{project_name_with_namespace}。被刪除的專案完全無法救回來喔�真的「100%確定��這麼�嗎？"
 
 msgid ""
diff --git a/package.json b/package.json
index b50efee72ff..cbb9be3a27f 100644
--- a/package.json
+++ b/package.json
@@ -12,6 +12,7 @@
     "webpack-prod": "NODE_ENV=production webpack --config config/webpack.config.js"
   },
   "dependencies": {
+    "axios": "^0.16.2",
     "babel-core": "^6.22.1",
     "babel-eslint": "^7.2.1",
     "babel-loader": "^7.1.1",
@@ -20,6 +21,7 @@
     "babel-preset-stage-2": "^6.22.0",
     "bootstrap-sass": "^3.3.6",
     "compression-webpack-plugin": "^0.3.2",
+    "copy-webpack-plugin": "^4.0.1",
     "core-js": "^2.4.1",
     "cropper": "^2.3.0",
     "css-loader": "^0.28.0",
@@ -31,6 +33,7 @@
     "eslint-plugin-html": "^2.0.1",
     "exports-loader": "^0.6.4",
     "file-loader": "^0.11.1",
+    "imports-loader": "^0.7.1",
     "jed": "^1.1.1",
     "jquery": "^2.2.1",
     "jquery-ujs": "^1.2.1",
@@ -38,6 +41,7 @@
     "jszip": "^3.1.3",
     "jszip-utils": "^0.0.2",
     "marked": "^0.3.6",
+    "monaco-editor": "0.8.3",
     "mousetrap": "^1.4.6",
     "name-all-modules-plugin": "^1.0.1",
     "pikaday": "^1.5.1",
@@ -59,7 +63,7 @@
     "vue-loader": "^11.3.4",
     "vue-resource": "^1.3.4",
     "vue-template-compiler": "^2.2.6",
-    "webpack": "^3.4.0",
+    "webpack": "^3.5.4",
     "webpack-bundle-analyzer": "^2.8.2",
     "webpack-stats-plugin": "^0.1.5"
   },
diff --git a/rubocop/cop/migration/safer_boolean_column.rb b/rubocop/cop/migration/safer_boolean_column.rb
new file mode 100644
index 00000000000..0335c25d85d
--- /dev/null
+++ b/rubocop/cop/migration/safer_boolean_column.rb
@@ -0,0 +1,94 @@
+require_relative '../../migration_helpers'
+
+module RuboCop
+  module Cop
+    module Migration
+      # This cop requires a default value and disallows nulls for boolean
+      # columns on small tables.
+      #
+      # In general, this prevents 3-state-booleans.
+      # https://robots.thoughtbot.com/avoid-the-threestate-boolean-problem
+      #
+      # In particular, for the `application_settings` table, this ensures that
+      # upgraded installations get a proper default for the new boolean setting.
+      # A developer might otherwise mistakenly assume that a value in
+      # `ApplicationSetting.defaults` is sufficient.
+      #
+      # See https://gitlab.com/gitlab-org/gitlab-ee/issues/2750 for more
+      # information.
+      class SaferBooleanColumn < RuboCop::Cop::Cop
+        include MigrationHelpers
+
+        DEFAULT_OFFENSE = 'Boolean columns on the `%s` table should have a default. You may wish to use `add_column_with_default`.'.freeze
+        NULL_OFFENSE = 'Boolean columns on the `%s` table should disallow nulls.'.freeze
+        DEFAULT_AND_NULL_OFFENSE = 'Boolean columns on the `%s` table should have a default and should disallow nulls. You may wish to use `add_column_with_default`.'.freeze
+
+        SMALL_TABLES = %i[
+          application_settings
+        ].freeze
+
+        def_node_matcher :add_column?, <<~PATTERN
+          (send nil :add_column $...)
+        PATTERN
+
+        def on_send(node)
+          return unless in_migration?(node)
+
+          matched = add_column?(node)
+
+          return unless matched
+
+          table, _, type = matched.to_a.take(3).map(&:children).map(&:first)
+          opts = matched[3]
+
+          return unless SMALL_TABLES.include?(table) && type == :boolean
+
+          no_default = no_default?(opts)
+          nulls_allowed = nulls_allowed?(opts)
+
+          offense = if no_default && nulls_allowed
+                      DEFAULT_AND_NULL_OFFENSE
+                    elsif no_default
+                      DEFAULT_OFFENSE
+                    elsif nulls_allowed
+                      NULL_OFFENSE
+                    end
+
+          add_offense(node, :expression, format(offense, table)) if offense
+        end
+
+        def no_default?(opts)
+          return true unless opts
+
+          each_hash_node_pair(opts) do |key, value|
+            return value == 'nil' if key == :default
+          end
+        end
+
+        def nulls_allowed?(opts)
+          return true unless opts
+
+          each_hash_node_pair(opts) do |key, value|
+            return value != 'false' if key == :null
+          end
+        end
+
+        def each_hash_node_pair(hash_node, &block)
+          hash_node.each_node(:pair) do |pair|
+            key = hash_pair_key(pair)
+            value = hash_pair_value(pair)
+            yield(key, value)
+          end
+        end
+
+        def hash_pair_key(pair)
+          pair.children[0].children[0]
+        end
+
+        def hash_pair_value(pair)
+          pair.children[1].source
+        end
+      end
+    end
+  end
+end
diff --git a/rubocop/rubocop.rb b/rubocop/rubocop.rb
index 3fbd5b0163c..1b6e8991a17 100644
--- a/rubocop/rubocop.rb
+++ b/rubocop/rubocop.rb
@@ -13,6 +13,7 @@ require_relative 'cop/migration/add_concurrent_index'
 require_relative 'cop/migration/add_index'
 require_relative 'cop/migration/add_timestamps'
 require_relative 'cop/migration/datetime'
+require_relative 'cop/migration/safer_boolean_column'
 require_relative 'cop/migration/hash_index'
 require_relative 'cop/migration/remove_concurrent_index'
 require_relative 'cop/migration/remove_index'
diff --git a/scripts/detect-new-flaky-examples b/scripts/detect-new-flaky-examples
new file mode 100755
index 00000000000..3bee4f9a34b
--- /dev/null
+++ b/scripts/detect-new-flaky-examples
@@ -0,0 +1,21 @@
+#!/usr/bin/env ruby
+
+require 'json'
+
+report_file = ARGV.shift
+unless report_file
+  puts 'usage: detect-new-flaky-examples <report-file>'
+  exit 1
+end
+
+puts "Loading #{report_file}..."
+report = JSON.parse(File.read(report_file))
+
+if report.any?
+  puts "New flaky examples were detected!\n"
+  puts JSON.pretty_generate(report)
+  exit 1
+else
+  puts "No new flaky examples detected.\n"
+  exit 0
+end
diff --git a/scripts/merge-reports b/scripts/merge-reports
index aad76bcc327..3a421f1f1fc 100755
--- a/scripts/merge-reports
+++ b/scripts/merge-reports
@@ -4,7 +4,7 @@ require 'json'
 
 main_report_file = ARGV.shift
 unless main_report_file
-  puts 'usage: merge_reports <main-report> [extra reports...]'
+  puts 'usage: merge-reports <main-report> [extra reports...]'
   exit 1
 end
 
diff --git a/spec/bin/changelog_spec.rb b/spec/bin/changelog_spec.rb
index 91aff0db7cc..6d8b9865dcb 100644
--- a/spec/bin/changelog_spec.rb
+++ b/spec/bin/changelog_spec.rb
@@ -4,56 +4,90 @@ load File.expand_path('../../bin/changelog', __dir__)
 
 describe 'bin/changelog' do
   describe ChangelogOptionParser do
-    it 'parses --ammend' do
-      options = described_class.parse(%w[foo bar --amend])
+    describe '.parse' do
+      it 'parses --amend' do
+        options = described_class.parse(%w[foo bar --amend])
 
-      expect(options.amend).to eq true
-    end
+        expect(options.amend).to eq true
+      end
 
-    it 'parses --force and -f' do
-      %w[--force -f].each do |flag|
-        options = described_class.parse(%W[foo #{flag} bar])
+      it 'parses --force and -f' do
+        %w[--force -f].each do |flag|
+          options = described_class.parse(%W[foo #{flag} bar])
 
-        expect(options.force).to eq true
+          expect(options.force).to eq true
+        end
       end
-    end
 
-    it 'parses --merge-request and -m' do
-      %w[--merge-request -m].each do |flag|
-        options = described_class.parse(%W[foo #{flag} 1234 bar])
+      it 'parses --merge-request and -m' do
+        %w[--merge-request -m].each do |flag|
+          options = described_class.parse(%W[foo #{flag} 1234 bar])
 
-        expect(options.merge_request).to eq 1234
+          expect(options.merge_request).to eq 1234
+        end
       end
-    end
 
-    it 'parses --dry-run and -n' do
-      %w[--dry-run -n].each do |flag|
-        options = described_class.parse(%W[foo #{flag} bar])
+      it 'parses --dry-run and -n' do
+        %w[--dry-run -n].each do |flag|
+          options = described_class.parse(%W[foo #{flag} bar])
 
-        expect(options.dry_run).to eq true
+          expect(options.dry_run).to eq true
+        end
       end
-    end
 
-    it 'parses --git-username and -u' do
-      allow(described_class).to receive(:git_user_name).and_return('Jane Doe')
+      it 'parses --git-username and -u' do
+        allow(described_class).to receive(:git_user_name).and_return('Jane Doe')
 
-      %w[--git-username -u].each do |flag|
-        options = described_class.parse(%W[foo #{flag} bar])
+        %w[--git-username -u].each do |flag|
+          options = described_class.parse(%W[foo #{flag} bar])
 
-        expect(options.author).to eq 'Jane Doe'
+          expect(options.author).to eq 'Jane Doe'
+        end
+      end
+
+      it 'parses --type and -t' do
+        %w[--type -t].each do |flag|
+          options = described_class.parse(%W[foo #{flag} security])
+
+          expect(options.type).to eq 'security'
+        end
       end
-    end
 
-    it 'parses -h' do
-      expect do
-        expect { described_class.parse(%w[foo -h bar]) }.to output.to_stdout
-      end.to raise_error(SystemExit)
+      it 'parses -h' do
+        expect do
+          expect { described_class.parse(%w[foo -h bar]) }.to output.to_stdout
+        end.to raise_error(SystemExit)
+      end
+
+      it 'assigns title' do
+        options = described_class.parse(%W[foo -m 1 bar\n -u baz\r\n --amend])
+
+        expect(options.title).to eq 'foo bar baz'
+      end
     end
 
-    it 'assigns title' do
-      options = described_class.parse(%W[foo -m 1 bar\n -u baz\r\n --amend])
+    describe '.read_type'  do
+      let(:type) { '1' }
 
-      expect(options.title).to eq 'foo bar baz'
+      it 'reads type from $stdin' do
+        expect($stdin).to receive(:getc).and_return(type)
+        expect do
+          expect(described_class.read_type).to eq('added')
+        end.to output.to_stdout
+      end
+
+      context 'invalid type given' do
+        let(:type) { '99' }
+
+        it 'shows error message and exits the program' do
+          allow($stdin).to receive(:getc).and_return(type)
+          expect do
+            expect do
+              expect { described_class.read_type }.to raise_error(SystemExit)
+            end.to output("Invalid category index, please select an index between 1 and 7\n").to_stderr
+          end.to output.to_stdout
+        end
+      end
     end
   end
 end
diff --git a/spec/config/mail_room_spec.rb b/spec/config/mail_room_spec.rb
index a31e44fa928..74634dac713 100644
--- a/spec/config/mail_room_spec.rb
+++ b/spec/config/mail_room_spec.rb
@@ -20,12 +20,12 @@ describe 'mail_room.yml' do
     YAML.load(output)
   end
 
-  before(:each) do
+  before do
     stub_env('GITLAB_REDIS_QUEUES_CONFIG_FILE', absolute_path(queues_config_path))
     clear_queues_raw_config
   end
 
-  after(:each) do
+  after do
     clear_queues_raw_config
   end
 
diff --git a/spec/controllers/admin/projects_controller_spec.rb b/spec/controllers/admin/projects_controller_spec.rb
index 65587064eb1..373260b3978 100644
--- a/spec/controllers/admin/projects_controller_spec.rb
+++ b/spec/controllers/admin/projects_controller_spec.rb
@@ -12,12 +12,24 @@ describe Admin::ProjectsController do
 
     it 'retrieves the project for the given visibility level' do
       get :index, visibility_level: [Gitlab::VisibilityLevel::PUBLIC]
+
       expect(response.body).to match(project.name)
     end
 
     it 'does not retrieve the project' do
       get :index, visibility_level: [Gitlab::VisibilityLevel::INTERNAL]
+
       expect(response.body).not_to match(project.name)
     end
+
+    it 'does not respond with projects pending deletion' do
+      pending_delete_project = create(:project, pending_delete: true)
+
+      get :index
+
+      expect(response).to have_http_status(200)
+      expect(response.body).not_to match(pending_delete_project.name)
+      expect(response.body).to match(project.name)
+    end
   end
 end
diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb
index 29c449d6aa9..3d21b695af4 100644
--- a/spec/controllers/admin/users_controller_spec.rb
+++ b/spec/controllers/admin/users_controller_spec.rb
@@ -127,7 +127,7 @@ describe Admin::UsersController do
 
   describe 'POST create' do
     it 'creates the user' do
-      expect{ post :create, user: attributes_for(:user) }.to change{ User.count }.by(1)
+      expect { post :create, user: attributes_for(:user) }.to change { User.count }.by(1)
     end
 
     it 'shows only one error message for an invalid email' do
diff --git a/spec/controllers/autocomplete_controller_spec.rb b/spec/controllers/autocomplete_controller_spec.rb
index 3c396e36b24..2fbab1e4040 100644
--- a/spec/controllers/autocomplete_controller_spec.rb
+++ b/spec/controllers/autocomplete_controller_spec.rb
@@ -1,8 +1,8 @@
 require 'spec_helper'
 
 describe AutocompleteController do
-  let!(:project) { create(:project) }
-  let!(:user) { create(:user) }
+  let(:project) { create(:project) }
+  let(:user) { project.owner }
 
   context 'GET users' do
     let!(:user2) { create(:user) }
@@ -11,7 +11,6 @@ describe AutocompleteController do
     context 'project members' do
       before do
         sign_in(user)
-        project.add_master(user)
       end
 
       describe 'GET #users with project ID' do
@@ -19,11 +18,11 @@ describe AutocompleteController do
           get(:users, project_id: project.id)
         end
 
-        let(:body) { JSON.parse(response.body) }
-
-        it { expect(body).to be_kind_of(Array) }
-        it { expect(body.size).to eq 2 }
-        it { expect(body.map { |u| u["username"] }).to include(user.username) }
+        it 'returns the project members' do
+          expect(json_response).to be_kind_of(Array)
+          expect(json_response.size).to eq(1)
+          expect(json_response.map { |u| u["username"] }).to include(user.username)
+        end
       end
 
       describe 'GET #users with unknown project' do
@@ -39,20 +38,20 @@ describe AutocompleteController do
       let(:group) { create(:group) }
 
       before do
-        sign_in(user)
         group.add_owner(user)
+        sign_in(user)
       end
 
-      let(:body) { JSON.parse(response.body) }
-
       describe 'GET #users with group ID' do
         before do
           get(:users, group_id: group.id)
         end
 
-        it { expect(body).to be_kind_of(Array) }
-        it { expect(body.size).to eq 1 }
-        it { expect(body.first["username"]).to eq user.username }
+        it 'returns the group members' do
+          expect(json_response).to be_kind_of(Array)
+          expect(json_response.size).to eq(1)
+          expect(json_response.first["username"]).to eq user.username
+        end
       end
 
       describe 'GET #users with unknown group ID' do
@@ -65,23 +64,22 @@ describe AutocompleteController do
     end
 
     context 'non-member login for public project' do
-      let!(:project) { create(:project, :public) }
+      let(:project) { create(:project, :public) }
 
       before do
         sign_in(non_member)
-        project.add_master(user)
       end
 
-      let(:body) { JSON.parse(response.body) }
-
       describe 'GET #users with project ID' do
         before do
           get(:users, project_id: project.id, current_user: true)
         end
 
-        it { expect(body).to be_kind_of(Array) }
-        it { expect(body.size).to eq 3 }
-        it { expect(body.map { |u| u['username'] }).to include(user.username, non_member.username) }
+        it 'returns the project members and non-members' do
+          expect(json_response).to be_kind_of(Array)
+          expect(json_response.size).to eq(2)
+          expect(json_response.map { |u| u['username'] }).to include(user.username, non_member.username)
+        end
       end
     end
 
@@ -91,10 +89,8 @@ describe AutocompleteController do
         get(:users)
       end
 
-      let(:body) { JSON.parse(response.body) }
-
-      it { expect(body).to be_kind_of(Array) }
-      it { expect(body.size).to eq User.count }
+      it { expect(json_response).to be_kind_of(Array) }
+      it { expect(json_response.size).to eq User.count }
     end
 
     context 'user order' do
@@ -106,7 +102,7 @@ describe AutocompleteController do
         sign_in(user)
         get(:users, search: 'user')
 
-        response_usernames = JSON.parse(response.body).map { |user| user['username']  }
+        response_usernames = json_response.map { |user| user['username']  }
 
         expect(response_usernames.take(3)).to match_array([user.username, reported_user.username, user1.username])
       end
@@ -120,15 +116,12 @@ describe AutocompleteController do
         get(:users, per_page: per_page)
       end
 
-      let(:body) { JSON.parse(response.body) }
-
-      it { expect(body).to be_kind_of(Array) }
-      it { expect(body.size).to eq per_page }
+      it { expect(json_response).to be_kind_of(Array) }
+      it { expect(json_response.size).to eq(per_page) }
     end
 
     context 'unauthenticated user' do
       let(:public_project) { create(:project, :public) }
-      let(:body) { JSON.parse(response.body) }
 
       describe 'GET #users with public project' do
         before do
@@ -136,8 +129,8 @@ describe AutocompleteController do
           get(:users, project_id: public_project.id)
         end
 
-        it { expect(body).to be_kind_of(Array) }
-        it { expect(body.size).to eq 2 }
+        it { expect(json_response).to be_kind_of(Array) }
+        it { expect(json_response.size).to eq 2 }
       end
 
       describe 'GET #users with project' do
@@ -170,8 +163,8 @@ describe AutocompleteController do
           get(:users)
         end
 
-        it { expect(body).to be_kind_of(Array) }
-        it { expect(body.size).to eq 0 }
+        it { expect(json_response).to be_kind_of(Array) }
+        it { expect(json_response).to be_empty }
       end
 
       describe 'GET #users with todo filter' do
@@ -179,14 +172,12 @@ describe AutocompleteController do
           get :users, todo_filter: true
 
           expect(response.status).to eq 200
-          expect(body).to be_kind_of(Array)
+          expect(json_response).to be_kind_of(Array)
         end
       end
     end
 
     context 'author of issuable included' do
-      let(:body) { JSON.parse(response.body) }
-
       context 'authenticated' do
         before do
           sign_in(user)
@@ -195,13 +186,13 @@ describe AutocompleteController do
         it 'includes the author' do
           get(:users, author_id: non_member.id)
 
-          expect(body.first["username"]).to eq non_member.username
+          expect(json_response.first["username"]).to eq non_member.username
         end
 
         it 'rejects non existent user ids' do
           get(:users, author_id: 99999)
 
-          expect(body.collect { |u| u['id'] }).not_to include(99999)
+          expect(json_response.collect { |u| u['id'] }).not_to include(99999)
         end
       end
 
@@ -209,7 +200,7 @@ describe AutocompleteController do
         it 'returns empty result' do
           get(:users, author_id: non_member.id)
 
-          expect(body).to be_empty
+          expect(json_response).to be_empty
         end
       end
     end
@@ -222,10 +213,9 @@ describe AutocompleteController do
       it 'skips the user IDs passed' do
         get(:users, skip_users: [user, user2].map(&:id))
 
-        other_user_ids    = [non_member, project.owner, project.creator].map(&:id)
-        response_user_ids = JSON.parse(response.body).map { |user| user['id'] }
+        response_user_ids = json_response.map { |user| user['id'] }
 
-        expect(response_user_ids).to contain_exactly(*other_user_ids)
+        expect(response_user_ids).to contain_exactly(non_member.id)
       end
     end
   end
@@ -249,17 +239,15 @@ describe AutocompleteController do
           get(:projects, project_id: project.id)
         end
 
-        let(:body) { JSON.parse(response.body) }
-
-        it do
-          expect(body).to be_kind_of(Array)
-          expect(body.size).to eq 2
+        it 'returns projects' do
+          expect(json_response).to be_kind_of(Array)
+          expect(json_response.size).to eq(2)
 
-          expect(body.first['id']).to eq 0
-          expect(body.first['name_with_namespace']).to eq 'No project'
+          expect(json_response.first['id']).to eq(0)
+          expect(json_response.first['name_with_namespace']).to eq 'No project'
 
-          expect(body.last['id']).to eq authorized_project.id
-          expect(body.last['name_with_namespace']).to eq authorized_project.name_with_namespace
+          expect(json_response.last['id']).to eq authorized_project.id
+          expect(json_response.last['name_with_namespace']).to eq authorized_project.name_with_namespace
         end
       end
     end
@@ -275,14 +263,12 @@ describe AutocompleteController do
           get(:projects, project_id: project.id, search: 'rugged')
         end
 
-        let(:body) { JSON.parse(response.body) }
+        it 'returns projects' do
+          expect(json_response).to be_kind_of(Array)
+          expect(json_response.size).to eq(2)
 
-        it do
-          expect(body).to be_kind_of(Array)
-          expect(body.size).to eq 2
-
-          expect(body.last['id']).to eq authorized_search_project.id
-          expect(body.last['name_with_namespace']).to eq authorized_search_project.name_with_namespace
+          expect(json_response.last['id']).to eq authorized_search_project.id
+          expect(json_response.last['name_with_namespace']).to eq authorized_search_project.name_with_namespace
         end
       end
     end
@@ -304,11 +290,9 @@ describe AutocompleteController do
           get(:projects, project_id: project.id)
         end
 
-        let(:body) { JSON.parse(response.body) }
-
-        it do
-          expect(body).to be_kind_of(Array)
-          expect(body.size).to eq 3 # Of a total of 4
+        it 'returns projects' do
+          expect(json_response).to be_kind_of(Array)
+          expect(json_response.size).to eq 3 # Of a total of 4
         end
       end
     end
@@ -328,17 +312,15 @@ describe AutocompleteController do
           get(:projects, project_id: project.id, offset_id: authorized_project.id)
         end
 
-        let(:body) { JSON.parse(response.body) }
-
-        it do
-          expect(body.detect { |item| item['id'] == 0 }).to be_nil # 'No project' is not there
-          expect(body.detect { |item| item['id'] == authorized_project.id }).to be_nil # Offset project is not there either
+        it 'returns "No project"' do
+          expect(json_response.detect { |item| item['id'] == 0 }).to be_nil # 'No project' is not there
+          expect(json_response.detect { |item| item['id'] == authorized_project.id }).to be_nil # Offset project is not there either
         end
       end
     end
 
     context 'authorized projects without admin_issue ability' do
-      before(:each) do
+      before do
         authorized_project.add_guest(user)
 
         expect(user.can?(:admin_issue, authorized_project)).to eq(false)
@@ -349,13 +331,10 @@ describe AutocompleteController do
           get(:projects, project_id: project.id)
         end
 
-        let(:body) { JSON.parse(response.body) }
-
-        it do
-          expect(body).to be_kind_of(Array)
-          expect(body.size).to eq 1 # 'No project'
-
-          expect(body.first['id']).to eq 0
+        it 'returns a single "No project"' do
+          expect(json_response).to be_kind_of(Array)
+          expect(json_response.size).to eq(1) # 'No project'
+          expect(json_response.first['id']).to eq 0
         end
       end
     end
diff --git a/spec/controllers/invites_controller_spec.rb b/spec/controllers/invites_controller_spec.rb
index e478a253b3f..e00403118a0 100644
--- a/spec/controllers/invites_controller_spec.rb
+++ b/spec/controllers/invites_controller_spec.rb
@@ -24,7 +24,7 @@ describe InvitesController do
   describe 'GET #decline' do
     it 'declines user' do
       get :decline, id: token
-      expect{member.reload}.to raise_error ActiveRecord::RecordNotFound
+      expect {member.reload}.to raise_error ActiveRecord::RecordNotFound
 
       expect(response).to have_http_status(302)
       expect(flash[:notice]).to include 'You have declined the invitation to join'
diff --git a/spec/controllers/projects/blob_controller_spec.rb b/spec/controllers/projects/blob_controller_spec.rb
index 59f33197e8f..64b9af7b845 100644
--- a/spec/controllers/projects/blob_controller_spec.rb
+++ b/spec/controllers/projects/blob_controller_spec.rb
@@ -35,6 +35,26 @@ describe Projects::BlobController do
       end
     end
 
+    context 'with file path and JSON format' do
+      context "valid branch, valid file" do
+        let(:id) { 'master/README.md' }
+
+        before do
+          get(:show,
+              namespace_id: project.namespace,
+              project_id: project,
+              id: id,
+              format: :json)
+        end
+
+        it do
+          expect(response).to be_ok
+          expect(json_response).to have_key 'html'
+          expect(json_response).to have_key 'raw_path'
+        end
+      end
+    end
+
     context 'with tree path' do
       before do
         get(:show,
diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb
index bdee3894a13..b571b11dcac 100644
--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -1,7 +1,7 @@
 require('spec_helper')
 
 describe Projects::IssuesController do
-  let(:project) { create(:project_empty_repo) }
+  let(:project) { create(:project) }
   let(:user)    { create(:user) }
   let(:issue)   { create(:issue, project: project) }
 
@@ -292,13 +292,13 @@ describe Projects::IssuesController do
 
             it 'rejects an issue recognized as a spam' do
               expect(Gitlab::Recaptcha).to receive(:load_configurations!).and_return(true)
-              expect { update_spam_issue }.not_to change{ issue.reload.title }
+              expect { update_spam_issue }.not_to change { issue.reload.title }
             end
 
             it 'rejects an issue recognized as a spam when recaptcha disabled' do
               stub_application_setting(recaptcha_enabled: false)
 
-              expect { update_spam_issue }.not_to change{ issue.reload.title }
+              expect { update_spam_issue }.not_to change { issue.reload.title }
             end
 
             it 'creates a spam log' do
@@ -358,7 +358,7 @@ describe Projects::IssuesController do
             end
 
             it 'accepts an issue after recaptcha is verified' do
-              expect{ update_verified_issue }.to change{ issue.reload.title }.to(spammy_title)
+              expect { update_verified_issue }.to change { issue.reload.title }.to(spammy_title)
             end
 
             it 'marks spam log as recaptcha_verified' do
@@ -841,7 +841,7 @@ describe Projects::IssuesController do
   describe 'POST #toggle_award_emoji' do
     before do
       sign_in(user)
-      project.team << [user, :developer]
+      project.add_developer(user)
     end
 
     it "toggles the award emoji" do
@@ -855,6 +855,8 @@ describe Projects::IssuesController do
   end
 
   describe 'POST create_merge_request' do
+    let(:project) { create(:project, :repository) }
+
     before do
       project.add_developer(user)
       sign_in(user)
diff --git a/spec/controllers/projects/todos_controller_spec.rb b/spec/controllers/projects/todos_controller_spec.rb
index 974330e2bbd..41d211ed1bb 100644
--- a/spec/controllers/projects/todos_controller_spec.rb
+++ b/spec/controllers/projects/todos_controller_spec.rb
@@ -67,7 +67,7 @@ describe Projects::TodosController do
         end
 
         it "doesn't create todo" do
-          expect{ go }.not_to change { user.todos.count }
+          expect { go }.not_to change { user.todos.count }
           expect(response).to have_http_status(404)
         end
       end
@@ -135,7 +135,7 @@ describe Projects::TodosController do
         end
 
         it "doesn't create todo" do
-          expect{ go }.not_to change { user.todos.count }
+          expect { go }.not_to change { user.todos.count }
           expect(response).to have_http_status(404)
         end
       end
diff --git a/spec/controllers/projects_controller_spec.rb b/spec/controllers/projects_controller_spec.rb
index 8ecd8b6ca71..c0e48046937 100644
--- a/spec/controllers/projects_controller_spec.rb
+++ b/spec/controllers/projects_controller_spec.rb
@@ -578,6 +578,118 @@ describe ProjectsController do
     end
   end
 
+  describe '#export' do
+    before do
+      sign_in(user)
+
+      project.add_master(user)
+    end
+
+    context 'when project export is enabled' do
+      it 'returns 302' do
+        get :export, namespace_id: project.namespace, id: project
+
+        expect(response).to have_http_status(302)
+      end
+    end
+
+    context 'when project export is disabled' do
+      before do
+        stub_application_setting(project_export_enabled?: false)
+      end
+
+      it 'returns 404' do
+        get :export, namespace_id: project.namespace, id: project
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  describe '#download_export' do
+    before do
+      sign_in(user)
+
+      project.add_master(user)
+    end
+
+    context 'when project export is enabled' do
+      it 'returns 302' do
+        get :download_export, namespace_id: project.namespace, id: project
+
+        expect(response).to have_http_status(302)
+      end
+    end
+
+    context 'when project export is disabled' do
+      before do
+        stub_application_setting(project_export_enabled?: false)
+      end
+
+      it 'returns 404' do
+        get :download_export, namespace_id: project.namespace, id: project
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  describe '#remove_export' do
+    before do
+      sign_in(user)
+
+      project.add_master(user)
+    end
+
+    context 'when project export is enabled' do
+      it 'returns 302' do
+        post :remove_export, namespace_id: project.namespace, id: project
+
+        expect(response).to have_http_status(302)
+      end
+    end
+
+    context 'when project export is disabled' do
+      before do
+        stub_application_setting(project_export_enabled?: false)
+      end
+
+      it 'returns 404' do
+        post :remove_export, namespace_id: project.namespace, id: project
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  describe '#generate_new_export' do
+    before do
+      sign_in(user)
+
+      project.add_master(user)
+    end
+
+    context 'when project export is enabled' do
+      it 'returns 302' do
+        post :generate_new_export, namespace_id: project.namespace, id: project
+
+        expect(response).to have_http_status(302)
+      end
+    end
+
+    context 'when project export is disabled' do
+      before do
+        stub_application_setting(project_export_enabled?: false)
+      end
+
+      it 'returns 404' do
+        post :generate_new_export, namespace_id: project.namespace, id: project
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
   def project_moved_message(redirect_route, project)
     "Project '#{redirect_route.path}' was moved to '#{project.full_path}'. Please update any links and bookmarks that may still have the old path."
   end
diff --git a/spec/controllers/registrations_controller_spec.rb b/spec/controllers/registrations_controller_spec.rb
index 634563fc290..5a4ab39ab86 100644
--- a/spec/controllers/registrations_controller_spec.rb
+++ b/spec/controllers/registrations_controller_spec.rb
@@ -5,7 +5,7 @@ describe RegistrationsController do
     let(:user_params) { { user: { name: 'new_user', username: 'new_username', email: 'new@user.com', password: 'Any_password' } } }
 
     context 'email confirmation' do
-      around(:each) do |example|
+      around do |example|
         perform_enqueued_jobs do
           example.run
         end
@@ -15,7 +15,7 @@ describe RegistrationsController do
         it 'signs the user in' do
           allow_any_instance_of(ApplicationSetting).to receive(:send_user_confirmation_email).and_return(false)
 
-          expect { post(:create, user_params) }.not_to change{ ActionMailer::Base.deliveries.size }
+          expect { post(:create, user_params) }.not_to change { ActionMailer::Base.deliveries.size }
           expect(subject.current_user).not_to be_nil
         end
       end
diff --git a/spec/controllers/snippets/notes_controller_spec.rb b/spec/controllers/snippets/notes_controller_spec.rb
index 1c494b8c7ab..225753333ee 100644
--- a/spec/controllers/snippets/notes_controller_spec.rb
+++ b/spec/controllers/snippets/notes_controller_spec.rb
@@ -138,7 +138,7 @@ describe Snippets::NotesController do
       end
 
       it "deletes the note" do
-        expect{ delete :destroy, request_params }.to change{ Note.count }.from(1).to(0)
+        expect { delete :destroy, request_params }.to change { Note.count }.from(1).to(0)
       end
 
       context 'system note' do
@@ -147,7 +147,7 @@ describe Snippets::NotesController do
         end
 
         it "does not delete the note" do
-          expect{ delete :destroy, request_params }.not_to change{ Note.count }
+          expect { delete :destroy, request_params }.not_to change { Note.count }
         end
       end
     end
@@ -166,7 +166,7 @@ describe Snippets::NotesController do
       end
 
       it "does not update the note" do
-        expect{ delete :destroy, request_params }.not_to change{ Note.count }
+        expect { delete :destroy, request_params }.not_to change { Note.count }
       end
     end
   end
diff --git a/spec/controllers/snippets_controller_spec.rb b/spec/controllers/snippets_controller_spec.rb
index 475ceda11fe..7c5d059760f 100644
--- a/spec/controllers/snippets_controller_spec.rb
+++ b/spec/controllers/snippets_controller_spec.rb
@@ -186,8 +186,8 @@ describe SnippetsController do
     end
 
     context 'when the snippet description contains a file' do
-      let(:picture_file) { '/system/temp/secret56/picture.jpg' }
-      let(:text_file) { '/system/temp/secret78/text.txt' }
+      let(:picture_file) { '/-/system/temp/secret56/picture.jpg' }
+      let(:text_file) { '/-/system/temp/secret78/text.txt' }
       let(:description) do
         "Description with picture: ![picture](/uploads#{picture_file}) and "\
         "text: [text.txt](/uploads#{text_file})"
@@ -208,8 +208,8 @@ describe SnippetsController do
         snippet = subject
 
         expected_description = "Description with picture: "\
-          "![picture](/uploads/system/personal_snippet/#{snippet.id}/secret56/picture.jpg) and "\
-          "text: [text.txt](/uploads/system/personal_snippet/#{snippet.id}/secret78/text.txt)"
+          "![picture](/uploads/-/system/personal_snippet/#{snippet.id}/secret56/picture.jpg) and "\
+          "text: [text.txt](/uploads/-/system/personal_snippet/#{snippet.id}/secret78/text.txt)"
 
         expect(snippet.description).to eq(expected_description)
       end
diff --git a/spec/controllers/uploads_controller_spec.rb b/spec/controllers/uploads_controller_spec.rb
index b3a40f5d15c..b29f3d861be 100644
--- a/spec/controllers/uploads_controller_spec.rb
+++ b/spec/controllers/uploads_controller_spec.rb
@@ -102,7 +102,7 @@ describe UploadsController do
           subject
 
           expect(response.body).to match '\"alt\":\"rails_sample\"'
-          expect(response.body).to match "\"url\":\"/uploads/system/temp"
+          expect(response.body).to match "\"url\":\"/uploads/-/system/temp"
         end
 
         it 'does not create an Upload record' do
@@ -119,7 +119,7 @@ describe UploadsController do
           subject
 
           expect(response.body).to match '\"alt\":\"doc_sample.txt\"'
-          expect(response.body).to match "\"url\":\"/uploads/system/temp"
+          expect(response.body).to match "\"url\":\"/uploads/-/system/temp"
         end
 
         it 'does not create an Upload record' do
diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index a64ad73cba8..2cecd2646fc 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -92,8 +92,14 @@ describe UsersController do
       before do
         sign_in(user)
         project.team << [user, :developer]
-        EventCreateService.new.push(project, user, [])
-        EventCreateService.new.push(forked_project, user, [])
+
+        push_data = Gitlab::DataBuilder::Push.build_sample(project, user)
+
+        fork_push_data = Gitlab::DataBuilder::Push
+          .build_sample(forked_project, user)
+
+        EventCreateService.new.push(project, user, push_data)
+        EventCreateService.new.push(forked_project, user, fork_push_data)
       end
 
       it 'includes forked projects' do
diff --git a/spec/factories/deployments.rb b/spec/factories/deployments.rb
index 29ad1af9fd9..e5abfd67d60 100644
--- a/spec/factories/deployments.rb
+++ b/spec/factories/deployments.rb
@@ -10,6 +10,10 @@ FactoryGirl.define do
 
     after(:build) do |deployment, evaluator|
       deployment.project ||= deployment.environment.project
+
+      unless deployment.project.repository_exists?
+        allow(deployment.project.repository).to receive(:fetch_ref)
+      end
     end
   end
 end
diff --git a/spec/factories/events.rb b/spec/factories/events.rb
index 11d2016955c..ad9f7e2caef 100644
--- a/spec/factories/events.rb
+++ b/spec/factories/events.rb
@@ -2,6 +2,7 @@ FactoryGirl.define do
   factory :event do
     project
     author factory: :user
+    action Event::JOINED
 
     trait(:created)   { action Event::CREATED }
     trait(:updated)   { action Event::UPDATED }
@@ -20,4 +21,19 @@ FactoryGirl.define do
       target factory: :closed_issue
     end
   end
+
+  factory :push_event, class: PushEvent do
+    project factory: :project_empty_repo
+    author factory: :user
+    action Event::PUSHED
+  end
+
+  factory :push_event_payload do
+    event
+    commit_count 1
+    action :pushed
+    ref_type :branch
+    ref 'master'
+    commit_to '3cdce97ed87c91368561584e7358f4d46e3e173c'
+  end
 end
diff --git a/spec/factories/merge_requests.rb b/spec/factories/merge_requests.rb
index 1bc530d06db..cbec716d6ea 100644
--- a/spec/factories/merge_requests.rb
+++ b/spec/factories/merge_requests.rb
@@ -68,6 +68,17 @@ FactoryGirl.define do
       merge_user author
     end
 
+    after(:build) do |merge_request|
+      target_project = merge_request.target_project
+      source_project = merge_request.source_project
+
+      # Fake `write_ref` if we don't have repository
+      # We have too many existing tests replying on this behaviour
+      unless [target_project, source_project].all?(&:repository_exists?)
+        allow(merge_request).to receive(:write_ref)
+      end
+    end
+
     factory :merged_merge_request, traits: [:merged]
     factory :closed_merge_request, traits: [:closed]
     factory :reopened_merge_request, traits: [:opened]
diff --git a/spec/factories/projects.rb b/spec/factories/projects.rb
index 3f8e7030b1c..4a2034b31b3 100644
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@@ -8,12 +8,47 @@ FactoryGirl.define do
   factory :project, class: 'Project' do
     sequence(:name) { |n| "project#{n}" }
     path { name.downcase.gsub(/\s/, '_') }
-    namespace
-    creator
-
     # Behaves differently to nil due to cache_has_external_issue_tracker
     has_external_issue_tracker false
 
+    # Associations
+    namespace
+    creator { group ? create(:user) : namespace&.owner }
+
+    # Nest Project Feature attributes
+    transient do
+      wiki_access_level ProjectFeature::ENABLED
+      builds_access_level ProjectFeature::ENABLED
+      snippets_access_level ProjectFeature::ENABLED
+      issues_access_level ProjectFeature::ENABLED
+      merge_requests_access_level ProjectFeature::ENABLED
+      repository_access_level ProjectFeature::ENABLED
+    end
+
+    after(:create) do |project, evaluator|
+      # Builds and MRs can't have higher visibility level than repository access level.
+      builds_access_level = [evaluator.builds_access_level, evaluator.repository_access_level].min
+      merge_requests_access_level = [evaluator.merge_requests_access_level, evaluator.repository_access_level].min
+
+      project.project_feature.update_columns(
+        wiki_access_level: evaluator.wiki_access_level,
+        builds_access_level: builds_access_level,
+        snippets_access_level: evaluator.snippets_access_level,
+        issues_access_level: evaluator.issues_access_level,
+        merge_requests_access_level: merge_requests_access_level,
+        repository_access_level: evaluator.repository_access_level)
+
+      # Normally the class Projects::CreateService is used for creating
+      # projects, and this class takes care of making sure the owner and current
+      # user have access to the project. Our specs don't use said service class,
+      # thus we must manually refresh things here.
+      unless project.group || project.pending_delete
+        project.add_master(project.owner)
+      end
+
+      project.group&.refresh_members_authorized_projects
+    end
+
     trait :public do
       visibility_level Gitlab::VisibilityLevel::PUBLIC
     end
@@ -67,30 +102,28 @@ FactoryGirl.define do
       test_repo
 
       transient do
-        create_template nil
+        create_templates nil
       end
 
       after :create do |project, evaluator|
-        if evaluator.create_template
-          args = evaluator.create_template
-
-          project.add_user(args[:user], args[:access])
+        if evaluator.create_templates
+          templates_path = "#{evaluator.create_templates}_templates"
 
           project.repository.create_file(
-            args[:user],
-            ".gitlab/#{args[:path]}/bug.md",
+            project.creator,
+            ".gitlab/#{templates_path}/bug.md",
             'something valid',
             message: 'test 3',
             branch_name: 'master')
           project.repository.create_file(
-            args[:user],
-            ".gitlab/#{args[:path]}/template_test.md",
+            project.creator,
+            ".gitlab/#{templates_path}/template_test.md",
             'template_test',
             message: 'test 1',
             branch_name: 'master')
           project.repository.create_file(
-            args[:user],
-            ".gitlab/#{args[:path]}/feature_proposal.md",
+            project.creator,
+            ".gitlab/#{templates_path}/feature_proposal.md",
             'feature_proposal',
             message: 'test 2',
             branch_name: 'master')
@@ -142,44 +175,6 @@ FactoryGirl.define do
     trait(:repository_enabled)      { repository_access_level ProjectFeature::ENABLED }
     trait(:repository_disabled)     { repository_access_level ProjectFeature::DISABLED }
     trait(:repository_private)      { repository_access_level ProjectFeature::PRIVATE }
-
-    # Nest Project Feature attributes
-    transient do
-      wiki_access_level ProjectFeature::ENABLED
-      builds_access_level ProjectFeature::ENABLED
-      snippets_access_level ProjectFeature::ENABLED
-      issues_access_level ProjectFeature::ENABLED
-      merge_requests_access_level ProjectFeature::ENABLED
-      repository_access_level ProjectFeature::ENABLED
-    end
-
-    after(:create) do |project, evaluator|
-      # Builds and MRs can't have higher visibility level than repository access level.
-      builds_access_level = [evaluator.builds_access_level, evaluator.repository_access_level].min
-      merge_requests_access_level = [evaluator.merge_requests_access_level, evaluator.repository_access_level].min
-
-      project.project_feature
-        .update_attributes!(
-          wiki_access_level: evaluator.wiki_access_level,
-          builds_access_level: builds_access_level,
-          snippets_access_level: evaluator.snippets_access_level,
-          issues_access_level: evaluator.issues_access_level,
-          merge_requests_access_level: merge_requests_access_level,
-          repository_access_level: evaluator.repository_access_level
-        )
-
-      # Normally the class Projects::CreateService is used for creating
-      # projects, and this class takes care of making sure the owner and current
-      # user have access to the project. Our specs don't use said service class,
-      # thus we must manually refresh things here.
-      owner = project.owner
-
-      if owner && owner.is_a?(User) && !project.pending_delete
-        project.members.create!(user: owner, access_level: Gitlab::Access::MASTER)
-      end
-
-      project.group&.refresh_members_authorized_projects
-    end
   end
 
   # Project with empty repository
diff --git a/spec/factories/users.rb b/spec/factories/users.rb
index e60fe713bc3..4000cd085b7 100644
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@@ -1,5 +1,5 @@
 FactoryGirl.define do
-  factory :user, aliases: [:author, :assignee, :recipient, :owner, :creator, :resource_owner] do
+  factory :user, aliases: [:author, :assignee, :recipient, :owner, :resource_owner] do
     email { generate(:email) }
     name { generate(:name) }
     username { generate(:username) }
@@ -8,6 +8,10 @@ FactoryGirl.define do
     confirmation_token { nil }
     can_create_group true
 
+    after(:stub) do |user|
+      user.notification_email = user.email
+    end
+
     before(:create) do |user|
       user.ensure_rss_token
     end
diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb
index c9591a7d854..5db42175c15 100644
--- a/spec/features/admin/admin_settings_spec.rb
+++ b/spec/features/admin/admin_settings_spec.rb
@@ -35,6 +35,7 @@ feature 'Admin updates settings' do
     fill_in 'Help page text', with: 'Example text'
     check 'Hide marketing-related entries from help'
     fill_in 'Support page URL', with: 'http://example.com/help'
+    uncheck 'Project export enabled'
     click_button 'Save'
 
     expect(current_application_settings.gravatar_enabled).to be_falsey
@@ -42,6 +43,7 @@ feature 'Admin updates settings' do
     expect(current_application_settings.help_page_text).to eq "Example text"
     expect(current_application_settings.help_page_hide_commercial_content).to be_truthy
     expect(current_application_settings.help_page_support_url).to eq "http://example.com/help"
+    expect(current_application_settings.project_export_enabled).to be_falsey
     expect(page).to have_content "Application settings saved successfully"
   end
 
diff --git a/spec/features/boards/boards_spec.rb b/spec/features/boards/boards_spec.rb
index c51b81c1cff..ce458431c55 100644
--- a/spec/features/boards/boards_spec.rb
+++ b/spec/features/boards/boards_spec.rb
@@ -233,7 +233,7 @@ describe 'Issue Boards', js: true do
         wait_for_board_cards(4, 1)
 
         expect(find('.board:nth-child(3)')).to have_content(issue6.title)
-        expect(find('.board:nth-child(3)').all('.card').last).not_to have_content(development.title)
+        expect(find('.board:nth-child(3)').all('.card').last).to have_content(development.title)
       end
 
       it 'issue moves between lists' do
@@ -244,7 +244,7 @@ describe 'Issue Boards', js: true do
         wait_for_board_cards(4, 1)
 
         expect(find('.board:nth-child(2)')).to have_content(issue7.title)
-        expect(find('.board:nth-child(2)').all('.card').first).not_to have_content(planning.title)
+        expect(find('.board:nth-child(2)').all('.card').first).to have_content(planning.title)
       end
 
       it 'issue moves from closed' do
diff --git a/spec/features/boards/sidebar_spec.rb b/spec/features/boards/sidebar_spec.rb
index 373cd92793e..c3bf50ef9d1 100644
--- a/spec/features/boards/sidebar_spec.rb
+++ b/spec/features/boards/sidebar_spec.rb
@@ -15,10 +15,12 @@ describe 'Issue Boards', js: true do
   let!(:list)        { create(:list, board: board, label: development, position: 0) }
   let(:card) { find('.board:nth-child(2)').first('.card') }
 
-  before do
-    Timecop.freeze
+  around do |example|
+    Timecop.freeze { example.run }
+  end
 
-    project.team << [user, :master]
+  before do
+    project.add_master(user)
 
     sign_in(user)
 
@@ -26,10 +28,6 @@ describe 'Issue Boards', js: true do
     wait_for_requests
   end
 
-  after do
-    Timecop.return
-  end
-
   it 'shows sidebar when clicking issue' do
     click_card(card)
 
@@ -257,7 +255,7 @@ describe 'Issue Boards', js: true do
         end
       end
 
-      expect(card).to have_selector('.label', count: 2)
+      expect(card).to have_selector('.label', count: 3)
       expect(card).to have_content(bug.title)
     end
 
@@ -283,7 +281,7 @@ describe 'Issue Boards', js: true do
         end
       end
 
-      expect(card).to have_selector('.label', count: 3)
+      expect(card).to have_selector('.label', count: 4)
       expect(card).to have_content(bug.title)
       expect(card).to have_content(regression.title)
     end
@@ -308,7 +306,7 @@ describe 'Issue Boards', js: true do
         end
       end
 
-      expect(card).not_to have_selector('.label')
+      expect(card).to have_selector('.label', count: 1)
       expect(card).not_to have_content(stretch.title)
     end
   end
diff --git a/spec/features/calendar_spec.rb b/spec/features/calendar_spec.rb
index 64fbc80cb81..9a597a2d690 100644
--- a/spec/features/calendar_spec.rb
+++ b/spec/features/calendar_spec.rb
@@ -42,14 +42,14 @@ feature 'Contributions Calendar', :js do
   end
 
   def push_code_contribution
-    push_params = {
-      project: contributed_project,
-      action: Event::PUSHED,
-      author_id: user.id,
-      data: { commit_count: 3 }
-    }
-
-    Event.create(push_params)
+    event = create(:push_event, project: contributed_project, author: user)
+
+    create(:push_event_payload,
+           event: event,
+           commit_from: '11f9ac0a48b62cef25eedede4c1819964f08d5ce',
+           commit_to: '1cf19a015df3523caf0a1f9d40c98a267d6a2fc2',
+           commit_count: 3,
+           ref: 'master')
   end
 
   def note_comment_contribution
diff --git a/spec/features/cycle_analytics_spec.rb b/spec/features/cycle_analytics_spec.rb
index 5c60cca10b9..bfe9dac3bd4 100644
--- a/spec/features/cycle_analytics_spec.rb
+++ b/spec/features/cycle_analytics_spec.rb
@@ -24,6 +24,12 @@ feature 'Cycle Analytics', js: true do
         expect(page).to have_content('Introducing Cycle Analytics')
       end
 
+      it 'shows pipeline summary' do
+        expect(new_issues_counter).to have_content('-')
+        expect(commits_counter).to have_content('-')
+        expect(deploys_counter).to have_content('-')
+      end
+
       it 'shows active stage with empty message' do
         expect(page).to have_selector('.stage-nav-item.active', text: 'Issue')
         expect(page).to have_content("We don't have enough data to show this stage.")
@@ -42,6 +48,12 @@ feature 'Cycle Analytics', js: true do
         visit project_cycle_analytics_path(project)
       end
 
+      it 'shows pipeline summary' do
+        expect(new_issues_counter).to have_content('1')
+        expect(commits_counter).to have_content('2')
+        expect(deploys_counter).to have_content('1')
+      end
+
       it 'shows data on each stage' do
         expect_issue_to_be_present
 
@@ -63,6 +75,20 @@ feature 'Cycle Analytics', js: true do
         click_stage('Production')
         expect_issue_to_be_present
       end
+
+      context "when I change the time period observed" do
+        before do
+          _two_weeks_old_issue = create(:issue, project: project, created_at: 2.weeks.ago)
+
+          click_button('Last 30 days')
+          click_link('Last 7 days')
+          wait_for_requests
+        end
+
+        it 'shows only relevant data' do
+          expect(new_issues_counter).to have_content('1')
+        end
+      end
     end
 
     context "when my preferred language is Spanish" do
@@ -109,6 +135,18 @@ feature 'Cycle Analytics', js: true do
     end
   end
 
+  def new_issues_counter
+    find(:xpath, "//p[contains(text(),'New Issue')]/preceding-sibling::h3")
+  end
+
+  def commits_counter
+    find(:xpath, "//p[contains(text(),'Commits')]/preceding-sibling::h3")
+  end
+
+  def deploys_counter
+    find(:xpath, "//p[contains(text(),'Deploy')]/preceding-sibling::h3")
+  end
+
   def expect_issue_to_be_present
     expect(find('.stage-events')).to have_content(issue.title)
     expect(find('.stage-events')).to have_content(issue.author.name)
diff --git a/spec/features/dashboard/activity_spec.rb b/spec/features/dashboard/activity_spec.rb
index 4917dfcf1d1..582868bac1e 100644
--- a/spec/features/dashboard/activity_spec.rb
+++ b/spec/features/dashboard/activity_spec.rb
@@ -23,27 +23,19 @@ feature 'Dashboard > Activity' do
       create(:merge_request, author: user, source_project: project, target_project: project)
     end
 
-    let(:push_event_data) do
-      {
-        before: Gitlab::Git::BLANK_SHA,
-        after: '0220c11b9a3e6c69dc8fd35321254ca9a7b98f7e',
-        ref: 'refs/heads/new_design',
-        user_id: user.id,
-        user_name: user.name,
-        repository: {
-          name: project.name,
-          url: 'localhost/rubinius',
-          description: '',
-          homepage: 'localhost/rubinius',
-          private: true
-        }
-      }
-    end
-
     let(:note) { create(:note, project: project, noteable: merge_request) }
 
     let!(:push_event) do
-      create(:event, :pushed, data: push_event_data, project: project, author: user)
+      event = create(:push_event, project: project, author: user)
+
+      create(:push_event_payload,
+             event: event,
+             action: :created,
+             commit_to: '0220c11b9a3e6c69dc8fd35321254ca9a7b98f7e',
+             ref: 'new_design',
+             commit_count: 1)
+
+      event
     end
 
     let!(:merged_event) do
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index acb21eab03f..d0316cfb18d 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -57,7 +57,7 @@ feature 'Edit group settings' do
         TestEnv.clean_test_path
       end
 
-      after(:example) do
+      after do
         TestEnv.clean_test_path
       end
 
diff --git a/spec/features/groups/milestone_spec.rb b/spec/features/groups/milestone_spec.rb
index 574bbe0e0e1..32b3e13c624 100644
--- a/spec/features/groups/milestone_spec.rb
+++ b/spec/features/groups/milestone_spec.rb
@@ -5,14 +5,12 @@ feature 'Group milestones', :js do
   let!(:project) { create(:project_empty_repo, group: group) }
   let(:user) { create(:group_member, :master, user: create(:user), group: group ).user }
 
-  before do
-    Timecop.freeze
-
-    sign_in(user)
+  around do |example|
+    Timecop.freeze { example.run }
   end
 
-  after do
-    Timecop.return
+  before do
+    sign_in(user)
   end
 
   context 'create a milestone' do
diff --git a/spec/features/issues/bulk_assignment_labels_spec.rb b/spec/features/issues/bulk_assignment_labels_spec.rb
index 847e3856ba5..b2229b44f99 100644
--- a/spec/features/issues/bulk_assignment_labels_spec.rb
+++ b/spec/features/issues/bulk_assignment_labels_spec.rb
@@ -353,7 +353,7 @@ feature 'Issues > Labels bulk assignment' do
 
     context 'cannot bulk assign labels' do
       it do
-        expect(page).not_to have_button 'Edit Issues'
+        expect(page).not_to have_button 'Edit issues'
         expect(page).not_to have_css '.check-all-issues'
         expect(page).not_to have_css '.issue-check'
       end
@@ -411,7 +411,7 @@ feature 'Issues > Labels bulk assignment' do
 
   def enable_bulk_update
     visit project_issues_path(project)
-    click_button 'Edit Issues'
+    click_button 'Edit issues'
   end
 
   def disable_bulk_update
diff --git a/spec/features/issues/note_polling_spec.rb b/spec/features/issues/note_polling_spec.rb
index 9f08ecc214b..62dbc3efb01 100644
--- a/spec/features/issues/note_polling_spec.rb
+++ b/spec/features/issues/note_polling_spec.rb
@@ -133,8 +133,6 @@ feature 'Issue notes polling', :js do
   def click_edit_action(note)
     note_element = find("#note_#{note.id}")
 
-    open_more_actions_dropdown(note)
-
     note_element.find('.js-note-edit').click
   end
 end
diff --git a/spec/features/issues/update_issues_spec.rb b/spec/features/issues/update_issues_spec.rb
index 5a7c4f54cb6..bcc6e9bab0f 100644
--- a/spec/features/issues/update_issues_spec.rb
+++ b/spec/features/issues/update_issues_spec.rb
@@ -14,7 +14,7 @@ feature 'Multiple issue updating from issues#index', :js do
     it 'sets to closed' do
       visit project_issues_path(project)
 
-      click_button 'Edit Issues'
+      click_button 'Edit issues'
       find('#check-all-issues').click
       find('.js-issue-status').click
 
@@ -27,7 +27,7 @@ feature 'Multiple issue updating from issues#index', :js do
       create_closed
       visit project_issues_path(project, state: 'closed')
 
-      click_button 'Edit Issues'
+      click_button 'Edit issues'
       find('#check-all-issues').click
       find('.js-issue-status').click
 
@@ -41,7 +41,7 @@ feature 'Multiple issue updating from issues#index', :js do
     it 'updates to current user' do
       visit project_issues_path(project)
 
-      click_button 'Edit Issues'
+      click_button 'Edit issues'
       find('#check-all-issues').click
       click_update_assignee_button
 
@@ -57,7 +57,7 @@ feature 'Multiple issue updating from issues#index', :js do
       create_assigned
       visit project_issues_path(project)
 
-      click_button 'Edit Issues'
+      click_button 'Edit issues'
       find('#check-all-issues').click
       click_update_assignee_button
 
@@ -73,7 +73,7 @@ feature 'Multiple issue updating from issues#index', :js do
     it 'updates milestone' do
       visit project_issues_path(project)
 
-      click_button 'Edit Issues'
+      click_button 'Edit issues'
       find('#check-all-issues').click
       find('.issues-bulk-update .js-milestone-select').click
 
@@ -89,7 +89,7 @@ feature 'Multiple issue updating from issues#index', :js do
 
       expect(first('.issue')).to have_content milestone.title
 
-      click_button 'Edit Issues'
+      click_button 'Edit issues'
       find('#check-all-issues').click
       find('.issues-bulk-update .js-milestone-select').click
 
diff --git a/spec/features/issues_spec.rb b/spec/features/issues_spec.rb
index a5bb642221c..3c8e37ff920 100644
--- a/spec/features/issues_spec.rb
+++ b/spec/features/issues_spec.rb
@@ -729,7 +729,6 @@ describe 'Issues' do
       visit project_issue_path(project, issue)
 
       expect(page).not_to have_css('.is-confidential')
-      expect(page).to have_css('.is-not-confidential')
     end
   end
 end
diff --git a/spec/features/merge_requests/diff_notes_avatars_spec.rb b/spec/features/merge_requests/diff_notes_avatars_spec.rb
index 2d9419d6124..c4f02311f13 100644
--- a/spec/features/merge_requests/diff_notes_avatars_spec.rb
+++ b/spec/features/merge_requests/diff_notes_avatars_spec.rb
@@ -157,7 +157,7 @@ feature 'Diff note avatars', js: true do
         end
 
         page.within find("[id='#{position.line_code(project.repository)}']") do
-          find('.diff-notes-collapse').click
+          find('.diff-notes-collapse').trigger('click')
 
           expect(page).to have_selector('img.js-diff-comment-avatar', count: 3)
           expect(find('.diff-comments-more-count')).to have_content '+1'
diff --git a/spec/features/merge_requests/diffs_spec.rb b/spec/features/merge_requests/diffs_spec.rb
index 201be4b9e40..a8f5dc275e4 100644
--- a/spec/features/merge_requests/diffs_spec.rb
+++ b/spec/features/merge_requests/diffs_spec.rb
@@ -5,7 +5,7 @@ feature 'Diffs URL', js: true do
   let(:merge_request) { create(:merge_request, source_project: project) }
 
   context 'when visit with */* as accept header' do
-    before(:each) do
+    before do
       page.driver.add_header('Accept', '*/*')
     end
 
diff --git a/spec/features/merge_requests/discussion_spec.rb b/spec/features/merge_requests/discussion_spec.rb
index d1cc43e0690..05789bbd31d 100644
--- a/spec/features/merge_requests/discussion_spec.rb
+++ b/spec/features/merge_requests/discussion_spec.rb
@@ -26,7 +26,7 @@ feature 'Merge Request Discussions' do
 
     let(:outdated_diff_refs) { project.commit("874797c3a73b60d2187ed6e2fcabd289ff75171e").diff_refs }
 
-    before(:each) do
+    before do
       visit project_merge_request_path(project, merge_request)
     end
 
@@ -71,7 +71,7 @@ feature 'Merge Request Discussions' do
       end
     end
 
-    before(:each) do
+    before do
       visit project_merge_request_path(project, merge_request)
     end
 
diff --git a/spec/features/merge_requests/filter_by_labels_spec.rb b/spec/features/merge_requests/filter_by_labels_spec.rb
index 1d52a4659ad..9912e8165e6 100644
--- a/spec/features/merge_requests/filter_by_labels_spec.rb
+++ b/spec/features/merge_requests/filter_by_labels_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Merge Request filtering by Labels', js: true do
+feature 'Merge Request filtering by Labels', :js do
   include FilteredSearchHelpers
   include MergeRequestHelpers
 
@@ -12,9 +12,9 @@ feature 'Merge Request filtering by Labels', js: true do
   let!(:feature) { create(:label, project: project, title: 'feature') }
   let!(:enhancement) { create(:label, project: project, title: 'enhancement') }
 
-  let!(:mr1) { create(:merge_request, title: "Bugfix1", source_project: project, target_project: project, source_branch: "bugfix1") }
-  let!(:mr2) { create(:merge_request, title: "Bugfix2", source_project: project, target_project: project, source_branch: "bugfix2") }
-  let!(:mr3) { create(:merge_request, title: "Feature1", source_project: project, target_project: project, source_branch: "feature1") }
+  let!(:mr1) { create(:merge_request, title: "Bugfix1", source_project: project, target_project: project, source_branch: "fix") }
+  let!(:mr2) { create(:merge_request, title: "Bugfix2", source_project: project, target_project: project, source_branch: "wip") }
+  let!(:mr3) { create(:merge_request, title: "Feature1", source_project: project, target_project: project, source_branch: "improve/awesome") }
 
   before do
     mr1.labels << bug
@@ -25,7 +25,7 @@ feature 'Merge Request filtering by Labels', js: true do
     mr3.title = "Feature1"
     mr3.labels << feature
 
-    project.team << [user, :master]
+    project.add_master(user)
     sign_in(user)
 
     visit project_merge_requests_path(project)
diff --git a/spec/features/merge_requests/filter_merge_requests_spec.rb b/spec/features/merge_requests/filter_merge_requests_spec.rb
index f0019be86ad..3686131fee4 100644
--- a/spec/features/merge_requests/filter_merge_requests_spec.rb
+++ b/spec/features/merge_requests/filter_merge_requests_spec.rb
@@ -12,7 +12,7 @@ describe 'Filter merge requests' do
   let!(:wontfix)   { create(:label, project: project, title: "Won't fix") }
 
   before do
-    project.team << [user, :master]
+    project.add_master(user)
     group.add_developer(user)
     sign_in(user)
     create(:merge_request, source_project: project, target_project: project)
@@ -170,7 +170,7 @@ describe 'Filter merge requests' do
 
   describe 'filter merge requests by text' do
     before do
-      create(:merge_request, title: "Bug", source_project: project, target_project: project, source_branch: "bug")
+      create(:merge_request, title: "Bug", source_project: project, target_project: project, source_branch: "wip")
 
       bug_label = create(:label, project: project, title: 'bug')
       milestone = create(:milestone, title: "8", project: project)
@@ -179,7 +179,7 @@ describe 'Filter merge requests' do
         title: "Bug 2",
         source_project: project,
         target_project: project,
-        source_branch: "bug2",
+        source_branch: "fix",
         milestone: milestone,
         author: user,
         assignee: user)
@@ -259,12 +259,12 @@ describe 'Filter merge requests' do
     end
   end
 
-  describe 'filter merge requests and sort', js: true do
+  describe 'filter merge requests and sort', :js do
     before do
       bug_label = create(:label, project: project, title: 'bug')
 
-      mr1 = create(:merge_request, title: "Frontend", source_project: project, target_project: project, source_branch: "Frontend")
-      mr2 = create(:merge_request, title: "Bug 2", source_project: project, target_project: project, source_branch: "bug2")
+      mr1 = create(:merge_request, title: "Frontend", source_project: project, target_project: project, source_branch: "wip")
+      mr2 = create(:merge_request, title: "Bug 2", source_project: project, target_project: project, source_branch: "fix")
 
       mr1.labels << bug_label
       mr2.labels << bug_label
diff --git a/spec/features/merge_requests/reset_filters_spec.rb b/spec/features/merge_requests/reset_filters_spec.rb
index c1b90e5f875..eed95816bdf 100644
--- a/spec/features/merge_requests/reset_filters_spec.rb
+++ b/spec/features/merge_requests/reset_filters_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Merge requests filter clear button', js: true do
+feature 'Merge requests filter clear button', :js do
   include FilteredSearchHelpers
   include MergeRequestHelpers
   include IssueHelpers
@@ -9,8 +9,8 @@ feature 'Merge requests filter clear button', js: true do
   let!(:user) { create(:user) }
   let!(:milestone) { create(:milestone, project: project) }
   let!(:bug) { create(:label, project: project, name: 'bug')}
-  let!(:mr1) { create(:merge_request, title: "Feature", source_project: project, target_project: project, source_branch: "Feature", milestone: milestone, author: user, assignee: user) }
-  let!(:mr2) { create(:merge_request, title: "Bugfix1", source_project: project, target_project: project, source_branch: "Bugfix1") }
+  let!(:mr1) { create(:merge_request, title: "Feature", source_project: project, target_project: project, source_branch: "improve/awesome", milestone: milestone, author: user, assignee: user) }
+  let!(:mr2) { create(:merge_request, title: "Bugfix1", source_project: project, target_project: project, source_branch: "fix") }
 
   let(:merge_request_css) { '.merge-request' }
   let(:clear_search_css) { '.filtered-search-box .clear-search' }
diff --git a/spec/features/merge_requests/update_merge_requests_spec.rb b/spec/features/merge_requests/update_merge_requests_spec.rb
index cf30a687df8..e6dc284cba7 100644
--- a/spec/features/merge_requests/update_merge_requests_spec.rb
+++ b/spec/features/merge_requests/update_merge_requests_spec.rb
@@ -98,7 +98,7 @@ feature 'Multiple merge requests updating from merge_requests#index' do
   end
 
   def change_status(text)
-    click_button 'Edit Merge Requests'
+    click_button 'Edit merge requests'
     find('#check-all-issues').click
     find('.js-issue-status').click
     find('.dropdown-menu-status a', text: text).click
@@ -106,7 +106,7 @@ feature 'Multiple merge requests updating from merge_requests#index' do
   end
 
   def change_assignee(text)
-    click_button 'Edit Merge Requests'
+    click_button 'Edit merge requests'
     find('#check-all-issues').click
     find('.js-update-assignee').click
     wait_for_requests
@@ -119,7 +119,7 @@ feature 'Multiple merge requests updating from merge_requests#index' do
   end
 
   def change_milestone(text)
-    click_button 'Edit Merge Requests'
+    click_button 'Edit merge requests'
     find('#check-all-issues').click
     find('.issues-bulk-update .js-milestone-select').click
     find('.dropdown-menu-milestone a', text: text).click
diff --git a/spec/features/merge_requests/user_lists_merge_requests_spec.rb b/spec/features/merge_requests/user_lists_merge_requests_spec.rb
index d62b035b40b..20008b4e7f9 100644
--- a/spec/features/merge_requests/user_lists_merge_requests_spec.rb
+++ b/spec/features/merge_requests/user_lists_merge_requests_spec.rb
@@ -24,12 +24,10 @@ describe 'Projects > Merge requests > User lists merge requests' do
            milestone: create(:milestone, due_date: '2013-12-12'),
            created_at: 2.minutes.ago,
            updated_at: 2.minutes.ago)
-    # lfs in itself is not a great choice for the title if one wants to match the whole body content later on
-    # just think about the scenario when faker generates 'Chester Runolfsson' as the user's name
     create(:merge_request,
-           title: 'merge_lfs',
+           title: 'merge-test',
            source_project: project,
-           source_branch: 'merge_lfs',
+           source_branch: 'merge-test',
            created_at: 3.minutes.ago,
            updated_at: 10.seconds.ago)
   end
@@ -38,7 +36,7 @@ describe 'Projects > Merge requests > User lists merge requests' do
     visit_merge_requests(project, assignee_id: IssuableFinder::NONE)
 
     expect(current_path).to eq(project_merge_requests_path(project))
-    expect(page).to have_content 'merge_lfs'
+    expect(page).to have_content 'merge-test'
     expect(page).not_to have_content 'fix'
     expect(page).not_to have_content 'markdown'
     expect(count_merge_requests).to eq(1)
@@ -47,7 +45,7 @@ describe 'Projects > Merge requests > User lists merge requests' do
   it 'filters on a specific assignee' do
     visit_merge_requests(project, assignee_id: user.id)
 
-    expect(page).not_to have_content 'merge_lfs'
+    expect(page).not_to have_content 'merge-test'
     expect(page).to have_content 'fix'
     expect(page).to have_content 'markdown'
     expect(count_merge_requests).to eq(2)
@@ -57,14 +55,14 @@ describe 'Projects > Merge requests > User lists merge requests' do
     visit_merge_requests(project, sort: sort_value_recently_created)
 
     expect(first_merge_request).to include('fix')
-    expect(last_merge_request).to include('merge_lfs')
+    expect(last_merge_request).to include('merge-test')
     expect(count_merge_requests).to eq(3)
   end
 
   it 'sorts by oldest' do
     visit_merge_requests(project, sort: sort_value_oldest_created)
 
-    expect(first_merge_request).to include('merge_lfs')
+    expect(first_merge_request).to include('merge-test')
     expect(last_merge_request).to include('fix')
     expect(count_merge_requests).to eq(3)
   end
@@ -72,7 +70,7 @@ describe 'Projects > Merge requests > User lists merge requests' do
   it 'sorts by last updated' do
     visit_merge_requests(project, sort: sort_value_recently_updated)
 
-    expect(first_merge_request).to include('merge_lfs')
+    expect(first_merge_request).to include('merge-test')
     expect(count_merge_requests).to eq(3)
   end
 
diff --git a/spec/features/merge_requests/user_posts_diff_notes_spec.rb b/spec/features/merge_requests/user_posts_diff_notes_spec.rb
index 1cfd78663e5..f89dd38e5cd 100644
--- a/spec/features/merge_requests/user_posts_diff_notes_spec.rb
+++ b/spec/features/merge_requests/user_posts_diff_notes_spec.rb
@@ -71,7 +71,7 @@ feature 'Merge requests > User posts diff notes', :js do
     end
 
     context 'with an unfolded line' do
-      before(:each) do
+      before do
         find('.js-unfold', match: :first).click
         wait_for_requests
       end
@@ -120,7 +120,7 @@ feature 'Merge requests > User posts diff notes', :js do
     end
 
     context 'with an unfolded line' do
-      before(:each) do
+      before do
         find('.js-unfold', match: :first).click
         wait_for_requests
       end
diff --git a/spec/features/merge_requests/user_posts_notes_spec.rb b/spec/features/merge_requests/user_posts_notes_spec.rb
index 74d21822a59..d7cda73ab40 100644
--- a/spec/features/merge_requests/user_posts_notes_spec.rb
+++ b/spec/features/merge_requests/user_posts_notes_spec.rb
@@ -75,7 +75,6 @@ describe 'Merge requests > User posts notes', :js do
     describe 'editing the note' do
       before do
         find('.note').hover
-        open_more_actions_dropdown(note)
 
         find('.js-note-edit').click
       end
@@ -104,7 +103,6 @@ describe 'Merge requests > User posts notes', :js do
 
         wait_for_requests
         find('.note').hover
-        open_more_actions_dropdown(note)
 
         find('.js-note-edit').click
 
@@ -132,7 +130,6 @@ describe 'Merge requests > User posts notes', :js do
     describe 'deleting an attachment' do
       before do
         find('.note').hover
-        open_more_actions_dropdown(note)
 
         find('.js-note-edit').click
       end
diff --git a/spec/features/merge_requests/widget_spec.rb b/spec/features/merge_requests/widget_spec.rb
index 69e31c7481f..fd991293ee9 100644
--- a/spec/features/merge_requests/widget_spec.rb
+++ b/spec/features/merge_requests/widget_spec.rb
@@ -219,4 +219,17 @@ describe 'Merge request', :js do
       expect(page).to have_field('remove-source-branch-input', disabled: true)
     end
   end
+
+  context 'ongoing merge process' do
+    it 'shows Merging state' do
+      allow_any_instance_of(MergeRequest).to receive(:merge_ongoing?).and_return(true)
+
+      visit project_merge_request_path(project, merge_request)
+
+      wait_for_requests
+
+      expect(page).not_to have_button('Merge')
+      expect(page).to have_content('This merge request is in the process of being merged')
+    end
+  end
 end
diff --git a/spec/features/password_reset_spec.rb b/spec/features/password_reset_spec.rb
index 5e1e7dc078f..b45972b7f6b 100644
--- a/spec/features/password_reset_spec.rb
+++ b/spec/features/password_reset_spec.rb
@@ -16,7 +16,7 @@ feature 'Password reset' do
       user.send_reset_password_instructions
       user.update_attribute(:reset_password_sent_at, 5.minutes.ago)
 
-      expect{ forgot_password(user) }.to change{ user.reset_password_sent_at }
+      expect { forgot_password(user) }.to change { user.reset_password_sent_at }
       expect(page).to have_content(I18n.t('devise.passwords.send_paranoid_instructions'))
       expect(current_path).to eq new_user_session_path
     end
@@ -27,7 +27,7 @@ feature 'Password reset' do
       # Reload because PG handles datetime less precisely than Ruby/Rails
       user.reload
 
-      expect{ forgot_password(user) }.not_to change{ user.reset_password_sent_at }
+      expect { forgot_password(user) }.not_to change { user.reset_password_sent_at }
       expect(page).to have_content(I18n.t('devise.passwords.send_paranoid_instructions'))
       expect(current_path).to eq new_user_session_path
     end
diff --git a/spec/features/profiles/account_spec.rb b/spec/features/profiles/account_spec.rb
index 9944a6e1ff1..dcd0449dbcb 100644
--- a/spec/features/profiles/account_spec.rb
+++ b/spec/features/profiles/account_spec.rb
@@ -35,7 +35,7 @@ feature 'Profile > Account' do
         TestEnv.clean_test_path
       end
 
-      after(:example) do
+      after do
         TestEnv.clean_test_path
       end
 
diff --git a/spec/features/profiles/preferences_spec.rb b/spec/features/profiles/preferences_spec.rb
index 9123aa9d155..c935cdfd5c4 100644
--- a/spec/features/profiles/preferences_spec.rb
+++ b/spec/features/profiles/preferences_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe 'Profile > Preferences' do
+describe 'Profile > Preferences', :js do
   let(:user) { create(:user) }
 
   before do
@@ -8,28 +8,32 @@ describe 'Profile > Preferences' do
     visit profile_preferences_path
   end
 
-  describe 'User changes their syntax highlighting theme', js: true do
+  describe 'User changes their syntax highlighting theme' do
     it 'creates a flash message' do
       choose 'user_color_scheme_id_5'
 
+      wait_for_requests
+
       expect_preferences_saved_message
     end
 
     it 'updates their preference' do
       choose 'user_color_scheme_id_5'
 
-      allowing_for_delay do
-        visit page.current_path
-        expect(page).to have_checked_field('user_color_scheme_id_5')
-      end
+      wait_for_requests
+      refresh
+
+      expect(page).to have_checked_field('user_color_scheme_id_5')
     end
   end
 
-  describe 'User changes their default dashboard', js: true do
+  describe 'User changes their default dashboard' do
     it 'creates a flash message' do
       select 'Starred Projects', from: 'user_dashboard'
       click_button 'Save'
 
+      wait_for_requests
+
       expect_preferences_saved_message
     end
 
@@ -37,12 +41,12 @@ describe 'Profile > Preferences' do
       select 'Starred Projects', from: 'user_dashboard'
       click_button 'Save'
 
-      allowing_for_delay do
-        find('#logo').click
+      wait_for_requests
+
+      find('#logo').click
 
-        expect(page).to have_content("You don't have starred projects yet")
-        expect(page.current_path).to eq starred_dashboard_projects_path
-      end
+      expect(page).to have_content("You don't have starred projects yet")
+      expect(page.current_path).to eq starred_dashboard_projects_path
 
       find('.shortcuts-activity').trigger('click')
 
diff --git a/spec/features/projects/import_export/import_file_spec.rb b/spec/features/projects/import_export/import_file_spec.rb
index 24e7843db63..6a324d32ca7 100644
--- a/spec/features/projects/import_export/import_file_spec.rb
+++ b/spec/features/projects/import_export/import_file_spec.rb
@@ -10,7 +10,7 @@ feature 'Import/Export - project import integration test', js: true do
     allow_any_instance_of(Gitlab::ImportExport).to receive(:storage_path).and_return(export_path)
   end
 
-  after(:each) do
+  after do
     FileUtils.rm_rf(export_path, secure: true)
   end
 
diff --git a/spec/features/projects/project_settings_spec.rb b/spec/features/projects/project_settings_spec.rb
index 7d4ec2b4e68..80d91e5915f 100644
--- a/spec/features/projects/project_settings_spec.rb
+++ b/spec/features/projects/project_settings_spec.rb
@@ -65,7 +65,7 @@ describe 'Edit Project Settings' do
         TestEnv.clean_test_path
       end
 
-      after(:example) do
+      after do
         TestEnv.clean_test_path
       end
 
@@ -107,11 +107,11 @@ describe 'Edit Project Settings' do
       TestEnv.clean_test_path
     end
 
-    before(:example) do
+    before do
       group.add_owner(user)
     end
 
-    after(:example) do
+    after do
       TestEnv.clean_test_path
     end
 
diff --git a/spec/features/projects/user_edits_files_spec.rb b/spec/features/projects/user_edits_files_spec.rb
index 8ae89c980b9..3129aad8473 100644
--- a/spec/features/projects/user_edits_files_spec.rb
+++ b/spec/features/projects/user_edits_files_spec.rb
@@ -1,10 +1,6 @@
 require 'spec_helper'
 
 describe 'User edits files' do
-  let(:fork_message) do
-    "You're not allowed to make changes to this project directly. "\
-    "A fork of this project has been created that you can make changes in, so you can submit a merge request."
-  end
   let(:project) { create(:project, :repository, name: 'Shop') }
   let(:project2) { create(:project, :repository, name: 'Another Project', path: 'another-project') }
   let(:project_tree_path_root_ref) { project_tree_path(project, project.repository.root_ref) }
@@ -24,6 +20,9 @@ describe 'User edits files' do
     it 'inserts a content of a file', js: true do
       click_link('.gitignore')
       find('.js-edit-blob').click
+
+      wait_for_requests
+
       execute_script("ace.edit('editor').setValue('*.rbca')")
 
       expect(evaluate_script('ace.edit("editor").getValue()')).to eq('*.rbca')
@@ -39,6 +38,9 @@ describe 'User edits files' do
     it 'commits an edited file', js: true do
       click_link('.gitignore')
       find('.js-edit-blob').click
+
+      wait_for_requests
+
       execute_script("ace.edit('editor').setValue('*.rbca')")
       fill_in(:commit_message, with: 'New commit message', visible: true)
       click_button('Commit changes')
@@ -53,6 +55,9 @@ describe 'User edits files' do
     it 'commits an edited file to a new branch', js: true do
       click_link('.gitignore')
       find('.js-edit-blob').click
+
+      wait_for_requests
+
       execute_script("ace.edit('editor').setValue('*.rbca')")
       fill_in(:commit_message, with: 'New commit message', visible: true)
       fill_in(:branch_name, with: 'new_branch_name', visible: true)
@@ -69,6 +74,9 @@ describe 'User edits files' do
     it 'shows the diff of an edited file', js: true do
       click_link('.gitignore')
       find('.js-edit-blob').click
+
+      wait_for_requests
+
       execute_script("ace.edit('editor').setValue('*.rbca')")
       click_link('Preview changes')
 
@@ -91,7 +99,12 @@ describe 'User edits files' do
 
       click_link('Fork')
 
-      expect(page).to have_content(fork_message)
+      expect(page).to have_content(
+        "You're not allowed to make changes to this project directly. "\
+        "A fork of this project has been created that you can make changes in, so you can submit a merge request."
+      )
+
+      wait_for_requests
 
       execute_script("ace.edit('editor').setValue('*.rbca')")
 
@@ -106,6 +119,9 @@ describe 'User edits files' do
       expect(page).to have_button('Cancel')
 
       click_link('Fork')
+
+      wait_for_requests
+
       execute_script("ace.edit('editor').setValue('*.rbca')")
       fill_in(:commit_message, with: 'New commit message', visible: true)
       click_button('Commit changes')
diff --git a/spec/features/projects_spec.rb b/spec/features/projects_spec.rb
index 7e4d53332e5..d3d7915bebf 100644
--- a/spec/features/projects_spec.rb
+++ b/spec/features/projects_spec.rb
@@ -167,6 +167,21 @@ feature 'Project' do
     end
   end
 
+  describe 'activity view' do
+    let(:user) { create(:user, project_view: 'activity') }
+    let(:project) { create(:project, :repository) }
+
+    before do
+      project.team << [user, :master]
+      sign_in user
+      visit project_path(project)
+    end
+
+    it 'loads activity', :js do
+      expect(page).to have_selector('.event-item')
+    end
+  end
+
   def remove_with_confirm(button_text, confirm_with)
     click_button button_text
     fill_in 'confirm_name_input', with: confirm_with
diff --git a/spec/features/snippets/notes_on_personal_snippets_spec.rb b/spec/features/snippets/notes_on_personal_snippets_spec.rb
index f1d0905738b..c0c293dee78 100644
--- a/spec/features/snippets/notes_on_personal_snippets_spec.rb
+++ b/spec/features/snippets/notes_on_personal_snippets_spec.rb
@@ -91,11 +91,7 @@ describe 'Comments on personal snippets', :js do
 
   context 'when editing a note' do
     it 'changes the text' do
-      open_more_actions_dropdown(snippet_notes[0])
-
-      page.within("#notes-list li#note_#{snippet_notes[0].id}") do
-        click_on 'Edit comment'
-      end
+      find('.js-note-edit').click
 
       page.within('.current-note-edit-form') do
         fill_in 'note[note]', with: 'new content'
diff --git a/spec/features/snippets/user_creates_snippet_spec.rb b/spec/features/snippets/user_creates_snippet_spec.rb
index a919f5fa20b..d732383a1e1 100644
--- a/spec/features/snippets/user_creates_snippet_spec.rb
+++ b/spec/features/snippets/user_creates_snippet_spec.rb
@@ -41,7 +41,7 @@ feature 'User creates snippet', :js do
       expect(page).to have_content('My Snippet')
 
       link = find('a.no-attachment-icon img[alt="banana_sample"]')['src']
-      expect(link).to match(%r{/uploads/system/temp/\h{32}/banana_sample\.gif\z})
+      expect(link).to match(%r{/uploads/-/system/temp/\h{32}/banana_sample\.gif\z})
 
       visit(link)
       expect(page.status_code).to eq(200)
@@ -59,7 +59,7 @@ feature 'User creates snippet', :js do
     wait_for_requests
 
     link = find('a.no-attachment-icon img[alt="banana_sample"]')['src']
-    expect(link).to match(%r{/uploads/system/personal_snippet/#{Snippet.last.id}/\h{32}/banana_sample\.gif\z})
+    expect(link).to match(%r{/uploads/-/system/personal_snippet/#{Snippet.last.id}/\h{32}/banana_sample\.gif\z})
 
     visit(link)
     expect(page.status_code).to eq(200)
@@ -84,7 +84,7 @@ feature 'User creates snippet', :js do
     end
     expect(page).to have_content('Hello World!')
     link = find('a.no-attachment-icon img[alt="banana_sample"]')['src']
-    expect(link).to match(%r{/uploads/system/personal_snippet/#{Snippet.last.id}/\h{32}/banana_sample\.gif\z})
+    expect(link).to match(%r{/uploads/-/system/personal_snippet/#{Snippet.last.id}/\h{32}/banana_sample\.gif\z})
 
     visit(link)
     expect(page.status_code).to eq(200)
diff --git a/spec/features/snippets/user_edits_snippet_spec.rb b/spec/features/snippets/user_edits_snippet_spec.rb
index 26070e508e2..71de6b6bd1c 100644
--- a/spec/features/snippets/user_edits_snippet_spec.rb
+++ b/spec/features/snippets/user_edits_snippet_spec.rb
@@ -33,7 +33,7 @@ feature 'User edits snippet', :js do
     wait_for_requests
 
     link = find('a.no-attachment-icon img[alt="banana_sample"]')['src']
-    expect(link).to match(%r{/uploads/system/personal_snippet/#{snippet.id}/\h{32}/banana_sample\.gif\z})
+    expect(link).to match(%r{/uploads/-/system/personal_snippet/#{snippet.id}/\h{32}/banana_sample\.gif\z})
   end
 
   it 'updates the snippet to make it internal' do
diff --git a/spec/features/task_lists_spec.rb b/spec/features/task_lists_spec.rb
index c14826df55a..580258f77eb 100644
--- a/spec/features/task_lists_spec.rb
+++ b/spec/features/task_lists_spec.rb
@@ -52,8 +52,8 @@ feature 'Task Lists' do
   before do
     Warden.test_mode!
 
-    project.team << [user, :master]
-    project.team << [user2, :guest]
+    project.add_master(user)
+    project.add_guest(user2)
 
     login_as(user)
   end
diff --git a/spec/features/triggers_spec.rb b/spec/features/triggers_spec.rb
index 8d12a492feb..47664de469a 100644
--- a/spec/features/triggers_spec.rb
+++ b/spec/features/triggers_spec.rb
@@ -82,7 +82,7 @@ feature 'Triggers', js: true do
   end
 
   describe 'trigger "Take ownership" workflow' do
-    before(:each) do
+    before do
       create(:ci_trigger, owner: user2, project: @project, description: trigger_title)
       visit project_settings_ci_cd_path(@project)
     end
@@ -104,7 +104,7 @@ feature 'Triggers', js: true do
   end
 
   describe 'trigger "Revoke" workflow' do
-    before(:each) do
+    before do
       create(:ci_trigger, owner: user2, project: @project, description: trigger_title)
       visit project_settings_ci_cd_path(@project)
     end
diff --git a/spec/features/users_spec.rb b/spec/features/users_spec.rb
index ff004d85272..15b89dac572 100644
--- a/spec/features/users_spec.rb
+++ b/spec/features/users_spec.rb
@@ -73,7 +73,7 @@ feature 'Users', js: true do
     let(:loading_icon) { '.fa.fa-spinner' }
     let(:username_input) { 'new_user_username' }
 
-    before(:each) do
+    before do
       visit new_user_session_path
       click_link 'Register'
     end
@@ -104,7 +104,7 @@ feature 'Users', js: true do
   end
 
   def errors_on_page(page)
-    page.find('#error_explanation').find('ul').all('li').map{ |item| item.text }.join("\n")
+    page.find('#error_explanation').find('ul').all('li').map { |item| item.text }.join("\n")
   end
 
   def number_of_errors_on_page(page)
diff --git a/spec/finders/admin/projects_finder_spec.rb b/spec/finders/admin/projects_finder_spec.rb
index 4e367d39cf3..28e36330029 100644
--- a/spec/finders/admin/projects_finder_spec.rb
+++ b/spec/finders/admin/projects_finder_spec.rb
@@ -38,6 +38,12 @@ describe Admin::ProjectsFinder do
       it { is_expected.to match_array([shared_project, public_project, internal_project, private_project]) }
     end
 
+    context 'with pending delete project' do
+      let!(:pending_delete_project) { create(:project, pending_delete: true) }
+
+      it { is_expected.not_to include(pending_delete_project) }
+    end
+
     context 'filter by namespace_id' do
       let(:namespace) { create(:namespace) }
       let!(:project_in_namespace) { create(:project, namespace: namespace) }
diff --git a/spec/finders/contributed_projects_finder_spec.rb b/spec/finders/contributed_projects_finder_spec.rb
index 2d079ea83b4..60ea98e61c7 100644
--- a/spec/finders/contributed_projects_finder_spec.rb
+++ b/spec/finders/contributed_projects_finder_spec.rb
@@ -14,8 +14,8 @@ describe ContributedProjectsFinder do
     private_project.add_developer(current_user)
     public_project.add_master(source_user)
 
-    create(:event, :pushed, project: public_project, target: public_project, author: source_user)
-    create(:event, :pushed, project: private_project, target: private_project, author: source_user)
+    create(:push_event, project: public_project, author: source_user)
+    create(:push_event, project: private_project, author: source_user)
   end
 
   describe 'without a current user' do
diff --git a/spec/finders/environments_finder_spec.rb b/spec/finders/environments_finder_spec.rb
index 0c063f6d5ee..3a8a1e7de74 100644
--- a/spec/finders/environments_finder_spec.rb
+++ b/spec/finders/environments_finder_spec.rb
@@ -12,7 +12,7 @@ describe EnvironmentsFinder do
 
     context 'tagged deployment' do
       before do
-        create(:deployment, environment: environment, ref: '1.0', tag: true, sha: project.commit.id)
+        create(:deployment, environment: environment, ref: 'v1.1.0', tag: true, sha: project.commit.id)
       end
 
       it 'returns environment when with_tags is set' do
diff --git a/spec/fixtures/api/schemas/entities/merge_request.json b/spec/fixtures/api/schemas/entities/merge_request.json
index 7ffa82fc4bd..2f12b671dec 100644
--- a/spec/fixtures/api/schemas/entities/merge_request.json
+++ b/spec/fixtures/api/schemas/entities/merge_request.json
@@ -19,7 +19,6 @@
     "human_time_estimate": { "type": ["integer", "null"] },
     "human_total_time_spent": { "type": ["integer", "null"] },
     "in_progress_merge_commit_sha": { "type": ["string", "null"] },
-    "locked_at": { "type": ["string", "null"] },
     "merge_error": { "type": ["string", "null"] },
     "merge_commit_sha": { "type": ["string", "null"] },
     "merge_params": { "type": ["object", "null"] },
@@ -94,7 +93,8 @@
     "commit_change_content_path": { "type": "string" },
     "remove_wip_path": { "type": "string" },
     "commits_count": { "type": "integer" },
-    "remove_source_branch": { "type": ["boolean", "null"] }
+    "remove_source_branch": { "type": ["boolean", "null"] },
+    "merge_ongoing": { "type": "boolean" }
   },
   "additionalProperties": false
 }
diff --git a/spec/fixtures/api/schemas/public_api/v4/comment.json b/spec/fixtures/api/schemas/public_api/v4/comment.json
new file mode 100644
index 00000000000..52cfe86aeeb
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/comment.json
@@ -0,0 +1,21 @@
+{
+  "type": "object",
+  "required" : [
+    "name",
+    "message",
+    "commit",
+    "release"
+  ],
+  "properties" : {
+    "name": { "type": "string" },
+    "message": { "type": ["string", "null"] },
+    "commit": { "$ref": "commit/basic.json" },
+    "release": {
+      "oneOf": [
+        { "type": "null" },
+        { "$ref": "release.json" }
+      ]
+    }
+  },
+  "additionalProperties": false
+}
diff --git a/spec/fixtures/api/schemas/public_api/v4/commit/detail.json b/spec/fixtures/api/schemas/public_api/v4/commit/detail.json
new file mode 100644
index 00000000000..b7b2535c204
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/commit/detail.json
@@ -0,0 +1,16 @@
+{
+  "type": "object",
+  "allOf": [
+    { "$ref": "basic.json" },
+    {
+      "required" : [
+        "stats",
+        "status"
+      ],
+      "properties": {
+        "stats": { "$ref": "../commit_stats.json" },
+        "status": { "type": ["string", "null"] }
+      }
+    }
+  ]
+}
diff --git a/spec/fixtures/api/schemas/public_api/v4/commit_note.json b/spec/fixtures/api/schemas/public_api/v4/commit_note.json
new file mode 100644
index 00000000000..02081989271
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/commit_note.json
@@ -0,0 +1,19 @@
+{
+  "type": "object",
+  "required" : [
+    "note",
+    "path",
+    "line",
+    "line_type",
+    "author",
+    "created_at"
+  ],
+  "properties" : {
+    "note": { "type": ["string", "null"] },
+    "path": { "type": ["string", "null"] },
+    "line": { "type": ["integer", "null"] },
+    "line_type": { "type": ["string", "null"] },
+    "author": { "$ref": "user/basic.json" },
+    "created_at": { "type": "date" }
+  }
+}
diff --git a/spec/fixtures/api/schemas/public_api/v4/commit_notes.json b/spec/fixtures/api/schemas/public_api/v4/commit_notes.json
new file mode 100644
index 00000000000..d65a7d677ea
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/commit_notes.json
@@ -0,0 +1,4 @@
+{
+  "type": "array",
+  "items": { "$ref": "commit_note.json" }
+}
diff --git a/spec/fixtures/api/schemas/public_api/v4/commit_stats.json b/spec/fixtures/api/schemas/public_api/v4/commit_stats.json
new file mode 100644
index 00000000000..779384c62e6
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/commit_stats.json
@@ -0,0 +1,14 @@
+{
+  "type": "object",
+  "required" : [
+    "additions",
+    "deletions",
+    "total"
+  ],
+  "properties" : {
+    "additions": { "type": "integer" },
+    "deletions": { "type": "integer" },
+    "total": { "type": "integer" }
+  },
+  "additionalProperties": false
+}
diff --git a/spec/fixtures/api/schemas/public_api/v4/commits.json b/spec/fixtures/api/schemas/public_api/v4/commits.json
new file mode 100644
index 00000000000..98b17a96071
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/commits.json
@@ -0,0 +1,4 @@
+{
+  "type": "array",
+  "items": { "$ref": "commit/basic.json" }
+}
diff --git a/spec/fixtures/api/schemas/public_api/v4/release.json b/spec/fixtures/api/schemas/public_api/v4/release.json
new file mode 100644
index 00000000000..6612c2a9911
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/release.json
@@ -0,0 +1,12 @@
+{
+  "type": "object",
+  "required" : [
+    "tag_name",
+    "description"
+  ],
+  "properties" : {
+    "tag_name": { "type": ["string", "null"] },
+    "description": { "type": "string" }
+  },
+  "additionalProperties": false
+}
diff --git a/spec/fixtures/api/schemas/public_api/v4/tag.json b/spec/fixtures/api/schemas/public_api/v4/tag.json
new file mode 100644
index 00000000000..52cfe86aeeb
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/tag.json
@@ -0,0 +1,21 @@
+{
+  "type": "object",
+  "required" : [
+    "name",
+    "message",
+    "commit",
+    "release"
+  ],
+  "properties" : {
+    "name": { "type": "string" },
+    "message": { "type": ["string", "null"] },
+    "commit": { "$ref": "commit/basic.json" },
+    "release": {
+      "oneOf": [
+        { "type": "null" },
+        { "$ref": "release.json" }
+      ]
+    }
+  },
+  "additionalProperties": false
+}
diff --git a/spec/fixtures/api/schemas/public_api/v4/tags.json b/spec/fixtures/api/schemas/public_api/v4/tags.json
new file mode 100644
index 00000000000..eae352e7f87
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/tags.json
@@ -0,0 +1,4 @@
+{
+  "type": "array",
+  "items": { "$ref": "tag.json" }
+}
diff --git a/spec/fixtures/api/schemas/public_api/v4/user/basic.json b/spec/fixtures/api/schemas/public_api/v4/user/basic.json
new file mode 100644
index 00000000000..9f69d31971c
--- /dev/null
+++ b/spec/fixtures/api/schemas/public_api/v4/user/basic.json
@@ -0,0 +1,15 @@
+{
+  "type": "object",
+  "required": [
+    "id",
+    "state",
+    "avatar_url",
+    "web_url"
+  ],
+  "properties": {
+    "id": { "type": "integer" },
+    "state": { "type": "string" },
+    "avatar_url": { "type": "string" },
+    "web_url": { "type": "string" }
+  }
+}
diff --git a/spec/fixtures/encoding/Japanese.md b/spec/fixtures/encoding/Japanese.md
new file mode 100644
index 00000000000..dd469c9f232
--- /dev/null
+++ b/spec/fixtures/encoding/Japanese.md
@@ -0,0 +1,42 @@
++++
+date = "2017-05-21T13:05:07+09:00"
+title = "レイヤ"
+weight = 10
+
++++
+
+## ���ュートリアル�扱�内容
+1. Redacted���る2D開発��レイヤ�基本的�概�
+2. スクリーン上�スプライト�順�付�方法
+
+### Redacted���る2D開発��レイヤ�基本的�概�
+2D�����z軸�存在������シーン内�素��画順を制御�る����代替��る仕組��必���。
+Redacted��**レイヤ**���る**zIndex**属性を制御�能��る������課題を解決�����。
+**デフォルト���zIndex�0��りオブジェクト�レイヤ�追加�れ�順番��画�れ��。**
+
+レイヤ����������特性��り��。
+
+* レイヤ��レイヤ化�れ�オブジェクト��を��る�������。(**3Dモデル�絶対�追加��������**）
+* レイヤ�レイヤ化�れ�オブジェクト��。（������レイヤ��他�レイヤを��る�������)
+* レイヤ化�れ�オブジェクト��最大�1��レイヤ�属��������。
+
+レイヤを直接�期化�る�������ん����派生クラス��期化�る����能��。**Scene2D**�**コンテナ**��**レイヤ**�ら派生�る2��主�オブジェクト��。�����期化（createContainer�instantiate�...）�レイヤ上�行�れ��。��り�2D��期化�れる����オブジェクト��zIndexプロパティを��レイヤ化�れ�オブジェクト��。
+
+**zIndex�グロー�ル���り��ん!**
+
+CSS��異�り�zIndex�����オブジェクト�対��グロー�ル���り��ん。zIndexプロパティ�親レイヤ�対��ローカル��。詳細��������コンテナ�ュートリアル�説明�����。 [TODO: Link]。
+
+### スクリーン上�スプライト�順�付�方法
+�れ��学ん���を生����画��スプライトを表示���zIndex�設定を�����ょ��
+
+* ���最�� (A,B,C)　スプライトを生����。
+* スプライトAをシーン�追加���（zIndex = 0�標準色）
+* スプライトBをシーン2�追加�る��**スプライトA�上�**表示�れ��（zIndex = 0�赤色）
+* 最後�スプライトCをシーン�追加���（�色）��スプライト�zIndexを-1�設定�る��スプライト�A�B�後��表示�れ��。
+
+{{< code "static/tutorials/layers.html" >}}
+
+### ソースコード全体
+```js
+{{< snippet "static/tutorials/layers.html" >}}
+```
diff --git a/spec/helpers/pagination_helper_spec.rb b/spec/helpers/pagination_helper_spec.rb
new file mode 100644
index 00000000000..e235475fb47
--- /dev/null
+++ b/spec/helpers/pagination_helper_spec.rb
@@ -0,0 +1,23 @@
+require 'spec_helper'
+
+describe PaginationHelper do
+  describe '#paginate_collection' do
+    let(:collection) { User.all.page(1) }
+
+    it 'paginates a collection without using a COUNT' do
+      without_count = collection.without_count
+
+      expect(helper).to receive(:paginate_without_count)
+        .with(without_count)
+        .and_call_original
+
+      helper.paginate_collection(without_count)
+    end
+
+    it 'paginates a collection using a COUNT' do
+      expect(helper).to receive(:paginate_with_count).and_call_original
+
+      helper.paginate_collection(collection)
+    end
+  end
+end
diff --git a/spec/helpers/projects_helper_spec.rb b/spec/helpers/projects_helper_spec.rb
index 37a5e6b474e..d1efa318d14 100644
--- a/spec/helpers/projects_helper_spec.rb
+++ b/spec/helpers/projects_helper_spec.rb
@@ -432,9 +432,7 @@ describe ProjectsHelper do
   end
 
   describe '#any_projects?' do
-    before do
-      create(:project)
-    end
+    let!(:project) { create(:project) }
 
     it 'returns true when projects will be returned' do
       expect(helper.any_projects?(Project.all)).to eq(true)
@@ -444,6 +442,14 @@ describe ProjectsHelper do
       expect(helper.any_projects?(Project.none)).to eq(false)
     end
 
+    it 'returns true when using a non-empty Array' do
+      expect(helper.any_projects?([project])).to eq(true)
+    end
+
+    it 'returns false when using an empty Array' do
+      expect(helper.any_projects?([])).to eq(false)
+    end
+
     it 'only executes a single query when a LIMIT is applied' do
       relation = Project.limit(1)
       recorder = ActiveRecord::QueryRecorder.new do
diff --git a/spec/javascripts/blob/blob_file_dropzone_spec.js b/spec/javascripts/blob/blob_file_dropzone_spec.js
new file mode 100644
index 00000000000..2c8183ff77b
--- /dev/null
+++ b/spec/javascripts/blob/blob_file_dropzone_spec.js
@@ -0,0 +1,42 @@
+import 'dropzone';
+import BlobFileDropzone from '~/blob/blob_file_dropzone';
+
+describe('BlobFileDropzone', () => {
+  preloadFixtures('blob/show.html.raw');
+
+  beforeEach(() => {
+    loadFixtures('blob/show.html.raw');
+    const form = $('.js-upload-blob-form');
+    this.blobFileDropzone = new BlobFileDropzone(form, 'POST');
+    this.dropzone = $('.js-upload-blob-form .dropzone').get(0).dropzone;
+    this.replaceFileButton = $('#submit-all');
+  });
+
+  describe('submit button', () => {
+    it('requires file', () => {
+      spyOn(window, 'alert');
+
+      this.replaceFileButton.click();
+
+      expect(window.alert).toHaveBeenCalled();
+    });
+
+    it('is disabled while uploading', () => {
+      spyOn(window, 'alert');
+
+      const file = {
+        name: 'some-file.jpg',
+        type: 'jpg',
+      };
+      const fakeEvent = jQuery.Event('drop', {
+        dataTransfer: { files: [file] },
+      });
+
+      this.dropzone.listeners[0].events.drop(fakeEvent);
+      this.replaceFileButton.click();
+
+      expect(window.alert).not.toHaveBeenCalled();
+      expect(this.replaceFileButton.is(':disabled')).toEqual(true);
+    });
+  });
+});
diff --git a/spec/javascripts/blob/viewer/index_spec.js b/spec/javascripts/blob/viewer/index_spec.js
index af04e7c1e72..cfa6650d85f 100644
--- a/spec/javascripts/blob/viewer/index_spec.js
+++ b/spec/javascripts/blob/viewer/index_spec.js
@@ -3,10 +3,10 @@ import BlobViewer from '~/blob/viewer/index';
 
 describe('Blob viewer', () => {
   let blob;
-  preloadFixtures('blob/show.html.raw');
+  preloadFixtures('snippets/show.html.raw');
 
   beforeEach(() => {
-    loadFixtures('blob/show.html.raw');
+    loadFixtures('snippets/show.html.raw');
     $('#modal-upload-blob').remove();
 
     blob = new BlobViewer();
diff --git a/spec/javascripts/boards/issue_card_spec.js b/spec/javascripts/boards/issue_card_spec.js
index bd9b4fbfdd3..69cfcbbce5a 100644
--- a/spec/javascripts/boards/issue_card_spec.js
+++ b/spec/javascripts/boards/issue_card_spec.js
@@ -238,12 +238,6 @@ describe('Issue card component', () => {
   });
 
   describe('labels', () => {
-    it('does not render any', () => {
-      expect(
-        component.$el.querySelector('.label'),
-      ).toBeNull();
-    });
-
     describe('exists', () => {
       beforeEach((done) => {
         component.issue.addLabel(label1);
@@ -251,16 +245,21 @@ describe('Issue card component', () => {
         Vue.nextTick(() => done());
       });
 
-      it('does not render list label', () => {
+      it('renders list label', () => {
         expect(
           component.$el.querySelectorAll('.label').length,
-        ).toBe(1);
+        ).toBe(2);
       });
 
       it('renders label', () => {
+        const nodes = [];
+        component.$el.querySelectorAll('.label').forEach((label) => {
+          nodes.push(label.title);
+        });
+
         expect(
-          component.$el.querySelector('.label').textContent,
-        ).toContain(label1.title);
+          nodes.includes(label1.description),
+        ).toBe(true);
       });
 
       it('sets label description as title', () => {
@@ -270,9 +269,14 @@ describe('Issue card component', () => {
       });
 
       it('sets background color of button', () => {
+        const nodes = [];
+        component.$el.querySelectorAll('.label').forEach((label) => {
+          nodes.push(label.style.backgroundColor);
+        });
+
         expect(
-          component.$el.querySelector('.label').style.backgroundColor,
-        ).toContain(label1.color);
+          nodes.includes(label1.color),
+        ).toBe(true);
       });
     });
   });
diff --git a/spec/javascripts/breakpoints_spec.js b/spec/javascripts/breakpoints_spec.js
new file mode 100644
index 00000000000..b1b5d36c1fb
--- /dev/null
+++ b/spec/javascripts/breakpoints_spec.js
@@ -0,0 +1,15 @@
+import bp, {
+  breakpoints,
+} from '~/breakpoints';
+
+describe('breakpoints', () => {
+  Object.keys(breakpoints).forEach((key) => {
+    const size = breakpoints[key];
+
+    it(`returns ${key} when larger than ${size}`, () => {
+      spyOn(bp, 'windowWidth').and.returnValue(size + 10);
+
+      expect(bp.getBreakpointSize()).toBe(key);
+    });
+  });
+});
diff --git a/spec/javascripts/fixtures/abuse_reports.rb b/spec/javascripts/fixtures/abuse_reports.rb
index de673f94d72..387858cba77 100644
--- a/spec/javascripts/fixtures/abuse_reports.rb
+++ b/spec/javascripts/fixtures/abuse_reports.rb
@@ -14,7 +14,7 @@ describe Admin::AbuseReportsController, '(JavaScript fixtures)', type: :controll
     clean_frontend_fixtures('abuse_reports/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/blob.rb b/spec/javascripts/fixtures/blob.rb
index 16490ad5039..2dffc42b0ef 100644
--- a/spec/javascripts/fixtures/blob.rb
+++ b/spec/javascripts/fixtures/blob.rb
@@ -13,7 +13,7 @@ describe Projects::BlobController, '(JavaScript fixtures)', type: :controller do
     clean_frontend_fixtures('blob/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/boards.rb b/spec/javascripts/fixtures/boards.rb
index d7c3dc0a235..494c9cabdcc 100644
--- a/spec/javascripts/fixtures/boards.rb
+++ b/spec/javascripts/fixtures/boards.rb
@@ -13,7 +13,7 @@ describe Projects::BoardsController, '(JavaScript fixtures)', type: :controller
     clean_frontend_fixtures('boards/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/branches.rb b/spec/javascripts/fixtures/branches.rb
index a059818145b..bb3bdf7c215 100644
--- a/spec/javascripts/fixtures/branches.rb
+++ b/spec/javascripts/fixtures/branches.rb
@@ -13,7 +13,7 @@ describe Projects::BranchesController, '(JavaScript fixtures)', type: :controlle
     clean_frontend_fixtures('branches/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/dashboard.rb b/spec/javascripts/fixtures/dashboard.rb
index e83db8daaf2..793ffa7c220 100644
--- a/spec/javascripts/fixtures/dashboard.rb
+++ b/spec/javascripts/fixtures/dashboard.rb
@@ -13,7 +13,7 @@ describe Dashboard::ProjectsController, '(JavaScript fixtures)', type: :controll
     clean_frontend_fixtures('dashboard/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/deploy_keys.rb b/spec/javascripts/fixtures/deploy_keys.rb
index fca3f5b1bfe..bea161c514f 100644
--- a/spec/javascripts/fixtures/deploy_keys.rb
+++ b/spec/javascripts/fixtures/deploy_keys.rb
@@ -12,7 +12,7 @@ describe Projects::DeployKeysController, '(JavaScript fixtures)', type: :control
     clean_frontend_fixtures('deploy_keys/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/environments.rb b/spec/javascripts/fixtures/environments.rb
index 3474f4696ef..d2457d75419 100644
--- a/spec/javascripts/fixtures/environments.rb
+++ b/spec/javascripts/fixtures/environments.rb
@@ -14,7 +14,7 @@ describe Projects::EnvironmentsController, '(JavaScript fixtures)', type: :contr
     clean_frontend_fixtures('environments/metrics')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/issues.rb b/spec/javascripts/fixtures/issues.rb
index 1a30909977e..d3ad50af1b9 100644
--- a/spec/javascripts/fixtures/issues.rb
+++ b/spec/javascripts/fixtures/issues.rb
@@ -13,7 +13,7 @@ describe Projects::IssuesController, '(JavaScript fixtures)', type: :controller
     clean_frontend_fixtures('issues/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/jobs.rb b/spec/javascripts/fixtures/jobs.rb
index dc7dde1138c..83a96797506 100644
--- a/spec/javascripts/fixtures/jobs.rb
+++ b/spec/javascripts/fixtures/jobs.rb
@@ -17,7 +17,7 @@ describe Projects::JobsController, '(JavaScript fixtures)', type: :controller do
     clean_frontend_fixtures('builds/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/labels.rb b/spec/javascripts/fixtures/labels.rb
index 2e4811b64a4..814f065f3a4 100644
--- a/spec/javascripts/fixtures/labels.rb
+++ b/spec/javascripts/fixtures/labels.rb
@@ -22,7 +22,7 @@ describe 'Labels (JavaScript fixtures)' do
   describe Groups::LabelsController, '(JavaScript fixtures)', type: :controller do
     render_views
 
-    before(:each) do
+    before do
       sign_in(admin)
     end
 
@@ -39,7 +39,7 @@ describe 'Labels (JavaScript fixtures)' do
   describe Projects::LabelsController, '(JavaScript fixtures)', type: :controller do
     render_views
 
-    before(:each) do
+    before do
       sign_in(admin)
     end
 
diff --git a/spec/javascripts/fixtures/merge_requests.rb b/spec/javascripts/fixtures/merge_requests.rb
index f9d8b5c569c..f97a5d2b5de 100644
--- a/spec/javascripts/fixtures/merge_requests.rb
+++ b/spec/javascripts/fixtures/merge_requests.rb
@@ -33,7 +33,7 @@ describe Projects::MergeRequestsController, '(JavaScript fixtures)', type: :cont
     clean_frontend_fixtures('merge_requests/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/merge_requests_diffs.rb b/spec/javascripts/fixtures/merge_requests_diffs.rb
index 4481a187f63..6e0a97d2e3f 100644
--- a/spec/javascripts/fixtures/merge_requests_diffs.rb
+++ b/spec/javascripts/fixtures/merge_requests_diffs.rb
@@ -25,7 +25,7 @@ describe Projects::MergeRequests::DiffsController, '(JavaScript fixtures)', type
     clean_frontend_fixtures('merge_request_diffs/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/pipelines.rb b/spec/javascripts/fixtures/pipelines.rb
index daafbac86db..bb85da50f0f 100644
--- a/spec/javascripts/fixtures/pipelines.rb
+++ b/spec/javascripts/fixtures/pipelines.rb
@@ -19,7 +19,7 @@ describe Projects::PipelinesController, '(JavaScript fixtures)', type: :controll
     clean_frontend_fixtures('pipelines/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/projects.rb b/spec/javascripts/fixtures/projects.rb
index 6c33b240e5c..f09d44a49d1 100644
--- a/spec/javascripts/fixtures/projects.rb
+++ b/spec/javascripts/fixtures/projects.rb
@@ -13,7 +13,7 @@ describe ProjectsController, '(JavaScript fixtures)', type: :controller do
     clean_frontend_fixtures('projects/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/prometheus_service.rb b/spec/javascripts/fixtures/prometheus_service.rb
index 3200577b326..7a46e47bb15 100644
--- a/spec/javascripts/fixtures/prometheus_service.rb
+++ b/spec/javascripts/fixtures/prometheus_service.rb
@@ -14,7 +14,7 @@ describe Projects::ServicesController, '(JavaScript fixtures)', type: :controlle
     clean_frontend_fixtures('services/prometheus')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/services.rb b/spec/javascripts/fixtures/services.rb
index 554451d1bbf..0a3c64d5d31 100644
--- a/spec/javascripts/fixtures/services.rb
+++ b/spec/javascripts/fixtures/services.rb
@@ -15,7 +15,7 @@ describe Projects::ServicesController, '(JavaScript fixtures)', type: :controlle
     clean_frontend_fixtures('services/')
   end
 
-  before(:each) do
+  before do
     sign_in(admin)
   end
 
diff --git a/spec/javascripts/fixtures/snippet.rb b/spec/javascripts/fixtures/snippet.rb
new file mode 100644
index 00000000000..01bfb87b0c1
--- /dev/null
+++ b/spec/javascripts/fixtures/snippet.rb
@@ -0,0 +1,27 @@
+require 'spec_helper'
+
+describe SnippetsController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :repository, namespace: namespace, path: 'branches-project') }
+  let(:snippet) { create(:personal_snippet, title: 'snippet.md', content: '# snippet', file_name: 'snippet.md', author: admin) }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('snippets/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  it 'snippets/show.html.raw' do |example|
+    get(:show, id: snippet.to_param)
+
+    expect(response).to be_success
+    store_frontend_fixture(response, example.description)
+  end
+end
diff --git a/spec/javascripts/fixtures/todos.rb b/spec/javascripts/fixtures/todos.rb
index a81ef8c5492..ba630365c18 100644
--- a/spec/javascripts/fixtures/todos.rb
+++ b/spec/javascripts/fixtures/todos.rb
@@ -18,7 +18,7 @@ describe 'Todos (JavaScript fixtures)' do
   describe Dashboard::TodosController, '(JavaScript fixtures)', type: :controller do
     render_views
 
-    before(:each) do
+    before do
       sign_in(admin)
     end
 
@@ -33,7 +33,7 @@ describe 'Todos (JavaScript fixtures)' do
   describe Projects::TodosController, '(JavaScript fixtures)', type: :controller do
     render_views
 
-    before(:each) do
+    before do
       sign_in(admin)
     end
 
diff --git a/spec/javascripts/fly_out_nav_spec.js b/spec/javascripts/fly_out_nav_spec.js
index ab74f3e00ec..65a7459c5ed 100644
--- a/spec/javascripts/fly_out_nav_spec.js
+++ b/spec/javascripts/fly_out_nav_spec.js
@@ -1,10 +1,17 @@
-/* global bp */
+import Cookies from 'js-cookie';
 import {
   calculateTop,
-  hideSubLevelItems,
   showSubLevelItems,
   canShowSubItems,
+  canShowActiveSubItems,
+  mouseEnterTopItems,
+  mouseLeaveTopItem,
+  setOpenMenu,
+  mousePos,
+  getHideSubItemsInterval,
+  documentMouseMove,
 } from '~/fly_out_nav';
+import bp from '~/breakpoints';
 
 describe('Fly out sidebar navigation', () => {
   let el;
@@ -16,11 +23,14 @@ describe('Fly out sidebar navigation', () => {
     document.body.appendChild(el);
 
     spyOn(bp, 'getBreakpointSize').and.callFake(() => breakpointSize);
+
+    setOpenMenu(null);
   });
 
   afterEach(() => {
-    el.remove();
+    document.body.innerHTML = '';
     breakpointSize = 'lg';
+    mousePos.length = 0;
   });
 
   describe('calculateTop', () => {
@@ -47,61 +57,152 @@ describe('Fly out sidebar navigation', () => {
     });
   });
 
-  describe('hideSubLevelItems', () => {
+  describe('getHideSubItemsInterval', () => {
     beforeEach(() => {
-      el.innerHTML = '<div class="sidebar-sub-level-items"></div>';
+      el.innerHTML = '<div class="sidebar-sub-level-items" style="position: fixed; top: 0; left: 100px; height: 50px;"></div>';
+    });
+
+    it('returns 0 if currentOpenMenu is nil', () => {
+      expect(
+        getHideSubItemsInterval(),
+      ).toBe(0);
     });
 
-    it('hides subitems', () => {
-      hideSubLevelItems(el);
+    it('returns 0 when mouse above sub-items', () => {
+      showSubLevelItems(el);
+      documentMouseMove({
+        clientX: el.getBoundingClientRect().left,
+        clientY: el.getBoundingClientRect().top,
+      });
+      documentMouseMove({
+        clientX: el.getBoundingClientRect().left,
+        clientY: el.getBoundingClientRect().top - 50,
+      });
 
       expect(
-        el.querySelector('.sidebar-sub-level-items').style.display,
-      ).toBe('none');
+        getHideSubItemsInterval(),
+      ).toBe(0);
     });
 
-    it('does not hude subitems on mobile', () => {
-      breakpointSize = 'sm';
+    it('returns 0 when mouse is below sub-items', () => {
+      const subItems = el.querySelector('.sidebar-sub-level-items');
 
-      hideSubLevelItems(el);
+      showSubLevelItems(el);
+      documentMouseMove({
+        clientX: el.getBoundingClientRect().left,
+        clientY: el.getBoundingClientRect().top,
+      });
+      documentMouseMove({
+        clientX: el.getBoundingClientRect().left,
+        clientY: (el.getBoundingClientRect().top - subItems.getBoundingClientRect().height) + 50,
+      });
 
       expect(
-        el.querySelector('.sidebar-sub-level-items').style.display,
-      ).not.toBe('none');
+        getHideSubItemsInterval(),
+      ).toBe(0);
     });
 
-    it('removes is-over class', () => {
+    it('returns 300 when mouse is moved towards sub-items', () => {
+      documentMouseMove({
+        clientX: el.getBoundingClientRect().left,
+        clientY: el.getBoundingClientRect().top,
+      });
+      showSubLevelItems(el);
+      documentMouseMove({
+        clientX: el.getBoundingClientRect().left + 20,
+        clientY: el.getBoundingClientRect().top + 10,
+      });
+
+      expect(
+        getHideSubItemsInterval(),
+      ).toBe(300);
+    });
+  });
+
+  describe('mouseLeaveTopItem', () => {
+    beforeEach(() => {
       spyOn(el.classList, 'remove');
+    });
 
-      hideSubLevelItems(el);
+    it('removes is-over class if currentOpenMenu is null', () => {
+      mouseLeaveTopItem(el);
 
       expect(
         el.classList.remove,
       ).toHaveBeenCalledWith('is-over');
     });
 
-    it('removes is-above class from sub-items', () => {
-      const subItems = el.querySelector('.sidebar-sub-level-items');
+    it('removes is-over class if currentOpenMenu is null & there are sub-items', () => {
+      el.innerHTML = '<div class="sidebar-sub-level-items" style="position: absolute;"></div>';
+
+      mouseLeaveTopItem(el);
 
-      spyOn(subItems.classList, 'remove');
+      expect(
+        el.classList.remove,
+      ).toHaveBeenCalledWith('is-over');
+    });
+
+    it('does not remove is-over class if currentOpenMenu is the passed in sub-items', () => {
+      el.innerHTML = '<div class="sidebar-sub-level-items" style="position: absolute;"></div>';
 
-      hideSubLevelItems(el);
+      setOpenMenu(el.querySelector('.sidebar-sub-level-items'));
+      mouseLeaveTopItem(el);
 
       expect(
-        subItems.classList.remove,
-      ).toHaveBeenCalledWith('is-above');
+        el.classList.remove,
+      ).not.toHaveBeenCalled();
     });
+  });
 
-    it('does nothing if el has no sub-items', () => {
-      el.innerHTML = '';
+  describe('mouseEnterTopItems', () => {
+    beforeEach(() => {
+      jasmine.clock().install();
 
-      spyOn(el.classList, 'remove');
+      el.innerHTML = '<div class="sidebar-sub-level-items" style="position: absolute; top: 0; left: 100px; height: 200px;"></div>';
+    });
+
+    afterEach(() => {
+      jasmine.clock().uninstall();
+    });
 
-      hideSubLevelItems(el);
+    it('shows sub-items after 0ms if no menu is open', () => {
+      mouseEnterTopItems(el);
 
       expect(
-        el.classList.remove,
-      ).not.toHaveBeenCalledWith();
+        getHideSubItemsInterval(),
+      ).toBe(0);
+
+      jasmine.clock().tick(0);
+
+      expect(
+        el.querySelector('.sidebar-sub-level-items').style.display,
+      ).toBe('block');
+    });
+
+    it('shows sub-items after 300ms if a menu is currently open', () => {
+      documentMouseMove({
+        clientX: el.getBoundingClientRect().left,
+        clientY: el.getBoundingClientRect().top,
+      });
+
+      setOpenMenu(el.querySelector('.sidebar-sub-level-items'));
+
+      documentMouseMove({
+        clientX: el.getBoundingClientRect().left + 20,
+        clientY: el.getBoundingClientRect().top + 10,
+      });
+
+      mouseEnterTopItems(el);
+
+      expect(
+        getHideSubItemsInterval(),
+      ).toBe(300);
+
+      jasmine.clock().tick(300);
+
+      expect(
+        el.querySelector('.sidebar-sub-level-items').style.display,
+      ).toBe('block');
     });
   });
 
@@ -121,7 +222,7 @@ describe('Fly out sidebar navigation', () => {
     });
 
     it('does not show sub-items on mobile', () => {
-      breakpointSize = 'sm';
+      breakpointSize = 'xs';
 
       showSubLevelItems(el);
 
@@ -130,7 +231,7 @@ describe('Fly out sidebar navigation', () => {
       ).not.toBe('block');
     });
 
-    it('does not shows sub-items', () => {
+    it('shows sub-items', () => {
       showSubLevelItems(el);
 
       expect(
@@ -170,11 +271,59 @@ describe('Fly out sidebar navigation', () => {
     });
 
     it('returns false if on mobile size', () => {
-      breakpointSize = 'sm';
+      breakpointSize = 'xs';
 
       expect(
         canShowSubItems(),
       ).toBeFalsy();
     });
   });
+
+  describe('canShowActiveSubItems', () => {
+    afterEach(() => {
+      Cookies.remove('sidebar_collapsed');
+    });
+
+    it('returns true by default', () => {
+      expect(
+        canShowActiveSubItems(el),
+      ).toBeTruthy();
+    });
+
+    it('returns false when cookie is false & element is active', () => {
+      Cookies.set('sidebar_collapsed', 'false');
+      el.classList.add('active');
+
+      expect(
+        canShowActiveSubItems(el),
+      ).toBeFalsy();
+    });
+
+    it('returns true when cookie is false & element is active', () => {
+      Cookies.set('sidebar_collapsed', 'true');
+      el.classList.add('active');
+
+      expect(
+        canShowActiveSubItems(el),
+      ).toBeTruthy();
+    });
+
+    it('returns true when element is active & breakpoint is sm', () => {
+      breakpointSize = 'sm';
+      el.classList.add('active');
+
+      expect(
+        canShowActiveSubItems(el),
+      ).toBeTruthy();
+    });
+
+    it('returns true when element is active & breakpoint is md', () => {
+      breakpointSize = 'md';
+      el.classList.add('active');
+
+      expect(
+        canShowActiveSubItems(el),
+      ).toBeTruthy();
+    });
+  });
 });
diff --git a/spec/javascripts/gpg_badges_spec.js b/spec/javascripts/gpg_badges_spec.js
new file mode 100644
index 00000000000..7a826487bf9
--- /dev/null
+++ b/spec/javascripts/gpg_badges_spec.js
@@ -0,0 +1,48 @@
+import GpgBadges from '~/gpg_badges';
+
+describe('GpgBadges', () => {
+  const dummyCommitSha = 'n0m0rec0ffee';
+  const dummyBadgeHtml = 'dummy html';
+  const dummyResponse = {
+    signatures: [{
+      commit_sha: dummyCommitSha,
+      html: dummyBadgeHtml,
+    }],
+  };
+
+  beforeEach(() => {
+    setFixtures(`
+      <div class="parent-container">
+        <div class="js-loading-gpg-badge" data-commit-sha="${dummyCommitSha}"></div>
+      </div>
+    `);
+  });
+
+  it('displays a loading spinner', () => {
+    spyOn($, 'get').and.returnValue({
+      done() {
+        // intentionally left blank
+      },
+    });
+
+    GpgBadges.fetch();
+
+    expect(document.querySelector('.js-loading-gpg-badge:empty')).toBe(null);
+    const spinners = document.querySelectorAll('.js-loading-gpg-badge i.fa.fa-spinner.fa-spin');
+    expect(spinners.length).toBe(1);
+  });
+
+  it('replaces the loading spinner', () => {
+    spyOn($, 'get').and.returnValue({
+      done(callback) {
+        callback(dummyResponse);
+      },
+    });
+
+    GpgBadges.fetch();
+
+    expect(document.querySelector('.js-loading-gpg-badge')).toBe(null);
+    const parentContainer = document.querySelector('.parent-container');
+    expect(parentContainer.innerHTML.trim()).toEqual(dummyBadgeHtml);
+  });
+});
diff --git a/spec/javascripts/pipeline_schedules/pipeline_schedule_callout_spec.js b/spec/javascripts/pipeline_schedules/pipeline_schedule_callout_spec.js
index 6120d224ac0..ed481cb60a1 100644
--- a/spec/javascripts/pipeline_schedules/pipeline_schedule_callout_spec.js
+++ b/spec/javascripts/pipeline_schedules/pipeline_schedule_callout_spec.js
@@ -1,6 +1,6 @@
 import Vue from 'vue';
 import Cookies from 'js-cookie';
-import PipelineSchedulesCallout from '~/pipeline_schedules/components/pipeline_schedules_callout';
+import PipelineSchedulesCallout from '~/pipeline_schedules/components/pipeline_schedules_callout.vue';
 
 const PipelineSchedulesCalloutComponent = Vue.extend(PipelineSchedulesCallout);
 const cookieKey = 'pipeline_schedules_callout_dismissed';
diff --git a/spec/javascripts/repo/components/repo_commit_section_spec.js b/spec/javascripts/repo/components/repo_commit_section_spec.js
new file mode 100644
index 00000000000..db2b7d51626
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_commit_section_spec.js
@@ -0,0 +1,158 @@
+import Vue from 'vue';
+import repoCommitSection from '~/repo/components/repo_commit_section.vue';
+import RepoStore from '~/repo/stores/repo_store';
+import RepoHelper from '~/repo/helpers/repo_helper';
+import Api from '~/api';
+
+describe('RepoCommitSection', () => {
+  const branch = 'master';
+  const projectUrl = 'projectUrl';
+  const openedFiles = [{
+    id: 0,
+    changed: true,
+    url: `/namespace/${projectUrl}/blob/${branch}/dir/file0.ext`,
+    newContent: 'a',
+  }, {
+    id: 1,
+    changed: true,
+    url: `/namespace/${projectUrl}/blob/${branch}/dir/file1.ext`,
+    newContent: 'b',
+  }, {
+    id: 2,
+    url: `/namespace/${projectUrl}/blob/${branch}/dir/file2.ext`,
+    changed: false,
+  }];
+
+  RepoStore.projectUrl = projectUrl;
+
+  function createComponent() {
+    const RepoCommitSection = Vue.extend(repoCommitSection);
+
+    return new RepoCommitSection().$mount();
+  }
+
+  it('renders a commit section', () => {
+    RepoStore.isCommitable = true;
+    RepoStore.targetBranch = branch;
+    RepoStore.openedFiles = openedFiles;
+
+    spyOn(RepoHelper, 'getBranch').and.returnValue(branch);
+
+    const vm = createComponent();
+    const changedFiles = [...vm.$el.querySelectorAll('.changed-files > li')];
+    const commitMessage = vm.$el.querySelector('#commit-message');
+    const submitCommit = vm.$el.querySelector('.submit-commit');
+    const targetBranch = vm.$el.querySelector('.target-branch');
+
+    expect(vm.$el.querySelector(':scope > form')).toBeTruthy();
+    expect(vm.$el.querySelector('.staged-files').textContent).toEqual('Staged files (2)');
+    expect(changedFiles.length).toEqual(2);
+
+    changedFiles.forEach((changedFile, i) => {
+      const filePath = RepoHelper.getFilePathFromFullPath(openedFiles[i].url, branch);
+
+      expect(changedFile.textContent).toEqual(filePath);
+    });
+
+    expect(commitMessage.tagName).toEqual('TEXTAREA');
+    expect(commitMessage.name).toEqual('commit-message');
+    expect(submitCommit.type).toEqual('submit');
+    expect(submitCommit.disabled).toBeTruthy();
+    expect(submitCommit.querySelector('.fa-spinner.fa-spin')).toBeFalsy();
+    expect(vm.$el.querySelector('.commit-summary').textContent).toEqual('Commit 2 files');
+    expect(targetBranch.querySelector(':scope > label').textContent).toEqual('Target branch');
+    expect(targetBranch.querySelector('.help-block').textContent).toEqual(branch);
+  });
+
+  it('does not render if not isCommitable', () => {
+    RepoStore.isCommitable = false;
+    RepoStore.openedFiles = [{
+      id: 0,
+      changed: true,
+    }];
+
+    const vm = createComponent();
+
+    expect(vm.$el.innerHTML).toBeFalsy();
+  });
+
+  it('does not render if no changedFiles', () => {
+    RepoStore.isCommitable = true;
+    RepoStore.openedFiles = [];
+
+    const vm = createComponent();
+
+    expect(vm.$el.innerHTML).toBeFalsy();
+  });
+
+  it('shows commit submit and summary if commitMessage and spinner if submitCommitsLoading', (done) => {
+    const projectId = 'projectId';
+    const commitMessage = 'commitMessage';
+    RepoStore.isCommitable = true;
+    RepoStore.openedFiles = openedFiles;
+    RepoStore.projectId = projectId;
+
+    spyOn(RepoHelper, 'getBranch').and.returnValue(branch);
+
+    const vm = createComponent();
+    const commitMessageEl = vm.$el.querySelector('#commit-message');
+    const submitCommit = vm.$el.querySelector('.submit-commit');
+
+    vm.commitMessage = commitMessage;
+
+    Vue.nextTick(() => {
+      expect(commitMessageEl.value).toBe(commitMessage);
+      expect(submitCommit.disabled).toBeFalsy();
+
+      spyOn(vm, 'makeCommit').and.callThrough();
+      spyOn(Api, 'commitMultiple');
+
+      submitCommit.click();
+
+      Vue.nextTick(() => {
+        expect(vm.makeCommit).toHaveBeenCalled();
+        expect(submitCommit.querySelector('.fa-spinner.fa-spin')).toBeTruthy();
+
+        const args = Api.commitMultiple.calls.allArgs()[0];
+        const { commit_message, actions, branch: payloadBranch } = args[1];
+
+        expect(args[0]).toBe(projectId);
+        expect(commit_message).toBe(commitMessage);
+        expect(actions.length).toEqual(2);
+        expect(payloadBranch).toEqual(branch);
+        expect(actions[0].action).toEqual('update');
+        expect(actions[1].action).toEqual('update');
+        expect(actions[0].content).toEqual(openedFiles[0].newContent);
+        expect(actions[1].content).toEqual(openedFiles[1].newContent);
+        expect(actions[0].file_path)
+          .toEqual(RepoHelper.getFilePathFromFullPath(openedFiles[0].url, branch));
+        expect(actions[1].file_path)
+          .toEqual(RepoHelper.getFilePathFromFullPath(openedFiles[1].url, branch));
+
+        done();
+      });
+    });
+  });
+
+  describe('methods', () => {
+    describe('resetCommitState', () => {
+      it('should reset store vars and scroll to top', () => {
+        const vm = {
+          submitCommitsLoading: true,
+          changedFiles: new Array(10),
+          openedFiles: new Array(10),
+          commitMessage: 'commitMessage',
+          editMode: true,
+        };
+
+        repoCommitSection.methods.resetCommitState.call(vm);
+
+        expect(vm.submitCommitsLoading).toEqual(false);
+        expect(vm.changedFiles).toEqual([]);
+        expect(vm.openedFiles).toEqual([]);
+        expect(vm.commitMessage).toEqual('');
+        expect(vm.editMode).toEqual(false);
+      });
+    });
+  });
+});
diff --git a/spec/javascripts/repo/components/repo_edit_button_spec.js b/spec/javascripts/repo/components/repo_edit_button_spec.js
new file mode 100644
index 00000000000..2e0406cae34
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_edit_button_spec.js
@@ -0,0 +1,53 @@
+import Vue from 'vue';
+import repoEditButton from '~/repo/components/repo_edit_button.vue';
+import RepoStore from '~/repo/stores/repo_store';
+
+describe('RepoEditButton', () => {
+  function createComponent() {
+    const RepoEditButton = Vue.extend(repoEditButton);
+
+    return new RepoEditButton().$mount();
+  }
+
+  it('renders an edit button that toggles the view state', (done) => {
+    RepoStore.isCommitable = true;
+    RepoStore.changedFiles = [];
+
+    const vm = createComponent();
+
+    expect(vm.$el.tagName).toEqual('BUTTON');
+    expect(vm.$el.textContent).toMatch('Edit');
+
+    spyOn(vm, 'editClicked').and.callThrough();
+    spyOn(vm, 'toggleProjectRefsForm');
+
+    vm.$el.click();
+
+    Vue.nextTick(() => {
+      expect(vm.editClicked).toHaveBeenCalled();
+      expect(vm.toggleProjectRefsForm).toHaveBeenCalled();
+      expect(vm.$el.textContent).toMatch('Cancel edit');
+      done();
+    });
+  });
+
+  it('does not render if not isCommitable', () => {
+    RepoStore.isCommitable = false;
+
+    const vm = createComponent();
+
+    expect(vm.$el.innerHTML).toBeUndefined();
+  });
+
+  describe('methods', () => {
+    describe('editClicked', () => {
+      it('sets dialog to open when there are changedFiles', () => {
+
+      });
+
+      it('toggles editMode and calls toggleBlobView', () => {
+
+      });
+    });
+  });
+});
diff --git a/spec/javascripts/repo/components/repo_editor_spec.js b/spec/javascripts/repo/components/repo_editor_spec.js
new file mode 100644
index 00000000000..85d55d171f9
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_editor_spec.js
@@ -0,0 +1,49 @@
+import Vue from 'vue';
+import repoEditor from '~/repo/components/repo_editor.vue';
+
+describe('RepoEditor', () => {
+  beforeEach(() => {
+    const RepoEditor = Vue.extend(repoEditor);
+
+    this.vm = new RepoEditor().$mount();
+  });
+
+  it('renders an ide container', (done) => {
+    this.vm.openedFiles = ['idiidid'];
+    this.vm.binary = false;
+
+    Vue.nextTick(() => {
+      expect(this.vm.shouldHideEditor).toBe(false);
+      expect(this.vm.$el.id).toEqual('ide');
+      expect(this.vm.$el.tagName).toBe('DIV');
+      done();
+    });
+  });
+
+  describe('when there are no open files', () => {
+    it('does not render the ide', (done) => {
+      this.vm.openedFiles = [];
+
+      Vue.nextTick(() => {
+        expect(this.vm.shouldHideEditor).toBe(true);
+        expect(this.vm.$el.tagName).not.toBeDefined();
+        done();
+      });
+    });
+  });
+
+  describe('when open file is binary and not raw', () => {
+    it('does not render the IDE', (done) => {
+      this.vm.binary = true;
+      this.vm.activeFile = {
+        raw: false,
+      };
+
+      Vue.nextTick(() => {
+        expect(this.vm.shouldHideEditor).toBe(true);
+        expect(this.vm.$el.tagName).not.toBeDefined();
+        done();
+      });
+    });
+  });
+});
diff --git a/spec/javascripts/repo/components/repo_file_buttons_spec.js b/spec/javascripts/repo/components/repo_file_buttons_spec.js
new file mode 100644
index 00000000000..d15c3e33459
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_file_buttons_spec.js
@@ -0,0 +1,83 @@
+import Vue from 'vue';
+import repoFileButtons from '~/repo/components/repo_file_buttons.vue';
+import RepoStore from '~/repo/stores/repo_store';
+
+describe('RepoFileButtons', () => {
+  function createComponent() {
+    const RepoFileButtons = Vue.extend(repoFileButtons);
+
+    return new RepoFileButtons().$mount();
+  }
+
+  it('renders Raw, Blame, History, Permalink and Preview toggle', () => {
+    const activeFile = {
+      extension: 'md',
+      url: 'url',
+      raw_path: 'raw_path',
+      blame_path: 'blame_path',
+      commits_path: 'commits_path',
+      permalink: 'permalink',
+    };
+    const activeFileLabel = 'activeFileLabel';
+    RepoStore.openedFiles = new Array(1);
+    RepoStore.activeFile = activeFile;
+    RepoStore.activeFileLabel = activeFileLabel;
+    RepoStore.editMode = true;
+    RepoStore.binary = false;
+
+    const vm = createComponent();
+    const raw = vm.$el.querySelector('.raw');
+    const blame = vm.$el.querySelector('.blame');
+    const history = vm.$el.querySelector('.history');
+
+    expect(vm.$el.id).toEqual('repo-file-buttons');
+    expect(raw.href).toMatch(`/${activeFile.raw_path}`);
+    expect(raw.textContent).toEqual('Raw');
+    expect(blame.href).toMatch(`/${activeFile.blame_path}`);
+    expect(blame.textContent).toEqual('Blame');
+    expect(history.href).toMatch(`/${activeFile.commits_path}`);
+    expect(history.textContent).toEqual('History');
+    expect(vm.$el.querySelector('.permalink').textContent).toEqual('Permalink');
+    expect(vm.$el.querySelector('.preview').textContent).toEqual(activeFileLabel);
+  });
+
+  it('triggers rawPreviewToggle on preview click', () => {
+    const activeFile = {
+      extension: 'md',
+      url: 'url',
+    };
+    RepoStore.openedFiles = new Array(1);
+    RepoStore.activeFile = activeFile;
+    RepoStore.editMode = true;
+
+    const vm = createComponent();
+    const preview = vm.$el.querySelector('.preview');
+
+    spyOn(vm, 'rawPreviewToggle');
+
+    preview.click();
+
+    expect(vm.rawPreviewToggle).toHaveBeenCalled();
+  });
+
+  it('does not render preview toggle if not canPreview', () => {
+    const activeFile = {
+      extension: 'abcd',
+      url: 'url',
+    };
+    RepoStore.openedFiles = new Array(1);
+    RepoStore.activeFile = activeFile;
+
+    const vm = createComponent();
+
+    expect(vm.$el.querySelector('.preview')).toBeFalsy();
+  });
+
+  it('does not render if not isMini', () => {
+    RepoStore.openedFiles = [];
+
+    const vm = createComponent();
+
+    expect(vm.$el.innerHTML).toBeFalsy();
+  });
+});
diff --git a/spec/javascripts/repo/components/repo_file_options_spec.js b/spec/javascripts/repo/components/repo_file_options_spec.js
new file mode 100644
index 00000000000..9759b4bf12d
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_file_options_spec.js
@@ -0,0 +1,33 @@
+import Vue from 'vue';
+import repoFileOptions from '~/repo/components/repo_file_options.vue';
+
+describe('RepoFileOptions', () => {
+  const projectName = 'projectName';
+
+  function createComponent(propsData) {
+    const RepoFileOptions = Vue.extend(repoFileOptions);
+
+    return new RepoFileOptions({
+      propsData,
+    }).$mount();
+  }
+
+  it('renders the title and new file/folder buttons if isMini is true', () => {
+    const vm = createComponent({
+      isMini: true,
+      projectName,
+    });
+
+    expect(vm.$el.classList.contains('repo-file-options')).toBeTruthy();
+    expect(vm.$el.querySelector('.title').textContent).toEqual(projectName);
+  });
+
+  it('does not render if isMini is false', () => {
+    const vm = createComponent({
+      isMini: false,
+      projectName,
+    });
+
+    expect(vm.$el.innerHTML).toBeFalsy();
+  });
+});
diff --git a/spec/javascripts/repo/components/repo_file_spec.js b/spec/javascripts/repo/components/repo_file_spec.js
new file mode 100644
index 00000000000..90616ae13ca
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_file_spec.js
@@ -0,0 +1,136 @@
+import Vue from 'vue';
+import repoFile from '~/repo/components/repo_file.vue';
+
+describe('RepoFile', () => {
+  const updated = 'updated';
+  const file = {
+    icon: 'icon',
+    url: 'url',
+    name: 'name',
+    lastCommitMessage: 'message',
+    lastCommitUpdate: Date.now(),
+    level: 10,
+  };
+  const activeFile = {
+    url: 'url',
+  };
+
+  function createComponent(propsData) {
+    const RepoFile = Vue.extend(repoFile);
+
+    return new RepoFile({
+      propsData,
+    }).$mount();
+  }
+
+  beforeEach(() => {
+    spyOn(repoFile.mixins[0].methods, 'timeFormated').and.returnValue(updated);
+  });
+
+  it('renders link, icon, name and last commit details', () => {
+    const vm = createComponent({
+      file,
+      activeFile,
+    });
+    const name = vm.$el.querySelector('.repo-file-name');
+    const fileIcon = vm.$el.querySelector('.file-icon');
+
+    expect(vm.$el.classList.contains('active')).toBeTruthy();
+    expect(vm.$el.querySelector(`.${file.icon}`).style.marginLeft).toEqual('100px');
+    expect(name.title).toEqual(file.url);
+    expect(name.href).toMatch(`/${file.url}`);
+    expect(name.textContent).toEqual(file.name);
+    expect(vm.$el.querySelector('.commit-message').textContent).toBe(file.lastCommitMessage);
+    expect(vm.$el.querySelector('.commit-update').textContent).toBe(updated);
+    expect(fileIcon.classList.contains(file.icon)).toBeTruthy();
+    expect(fileIcon.style.marginLeft).toEqual(`${file.level * 10}px`);
+  });
+
+  it('does render if hasFiles is true and is loading tree', () => {
+    const vm = createComponent({
+      file,
+      activeFile,
+      loading: {
+        tree: true,
+      },
+      hasFiles: true,
+    });
+
+    expect(vm.$el.innerHTML).toBeTruthy();
+    expect(vm.$el.querySelector('.fa-spin.fa-spinner')).toBeFalsy();
+  });
+
+  it('renders a spinner if the file is loading', () => {
+    file.loading = true;
+    const vm = createComponent({
+      file,
+      activeFile,
+      loading: {
+        tree: true,
+      },
+      hasFiles: true,
+    });
+
+    expect(vm.$el.innerHTML).toBeTruthy();
+    expect(vm.$el.querySelector('.fa-spin.fa-spinner').style.marginLeft).toEqual(`${file.level * 10}px`);
+  });
+
+  it('does not render if loading tree', () => {
+    const vm = createComponent({
+      file,
+      activeFile,
+      loading: {
+        tree: true,
+      },
+    });
+
+    expect(vm.$el.innerHTML).toBeFalsy();
+  });
+
+  it('does not render commit message and datetime if mini', () => {
+    const vm = createComponent({
+      file,
+      activeFile,
+      isMini: true,
+    });
+
+    expect(vm.$el.querySelector('.commit-message')).toBeFalsy();
+    expect(vm.$el.querySelector('.commit-update')).toBeFalsy();
+  });
+
+  it('does not set active class if file is active file', () => {
+    const vm = createComponent({
+      file,
+      activeFile: {},
+    });
+
+    expect(vm.$el.classList.contains('active')).toBeFalsy();
+  });
+
+  it('fires linkClicked when the link is clicked', () => {
+    const vm = createComponent({
+      file,
+      activeFile,
+    });
+
+    spyOn(vm, 'linkClicked');
+
+    vm.$el.querySelector('.repo-file-name').click();
+
+    expect(vm.linkClicked).toHaveBeenCalledWith(file);
+  });
+
+  describe('methods', () => {
+    describe('linkClicked', () => {
+      const vm = jasmine.createSpyObj('vm', ['$emit']);
+
+      it('$emits linkclicked with file obj', () => {
+        const theFile = {};
+
+        repoFile.methods.linkClicked.call(vm, theFile);
+
+        expect(vm.$emit).toHaveBeenCalledWith('linkclicked', theFile);
+      });
+    });
+  });
+});
diff --git a/spec/javascripts/repo/components/repo_loading_file_spec.js b/spec/javascripts/repo/components/repo_loading_file_spec.js
new file mode 100644
index 00000000000..d84f4c5609e
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_loading_file_spec.js
@@ -0,0 +1,79 @@
+import Vue from 'vue';
+import repoLoadingFile from '~/repo/components/repo_loading_file.vue';
+
+describe('RepoLoadingFile', () => {
+  function createComponent(propsData) {
+    const RepoLoadingFile = Vue.extend(repoLoadingFile);
+
+    return new RepoLoadingFile({
+      propsData,
+    }).$mount();
+  }
+
+  function assertLines(lines) {
+    lines.forEach((line, n) => {
+      const index = n + 1;
+      expect(line.classList.contains(`line-of-code-${index}`)).toBeTruthy();
+    });
+  }
+
+  function assertColumns(columns) {
+    columns.forEach((column) => {
+      const container = column.querySelector('.animation-container');
+      const lines = [...container.querySelectorAll(':scope > div')];
+
+      expect(container).toBeTruthy();
+      expect(lines.length).toEqual(6);
+      assertLines(lines);
+    });
+  }
+
+  it('renders 3 columns of animated LoC', () => {
+    const vm = createComponent({
+      loading: {
+        tree: true,
+      },
+      hasFiles: false,
+    });
+    const columns = [...vm.$el.querySelectorAll('td')];
+
+    expect(columns.length).toEqual(3);
+    assertColumns(columns);
+  });
+
+  it('renders 1 column of animated LoC if isMini', () => {
+    const vm = createComponent({
+      loading: {
+        tree: true,
+      },
+      hasFiles: false,
+      isMini: true,
+    });
+    const columns = [...vm.$el.querySelectorAll('td')];
+
+    expect(columns.length).toEqual(1);
+    assertColumns(columns);
+  });
+
+  it('does not render if tree is not loading', () => {
+    const vm = createComponent({
+      loading: {
+        tree: false,
+      },
+      hasFiles: false,
+    });
+
+    expect(vm.$el.innerHTML).toBeFalsy();
+  });
+
+  it('does not render if hasFiles is true', () => {
+    const vm = createComponent({
+      loading: {
+        tree: true,
+      },
+      hasFiles: true,
+    });
+
+    expect(vm.$el.innerHTML).toBeFalsy();
+  });
+});
diff --git a/spec/javascripts/repo/components/repo_prev_directory_spec.js b/spec/javascripts/repo/components/repo_prev_directory_spec.js
new file mode 100644
index 00000000000..34dde545e6a
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_prev_directory_spec.js
@@ -0,0 +1,43 @@
+import Vue from 'vue';
+import repoPrevDirectory from '~/repo/components/repo_prev_directory.vue';
+
+describe('RepoPrevDirectory', () => {
+  function createComponent(propsData) {
+    const RepoPrevDirectory = Vue.extend(repoPrevDirectory);
+
+    return new RepoPrevDirectory({
+      propsData,
+    }).$mount();
+  }
+
+  it('renders a prev dir link', () => {
+    const prevUrl = 'prevUrl';
+    const vm = createComponent({
+      prevUrl,
+    });
+    const link = vm.$el.querySelector('a');
+
+    spyOn(vm, 'linkClicked');
+
+    expect(link.href).toMatch(`/${prevUrl}`);
+    expect(link.textContent).toEqual('..');
+
+    link.click();
+
+    expect(vm.linkClicked).toHaveBeenCalledWith(prevUrl);
+  });
+
+  describe('methods', () => {
+    describe('linkClicked', () => {
+      const vm = jasmine.createSpyObj('vm', ['$emit']);
+
+      it('$emits linkclicked with file obj', () => {
+        const file = {};
+
+        repoPrevDirectory.methods.linkClicked.call(vm, file);
+
+        expect(vm.$emit).toHaveBeenCalledWith('linkclicked', file);
+      });
+    });
+  });
+});
diff --git a/spec/javascripts/repo/components/repo_preview_spec.js b/spec/javascripts/repo/components/repo_preview_spec.js
new file mode 100644
index 00000000000..4920cf02083
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_preview_spec.js
@@ -0,0 +1,23 @@
+import Vue from 'vue';
+import repoPreview from '~/repo/components/repo_preview.vue';
+import RepoStore from '~/repo/stores/repo_store';
+
+describe('RepoPreview', () => {
+  function createComponent() {
+    const RepoPreview = Vue.extend(repoPreview);
+
+    return new RepoPreview().$mount();
+  }
+
+  it('renders a div with the activeFile html', () => {
+    const activeFile = {
+      html: '<p class="file-content">html</p>',
+    };
+    RepoStore.activeFile = activeFile;
+
+    const vm = createComponent();
+
+    expect(vm.$el.tagName).toEqual('DIV');
+    expect(vm.$el.innerHTML).toContain(activeFile.html);
+  });
+});
diff --git a/spec/javascripts/repo/components/repo_sidebar_spec.js b/spec/javascripts/repo/components/repo_sidebar_spec.js
new file mode 100644
index 00000000000..edd27d3afb8
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_sidebar_spec.js
@@ -0,0 +1,110 @@
+import Vue from 'vue';
+import Helper from '~/repo/helpers/repo_helper';
+import RepoService from '~/repo/services/repo_service';
+import RepoStore from '~/repo/stores/repo_store';
+import repoSidebar from '~/repo/components/repo_sidebar.vue';
+
+describe('RepoSidebar', () => {
+  function createComponent() {
+    const RepoSidebar = Vue.extend(repoSidebar);
+
+    return new RepoSidebar().$mount();
+  }
+
+  it('renders a sidebar', () => {
+    RepoStore.files = [{
+      id: 0,
+    }];
+    const vm = createComponent();
+    const thead = vm.$el.querySelector('thead');
+    const tbody = vm.$el.querySelector('tbody');
+
+    expect(vm.$el.id).toEqual('sidebar');
+    expect(vm.$el.classList.contains('sidebar-mini')).toBeFalsy();
+    expect(thead.querySelector('.name').textContent).toEqual('Name');
+    expect(thead.querySelector('.last-commit').textContent).toEqual('Last Commit');
+    expect(thead.querySelector('.last-update').textContent).toEqual('Last Update');
+    expect(tbody.querySelector('.repo-file-options')).toBeFalsy();
+    expect(tbody.querySelector('.prev-directory')).toBeFalsy();
+    expect(tbody.querySelector('.loading-file')).toBeFalsy();
+    expect(tbody.querySelector('.file')).toBeTruthy();
+  });
+
+  it('does not render a thead, renders repo-file-options and sets sidebar-mini class if isMini', () => {
+    RepoStore.openedFiles = [{
+      id: 0,
+    }];
+    const vm = createComponent();
+
+    expect(vm.$el.classList.contains('sidebar-mini')).toBeTruthy();
+    expect(vm.$el.querySelector('thead')).toBeFalsy();
+    expect(vm.$el.querySelector('tbody .repo-file-options')).toBeTruthy();
+  });
+
+  it('renders 5 loading files if tree is loading and not hasFiles', () => {
+    RepoStore.loading = {
+      tree: true,
+    };
+    RepoStore.files = [];
+    const vm = createComponent();
+
+    expect(vm.$el.querySelectorAll('tbody .loading-file').length).toEqual(5);
+  });
+
+  it('renders a prev directory if isRoot', () => {
+    RepoStore.files = [{
+      id: 0,
+    }];
+    RepoStore.isRoot = true;
+    const vm = createComponent();
+
+    expect(vm.$el.querySelector('tbody .prev-directory')).toBeTruthy();
+  });
+
+  describe('methods', () => {
+    describe('fileClicked', () => {
+      it('should fetch data for new file', () => {
+        spyOn(Helper, 'getContent').and.callThrough();
+        const file1 = {
+          id: 0,
+          url: '',
+        };
+        RepoStore.files = [file1];
+        RepoStore.isRoot = true;
+        const vm = createComponent();
+
+        vm.fileClicked(file1);
+
+        expect(Helper.getContent).toHaveBeenCalledWith(file1);
+      });
+
+      it('should hide files in directory if already open', () => {
+        spyOn(RepoStore, 'removeChildFilesOfTree').and.callThrough();
+        const file1 = {
+          id: 0,
+          type: 'tree',
+          url: '',
+          opened: true,
+        };
+        RepoStore.files = [file1];
+        RepoStore.isRoot = true;
+        const vm = createComponent();
+
+        vm.fileClicked(file1);
+
+        expect(RepoStore.removeChildFilesOfTree).toHaveBeenCalledWith(file1);
+      });
+    });
+
+    describe('goToPreviousDirectoryClicked', () => {
+      it('should hide files in directory if already open', () => {
+        const prevUrl = 'foo/bar';
+        const vm = createComponent();
+
+        vm.goToPreviousDirectoryClicked(prevUrl);
+
+        expect(RepoService.url).toEqual(prevUrl);
+      });
+    });
+  });
+});
diff --git a/spec/javascripts/repo/components/repo_tab_spec.js b/spec/javascripts/repo/components/repo_tab_spec.js
new file mode 100644
index 00000000000..d2a790ad73a
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_tab_spec.js
@@ -0,0 +1,70 @@
+import Vue from 'vue';
+import repoTab from '~/repo/components/repo_tab.vue';
+
+describe('RepoTab', () => {
+  function createComponent(propsData) {
+    const RepoTab = Vue.extend(repoTab);
+
+    return new RepoTab({
+      propsData,
+    }).$mount();
+  }
+
+  it('renders a close link and a name link', () => {
+    const tab = {
+      url: 'url',
+      name: 'name',
+    };
+    const vm = createComponent({
+      tab,
+    });
+    const close = vm.$el.querySelector('.close');
+    const name = vm.$el.querySelector(`a[title="${tab.url}"]`);
+
+    spyOn(vm, 'closeTab');
+    spyOn(vm, 'tabClicked');
+
+    expect(close.querySelector('.fa-times')).toBeTruthy();
+    expect(name.textContent.trim()).toEqual(tab.name);
+
+    close.click();
+    name.click();
+
+    expect(vm.closeTab).toHaveBeenCalledWith(tab);
+    expect(vm.tabClicked).toHaveBeenCalledWith(tab);
+  });
+
+  it('renders an fa-circle icon if tab is changed', () => {
+    const tab = {
+      url: 'url',
+      name: 'name',
+      changed: true,
+    };
+    const vm = createComponent({
+      tab,
+    });
+
+    expect(vm.$el.querySelector('.close .fa-circle')).toBeTruthy();
+  });
+
+  describe('methods', () => {
+    describe('closeTab', () => {
+      const vm = jasmine.createSpyObj('vm', ['$emit']);
+
+      it('returns undefined and does not $emit if file is changed', () => {
+        const file = { changed: true };
+        const returnVal = repoTab.methods.closeTab.call(vm, file);
+
+        expect(returnVal).toBeUndefined();
+        expect(vm.$emit).not.toHaveBeenCalled();
+      });
+
+      it('$emits tabclosed event with file obj', () => {
+        const file = { changed: false };
+        repoTab.methods.closeTab.call(vm, file);
+
+        expect(vm.$emit).toHaveBeenCalledWith('tabclosed', file);
+      });
+    });
+  });
+});
diff --git a/spec/javascripts/repo/components/repo_tabs_spec.js b/spec/javascripts/repo/components/repo_tabs_spec.js
new file mode 100644
index 00000000000..306af735dee
--- /dev/null
+++ b/spec/javascripts/repo/components/repo_tabs_spec.js
@@ -0,0 +1,53 @@
+import Vue from 'vue';
+import RepoStore from '~/repo/stores/repo_store';
+import repoTabs from '~/repo/components/repo_tabs.vue';
+
+describe('RepoTabs', () => {
+  const openedFiles = [{
+    id: 0,
+    active: true,
+  }, {
+    id: 1,
+  }];
+
+  function createComponent() {
+    const RepoTabs = Vue.extend(repoTabs);
+
+    return new RepoTabs().$mount();
+  }
+
+  it('renders a list of tabs', () => {
+    RepoStore.openedFiles = openedFiles;
+
+    const vm = createComponent();
+    const tabs = [...vm.$el.querySelectorAll(':scope > li')];
+
+    expect(vm.$el.id).toEqual('tabs');
+    expect(tabs.length).toEqual(3);
+    expect(tabs[0].classList.contains('active')).toBeTruthy();
+    expect(tabs[1].classList.contains('active')).toBeFalsy();
+    expect(tabs[2].classList.contains('tabs-divider')).toBeTruthy();
+  });
+
+  it('does not render a tabs list if not isMini', () => {
+    RepoStore.openedFiles = [];
+
+    const vm = createComponent();
+
+    expect(vm.$el.innerHTML).toBeFalsy();
+  });
+
+  describe('methods', () => {
+    describe('tabClosed', () => {
+      it('calls removeFromOpenedFiles with file obj', () => {
+        const file = {};
+
+        spyOn(RepoStore, 'removeFromOpenedFiles');
+
+        repoTabs.methods.tabClosed(file);
+
+        expect(RepoStore.removeFromOpenedFiles).toHaveBeenCalledWith(file);
+      });
+    });
+  });
+});
diff --git a/spec/javascripts/repo/monaco_loader_spec.js b/spec/javascripts/repo/monaco_loader_spec.js
new file mode 100644
index 00000000000..be6e779c50f
--- /dev/null
+++ b/spec/javascripts/repo/monaco_loader_spec.js
@@ -0,0 +1,17 @@
+/* global __webpack_public_path__ */
+import monacoContext from 'monaco-editor/dev/vs/loader';
+
+describe('MonacoLoader', () => {
+  it('calls require.config and exports require', () => {
+    spyOn(monacoContext.require, 'config');
+
+    const monacoLoader = require('~/repo/monaco_loader'); // eslint-disable-line global-require
+
+    expect(monacoContext.require.config).toHaveBeenCalledWith({
+      paths: {
+        vs: `${__webpack_public_path__}monaco-editor/vs`, // eslint-disable-line camelcase
+      },
+    });
+    expect(monacoLoader.default).toBe(monacoContext.require);
+  });
+});
diff --git a/spec/javascripts/repo/services/repo_service_spec.js b/spec/javascripts/repo/services/repo_service_spec.js
new file mode 100644
index 00000000000..d74e6a67b1e
--- /dev/null
+++ b/spec/javascripts/repo/services/repo_service_spec.js
@@ -0,0 +1,121 @@
+import axios from 'axios';
+import RepoService from '~/repo/services/repo_service';
+
+describe('RepoService', () => {
+  it('has default json format param', () => {
+    expect(RepoService.options.params.format).toBe('json');
+  });
+
+  describe('buildParams', () => {
+    let newParams;
+    const url = 'url';
+
+    beforeEach(() => {
+      newParams = {};
+
+      spyOn(Object, 'assign').and.returnValue(newParams);
+    });
+
+    it('clones params', () => {
+      const params = RepoService.buildParams(url);
+
+      expect(Object.assign).toHaveBeenCalledWith({}, RepoService.options.params);
+
+      expect(params).toBe(newParams);
+    });
+
+    it('sets and returns viewer params to richif urlIsRichBlob is true', () => {
+      spyOn(RepoService, 'urlIsRichBlob').and.returnValue(true);
+
+      const params = RepoService.buildParams(url);
+
+      expect(params.viewer).toEqual('rich');
+    });
+
+    it('returns params urlIsRichBlob is false', () => {
+      spyOn(RepoService, 'urlIsRichBlob').and.returnValue(false);
+
+      const params = RepoService.buildParams(url);
+
+      expect(params.viewer).toBeUndefined();
+    });
+
+    it('calls urlIsRichBlob with the objects url prop if no url arg is provided', () => {
+      spyOn(RepoService, 'urlIsRichBlob');
+      RepoService.url = url;
+
+      RepoService.buildParams();
+
+      expect(RepoService.urlIsRichBlob).toHaveBeenCalledWith(url);
+    });
+  });
+
+  describe('urlIsRichBlob', () => {
+    it('returns true for md extension', () => {
+      const isRichBlob = RepoService.urlIsRichBlob('url.md');
+
+      expect(isRichBlob).toBeTruthy();
+    });
+
+    it('returns false for js extension', () => {
+      const isRichBlob = RepoService.urlIsRichBlob('url.js');
+
+      expect(isRichBlob).toBeFalsy();
+    });
+  });
+
+  describe('getContent', () => {
+    const params = {};
+    const url = 'url';
+    const requestPromise = Promise.resolve();
+
+    beforeEach(() => {
+      spyOn(RepoService, 'buildParams').and.returnValue(params);
+      spyOn(axios, 'get').and.returnValue(requestPromise);
+    });
+
+    it('calls buildParams and axios.get', () => {
+      const request = RepoService.getContent(url);
+
+      expect(RepoService.buildParams).toHaveBeenCalledWith(url);
+      expect(axios.get).toHaveBeenCalledWith(url, {
+        params,
+      });
+      expect(request).toBe(requestPromise);
+    });
+
+    it('uses object url prop if no url arg is provided', () => {
+      RepoService.url = url;
+
+      RepoService.getContent();
+
+      expect(axios.get).toHaveBeenCalledWith(url, {
+        params,
+      });
+    });
+  });
+
+  describe('getBase64Content', () => {
+    const url = 'url';
+    const response = { data: 'data' };
+
+    beforeEach(() => {
+      spyOn(RepoService, 'bufferToBase64');
+      spyOn(axios, 'get').and.returnValue(Promise.resolve(response));
+    });
+
+    it('calls axios.get and bufferToBase64 on completion', (done) => {
+      const request = RepoService.getBase64Content(url);
+
+      expect(axios.get).toHaveBeenCalledWith(url, {
+        responseType: 'arraybuffer',
+      });
+      expect(request).toEqual(jasmine.any(Promise));
+
+      request.then(() => {
+        expect(RepoService.bufferToBase64).toHaveBeenCalledWith(response.data);
+        done();
+      }).catch(done.fail);
+    });
+  });
+});
diff --git a/spec/javascripts/sidebar/confidential_issue_sidebar_spec.js b/spec/javascripts/sidebar/confidential_issue_sidebar_spec.js
index 90eac1ed1ab..2e16adffb5b 100644
--- a/spec/javascripts/sidebar/confidential_issue_sidebar_spec.js
+++ b/spec/javascripts/sidebar/confidential_issue_sidebar_spec.js
@@ -41,7 +41,7 @@ describe('Confidential Issue Sidebar Block', () => {
     ).toBe(true);
 
     expect(
-      vm2.$el.innerHTML.includes('None'),
+      vm2.$el.innerHTML.includes('This issue is not confidential'),
     ).toBe(true);
   });
 
diff --git a/spec/javascripts/vue_mr_widget/components/states/mr_widget_locked_spec.js b/spec/javascripts/vue_mr_widget/components/states/mr_widget_locked_spec.js
index fb2ef606604..237035648cf 100644
--- a/spec/javascripts/vue_mr_widget/components/states/mr_widget_locked_spec.js
+++ b/spec/javascripts/vue_mr_widget/components/states/mr_widget_locked_spec.js
@@ -1,10 +1,10 @@
 import Vue from 'vue';
-import lockedComponent from '~/vue_merge_request_widget/components/states/mr_widget_locked';
+import mergingComponent from '~/vue_merge_request_widget/components/states/mr_widget_merging';
 
-describe('MRWidgetLocked', () => {
+describe('MRWidgetMerging', () => {
   describe('props', () => {
     it('should have props', () => {
-      const { mr } = lockedComponent.props;
+      const { mr } = mergingComponent.props;
 
       expect(mr.type instanceof Object).toBeTruthy();
       expect(mr.required).toBeTruthy();
@@ -13,7 +13,7 @@ describe('MRWidgetLocked', () => {
 
   describe('template', () => {
     it('should have correct elements', () => {
-      const Component = Vue.extend(lockedComponent);
+      const Component = Vue.extend(mergingComponent);
       const mr = {
         targetBranchPath: '/branch-path',
         targetBranch: 'branch',
@@ -24,7 +24,7 @@ describe('MRWidgetLocked', () => {
       }).$el;
 
       expect(el.classList.contains('mr-widget-body')).toBeTruthy();
-      expect(el.innerText).toContain('it is locked');
+      expect(el.innerText).toContain('This merge request is in the process of being merged');
       expect(el.innerText).toContain('changes will be merged into');
       expect(el.querySelector('.label-branch a').getAttribute('href')).toEqual(mr.targetBranchPath);
       expect(el.querySelector('.label-branch a').textContent).toContain(mr.targetBranch);
diff --git a/spec/javascripts/vue_mr_widget/mock_data.js b/spec/javascripts/vue_mr_widget/mock_data.js
index ad2f28b24f0..0795d0aaa82 100644
--- a/spec/javascripts/vue_mr_widget/mock_data.js
+++ b/spec/javascripts/vue_mr_widget/mock_data.js
@@ -20,7 +20,6 @@ export default {
   "human_time_estimate": null,
   "human_total_time_spent": null,
   "in_progress_merge_commit_sha": null,
-  "locked_at": null,
   "merge_commit_sha": "53027d060246c8f47e4a9310fb332aa52f221775",
   "merge_error": null,
   "merge_params": {
diff --git a/spec/javascripts/vue_mr_widget/mr_widget_options_spec.js b/spec/javascripts/vue_mr_widget/mr_widget_options_spec.js
index 3a0c50b750f..669ee248bf1 100644
--- a/spec/javascripts/vue_mr_widget/mr_widget_options_spec.js
+++ b/spec/javascripts/vue_mr_widget/mr_widget_options_spec.js
@@ -342,7 +342,7 @@ describe('mrWidgetOptions', () => {
       expect(comps['mr-widget-related-links']).toBeDefined();
       expect(comps['mr-widget-merged']).toBeDefined();
       expect(comps['mr-widget-closed']).toBeDefined();
-      expect(comps['mr-widget-locked']).toBeDefined();
+      expect(comps['mr-widget-merging']).toBeDefined();
       expect(comps['mr-widget-failed-to-merge']).toBeDefined();
       expect(comps['mr-widget-wip']).toBeDefined();
       expect(comps['mr-widget-archived']).toBeDefined();
diff --git a/spec/lib/bitbucket/paginator_spec.rb b/spec/lib/bitbucket/paginator_spec.rb
index 2c972da682e..bdf10a5e2a2 100644
--- a/spec/lib/bitbucket/paginator_spec.rb
+++ b/spec/lib/bitbucket/paginator_spec.rb
@@ -15,7 +15,7 @@ describe Bitbucket::Paginator do
       expect(paginator.items).to match(['item_2'])
 
       allow(paginator).to receive(:fetch_next_page).and_return(nil)
-      expect{ paginator.items }.to raise_error(StopIteration)
+      expect { paginator.items }.to raise_error(StopIteration)
     end
   end
 end
diff --git a/spec/lib/ci/gitlab_ci_yaml_processor_spec.rb b/spec/lib/ci/gitlab_ci_yaml_processor_spec.rb
index ed571a2ba05..ee28387cd48 100644
--- a/spec/lib/ci/gitlab_ci_yaml_processor_spec.rb
+++ b/spec/lib/ci/gitlab_ci_yaml_processor_spec.rb
@@ -1323,11 +1323,11 @@ EOT
 
     describe "Error handling" do
       it "fails to parse YAML" do
-        expect{GitlabCiYamlProcessor.new("invalid: yaml: test")}.to raise_error(Psych::SyntaxError)
+        expect {GitlabCiYamlProcessor.new("invalid: yaml: test")}.to raise_error(Psych::SyntaxError)
       end
 
       it "indicates that object is invalid" do
-        expect{GitlabCiYamlProcessor.new("invalid_yaml")}.to raise_error(GitlabCiYamlProcessor::ValidationError)
+        expect {GitlabCiYamlProcessor.new("invalid_yaml")}.to raise_error(GitlabCiYamlProcessor::ValidationError)
       end
 
       it "returns errors if tags parameter is invalid" do
diff --git a/spec/lib/event_filter_spec.rb b/spec/lib/event_filter_spec.rb
index b0efcab47fb..87ae6b6cf01 100644
--- a/spec/lib/event_filter_spec.rb
+++ b/spec/lib/event_filter_spec.rb
@@ -5,7 +5,7 @@ describe EventFilter do
     let(:source_user) { create(:user) }
     let!(:public_project) { create(:project, :public) }
 
-    let!(:push_event)     { create(:event, :pushed,    project: public_project, target: public_project, author: source_user) }
+    let!(:push_event)     { create(:push_event,        project: public_project, author: source_user) }
     let!(:merged_event)   { create(:event, :merged,    project: public_project, target: public_project, author: source_user) }
     let!(:created_event)  { create(:event, :created,   project: public_project, target: public_project, author: source_user) }
     let!(:updated_event)  { create(:event, :updated,   project: public_project, target: public_project, author: source_user) }
diff --git a/spec/lib/extracts_path_spec.rb b/spec/lib/extracts_path_spec.rb
index 867f7d55af7..e13406d1972 100644
--- a/spec/lib/extracts_path_spec.rb
+++ b/spec/lib/extracts_path_spec.rb
@@ -56,7 +56,7 @@ describe ExtractsPath do
 
     context 'subclass overrides get_id' do
       it 'uses ref returned by get_id' do
-        allow_any_instance_of(self.class).to receive(:get_id){ '38008cb17ce1466d8fec2dfa6f6ab8dcfe5cf49e' }
+        allow_any_instance_of(self.class).to receive(:get_id) { '38008cb17ce1466d8fec2dfa6f6ab8dcfe5cf49e' }
 
         assign_ref_vars
 
diff --git a/spec/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits_spec.rb b/spec/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits_spec.rb
index 18843cbe992..7cd2ce82eda 100644
--- a/spec/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits_spec.rb
+++ b/spec/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits_spec.rb
@@ -123,6 +123,17 @@ describe Gitlab::BackgroundMigration::DeserializeMergeRequestDiffsAndCommits do
       include_examples 'updated MR diff'
     end
 
+    context 'when the merge request diffs do not have too_large set' do
+      let(:commits) { merge_request_diff.commits.map(&:to_hash) }
+      let(:expected_diffs) { diffs_to_hashes(merge_request_diff.merge_request_diff_files) }
+
+      let(:diffs) do
+        expected_diffs.map { |diff| diff.except(:too_large) }
+      end
+
+      include_examples 'updated MR diff'
+    end
+
     context 'when the merge request diffs have binary content' do
       let(:commits) { merge_request_diff.commits.map(&:to_hash) }
       let(:expected_diffs) { diffs }
@@ -170,7 +181,7 @@ describe Gitlab::BackgroundMigration::DeserializeMergeRequestDiffsAndCommits do
     context 'when the merge request diffs are Rugged::Patch instances' do
       let(:commits) { merge_request_diff.commits.map(&:to_hash) }
       let(:first_commit) { merge_request.project.repository.commit(merge_request_diff.head_commit_sha) }
-      let(:diffs) { first_commit.diff_from_parent.patches }
+      let(:diffs) { first_commit.rugged_diff_from_parent.patches }
       let(:expected_diffs) { [] }
 
       include_examples 'updated MR diff'
@@ -179,7 +190,7 @@ describe Gitlab::BackgroundMigration::DeserializeMergeRequestDiffsAndCommits do
     context 'when the merge request diffs are Rugged::Diff::Delta instances' do
       let(:commits) { merge_request_diff.commits.map(&:to_hash) }
       let(:first_commit) { merge_request.project.repository.commit(merge_request_diff.head_commit_sha) }
-      let(:diffs) { first_commit.diff_from_parent.deltas }
+      let(:diffs) { first_commit.rugged_diff_from_parent.deltas }
       let(:expected_diffs) { [] }
 
       include_examples 'updated MR diff'
diff --git a/spec/lib/gitlab/background_migration/migrate_events_to_push_event_payloads_spec.rb b/spec/lib/gitlab/background_migration/migrate_events_to_push_event_payloads_spec.rb
new file mode 100644
index 00000000000..87f45619e7a
--- /dev/null
+++ b/spec/lib/gitlab/background_migration/migrate_events_to_push_event_payloads_spec.rb
@@ -0,0 +1,423 @@
+require 'spec_helper'
+
+describe Gitlab::BackgroundMigration::MigrateEventsToPushEventPayloads::Event do
+  describe '#commit_title' do
+    it 'returns nil when there are no commits' do
+      expect(described_class.new.commit_title).to be_nil
+    end
+
+    it 'returns nil when there are commits without commit messages' do
+      event = described_class.new
+
+      allow(event).to receive(:commits).and_return([{ id: '123' }])
+
+      expect(event.commit_title).to be_nil
+    end
+
+    it 'returns the commit message when it is less than 70 characters long' do
+      event = described_class.new
+
+      allow(event).to receive(:commits).and_return([{ message: 'Hello world' }])
+
+      expect(event.commit_title).to eq('Hello world')
+    end
+
+    it 'returns the first line of a commit message if multiple lines are present' do
+      event = described_class.new
+
+      allow(event).to receive(:commits).and_return([{ message: "Hello\n\nworld" }])
+
+      expect(event.commit_title).to eq('Hello')
+    end
+
+    it 'truncates the commit to 70 characters when it is too long' do
+      event = described_class.new
+
+      allow(event).to receive(:commits).and_return([{ message: 'a' * 100 }])
+
+      expect(event.commit_title).to eq(('a' * 67) + '...')
+    end
+  end
+
+  describe '#commit_from_sha' do
+    it 'returns nil when pushing to a new ref' do
+      event = described_class.new
+
+      allow(event).to receive(:create?).and_return(true)
+
+      expect(event.commit_from_sha).to be_nil
+    end
+
+    it 'returns the ID of the first commit when pushing to an existing ref' do
+      event = described_class.new
+
+      allow(event).to receive(:create?).and_return(false)
+      allow(event).to receive(:data).and_return(before: '123')
+
+      expect(event.commit_from_sha).to eq('123')
+    end
+  end
+
+  describe '#commit_to_sha' do
+    it 'returns nil when removing an existing ref' do
+      event = described_class.new
+
+      allow(event).to receive(:remove?).and_return(true)
+
+      expect(event.commit_to_sha).to be_nil
+    end
+
+    it 'returns the ID of the last commit when pushing to an existing ref' do
+      event = described_class.new
+
+      allow(event).to receive(:remove?).and_return(false)
+      allow(event).to receive(:data).and_return(after: '123')
+
+      expect(event.commit_to_sha).to eq('123')
+    end
+  end
+
+  describe '#data' do
+    it 'returns the deserialized data' do
+      event = described_class.new(data: { before: '123' })
+
+      expect(event.data).to eq(before: '123')
+    end
+
+    it 'returns an empty hash when no data is present' do
+      event = described_class.new
+
+      expect(event.data).to eq({})
+    end
+  end
+
+  describe '#commits' do
+    it 'returns an Array of commits' do
+      event = described_class.new(data: { commits: [{ id: '123' }] })
+
+      expect(event.commits).to eq([{ id: '123' }])
+    end
+
+    it 'returns an empty array when no data is present' do
+      event = described_class.new
+
+      expect(event.commits).to eq([])
+    end
+  end
+
+  describe '#commit_count' do
+    it 'returns the number of commits' do
+      event = described_class.new(data: { total_commits_count: 2 })
+
+      expect(event.commit_count).to eq(2)
+    end
+
+    it 'returns 0 when no data is present' do
+      event = described_class.new
+
+      expect(event.commit_count).to eq(0)
+    end
+  end
+
+  describe '#ref' do
+    it 'returns the name of the ref' do
+      event = described_class.new(data: { ref: 'refs/heads/master' })
+
+      expect(event.ref).to eq('refs/heads/master')
+    end
+  end
+
+  describe '#trimmed_ref_name' do
+    it 'returns the trimmed ref name for a branch' do
+      event = described_class.new(data: { ref: 'refs/heads/master' })
+
+      expect(event.trimmed_ref_name).to eq('master')
+    end
+
+    it 'returns the trimmed ref name for a tag' do
+      event = described_class.new(data: { ref: 'refs/tags/v1.2' })
+
+      expect(event.trimmed_ref_name).to eq('v1.2')
+    end
+  end
+
+  describe '#create?' do
+    it 'returns true when creating a new ref' do
+      event = described_class.new(data: { before: described_class::BLANK_REF })
+
+      expect(event.create?).to eq(true)
+    end
+
+    it 'returns false when pushing to an existing ref' do
+      event = described_class.new(data: { before: '123' })
+
+      expect(event.create?).to eq(false)
+    end
+  end
+
+  describe '#remove?' do
+    it 'returns true when removing an existing ref' do
+      event = described_class.new(data: { after: described_class::BLANK_REF })
+
+      expect(event.remove?).to eq(true)
+    end
+
+    it 'returns false when pushing to an existing ref' do
+      event = described_class.new(data: { after: '123' })
+
+      expect(event.remove?).to eq(false)
+    end
+  end
+
+  describe '#push_action' do
+    let(:event) { described_class.new }
+
+    it 'returns :created when creating a new ref' do
+      allow(event).to receive(:create?).and_return(true)
+
+      expect(event.push_action).to eq(:created)
+    end
+
+    it 'returns :removed when removing an existing ref' do
+      allow(event).to receive(:create?).and_return(false)
+      allow(event).to receive(:remove?).and_return(true)
+
+      expect(event.push_action).to eq(:removed)
+    end
+
+    it 'returns :pushed when pushing to an existing ref' do
+      allow(event).to receive(:create?).and_return(false)
+      allow(event).to receive(:remove?).and_return(false)
+
+      expect(event.push_action).to eq(:pushed)
+    end
+  end
+
+  describe '#ref_type' do
+    let(:event) { described_class.new }
+
+    it 'returns :tag for a tag' do
+      allow(event).to receive(:ref).and_return('refs/tags/1.2')
+
+      expect(event.ref_type).to eq(:tag)
+    end
+
+    it 'returns :branch for a branch' do
+      allow(event).to receive(:ref).and_return('refs/heads/1.2')
+
+      expect(event.ref_type).to eq(:branch)
+    end
+  end
+end
+
+describe Gitlab::BackgroundMigration::MigrateEventsToPushEventPayloads do
+  let(:migration) { described_class.new }
+  let(:project) { create(:project_empty_repo) }
+  let(:author) { create(:user) }
+
+  # We can not rely on FactoryGirl as the state of Event may change in ways that
+  # the background migration does not expect, hence we use the Event class of
+  # the migration itself.
+  def create_push_event(project, author, data = nil)
+    klass = Gitlab::BackgroundMigration::MigrateEventsToPushEventPayloads::Event
+
+    klass.create!(
+      action: klass::PUSHED,
+      project_id: project.id,
+      author_id: author.id,
+      data: data
+    )
+  end
+
+  # The background migration relies on a temporary table, hence we're migrating
+  # to a specific version of the database where said table is still present.
+  before :all do
+    ActiveRecord::Migration.verbose = false
+
+    ActiveRecord::Migrator
+      .migrate(ActiveRecord::Migrator.migrations_paths, 20170608152748)
+  end
+
+  after :all do
+    ActiveRecord::Migrator.migrate(ActiveRecord::Migrator.migrations_paths)
+
+    ActiveRecord::Migration.verbose = true
+  end
+
+  describe '#perform' do
+    it 'returns if data should not be migrated' do
+      allow(migration).to receive(:migrate?).and_return(false)
+
+      expect(migration).not_to receive(:find_events)
+
+      migration.perform(1, 10)
+    end
+
+    it 'migrates the range of events if data is to be migrated' do
+      event1 = create_push_event(project, author, { commits: [] })
+      event2 = create_push_event(project, author, { commits: [] })
+
+      allow(migration).to receive(:migrate?).and_return(true)
+
+      expect(migration).to receive(:process_event).twice
+
+      migration.perform(event1.id, event2.id)
+    end
+  end
+
+  describe '#process_event' do
+    it 'processes a regular event' do
+      event = double(:event, push_event?: false)
+
+      expect(migration).to receive(:replicate_event)
+      expect(migration).not_to receive(:create_push_event_payload)
+
+      migration.process_event(event)
+    end
+
+    it 'processes a push event' do
+      event = double(:event, push_event?: true)
+
+      expect(migration).to receive(:replicate_event)
+      expect(migration).to receive(:create_push_event_payload)
+
+      migration.process_event(event)
+    end
+  end
+
+  describe '#replicate_event' do
+    it 'replicates the event to the "events_for_migration" table' do
+      event = create_push_event(
+        project,
+        author,
+        data: { commits: [] },
+        title: 'bla'
+      )
+
+      attributes = event
+        .attributes.with_indifferent_access.except(:title, :data)
+
+      expect(described_class::EventForMigration)
+        .to receive(:create!)
+        .with(attributes)
+
+      migration.replicate_event(event)
+    end
+  end
+
+  describe '#create_push_event_payload' do
+    let(:push_data) do
+      {
+        commits: [],
+        ref: 'refs/heads/master',
+        before: '156e0e9adc587a383a7eeb5b21ddecb9044768a8',
+        after: '0' * 40,
+        total_commits_count: 1
+      }
+    end
+
+    let(:event) do
+      create_push_event(project, author, push_data)
+    end
+
+    before do
+      # The foreign key in push_event_payloads at this point points to the
+      # "events_for_migration" table so we need to make sure a row exists in
+      # said table.
+      migration.replicate_event(event)
+    end
+
+    it 'creates a push event payload for an event' do
+      payload = migration.create_push_event_payload(event)
+
+      expect(PushEventPayload.count).to eq(1)
+      expect(payload.valid?).to eq(true)
+    end
+
+    it 'does not create push event payloads for removed events' do
+      allow(event).to receive(:id).and_return(-1)
+
+      payload = migration.create_push_event_payload(event)
+
+      expect(payload).to be_nil
+      expect(PushEventPayload.count).to eq(0)
+    end
+
+    it 'encodes and decodes the commit IDs from and to binary data' do
+      payload = migration.create_push_event_payload(event)
+      packed = migration.pack(push_data[:before])
+
+      expect(payload.commit_from).to eq(packed)
+      expect(payload.commit_to).to be_nil
+    end
+  end
+
+  describe '#find_events' do
+    it 'returns the events for the given ID range' do
+      event1 = create_push_event(project, author, { commits: [] })
+      event2 = create_push_event(project, author, { commits: [] })
+      event3 = create_push_event(project, author, { commits: [] })
+      events = migration.find_events(event1.id, event2.id)
+
+      expect(events.length).to eq(2)
+      expect(events.pluck(:id)).not_to include(event3.id)
+    end
+  end
+
+  describe '#migrate?' do
+    it 'returns true when data should be migrated' do
+      allow(described_class::Event)
+        .to receive(:table_exists?).and_return(true)
+
+      allow(described_class::PushEventPayload)
+        .to receive(:table_exists?).and_return(true)
+
+      allow(described_class::EventForMigration)
+        .to receive(:table_exists?).and_return(true)
+
+      expect(migration.migrate?).to eq(true)
+    end
+
+    it 'returns false if the "events" table does not exist' do
+      allow(described_class::Event)
+        .to receive(:table_exists?).and_return(false)
+
+      expect(migration.migrate?).to eq(false)
+    end
+
+    it 'returns false if the "push_event_payloads" table does not exist' do
+      allow(described_class::Event)
+        .to receive(:table_exists?).and_return(true)
+
+      allow(described_class::PushEventPayload)
+        .to receive(:table_exists?).and_return(false)
+
+      expect(migration.migrate?).to eq(false)
+    end
+
+    it 'returns false when the "events_for_migration" table does not exist' do
+      allow(described_class::Event)
+        .to receive(:table_exists?).and_return(true)
+
+      allow(described_class::PushEventPayload)
+        .to receive(:table_exists?).and_return(true)
+
+      allow(described_class::EventForMigration)
+        .to receive(:table_exists?).and_return(false)
+
+      expect(migration.migrate?).to eq(false)
+    end
+  end
+
+  describe '#pack' do
+    it 'packs a SHA1 into a 20 byte binary string' do
+      packed = migration.pack('156e0e9adc587a383a7eeb5b21ddecb9044768a8')
+
+      expect(packed.bytesize).to eq(20)
+    end
+
+    it 'returns nil if the input value is nil' do
+      expect(migration.pack(nil)).to be_nil
+    end
+  end
+end
diff --git a/spec/lib/gitlab/background_migration/move_personal_snippet_files_spec.rb b/spec/lib/gitlab/background_migration/move_personal_snippet_files_spec.rb
new file mode 100644
index 00000000000..ee60e498b59
--- /dev/null
+++ b/spec/lib/gitlab/background_migration/move_personal_snippet_files_spec.rb
@@ -0,0 +1,72 @@
+require 'spec_helper'
+
+describe Gitlab::BackgroundMigration::MovePersonalSnippetFiles do
+  let(:test_dir) { File.join(Rails.root, 'tmp', 'tests', 'move_snippet_files_test') }
+  let(:old_uploads_dir) { File.join('uploads', 'system', 'personal_snippet') }
+  let(:new_uploads_dir) { File.join('uploads', '-', 'system', 'personal_snippet') }
+  let(:snippet) do
+    snippet = create(:personal_snippet)
+    create_upload_for_snippet(snippet)
+    snippet.update_attributes!(description: markdown_linking_file(snippet))
+    snippet
+  end
+
+  let(:migration) { described_class.new }
+
+  before do
+    allow(migration).to receive(:base_directory) { test_dir }
+  end
+
+  describe '#perform' do
+    it 'moves the file on the disk'  do
+      expected_path = File.join(test_dir, new_uploads_dir, snippet.id.to_s, "secret#{snippet.id}", 'upload.txt')
+
+      migration.perform(old_uploads_dir, new_uploads_dir)
+
+      expect(File.exist?(expected_path)).to be_truthy
+    end
+
+    it 'updates the markdown of the snippet' do
+      expected_path = File.join(new_uploads_dir, snippet.id.to_s, "secret#{snippet.id}", 'upload.txt')
+      expected_markdown = "[an upload](#{expected_path})"
+
+      migration.perform(old_uploads_dir, new_uploads_dir)
+
+      expect(snippet.reload.description).to eq(expected_markdown)
+    end
+
+    it 'updates the markdown of notes' do
+      expected_path = File.join(new_uploads_dir, snippet.id.to_s, "secret#{snippet.id}", 'upload.txt')
+      expected_markdown = "with [an upload](#{expected_path})"
+
+      note = create(:note_on_personal_snippet, noteable: snippet, note: "with #{markdown_linking_file(snippet)}")
+
+      migration.perform(old_uploads_dir, new_uploads_dir)
+
+      expect(note.reload.note).to eq(expected_markdown)
+    end
+  end
+
+  def create_upload_for_snippet(snippet)
+    snippet_path = path_for_file_in_snippet(snippet)
+    path = File.join(old_uploads_dir, snippet.id.to_s, snippet_path)
+    absolute_path = File.join(test_dir, path)
+
+    FileUtils.mkdir_p(File.dirname(absolute_path))
+    FileUtils.touch(absolute_path)
+
+    create(:upload, model: snippet, path: snippet_path, uploader: PersonalFileUploader)
+  end
+
+  def path_for_file_in_snippet(snippet)
+    secret = "secret#{snippet.id}"
+    filename = 'upload.txt'
+
+    File.join(secret, filename)
+  end
+
+  def markdown_linking_file(snippet)
+    path = File.join(old_uploads_dir, snippet.id.to_s, path_for_file_in_snippet(snippet))
+    "[an upload](#{path})"
+  end
+end
diff --git a/spec/lib/gitlab/bitbucket_import/project_creator_spec.rb b/spec/lib/gitlab/bitbucket_import/project_creator_spec.rb
index d7f7b26740d..ae5b31dc12d 100644
--- a/spec/lib/gitlab/bitbucket_import/project_creator_spec.rb
+++ b/spec/lib/gitlab/bitbucket_import/project_creator_spec.rb
@@ -15,7 +15,7 @@ describe Gitlab::BitbucketImport::ProjectCreator do
            has_wiki?: false)
   end
 
-  let(:namespace){ create(:group, owner: user) }
+  let(:namespace) { create(:group, owner: user) }
   let(:token) { "asdasd12345" }
   let(:secret) { "sekrettt" }
   let(:access_params) { { bitbucket_access_token: token, bitbucket_access_token_secret: secret } }
diff --git a/spec/lib/gitlab/checks/force_push_spec.rb b/spec/lib/gitlab/checks/force_push_spec.rb
index 6c4cfa1203e..f8c8b83a3ac 100644
--- a/spec/lib/gitlab/checks/force_push_spec.rb
+++ b/spec/lib/gitlab/checks/force_push_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 describe Gitlab::Checks::ForcePush do
   let(:project) { create(:project, :repository) }
 
-  context "exit code checking" do
+  context "exit code checking", skip_gitaly_mock: true do
     it "does not raise a runtime error if the `popen` call to git returns a zero exit code" do
       allow(Gitlab::Popen).to receive(:popen).and_return(['normal output', 0])
 
diff --git a/spec/lib/gitlab/daemon_spec.rb b/spec/lib/gitlab/daemon_spec.rb
index c519984a267..2bdb0dfc736 100644
--- a/spec/lib/gitlab/daemon_spec.rb
+++ b/spec/lib/gitlab/daemon_spec.rb
@@ -13,7 +13,7 @@ describe Gitlab::Daemon do
       allow(Kernel).to receive(:at_exit)
     end
 
-    after(:each) do
+    after do
       described_class.instance_variable_set(:@instance, nil)
     end
 
diff --git a/spec/lib/gitlab/data_builder/note_spec.rb b/spec/lib/gitlab/data_builder/note_spec.rb
index 6415e4083d6..aaa42566a4d 100644
--- a/spec/lib/gitlab/data_builder/note_spec.rb
+++ b/spec/lib/gitlab/data_builder/note_spec.rb
@@ -6,7 +6,7 @@ describe Gitlab::DataBuilder::Note do
   let(:data) { described_class.build(note, user) }
   let(:fixed_time) { Time.at(1425600000) } # Avoid time precision errors
 
-  before(:each) do
+  before do
     expect(data).to have_key(:object_attributes)
     expect(data[:object_attributes]).to have_key(:url)
     expect(data[:object_attributes][:url])
diff --git a/spec/lib/gitlab/database_spec.rb b/spec/lib/gitlab/database_spec.rb
index c5f9aecd867..5fa94999d25 100644
--- a/spec/lib/gitlab/database_spec.rb
+++ b/spec/lib/gitlab/database_spec.rb
@@ -51,6 +51,28 @@ describe Gitlab::Database do
     end
   end
 
+  describe '.join_lateral_supported?' do
+    it 'returns false when using MySQL' do
+      allow(described_class).to receive(:postgresql?).and_return(false)
+
+      expect(described_class.join_lateral_supported?).to eq(false)
+    end
+
+    it 'returns false when using PostgreSQL 9.2' do
+      allow(described_class).to receive(:postgresql?).and_return(true)
+      allow(described_class).to receive(:version).and_return('9.2.1')
+
+      expect(described_class.join_lateral_supported?).to eq(false)
+    end
+
+    it 'returns true when using PostgreSQL 9.3.0 or newer' do
+      allow(described_class).to receive(:postgresql?).and_return(true)
+      allow(described_class).to receive(:version).and_return('9.3.0')
+
+      expect(described_class.join_lateral_supported?).to eq(true)
+    end
+  end
+
   describe '.nulls_last_order' do
     context 'when using PostgreSQL' do
       before do
diff --git a/spec/lib/gitlab/encoding_helper_spec.rb b/spec/lib/gitlab/encoding_helper_spec.rb
index 1482ef7132d..8b14b227e65 100644
--- a/spec/lib/gitlab/encoding_helper_spec.rb
+++ b/spec/lib/gitlab/encoding_helper_spec.rb
@@ -30,6 +30,53 @@ describe Gitlab::EncodingHelper do
     it 'leaves binary string as is' do
       expect(ext_class.encode!(binary_string)).to eq(binary_string)
     end
+
+    context 'with corrupted diff' do
+      let(:corrupted_diff) do
+        with_empty_bare_repository do |repo|
+          content = File.read(Rails.root.join(
+            'spec/fixtures/encoding/Japanese.md').to_s)
+          commit_a = commit(repo, 'Japanese.md', content)
+          commit_b = commit(repo, 'Japanese.md',
+            content.sub('[TODO: Link]', '[�在作業中��: Link]'))
+
+          repo.diff(commit_a, commit_b).each_line.map(&:content).join
+        end
+      end
+
+      let(:cleaned_diff) do
+        corrupted_diff.dup.force_encoding('UTF-8')
+          .encode!('UTF-8', invalid: :replace, replace: '')
+      end
+
+      let(:encoded_diff) do
+        described_class.encode!(corrupted_diff.dup)
+      end
+
+      it 'does not corrupt data but remove invalid characters' do
+        expect(encoded_diff).to eq(cleaned_diff)
+      end
+
+      def commit(repo, path, content)
+        oid = repo.write(content, :blob)
+        index = repo.index
+
+        index.read_tree(repo.head.target.tree) unless repo.empty?
+
+        index.add(path: path, oid: oid, mode: 0100644)
+        user = { name: 'Test', email: 'test@example.com' }
+
+        Rugged::Commit.create(
+          repo,
+          tree: index.write_tree(repo),
+          author: user,
+          committer: user,
+          message: "Update #{path}",
+          parents: repo.empty? ? [] : [repo.head.target].compact,
+          update_ref: 'HEAD'
+        )
+      end
+    end
   end
 
   describe '#encode_utf8' do
diff --git a/spec/lib/gitlab/git/commit_spec.rb b/spec/lib/gitlab/git/commit_spec.rb
index 26d7a364f5b..ac33cd8a2c9 100644
--- a/spec/lib/gitlab/git/commit_spec.rb
+++ b/spec/lib/gitlab/git/commit_spec.rb
@@ -2,7 +2,7 @@ require "spec_helper"
 
 describe Gitlab::Git::Commit, seed_helper: true do
   let(:repository) { Gitlab::Git::Repository.new('default', TEST_REPO_PATH) }
-  let(:commit) { Gitlab::Git::Commit.find(repository, SeedRepo::Commit::ID) }
+  let(:commit) { described_class.find(repository, SeedRepo::Commit::ID) }
   let(:rugged_commit) do
     repository.rugged.lookup(SeedRepo::Commit::ID)
   end
@@ -24,7 +24,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
       }
 
       @parents = [repo.head.target]
-      @gitlab_parents = @parents.map { |c| Gitlab::Git::Commit.decorate(c) }
+      @gitlab_parents = @parents.map { |c| described_class.decorate(repository, c) }
       @tree = @parents.first.tree
 
       sha = Rugged::Commit.create(
@@ -38,7 +38,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
       )
 
       @raw_commit = repo.lookup(sha)
-      @commit = Gitlab::Git::Commit.new(@raw_commit)
+      @commit = described_class.new(repository, @raw_commit)
     end
 
     it { expect(@commit.short_id).to eq(@raw_commit.oid[0..10]) }
@@ -66,6 +66,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
 
   describe "Commit info from gitaly commit" do
     let(:id) { 'f00' }
+    let(:parent_ids) { %w(b45 b46) }
     let(:subject) { "My commit".force_encoding('ASCII-8BIT') }
     let(:body) { subject + "My body".force_encoding('ASCII-8BIT') }
     let(:committer) do
@@ -88,10 +89,11 @@ describe Gitlab::Git::Commit, seed_helper: true do
         subject: subject,
         body: body,
         author: author,
-        committer: committer
+        committer: committer,
+        parent_ids: parent_ids
       )
     end
-    let(:commit) { described_class.new(Gitlab::GitalyClient::Commit.new(repository, gitaly_commit)) }
+    let(:commit) { described_class.new(repository, gitaly_commit) }
 
     it { expect(commit.short_id).to eq(id[0..10]) }
     it { expect(commit.id).to eq(id) }
@@ -102,6 +104,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
     it { expect(commit.author_name).to eq(author.name) }
     it { expect(commit.committer_name).to eq(committer.name) }
     it { expect(commit.committer_email).to eq(committer.email) }
+    it { expect(commit.parent_ids).to eq(parent_ids) }
 
     context 'no body' do
       let(:body) { "".force_encoding('ASCII-8BIT') }
@@ -113,45 +116,45 @@ describe Gitlab::Git::Commit, seed_helper: true do
   context 'Class methods' do
     describe '.find' do
       it "should return first head commit if without params" do
-        expect(Gitlab::Git::Commit.last(repository).id).to eq(
+        expect(described_class.last(repository).id).to eq(
           repository.rugged.head.target.oid
         )
       end
 
       it "should return valid commit" do
-        expect(Gitlab::Git::Commit.find(repository, SeedRepo::Commit::ID)).to be_valid_commit
+        expect(described_class.find(repository, SeedRepo::Commit::ID)).to be_valid_commit
       end
 
       it "should return valid commit for tag" do
-        expect(Gitlab::Git::Commit.find(repository, 'v1.0.0').id).to eq('6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9')
+        expect(described_class.find(repository, 'v1.0.0').id).to eq('6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9')
       end
 
       it "should return nil for non-commit ids" do
         blob = Gitlab::Git::Blob.find(repository, SeedRepo::Commit::ID, "files/ruby/popen.rb")
-        expect(Gitlab::Git::Commit.find(repository, blob.id)).to be_nil
+        expect(described_class.find(repository, blob.id)).to be_nil
       end
 
       it "should return nil for parent of non-commit object" do
         blob = Gitlab::Git::Blob.find(repository, SeedRepo::Commit::ID, "files/ruby/popen.rb")
-        expect(Gitlab::Git::Commit.find(repository, "#{blob.id}^")).to be_nil
+        expect(described_class.find(repository, "#{blob.id}^")).to be_nil
       end
 
       it "should return nil for nonexisting ids" do
-        expect(Gitlab::Git::Commit.find(repository, "+123_4532530XYZ")).to be_nil
+        expect(described_class.find(repository, "+123_4532530XYZ")).to be_nil
       end
 
       context 'with broken repo' do
         let(:repository) { Gitlab::Git::Repository.new('default', TEST_BROKEN_REPO_PATH) }
 
         it 'returns nil' do
-          expect(Gitlab::Git::Commit.find(repository, SeedRepo::Commit::ID)).to be_nil
+          expect(described_class.find(repository, SeedRepo::Commit::ID)).to be_nil
         end
       end
     end
 
     describe '.last_for_path' do
       context 'no path' do
-        subject { Gitlab::Git::Commit.last_for_path(repository, 'master') }
+        subject { described_class.last_for_path(repository, 'master') }
 
         describe '#id' do
           subject { super().id }
@@ -160,7 +163,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
       end
 
       context 'path' do
-        subject { Gitlab::Git::Commit.last_for_path(repository, 'master', 'files/ruby') }
+        subject { described_class.last_for_path(repository, 'master', 'files/ruby') }
 
         describe '#id' do
           subject { super().id }
@@ -169,7 +172,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
       end
 
       context 'ref + path' do
-        subject { Gitlab::Git::Commit.last_for_path(repository, SeedRepo::Commit::ID, 'encoding') }
+        subject { described_class.last_for_path(repository, SeedRepo::Commit::ID, 'encoding') }
 
         describe '#id' do
           subject { super().id }
@@ -181,7 +184,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
     describe '.where' do
       context 'path is empty string' do
         subject do
-          commits = Gitlab::Git::Commit.where(
+          commits = described_class.where(
             repo: repository,
             ref: 'master',
             path: '',
@@ -199,7 +202,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
 
       context 'path is nil' do
         subject do
-          commits = Gitlab::Git::Commit.where(
+          commits = described_class.where(
             repo: repository,
             ref: 'master',
             path: nil,
@@ -217,7 +220,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
 
       context 'ref is branch name' do
         subject do
-          commits = Gitlab::Git::Commit.where(
+          commits = described_class.where(
             repo: repository,
             ref: 'master',
             path: 'files',
@@ -237,7 +240,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
 
       context 'ref is commit id' do
         subject do
-          commits = Gitlab::Git::Commit.where(
+          commits = described_class.where(
             repo: repository,
             ref: "874797c3a73b60d2187ed6e2fcabd289ff75171e",
             path: 'files',
@@ -257,7 +260,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
 
       context 'ref is tag' do
         subject do
-          commits = Gitlab::Git::Commit.where(
+          commits = described_class.where(
             repo: repository,
             ref: 'v1.0.0',
             path: 'files',
@@ -278,7 +281,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
 
     describe '.between' do
       subject do
-        commits = Gitlab::Git::Commit.between(repository, SeedRepo::Commit::PARENT_ID, SeedRepo::Commit::ID)
+        commits = described_class.between(repository, SeedRepo::Commit::PARENT_ID, SeedRepo::Commit::ID)
         commits.map { |c| c.id }
       end
 
@@ -294,12 +297,12 @@ describe Gitlab::Git::Commit, seed_helper: true do
         it 'should return a return a collection of commits' do
           commits = described_class.find_all(repository)
 
-          expect(commits).to all( be_a_kind_of(Gitlab::Git::Commit) )
+          expect(commits).to all( be_a_kind_of(described_class) )
         end
 
         context 'max_count' do
           subject do
-            commits = Gitlab::Git::Commit.find_all(
+            commits = described_class.find_all(
               repository,
               max_count: 50
             )
@@ -307,8 +310,8 @@ describe Gitlab::Git::Commit, seed_helper: true do
             commits.map(&:id)
           end
 
-          it 'has 33 elements' do
-            expect(subject.size).to eq(33)
+          it 'has 34 elements' do
+            expect(subject.size).to eq(34)
           end
 
           it 'includes the expected commits' do
@@ -322,7 +325,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
 
         context 'ref + max_count + skip' do
           subject do
-            commits = Gitlab::Git::Commit.find_all(
+            commits = described_class.find_all(
               repository,
               ref: 'master',
               max_count: 50,
@@ -374,7 +377,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
   end
 
   describe '#init_from_rugged' do
-    let(:gitlab_commit) { Gitlab::Git::Commit.new(rugged_commit) }
+    let(:gitlab_commit) { described_class.new(repository, rugged_commit) }
     subject { gitlab_commit }
 
     describe '#id' do
@@ -384,7 +387,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
   end
 
   describe '#init_from_hash' do
-    let(:commit) { Gitlab::Git::Commit.new(sample_commit_hash) }
+    let(:commit) { described_class.new(repository, sample_commit_hash) }
     subject { commit }
 
     describe '#id' do
@@ -451,7 +454,7 @@ describe Gitlab::Git::Commit, seed_helper: true do
   end
 
   describe '#ref_names' do
-    let(:commit) { Gitlab::Git::Commit.find(repository, 'master') }
+    let(:commit) { described_class.find(repository, 'master') }
     subject { commit.ref_names(repository) }
 
     it 'has 1 element' do
diff --git a/spec/lib/gitlab/git/diff_collection_spec.rb b/spec/lib/gitlab/git/diff_collection_spec.rb
index 0cfb210e390..3494f0cc98d 100644
--- a/spec/lib/gitlab/git/diff_collection_spec.rb
+++ b/spec/lib/gitlab/git/diff_collection_spec.rb
@@ -384,7 +384,7 @@ describe Gitlab::Git::DiffCollection, seed_helper: true do
         context 'when go over safe limits on files' do
           let(:iterator) { [fake_diff(1, 1)] * 4 }
 
-          before(:each) do
+          before do
             stub_const('Gitlab::Git::DiffCollection::DEFAULT_LIMITS', { max_files: 2, max_lines: max_lines })
           end
 
@@ -409,7 +409,7 @@ describe Gitlab::Git::DiffCollection, seed_helper: true do
             ]
           end
 
-          before(:each) do
+          before do
             stub_const('Gitlab::Git::DiffCollection::DEFAULT_LIMITS', { max_files: max_files, max_lines: 80 })
           end
 
@@ -434,7 +434,7 @@ describe Gitlab::Git::DiffCollection, seed_helper: true do
             ]
           end
 
-          before(:each) do
+          before do
             stub_const('Gitlab::Git::DiffCollection::DEFAULT_LIMITS', { max_files: max_files, max_lines: 80 })
           end
 
diff --git a/spec/lib/gitlab/git/repository_spec.rb b/spec/lib/gitlab/git/repository_spec.rb
index 20d6b58d6d1..4ef5d9070a2 100644
--- a/spec/lib/gitlab/git/repository_spec.rb
+++ b/spec/lib/gitlab/git/repository_spec.rb
@@ -289,7 +289,13 @@ describe Gitlab::Git::Repository, seed_helper: true do
       it { expect(submodule_url('six')).to eq('git://github.com/randx/six.git') }
     end
 
-    context 'no submodules at commit' do
+    context 'no .gitmodules at commit' do
+      let(:ref) { '9596bc54a6f0c0c98248fe97077eb5ccf48a98d0' }
+
+      it { expect(submodule_url('six')).to eq(nil) }
+    end
+
+    context 'no gitlink entry' do
       let(:ref) { '6d39438' }
 
       it { expect(submodule_url('six')).to eq(nil) }
@@ -422,11 +428,11 @@ describe Gitlab::Git::Repository, seed_helper: true do
 
     it "should fail if we create an existing branch" do
       @repo.create_branch('duplicated_branch', 'master')
-      expect{@repo.create_branch('duplicated_branch', 'master')}.to raise_error("Branch duplicated_branch already exists")
+      expect {@repo.create_branch('duplicated_branch', 'master')}.to raise_error("Branch duplicated_branch already exists")
     end
 
     it "should fail if we create a branch from a non existing ref" do
-      expect{@repo.create_branch('branch_based_in_wrong_ref', 'master_2_the_revenge')}.to raise_error("Invalid reference master_2_the_revenge")
+      expect {@repo.create_branch('branch_based_in_wrong_ref', 'master_2_the_revenge')}.to raise_error("Invalid reference master_2_the_revenge")
     end
 
     after(:all) do
@@ -505,17 +511,22 @@ describe Gitlab::Git::Repository, seed_helper: true do
   end
 
   describe "#log" do
-    commit_with_old_name = nil
-    commit_with_new_name = nil
-    rename_commit = nil
+    let(:commit_with_old_name) do
+      Gitlab::Git::Commit.decorate(repository, @commit_with_old_name_id)
+    end
+    let(:commit_with_new_name) do
+      Gitlab::Git::Commit.decorate(repository, @commit_with_new_name_id)
+    end
+    let(:rename_commit) do
+      Gitlab::Git::Commit.decorate(repository, @rename_commit_id)
+    end
 
     before(:context) do
       # Add new commits so that there's a renamed file in the commit history
       repo = Gitlab::Git::Repository.new('default', TEST_REPO_PATH).rugged
-
-      commit_with_old_name = Gitlab::Git::Commit.decorate(new_commit_edit_old_file(repo))
-      rename_commit = Gitlab::Git::Commit.decorate(new_commit_move_file(repo))
-      commit_with_new_name = Gitlab::Git::Commit.decorate(new_commit_edit_new_file(repo))
+      @commit_with_old_name_id = new_commit_edit_old_file(repo)
+      @rename_commit_id = new_commit_move_file(repo)
+      @commit_with_new_name_id = new_commit_edit_new_file(repo)
     end
 
     after(:context) do
@@ -754,7 +765,7 @@ describe Gitlab::Git::Repository, seed_helper: true do
       let(:options) { { ref: 'master', path: ['PROCESS.md', 'README.md'] } }
 
       def commit_files(commit)
-        commit.diff_from_parent.deltas.flat_map do |delta|
+        commit.rugged_diff_from_parent.deltas.flat_map do |delta|
           [delta.old_file[:path], delta.new_file[:path]].uniq.compact
         end
       end
@@ -981,7 +992,7 @@ describe Gitlab::Git::Repository, seed_helper: true do
 
   describe '#branch_count' do
     it 'returns the number of branches' do
-      expect(repository.branch_count).to eq(9)
+      expect(repository.branch_count).to eq(10)
     end
   end
 
@@ -997,7 +1008,7 @@ describe Gitlab::Git::Repository, seed_helper: true do
       expect(master_file_paths).to include("files/html/500.html")
     end
 
-    it "dose not read submodule directory and empty directory of master branch" do
+    it "does not read submodule directory and empty directory of master branch" do
       expect(master_file_paths).not_to include("six")
     end
 
@@ -1018,7 +1029,7 @@ describe Gitlab::Git::Repository, seed_helper: true do
     end
 
     context "with no .gitattrbutes" do
-      before(:each) do
+      before do
         repository.copy_gitattributes("master")
       end
 
@@ -1026,13 +1037,13 @@ describe Gitlab::Git::Repository, seed_helper: true do
         expect(File.exist?(attributes_path)).to be_falsey
       end
 
-      after(:each) do
+      after do
         FileUtils.rm_rf(attributes_path)
       end
     end
 
     context "with .gitattrbutes" do
-      before(:each) do
+      before do
         repository.copy_gitattributes("gitattributes")
       end
 
@@ -1045,13 +1056,13 @@ describe Gitlab::Git::Repository, seed_helper: true do
         expect(contents).to eq("*.md binary\n")
       end
 
-      after(:each) do
+      after do
         FileUtils.rm_rf(attributes_path)
       end
     end
 
     context "with updated .gitattrbutes" do
-      before(:each) do
+      before do
         repository.copy_gitattributes("gitattributes")
         repository.copy_gitattributes("gitattributes-updated")
       end
@@ -1065,13 +1076,13 @@ describe Gitlab::Git::Repository, seed_helper: true do
         expect(contents).to eq("*.txt binary\n")
       end
 
-      after(:each) do
+      after do
         FileUtils.rm_rf(attributes_path)
       end
     end
 
     context "with no .gitattrbutes in HEAD but with previous info/attributes" do
-      before(:each) do
+      before do
         repository.copy_gitattributes("gitattributes")
         repository.copy_gitattributes("master")
       end
@@ -1080,7 +1091,7 @@ describe Gitlab::Git::Repository, seed_helper: true do
         expect(File.exist?(attributes_path)).to be_falsey
       end
 
-      after(:each) do
+      after do
         FileUtils.rm_rf(attributes_path)
       end
     end
diff --git a/spec/lib/gitlab/git/storage/circuit_breaker_spec.rb b/spec/lib/gitlab/git/storage/circuit_breaker_spec.rb
index b2886628601..9d1763b96ad 100644
--- a/spec/lib/gitlab/git/storage/circuit_breaker_spec.rb
+++ b/spec/lib/gitlab/git/storage/circuit_breaker_spec.rb
@@ -174,12 +174,8 @@ describe Gitlab::Git::Storage::CircuitBreaker, clean_gitlab_redis_shared_state:
   end
 
   describe '#track_storage_inaccessible' do
-    around(:each) do |example|
-      Timecop.freeze
-
-      example.run
-
-      Timecop.return
+    around do |example|
+      Timecop.freeze { example.run }
     end
 
     it 'records the failure time in redis' do
diff --git a/spec/lib/gitlab/gitaly_client/commit_service_spec.rb b/spec/lib/gitlab/gitaly_client/commit_service_spec.rb
index d71e0f84c65..7fe698fcb18 100644
--- a/spec/lib/gitlab/gitaly_client/commit_service_spec.rb
+++ b/spec/lib/gitlab/gitaly_client/commit_service_spec.rb
@@ -30,7 +30,7 @@ describe Gitlab::GitalyClient::CommitService do
 
     context 'when a commit does not have a parent' do
       it 'sends an RPC request with empty tree ref as left commit' do
-        initial_commit = project.commit('1a0b36b3cdad1d2ee32457c102a8c0b7056fa863')
+        initial_commit = project.commit('1a0b36b3cdad1d2ee32457c102a8c0b7056fa863').raw
         request        = Gitaly::CommitDiffRequest.new(
           repository: repository_message,
           left_commit_id: '4b825dc642cb6eb9a060e54bf8d69288fbee4904',
@@ -46,18 +46,10 @@ describe Gitlab::GitalyClient::CommitService do
       end
     end
 
-    it 'returns a Gitlab::Git::DiffCollection' do
+    it 'returns a Gitlab::GitalyClient::DiffStitcher' do
       ret = client.diff_from_parent(commit)
 
-      expect(ret).to be_kind_of(Gitlab::Git::DiffCollection)
-    end
-
-    it 'passes options to Gitlab::Git::DiffCollection' do
-      options = { max_files: 31, max_lines: 13, from_gitaly: true }
-
-      expect(Gitlab::Git::DiffCollection).to receive(:new).with(kind_of(Enumerable), options)
-
-      client.diff_from_parent(commit, options)
+      expect(ret).to be_kind_of(Gitlab::GitalyClient::DiffStitcher)
     end
   end
 
@@ -120,4 +112,18 @@ describe Gitlab::GitalyClient::CommitService do
       client.tree_entries(repository, revision, path)
     end
   end
+
+  describe '#find_commit' do
+    let(:revision) { '4b825dc642cb6eb9a060e54bf8d69288fbee4904' }
+    it 'sends an RPC request' do
+      request = Gitaly::FindCommitRequest.new(
+        repository: repository_message, revision: revision
+      )
+
+      expect_any_instance_of(Gitaly::CommitService::Stub).to receive(:find_commit)
+        .with(request, kind_of(Hash)).and_return(double(commit: nil))
+
+      described_class.new(repository).find_commit(revision)
+    end
+  end
 end
diff --git a/spec/lib/gitlab/gitaly_client/repository_service_spec.rb b/spec/lib/gitlab/gitaly_client/repository_service_spec.rb
deleted file mode 100644
index 5c9c4ed1d7c..00000000000
--- a/spec/lib/gitlab/gitaly_client/repository_service_spec.rb
+++ /dev/null
@@ -1,19 +0,0 @@
-require 'spec_helper'
-
-describe Gitlab::GitalyClient::RepositoryService do
-  set(:project) { create(:project) }
-  let(:storage_name) { project.repository_storage }
-  let(:relative_path) { project.path_with_namespace + '.git' }
-  let(:client) { described_class.new(project.repository) }
-
-  describe '#exists?' do
-    it 'sends an exists message' do
-      expect_any_instance_of(Gitaly::RepositoryService::Stub)
-        .to receive(:exists)
-        .with(gitaly_request_with_path(storage_name, relative_path), kind_of(Hash))
-        .and_call_original
-
-      client.exists?
-    end
-  end
-end
diff --git a/spec/lib/gitlab/gitlab_import/project_creator_spec.rb b/spec/lib/gitlab/gitlab_import/project_creator_spec.rb
index da48d8f0670..82548c7fd31 100644
--- a/spec/lib/gitlab/gitlab_import/project_creator_spec.rb
+++ b/spec/lib/gitlab/gitlab_import/project_creator_spec.rb
@@ -12,7 +12,7 @@ describe Gitlab::GitlabImport::ProjectCreator do
       owner: { name: "john" }
     }.with_indifferent_access
   end
-  let(:namespace){ create(:group, owner: user) }
+  let(:namespace) { create(:group, owner: user) }
   let(:token) { "asdffg" }
   let(:access_params) { { gitlab_access_token: token } }
 
diff --git a/spec/lib/gitlab/google_code_import/project_creator_spec.rb b/spec/lib/gitlab/google_code_import/project_creator_spec.rb
index aad53938d52..8d5b60d50de 100644
--- a/spec/lib/gitlab/google_code_import/project_creator_spec.rb
+++ b/spec/lib/gitlab/google_code_import/project_creator_spec.rb
@@ -9,7 +9,7 @@ describe Gitlab::GoogleCodeImport::ProjectCreator do
       "repositoryUrls" => ["https://vim.googlecode.com/git/"]
     )
   end
-  let(:namespace){ create(:group, owner: user) }
+  let(:namespace) { create(:group, owner: user) }
 
   before do
     namespace.add_owner(user)
diff --git a/spec/lib/gitlab/gpg_spec.rb b/spec/lib/gitlab/gpg_spec.rb
index 8041518117d..30ad033b204 100644
--- a/spec/lib/gitlab/gpg_spec.rb
+++ b/spec/lib/gitlab/gpg_spec.rb
@@ -43,6 +43,58 @@ describe Gitlab::Gpg do
       ).to eq []
     end
   end
+
+  describe '.current_home_dir' do
+    let(:default_home_dir) { GPGME::Engine.dirinfo('homedir') }
+
+    it 'returns the default value when no explicit home dir has been set' do
+      expect(described_class.current_home_dir).to eq default_home_dir
+    end
+
+    it 'returns the explicitely set home dir' do
+      GPGME::Engine.home_dir = '/tmp/gpg'
+
+      expect(described_class.current_home_dir).to eq '/tmp/gpg'
+
+      GPGME::Engine.home_dir = GPGME::Engine.dirinfo('homedir')
+    end
+
+    it 'returns the default value when explicitely setting the home dir to nil' do
+      GPGME::Engine.home_dir = nil
+
+      expect(described_class.current_home_dir).to eq default_home_dir
+    end
+  end
+
+  describe '.using_tmp_keychain' do
+    it "the second thread does not change the first thread's directory" do
+      thread1 = Thread.new do
+        described_class.using_tmp_keychain do
+          dir = described_class.current_home_dir
+          sleep 0.1
+          expect(described_class.current_home_dir).to eq dir
+        end
+      end
+
+      thread2 = Thread.new do
+        described_class.using_tmp_keychain do
+          sleep 0.2
+        end
+      end
+
+      thread1.join
+      thread2.join
+    end
+
+    it 'allows recursive execution in the same thread' do
+      expect do
+        described_class.using_tmp_keychain do
+          described_class.using_tmp_keychain do
+          end
+        end
+      end.not_to raise_error(ThreadError)
+    end
+  end
 end
 
 describe Gitlab::Gpg::CurrentKeyChain do
diff --git a/spec/lib/gitlab/health_checks/fs_shards_check_spec.rb b/spec/lib/gitlab/health_checks/fs_shards_check_spec.rb
index 26574df8bb5..f5c9680bf59 100644
--- a/spec/lib/gitlab/health_checks/fs_shards_check_spec.rb
+++ b/spec/lib/gitlab/health_checks/fs_shards_check_spec.rb
@@ -106,12 +106,6 @@ describe Gitlab::HealthChecks::FsShardsCheck do
           }.with_indifferent_access
         end
 
-        # Unsolved intermittent failure in CI https://gitlab.com/gitlab-org/gitlab-ce/issues/31128
-        around(:each) do |example| # rubocop:disable RSpec/AroundBlock
-          times_to_try = ENV['CI'] ? 4 : 1
-          example.run_with_retry retry: times_to_try
-        end
-
         it 'provides metrics' do
           metrics = described_class.metrics
 
diff --git a/spec/lib/gitlab/import_export/all_models.yml b/spec/lib/gitlab/import_export/all_models.yml
index 6a41afe0c25..8da02b0cf00 100644
--- a/spec/lib/gitlab/import_export/all_models.yml
+++ b/spec/lib/gitlab/import_export/all_models.yml
@@ -22,6 +22,7 @@ events:
 - author
 - project
 - target
+- push_event_payload
 notes:
 - award_emoji
 - project
@@ -272,3 +273,5 @@ timelogs:
 - issue
 - merge_request
 - user
+push_event_payload:
+- event
diff --git a/spec/lib/gitlab/import_export/attribute_cleaner_spec.rb b/spec/lib/gitlab/import_export/attribute_cleaner_spec.rb
index 574748756bd..cd5a1b2982b 100644
--- a/spec/lib/gitlab/import_export/attribute_cleaner_spec.rb
+++ b/spec/lib/gitlab/import_export/attribute_cleaner_spec.rb
@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe Gitlab::ImportExport::AttributeCleaner do
-  let(:relation_class){ double('relation_class').as_null_object }
+  let(:relation_class) { double('relation_class').as_null_object }
   let(:unsafe_hash) do
     {
       'id' => 101,
diff --git a/spec/lib/gitlab/import_export/file_importer_spec.rb b/spec/lib/gitlab/import_export/file_importer_spec.rb
index 690c7625c52..162b776e107 100644
--- a/spec/lib/gitlab/import_export/file_importer_spec.rb
+++ b/spec/lib/gitlab/import_export/file_importer_spec.rb
@@ -5,6 +5,7 @@ describe Gitlab::ImportExport::FileImporter do
   let(:export_path) { "#{Dir.tmpdir}/file_importer_spec" }
   let(:valid_file) { "#{shared.export_path}/valid.json" }
   let(:symlink_file) { "#{shared.export_path}/invalid.json" }
+  let(:hidden_symlink_file) { "#{shared.export_path}/.hidden" }
   let(:subfolder_symlink_file) { "#{shared.export_path}/subfolder/invalid.json" }
 
   before do
@@ -25,6 +26,10 @@ describe Gitlab::ImportExport::FileImporter do
     expect(File.exist?(symlink_file)).to be false
   end
 
+  it 'removes hidden symlinks in root folder' do
+    expect(File.exist?(hidden_symlink_file)).to be false
+  end
+
   it 'removes symlinks in subfolders' do
     expect(File.exist?(subfolder_symlink_file)).to be false
   end
diff --git a/spec/lib/gitlab/import_export/project.json b/spec/lib/gitlab/import_export/project.json
index 469a014e4d2..4e631e13410 100644
--- a/spec/lib/gitlab/import_export/project.json
+++ b/spec/lib/gitlab/import_export/project.json
@@ -2534,7 +2534,6 @@
       "iid": 9,
       "description": null,
       "position": 0,
-      "locked_at": null,
       "updated_by_id": null,
       "merge_error": null,
       "merge_params": {
@@ -2983,7 +2982,6 @@
       "iid": 8,
       "description": null,
       "position": 0,
-      "locked_at": null,
       "updated_by_id": null,
       "merge_error": null,
       "merge_params": {
@@ -3267,7 +3265,6 @@
       "iid": 7,
       "description": "Et commodi deserunt aspernatur vero rerum. Ut non dolorum alias in odit est libero. Voluptatibus eos in et vitae repudiandae facilis ex mollitia.",
       "position": 0,
-      "locked_at": null,
       "updated_by_id": null,
       "merge_error": null,
       "merge_params": {
@@ -3551,7 +3548,6 @@
       "iid": 6,
       "description": "Dicta magnam non voluptates nam dignissimos nostrum deserunt. Dolorum et suscipit iure quae doloremque. Necessitatibus saepe aut labore sed.",
       "position": 0,
-      "locked_at": null,
       "updated_by_id": null,
       "merge_error": null,
       "merge_params": {
@@ -4241,7 +4237,6 @@
       "iid": 5,
       "description": "Est eaque quasi qui qui. Similique voluptatem impedit iusto ratione reprehenderit. Itaque est illum ut nulla aut.",
       "position": 0,
-      "locked_at": null,
       "updated_by_id": null,
       "merge_error": null,
       "merge_params": {
@@ -4789,7 +4784,6 @@
       "iid": 4,
       "description": "Nam magnam odit velit rerum. Sapiente dolore sunt saepe debitis. Culpa maiores ut ad dolores dolorem et.",
       "position": 0,
-      "locked_at": null,
       "updated_by_id": null,
       "merge_error": null,
       "merge_params": {
@@ -5288,7 +5282,6 @@
       "iid": 3,
       "description": "Libero nesciunt mollitia quis odit eos vero quasi. Iure voluptatem ut sint pariatur voluptates ut aut. Laborum possimus unde illum ipsum eum.",
       "position": 0,
-      "locked_at": null,
       "updated_by_id": null,
       "merge_error": null,
       "merge_params": {
@@ -5548,7 +5541,6 @@
       "iid": 2,
       "description": "Ut dolor quia aliquid dolore et nisi. Est minus suscipit enim quaerat sapiente consequatur rerum. Eveniet provident consequatur dolor accusantium reiciendis.",
       "position": 0,
-      "locked_at": null,
       "updated_by_id": null,
       "merge_error": null,
       "merge_params": {
@@ -6238,7 +6230,6 @@
       "iid": 1,
       "description": "Eveniet nihil ratione veniam similique qui aut sapiente tempora. Sed praesentium iusto dignissimos possimus id repudiandae quo nihil. Qui doloremque autem et iure fugit.",
       "position": 0,
-      "locked_at": null,
       "updated_by_id": null,
       "merge_error": null,
       "merge_params": {
diff --git a/spec/lib/gitlab/import_export/safe_model_attributes.yml b/spec/lib/gitlab/import_export/safe_model_attributes.yml
index 11f4c16ff96..ae3b0173160 100644
--- a/spec/lib/gitlab/import_export/safe_model_attributes.yml
+++ b/spec/lib/gitlab/import_export/safe_model_attributes.yml
@@ -36,6 +36,14 @@ Event:
 - updated_at
 - action
 - author_id
+PushEventPayload:
+- commit_count
+- action
+- ref_type
+- commit_from
+- commit_to
+- ref
+- commit_title
 Note:
 - id
 - note
@@ -145,7 +153,6 @@ MergeRequest:
 - iid
 - description
 - position
-- locked_at
 - updated_by_id
 - merge_error
 - merge_params
diff --git a/spec/lib/gitlab/ldap/config_spec.rb b/spec/lib/gitlab/ldap/config_spec.rb
index 292ec064a67..ca2213cd112 100644
--- a/spec/lib/gitlab/ldap/config_spec.rb
+++ b/spec/lib/gitlab/ldap/config_spec.rb
@@ -7,7 +7,7 @@ describe Gitlab::LDAP::Config do
 
   describe '#initialize' do
     it 'requires a provider' do
-      expect{ described_class.new }.to raise_error ArgumentError
+      expect { described_class.new }.to raise_error ArgumentError
     end
 
     it 'works' do
@@ -15,7 +15,7 @@ describe Gitlab::LDAP::Config do
     end
 
     it 'raises an error if a unknown provider is used' do
-      expect{ described_class.new 'unknown' }.to raise_error(RuntimeError)
+      expect { described_class.new 'unknown' }.to raise_error(RuntimeError)
     end
   end
 
diff --git a/spec/lib/gitlab/ldap/user_spec.rb b/spec/lib/gitlab/ldap/user_spec.rb
index 175ceec44d7..5100a5a609e 100644
--- a/spec/lib/gitlab/ldap/user_spec.rb
+++ b/spec/lib/gitlab/ldap/user_spec.rb
@@ -61,12 +61,12 @@ describe Gitlab::LDAP::User do
     it "finds the user if already existing" do
       create(:omniauth_user, extern_uid: 'my-uid', provider: 'ldapmain')
 
-      expect{ ldap_user.save }.not_to change{ User.count }
+      expect { ldap_user.save }.not_to change { User.count }
     end
 
     it "connects to existing non-ldap user if the email matches" do
       existing_user = create(:omniauth_user, email: 'john@example.com', provider: "twitter")
-      expect{ ldap_user.save }.not_to change{ User.count }
+      expect { ldap_user.save }.not_to change { User.count }
 
       existing_user.reload
       expect(existing_user.ldap_identity.extern_uid).to eql 'my-uid'
@@ -75,7 +75,7 @@ describe Gitlab::LDAP::User do
 
     it 'connects to existing ldap user if the extern_uid changes' do
       existing_user = create(:omniauth_user, email: 'john@example.com', extern_uid: 'old-uid', provider: 'ldapmain')
-      expect{ ldap_user.save }.not_to change{ User.count }
+      expect { ldap_user.save }.not_to change { User.count }
 
       existing_user.reload
       expect(existing_user.ldap_identity.extern_uid).to eql 'my-uid'
@@ -85,7 +85,7 @@ describe Gitlab::LDAP::User do
 
     it 'connects to existing ldap user if the extern_uid changes and email address has upper case characters' do
       existing_user = create(:omniauth_user, email: 'john@example.com', extern_uid: 'old-uid', provider: 'ldapmain')
-      expect{ ldap_user_upper_case.save }.not_to change{ User.count }
+      expect { ldap_user_upper_case.save }.not_to change { User.count }
 
       existing_user.reload
       expect(existing_user.ldap_identity.extern_uid).to eql 'my-uid'
@@ -106,7 +106,7 @@ describe Gitlab::LDAP::User do
     end
 
     it "creates a new user if not found" do
-      expect{ ldap_user.save }.to change{ User.count }.by(1)
+      expect { ldap_user.save }.to change { User.count }.by(1)
     end
 
     context 'when signup is disabled' do
diff --git a/spec/lib/gitlab/metrics/requests_rack_middleware_spec.rb b/spec/lib/gitlab/metrics/requests_rack_middleware_spec.rb
index 461b1e4182a..ebe66948a91 100644
--- a/spec/lib/gitlab/metrics/requests_rack_middleware_spec.rb
+++ b/spec/lib/gitlab/metrics/requests_rack_middleware_spec.rb
@@ -4,10 +4,6 @@ describe Gitlab::Metrics::RequestsRackMiddleware do
   let(:app) { double('app') }
   subject { described_class.new(app) }
 
-  around do |example|
-    Timecop.freeze { example.run }
-  end
-
   describe '#call' do
     let(:status) { 100 }
     let(:env) { { 'REQUEST_METHOD' => 'GET' } }
@@ -28,16 +24,14 @@ describe Gitlab::Metrics::RequestsRackMiddleware do
         subject.call(env)
       end
 
-      it 'measures execution time' do
-        execution_time = 10
-        allow(app).to receive(:call) do |*args|
-          Timecop.freeze(execution_time.seconds)
-          [200, nil, nil]
-        end
+      RSpec::Matchers.define :a_positive_execution_time do
+        match { |actual| actual > 0 }
+      end
 
-        expect(described_class).to receive_message_chain(:http_request_duration_seconds, :observe).with({ status: 200, method: 'get' }, execution_time)
+      it 'measures execution time' do
+        expect(described_class).to receive_message_chain(:http_request_duration_seconds, :observe).with({ status: 200, method: 'get' }, a_positive_execution_time)
 
-        subject.call(env)
+        Timecop.scale(3600) { subject.call(env) }
       end
     end
 
diff --git a/spec/lib/gitlab/o_auth/user_spec.rb b/spec/lib/gitlab/o_auth/user_spec.rb
index 6c84c4a0c1e..15edb820908 100644
--- a/spec/lib/gitlab/o_auth/user_spec.rb
+++ b/spec/lib/gitlab/o_auth/user_spec.rb
@@ -147,7 +147,7 @@ describe Gitlab::OAuth::User do
           end
 
           it 'throws an error' do
-            expect{ oauth_user.save }.to raise_error StandardError
+            expect { oauth_user.save }.to raise_error StandardError
           end
         end
 
@@ -157,7 +157,7 @@ describe Gitlab::OAuth::User do
           end
 
           it 'throws an error' do
-            expect{ oauth_user.save }.to raise_error StandardError
+            expect { oauth_user.save }.to raise_error StandardError
           end
         end
       end
diff --git a/spec/lib/gitlab/project_template_spec.rb b/spec/lib/gitlab/project_template_spec.rb
index 12e75cdd5d0..d19bd611919 100644
--- a/spec/lib/gitlab/project_template_spec.rb
+++ b/spec/lib/gitlab/project_template_spec.rb
@@ -4,7 +4,9 @@ describe Gitlab::ProjectTemplate do
   describe '.all' do
     it 'returns a all templates' do
       expected = [
-        described_class.new('rails', 'Ruby on Rails')
+        described_class.new('rails', 'Ruby on Rails'),
+        described_class.new('spring', 'Spring'),
+        described_class.new('express', 'NodeJS Express')
       ]
 
       expect(described_class.all).to be_an(Array)
diff --git a/spec/lib/gitlab/request_context_spec.rb b/spec/lib/gitlab/request_context_spec.rb
index e272bdb9284..8a28ad0e597 100644
--- a/spec/lib/gitlab/request_context_spec.rb
+++ b/spec/lib/gitlab/request_context_spec.rb
@@ -7,7 +7,7 @@ describe Gitlab::RequestContext do
     let(:env) { Hash.new }
 
     context 'when RequestStore::Middleware is used' do
-      around(:each) do |example|
+      around do |example|
         RequestStore::Middleware.new(-> (env) { example.run }).call({})
       end
 
diff --git a/spec/lib/gitlab/saml/user_spec.rb b/spec/lib/gitlab/saml/user_spec.rb
index 2827a18515e..19710029224 100644
--- a/spec/lib/gitlab/saml/user_spec.rb
+++ b/spec/lib/gitlab/saml/user_spec.rb
@@ -109,7 +109,7 @@ describe Gitlab::Saml::User do
           end
 
           it 'does not throw an error' do
-            expect{ saml_user.save }.not_to raise_error
+            expect { saml_user.save }.not_to raise_error
           end
         end
 
@@ -119,7 +119,7 @@ describe Gitlab::Saml::User do
           end
 
           it 'throws an error' do
-            expect{ saml_user.save }.to raise_error StandardError
+            expect { saml_user.save }.to raise_error StandardError
           end
         end
       end
diff --git a/spec/lib/gitlab/sql/union_spec.rb b/spec/lib/gitlab/sql/union_spec.rb
index 5346881444d..baf8f6644bf 100644
--- a/spec/lib/gitlab/sql/union_spec.rb
+++ b/spec/lib/gitlab/sql/union_spec.rb
@@ -19,7 +19,7 @@ describe Gitlab::SQL::Union do
       empty_relation = User.none
       union = described_class.new([empty_relation, relation_1, relation_2])
 
-      expect{User.where("users.id IN (#{union.to_sql})").to_a}.not_to raise_error
+      expect {User.where("users.id IN (#{union.to_sql})").to_a}.not_to raise_error
       expect(union.to_sql).to eq("#{to_sql(relation_1)}\nUNION\n#{to_sql(relation_2)}")
     end
   end
diff --git a/spec/lib/gitlab/template/issue_template_spec.rb b/spec/lib/gitlab/template/issue_template_spec.rb
index 6e0b1075a89..7098499f996 100644
--- a/spec/lib/gitlab/template/issue_template_spec.rb
+++ b/spec/lib/gitlab/template/issue_template_spec.rb
@@ -1,41 +1,28 @@
 require 'spec_helper'
 
 describe Gitlab::Template::IssueTemplate do
-  subject { described_class }
-
-  let(:user) { create(:user) }
-
-  let(:project) do
-    create(:project,
-      :repository,
-      create_template: {
-        user: user,
-        access: Gitlab::Access::MASTER,
-        path: 'issue_templates'
-      })
-  end
+  let(:project) { create(:project, :repository, create_templates: :issue) }
 
   describe '.all' do
     it 'strips the md suffix' do
-      expect(subject.all(project).first.name).not_to end_with('.issue_template')
+      expect(described_class.all(project).first.name).not_to end_with('.issue_template')
     end
 
     it 'combines the globals and rest' do
-      all = subject.all(project).map(&:name)
+      all = described_class.all(project).map(&:name)
 
       expect(all).to include('bug')
       expect(all).to include('feature_proposal')
-      expect(all).to include('template_test')
     end
   end
 
   describe '.find' do
     it 'returns nil if the file does not exist' do
-      expect { subject.find('mepmep-yadida', project) }.to raise_error(Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError)
+      expect { described_class.find('mepmep-yadida', project) }.to raise_error(Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError)
     end
 
     it 'returns the issue object of a valid file' do
-      ruby = subject.find('bug', project)
+      ruby = described_class.find('bug', project)
 
       expect(ruby).to be_a described_class
       expect(ruby.name).to eq('bug')
@@ -44,21 +31,17 @@ describe Gitlab::Template::IssueTemplate do
 
   describe '.by_category' do
     it 'return array of templates' do
-      all = subject.by_category('', project).map(&:name)
+      all = described_class.by_category('', project).map(&:name)
       expect(all).to include('bug')
       expect(all).to include('feature_proposal')
-      expect(all).to include('template_test')
     end
 
     context 'when repo is bare or empty' do
       let(:empty_project) { create(:project) }
 
-      before do
-        empty_project.add_user(user, Gitlab::Access::MASTER)
-      end
-
       it "returns empty array" do
-        templates = subject.by_category('', empty_project)
+        templates = described_class.by_category('', empty_project)
+
         expect(templates).to be_empty
       end
     end
@@ -66,26 +49,23 @@ describe Gitlab::Template::IssueTemplate do
 
   describe '#content' do
     it 'loads the full file' do
-      issue_template = subject.new('.gitlab/issue_templates/bug.md', project)
+      issue_template = described_class.new('.gitlab/issue_templates/bug.md', project)
 
       expect(issue_template.name).to eq 'bug'
       expect(issue_template.content).to eq('something valid')
     end
 
     it 'raises error when file is not found' do
-      issue_template = subject.new('.gitlab/issue_templates/bugnot.md', project)
+      issue_template = described_class.new('.gitlab/issue_templates/bugnot.md', project)
       expect { issue_template.content }.to raise_error(Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError)
     end
 
     context "when repo is empty" do
       let(:empty_project) { create(:project) }
 
-      before do
-        empty_project.add_user(user, Gitlab::Access::MASTER)
-      end
-
       it "raises file not found" do
-        issue_template = subject.new('.gitlab/issue_templates/not_existent.md', empty_project)
+        issue_template = described_class.new('.gitlab/issue_templates/not_existent.md', empty_project)
+
         expect { issue_template.content }.to raise_error(Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError)
       end
     end
diff --git a/spec/lib/gitlab/template/merge_request_template_spec.rb b/spec/lib/gitlab/template/merge_request_template_spec.rb
index b952274cd24..bd7ff64aa8a 100644
--- a/spec/lib/gitlab/template/merge_request_template_spec.rb
+++ b/spec/lib/gitlab/template/merge_request_template_spec.rb
@@ -1,41 +1,28 @@
 require 'spec_helper'
 
 describe Gitlab::Template::MergeRequestTemplate do
-  subject { described_class }
-
-  let(:user) { create(:user) }
-
-  let(:project) do
-    create(:project,
-      :repository,
-      create_template: {
-        user: user,
-        access: Gitlab::Access::MASTER,
-        path: 'merge_request_templates'
-      })
-  end
+  let(:project) { create(:project, :repository, create_templates: :merge_request) }
 
   describe '.all' do
     it 'strips the md suffix' do
-      expect(subject.all(project).first.name).not_to end_with('.issue_template')
+      expect(described_class.all(project).first.name).not_to end_with('.issue_template')
     end
 
     it 'combines the globals and rest' do
-      all = subject.all(project).map(&:name)
+      all = described_class.all(project).map(&:name)
 
       expect(all).to include('bug')
       expect(all).to include('feature_proposal')
-      expect(all).to include('template_test')
     end
   end
 
   describe '.find' do
     it 'returns nil if the file does not exist' do
-      expect { subject.find('mepmep-yadida', project) }.to raise_error(Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError)
+      expect { described_class.find('mepmep-yadida', project) }.to raise_error(Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError)
     end
 
     it 'returns the merge request object of a valid file' do
-      ruby = subject.find('bug', project)
+      ruby = described_class.find('bug', project)
 
       expect(ruby).to be_a described_class
       expect(ruby.name).to eq('bug')
@@ -44,21 +31,17 @@ describe Gitlab::Template::MergeRequestTemplate do
 
   describe '.by_category' do
     it 'return array of templates' do
-      all = subject.by_category('', project).map(&:name)
+      all = described_class.by_category('', project).map(&:name)
       expect(all).to include('bug')
       expect(all).to include('feature_proposal')
-      expect(all).to include('template_test')
     end
 
     context 'when repo is bare or empty' do
       let(:empty_project) { create(:project) }
 
-      before do
-        empty_project.add_user(user, Gitlab::Access::MASTER)
-      end
-
       it "returns empty array" do
-        templates = subject.by_category('', empty_project)
+        templates = described_class.by_category('', empty_project)
+
         expect(templates).to be_empty
       end
     end
@@ -66,26 +49,23 @@ describe Gitlab::Template::MergeRequestTemplate do
 
   describe '#content' do
     it 'loads the full file' do
-      issue_template = subject.new('.gitlab/merge_request_templates/bug.md', project)
+      issue_template = described_class.new('.gitlab/merge_request_templates/bug.md', project)
 
       expect(issue_template.name).to eq 'bug'
       expect(issue_template.content).to eq('something valid')
     end
 
     it 'raises error when file is not found' do
-      issue_template = subject.new('.gitlab/merge_request_templates/bugnot.md', project)
+      issue_template = described_class.new('.gitlab/merge_request_templates/bugnot.md', project)
       expect { issue_template.content }.to raise_error(Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError)
     end
 
     context "when repo is empty" do
       let(:empty_project) { create(:project) }
 
-      before do
-        empty_project.add_user(user, Gitlab::Access::MASTER)
-      end
-
       it "raises file not found" do
-        issue_template = subject.new('.gitlab/merge_request_templates/not_existent.md', empty_project)
+        issue_template = described_class.new('.gitlab/merge_request_templates/not_existent.md', empty_project)
+
         expect { issue_template.content }.to raise_error(Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError)
       end
     end
diff --git a/spec/lib/gitlab/url_blocker_spec.rb b/spec/lib/gitlab/url_blocker_spec.rb
index f5b4882815f..f18823b61ef 100644
--- a/spec/lib/gitlab/url_blocker_spec.rb
+++ b/spec/lib/gitlab/url_blocker_spec.rb
@@ -20,6 +20,34 @@ describe Gitlab::UrlBlocker do
       expect(described_class.blocked_url?('https://gitlab.com:25/foo/foo.git')).to be true
     end
 
+    it 'returns true for a non-alphanumeric hostname' do
+      stub_resolv
+
+      aggregate_failures do
+        expect(described_class).to be_blocked_url('ssh://-oProxyCommand=whoami/a')
+
+        # The leading character here is a Unicode "soft hyphen"
+        expect(described_class).to be_blocked_url('ssh://­oProxyCommand=whoami/a')
+
+        # Unicode alphanumerics are allowed
+        expect(described_class).not_to be_blocked_url('ssh://ÄŸitlab.com/a')
+      end
+    end
+
+    it 'returns true for a non-alphanumeric username' do
+      stub_resolv
+
+      aggregate_failures do
+        expect(described_class).to be_blocked_url('ssh://-oProxyCommand=whoami@example.com/a')
+
+        # The leading character here is a Unicode "soft hyphen"
+        expect(described_class).to be_blocked_url('ssh://­oProxyCommand=whoami@example.com/a')
+
+        # Unicode alphanumerics are allowed
+        expect(described_class).not_to be_blocked_url('ssh://ÄŸitlab@example.com/a')
+      end
+    end
+
     it 'returns true for invalid URL' do
       expect(described_class.blocked_url?('http://:8080')).to be true
     end
@@ -28,4 +56,10 @@ describe Gitlab::UrlBlocker do
       expect(described_class.blocked_url?('https://gitlab.com/foo/foo.git')).to be false
     end
   end
+
+  # Resolv does not support resolving UTF-8 domain names
+  # See https://bugs.ruby-lang.org/issues/4270
+  def stub_resolv
+    allow(Resolv).to receive(:getaddresses).and_return([])
+  end
 end
diff --git a/spec/lib/gitlab/version_info_spec.rb b/spec/lib/gitlab/version_info_spec.rb
index e7e1a92ae54..c8a1e433d59 100644
--- a/spec/lib/gitlab/version_info_spec.rb
+++ b/spec/lib/gitlab/version_info_spec.rb
@@ -50,8 +50,8 @@ describe 'Gitlab::VersionInfo' do
   context 'unknown' do
     it { expect(@unknown).not_to be @v0_0_1 }
     it { expect(@unknown).not_to be Gitlab::VersionInfo.new }
-    it { expect{@unknown > @v0_0_1}.to raise_error(ArgumentError) }
-    it { expect{@unknown < @v0_0_1}.to raise_error(ArgumentError) }
+    it { expect {@unknown > @v0_0_1}.to raise_error(ArgumentError) }
+    it { expect {@unknown < @v0_0_1}.to raise_error(ArgumentError) }
   end
 
   context 'parse' do
diff --git a/spec/lib/gitlab/workhorse_spec.rb b/spec/lib/gitlab/workhorse_spec.rb
index 654397ccffb..b66afafa174 100644
--- a/spec/lib/gitlab/workhorse_spec.rb
+++ b/spec/lib/gitlab/workhorse_spec.rb
@@ -202,7 +202,6 @@ describe Gitlab::Workhorse do
     context 'when Gitaly is enabled' do
       let(:gitaly_params) do
         {
-          GitalyAddress: Gitlab::GitalyClient.address('default'),
           GitalyServer: {
             address: Gitlab::GitalyClient.address('default'),
             token: Gitlab::GitalyClient.token('default')
@@ -217,7 +216,9 @@ describe Gitlab::Workhorse do
       it 'includes a Repository param' do
         repo_param = { Repository: {
           storage_name: 'default',
-          relative_path: project.full_path + '.git'
+          relative_path: project.full_path + '.git',
+          git_object_directory: '',
+          git_alternate_object_directories: []
         } }
 
         expect(subject).to include(repo_param)
diff --git a/spec/lib/json_web_token/rsa_token_spec.rb b/spec/lib/json_web_token/rsa_token_spec.rb
index e7022bd06f8..d6edc964844 100644
--- a/spec/lib/json_web_token/rsa_token_spec.rb
+++ b/spec/lib/json_web_token/rsa_token_spec.rb
@@ -27,7 +27,7 @@ describe JSONWebToken::RSAToken do
 
       subject { JWT.decode(rsa_encoded, rsa_key) }
 
-      it { expect{subject}.not_to raise_error }
+      it { expect {subject}.not_to raise_error }
       it { expect(subject.first).to include('key' => 'value') }
       it do
         expect(subject.second).to eq(
@@ -41,7 +41,7 @@ describe JSONWebToken::RSAToken do
       let(:new_key) { OpenSSL::PKey::RSA.generate(512) }
       subject { JWT.decode(rsa_encoded, new_key) }
 
-      it { expect{subject}.to raise_error(JWT::DecodeError) }
+      it { expect {subject}.to raise_error(JWT::DecodeError) }
     end
   end
 end
diff --git a/spec/lib/rspec_flaky/example_spec.rb b/spec/lib/rspec_flaky/example_spec.rb
new file mode 100644
index 00000000000..5b4fd5ddf3e
--- /dev/null
+++ b/spec/lib/rspec_flaky/example_spec.rb
@@ -0,0 +1,89 @@
+require 'spec_helper'
+
+describe RspecFlaky::Example do
+  let(:example_attrs) do
+    {
+      id: 'spec/foo/bar_spec.rb:2',
+      metadata: {
+        file_path: 'spec/foo/bar_spec.rb',
+        line_number: 2,
+        full_description: 'hello world'
+      },
+      execution_result: double(status: 'passed', exception: 'BOOM!'),
+      attempts: 1
+    }
+  end
+  let(:rspec_example) { double(example_attrs) }
+
+  describe '#initialize' do
+    shared_examples 'a valid Example instance' do
+      it 'returns valid attributes' do
+        example = described_class.new(args)
+
+        expect(example.example_id).to eq(example_attrs[:id])
+      end
+    end
+
+    context 'when given an Rspec::Core::Example that responds to #example' do
+      let(:args) { double(example: rspec_example) }
+
+      it_behaves_like 'a valid Example instance'
+    end
+
+    context 'when given an Rspec::Core::Example that does not respond to #example' do
+      let(:args) { rspec_example }
+
+      it_behaves_like 'a valid Example instance'
+    end
+  end
+
+  subject { described_class.new(rspec_example) }
+
+  describe '#uid' do
+    it 'returns a hash of the full description' do
+      expect(subject.uid).to eq(Digest::MD5.hexdigest("#{subject.description}-#{subject.file}"))
+    end
+  end
+
+  describe '#example_id' do
+    it 'returns the ID of the RSpec::Core::Example' do
+      expect(subject.example_id).to eq(rspec_example.id)
+    end
+  end
+
+  describe '#attempts' do
+    it 'returns the attempts of the RSpec::Core::Example' do
+      expect(subject.attempts).to eq(rspec_example.attempts)
+    end
+  end
+
+  describe '#file' do
+    it 'returns the metadata[:file_path] of the RSpec::Core::Example' do
+      expect(subject.file).to eq(rspec_example.metadata[:file_path])
+    end
+  end
+
+  describe '#line' do
+    it 'returns the metadata[:line_number] of the RSpec::Core::Example' do
+      expect(subject.line).to eq(rspec_example.metadata[:line_number])
+    end
+  end
+
+  describe '#description' do
+    it 'returns the metadata[:full_description] of the RSpec::Core::Example' do
+      expect(subject.description).to eq(rspec_example.metadata[:full_description])
+    end
+  end
+
+  describe '#status' do
+    it 'returns the execution_result.status of the RSpec::Core::Example' do
+      expect(subject.status).to eq(rspec_example.execution_result.status)
+    end
+  end
+
+  describe '#exception' do
+    it 'returns the execution_result.exception of the RSpec::Core::Example' do
+      expect(subject.exception).to eq(rspec_example.execution_result.exception)
+    end
+  end
+end
diff --git a/spec/lib/rspec_flaky/flaky_example_spec.rb b/spec/lib/rspec_flaky/flaky_example_spec.rb
new file mode 100644
index 00000000000..cbfc1e538ab
--- /dev/null
+++ b/spec/lib/rspec_flaky/flaky_example_spec.rb
@@ -0,0 +1,104 @@
+require 'spec_helper'
+
+describe RspecFlaky::FlakyExample do
+  let(:flaky_example_attrs) do
+    {
+      example_id: 'spec/foo/bar_spec.rb:2',
+      file: 'spec/foo/bar_spec.rb',
+      line: 2,
+      description: 'hello world',
+      first_flaky_at: 1234,
+      last_flaky_at: 2345,
+      last_attempts_count: 2,
+      flaky_reports: 1
+    }
+  end
+  let(:example_attrs) do
+    {
+      uid: 'abc123',
+      example_id: flaky_example_attrs[:example_id],
+      file: flaky_example_attrs[:file],
+      line: flaky_example_attrs[:line],
+      description: flaky_example_attrs[:description],
+      status: 'passed',
+      exception: 'BOOM!',
+      attempts: flaky_example_attrs[:last_attempts_count]
+    }
+  end
+  let(:example) { double(example_attrs) }
+
+  describe '#initialize' do
+    shared_examples 'a valid FlakyExample instance' do
+      it 'returns valid attributes' do
+        flaky_example = described_class.new(args)
+
+        expect(flaky_example.uid).to eq(flaky_example_attrs[:uid])
+        expect(flaky_example.example_id).to eq(flaky_example_attrs[:example_id])
+      end
+    end
+
+    context 'when given an Rspec::Example' do
+      let(:args) { example }
+
+      it_behaves_like 'a valid FlakyExample instance'
+    end
+
+    context 'when given a hash' do
+      let(:args) { flaky_example_attrs }
+
+      it_behaves_like 'a valid FlakyExample instance'
+    end
+  end
+
+  describe '#to_h' do
+    before do
+      # Stub these env variables otherwise specs don't behave the same on the CI
+      stub_env('CI_PROJECT_URL', nil)
+      stub_env('CI_JOB_ID', nil)
+    end
+
+    shared_examples 'a valid FlakyExample hash' do
+      let(:additional_attrs) { {} }
+
+      it 'returns a valid hash' do
+        flaky_example = described_class.new(args)
+        final_hash = flaky_example_attrs
+          .merge(last_flaky_at: instance_of(Time), last_flaky_job: nil)
+          .merge(additional_attrs)
+
+        expect(flaky_example.to_h).to match(hash_including(final_hash))
+      end
+    end
+
+    context 'when given an Rspec::Example' do
+      let(:args) { example }
+
+      context 'when run locally' do
+        it_behaves_like 'a valid FlakyExample hash' do
+          let(:additional_attrs) do
+            { first_flaky_at: instance_of(Time) }
+          end
+        end
+      end
+
+      context 'when run on the CI' do
+        before do
+          stub_env('CI_PROJECT_URL', 'https://gitlab.com/gitlab-org/gitlab-ce')
+          stub_env('CI_JOB_ID', 42)
+        end
+
+        it_behaves_like 'a valid FlakyExample hash' do
+          let(:additional_attrs) do
+            { first_flaky_at: instance_of(Time), last_flaky_job: "https://gitlab.com/gitlab-org/gitlab-ce/-/jobs/42" }
+          end
+        end
+      end
+    end
+
+    context 'when given a hash' do
+      let(:args) { flaky_example_attrs }
+
+      it_behaves_like 'a valid FlakyExample hash'
+    end
+  end
+end
diff --git a/spec/lib/rspec_flaky/listener_spec.rb b/spec/lib/rspec_flaky/listener_spec.rb
new file mode 100644
index 00000000000..0e193bf408b
--- /dev/null
+++ b/spec/lib/rspec_flaky/listener_spec.rb
@@ -0,0 +1,178 @@
+require 'spec_helper'
+
+describe RspecFlaky::Listener do
+  let(:flaky_example_report) do
+    {
+      'abc123' => {
+        example_id: 'spec/foo/bar_spec.rb:2',
+        file: 'spec/foo/bar_spec.rb',
+        line: 2,
+        description: 'hello world',
+        first_flaky_at: 1234,
+        last_flaky_at: instance_of(Time),
+        last_attempts_count: 2,
+        flaky_reports: 1,
+        last_flaky_job: nil
+      }
+    }
+  end
+  let(:example_attrs) do
+    {
+      id: 'spec/foo/baz_spec.rb:3',
+      metadata: {
+        file_path: 'spec/foo/baz_spec.rb',
+        line_number: 3,
+        full_description: 'hello GitLab'
+      },
+      execution_result: double(status: 'passed', exception: nil)
+    }
+  end
+
+  before do
+    # Stub these env variables otherwise specs don't behave the same on the CI
+    stub_env('CI_PROJECT_URL', nil)
+    stub_env('CI_JOB_ID', nil)
+  end
+
+  describe '#initialize' do
+    shared_examples 'a valid Listener instance' do
+      let(:expected_all_flaky_examples) { {} }
+
+      it 'returns a valid Listener instance' do
+        listener = described_class.new
+
+        expect(listener.to_report(listener.all_flaky_examples))
+          .to match(hash_including(expected_all_flaky_examples))
+        expect(listener.new_flaky_examples).to eq({})
+      end
+    end
+
+    context 'when no report file exists' do
+      it_behaves_like 'a valid Listener instance'
+    end
+
+    context 'when a report file exists and set by ALL_FLAKY_RSPEC_REPORT_PATH' do
+      let(:report_file) do
+        Tempfile.new(%w[rspec_flaky_report .json]).tap do |f|
+          f.write(JSON.pretty_generate(flaky_example_report))
+          f.rewind
+        end
+      end
+
+      before do
+        stub_env('ALL_FLAKY_RSPEC_REPORT_PATH', report_file.path)
+      end
+
+      after do
+        report_file.close
+        report_file.unlink
+      end
+
+      it_behaves_like 'a valid Listener instance' do
+        let(:expected_all_flaky_examples) { flaky_example_report }
+      end
+    end
+  end
+
+  describe '#example_passed' do
+    let(:rspec_example) { double(example_attrs) }
+    let(:notification) { double(example: rspec_example) }
+
+    shared_examples 'a non-flaky example' do
+      it 'does not change the flaky examples hash' do
+        expect { subject.example_passed(notification) }
+          .not_to change { subject.all_flaky_examples }
+      end
+    end
+
+    describe 'when the RSpec example does not respond to attempts' do
+      it_behaves_like 'a non-flaky example'
+    end
+
+    describe 'when the RSpec example has 1 attempt' do
+      let(:rspec_example) { double(example_attrs.merge(attempts: 1)) }
+
+      it_behaves_like 'a non-flaky example'
+    end
+
+    describe 'when the RSpec example has 2 attempts' do
+      let(:rspec_example) { double(example_attrs.merge(attempts: 2)) }
+      let(:expected_new_flaky_example) do
+        {
+          example_id: 'spec/foo/baz_spec.rb:3',
+          file: 'spec/foo/baz_spec.rb',
+          line: 3,
+          description: 'hello GitLab',
+          first_flaky_at: instance_of(Time),
+          last_flaky_at: instance_of(Time),
+          last_attempts_count: 2,
+          flaky_reports: 1,
+          last_flaky_job: nil
+        }
+      end
+
+      it 'does not change the flaky examples hash' do
+        expect { subject.example_passed(notification) }
+          .to change { subject.all_flaky_examples }
+
+        new_example = RspecFlaky::Example.new(rspec_example)
+
+        expect(subject.all_flaky_examples[new_example.uid].to_h)
+          .to match(hash_including(expected_new_flaky_example))
+      end
+    end
+  end
+
+  describe '#dump_summary' do
+    let(:rspec_example) { double(example_attrs) }
+    let(:notification) { double(example: rspec_example) }
+
+    context 'when a report file path is set by ALL_FLAKY_RSPEC_REPORT_PATH' do
+      let(:report_file_path) { Rails.root.join('tmp', 'rspec_flaky_report.json') }
+
+      before do
+        stub_env('ALL_FLAKY_RSPEC_REPORT_PATH', report_file_path)
+        FileUtils.rm(report_file_path) if File.exist?(report_file_path)
+      end
+
+      after do
+        FileUtils.rm(report_file_path) if File.exist?(report_file_path)
+      end
+
+      context 'when FLAKY_RSPEC_GENERATE_REPORT == "false"' do
+        before do
+          stub_env('FLAKY_RSPEC_GENERATE_REPORT', 'false')
+        end
+
+        it 'does not write the report file' do
+          subject.example_passed(notification)
+
+          subject.dump_summary(nil)
+
+          expect(File.exist?(report_file_path)).to be(false)
+        end
+      end
+
+      context 'when FLAKY_RSPEC_GENERATE_REPORT == "true"' do
+        before do
+          stub_env('FLAKY_RSPEC_GENERATE_REPORT', 'true')
+        end
+
+        it 'writes the report file' do
+          subject.example_passed(notification)
+
+          subject.dump_summary(nil)
+
+          expect(File.exist?(report_file_path)).to be(true)
+        end
+      end
+    end
+  end
+
+  describe '#to_report' do
+    it 'transforms the internal hash to a JSON-ready hash' do
+      expect(subject.to_report('abc123' => RspecFlaky::FlakyExample.new(flaky_example_report['abc123'])))
+        .to match(hash_including(flaky_example_report))
+    end
+  end
+end
diff --git a/spec/lib/system_check/simple_executor_spec.rb b/spec/lib/system_check/simple_executor_spec.rb
index 025ea2673b4..4de5da984ba 100644
--- a/spec/lib/system_check/simple_executor_spec.rb
+++ b/spec/lib/system_check/simple_executor_spec.rb
@@ -240,7 +240,7 @@ describe SystemCheck::SimpleExecutor do
 
     context 'when there is an exception' do
       it 'rescues the exception' do
-        expect{ subject.run_check(BugousCheck) }.not_to raise_exception
+        expect { subject.run_check(BugousCheck) }.not_to raise_exception
       end
     end
   end
diff --git a/spec/mailers/notify_spec.rb b/spec/mailers/notify_spec.rb
index e36d7a1800c..1fa59ebd22b 100644
--- a/spec/mailers/notify_spec.rb
+++ b/spec/mailers/notify_spec.rb
@@ -545,7 +545,7 @@ describe Notify do
       let(:note_author) { create(:user, name: 'author_name') }
       let(:note) { create(:note, project: project, author: note_author) }
 
-      before :each do
+      before do
         allow(Note).to receive(:find).with(note.id).and_return(note)
       end
 
@@ -661,7 +661,7 @@ describe Notify do
       let(:project) { create(:project, :repository) }
       let(:note_author) { create(:user, name: 'author_name') }
 
-      before :each do
+      before do
         allow(Note).to receive(:find).with(note.id).and_return(note)
       end
 
@@ -779,7 +779,7 @@ describe Notify do
     context 'items that are noteable, the email for a diff discussion note' do
       let(:note_author) { create(:user, name: 'author_name') }
 
-      before :each do
+      before do
         allow(Note).to receive(:find).with(note.id).and_return(note)
       end
 
diff --git a/spec/migrations/clean_upload_symlinks_spec.rb b/spec/migrations/clean_upload_symlinks_spec.rb
index cecb3ddac53..26653b9c008 100644
--- a/spec/migrations/clean_upload_symlinks_spec.rb
+++ b/spec/migrations/clean_upload_symlinks_spec.rb
@@ -5,7 +5,7 @@ describe CleanUploadSymlinks do
   let(:migration) { described_class.new }
   let(:test_dir) { File.join(Rails.root, "tmp", "tests", "move_uploads_test") }
   let(:uploads_dir) { File.join(test_dir, "public", "uploads") }
-  let(:new_uploads_dir) { File.join(uploads_dir, "system") }
+  let(:new_uploads_dir) { File.join(uploads_dir, "-", "system") }
   let(:original_path) { File.join(new_uploads_dir, 'user') }
   let(:symlink_path) { File.join(uploads_dir, 'user') }
 
diff --git a/spec/migrations/migrate_process_commit_worker_jobs_spec.rb b/spec/migrations/migrate_process_commit_worker_jobs_spec.rb
index cf2d5827306..e5793a3c0ee 100644
--- a/spec/migrations/migrate_process_commit_worker_jobs_spec.rb
+++ b/spec/migrations/migrate_process_commit_worker_jobs_spec.rb
@@ -6,7 +6,7 @@ require Rails.root.join('db', 'migrate', '20161124141322_migrate_process_commit_
 describe MigrateProcessCommitWorkerJobs do
   let(:project) { create(:project, :repository) }
   let(:user) { create(:user) }
-  let(:commit) { project.commit.raw.raw_commit }
+  let(:commit) { project.commit.raw.rugged_commit }
 
   describe 'Project' do
     describe 'find_including_path' do
diff --git a/spec/migrations/move_personal_snippets_files_spec.rb b/spec/migrations/move_personal_snippets_files_spec.rb
index 8505c7bf3e3..1a319eccc0d 100644
--- a/spec/migrations/move_personal_snippets_files_spec.rb
+++ b/spec/migrations/move_personal_snippets_files_spec.rb
@@ -5,7 +5,7 @@ describe MovePersonalSnippetsFiles do
   let(:migration) { described_class.new }
   let(:test_dir) { File.join(Rails.root, "tmp", "tests", "move_snippet_files_test") }
   let(:uploads_dir) { File.join(test_dir, 'uploads') }
-  let(:new_uploads_dir) { File.join(uploads_dir, 'system') }
+  let(:new_uploads_dir) { File.join(uploads_dir, '-', 'system') }
 
   before do
     allow(CarrierWave).to receive(:root).and_return(test_dir)
@@ -42,7 +42,7 @@ describe MovePersonalSnippetsFiles do
     describe 'updating the markdown' do
       it 'includes the new path when the file exists' do
         secret = "secret#{snippet.id}"
-        file_location = "/uploads/system/personal_snippet/#{snippet.id}/#{secret}/picture.jpg"
+        file_location = "/uploads/-/system/personal_snippet/#{snippet.id}/#{secret}/picture.jpg"
 
         migration.up
 
@@ -60,7 +60,7 @@ describe MovePersonalSnippetsFiles do
 
       it 'updates the note markdown' do
         secret = "secret#{snippet.id}"
-        file_location = "/uploads/system/personal_snippet/#{snippet.id}/#{secret}/picture.jpg"
+        file_location = "/uploads/-/system/personal_snippet/#{snippet.id}/#{secret}/picture.jpg"
         markdown = markdown_linking_file('picture.jpg', snippet)
         note = create(:note_on_personal_snippet, noteable: snippet, note: "with #{markdown}")
 
@@ -108,7 +108,7 @@ describe MovePersonalSnippetsFiles do
 
       it 'keeps the markdown as is when the file is missing' do
         secret = "secret#{snippet_with_missing_file.id}"
-        file_location = "/uploads/system/personal_snippet/#{snippet_with_missing_file.id}/#{secret}/picture.jpg"
+        file_location = "/uploads/-/system/personal_snippet/#{snippet_with_missing_file.id}/#{secret}/picture.jpg"
 
         migration.down
 
@@ -167,7 +167,7 @@ describe MovePersonalSnippetsFiles do
   def markdown_linking_file(filename, snippet, in_new_path: false)
     markdown =  "![#{filename.split('.')[0]}]"
     markdown += '(/uploads'
-    markdown += '/system' if in_new_path
+    markdown += '/-/system' if in_new_path
     markdown += "/#{model_file_path(filename, snippet)})"
     markdown
   end
diff --git a/spec/migrations/move_system_upload_folder_spec.rb b/spec/migrations/move_system_upload_folder_spec.rb
index b622b4e9536..d3180477db3 100644
--- a/spec/migrations/move_system_upload_folder_spec.rb
+++ b/spec/migrations/move_system_upload_folder_spec.rb
@@ -33,6 +33,15 @@ describe MoveSystemUploadFolder do
       expect(File.symlink?(File.join(test_base, 'system'))).to be_truthy
       expect(File.exist?(File.join(test_base, 'system', 'file'))).to be_truthy
     end
+
+    it 'does not move if the target directory already exists' do
+      FileUtils.mkdir_p(File.join(test_base, '-', 'system'))
+
+      expect(FileUtils).not_to receive(:mv)
+      expect(migration).to receive(:say).with(/already exists. No need to redo the move/)
+
+      migration.up
+    end
   end
 
   describe '#down' do
@@ -58,5 +67,14 @@ describe MoveSystemUploadFolder do
       expect(File.directory?(File.join(test_base, 'system'))).to be_truthy
       expect(File.symlink?(File.join(test_base, 'system'))).to be_falsey
     end
+
+    it 'does not move if the old directory already exists' do
+      FileUtils.mkdir_p(File.join(test_base, 'system'))
+
+      expect(FileUtils).not_to receive(:mv)
+      expect(migration).to receive(:say).with(/already exists and is not a symlink, no need to revert/)
+
+      migration.down
+    end
   end
 end
diff --git a/spec/migrations/move_uploads_to_system_dir_spec.rb b/spec/migrations/move_uploads_to_system_dir_spec.rb
index 37d66452447..ca11a2004c5 100644
--- a/spec/migrations/move_uploads_to_system_dir_spec.rb
+++ b/spec/migrations/move_uploads_to_system_dir_spec.rb
@@ -5,7 +5,7 @@ describe MoveUploadsToSystemDir do
   let(:migration) { described_class.new }
   let(:test_dir) { File.join(Rails.root, "tmp", "move_uploads_test") }
   let(:uploads_dir) { File.join(test_dir, "public", "uploads") }
-  let(:new_uploads_dir) { File.join(uploads_dir, "system") }
+  let(:new_uploads_dir) { File.join(uploads_dir, "-", "system") }
 
   before do
     FileUtils.remove_dir(test_dir) if File.directory?(test_dir)
diff --git a/spec/migrations/rename_system_namespaces_spec.rb b/spec/migrations/rename_system_namespaces_spec.rb
deleted file mode 100644
index 747694cbe33..00000000000
--- a/spec/migrations/rename_system_namespaces_spec.rb
+++ /dev/null
@@ -1,254 +0,0 @@
-require "spec_helper"
-require Rails.root.join("db", "migrate", "20170316163800_rename_system_namespaces.rb")
-
-describe RenameSystemNamespaces, truncate: true do
-  let(:migration) { described_class.new }
-  let(:test_dir) { File.join(Rails.root, "tmp", "tests", "rename_namespaces_test") }
-  let(:uploads_dir) { File.join(test_dir, "public", "uploads") }
-  let(:system_namespace) do
-    namespace = build(:namespace, path: "system")
-    namespace.save(validate: false)
-    namespace
-  end
-
-  def save_invalid_routable(routable)
-    routable.__send__(:prepare_route)
-    routable.save(validate: false)
-  end
-
-  before do
-    FileUtils.remove_dir(test_dir) if File.directory?(test_dir)
-    FileUtils.mkdir_p(uploads_dir)
-    FileUtils.remove_dir(TestEnv.repos_path) if File.directory?(TestEnv.repos_path)
-    allow(migration).to receive(:say)
-    allow(migration).to receive(:uploads_dir).and_return(uploads_dir)
-  end
-
-  describe "#system_namespace" do
-    it "only root namespaces called with path `system`" do
-      system_namespace
-      system_namespace_with_parent = build(:namespace, path: 'system', parent: create(:namespace))
-      system_namespace_with_parent.save(validate: false)
-
-      expect(migration.system_namespace.id).to eq(system_namespace.id)
-    end
-  end
-
-  describe "#up" do
-    before do
-      system_namespace
-    end
-
-    it "doesn't break if there are no namespaces called system" do
-      Namespace.delete_all
-
-      migration.up
-    end
-
-    it "renames namespaces called system" do
-      migration.up
-
-      expect(system_namespace.reload.path).to eq("system0")
-    end
-
-    it "renames the route to the namespace" do
-      migration.up
-
-      expect(system_namespace.reload.full_path).to eq("system0")
-    end
-
-    it "renames the route for projects of the namespace" do
-      project = build(:project, :repository, path: "project-path", namespace: system_namespace)
-      save_invalid_routable(project)
-
-      migration.up
-
-      expect(project.route.reload.path).to eq("system0/project-path")
-    end
-
-    it "doesn't touch routes of namespaces that look like system" do
-      namespace = create(:group, path: 'systemlookalike')
-      project = create(:project, :repository, namespace: namespace, path: 'the-project')
-
-      migration.up
-
-      expect(project.route.reload.path).to eq('systemlookalike/the-project')
-      expect(namespace.route.reload.path).to eq('systemlookalike')
-    end
-
-    it "moves the the repository for a project in the namespace" do
-      project = build(:project, :repository, namespace: system_namespace, path: "system-project")
-      save_invalid_routable(project)
-      TestEnv.copy_repo(project,
-                        bare_repo: TestEnv.factory_repo_path_bare,
-                        refs: TestEnv::BRANCH_SHA)
-      expected_repo = File.join(TestEnv.repos_path, "system0", "system-project.git")
-
-      migration.up
-
-      expect(File.directory?(expected_repo)).to be(true)
-    end
-
-    it "moves the uploads for the namespace" do
-      allow(migration).to receive(:move_namespace_folders).with(Settings.pages.path, "system", "system0")
-      expect(migration).to receive(:move_namespace_folders).with(uploads_dir, "system", "system0")
-
-      migration.up
-    end
-
-    it "moves the pages for the namespace" do
-      allow(migration).to receive(:move_namespace_folders).with(uploads_dir, "system", "system0")
-      expect(migration).to receive(:move_namespace_folders).with(Settings.pages.path, "system", "system0")
-
-      migration.up
-    end
-
-    describe "clears the markdown cache for projects in the system namespace" do
-      let!(:project) do
-        project = build(:project, :repository, namespace: system_namespace)
-        save_invalid_routable(project)
-        project
-      end
-
-      it 'removes description_html from projects' do
-        migration.up
-
-        expect(project.reload.description_html).to be_nil
-      end
-
-      it 'removes issue descriptions' do
-        issue = create(:issue, project: project, description_html: 'Issue description')
-
-        migration.up
-
-        expect(issue.reload.description_html).to be_nil
-      end
-
-      it 'removes merge request descriptions' do
-        merge_request = create(:merge_request,
-                               source_project: project,
-                               target_project: project,
-                               description_html: 'MergeRequest description')
-
-        migration.up
-
-        expect(merge_request.reload.description_html).to be_nil
-      end
-
-      it 'removes note html' do
-        note = create(:note,
-                      project: project,
-                      noteable: create(:issue, project: project),
-                      note_html: 'note description')
-
-        migration.up
-
-        expect(note.reload.note_html).to be_nil
-      end
-
-      it 'removes milestone description' do
-        milestone = create(:milestone,
-                           project: project,
-                           description_html: 'milestone description')
-
-        migration.up
-
-        expect(milestone.reload.description_html).to be_nil
-      end
-    end
-
-    context "system namespace -> subgroup -> system0 project" do
-      it "updates the route of the project correctly" do
-        subgroup = build(:group, path: "subgroup", parent: system_namespace)
-        save_invalid_routable(subgroup)
-        project = build(:project, :repository, path: "system0", namespace: subgroup)
-        save_invalid_routable(project)
-
-        migration.up
-
-        expect(project.route.reload.path).to eq("system0/subgroup/system0")
-      end
-    end
-  end
-
-  describe "#move_repositories" do
-    let(:namespace) { create(:group, name: "hello-group") }
-    it "moves a project for a namespace" do
-      create(:project, :repository, namespace: namespace, path: "hello-project")
-      expected_path = File.join(TestEnv.repos_path, "bye-group", "hello-project.git")
-
-      migration.move_repositories(namespace, "hello-group", "bye-group")
-
-      expect(File.directory?(expected_path)).to be(true)
-    end
-
-    it "moves a namespace in a subdirectory correctly" do
-      child_namespace = create(:group, name: "sub-group", parent: namespace)
-      create(:project, :repository, namespace: child_namespace, path: "hello-project")
-
-      expected_path = File.join(TestEnv.repos_path, "hello-group", "renamed-sub-group", "hello-project.git")
-
-      migration.move_repositories(child_namespace, "hello-group/sub-group", "hello-group/renamed-sub-group")
-
-      expect(File.directory?(expected_path)).to be(true)
-    end
-
-    it "moves a parent namespace with subdirectories" do
-      child_namespace = create(:group, name: "sub-group", parent: namespace)
-      create(:project, :repository, namespace: child_namespace, path: "hello-project")
-      expected_path = File.join(TestEnv.repos_path, "renamed-group", "sub-group", "hello-project.git")
-
-      migration.move_repositories(child_namespace, "hello-group", "renamed-group")
-
-      expect(File.directory?(expected_path)).to be(true)
-    end
-  end
-
-  describe "#move_namespace_folders" do
-    it "moves a namespace with files" do
-      source = File.join(uploads_dir, "parent-group", "sub-group")
-      FileUtils.mkdir_p(source)
-      destination = File.join(uploads_dir, "parent-group", "moved-group")
-      FileUtils.touch(File.join(source, "test.txt"))
-      expected_file = File.join(destination, "test.txt")
-
-      migration.move_namespace_folders(uploads_dir, File.join("parent-group", "sub-group"), File.join("parent-group", "moved-group"))
-
-      expect(File.exist?(expected_file)).to be(true)
-    end
-
-    it "moves a parent namespace uploads" do
-      source = File.join(uploads_dir, "parent-group", "sub-group")
-      FileUtils.mkdir_p(source)
-      destination = File.join(uploads_dir, "moved-parent", "sub-group")
-      FileUtils.touch(File.join(source, "test.txt"))
-      expected_file = File.join(destination, "test.txt")
-
-      migration.move_namespace_folders(uploads_dir, "parent-group", "moved-parent")
-
-      expect(File.exist?(expected_file)).to be(true)
-    end
-  end
-
-  describe "#child_ids_for_parent" do
-    it "collects child ids for all levels" do
-      parent = create(:group)
-      first_child = create(:group, parent: parent)
-      second_child = create(:group, parent: parent)
-      third_child = create(:group, parent: second_child)
-      all_ids = [parent.id, first_child.id, second_child.id, third_child.id]
-
-      collected_ids = migration.child_ids_for_parent(parent, ids: [parent.id])
-
-      expect(collected_ids).to contain_exactly(*all_ids)
-    end
-  end
-
-  describe "#remove_last_ocurrence" do
-    it "removes only the last occurance of a string" do
-      input = "this/is/system/namespace/with/system"
-
-      expect(migration.remove_last_occurrence(input, "system")).to eq("this/is/system/namespace/with/")
-    end
-  end
-end
diff --git a/spec/migrations/update_upload_paths_to_system_spec.rb b/spec/migrations/update_upload_paths_to_system_spec.rb
index 11412005b72..0a45c5ea32d 100644
--- a/spec/migrations/update_upload_paths_to_system_spec.rb
+++ b/spec/migrations/update_upload_paths_to_system_spec.rb
@@ -11,7 +11,7 @@ describe UpdateUploadPathsToSystem do
   describe "#uploads_to_switch_to_new_path" do
     it "contains only uploads with the old path for the correct models" do
       _upload_for_other_type = create(:upload, model: create(:ci_pipeline), path: "uploads/ci_pipeline/avatar.jpg")
-      _upload_with_system_path = create(:upload, model: create(:project), path: "uploads/system/project/avatar.jpg")
+      _upload_with_system_path = create(:upload, model: create(:project), path: "uploads/-/system/project/avatar.jpg")
       _upload_with_other_path = create(:upload, model: create(:project), path: "thelongsecretforafileupload/avatar.jpg")
       old_upload = create(:upload, model: create(:project), path: "uploads/project/avatar.jpg")
       group_upload = create(:upload, model: create(:group), path: "uploads/group/avatar.jpg")
@@ -23,7 +23,7 @@ describe UpdateUploadPathsToSystem do
   describe "#uploads_to_switch_to_old_path" do
     it "contains only uploads with the new path for the correct models" do
       _upload_for_other_type = create(:upload, model: create(:ci_pipeline), path: "uploads/ci_pipeline/avatar.jpg")
-      upload_with_system_path = create(:upload, model: create(:project), path: "uploads/system/project/avatar.jpg")
+      upload_with_system_path = create(:upload, model: create(:project), path: "uploads/-/system/project/avatar.jpg")
       _upload_with_other_path = create(:upload, model: create(:project), path: "thelongsecretforafileupload/avatar.jpg")
       _old_upload = create(:upload, model: create(:project), path: "uploads/project/avatar.jpg")
 
@@ -37,13 +37,13 @@ describe UpdateUploadPathsToSystem do
 
       migration.up
 
-      expect(old_upload.reload.path).to eq("uploads/system/project/avatar.jpg")
+      expect(old_upload.reload.path).to eq("uploads/-/system/project/avatar.jpg")
     end
   end
 
   describe "#down", truncate: true do
     it "updates the new system patsh to the old paths" do
-      new_upload = create(:upload, model: create(:project), path: "uploads/system/project/avatar.jpg")
+      new_upload = create(:upload, model: create(:project), path: "uploads/-/system/project/avatar.jpg")
 
       migration.down
 
diff --git a/spec/models/appearance_spec.rb b/spec/models/appearance_spec.rb
index 7cd3a84d592..b5d5d58697b 100644
--- a/spec/models/appearance_spec.rb
+++ b/spec/models/appearance_spec.rb
@@ -9,4 +9,39 @@ RSpec.describe Appearance do
   it { is_expected.to validate_presence_of(:description) }
 
   it { is_expected.to have_many(:uploads).dependent(:destroy) }
+
+  describe '.current', :use_clean_rails_memory_store_caching do
+    let!(:appearance) { create(:appearance) }
+
+    it 'returns the current appearance row' do
+      expect(described_class.current).to eq(appearance)
+    end
+
+    it 'caches the result' do
+      expect(described_class).to receive(:first).once
+
+      2.times { described_class.current }
+    end
+  end
+
+  describe '#flush_redis_cache' do
+    it 'flushes the cache in Redis' do
+      appearance = create(:appearance)
+
+      expect(Rails.cache).to receive(:delete).with(described_class::CACHE_KEY)
+
+      appearance.flush_redis_cache
+    end
+  end
+
+  describe '#single_appearance_row' do
+    it 'adds an error when more than 1 row exists' do
+      create(:appearance)
+
+      new_row = build(:appearance)
+      new_row.save
+
+      expect(new_row.valid?).to eq(false)
+    end
+  end
 end
diff --git a/spec/models/broadcast_message_spec.rb b/spec/models/broadcast_message_spec.rb
index a8ca1d110e4..3369aef1d3e 100644
--- a/spec/models/broadcast_message_spec.rb
+++ b/spec/models/broadcast_message_spec.rb
@@ -20,7 +20,7 @@ describe BroadcastMessage do
     it { is_expected.not_to allow_value('000').for(:font) }
   end
 
-  describe '.current' do
+  describe '.current', :use_clean_rails_memory_store_caching do
     it 'returns message if time match' do
       message = create(:broadcast_message)
 
@@ -45,6 +45,14 @@ describe BroadcastMessage do
 
       expect(described_class.current).to be_empty
     end
+
+    it 'caches the output of the query' do
+      create(:broadcast_message)
+
+      expect(described_class).to receive(:where).and_call_original.once
+
+      2.times { described_class.current }
+    end
   end
 
   describe '#active?' do
@@ -102,4 +110,14 @@ describe BroadcastMessage do
       end
     end
   end
+
+  describe '#flush_redis_cache' do
+    it 'flushes the Redis cache' do
+      message = create(:broadcast_message)
+
+      expect(Rails.cache).to receive(:delete).with(described_class::CACHE_KEY)
+
+      message.flush_redis_cache
+    end
+  end
 end
diff --git a/spec/models/commit_spec.rb b/spec/models/commit_spec.rb
index 08693b5da33..c18c635d811 100644
--- a/spec/models/commit_spec.rb
+++ b/spec/models/commit_spec.rb
@@ -33,7 +33,6 @@ describe Commit do
 
   describe '#to_reference' do
     let(:project) { create(:project, :repository, path: 'sample-project') }
-    let(:commit)  { project.commit }
 
     it 'returns a String reference to the object' do
       expect(commit.to_reference).to eq commit.id
@@ -47,7 +46,6 @@ describe Commit do
 
   describe '#reference_link_text' do
     let(:project) { create(:project, :repository, path: 'sample-project') }
-    let(:commit)  { project.commit }
 
     it 'returns a String reference to the object' do
       expect(commit.reference_link_text).to eq commit.short_id
@@ -191,7 +189,7 @@ eos
 
     it { expect(data).to be_a(Hash) }
     it { expect(data[:message]).to include('adds bar folder and branch-test text file to check Repository merged_to_root_ref method') }
-    it { expect(data[:timestamp]).to eq('2016-09-27T14:37:46+00:00') }
+    it { expect(data[:timestamp]).to eq('2016-09-27T14:37:46Z') }
     it { expect(data[:added]).to eq(["bar/branch-test.txt"]) }
     it { expect(data[:modified]).to eq([]) }
     it { expect(data[:removed]).to eq([]) }
diff --git a/spec/models/commit_status_spec.rb b/spec/models/commit_status_spec.rb
index 6fb4794ea5f..8c4a366ef8f 100644
--- a/spec/models/commit_status_spec.rb
+++ b/spec/models/commit_status_spec.rb
@@ -425,7 +425,7 @@ describe CommitStatus do
       end
 
       it "raise exception when trying to update" do
-        expect{ commit_status.save }.to raise_error(ActiveRecord::StaleObjectError)
+        expect { commit_status.save }.to raise_error(ActiveRecord::StaleObjectError)
       end
     end
 
diff --git a/spec/models/concerns/issuable_spec.rb b/spec/models/concerns/issuable_spec.rb
index 0137f71be8f..dfbe1a7c192 100644
--- a/spec/models/concerns/issuable_spec.rb
+++ b/spec/models/concerns/issuable_spec.rb
@@ -300,7 +300,7 @@ describe Issuable do
     let(:bug) { create(:label, project: project, title: 'bug') }
     let(:issue) { create(:issue, project: project) }
 
-    before(:each) do
+    before do
       issue.labels << bug
     end
 
@@ -402,7 +402,7 @@ describe Issuable do
     let(:issue2) { create(:issue, title: "Bugfix2", project: project) }
     let(:issue3) { create(:issue, title: "Feature1", project: project) }
 
-    before(:each) do
+    before do
       issue1.labels << bug
       issue1.labels << feature
       issue2.labels << bug
diff --git a/spec/models/concerns/reactive_caching_spec.rb b/spec/models/concerns/reactive_caching_spec.rb
index 5f9b7e0a367..a5d505af001 100644
--- a/spec/models/concerns/reactive_caching_spec.rb
+++ b/spec/models/concerns/reactive_caching_spec.rb
@@ -31,7 +31,7 @@ describe ReactiveCaching, :use_clean_rails_memory_store_caching do
 
   let(:now) { Time.now.utc }
 
-  around(:each) do |example|
+  around do |example|
     Timecop.freeze(now) { example.run }
   end
 
diff --git a/spec/models/event_collection_spec.rb b/spec/models/event_collection_spec.rb
new file mode 100644
index 00000000000..e0a87c18cc7
--- /dev/null
+++ b/spec/models/event_collection_spec.rb
@@ -0,0 +1,51 @@
+require 'spec_helper'
+
+describe EventCollection do
+  describe '#to_a' do
+    let(:project) { create(:project_empty_repo) }
+    let(:projects) { Project.where(id: project.id) }
+    let(:user) { create(:user) }
+
+    before do
+      20.times do
+        event = create(:push_event, project: project, author: user)
+
+        create(:push_event_payload, event: event)
+      end
+
+      create(:closed_issue_event, project: project, author: user)
+    end
+
+    it 'returns an Array of events' do
+      events = described_class.new(projects).to_a
+
+      expect(events).to be_an_instance_of(Array)
+    end
+
+    it 'applies a limit to the number of events' do
+      events = described_class.new(projects).to_a
+
+      expect(events.length).to eq(20)
+    end
+
+    it 'can paginate through events' do
+      events = described_class.new(projects, offset: 20).to_a
+
+      expect(events.length).to eq(1)
+    end
+
+    it 'returns an empty Array when crossing the maximum page number' do
+      events = described_class.new(projects, limit: 1, offset: 15).to_a
+
+      expect(events).to be_empty
+    end
+
+    it 'allows filtering of events using an EventFilter' do
+      filter = EventFilter.new(EventFilter.issue)
+      events = described_class.new(projects, filter: filter).to_a
+
+      expect(events.length).to eq(1)
+      expect(events[0].action).to eq(Event::CLOSED)
+    end
+  end
+end
diff --git a/spec/models/event_spec.rb b/spec/models/event_spec.rb
index d86bf1a90a9..ff3224dd298 100644
--- a/spec/models/event_spec.rb
+++ b/spec/models/event_spec.rb
@@ -304,27 +304,15 @@ describe Event do
     end
   end
 
-  def create_push_event(project, user, attrs = {})
-    data = {
-      before: Gitlab::Git::BLANK_SHA,
-      after: "0220c11b9a3e6c69dc8fd35321254ca9a7b98f7e",
-      ref: "refs/heads/master",
-      user_id: user.id,
-      user_name: user.name,
-      repository: {
-        name: project.name,
-        url: "localhost/rubinius",
-        description: "",
-        homepage: "localhost/rubinius",
-        private: true
-      }
-    }
-
-    described_class.create({
-      project: project,
-      action: described_class::PUSHED,
-      data: data,
-      author_id: user.id
-    }.merge!(attrs))
+  def create_push_event(project, user)
+    event = create(:push_event, project: project, author: user)
+
+    create(:push_event_payload,
+           event: event,
+           commit_to: '1cf19a015df3523caf0a1f9d40c98a267d6a2fc2',
+           commit_count: 0,
+           ref: 'master')
+
+    event
   end
 end
diff --git a/spec/models/issue_spec.rb b/spec/models/issue_spec.rb
index c055863d298..9203f6562f2 100644
--- a/spec/models/issue_spec.rb
+++ b/spec/models/issue_spec.rb
@@ -57,18 +57,14 @@ describe Issue do
   end
 
   describe '#closed_at' do
-    after do
-      Timecop.return
-    end
-
-    let!(:now) { Timecop.freeze(Time.now) }
-
     it 'sets closed_at to Time.now when issue is closed' do
       issue = create(:issue, state: 'opened')
 
+      expect(issue.closed_at).to be_nil
+
       issue.close
 
-      expect(issue.closed_at).to eq(now)
+      expect(issue.closed_at).to be_present
     end
   end
 
@@ -350,7 +346,7 @@ describe Issue do
     subject { create(:issue, project: create(:project, :repository)) }
 
     let(:backref_text) { "issue #{subject.to_reference}" }
-    let(:set_mentionable_text) { ->(txt){ subject.description = txt } }
+    let(:set_mentionable_text) { ->(txt) { subject.description = txt } }
   end
 
   it_behaves_like 'a Taskable' do
diff --git a/spec/models/members/project_member_spec.rb b/spec/models/members/project_member_spec.rb
index f1d1f37c78a..fa3e80ba062 100644
--- a/spec/models/members/project_member_spec.rb
+++ b/spec/models/members/project_member_spec.rb
@@ -149,7 +149,7 @@ describe ProjectMember do
   describe 'notifications' do
     describe '#after_accept_request' do
       it 'calls NotificationService.new_project_member' do
-        member = create(:project_member, user: build_stubbed(:user), requested_at: Time.now)
+        member = create(:project_member, user: create(:user), requested_at: Time.now)
 
         expect_any_instance_of(NotificationService).to receive(:new_project_member)
 
diff --git a/spec/models/merge_request_spec.rb b/spec/models/merge_request_spec.rb
index 3402c260f27..026bdbd26d1 100644
--- a/spec/models/merge_request_spec.rb
+++ b/spec/models/merge_request_spec.rb
@@ -681,7 +681,7 @@ describe MergeRequest do
       end
 
       it 'does not crash' do
-        expect{ subject.diverged_commits_count }.not_to raise_error
+        expect { subject.diverged_commits_count }.not_to raise_error
       end
 
       it 'returns 0' do
@@ -714,7 +714,7 @@ describe MergeRequest do
     end
 
     describe 'caching' do
-      before(:example) do
+      before do
         allow(Rails).to receive(:cache).and_return(ActiveSupport::Cache::MemoryStore.new)
       end
 
@@ -753,7 +753,7 @@ describe MergeRequest do
     subject { create(:merge_request, :simple) }
 
     let(:backref_text) { "merge request #{subject.to_reference}" }
-    let(:set_mentionable_text) { ->(txt){ subject.description = txt } }
+    let(:set_mentionable_text) { ->(txt) { subject.description = txt } }
   end
 
   it_behaves_like 'a Taskable' do
@@ -1369,6 +1369,32 @@ describe MergeRequest do
     end
   end
 
+  describe '#merge_ongoing?' do
+    it 'returns true when merge process is ongoing for merge_jid' do
+      merge_request = create(:merge_request, merge_jid: 'foo')
+
+      allow(Gitlab::SidekiqStatus).to receive(:num_running).with(['foo']).and_return(1)
+
+      expect(merge_request.merge_ongoing?).to be(true)
+    end
+
+    it 'returns false when no merge process running for merge_jid' do
+      merge_request = build(:merge_request, merge_jid: 'foo')
+
+      allow(Gitlab::SidekiqStatus).to receive(:num_running).with(['foo']).and_return(0)
+
+      expect(merge_request.merge_ongoing?).to be(false)
+    end
+
+    it 'returns false when merge_jid is nil' do
+      merge_request = build(:merge_request, merge_jid: nil)
+
+      expect(Gitlab::SidekiqStatus).not_to receive(:num_running)
+
+      expect(merge_request.merge_ongoing?).to be(false)
+    end
+  end
+
   describe "#closed_without_fork?" do
     let(:project)      { create(:project) }
     let(:fork_project) { create(:project, forked_from_project: project) }
diff --git a/spec/models/namespace_spec.rb b/spec/models/namespace_spec.rb
index 1a00c50690c..69286eff984 100644
--- a/spec/models/namespace_spec.rb
+++ b/spec/models/namespace_spec.rb
@@ -315,6 +315,20 @@ describe Namespace do
     end
   end
 
+  describe '#self_and_ancestors', :nested_groups do
+    let(:group) { create(:group) }
+    let(:nested_group) { create(:group, parent: group) }
+    let(:deep_nested_group) { create(:group, parent: nested_group) }
+    let(:very_deep_nested_group) { create(:group, parent: deep_nested_group) }
+
+    it 'returns the correct ancestors' do
+      expect(very_deep_nested_group.self_and_ancestors).to contain_exactly(group, nested_group, deep_nested_group, very_deep_nested_group)
+      expect(deep_nested_group.self_and_ancestors).to contain_exactly(group, nested_group, deep_nested_group)
+      expect(nested_group.self_and_ancestors).to contain_exactly(group, nested_group)
+      expect(group.self_and_ancestors).to contain_exactly(group)
+    end
+  end
+
   describe '#descendants', :nested_groups do
     let!(:group) { create(:group, path: 'git_lab') }
     let!(:nested_group) { create(:group, parent: group) }
@@ -331,6 +345,22 @@ describe Namespace do
     end
   end
 
+  describe '#self_and_descendants', :nested_groups do
+    let!(:group) { create(:group, path: 'git_lab') }
+    let!(:nested_group) { create(:group, parent: group) }
+    let!(:deep_nested_group) { create(:group, parent: nested_group) }
+    let!(:very_deep_nested_group) { create(:group, parent: deep_nested_group) }
+    let!(:another_group) { create(:group, path: 'gitllab') }
+    let!(:another_group_nested) { create(:group, path: 'foo', parent: another_group) }
+
+    it 'returns the correct descendants' do
+      expect(very_deep_nested_group.self_and_descendants).to contain_exactly(very_deep_nested_group)
+      expect(deep_nested_group.self_and_descendants).to contain_exactly(deep_nested_group, very_deep_nested_group)
+      expect(nested_group.self_and_descendants).to contain_exactly(nested_group, deep_nested_group, very_deep_nested_group)
+      expect(group.self_and_descendants).to contain_exactly(group, nested_group, deep_nested_group, very_deep_nested_group)
+    end
+  end
+
   describe '#users_with_descendants', :nested_groups do
     let(:user_a) { create(:user) }
     let(:user_b) { create(:user) }
diff --git a/spec/models/project_services/drone_ci_service_spec.rb b/spec/models/project_services/drone_ci_service_spec.rb
index 5b0f24ce306..d8972aff407 100644
--- a/spec/models/project_services/drone_ci_service_spec.rb
+++ b/spec/models/project_services/drone_ci_service_spec.rb
@@ -43,7 +43,7 @@ describe DroneCiService, :use_clean_rails_memory_store_caching do
     let(:build_page) { "#{drone_url}/gitlab/#{path}/redirect/commits/#{sha}?branch=#{branch}" }
     let(:commit_status_path) { "#{drone_url}/gitlab/#{path}/commits/#{sha}?branch=#{branch}&access_token=#{token}" }
 
-    before(:each) do
+    before do
       allow(drone).to receive_messages(
         project_id: project.id,
         project: project,
diff --git a/spec/models/project_services/hipchat_service_spec.rb b/spec/models/project_services/hipchat_service_spec.rb
index 7614bb897e8..23db29cb541 100644
--- a/spec/models/project_services/hipchat_service_spec.rb
+++ b/spec/models/project_services/hipchat_service_spec.rb
@@ -36,7 +36,7 @@ describe HipchatService do
       Gitlab::DataBuilder::Push.build_sample(project, user)
     end
 
-    before(:each) do
+    before do
       allow(hipchat).to receive_messages(
         project_id: project.id,
         project: project,
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 8f951605954..eba71ba2f72 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -485,7 +485,7 @@ describe Project do
 
     describe 'last_activity' do
       it 'alias last_activity to last_event' do
-        last_event = create(:event, project: project)
+        last_event = create(:event, :closed, project: project)
 
         expect(project.last_activity).to eq(last_event)
       end
@@ -493,7 +493,7 @@ describe Project do
 
     describe 'last_activity_date' do
       it 'returns the creation date of the project\'s last event if present' do
-        new_event = create(:event, project: project, created_at: Time.now)
+        new_event = create(:event, :closed, project: project, created_at: Time.now)
 
         project.reload
         expect(project.last_activity_at.to_i).to eq(new_event.created_at.to_i)
@@ -651,7 +651,7 @@ describe Project do
     let(:ext_project) { create(:redmine_project) }
 
     context 'on existing projects with no value for has_external_issue_tracker' do
-      before(:each) do
+      before do
         project.update_column(:has_external_issue_tracker, nil)
         ext_project.update_column(:has_external_issue_tracker, nil)
       end
@@ -1301,7 +1301,7 @@ describe Project do
 
       subject { project.rename_repo }
 
-      it { expect{subject}.to raise_error(StandardError) }
+      it { expect {subject}.to raise_error(StandardError) }
     end
   end
 
@@ -1832,6 +1832,11 @@ describe Project do
   describe '#change_head' do
     let(:project) { create(:project, :repository) }
 
+    it 'returns error if branch does not exist' do
+      expect(project.change_head('unexisted-branch')).to be false
+      expect(project.errors.size).to eq(1)
+    end
+
     it 'calls the before_change_head and after_change_head methods' do
       expect(project.repository).to receive(:before_change_head)
       expect(project.repository).to receive(:after_change_head)
@@ -2305,4 +2310,14 @@ describe Project do
       end
     end
   end
+
+  describe '#forks_count' do
+    it 'returns the number of forks' do
+      project = build(:project)
+
+      allow(project.forks).to receive(:count).and_return(1)
+
+      expect(project.forks_count).to eq(1)
+    end
+  end
 end
diff --git a/spec/models/push_event_payload_spec.rb b/spec/models/push_event_payload_spec.rb
new file mode 100644
index 00000000000..a049ad35584
--- /dev/null
+++ b/spec/models/push_event_payload_spec.rb
@@ -0,0 +1,16 @@
+require 'spec_helper'
+
+describe PushEventPayload do
+  describe 'saving payloads' do
+    it 'does not allow commit messages longer than 70 characters' do
+      event = create(:push_event)
+      payload = build(:push_event_payload, event: event)
+
+      expect(payload).to be_valid
+
+      payload.commit_title = 'a' * 100
+
+      expect(payload).not_to be_valid
+    end
+  end
+end
diff --git a/spec/models/push_event_spec.rb b/spec/models/push_event_spec.rb
new file mode 100644
index 00000000000..532fb024261
--- /dev/null
+++ b/spec/models/push_event_spec.rb
@@ -0,0 +1,202 @@
+require 'spec_helper'
+
+describe PushEvent do
+  let(:payload) { PushEventPayload.new }
+
+  let(:event) do
+    event = described_class.new
+
+    allow(event).to receive(:push_event_payload).and_return(payload)
+
+    event
+  end
+
+  describe '.sti_name' do
+    it 'returns Event::PUSHED' do
+      expect(described_class.sti_name).to eq(Event::PUSHED)
+    end
+  end
+
+  describe '#push?' do
+    it 'returns true' do
+      expect(event).to be_push
+    end
+  end
+
+  describe '#push_with_commits?' do
+    it 'returns true when both the first and last commit are present' do
+      allow(event).to receive(:commit_from).and_return('123')
+      allow(event).to receive(:commit_to).and_return('456')
+
+      expect(event).to be_push_with_commits
+    end
+
+    it 'returns false when the first commit is missing' do
+      allow(event).to receive(:commit_to).and_return('456')
+
+      expect(event).not_to be_push_with_commits
+    end
+
+    it 'returns false when the last commit is missing' do
+      allow(event).to receive(:commit_from).and_return('123')
+
+      expect(event).not_to be_push_with_commits
+    end
+  end
+
+  describe '#tag?' do
+    it 'returns true when pushing to a tag' do
+      allow(payload).to receive(:tag?).and_return(true)
+
+      expect(event).to be_tag
+    end
+
+    it 'returns false when pushing to a branch' do
+      allow(payload).to receive(:tag?).and_return(false)
+
+      expect(event).not_to be_tag
+    end
+  end
+
+  describe '#branch?' do
+    it 'returns true when pushing to a branch' do
+      allow(payload).to receive(:branch?).and_return(true)
+
+      expect(event).to be_branch
+    end
+
+    it 'returns false when pushing to a tag' do
+      allow(payload).to receive(:branch?).and_return(false)
+
+      expect(event).not_to be_branch
+    end
+  end
+
+  describe '#valid_push?' do
+    it 'returns true if a ref exists' do
+      allow(payload).to receive(:ref).and_return('master')
+
+      expect(event).to be_valid_push
+    end
+
+    it 'returns false when no ref is present' do
+      expect(event).not_to be_valid_push
+    end
+  end
+
+  describe '#new_ref?' do
+    it 'returns true when pushing a new ref' do
+      allow(payload).to receive(:created?).and_return(true)
+
+      expect(event).to be_new_ref
+    end
+
+    it 'returns false when pushing to an existing ref' do
+      allow(payload).to receive(:created?).and_return(false)
+
+      expect(event).not_to be_new_ref
+    end
+  end
+
+  describe '#rm_ref?' do
+    it 'returns true when removing an existing ref' do
+      allow(payload).to receive(:removed?).and_return(true)
+
+      expect(event).to be_rm_ref
+    end
+
+    it 'returns false when pushing to an existing ref' do
+      allow(payload).to receive(:removed?).and_return(false)
+
+      expect(event).not_to be_rm_ref
+    end
+  end
+
+  describe '#commit_from' do
+    it 'returns the first commit SHA' do
+      allow(payload).to receive(:commit_from).and_return('123')
+
+      expect(event.commit_from).to eq('123')
+    end
+  end
+
+  describe '#commit_to' do
+    it 'returns the last commit SHA' do
+      allow(payload).to receive(:commit_to).and_return('123')
+
+      expect(event.commit_to).to eq('123')
+    end
+  end
+
+  describe '#ref_name' do
+    it 'returns the name of the ref' do
+      allow(payload).to receive(:ref).and_return('master')
+
+      expect(event.ref_name).to eq('master')
+    end
+  end
+
+  describe '#ref_type' do
+    it 'returns the type of the ref' do
+      allow(payload).to receive(:ref_type).and_return('branch')
+
+      expect(event.ref_type).to eq('branch')
+    end
+  end
+
+  describe '#branch_name' do
+    it 'returns the name of the branch' do
+      allow(payload).to receive(:ref).and_return('master')
+
+      expect(event.branch_name).to eq('master')
+    end
+  end
+
+  describe '#tag_name' do
+    it 'returns the name of the tag' do
+      allow(payload).to receive(:ref).and_return('1.2')
+
+      expect(event.tag_name).to eq('1.2')
+    end
+  end
+
+  describe '#commit_title' do
+    it 'returns the commit message' do
+      allow(payload).to receive(:commit_title).and_return('foo')
+
+      expect(event.commit_title).to eq('foo')
+    end
+  end
+
+  describe '#commit_id' do
+    it 'returns the SHA of the last commit if present' do
+      allow(event).to receive(:commit_to).and_return('123')
+
+      expect(event.commit_id).to eq('123')
+    end
+
+    it 'returns the SHA of the first commit if the last commit is not present' do
+      allow(event).to receive(:commit_to).and_return(nil)
+      allow(event).to receive(:commit_from).and_return('123')
+
+      expect(event.commit_id).to eq('123')
+    end
+  end
+
+  describe '#commits_count' do
+    it 'returns the number of commits' do
+      allow(payload).to receive(:commit_count).and_return(1)
+
+      expect(event.commits_count).to eq(1)
+    end
+  end
+
+  describe '#validate_push_action' do
+    it 'adds an error when the action is not PUSHED' do
+      event.action = Event::CREATED
+      event.validate_push_action
+
+      expect(event.errors.count).to eq(1)
+    end
+  end
+end
diff --git a/spec/models/redirect_route_spec.rb b/spec/models/redirect_route_spec.rb
index 80943877095..106ae59af29 100644
--- a/spec/models/redirect_route_spec.rb
+++ b/spec/models/redirect_route_spec.rb
@@ -20,8 +20,16 @@ describe RedirectRoute do
     let!(:redirect4) { group.redirect_routes.create(path: 'gitlabb/test/foo/bar') }
     let!(:redirect5) { group.redirect_routes.create(path: 'gitlabb/test/baz') }
 
-    it 'returns correct routes' do
-      expect(described_class.matching_path_and_descendants('gitlabb/test')).to match_array([redirect2, redirect3, redirect4, redirect5])
+    context 'when the redirect route matches with same casing' do
+      it 'returns correct routes' do
+        expect(described_class.matching_path_and_descendants('gitlabb/test')).to match_array([redirect2, redirect3, redirect4, redirect5])
+      end
+    end
+
+    context 'when the redirect route matches with different casing' do
+      it 'returns correct routes' do
+        expect(described_class.matching_path_and_descendants('GitLABB/test')).to match_array([redirect2, redirect3, redirect4, redirect5])
+      end
     end
   end
 end
diff --git a/spec/models/repository_spec.rb b/spec/models/repository_spec.rb
index cfa77648338..4926d5d6c49 100644
--- a/spec/models/repository_spec.rb
+++ b/spec/models/repository_spec.rb
@@ -961,6 +961,27 @@ describe Repository, models: true do
       end
     end
 
+    context 'when temporary ref failed to be created from other project' do
+      let(:target_project) { create(:project, :empty_repo) }
+
+      before do
+        expect(target_project.repository).to receive(:run_git)
+      end
+
+      it 'raises Rugged::ReferenceError' do
+        raise_reference_error = raise_error(Rugged::ReferenceError) do |err|
+          expect(err.cause).to be_nil
+        end
+
+        expect do
+          GitOperationService.new(user, target_project.repository)
+            .with_branch('feature',
+                         start_project: project,
+                         &:itself)
+        end.to raise_reference_error
+      end
+    end
+
     context 'when the update adds more than one commit' do
       let(:old_rev) { '33f3729a45c02fc67d00adb1b8bca394b0e761d9' }
 
@@ -1224,7 +1245,7 @@ describe Repository, models: true do
   end
 
   describe 'skip_merges option' do
-    subject { repository.commits(Gitlab::Git::BRANCH_REF_PREFIX + "'test'", limit: 100, skip_merges: true).map{ |k| k.id } }
+    subject { repository.commits(Gitlab::Git::BRANCH_REF_PREFIX + "'test'", limit: 100, skip_merges: true).map { |k| k.id } }
 
     it { is_expected.not_to include('e56497bb5f03a90a51293fc6d516788730953899') }
   end
diff --git a/spec/models/route_spec.rb b/spec/models/route_spec.rb
index bdacc60fb53..fece370c03f 100644
--- a/spec/models/route_spec.rb
+++ b/spec/models/route_spec.rb
@@ -145,45 +145,71 @@ describe Route do
 
   describe '#delete_conflicting_redirects' do
     context 'when a redirect route with the same path exists' do
-      let!(:redirect1) { route.create_redirect(route.path) }
+      context 'when the redirect route has matching case' do
+        let!(:redirect1) { route.create_redirect(route.path) }
 
-      it 'deletes the redirect' do
-        route.delete_conflicting_redirects
-        expect(route.conflicting_redirects).to be_empty
+        it 'deletes the redirect' do
+          expect do
+            route.delete_conflicting_redirects
+          end.to change { RedirectRoute.count }.by(-1)
+        end
+
+        context 'when redirect routes with paths descending from the route path exists' do
+          let!(:redirect2) { route.create_redirect("#{route.path}/foo") }
+          let!(:redirect3) { route.create_redirect("#{route.path}/foo/bar") }
+          let!(:redirect4) { route.create_redirect("#{route.path}/baz/quz") }
+          let!(:other_redirect) { route.create_redirect("other") }
+
+          it 'deletes all redirects with paths that descend from the route path' do
+            expect do
+              route.delete_conflicting_redirects
+            end.to change { RedirectRoute.count }.by(-4)
+          end
+        end
       end
 
-      context 'when redirect routes with paths descending from the route path exists' do
-        let!(:redirect2) { route.create_redirect("#{route.path}/foo") }
-        let!(:redirect3) { route.create_redirect("#{route.path}/foo/bar") }
-        let!(:redirect4) { route.create_redirect("#{route.path}/baz/quz") }
-        let!(:other_redirect) { route.create_redirect("other") }
+      context 'when the redirect route is differently cased' do
+        let!(:redirect1) { route.create_redirect(route.path.upcase) }
 
-        it 'deletes all redirects with paths that descend from the route path' do
-          route.delete_conflicting_redirects
-          expect(route.conflicting_redirects).to be_empty
+        it 'deletes the redirect' do
+          expect do
+            route.delete_conflicting_redirects
+          end.to change { RedirectRoute.count }.by(-1)
         end
       end
     end
   end
 
   describe '#conflicting_redirects' do
+    it 'returns an ActiveRecord::Relation' do
+      expect(route.conflicting_redirects).to be_an(ActiveRecord::Relation)
+    end
+
     context 'when a redirect route with the same path exists' do
-      let!(:redirect1) { route.create_redirect(route.path) }
+      context 'when the redirect route has matching case' do
+        let!(:redirect1) { route.create_redirect(route.path) }
 
-      it 'returns the redirect route' do
-        expect(route.conflicting_redirects).to be_an(ActiveRecord::Relation)
-        expect(route.conflicting_redirects).to match_array([redirect1])
+        it 'returns the redirect route' do
+          expect(route.conflicting_redirects).to match_array([redirect1])
+        end
+
+        context 'when redirect routes with paths descending from the route path exists' do
+          let!(:redirect2) { route.create_redirect("#{route.path}/foo") }
+          let!(:redirect3) { route.create_redirect("#{route.path}/foo/bar") }
+          let!(:redirect4) { route.create_redirect("#{route.path}/baz/quz") }
+          let!(:other_redirect) { route.create_redirect("other") }
+
+          it 'returns the redirect routes' do
+            expect(route.conflicting_redirects).to match_array([redirect1, redirect2, redirect3, redirect4])
+          end
+        end
       end
 
-      context 'when redirect routes with paths descending from the route path exists' do
-        let!(:redirect2) { route.create_redirect("#{route.path}/foo") }
-        let!(:redirect3) { route.create_redirect("#{route.path}/foo/bar") }
-        let!(:redirect4) { route.create_redirect("#{route.path}/baz/quz") }
-        let!(:other_redirect) { route.create_redirect("other") }
+      context 'when the redirect route is differently cased' do
+        let!(:redirect1) { route.create_redirect(route.path.upcase) }
 
-        it 'returns the redirect routes' do
-          expect(route.conflicting_redirects).to be_an(ActiveRecord::Relation)
-          expect(route.conflicting_redirects).to match_array([redirect1, redirect2, redirect3, redirect4])
+        it 'returns the redirect route' do
+          expect(route.conflicting_redirects).to match_array([redirect1])
         end
       end
     end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 0103fb6040e..97bb91a6ac8 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -118,6 +118,17 @@ describe User do
 
         expect(user).to validate_uniqueness_of(:username).case_insensitive
       end
+
+      context 'when username is changed' do
+        let(:user) { build_stubbed(:user, username: 'old_path', namespace: build_stubbed(:namespace)) }
+
+        it 'validates move_dir is allowed for the namespace' do
+          expect(user.namespace).to receive(:any_project_has_container_registry_tags?).and_return(true)
+          user.username = 'new_path'
+          expect(user).to be_invalid
+          expect(user.errors.messages[:username].first).to match('cannot be changed if a personal project has container registry tags')
+        end
+      end
     end
 
     it { is_expected.to validate_presence_of(:projects_limit) }
@@ -1280,7 +1291,7 @@ describe User do
     let!(:project2) { create(:project, forked_from_project: project3) }
     let!(:project3) { create(:project) }
     let!(:merge_request) { create(:merge_request, source_project: project2, target_project: project3, author: subject) }
-    let!(:push_event) { create(:event, :pushed, project: project1, target: project1, author: subject) }
+    let!(:push_event) { create(:push_event, project: project1, author: subject) }
     let!(:merge_event) { create(:event, :created, project: project3, target: merge_request, author: subject) }
 
     before do
@@ -1322,10 +1333,18 @@ describe User do
     subject { create(:user) }
     let!(:project1) { create(:project, :repository) }
     let!(:project2) { create(:project, :repository, forked_from_project: project1) }
-    let!(:push_data) do
-      Gitlab::DataBuilder::Push.build_sample(project2, subject)
+
+    let!(:push_event) do
+      event = create(:push_event, project: project2, author: subject)
+
+      create(:push_event_payload,
+             event: event,
+             commit_to: '1cf19a015df3523caf0a1f9d40c98a267d6a2fc2',
+             commit_count: 0,
+             ref: 'master')
+
+      event
     end
-    let!(:push_event) { create(:event, :pushed, project: project2, target: project1, author: subject, data: push_data) }
 
     before do
       project1.team << [subject, :master]
@@ -1352,8 +1371,13 @@ describe User do
       expect(subject.recent_push(project1)).to eq(nil)
       expect(subject.recent_push(project2)).to eq(push_event)
 
-      push_data1 = Gitlab::DataBuilder::Push.build_sample(project1, subject)
-      push_event1 = create(:event, :pushed, project: project1, target: project1, author: subject, data: push_data1)
+      push_event1 = create(:push_event, project: project1, author: subject)
+
+      create(:push_event_payload,
+             event: push_event1,
+             commit_to: '1cf19a015df3523caf0a1f9d40c98a267d6a2fc2',
+             commit_count: 0,
+             ref: 'master')
 
       expect(subject.recent_push([project1, project2])).to eq(push_event1) # Newest
     end
diff --git a/spec/requests/api/commit_statuses_spec.rb b/spec/requests/api/commit_statuses_spec.rb
index 8b62aa268d9..3c02e6302b4 100644
--- a/spec/requests/api/commit_statuses_spec.rb
+++ b/spec/requests/api/commit_statuses_spec.rb
@@ -44,8 +44,8 @@ describe API::CommitStatuses do
             expect(response).to include_pagination_headers
             expect(json_response).to be_an Array
             expect(statuses_id).to contain_exactly(status3.id, status4.id, status5.id, status6.id)
-            json_response.sort_by!{ |status| status['id'] }
-            expect(json_response.map{ |status| status['allow_failure'] }).to eq([true, false, false, false])
+            json_response.sort_by! { |status| status['id'] }
+            expect(json_response.map { |status| status['allow_failure'] }).to eq([true, false, false, false])
           end
         end
 
diff --git a/spec/requests/api/commits_spec.rb b/spec/requests/api/commits_spec.rb
index 0dad547735d..992a6e8d76a 100644
--- a/spec/requests/api/commits_spec.rb
+++ b/spec/requests/api/commits_spec.rb
@@ -3,29 +3,27 @@ require 'mime/types'
 
 describe API::Commits do
   let(:user) { create(:user) }
-  let(:user2) { create(:user) }
-  let!(:project) { create(:project, :repository, creator: user, namespace: user.namespace) }
-  let!(:guest) { create(:project_member, :guest, user: user2, project: project) }
-  let!(:note) { create(:note_on_commit, author: user, project: project, commit_id: project.repository.commit.id, note: 'a comment on a commit') }
-  let!(:another_note) { create(:note_on_commit, author: user, project: project, commit_id: project.repository.commit.id, note: 'another comment on a commit') }
+  let(:guest) { create(:user).tap { |u| project.add_guest(u) } }
+  let(:project) { create(:project, :repository, creator: user, path: 'my.project') }
+  let(:branch_with_dot) { project.repository.find_branch('ends-with.json') }
+  let(:branch_with_slash) { project.repository.find_branch('improve/awesome') }
+
+  let(:project_id) { project.id }
+  let(:current_user) { nil }
 
   before do
-    project.team << [user, :reporter]
+    project.add_master(user)
   end
 
-  describe "List repository commits" do
-    context "authorized user" do
-      before do
-        project.team << [user2, :reporter]
-      end
-
+  describe 'GET /projects/:id/repository/commits' do
+    context 'authorized user' do
       it "returns project commits" do
         commit = project.repository.commit
 
-        get api("/projects/#{project.id}/repository/commits", user)
+        get api("/projects/#{project_id}/repository/commits", user)
 
         expect(response).to have_http_status(200)
-        expect(json_response).to be_an Array
+        expect(response).to match_response_schema('public_api/v4/commits')
         expect(json_response.first['id']).to eq(commit.id)
         expect(json_response.first['committer_name']).to eq(commit.committer_name)
         expect(json_response.first['committer_email']).to eq(commit.committer_email)
@@ -34,7 +32,7 @@ describe API::Commits do
       it 'include correct pagination headers' do
         commit_count = project.repository.count_commits(ref: 'master').to_s
 
-        get api("/projects/#{project.id}/repository/commits", user)
+        get api("/projects/#{project_id}/repository/commits", user)
 
         expect(response).to include_pagination_headers
         expect(response.headers['X-Total']).to eq(commit_count)
@@ -44,8 +42,9 @@ describe API::Commits do
 
     context "unauthorized user" do
       it "does not return project commits" do
-        get api("/projects/#{project.id}/repository/commits")
-        expect(response).to have_http_status(401)
+        get api("/projects/#{project_id}/repository/commits")
+
+        expect(response).to have_http_status(404)
       end
     end
 
@@ -54,7 +53,7 @@ describe API::Commits do
         commits = project.repository.commits("master")
         after = commits.second.created_at
 
-        get api("/projects/#{project.id}/repository/commits?since=#{after.utc.iso8601}", user)
+        get api("/projects/#{project_id}/repository/commits?since=#{after.utc.iso8601}", user)
 
         expect(json_response.size).to eq 2
         expect(json_response.first["id"]).to eq(commits.first.id)
@@ -66,7 +65,7 @@ describe API::Commits do
         after = commits.second.created_at
         commit_count = project.repository.count_commits(ref: 'master', after: after).to_s
 
-        get api("/projects/#{project.id}/repository/commits?since=#{after.utc.iso8601}", user)
+        get api("/projects/#{project_id}/repository/commits?since=#{after.utc.iso8601}", user)
 
         expect(response).to include_pagination_headers
         expect(response.headers['X-Total']).to eq(commit_count)
@@ -79,7 +78,7 @@ describe API::Commits do
         commits = project.repository.commits("master")
         before = commits.second.created_at
 
-        get api("/projects/#{project.id}/repository/commits?until=#{before.utc.iso8601}", user)
+        get api("/projects/#{project_id}/repository/commits?until=#{before.utc.iso8601}", user)
 
         if commits.size >= 20
           expect(json_response.size).to eq(20)
@@ -96,7 +95,7 @@ describe API::Commits do
         before = commits.second.created_at
         commit_count = project.repository.count_commits(ref: 'master', before: before).to_s
 
-        get api("/projects/#{project.id}/repository/commits?until=#{before.utc.iso8601}", user)
+        get api("/projects/#{project_id}/repository/commits?until=#{before.utc.iso8601}", user)
 
         expect(response).to include_pagination_headers
         expect(response.headers['X-Total']).to eq(commit_count)
@@ -106,7 +105,7 @@ describe API::Commits do
 
     context "invalid xmlschema date parameters" do
       it "returns an invalid parameter error message" do
-        get api("/projects/#{project.id}/repository/commits?since=invalid-date", user)
+        get api("/projects/#{project_id}/repository/commits?since=invalid-date", user)
 
         expect(response).to have_http_status(400)
         expect(json_response['error']).to eq('since is invalid')
@@ -118,7 +117,7 @@ describe API::Commits do
         path = 'files/ruby/popen.rb'
         commit_count = project.repository.count_commits(ref: 'master', path: path).to_s
 
-        get api("/projects/#{project.id}/repository/commits?path=#{path}", user)
+        get api("/projects/#{project_id}/repository/commits?path=#{path}", user)
 
         expect(json_response.size).to eq(3)
         expect(json_response.first["id"]).to eq("570e7b2abdd848b95f2f578043fc23bd6f6fd24d")
@@ -130,7 +129,7 @@ describe API::Commits do
         path = 'files/ruby/popen.rb'
         commit_count = project.repository.count_commits(ref: 'master', path: path).to_s
 
-        get api("/projects/#{project.id}/repository/commits?path=#{path}", user)
+        get api("/projects/#{project_id}/repository/commits?path=#{path}", user)
 
         expect(response).to include_pagination_headers
         expect(response.headers['X-Total']).to eq(commit_count)
@@ -143,7 +142,7 @@ describe API::Commits do
       let(:per_page) { 5 }
       let(:ref_name) { 'master' }
       let!(:request) do
-        get api("/projects/#{project.id}/repository/commits?page=#{page}&per_page=#{per_page}&ref_name=#{ref_name}", user)
+        get api("/projects/#{project_id}/repository/commits?page=#{page}&per_page=#{per_page}&ref_name=#{ref_name}", user)
       end
 
       it 'returns correct headers' do
@@ -181,10 +180,10 @@ describe API::Commits do
   end
 
   describe "POST /projects/:id/repository/commits" do
-    let!(:url) { "/projects/#{project.id}/repository/commits" }
+    let!(:url) { "/projects/#{project_id}/repository/commits" }
 
     it 'returns a 403 unauthorized for user without permissions' do
-      post api(url, user2)
+      post api(url, guest)
 
       expect(response).to have_http_status(403)
     end
@@ -227,7 +226,7 @@ describe API::Commits do
       it 'a new file in project repo' do
         post api(url, user), valid_c_params
 
-        expect(response).to have_http_status(201)
+        expect(response).to have_gitlab_http_status(201)
         expect(json_response['title']).to eq(message)
         expect(json_response['committer_name']).to eq(user.name)
         expect(json_response['committer_email']).to eq(user.email)
@@ -453,13 +452,17 @@ describe API::Commits do
     end
   end
 
-  describe "Get a single commit" do
-    context "authorized user" do
-      it "returns a commit by sha" do
-        get api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}", user)
+  describe 'GET /projects/:id/repository/commits/:sha' do
+    let(:commit) { project.repository.commit }
+    let(:commit_id) { commit.id }
+    let(:route) { "/projects/#{project_id}/repository/commits/#{commit_id}" }
 
-        expect(response).to have_http_status(200)
-        commit = project.repository.commit
+    shared_examples_for 'ref commit' do
+      it 'returns the ref last commit' do
+        get api(route, current_user)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(response).to match_response_schema('public_api/v4/commit/detail')
         expect(json_response['id']).to eq(commit.id)
         expect(json_response['short_id']).to eq(commit.short_id)
         expect(json_response['title']).to eq(commit.title)
@@ -474,222 +477,539 @@ describe API::Commits do
         expect(json_response['stats']['additions']).to eq(commit.stats.additions)
         expect(json_response['stats']['deletions']).to eq(commit.stats.deletions)
         expect(json_response['stats']['total']).to eq(commit.stats.total)
+        expect(json_response['status']).to be_nil
       end
 
-      it "returns a 404 error if not found" do
-        get api("/projects/#{project.id}/repository/commits/invalid_sha", user)
-        expect(response).to have_http_status(404)
+      context 'when ref does not exist' do
+        let(:commit_id) { 'unknown' }
+
+        it_behaves_like '404 response' do
+          let(:request) { get api(route, current_user) }
+          let(:message) { '404 Commit Not Found' }
+        end
       end
 
-      it "returns nil for commit without CI" do
-        get api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}", user)
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
 
-        expect(response).to have_http_status(200)
-        expect(json_response['status']).to be_nil
+        it_behaves_like '403 response' do
+          let(:request) { get api(route, current_user) }
+        end
       end
+    end
 
-      it "returns status for CI" do
-        pipeline = project.pipelines.create(source: :push, ref: 'master', sha: project.repository.commit.sha)
-        pipeline.update(status: 'success')
+    context 'when unauthenticated', 'and project is public' do
+      let(:project) { create(:project, :public, :repository) }
 
-        get api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}", user)
+      it_behaves_like 'ref commit'
+    end
 
-        expect(response).to have_http_status(200)
-        expect(json_response['status']).to eq(pipeline.status)
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { get api(route) }
+        let(:message) { '404 Project Not Found' }
       end
+    end
 
-      it "returns status for CI when pipeline is created" do
-        project.pipelines.create(source: :push, ref: 'master', sha: project.repository.commit.sha)
+    context 'when authenticated', 'as a master' do
+      let(:current_user) { user }
 
-        get api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}", user)
+      it_behaves_like 'ref commit'
 
-        expect(response).to have_http_status(200)
-        expect(json_response['status']).to eq("created")
+      context 'when branch contains a dot' do
+        let(:commit) { project.repository.commit(branch_with_dot.name) }
+        let(:commit_id) { branch_with_dot.name }
+
+        it_behaves_like 'ref commit'
       end
-    end
 
-    context "unauthorized user" do
-      it "does not return the selected commit" do
-        get api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}")
-        expect(response).to have_http_status(401)
+      context 'when branch contains a slash' do
+        let(:commit_id) { branch_with_slash.name }
+
+        it_behaves_like '404 response' do
+          let(:request) { get api(route, current_user) }
+        end
+      end
+
+      context 'when branch contains an escaped slash' do
+        let(:commit) { project.repository.commit(branch_with_slash.name) }
+        let(:commit_id) { CGI.escape(branch_with_slash.name) }
+
+        it_behaves_like 'ref commit'
+      end
+
+      context 'requesting with the escaped project full path' do
+        let(:project_id) { CGI.escape(project.full_path) }
+
+        it_behaves_like 'ref commit'
+
+        context 'when branch contains a dot' do
+          let(:commit) { project.repository.commit(branch_with_dot.name) }
+          let(:commit_id) { branch_with_dot.name }
+
+          it_behaves_like 'ref commit'
+        end
+      end
+
+      context 'when the ref has a pipeline' do
+        let!(:pipeline) { project.pipelines.create(source: :push, ref: 'master', sha: commit.sha) }
+
+        it 'includes a "created" status' do
+          get api(route, current_user)
+
+          expect(response).to have_http_status(200)
+          expect(response).to match_response_schema('public_api/v4/commit/detail')
+          expect(json_response['status']).to eq('created')
+        end
+
+        context 'when pipeline succeeds' do
+          before do
+            pipeline.update(status: 'success')
+          end
+
+          it 'includes a "success" status' do
+            get api(route, current_user)
+
+            expect(response).to have_http_status(200)
+            expect(response).to match_response_schema('public_api/v4/commit/detail')
+            expect(json_response['status']).to eq('success')
+          end
+        end
       end
     end
   end
 
-  describe "Get the diff of a commit" do
-    context "authorized user" do
-      before do
-        project.team << [user2, :reporter]
+  describe 'GET /projects/:id/repository/commits/:sha/diff' do
+    let(:commit) { project.repository.commit }
+    let(:commit_id) { commit.id }
+    let(:route) { "/projects/#{project_id}/repository/commits/#{commit_id}/diff" }
+
+    shared_examples_for 'ref diff' do
+      it 'returns the diff of the selected commit' do
+        get api(route, current_user)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(json_response.size).to be >= 1
+        expect(json_response.first.keys).to include 'diff'
       end
 
-      it "returns the diff of the selected commit" do
-        get api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}/diff", user)
-        expect(response).to have_http_status(200)
+      context 'when ref does not exist' do
+        let(:commit_id) { 'unknown' }
 
-        expect(json_response).to be_an Array
-        expect(json_response.length).to be >= 1
-        expect(json_response.first.keys).to include "diff"
+        it_behaves_like '404 response' do
+          let(:request) { get api(route, current_user) }
+          let(:message) { '404 Commit Not Found' }
+        end
       end
 
-      it "returns a 404 error if invalid commit" do
-        get api("/projects/#{project.id}/repository/commits/invalid_sha/diff", user)
-        expect(response).to have_http_status(404)
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
+
+        it_behaves_like '403 response' do
+          let(:request) { get api(route, current_user) }
+        end
       end
     end
 
-    context "unauthorized user" do
-      it "does not return the diff of the selected commit" do
-        get api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}/diff")
-        expect(response).to have_http_status(401)
+    context 'when unauthenticated', 'and project is public' do
+      let(:project) { create(:project, :public, :repository) }
+
+      it_behaves_like 'ref diff'
+    end
+
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { get api(route) }
+        let(:message) { '404 Project Not Found' }
+      end
+    end
+
+    context 'when authenticated', 'as a master' do
+      let(:current_user) { user }
+
+      it_behaves_like 'ref diff'
+
+      context 'when branch contains a dot' do
+        let(:commit_id) { branch_with_dot.name }
+
+        it_behaves_like 'ref diff'
+      end
+
+      context 'when branch contains a slash' do
+        let(:commit_id) { branch_with_slash.name }
+
+        it_behaves_like '404 response' do
+          let(:request) { get api(route, current_user) }
+        end
+      end
+
+      context 'when branch contains an escaped slash' do
+        let(:commit_id) { CGI.escape(branch_with_slash.name) }
+
+        it_behaves_like 'ref diff'
+      end
+
+      context 'requesting with the escaped project full path' do
+        let(:project_id) { CGI.escape(project.full_path) }
+
+        it_behaves_like 'ref diff'
+
+        context 'when branch contains a dot' do
+          let(:commit_id) { branch_with_dot.name }
+
+          it_behaves_like 'ref diff'
+        end
       end
     end
   end
 
-  describe 'Get the comments of a commit' do
-    context 'authorized user' do
-      it 'returns merge_request comments' do
-        get api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}/comments", user)
-        expect(response).to have_http_status(200)
-        expect(response).to include_pagination_headers
-        expect(json_response).to be_an Array
-        expect(json_response.length).to eq(2)
-        expect(json_response.first['note']).to eq('a comment on a commit')
-        expect(json_response.first['author']['id']).to eq(user.id)
+  describe 'GET /projects/:id/repository/commits/:sha/comments' do
+    let(:commit) { project.repository.commit }
+    let(:commit_id) { commit.id }
+    let(:route) { "/projects/#{project_id}/repository/commits/#{commit_id}/comments" }
+
+    shared_examples_for 'ref comments' do
+      context 'when ref exists' do
+        before do
+          create(:note_on_commit, author: user, project: project, commit_id: commit.id, note: 'a comment on a commit')
+          create(:note_on_commit, author: user, project: project, commit_id: commit.id, note: 'another comment on a commit')
+        end
+
+        it 'returns the diff of the selected commit' do
+          get api(route, current_user)
+
+          expect(response).to have_gitlab_http_status(200)
+          expect(response).to match_response_schema('public_api/v4/commit_notes')
+          expect(json_response.size).to eq(2)
+          expect(json_response.first['note']).to eq('a comment on a commit')
+          expect(json_response.first['author']['id']).to eq(user.id)
+        end
       end
 
-      it 'returns a 404 error if merge_request_id not found' do
-        get api("/projects/#{project.id}/repository/commits/1234ab/comments", user)
-        expect(response).to have_http_status(404)
+      context 'when ref does not exist' do
+        let(:commit_id) { 'unknown' }
+
+        it_behaves_like '404 response' do
+          let(:request) { get api(route, current_user) }
+          let(:message) { '404 Commit Not Found' }
+        end
+      end
+
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
+
+        it_behaves_like '403 response' do
+          let(:request) { get api(route, current_user) }
+        end
+      end
+    end
+
+    context 'when unauthenticated', 'and project is public' do
+      let(:project) { create(:project, :public, :repository) }
+
+      it_behaves_like 'ref comments'
+    end
+
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { get api(route) }
+        let(:message) { '404 Project Not Found' }
       end
     end
 
-    context 'unauthorized user' do
-      it 'does not return the diff of the selected commit' do
-        get api("/projects/#{project.id}/repository/commits/1234ab/comments")
-        expect(response).to have_http_status(401)
+    context 'when authenticated', 'as a master' do
+      let(:current_user) { user }
+
+      it_behaves_like 'ref comments'
+
+      context 'when branch contains a dot' do
+        let(:commit) { project.repository.commit(branch_with_dot.name) }
+        let(:commit_id) { branch_with_dot.name }
+
+        it_behaves_like 'ref comments'
+      end
+
+      context 'when branch contains a slash' do
+        let(:commit) { project.repository.commit(branch_with_slash.name) }
+        let(:commit_id) { branch_with_slash.name }
+
+        it_behaves_like '404 response' do
+          let(:request) { get api(route, current_user) }
+        end
+      end
+
+      context 'when branch contains an escaped slash' do
+        let(:commit) { project.repository.commit(branch_with_slash.name) }
+        let(:commit_id) { CGI.escape(branch_with_slash.name) }
+
+        it_behaves_like 'ref comments'
+      end
+
+      context 'requesting with the escaped project full path' do
+        let(:project_id) { CGI.escape(project.full_path) }
+
+        it_behaves_like 'ref comments'
+
+        context 'when branch contains a dot' do
+          let(:commit) { project.repository.commit(branch_with_dot.name) }
+          let(:commit_id) { branch_with_dot.name }
+
+          it_behaves_like 'ref comments'
+        end
       end
     end
 
     context 'when the commit is present on two projects' do
-      let(:forked_project) { create(:project, :repository, creator: user2, namespace: user2.namespace) }
-      let!(:forked_project_note) { create(:note_on_commit, author: user2, project: forked_project, commit_id: forked_project.repository.commit.id, note: 'a comment on a commit for fork') }
+      let(:forked_project) { create(:project, :repository, creator: guest, namespace: guest.namespace) }
+      let!(:forked_project_note) { create(:note_on_commit, author: guest, project: forked_project, commit_id: forked_project.repository.commit.id, note: 'a comment on a commit for fork') }
+      let(:project_id) { forked_project.id }
+      let(:commit_id) { forked_project.repository.commit.id }
 
       it 'returns the comments for the target project' do
-        get api("/projects/#{forked_project.id}/repository/commits/#{forked_project.repository.commit.id}/comments", user2)
+        get api(route, guest)
 
-        expect(response).to have_http_status(200)
-        expect(json_response.length).to eq(1)
+        expect(response).to have_gitlab_http_status(200)
+        expect(response).to match_response_schema('public_api/v4/commit_notes')
+        expect(json_response.size).to eq(1)
         expect(json_response.first['note']).to eq('a comment on a commit for fork')
-        expect(json_response.first['author']['id']).to eq(user2.id)
+        expect(json_response.first['author']['id']).to eq(guest.id)
       end
     end
   end
 
   describe 'POST :id/repository/commits/:sha/cherry_pick' do
-    let(:master_pickable_commit)  { project.commit('7d3b0f7cff5f37573aea97cebfd5692ea1689924') }
+    let(:commit) { project.commit('7d3b0f7cff5f37573aea97cebfd5692ea1689924') }
+    let(:commit_id) { commit.id }
+    let(:branch) { 'master' }
+    let(:route) { "/projects/#{project_id}/repository/commits/#{commit_id}/cherry_pick" }
+
+    shared_examples_for 'ref cherry-pick' do
+      context 'when ref exists' do
+        it 'cherry-picks the ref commit' do
+          post api(route, current_user), branch: branch
+
+          expect(response).to have_gitlab_http_status(201)
+          expect(response).to match_response_schema('public_api/v4/commit/basic')
+          expect(json_response['title']).to eq(commit.title)
+          expect(json_response['message']).to eq(commit.message)
+          expect(json_response['author_name']).to eq(commit.author_name)
+          expect(json_response['committer_name']).to eq(user.name)
+        end
+      end
 
-    context 'authorized user' do
-      it 'cherry picks a commit' do
-        post api("/projects/#{project.id}/repository/commits/#{master_pickable_commit.id}/cherry_pick", user), branch: 'master'
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
 
-        expect(response).to have_http_status(201)
-        expect(json_response['title']).to eq(master_pickable_commit.title)
-        expect(json_response['message']).to eq(master_pickable_commit.message)
-        expect(json_response['author_name']).to eq(master_pickable_commit.author_name)
-        expect(json_response['committer_name']).to eq(user.name)
+        it_behaves_like '403 response' do
+          let(:request) { post api(route, current_user), branch: 'master' }
+        end
       end
+    end
 
-      it 'returns 400 if commit is already included in the target branch' do
-        post api("/projects/#{project.id}/repository/commits/#{master_pickable_commit.id}/cherry_pick", user), branch: 'markdown'
+    context 'when unauthenticated', 'and project is public' do
+      let(:project) { create(:project, :public, :repository) }
 
-        expect(response).to have_http_status(400)
-        expect(json_response['message']).to include('Sorry, we cannot cherry-pick this commit automatically.')
+      it_behaves_like '403 response' do
+        let(:request) { post api(route), branch: 'master' }
+      end
+    end
+
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { post api(route), branch: 'master' }
+        let(:message) { '404 Project Not Found' }
       end
+    end
 
-      it 'returns 400 if you are not allowed to push to the target branch' do
-        project.team << [user2, :developer]
-        protected_branch = create(:protected_branch, project: project, name: 'feature')
+    context 'when authenticated', 'as an owner' do
+      let(:current_user) { user }
 
-        post api("/projects/#{project.id}/repository/commits/#{master_pickable_commit.id}/cherry_pick", user2), branch: protected_branch.name
+      it_behaves_like 'ref cherry-pick'
 
-        expect(response).to have_http_status(400)
-        expect(json_response['message']).to eq('You are not allowed to push into this branch')
+      context 'when ref does not exist' do
+        let(:commit_id) { 'unknown' }
+
+        it_behaves_like '404 response' do
+          let(:request) { post api(route, current_user), branch: 'master' }
+          let(:message) { '404 Commit Not Found' }
+        end
+      end
+
+      context 'when branch is missing' do
+        it_behaves_like '400 response' do
+          let(:request) { post api(route, current_user) }
+        end
       end
 
-      it 'returns 400 for missing parameters' do
-        post api("/projects/#{project.id}/repository/commits/#{master_pickable_commit.id}/cherry_pick", user)
+      context 'when branch does not exist' do
+        it_behaves_like '404 response' do
+          let(:request) { post api(route, current_user), branch: 'foo' }
+          let(:message) { '404 Branch Not Found' }
+        end
+      end
 
-        expect(response).to have_http_status(400)
-        expect(json_response['error']).to eq('branch is missing')
+      context 'when commit is already included in the target branch' do
+        it_behaves_like '400 response' do
+          let(:request) { post api(route, current_user), branch: 'markdown' }
+        end
       end
 
-      it 'returns 404 if commit is not found' do
-        post api("/projects/#{project.id}/repository/commits/abcd0123/cherry_pick", user), branch: 'master'
+      context 'when ref contains a dot' do
+        let(:commit) { project.repository.commit(branch_with_dot.name) }
+        let(:commit_id) { branch_with_dot.name }
 
-        expect(response).to have_http_status(404)
-        expect(json_response['message']).to eq('404 Commit Not Found')
+        it_behaves_like 'ref cherry-pick'
       end
 
-      it 'returns 404 if branch is not found' do
-        post api("/projects/#{project.id}/repository/commits/#{master_pickable_commit.id}/cherry_pick", user), branch: 'foo'
+      context 'when ref contains a slash' do
+        let(:commit_id) { branch_with_slash.name }
 
-        expect(response).to have_http_status(404)
-        expect(json_response['message']).to eq('404 Branch Not Found')
+        it_behaves_like '404 response' do
+          let(:request) { post api(route, current_user), branch: 'master' }
+        end
       end
 
-      it 'returns 400 for missing parameters' do
-        post api("/projects/#{project.id}/repository/commits/#{master_pickable_commit.id}/cherry_pick", user)
+      context 'requesting with the escaped project full path' do
+        let(:project_id) { CGI.escape(project.full_path) }
 
-        expect(response).to have_http_status(400)
-        expect(json_response['error']).to eq('branch is missing')
+        it_behaves_like 'ref cherry-pick'
+
+        context 'when ref contains a dot' do
+          let(:commit) { project.repository.commit(branch_with_dot.name) }
+          let(:commit_id) { branch_with_dot.name }
+
+          it_behaves_like 'ref cherry-pick'
+        end
       end
     end
 
-    context 'unauthorized user' do
-      it 'does not cherry pick the commit' do
-        post api("/projects/#{project.id}/repository/commits/#{master_pickable_commit.id}/cherry_pick"), branch: 'master'
+    context 'when authenticated', 'as a developer' do
+      let(:current_user) { guest }
+
+      before do
+        project.add_developer(guest)
+      end
+
+      context 'when branch is protected' do
+        before do
+          create(:protected_branch, project: project, name: 'feature')
+        end
+
+        it 'returns 400 if you are not allowed to push to the target branch' do
+          post api(route, current_user), branch: 'feature'
 
-        expect(response).to have_http_status(401)
+          expect(response).to have_gitlab_http_status(400)
+          expect(json_response['message']).to eq('You are not allowed to push into this branch')
+        end
       end
     end
   end
 
-  describe 'Post comment to commit' do
-    context 'authorized user' do
-      it 'returns comment' do
-        post api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}/comments", user), note: 'My comment'
-        expect(response).to have_http_status(201)
-        expect(json_response['note']).to eq('My comment')
-        expect(json_response['path']).to be_nil
-        expect(json_response['line']).to be_nil
-        expect(json_response['line_type']).to be_nil
+  describe 'POST /projects/:id/repository/commits/:sha/comments' do
+    let(:commit) { project.repository.commit }
+    let(:commit_id) { commit.id }
+    let(:note) { 'My comment' }
+    let(:route) { "/projects/#{project_id}/repository/commits/#{commit_id}/comments" }
+
+    shared_examples_for 'ref new comment' do
+      context 'when ref exists' do
+        it 'creates the comment' do
+          post api(route, current_user), note: note
+
+          expect(response).to have_gitlab_http_status(201)
+          expect(response).to match_response_schema('public_api/v4/commit_note')
+          expect(json_response['note']).to eq('My comment')
+          expect(json_response['path']).to be_nil
+          expect(json_response['line']).to be_nil
+          expect(json_response['line_type']).to be_nil
+        end
       end
 
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
+
+        it_behaves_like '403 response' do
+          let(:request) { post api(route, current_user), note: 'My comment' }
+        end
+      end
+    end
+
+    context 'when unauthenticated', 'and project is public' do
+      let(:project) { create(:project, :public, :repository) }
+
+      it_behaves_like '400 response' do
+        let(:request) { post api(route), note: 'My comment' }
+      end
+    end
+
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { post api(route), note: 'My comment' }
+        let(:message) { '404 Project Not Found' }
+      end
+    end
+
+    context 'when authenticated', 'as an owner' do
+      let(:current_user) { user }
+
+      it_behaves_like 'ref new comment'
+
       it 'returns the inline comment' do
-        post api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}/comments", user), note: 'My comment', path: project.repository.commit.raw_diffs.first.new_path, line: 1, line_type: 'new'
+        post api(route, current_user), note: 'My comment', path: project.repository.commit.raw_diffs.first.new_path, line: 1, line_type: 'new'
 
-        expect(response).to have_http_status(201)
+        expect(response).to have_gitlab_http_status(201)
+        expect(response).to match_response_schema('public_api/v4/commit_note')
         expect(json_response['note']).to eq('My comment')
         expect(json_response['path']).to eq(project.repository.commit.raw_diffs.first.new_path)
         expect(json_response['line']).to eq(1)
         expect(json_response['line_type']).to eq('new')
       end
 
+      context 'when ref does not exist' do
+        let(:commit_id) { 'unknown' }
+
+        it_behaves_like '404 response' do
+          let(:request) { post api(route, current_user), note: 'My comment' }
+          let(:message) { '404 Commit Not Found' }
+        end
+      end
+
       it 'returns 400 if note is missing' do
-        post api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}/comments", user)
-        expect(response).to have_http_status(400)
+        post api(route, current_user)
+
+        expect(response).to have_gitlab_http_status(400)
       end
 
-      it 'returns 404 if note is attached to non existent commit' do
-        post api("/projects/#{project.id}/repository/commits/1234ab/comments", user), note: 'My comment'
-        expect(response).to have_http_status(404)
+      context 'when ref contains a dot' do
+        let(:commit_id) { branch_with_dot.name }
+
+        it_behaves_like 'ref new comment'
       end
-    end
 
-    context 'unauthorized user' do
-      it 'does not return the diff of the selected commit' do
-        post api("/projects/#{project.id}/repository/commits/#{project.repository.commit.id}/comments")
-        expect(response).to have_http_status(401)
+      context 'when ref contains a slash' do
+        let(:commit_id) { branch_with_slash.name }
+
+        it_behaves_like '404 response' do
+          let(:request) { post api(route, current_user), note: 'My comment' }
+        end
+      end
+
+      context 'when ref contains an escaped slash' do
+        let(:commit_id) { CGI.escape(branch_with_slash.name) }
+
+        it_behaves_like 'ref new comment'
+      end
+
+      context 'requesting with the escaped project full path' do
+        let(:project_id) { CGI.escape(project.full_path) }
+
+        it_behaves_like 'ref new comment'
+
+        context 'when ref contains a dot' do
+          let(:commit_id) { branch_with_dot.name }
+
+          it_behaves_like 'ref new comment'
+        end
       end
     end
   end
diff --git a/spec/requests/api/deploy_keys_spec.rb b/spec/requests/api/deploy_keys_spec.rb
index d032d72de9c..e497ec333a2 100644
--- a/spec/requests/api/deploy_keys_spec.rb
+++ b/spec/requests/api/deploy_keys_spec.rb
@@ -182,7 +182,7 @@ describe API::DeployKeys do
         delete api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin)
 
         expect(response).to have_http_status(204)
-      end.to change{ project.deploy_keys.count }.by(-1)
+      end.to change { project.deploy_keys.count }.by(-1)
     end
 
     it 'returns 404 Not Found with invalid ID' do
diff --git a/spec/requests/api/events_spec.rb b/spec/requests/api/events_spec.rb
index 7a847442469..a23d28994ce 100644
--- a/spec/requests/api/events_spec.rb
+++ b/spec/requests/api/events_spec.rb
@@ -59,6 +59,34 @@ describe API::Events do
         expect(json_response.size).to eq(1)
       end
 
+      context 'when the list of events includes push events' do
+        let(:event) do
+          create(:push_event, author: user, project: private_project)
+        end
+
+        let!(:payload) { create(:push_event_payload, event: event) }
+        let(:payload_hash) { json_response[0]['push_data'] }
+
+        before do
+          get api("/users/#{user.id}/events?action=pushed", user)
+        end
+
+        it 'responds with HTTP 200 OK' do
+          expect(response).to have_http_status(200)
+        end
+
+        it 'includes the push payload as a Hash' do
+          expect(payload_hash).to be_an_instance_of(Hash)
+        end
+
+        it 'includes the push payload details' do
+          expect(payload_hash['commit_count']).to eq(payload.commit_count)
+          expect(payload_hash['action']).to eq(payload.action)
+          expect(payload_hash['ref_type']).to eq(payload.ref_type)
+          expect(payload_hash['commit_to']).to eq(payload.commit_to)
+        end
+      end
+
       context 'when there are multiple events from different projects' do
         let(:second_note) { create(:note_on_issue, project: create(:project)) }
 
@@ -138,5 +166,35 @@ describe API::Events do
         expect(response).to have_http_status(404)
       end
     end
+
+    context 'when exists some events' do
+      let(:merge_request1) { create(:merge_request, :closed, author: user, assignee: user, source_project: private_project, title: 'Test') }
+      let(:merge_request2) { create(:merge_request, :closed, author: user, assignee: user, source_project: private_project, title: 'Test') }
+
+      before do
+        create_event(merge_request1)
+      end
+
+      it 'avoids N+1 queries' do
+        control_count = ActiveRecord::QueryRecorder.new do
+          get api("/projects/#{private_project.id}/events", user), target_type: :merge_request
+        end.count
+
+        create_event(merge_request2)
+
+        expect do
+          get api("/projects/#{private_project.id}/events", user), target_type: :merge_request
+        end.not_to exceed_query_limit(control_count)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(response).to include_pagination_headers
+        expect(json_response.size).to eq(2)
+        expect(json_response.map { |r| r['target_id'] }).to match_array([merge_request1.id, merge_request2.id])
+      end
+
+      def create_event(target)
+        create(:event, project: private_project, author: user, target: target)
+      end
+    end
   end
 end
diff --git a/spec/requests/api/files_spec.rb b/spec/requests/api/files_spec.rb
index 55c998b13b8..ea97c556430 100644
--- a/spec/requests/api/files_spec.rb
+++ b/spec/requests/api/files_spec.rb
@@ -33,6 +33,15 @@ describe API::Files do
         expect(Base64.decode64(json_response['content']).lines.first).to eq("require 'fileutils'\n")
       end
 
+      it 'returns json when file has txt extension' do
+        file_path = "bar%2Fbranch-test.txt"
+
+        get api(route(file_path), current_user), params
+
+        expect(response).to have_http_status(200)
+        expect(response.content_type).to eq('application/json')
+      end
+
       it 'returns file by commit sha' do
         # This file is deleted on HEAD
         file_path = "files%2Fjs%2Fcommit%2Ejs%2Ecoffee"
@@ -220,6 +229,7 @@ describe API::Files do
         post api(route("new_file_with_author%2Etxt"), user), valid_params
 
         expect(response).to have_http_status(201)
+        expect(response.content_type).to eq('application/json')
         last_commit = project.repository.commit.raw
         expect(last_commit.author_email).to eq(author_email)
         expect(last_commit.author_name).to eq(author_name)
diff --git a/spec/requests/api/group_variables_spec.rb b/spec/requests/api/group_variables_spec.rb
index 402ea057cc5..2179790d098 100644
--- a/spec/requests/api/group_variables_spec.rb
+++ b/spec/requests/api/group_variables_spec.rb
@@ -88,7 +88,7 @@ describe API::GroupVariables do
       it 'creates variable' do
         expect do
           post api("/groups/#{group.id}/variables", user), key: 'TEST_VARIABLE_2', value: 'VALUE_2', protected: true
-        end.to change{group.variables.count}.by(1)
+        end.to change {group.variables.count}.by(1)
 
         expect(response).to have_http_status(201)
         expect(json_response['key']).to eq('TEST_VARIABLE_2')
@@ -99,7 +99,7 @@ describe API::GroupVariables do
       it 'creates variable with optional attributes' do
         expect do
           post api("/groups/#{group.id}/variables", user), key: 'TEST_VARIABLE_2', value: 'VALUE_2'
-        end.to change{group.variables.count}.by(1)
+        end.to change {group.variables.count}.by(1)
 
         expect(response).to have_http_status(201)
         expect(json_response['key']).to eq('TEST_VARIABLE_2')
@@ -110,7 +110,7 @@ describe API::GroupVariables do
       it 'does not allow to duplicate variable key' do
         expect do
           post api("/groups/#{group.id}/variables", user), key: variable.key, value: 'VALUE_2'
-        end.to change{group.variables.count}.by(0)
+        end.to change {group.variables.count}.by(0)
 
         expect(response).to have_http_status(400)
       end
@@ -192,7 +192,7 @@ describe API::GroupVariables do
           delete api("/groups/#{group.id}/variables/#{variable.key}", user)
 
           expect(response).to have_http_status(204)
-        end.to change{group.variables.count}.by(-1)
+        end.to change {group.variables.count}.by(-1)
       end
 
       it 'responds with 404 Not Found if requesting non-existing variable' do
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index eba1db15da6..313c38cd29c 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -512,7 +512,7 @@ describe API::Groups do
     let(:project) { create(:project) }
     let(:project_path) { CGI.escape(project.full_path) }
 
-    before(:each) do
+    before do
       allow_any_instance_of(Projects::TransferService)
         .to receive(:execute).and_return(true)
     end
diff --git a/spec/requests/api/helpers_spec.rb b/spec/requests/api/helpers_spec.rb
index 7a1bd76af7a..d4006fe71a2 100644
--- a/spec/requests/api/helpers_spec.rb
+++ b/spec/requests/api/helpers_spec.rb
@@ -56,7 +56,7 @@ describe API::Helpers do
   end
 
   def doorkeeper_guard_returns(value)
-    allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ value }
+    allow_any_instance_of(self.class).to receive(:doorkeeper_guard) { value }
   end
 
   def error!(message, status, header)
@@ -161,7 +161,7 @@ describe API::Helpers do
     describe "when authenticating using a user's private token" do
       it "returns nil for an invalid token" do
         env[API::APIGuard::PRIVATE_TOKEN_HEADER] = 'invalid token'
-        allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
+        allow_any_instance_of(self.class).to receive(:doorkeeper_guard) { false }
 
         expect(current_user).to be_nil
       end
diff --git a/spec/requests/api/internal_spec.rb b/spec/requests/api/internal_spec.rb
index 8a2de23716f..e9c30dba8d4 100644
--- a/spec/requests/api/internal_spec.rb
+++ b/spec/requests/api/internal_spec.rb
@@ -181,13 +181,12 @@ describe API::Internal do
 
   describe "POST /internal/allowed", :clean_gitlab_redis_shared_state do
     context "access granted" do
-      before do
-        project.team << [user, :developer]
-        Timecop.freeze
+      around do |example|
+        Timecop.freeze { example.run }
       end
 
-      after do
-        Timecop.return
+      before do
+        project.team << [user, :developer]
       end
 
       context 'with env passed as a JSON' do
diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb
index 9eda6836ded..0db645863fb 100644
--- a/spec/requests/api/merge_requests_spec.rb
+++ b/spec/requests/api/merge_requests_spec.rb
@@ -31,7 +31,7 @@ describe API::MergeRequests do
       it 'returns authentication error' do
         get api('/merge_requests')
 
-        expect(response).to have_http_status(401)
+        expect(response).to have_gitlab_http_status(401)
       end
     end
 
@@ -43,7 +43,7 @@ describe API::MergeRequests do
       it 'returns an array of all merge requests' do
         get api('/merge_requests', user), scope: :all
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
         expect(json_response.map { |mr| mr['id'] })
@@ -56,7 +56,7 @@ describe API::MergeRequests do
 
         get api('/merge_requests', user), scope: :all
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
         expect(json_response.map { |mr| mr['id'] })
@@ -68,7 +68,7 @@ describe API::MergeRequests do
 
         get api('/merge_requests', user2)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(1)
         expect(json_response.first['id']).to eq(merge_request3.id)
@@ -79,7 +79,7 @@ describe API::MergeRequests do
 
         get api('/merge_requests', user), author_id: user2.id, scope: :all
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(1)
         expect(json_response.first['id']).to eq(merge_request3.id)
@@ -90,7 +90,7 @@ describe API::MergeRequests do
 
         get api('/merge_requests', user), assignee_id: user2.id, scope: :all
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(1)
         expect(json_response.first['id']).to eq(merge_request3.id)
@@ -101,7 +101,7 @@ describe API::MergeRequests do
 
         get api('/merge_requests', user2), scope: 'assigned-to-me'
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(1)
         expect(json_response.first['id']).to eq(merge_request3.id)
@@ -112,7 +112,7 @@ describe API::MergeRequests do
 
         get api('/merge_requests', user2), scope: 'created-by-me'
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(1)
         expect(json_response.first['id']).to eq(merge_request3.id)
@@ -125,7 +125,7 @@ describe API::MergeRequests do
       it "returns authentication error" do
         get api("/projects/#{project.id}/merge_requests")
 
-        expect(response).to have_http_status(401)
+        expect(response).to have_gitlab_http_status(401)
       end
     end
 
@@ -145,7 +145,7 @@ describe API::MergeRequests do
       it "returns an array of all merge_requests" do
         get api("/projects/#{project.id}/merge_requests", user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(3)
@@ -166,7 +166,7 @@ describe API::MergeRequests do
       it "returns an array of all merge_requests using simple mode" do
         get api("/projects/#{project.id}/merge_requests?view=simple", user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response.last.keys).to match_array(%w(id iid title web_url created_at description project_id state updated_at))
         expect(json_response).to be_an Array
@@ -182,7 +182,7 @@ describe API::MergeRequests do
       it "returns an array of all merge_requests" do
         get api("/projects/#{project.id}/merge_requests?state", user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(3)
@@ -192,7 +192,7 @@ describe API::MergeRequests do
       it "returns an array of open merge_requests" do
         get api("/projects/#{project.id}/merge_requests?state=opened", user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(1)
@@ -202,7 +202,7 @@ describe API::MergeRequests do
       it "returns an array of closed merge_requests" do
         get api("/projects/#{project.id}/merge_requests?state=closed", user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(1)
@@ -212,7 +212,7 @@ describe API::MergeRequests do
       it "returns an array of merged merge_requests" do
         get api("/projects/#{project.id}/merge_requests?state=merged", user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(1)
@@ -222,7 +222,7 @@ describe API::MergeRequests do
       it 'returns merge_request by "iids" array' do
         get api("/projects/#{project.id}/merge_requests", user), iids: [merge_request.iid, merge_request_closed.iid]
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(2)
         expect(json_response.first['title']).to eq merge_request_closed.title
@@ -232,14 +232,14 @@ describe API::MergeRequests do
       it 'matches V4 response schema' do
         get api("/projects/#{project.id}/merge_requests", user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(response).to match_response_schema('public_api/v4/merge_requests')
       end
 
       it 'returns an empty array if no issue matches milestone' do
         get api("/projects/#{project.id}/merge_requests", user), milestone: '1.0.0'
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(0)
       end
@@ -247,7 +247,7 @@ describe API::MergeRequests do
       it 'returns an empty array if milestone does not exist' do
         get api("/projects/#{project.id}/merge_requests", user), milestone: 'foo'
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(0)
       end
@@ -262,7 +262,7 @@ describe API::MergeRequests do
       it 'returns an array of merge requests matching state in milestone' do
         get api("/projects/#{project.id}/merge_requests", user), milestone: '0.9', state: 'closed'
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(1)
         expect(json_response.first['id']).to eq(merge_request_closed.id)
@@ -271,7 +271,7 @@ describe API::MergeRequests do
       it 'returns an array of labeled merge requests' do
         get api("/projects/#{project.id}/merge_requests?labels=#{label.title}", user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(1)
         expect(json_response.first['labels']).to eq([label2.title, label.title])
@@ -280,7 +280,7 @@ describe API::MergeRequests do
       it 'returns an array of labeled merge requests where all labels match' do
         get api("/projects/#{project.id}/merge_requests?labels=#{label.title},foo,bar", user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(0)
       end
@@ -288,7 +288,7 @@ describe API::MergeRequests do
       it 'returns an empty array if no merge request matches labels' do
         get api("/projects/#{project.id}/merge_requests?labels=foo,bar", user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(0)
       end
@@ -307,7 +307,7 @@ describe API::MergeRequests do
 
         get api("/projects/#{project.id}/merge_requests?labels=#{bug_label.title}&milestone=#{milestone1.title}&state=merged", user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response).to be_an Array
         expect(json_response.length).to eq(1)
         expect(json_response.first['id']).to eq(mr2.id)
@@ -322,44 +322,44 @@ describe API::MergeRequests do
         it "returns an array of merge_requests in ascending order" do
           get api("/projects/#{project.id}/merge_requests?sort=asc", user)
 
-          expect(response).to have_http_status(200)
+          expect(response).to have_gitlab_http_status(200)
           expect(response).to include_pagination_headers
           expect(json_response).to be_an Array
           expect(json_response.length).to eq(3)
-          response_dates = json_response.map{ |merge_request| merge_request['created_at'] }
+          response_dates = json_response.map { |merge_request| merge_request['created_at'] }
           expect(response_dates).to eq(response_dates.sort)
         end
 
         it "returns an array of merge_requests in descending order" do
           get api("/projects/#{project.id}/merge_requests?sort=desc", user)
 
-          expect(response).to have_http_status(200)
+          expect(response).to have_gitlab_http_status(200)
           expect(response).to include_pagination_headers
           expect(json_response).to be_an Array
           expect(json_response.length).to eq(3)
-          response_dates = json_response.map{ |merge_request| merge_request['created_at'] }
+          response_dates = json_response.map { |merge_request| merge_request['created_at'] }
           expect(response_dates).to eq(response_dates.sort.reverse)
         end
 
         it "returns an array of merge_requests ordered by updated_at" do
           get api("/projects/#{project.id}/merge_requests?order_by=updated_at", user)
 
-          expect(response).to have_http_status(200)
+          expect(response).to have_gitlab_http_status(200)
           expect(response).to include_pagination_headers
           expect(json_response).to be_an Array
           expect(json_response.length).to eq(3)
-          response_dates = json_response.map{ |merge_request| merge_request['updated_at'] }
+          response_dates = json_response.map { |merge_request| merge_request['updated_at'] }
           expect(response_dates).to eq(response_dates.sort.reverse)
         end
 
         it "returns an array of merge_requests ordered by created_at" do
           get api("/projects/#{project.id}/merge_requests?order_by=created_at&sort=asc", user)
 
-          expect(response).to have_http_status(200)
+          expect(response).to have_gitlab_http_status(200)
           expect(response).to include_pagination_headers
           expect(json_response).to be_an Array
           expect(json_response.length).to eq(3)
-          response_dates = json_response.map{ |merge_request| merge_request['created_at'] }
+          response_dates = json_response.map { |merge_request| merge_request['created_at'] }
           expect(response_dates).to eq(response_dates.sort)
         end
       end
@@ -370,7 +370,7 @@ describe API::MergeRequests do
     it 'exposes known attributes' do
       get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user)
 
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(json_response['id']).to eq(merge_request.id)
       expect(json_response['iid']).to eq(merge_request.iid)
       expect(json_response['project_id']).to eq(merge_request.project.id)
@@ -398,7 +398,7 @@ describe API::MergeRequests do
 
     it "returns merge_request" do
       get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user)
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(json_response['title']).to eq(merge_request.title)
       expect(json_response['iid']).to eq(merge_request.iid)
       expect(json_response['work_in_progress']).to eq(false)
@@ -409,13 +409,13 @@ describe API::MergeRequests do
 
     it "returns a 404 error if merge_request_iid not found" do
       get api("/projects/#{project.id}/merge_requests/999", user)
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
 
     it "returns a 404 error if merge_request `id` is used instead of iid" do
       get api("/projects/#{project.id}/merge_requests/#{merge_request.id}", user)
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
 
     context 'Work in Progress' do
@@ -423,7 +423,7 @@ describe API::MergeRequests do
 
       it "returns merge_request" do
         get api("/projects/#{project.id}/merge_requests/#{merge_request_wip.iid}", user)
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response['work_in_progress']).to eq(true)
       end
     end
@@ -434,7 +434,7 @@ describe API::MergeRequests do
       get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/commits", user)
       commit = merge_request.commits.first
 
-      expect(response.status).to eq 200
+      expect(response).to have_gitlab_http_status(200)
       expect(response).to include_pagination_headers
       expect(json_response).to be_an Array
       expect(json_response.size).to eq(merge_request.commits.size)
@@ -444,13 +444,13 @@ describe API::MergeRequests do
 
     it 'returns a 404 when merge_request_iid not found' do
       get api("/projects/#{project.id}/merge_requests/999/commits", user)
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
 
     it 'returns a 404 when merge_request id is used instead of iid' do
       get api("/projects/#{project.id}/merge_requests/#{merge_request.id}/commits", user)
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
   end
 
@@ -458,19 +458,19 @@ describe API::MergeRequests do
     it 'returns the change information of the merge_request' do
       get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/changes", user)
 
-      expect(response.status).to eq 200
+      expect(response).to have_gitlab_http_status(200)
       expect(json_response['changes'].size).to eq(merge_request.diffs.size)
     end
 
     it 'returns a 404 when merge_request_iid not found' do
       get api("/projects/#{project.id}/merge_requests/999/changes", user)
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
 
     it 'returns a 404 when merge_request id is used instead of iid' do
       get api("/projects/#{project.id}/merge_requests/#{merge_request.id}/changes", user)
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
   end
 
@@ -485,7 +485,7 @@ describe API::MergeRequests do
              labels: 'label, label2',
              milestone_id: milestone.id
 
-        expect(response).to have_http_status(201)
+        expect(response).to have_gitlab_http_status(201)
         expect(json_response['title']).to eq('Test merge_request')
         expect(json_response['labels']).to eq(%w(label label2))
         expect(json_response['milestone']['id']).to eq(milestone.id)
@@ -495,25 +495,25 @@ describe API::MergeRequests do
       it "returns 422 when source_branch equals target_branch" do
         post api("/projects/#{project.id}/merge_requests", user),
         title: "Test merge_request", source_branch: "master", target_branch: "master", author: user
-        expect(response).to have_http_status(422)
+        expect(response).to have_gitlab_http_status(422)
       end
 
       it "returns 400 when source_branch is missing" do
         post api("/projects/#{project.id}/merge_requests", user),
         title: "Test merge_request", target_branch: "master", author: user
-        expect(response).to have_http_status(400)
+        expect(response).to have_gitlab_http_status(400)
       end
 
       it "returns 400 when target_branch is missing" do
         post api("/projects/#{project.id}/merge_requests", user),
         title: "Test merge_request", source_branch: "markdown", author: user
-        expect(response).to have_http_status(400)
+        expect(response).to have_gitlab_http_status(400)
       end
 
       it "returns 400 when title is missing" do
         post api("/projects/#{project.id}/merge_requests", user),
         target_branch: 'master', source_branch: 'markdown'
-        expect(response).to have_http_status(400)
+        expect(response).to have_gitlab_http_status(400)
       end
 
       it 'allows special label names' do
@@ -523,7 +523,7 @@ describe API::MergeRequests do
              target_branch: 'master',
              author: user,
              labels: 'label, label?, label&foo, ?, &'
-        expect(response.status).to eq(201)
+        expect(response).to have_gitlab_http_status(201)
         expect(json_response['labels']).to include 'label'
         expect(json_response['labels']).to include 'label?'
         expect(json_response['labels']).to include 'label&foo'
@@ -549,7 +549,7 @@ describe API::MergeRequests do
                  target_branch: 'master',
                  author: user
           end.to change { MergeRequest.count }.by(0)
-          expect(response).to have_http_status(409)
+          expect(response).to have_gitlab_http_status(409)
         end
       end
 
@@ -580,15 +580,17 @@ describe API::MergeRequests do
       let!(:fork_project) { create(:project, forked_from_project: project,  namespace: user2.namespace, creator_id: user2.id) }
       let!(:unrelated_project) { create(:project,  namespace: create(:user).namespace, creator_id: user2.id) }
 
-      before :each do |each|
-        fork_project.team << [user2, :reporter]
+      before do
+        fork_project.add_reporter(user2)
+
+        allow_any_instance_of(MergeRequest).to receive(:write_ref)
       end
 
       it "returns merge_request" do
         post api("/projects/#{fork_project.id}/merge_requests", user2),
           title: 'Test merge_request', source_branch: "feature_conflict", target_branch: "master",
           author: user2, target_project_id: project.id, description: 'Test description for Test merge_request'
-        expect(response).to have_http_status(201)
+        expect(response).to have_gitlab_http_status(201)
         expect(json_response['title']).to eq('Test merge_request')
         expect(json_response['description']).to eq('Test description for Test merge_request')
       end
@@ -599,7 +601,7 @@ describe API::MergeRequests do
         expect(fork_project.forked_from_project).to eq(project)
         post api("/projects/#{fork_project.id}/merge_requests", user2),
         title: 'Test merge_request', source_branch: "master", target_branch: "master", author: user2, target_project_id: project.id
-        expect(response).to have_http_status(201)
+        expect(response).to have_gitlab_http_status(201)
         expect(json_response['title']).to eq('Test merge_request')
       end
 
@@ -613,25 +615,25 @@ describe API::MergeRequests do
              author: user2,
              target_project_id: project.id
 
-        expect(response).to have_http_status(422)
+        expect(response).to have_gitlab_http_status(422)
       end
 
       it "returns 400 when source_branch is missing" do
         post api("/projects/#{fork_project.id}/merge_requests", user2),
         title: 'Test merge_request', target_branch: "master", author: user2, target_project_id: project.id
-        expect(response).to have_http_status(400)
+        expect(response).to have_gitlab_http_status(400)
       end
 
       it "returns 400 when target_branch is missing" do
         post api("/projects/#{fork_project.id}/merge_requests", user2),
         title: 'Test merge_request', target_branch: "master", author: user2, target_project_id: project.id
-        expect(response).to have_http_status(400)
+        expect(response).to have_gitlab_http_status(400)
       end
 
       it "returns 400 when title is missing" do
         post api("/projects/#{fork_project.id}/merge_requests", user2),
         target_branch: 'master', source_branch: 'markdown', author: user2, target_project_id: project.id
-        expect(response).to have_http_status(400)
+        expect(response).to have_gitlab_http_status(400)
       end
 
       context 'when target_branch is specified' do
@@ -642,7 +644,7 @@ describe API::MergeRequests do
                source_branch: 'markdown',
                author: user,
                target_project_id: fork_project.id
-          expect(response).to have_http_status(422)
+          expect(response).to have_gitlab_http_status(422)
         end
 
         it 'returns 422 if targeting a different fork' do
@@ -652,14 +654,14 @@ describe API::MergeRequests do
                source_branch: 'markdown',
                author: user2,
                target_project_id: unrelated_project.id
-          expect(response).to have_http_status(422)
+          expect(response).to have_gitlab_http_status(422)
         end
       end
 
       it "returns 201 when target_branch is specified and for the same project" do
         post api("/projects/#{fork_project.id}/merge_requests", user2),
         title: 'Test merge_request', target_branch: 'master', source_branch: 'markdown', author: user2, target_project_id: fork_project.id
-        expect(response).to have_http_status(201)
+        expect(response).to have_gitlab_http_status(201)
       end
     end
   end
@@ -674,7 +676,7 @@ describe API::MergeRequests do
 
       it "denies the deletion of the merge request" do
         delete api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", developer)
-        expect(response).to have_http_status(403)
+        expect(response).to have_gitlab_http_status(403)
       end
     end
 
@@ -682,19 +684,19 @@ describe API::MergeRequests do
       it "destroys the merge request owners can destroy" do
         delete api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user)
 
-        expect(response).to have_http_status(204)
+        expect(response).to have_gitlab_http_status(204)
       end
 
       it "returns 404 for an invalid merge request IID" do
         delete api("/projects/#{project.id}/merge_requests/12345", user)
 
-        expect(response).to have_http_status(404)
+        expect(response).to have_gitlab_http_status(404)
       end
 
       it "returns 404 if the merge request id is used instead of iid" do
         delete api("/projects/#{project.id}/merge_requests/#{merge_request.id}", user)
 
-        expect(response).to have_http_status(404)
+        expect(response).to have_gitlab_http_status(404)
       end
     end
   end
@@ -705,7 +707,7 @@ describe API::MergeRequests do
     it "returns merge_request in case of success" do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user)
 
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
     end
 
     it "returns 406 if branch can't be merged" do
@@ -714,21 +716,21 @@ describe API::MergeRequests do
 
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user)
 
-      expect(response).to have_http_status(406)
+      expect(response).to have_gitlab_http_status(406)
       expect(json_response['message']).to eq('Branch cannot be merged')
     end
 
     it "returns 405 if merge_request is not open" do
       merge_request.close
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user)
-      expect(response).to have_http_status(405)
+      expect(response).to have_gitlab_http_status(405)
       expect(json_response['message']).to eq('405 Method Not Allowed')
     end
 
     it "returns 405 if merge_request is a work in progress" do
       merge_request.update_attribute(:title, "WIP: #{merge_request.title}")
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user)
-      expect(response).to have_http_status(405)
+      expect(response).to have_gitlab_http_status(405)
       expect(json_response['message']).to eq('405 Method Not Allowed')
     end
 
@@ -737,7 +739,7 @@ describe API::MergeRequests do
 
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user)
 
-      expect(response).to have_http_status(405)
+      expect(response).to have_gitlab_http_status(405)
       expect(json_response['message']).to eq('405 Method Not Allowed')
     end
 
@@ -745,21 +747,21 @@ describe API::MergeRequests do
       user2 = create(:user)
       project.team << [user2, :reporter]
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user2)
-      expect(response).to have_http_status(401)
+      expect(response).to have_gitlab_http_status(401)
       expect(json_response['message']).to eq('401 Unauthorized')
     end
 
     it "returns 409 if the SHA parameter doesn't match" do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user), sha: merge_request.diff_head_sha.reverse
 
-      expect(response).to have_http_status(409)
+      expect(response).to have_gitlab_http_status(409)
       expect(json_response['message']).to start_with('SHA does not match HEAD of source branch')
     end
 
     it "succeeds if the SHA parameter matches" do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user), sha: merge_request.diff_head_sha
 
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
     end
 
     it "enables merge when pipeline succeeds if the pipeline is active" do
@@ -768,7 +770,7 @@ describe API::MergeRequests do
 
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user), merge_when_pipeline_succeeds: true
 
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(json_response['title']).to eq('Test')
       expect(json_response['merge_when_pipeline_succeeds']).to eq(true)
     end
@@ -780,7 +782,7 @@ describe API::MergeRequests do
 
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user), merge_when_pipeline_succeeds: true
 
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(json_response['title']).to eq('Test')
       expect(json_response['merge_when_pipeline_succeeds']).to eq(true)
     end
@@ -788,13 +790,13 @@ describe API::MergeRequests do
     it "returns 404 for an invalid merge request IID" do
       put api("/projects/#{project.id}/merge_requests/12345/merge", user)
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
 
     it "returns 404 if the merge request id is used instead of iid" do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.id}/merge", user)
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
   end
 
@@ -803,39 +805,39 @@ describe API::MergeRequests do
       it "returns merge_request" do
         put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user), state_event: "close"
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
         expect(json_response['state']).to eq('closed')
       end
     end
 
     it "updates title and returns merge_request" do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user), title: "New title"
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(json_response['title']).to eq('New title')
     end
 
     it "updates description and returns merge_request" do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user), description: "New description"
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(json_response['description']).to eq('New description')
     end
 
     it "updates milestone_id and returns merge_request" do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user), milestone_id: milestone.id
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(json_response['milestone']['id']).to eq(milestone.id)
     end
 
     it "returns merge_request with renamed target_branch" do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user), target_branch: "wiki"
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(json_response['target_branch']).to eq('wiki')
     end
 
     it "returns merge_request that removes the source branch" do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user), remove_source_branch: true
 
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(json_response['force_remove_source_branch']).to be_truthy
     end
 
@@ -856,7 +858,7 @@ describe API::MergeRequests do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user), state_event: 'close', title: nil
 
       merge_request.reload
-      expect(response).to have_http_status(400)
+      expect(response).to have_gitlab_http_status(400)
       expect(merge_request.state).to eq('opened')
     end
 
@@ -864,20 +866,20 @@ describe API::MergeRequests do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user), state_event: 'close', target_branch: nil
 
       merge_request.reload
-      expect(response).to have_http_status(400)
+      expect(response).to have_gitlab_http_status(400)
       expect(merge_request.state).to eq('opened')
     end
 
     it "returns 404 for an invalid merge request IID" do
       put api("/projects/#{project.id}/merge_requests/12345", user), state_event: "close"
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
 
     it "returns 404 if the merge request id is used instead of iid" do
       put api("/projects/#{project.id}/merge_requests/#{merge_request.id}", user), state_event: "close"
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
   end
 
@@ -890,7 +892,7 @@ describe API::MergeRequests do
 
       get api("/projects/#{project.id}/merge_requests/#{mr.iid}/closes_issues", user)
 
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(response).to include_pagination_headers
       expect(json_response).to be_an Array
       expect(json_response.length).to eq(1)
@@ -900,7 +902,7 @@ describe API::MergeRequests do
     it 'returns an empty array when there are no issues to be closed' do
       get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/closes_issues", user)
 
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(response).to include_pagination_headers
       expect(json_response).to be_an Array
       expect(json_response.length).to eq(0)
@@ -916,7 +918,7 @@ describe API::MergeRequests do
 
       get api("/projects/#{jira_project.id}/merge_requests/#{merge_request.iid}/closes_issues", user)
 
-      expect(response).to have_http_status(200)
+      expect(response).to have_gitlab_http_status(200)
       expect(response).to include_pagination_headers
       expect(json_response).to be_an Array
       expect(json_response.length).to eq(2)
@@ -936,19 +938,19 @@ describe API::MergeRequests do
 
       get api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/closes_issues", guest)
 
-      expect(response).to have_http_status(403)
+      expect(response).to have_gitlab_http_status(403)
     end
 
     it "returns 404 for an invalid merge request IID" do
       get api("/projects/#{project.id}/merge_requests/12345/closes_issues", user)
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
 
     it "returns 404 if the merge request id is used instead of iid" do
       get api("/projects/#{project.id}/merge_requests/#{merge_request.id}/closes_issues", user)
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
   end
 
@@ -956,26 +958,26 @@ describe API::MergeRequests do
     it 'subscribes to a merge request' do
       post api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/subscribe", admin)
 
-      expect(response).to have_http_status(201)
+      expect(response).to have_gitlab_http_status(201)
       expect(json_response['subscribed']).to eq(true)
     end
 
     it 'returns 304 if already subscribed' do
       post api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/subscribe", user)
 
-      expect(response).to have_http_status(304)
+      expect(response).to have_gitlab_http_status(304)
     end
 
     it 'returns 404 if the merge request is not found' do
       post api("/projects/#{project.id}/merge_requests/123/subscribe", user)
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
 
     it 'returns 404 if the merge request id is used instead of iid' do
       post api("/projects/#{project.id}/merge_requests/#{merge_request.id}/subscribe", user)
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
 
     it 'returns 403 if user has no access to read code' do
@@ -984,7 +986,7 @@ describe API::MergeRequests do
 
       post api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/subscribe", guest)
 
-      expect(response).to have_http_status(403)
+      expect(response).to have_gitlab_http_status(403)
     end
   end
 
@@ -992,26 +994,26 @@ describe API::MergeRequests do
     it 'unsubscribes from a merge request' do
       post api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/unsubscribe", user)
 
-      expect(response).to have_http_status(201)
+      expect(response).to have_gitlab_http_status(201)
       expect(json_response['subscribed']).to eq(false)
     end
 
     it 'returns 304 if not subscribed' do
       post api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/unsubscribe", admin)
 
-      expect(response).to have_http_status(304)
+      expect(response).to have_gitlab_http_status(304)
     end
 
     it 'returns 404 if the merge request is not found' do
       post api("/projects/#{project.id}/merge_requests/123/unsubscribe", user)
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
 
     it 'returns 404 if the merge request id is used instead of iid' do
       post api("/projects/#{project.id}/merge_requests/#{merge_request.id}/unsubscribe", user)
 
-      expect(response).to have_http_status(404)
+      expect(response).to have_gitlab_http_status(404)
     end
 
     it 'returns 403 if user has no access to read code' do
@@ -1020,7 +1022,7 @@ describe API::MergeRequests do
 
       post api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/unsubscribe", guest)
 
-      expect(response).to have_http_status(403)
+      expect(response).to have_gitlab_http_status(403)
     end
   end
 
diff --git a/spec/requests/api/pipeline_schedules_spec.rb b/spec/requests/api/pipeline_schedules_spec.rb
index 9ff2b782b52..1fc0ec528b9 100644
--- a/spec/requests/api/pipeline_schedules_spec.rb
+++ b/spec/requests/api/pipeline_schedules_spec.rb
@@ -53,7 +53,7 @@ describe API::PipelineSchedules do
           it 'returns matched pipeline schedules' do
             get api("/projects/#{project.id}/pipeline_schedules", developer), scope: target
 
-            expect(json_response.map{ |r| r['active'] }).to all(eq(active?(target)))
+            expect(json_response.map { |r| r['active'] }).to all(eq(active?(target)))
           end
         end
 
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index 9baac12821f..a89a58ff713 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -8,8 +8,8 @@ describe API::Projects do
   let(:user2) { create(:user) }
   let(:user3) { create(:user) }
   let(:admin) { create(:admin) }
-  let(:project) { create(:project, creator_id: user.id, namespace: user.namespace) }
-  let(:project2) { create(:project, path: 'project2', creator_id: user.id, namespace: user.namespace) }
+  let(:project) { create(:project, namespace: user.namespace) }
+  let(:project2) { create(:project, path: 'project2', namespace: user.namespace) }
   let(:snippet) { create(:project_snippet, :public, author: user, project: project, title: 'example') }
   let(:project_member) { create(:project_member, :developer, user: user3, project: project) }
   let(:user4) { create(:user) }
@@ -1065,6 +1065,14 @@ describe API::Projects do
         expect(project_fork_target.forked?).to be_truthy
       end
 
+      it 'refreshes the forks count cachce' do
+        expect(project_fork_source.forks_count).to be_zero
+
+        post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
+
+        expect(project_fork_source.forks_count).to eq(1)
+      end
+
       it 'fails if forked_from project which does not exist' do
         post api("/projects/#{project_fork_target.id}/fork/9999", admin)
         expect(response).to have_http_status(404)
diff --git a/spec/requests/api/runner_spec.rb b/spec/requests/api/runner_spec.rb
index edd6516cf34..e9ee3dd679d 100644
--- a/spec/requests/api/runner_spec.rb
+++ b/spec/requests/api/runner_spec.rb
@@ -683,7 +683,7 @@ describe API::Runner do
         end
 
         context 'when job has been updated recently' do
-          it { expect{ patch_the_trace }.not_to change { job.updated_at }}
+          it { expect { patch_the_trace }.not_to change { job.updated_at }}
 
           it "changes the job's trace" do
             patch_the_trace
@@ -692,7 +692,7 @@ describe API::Runner do
           end
 
           context 'when Runner makes a force-patch' do
-            it { expect{ force_patch_the_trace }.not_to change { job.updated_at }}
+            it { expect { force_patch_the_trace }.not_to change { job.updated_at }}
 
             it "doesn't change the build.trace" do
               force_patch_the_trace
diff --git a/spec/requests/api/runners_spec.rb b/spec/requests/api/runners_spec.rb
index 3a95db030d4..c8ff25f70fa 100644
--- a/spec/requests/api/runners_spec.rb
+++ b/spec/requests/api/runners_spec.rb
@@ -36,7 +36,7 @@ describe API::Runners do
       it 'returns user available runners' do
         get api('/runners', user)
 
-        shared = json_response.any?{ |r| r['is_shared'] }
+        shared = json_response.any? { |r| r['is_shared'] }
         expect(response).to have_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
@@ -46,7 +46,7 @@ describe API::Runners do
       it 'filters runners by scope' do
         get api('/runners?scope=active', user)
 
-        shared = json_response.any?{ |r| r['is_shared'] }
+        shared = json_response.any? { |r| r['is_shared'] }
         expect(response).to have_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
@@ -74,7 +74,7 @@ describe API::Runners do
         it 'returns all runners' do
           get api('/runners/all', admin)
 
-          shared = json_response.any?{ |r| r['is_shared'] }
+          shared = json_response.any? { |r| r['is_shared'] }
           expect(response).to have_http_status(200)
           expect(response).to include_pagination_headers
           expect(json_response).to be_an Array
@@ -93,7 +93,7 @@ describe API::Runners do
       it 'filters runners by scope' do
         get api('/runners/all?scope=specific', admin)
 
-        shared = json_response.any?{ |r| r['is_shared'] }
+        shared = json_response.any? { |r| r['is_shared'] }
         expect(response).to have_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
@@ -277,7 +277,7 @@ describe API::Runners do
             delete api("/runners/#{shared_runner.id}", admin)
 
             expect(response).to have_http_status(204)
-          end.to change{ Ci::Runner.shared.count }.by(-1)
+          end.to change { Ci::Runner.shared.count }.by(-1)
         end
       end
 
@@ -287,7 +287,7 @@ describe API::Runners do
             delete api("/runners/#{unused_specific_runner.id}", admin)
 
             expect(response).to have_http_status(204)
-          end.to change{ Ci::Runner.specific.count }.by(-1)
+          end.to change { Ci::Runner.specific.count }.by(-1)
         end
 
         it 'deletes used runner' do
@@ -295,7 +295,7 @@ describe API::Runners do
             delete api("/runners/#{specific_runner.id}", admin)
 
             expect(response).to have_http_status(204)
-          end.to change{ Ci::Runner.specific.count }.by(-1)
+          end.to change { Ci::Runner.specific.count }.by(-1)
         end
       end
 
@@ -330,7 +330,7 @@ describe API::Runners do
             delete api("/runners/#{specific_runner.id}", user)
 
             expect(response).to have_http_status(204)
-          end.to change{ Ci::Runner.specific.count }.by(-1)
+          end.to change { Ci::Runner.specific.count }.by(-1)
         end
       end
     end
@@ -349,7 +349,7 @@ describe API::Runners do
       it "returns project's runners" do
         get api("/projects/#{project.id}/runners", user)
 
-        shared = json_response.any?{ |r| r['is_shared'] }
+        shared = json_response.any? { |r| r['is_shared'] }
         expect(response).to have_http_status(200)
         expect(response).to include_pagination_headers
         expect(json_response).to be_an Array
@@ -385,14 +385,14 @@ describe API::Runners do
       it 'enables specific runner' do
         expect do
           post api("/projects/#{project.id}/runners", user), runner_id: specific_runner2.id
-        end.to change{ project.runners.count }.by(+1)
+        end.to change { project.runners.count }.by(+1)
         expect(response).to have_http_status(201)
       end
 
       it 'avoids changes when enabling already enabled runner' do
         expect do
           post api("/projects/#{project.id}/runners", user), runner_id: specific_runner.id
-        end.to change{ project.runners.count }.by(0)
+        end.to change { project.runners.count }.by(0)
         expect(response).to have_http_status(409)
       end
 
@@ -401,7 +401,7 @@ describe API::Runners do
 
         expect do
           post api("/projects/#{project.id}/runners", user), runner_id: specific_runner2.id
-        end.to change{ project.runners.count }.by(0)
+        end.to change { project.runners.count }.by(0)
 
         expect(response).to have_http_status(403)
       end
@@ -416,7 +416,7 @@ describe API::Runners do
         it 'enables any specific runner' do
           expect do
             post api("/projects/#{project.id}/runners", admin), runner_id: unused_specific_runner.id
-          end.to change{ project.runners.count }.by(+1)
+          end.to change { project.runners.count }.by(+1)
           expect(response).to have_http_status(201)
         end
       end
@@ -461,7 +461,7 @@ describe API::Runners do
             delete api("/projects/#{project.id}/runners/#{two_projects_runner.id}", user)
 
             expect(response).to have_http_status(204)
-          end.to change{ project.runners.count }.by(-1)
+          end.to change { project.runners.count }.by(-1)
         end
       end
 
@@ -469,7 +469,7 @@ describe API::Runners do
         it "does not disable project's runner" do
           expect do
             delete api("/projects/#{project.id}/runners/#{specific_runner.id}", user)
-          end.to change{ project.runners.count }.by(0)
+          end.to change { project.runners.count }.by(0)
           expect(response).to have_http_status(403)
         end
       end
diff --git a/spec/requests/api/settings_spec.rb b/spec/requests/api/settings_spec.rb
index c3ed5cd8ece..97275b80d03 100644
--- a/spec/requests/api/settings_spec.rb
+++ b/spec/requests/api/settings_spec.rb
@@ -43,7 +43,9 @@ describe API::Settings, 'Settings' do
           default_artifacts_expire_in: '2 days',
           help_page_text: 'custom help text',
           help_page_hide_commercial_content: true,
-          help_page_support_url: 'http://example.com/help'
+          help_page_support_url: 'http://example.com/help',
+          project_export_enabled: false
+          
         expect(response).to have_http_status(200)
         expect(json_response['default_projects_limit']).to eq(3)
         expect(json_response['password_authentication_enabled']).to be_falsey
@@ -58,6 +60,7 @@ describe API::Settings, 'Settings' do
         expect(json_response['help_page_text']).to eq('custom help text')
         expect(json_response['help_page_hide_commercial_content']).to be_truthy
         expect(json_response['help_page_support_url']).to eq('http://example.com/help')
+        expect(json_response['project_export_enabled']).to be_falsey
       end
     end
 
diff --git a/spec/requests/api/snippets_spec.rb b/spec/requests/api/snippets_spec.rb
index 373fab4d98a..d09b8bc42f1 100644
--- a/spec/requests/api/snippets_spec.rb
+++ b/spec/requests/api/snippets_spec.rb
@@ -52,10 +52,10 @@ describe API::Snippets do
       expect(json_response.map { |snippet| snippet['id']} ).to contain_exactly(
         public_snippet.id,
         public_snippet_other.id)
-      expect(json_response.map{ |snippet| snippet['web_url']} ).to include(
+      expect(json_response.map { |snippet| snippet['web_url']} ).to include(
         "http://localhost/snippets/#{public_snippet.id}",
         "http://localhost/snippets/#{public_snippet_other.id}")
-      expect(json_response.map{ |snippet| snippet['raw_url']} ).to include(
+      expect(json_response.map { |snippet| snippet['raw_url']} ).to include(
         "http://localhost/snippets/#{public_snippet.id}/raw",
         "http://localhost/snippets/#{public_snippet_other.id}/raw")
     end
diff --git a/spec/requests/api/tags_spec.rb b/spec/requests/api/tags_spec.rb
index ef7d0c3ee41..9884c1ec206 100644
--- a/spec/requests/api/tags_spec.rb
+++ b/spec/requests/api/tags_spec.rb
@@ -1,66 +1,85 @@
 require 'spec_helper'
-require 'mime/types'
 
 describe API::Tags do
-  include RepoHelpers
-
   let(:user) { create(:user) }
-  let(:user2) { create(:user) }
-  let!(:project) { create(:project, :repository, creator: user) }
-  let!(:master) { create(:project_member, :master, user: user, project: project) }
-  let!(:guest) { create(:project_member, :guest, user: user2, project: project) }
+  let(:guest) { create(:user).tap { |u| project.add_guest(u) } }
+  let(:project) { create(:project, :repository, creator: user, path: 'my.project') }
+  let(:tag_name) { project.repository.find_tag('v1.1.0').name }
 
-  describe "GET /projects/:id/repository/tags" do
-    let(:tag_name) { project.repository.tag_names.sort.reverse.first }
-    let(:description) { 'Awesome release!' }
+  let(:project_id) { project.id }
+  let(:current_user) { nil }
+
+  before do
+    project.add_master(user)
+  end
+
+  describe 'GET /projects/:id/repository/tags' do
+    let(:route) { "/projects/#{project_id}/repository/tags" }
 
     shared_examples_for 'repository tags' do
       it 'returns the repository tags' do
-        get api("/projects/#{project.id}/repository/tags", current_user)
+        get api(route, current_user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
+        expect(response).to match_response_schema('public_api/v4/tags')
         expect(response).to include_pagination_headers
-        expect(json_response).to be_an Array
         expect(json_response.first['name']).to eq(tag_name)
       end
-    end
 
-    context 'when unauthenticated' do
-      it_behaves_like 'repository tags' do
-        let(:project) { create(:project, :public, :repository) }
-        let(:current_user) { nil }
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
+
+        it_behaves_like '403 response' do
+          let(:request) { get api(route, current_user) }
+        end
       end
     end
 
-    context 'when authenticated' do
-      it_behaves_like 'repository tags' do
-        let(:current_user) { user }
+    context 'when unauthenticated', 'and project is public' do
+      let(:project) { create(:project, :public, :repository) }
+
+      it_behaves_like 'repository tags'
+    end
+
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { get api(route) }
+        let(:message) { '404 Project Not Found' }
       end
     end
 
-    context 'without releases' do
-      it "returns an array of project tags" do
-        get api("/projects/#{project.id}/repository/tags", user)
+    context 'when authenticated', 'as a master' do
+      let(:current_user) { user }
 
-        expect(response).to have_http_status(200)
-        expect(response).to include_pagination_headers
-        expect(json_response).to be_an Array
-        expect(json_response.first['name']).to eq(tag_name)
+      it_behaves_like 'repository tags'
+
+      context 'requesting with the escaped project full path' do
+        let(:project_id) { CGI.escape(project.full_path) }
+
+        it_behaves_like 'repository tags'
+      end
+    end
+
+    context 'when authenticated', 'as a guest' do
+      it_behaves_like '403 response' do
+        let(:request) { get api(route, guest) }
       end
     end
 
     context 'with releases' do
+      let(:description) { 'Awesome release!' }
+
       before do
         release = project.releases.find_or_initialize_by(tag: tag_name)
         release.update_attributes(description: description)
       end
 
-      it "returns an array of project tags with release info" do
-        get api("/projects/#{project.id}/repository/tags", user)
+      it 'returns an array of project tags with release info' do
+        get api(route, user)
 
-        expect(response).to have_http_status(200)
+        expect(response).to have_gitlab_http_status(200)
+        expect(response).to match_response_schema('public_api/v4/tags')
         expect(response).to include_pagination_headers
-        expect(json_response).to be_an Array
         expect(json_response.first['name']).to eq(tag_name)
         expect(json_response.first['message']).to eq('Version 1.1.0')
         expect(json_response.first['release']['description']).to eq(description)
@@ -69,210 +88,342 @@ describe API::Tags do
   end
 
   describe 'GET /projects/:id/repository/tags/:tag_name' do
-    let(:tag_name) { project.repository.tag_names.sort.reverse.first }
+    let(:route) { "/projects/#{project_id}/repository/tags/#{tag_name}" }
 
     shared_examples_for 'repository tag' do
-      it 'returns the repository tag' do
-        get api("/projects/#{project.id}/repository/tags/#{tag_name}", current_user)
-
-        expect(response).to have_http_status(200)
+      it 'returns the repository branch' do
+        get api(route, current_user)
 
+        expect(response).to have_gitlab_http_status(200)
+        expect(response).to match_response_schema('public_api/v4/tag')
         expect(json_response['name']).to eq(tag_name)
       end
 
-      it 'returns 404 for an invalid tag name' do
-        get api("/projects/#{project.id}/repository/tags/foobar", current_user)
+      context 'when tag does not exist' do
+        let(:tag_name) { 'unknown' }
 
-        expect(response).to have_http_status(404)
+        it_behaves_like '404 response' do
+          let(:request) { get api(route, current_user) }
+          let(:message) { '404 Tag Not Found' }
+        end
+      end
+
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
+
+        it_behaves_like '403 response' do
+          let(:request) { get api(route, current_user) }
+        end
       end
     end
 
-    context 'when unauthenticated' do
-      it_behaves_like 'repository tag' do
-        let(:project) { create(:project, :public, :repository) }
-        let(:current_user) { nil }
+    context 'when unauthenticated', 'and project is public' do
+      let(:project) { create(:project, :public, :repository) }
+
+      it_behaves_like 'repository tag'
+    end
+
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { get api(route) }
+        let(:message) { '404 Project Not Found' }
       end
     end
 
-    context 'when authenticated' do
-      it_behaves_like 'repository tag' do
-        let(:current_user) { user }
+    context 'when authenticated', 'as a master' do
+      let(:current_user) { user }
+
+      it_behaves_like 'repository tag'
+
+      context 'requesting with the escaped project full path' do
+        let(:project_id) { CGI.escape(project.full_path) }
+
+        it_behaves_like 'repository tag'
+      end
+    end
+
+    context 'when authenticated', 'as a guest' do
+      it_behaves_like '403 response' do
+        let(:request) { get api(route, guest) }
       end
     end
   end
 
   describe 'POST /projects/:id/repository/tags' do
-    context 'lightweight tags' do
+    let(:tag_name) { 'new_tag' }
+    let(:route) { "/projects/#{project_id}/repository/tags" }
+
+    shared_examples_for 'repository new tag' do
       it 'creates a new tag' do
-        post api("/projects/#{project.id}/repository/tags", user),
-             tag_name: 'v7.0.1',
-             ref: 'master'
+        post api(route, current_user), tag_name: tag_name, ref: 'master'
 
-        expect(response).to have_http_status(201)
-        expect(json_response['name']).to eq('v7.0.1')
+        expect(response).to have_gitlab_http_status(201)
+        expect(response).to match_response_schema('public_api/v4/tag')
+        expect(json_response['name']).to eq(tag_name)
       end
-    end
 
-    context 'lightweight tags with release notes' do
-      it 'creates a new tag' do
-        post api("/projects/#{project.id}/repository/tags", user),
-             tag_name: 'v7.0.1',
-             ref: 'master',
-             release_description: 'Wow'
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
 
-        expect(response).to have_http_status(201)
-        expect(json_response['name']).to eq('v7.0.1')
-        expect(json_response['release']['description']).to eq('Wow')
+        it_behaves_like '403 response' do
+          let(:request) { post api(route, current_user) }
+        end
       end
     end
 
-    describe 'DELETE /projects/:id/repository/tags/:tag_name' do
-      let(:tag_name) { project.repository.tag_names.sort.reverse.first }
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { post api(route) }
+        let(:message) { '404 Project Not Found' }
+      end
+    end
 
-      before do
-        allow_any_instance_of(Repository).to receive(:rm_tag).and_return(true)
+    context 'when authenticated', 'as a guest' do
+      it_behaves_like '403 response' do
+        let(:request) { post api(route, guest) }
       end
+    end
+
+    context 'when authenticated', 'as a master' do
+      let(:current_user) { user }
+
+      context "when a protected branch doesn't already exist" do
+        it_behaves_like 'repository new tag'
 
-      context 'delete tag' do
-        it 'deletes an existing tag' do
-          delete api("/projects/#{project.id}/repository/tags/#{tag_name}", user)
+        context 'when tag contains a dot' do
+          let(:tag_name) { 'v7.0.1' }
 
-          expect(response).to have_http_status(204)
+          it_behaves_like 'repository new tag'
         end
 
-        it 'raises 404 if the tag does not exist' do
-          delete api("/projects/#{project.id}/repository/tags/foobar", user)
-          expect(response).to have_http_status(404)
+        context 'requesting with the escaped project full path' do
+          let(:project_id) { CGI.escape(project.full_path) }
+
+          it_behaves_like 'repository new tag'
+
+          context 'when tag contains a dot' do
+            let(:tag_name) { 'v7.0.1' }
+
+            it_behaves_like 'repository new tag'
+          end
         end
       end
-    end
 
-    context 'annotated tag' do
-      it 'creates a new annotated tag' do
-        # Identity must be set in .gitconfig to create annotated tag.
-        repo_path = project.repository.path_to_repo
-        system(*%W(#{Gitlab.config.git.bin_path} --git-dir=#{repo_path} config user.name #{user.name}))
-        system(*%W(#{Gitlab.config.git.bin_path} --git-dir=#{repo_path} config user.email #{user.email}))
+      it 'returns 400 if tag name is invalid' do
+        post api(route, current_user), tag_name: 'new design', ref: 'master'
+
+        expect(response).to have_gitlab_http_status(400)
+        expect(json_response['message']).to eq('Tag name invalid')
+      end
+
+      it 'returns 400 if tag already exists' do
+        post api(route, current_user), tag_name: 'new_design1', ref: 'master'
 
-        post api("/projects/#{project.id}/repository/tags", user),
-             tag_name: 'v7.1.0',
-             ref: 'master',
-             message: 'Release 7.1.0'
+        expect(response).to have_gitlab_http_status(201)
+        expect(response).to match_response_schema('public_api/v4/tag')
 
-        expect(response).to have_http_status(201)
-        expect(json_response['name']).to eq('v7.1.0')
-        expect(json_response['message']).to eq('Release 7.1.0')
+        post api(route, current_user), tag_name: 'new_design1', ref: 'master'
+
+        expect(response).to have_gitlab_http_status(400)
+        expect(json_response['message']).to eq('Tag new_design1 already exists')
       end
-    end
 
-    it 'denies for user without push access' do
-      post api("/projects/#{project.id}/repository/tags", user2),
-           tag_name: 'v1.9.0',
-           ref: '621491c677087aa243f165eab467bfdfbee00be1'
-      expect(response).to have_http_status(403)
+      it 'returns 400 if ref name is invalid' do
+        post api(route, current_user), tag_name: 'new_design3', ref: 'foo'
+
+        expect(response).to have_gitlab_http_status(400)
+        expect(json_response['message']).to eq('Target foo is invalid')
+      end
+
+      context 'lightweight tags with release notes' do
+        it 'creates a new tag' do
+          post api(route, current_user), tag_name: tag_name, ref: 'master', release_description: 'Wow'
+
+          expect(response).to have_gitlab_http_status(201)
+          expect(response).to match_response_schema('public_api/v4/tag')
+          expect(json_response['name']).to eq(tag_name)
+          expect(json_response['release']['description']).to eq('Wow')
+        end
+      end
+
+      context 'annotated tag' do
+        it 'creates a new annotated tag' do
+          # Identity must be set in .gitconfig to create annotated tag.
+          repo_path = project.repository.path_to_repo
+          system(*%W(#{Gitlab.config.git.bin_path} --git-dir=#{repo_path} config user.name #{user.name}))
+          system(*%W(#{Gitlab.config.git.bin_path} --git-dir=#{repo_path} config user.email #{user.email}))
+
+          post api(route, current_user), tag_name: 'v7.1.0', ref: 'master', message: 'Release 7.1.0'
+
+          expect(response).to have_gitlab_http_status(201)
+          expect(response).to match_response_schema('public_api/v4/tag')
+          expect(json_response['name']).to eq('v7.1.0')
+          expect(json_response['message']).to eq('Release 7.1.0')
+        end
+      end
     end
+  end
+
+  describe 'DELETE /projects/:id/repository/tags/:tag_name' do
+    let(:route) { "/projects/#{project_id}/repository/tags/#{tag_name}" }
 
-    it 'returns 400 if tag name is invalid' do
-      post api("/projects/#{project.id}/repository/tags", user),
-           tag_name: 'v 1.0.0',
-           ref: 'master'
-      expect(response).to have_http_status(400)
-      expect(json_response['message']).to eq('Tag name invalid')
+    before do
+      allow_any_instance_of(Repository).to receive(:rm_tag).and_return(true)
     end
 
-    it 'returns 400 if tag already exists' do
-      post api("/projects/#{project.id}/repository/tags", user),
-           tag_name: 'v8.0.0',
-           ref: 'master'
-      expect(response).to have_http_status(201)
-      post api("/projects/#{project.id}/repository/tags", user),
-           tag_name: 'v8.0.0',
-           ref: 'master'
-      expect(response).to have_http_status(400)
-      expect(json_response['message']).to eq('Tag v8.0.0 already exists')
+    shared_examples_for 'repository delete tag' do
+      it 'deletes a tag' do
+        delete api(route, current_user)
+
+        expect(response).to have_gitlab_http_status(204)
+      end
+
+      context 'when tag does not exist' do
+        let(:tag_name) { 'unknown' }
+
+        it_behaves_like '404 response' do
+          let(:request) { delete api(route, current_user) }
+          let(:message) { 'No such tag' }
+        end
+      end
+
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
+
+        it_behaves_like '403 response' do
+          let(:request) { delete api(route, current_user) }
+        end
+      end
     end
 
-    it 'returns 400 if ref name is invalid' do
-      post api("/projects/#{project.id}/repository/tags", user),
-           tag_name: 'mytag',
-           ref: 'foo'
-      expect(response).to have_http_status(400)
-      expect(json_response['message']).to eq('Target foo is invalid')
+    context 'when authenticated', 'as a master' do
+      let(:current_user) { user }
+
+      it_behaves_like 'repository delete tag'
+
+      context 'requesting with the escaped project full path' do
+        let(:project_id) { CGI.escape(project.full_path) }
+
+        it_behaves_like 'repository delete tag'
+      end
     end
   end
 
   describe 'POST /projects/:id/repository/tags/:tag_name/release' do
-    let(:tag_name) { project.repository.tag_names.first }
+    let(:route) { "/projects/#{project_id}/repository/tags/#{tag_name}/release" }
     let(:description) { 'Awesome release!' }
 
-    it 'creates description for existing git tag' do
-      post api("/projects/#{project.id}/repository/tags/#{tag_name}/release", user),
-        description: description
+    shared_examples_for 'repository new release' do
+      it 'creates description for existing git tag' do
+        post api(route, user), description: description
 
-      expect(response).to have_http_status(201)
-      expect(json_response['tag_name']).to eq(tag_name)
-      expect(json_response['description']).to eq(description)
-    end
+        expect(response).to have_gitlab_http_status(201)
+        expect(response).to match_response_schema('public_api/v4/release')
+        expect(json_response['tag_name']).to eq(tag_name)
+        expect(json_response['description']).to eq(description)
+      end
+
+      context 'when tag does not exist' do
+        let(:tag_name) { 'unknown' }
+
+        it_behaves_like '404 response' do
+          let(:request) { post api(route, current_user), description: description }
+          let(:message) { 'Tag does not exist' }
+        end
+      end
 
-    it 'returns 404 if the tag does not exist' do
-      post api("/projects/#{project.id}/repository/tags/foobar/release", user),
-        description: description
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
 
-      expect(response).to have_http_status(404)
-      expect(json_response['message']).to eq('Tag does not exist')
+        it_behaves_like '403 response' do
+          let(:request) { post api(route, current_user), description: description }
+        end
+      end
     end
 
-    context 'on tag with existing release' do
-      before do
-        release = project.releases.find_or_initialize_by(tag: tag_name)
-        release.update_attributes(description: description)
+    context 'when authenticated', 'as a master' do
+      let(:current_user) { user }
+
+      it_behaves_like 'repository new release'
+
+      context 'requesting with the escaped project full path' do
+        let(:project_id) { CGI.escape(project.full_path) }
+
+        it_behaves_like 'repository new release'
       end
 
-      it 'returns 409 if there is already a release' do
-        post api("/projects/#{project.id}/repository/tags/#{tag_name}/release", user),
-          description: description
+      context 'on tag with existing release' do
+        before do
+          release = project.releases.find_or_initialize_by(tag: tag_name)
+          release.update_attributes(description: description)
+        end
+
+        it 'returns 409 if there is already a release' do
+          post api(route, user), description: description
 
-        expect(response).to have_http_status(409)
-        expect(json_response['message']).to eq('Release already exists')
+          expect(response).to have_gitlab_http_status(409)
+          expect(json_response['message']).to eq('Release already exists')
+        end
       end
     end
   end
 
   describe 'PUT id/repository/tags/:tag_name/release' do
-    let(:tag_name) { project.repository.tag_names.first }
+    let(:route) { "/projects/#{project_id}/repository/tags/#{tag_name}/release" }
     let(:description) { 'Awesome release!' }
     let(:new_description) { 'The best release!' }
 
-    context 'on tag with existing release' do
-      before do
-        release = project.releases.find_or_initialize_by(tag: tag_name)
-        release.update_attributes(description: description)
+    shared_examples_for 'repository update release' do
+      context 'on tag with existing release' do
+        before do
+          release = project.releases.find_or_initialize_by(tag: tag_name)
+          release.update_attributes(description: description)
+        end
+
+        it 'updates the release description' do
+          put api(route, current_user), description: new_description
+
+          expect(response).to have_gitlab_http_status(200)
+          expect(json_response['tag_name']).to eq(tag_name)
+          expect(json_response['description']).to eq(new_description)
+        end
       end
 
-      it 'updates the release description' do
-        put api("/projects/#{project.id}/repository/tags/#{tag_name}/release", user),
-          description: new_description
+      context 'when tag does not exist' do
+        let(:tag_name) { 'unknown' }
 
-        expect(response).to have_http_status(200)
-        expect(json_response['tag_name']).to eq(tag_name)
-        expect(json_response['description']).to eq(new_description)
+        it_behaves_like '404 response' do
+          let(:request) { put api(route, current_user), description: new_description }
+          let(:message) { 'Tag does not exist' }
+        end
       end
-    end
 
-    it 'returns 404 if the tag does not exist' do
-      put api("/projects/#{project.id}/repository/tags/foobar/release", user),
-        description: new_description
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
 
-      expect(response).to have_http_status(404)
-      expect(json_response['message']).to eq('Tag does not exist')
+        it_behaves_like '403 response' do
+          let(:request) { put api(route, current_user), description: new_description }
+        end
+      end
     end
 
-    it 'returns 404 if the release does not exist' do
-      put api("/projects/#{project.id}/repository/tags/#{tag_name}/release", user),
-        description: new_description
+    context 'when authenticated', 'as a master' do
+      let(:current_user) { user }
+
+      it_behaves_like 'repository update release'
 
-      expect(response).to have_http_status(404)
-      expect(json_response['message']).to eq('Release does not exist')
+      context 'requesting with the escaped project full path' do
+        let(:project_id) { CGI.escape(project.full_path) }
+
+        it_behaves_like 'repository update release'
+      end
+
+      context 'when release does not exist' do
+        it_behaves_like '404 response' do
+          let(:request) { put api(route, current_user), description: new_description }
+          let(:message) { 'Release does not exist' }
+        end
+      end
     end
   end
 end
diff --git a/spec/requests/api/triggers_spec.rb b/spec/requests/api/triggers_spec.rb
index d5c53b703dd..572e9a0fd07 100644
--- a/spec/requests/api/triggers_spec.rb
+++ b/spec/requests/api/triggers_spec.rb
@@ -185,7 +185,7 @@ describe API::Triggers do
           expect do
             post api("/projects/#{project.id}/triggers", user),
               description: 'trigger'
-          end.to change{project.triggers.count}.by(1)
+          end.to change {project.triggers.count}.by(1)
 
           expect(response).to have_http_status(201)
           expect(json_response).to include('description' => 'trigger')
@@ -288,7 +288,7 @@ describe API::Triggers do
           delete api("/projects/#{project.id}/triggers/#{trigger.id}", user)
 
           expect(response).to have_http_status(204)
-        end.to change{project.triggers.count}.by(-1)
+        end.to change {project.triggers.count}.by(-1)
       end
 
       it 'responds with 404 Not Found if requesting non-existing trigger' do
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb
index 2dc7be22f8f..49739a1601a 100644
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -217,9 +217,19 @@ describe API::Users do
     it "does not return the user's `is_admin` flag" do
       get api("/users/#{user.id}", user)
 
+      expect(response).to have_http_status(200)
       expect(json_response['is_admin']).to be_nil
     end
 
+    context 'when authenticated as admin' do
+      it 'includes the `is_admin` field' do
+        get api("/users/#{user.id}", admin)
+
+        expect(response).to have_http_status(200)
+        expect(json_response['is_admin']).to be(false)
+      end
+    end
+
     context 'for an anonymous user' do
       it "returns a user by id" do
         get api("/users/#{user.id}")
diff --git a/spec/requests/api/v3/deploy_keys_spec.rb b/spec/requests/api/v3/deploy_keys_spec.rb
index 13a62423b1d..2affd0cfa51 100644
--- a/spec/requests/api/v3/deploy_keys_spec.rb
+++ b/spec/requests/api/v3/deploy_keys_spec.rb
@@ -87,7 +87,7 @@ describe API::V3::DeployKeys do
 
         expect do
           post v3_api("/projects/#{project.id}/#{path}", admin), key_attrs
-        end.to change{ project.deploy_keys.count }.by(1)
+        end.to change { project.deploy_keys.count }.by(1)
       end
 
       it 'returns an existing ssh key when attempting to add a duplicate' do
@@ -122,7 +122,7 @@ describe API::V3::DeployKeys do
       it 'should delete existing key' do
         expect do
           delete v3_api("/projects/#{project.id}/#{path}/#{deploy_key.id}", admin)
-        end.to change{ project.deploy_keys.count }.by(-1)
+        end.to change { project.deploy_keys.count }.by(-1)
       end
 
       it 'should return 404 Not Found with invalid ID' do
diff --git a/spec/requests/api/v3/groups_spec.rb b/spec/requests/api/v3/groups_spec.rb
index 10756e494c3..778fcc73c30 100644
--- a/spec/requests/api/v3/groups_spec.rb
+++ b/spec/requests/api/v3/groups_spec.rb
@@ -504,7 +504,7 @@ describe API::V3::Groups do
     let(:project) { create(:project) }
     let(:project_path) { CGI.escape(project.full_path) }
 
-    before(:each) do
+    before do
       allow_any_instance_of(Projects::TransferService)
         .to receive(:execute).and_return(true)
     end
diff --git a/spec/requests/api/v3/merge_requests_spec.rb b/spec/requests/api/v3/merge_requests_spec.rb
index ef7516fc28f..86f38dd4ec1 100644
--- a/spec/requests/api/v3/merge_requests_spec.rb
+++ b/spec/requests/api/v3/merge_requests_spec.rb
@@ -90,7 +90,7 @@ describe API::MergeRequests do
           expect(response).to have_http_status(200)
           expect(json_response).to be_an Array
           expect(json_response.length).to eq(3)
-          response_dates = json_response.map{ |merge_request| merge_request['created_at'] }
+          response_dates = json_response.map { |merge_request| merge_request['created_at'] }
           expect(response_dates).to eq(response_dates.sort)
         end
 
@@ -99,7 +99,7 @@ describe API::MergeRequests do
           expect(response).to have_http_status(200)
           expect(json_response).to be_an Array
           expect(json_response.length).to eq(3)
-          response_dates = json_response.map{ |merge_request| merge_request['created_at'] }
+          response_dates = json_response.map { |merge_request| merge_request['created_at'] }
           expect(response_dates).to eq(response_dates.sort.reverse)
         end
 
@@ -108,7 +108,7 @@ describe API::MergeRequests do
           expect(response).to have_http_status(200)
           expect(json_response).to be_an Array
           expect(json_response.length).to eq(3)
-          response_dates = json_response.map{ |merge_request| merge_request['updated_at'] }
+          response_dates = json_response.map { |merge_request| merge_request['updated_at'] }
           expect(response_dates).to eq(response_dates.sort.reverse)
         end
 
@@ -117,7 +117,7 @@ describe API::MergeRequests do
           expect(response).to have_http_status(200)
           expect(json_response).to be_an Array
           expect(json_response.length).to eq(3)
-          response_dates = json_response.map{ |merge_request| merge_request['created_at'] }
+          response_dates = json_response.map { |merge_request| merge_request['created_at'] }
           expect(response_dates).to eq(response_dates.sort)
         end
       end
@@ -315,15 +315,17 @@ describe API::MergeRequests do
       let!(:fork_project) { create(:project, forked_from_project: project,  namespace: user2.namespace, creator_id: user2.id) }
       let!(:unrelated_project) { create(:project,  namespace: create(:user).namespace, creator_id: user2.id) }
 
-      before :each do |each|
-        fork_project.team << [user2, :reporter]
+      before do
+        fork_project.add_reporter(user2)
+
+        allow_any_instance_of(MergeRequest).to receive(:write_ref)
       end
 
       it "returns merge_request" do
         post v3_api("/projects/#{fork_project.id}/merge_requests", user2),
           title: 'Test merge_request', source_branch: "feature_conflict", target_branch: "master",
           author: user2, target_project_id: project.id, description: 'Test description for Test merge_request'
-        expect(response).to have_http_status(201)
+        expect(response).to have_gitlab_http_status(201)
         expect(json_response['title']).to eq('Test merge_request')
         expect(json_response['description']).to eq('Test description for Test merge_request')
       end
@@ -334,7 +336,7 @@ describe API::MergeRequests do
         expect(fork_project.forked_from_project).to eq(project)
         post v3_api("/projects/#{fork_project.id}/merge_requests", user2),
         title: 'Test merge_request', source_branch: "master", target_branch: "master", author: user2, target_project_id: project.id
-        expect(response).to have_http_status(201)
+        expect(response).to have_gitlab_http_status(201)
         expect(json_response['title']).to eq('Test merge_request')
       end
 
@@ -348,25 +350,25 @@ describe API::MergeRequests do
              author: user2,
              target_project_id: project.id
 
-        expect(response).to have_http_status(422)
+        expect(response).to have_gitlab_http_status(422)
       end
 
       it "returns 400 when source_branch is missing" do
         post v3_api("/projects/#{fork_project.id}/merge_requests", user2),
         title: 'Test merge_request', target_branch: "master", author: user2, target_project_id: project.id
-        expect(response).to have_http_status(400)
+        expect(response).to have_gitlab_http_status(400)
       end
 
       it "returns 400 when target_branch is missing" do
         post v3_api("/projects/#{fork_project.id}/merge_requests", user2),
         title: 'Test merge_request', target_branch: "master", author: user2, target_project_id: project.id
-        expect(response).to have_http_status(400)
+        expect(response).to have_gitlab_http_status(400)
       end
 
       it "returns 400 when title is missing" do
         post v3_api("/projects/#{fork_project.id}/merge_requests", user2),
         target_branch: 'master', source_branch: 'markdown', author: user2, target_project_id: project.id
-        expect(response).to have_http_status(400)
+        expect(response).to have_gitlab_http_status(400)
       end
 
       context 'when target_branch is specified' do
@@ -377,7 +379,7 @@ describe API::MergeRequests do
                source_branch: 'markdown',
                author: user,
                target_project_id: fork_project.id
-          expect(response).to have_http_status(422)
+          expect(response).to have_gitlab_http_status(422)
         end
 
         it 'returns 422 if targeting a different fork' do
@@ -387,14 +389,14 @@ describe API::MergeRequests do
                source_branch: 'markdown',
                author: user2,
                target_project_id: unrelated_project.id
-          expect(response).to have_http_status(422)
+          expect(response).to have_gitlab_http_status(422)
         end
       end
 
       it "returns 201 when target_branch is specified and for the same project" do
         post v3_api("/projects/#{fork_project.id}/merge_requests", user2),
         title: 'Test merge_request', target_branch: 'master', source_branch: 'markdown', author: user2, target_project_id: fork_project.id
-        expect(response).to have_http_status(201)
+        expect(response).to have_gitlab_http_status(201)
       end
     end
   end
diff --git a/spec/requests/api/v3/project_snippets_spec.rb b/spec/requests/api/v3/project_snippets_spec.rb
index 758fb482374..3963924a066 100644
--- a/spec/requests/api/v3/project_snippets_spec.rb
+++ b/spec/requests/api/v3/project_snippets_spec.rb
@@ -30,7 +30,7 @@ describe API::ProjectSnippets do
 
       expect(response).to have_http_status(200)
       expect(json_response.size).to eq(3)
-      expect(json_response.map{ |snippet| snippet['id']} ).to include(public_snippet.id, internal_snippet.id, private_snippet.id)
+      expect(json_response.map { |snippet| snippet['id']} ).to include(public_snippet.id, internal_snippet.id, private_snippet.id)
       expect(json_response.last).to have_key('web_url')
     end
 
diff --git a/spec/requests/api/v3/projects_spec.rb b/spec/requests/api/v3/projects_spec.rb
index fca5b5b5d82..a514166274a 100644
--- a/spec/requests/api/v3/projects_spec.rb
+++ b/spec/requests/api/v3/projects_spec.rb
@@ -1004,6 +1004,14 @@ describe API::V3::Projects do
         expect(project_fork_target.forked?).to be_truthy
       end
 
+      it 'refreshes the forks count cachce' do
+        expect(project_fork_source.forks_count).to be_zero
+
+        post v3_api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
+
+        expect(project_fork_source.forks_count).to eq(1)
+      end
+
       it 'fails if forked_from project which does not exist' do
         post v3_api("/projects/#{project_fork_target.id}/fork/9999", admin)
         expect(response).to have_http_status(404)
diff --git a/spec/requests/api/v3/runners_spec.rb b/spec/requests/api/v3/runners_spec.rb
index 78660afd840..a31eb3f1d43 100644
--- a/spec/requests/api/v3/runners_spec.rb
+++ b/spec/requests/api/v3/runners_spec.rb
@@ -38,7 +38,7 @@ describe API::V3::Runners do
             delete v3_api("/runners/#{shared_runner.id}", admin)
 
             expect(response).to have_http_status(200)
-          end.to change{ Ci::Runner.shared.count }.by(-1)
+          end.to change { Ci::Runner.shared.count }.by(-1)
         end
       end
 
@@ -48,7 +48,7 @@ describe API::V3::Runners do
             delete v3_api("/runners/#{unused_specific_runner.id}", admin)
 
             expect(response).to have_http_status(200)
-          end.to change{ Ci::Runner.specific.count }.by(-1)
+          end.to change { Ci::Runner.specific.count }.by(-1)
         end
 
         it 'deletes used runner' do
@@ -56,7 +56,7 @@ describe API::V3::Runners do
             delete v3_api("/runners/#{specific_runner.id}", admin)
 
             expect(response).to have_http_status(200)
-          end.to change{ Ci::Runner.specific.count }.by(-1)
+          end.to change { Ci::Runner.specific.count }.by(-1)
         end
       end
 
@@ -91,7 +91,7 @@ describe API::V3::Runners do
             delete v3_api("/runners/#{specific_runner.id}", user)
 
             expect(response).to have_http_status(200)
-          end.to change{ Ci::Runner.specific.count }.by(-1)
+          end.to change { Ci::Runner.specific.count }.by(-1)
         end
       end
     end
@@ -113,7 +113,7 @@ describe API::V3::Runners do
             delete v3_api("/projects/#{project.id}/runners/#{two_projects_runner.id}", user)
 
             expect(response).to have_http_status(200)
-          end.to change{ project.runners.count }.by(-1)
+          end.to change { project.runners.count }.by(-1)
         end
       end
 
@@ -121,7 +121,7 @@ describe API::V3::Runners do
         it "does not disable project's runner" do
           expect do
             delete v3_api("/projects/#{project.id}/runners/#{specific_runner.id}", user)
-          end.to change{ project.runners.count }.by(0)
+          end.to change { project.runners.count }.by(0)
           expect(response).to have_http_status(403)
         end
       end
diff --git a/spec/requests/api/v3/snippets_spec.rb b/spec/requests/api/v3/snippets_spec.rb
index 1bc2258ebd3..9ead3cad8bb 100644
--- a/spec/requests/api/v3/snippets_spec.rb
+++ b/spec/requests/api/v3/snippets_spec.rb
@@ -45,10 +45,10 @@ describe API::V3::Snippets do
       expect(json_response.map { |snippet| snippet['id']} ).to contain_exactly(
         public_snippet.id,
         public_snippet_other.id)
-      expect(json_response.map{ |snippet| snippet['web_url']} ).to include(
+      expect(json_response.map { |snippet| snippet['web_url']} ).to include(
         "http://localhost/snippets/#{public_snippet.id}",
         "http://localhost/snippets/#{public_snippet_other.id}")
-      expect(json_response.map{ |snippet| snippet['raw_url']} ).to include(
+      expect(json_response.map { |snippet| snippet['raw_url']} ).to include(
         "http://localhost/snippets/#{public_snippet.id}/raw",
         "http://localhost/snippets/#{public_snippet_other.id}/raw")
     end
diff --git a/spec/requests/api/v3/triggers_spec.rb b/spec/requests/api/v3/triggers_spec.rb
index 60212660fb6..075de2c0cba 100644
--- a/spec/requests/api/v3/triggers_spec.rb
+++ b/spec/requests/api/v3/triggers_spec.rb
@@ -171,7 +171,7 @@ describe API::V3::Triggers do
       it 'creates trigger' do
         expect do
           post v3_api("/projects/#{project.id}/triggers", user)
-        end.to change{project.triggers.count}.by(1)
+        end.to change {project.triggers.count}.by(1)
 
         expect(response).to have_http_status(201)
         expect(json_response).to be_a(Hash)
@@ -202,7 +202,7 @@ describe API::V3::Triggers do
           delete v3_api("/projects/#{project.id}/triggers/#{trigger.token}", user)
 
           expect(response).to have_http_status(200)
-        end.to change{project.triggers.count}.by(-1)
+        end.to change {project.triggers.count}.by(-1)
       end
 
       it 'responds with 404 Not Found if requesting non-existing trigger' do
diff --git a/spec/requests/api/v3/users_spec.rb b/spec/requests/api/v3/users_spec.rb
index bc0a4ab20a3..227b8d1b0c1 100644
--- a/spec/requests/api/v3/users_spec.rb
+++ b/spec/requests/api/v3/users_spec.rb
@@ -252,6 +252,31 @@ describe API::V3::Users do
     end
 
     context "as a user than can see the event's project" do
+      context 'when the list of events includes push events' do
+        let(:event) { create(:push_event, author: user, project: project) }
+        let!(:payload) { create(:push_event_payload, event: event) }
+        let(:payload_hash) { json_response[0]['push_data'] }
+
+        before do
+          get api("/users/#{user.id}/events?action=pushed", user)
+        end
+
+        it 'responds with HTTP 200 OK' do
+          expect(response).to have_http_status(200)
+        end
+
+        it 'includes the push payload as a Hash' do
+          expect(payload_hash).to be_an_instance_of(Hash)
+        end
+
+        it 'includes the push payload details' do
+          expect(payload_hash['commit_count']).to eq(payload.commit_count)
+          expect(payload_hash['action']).to eq(payload.action)
+          expect(payload_hash['ref_type']).to eq(payload.ref_type)
+          expect(payload_hash['commit_to']).to eq(payload.commit_to)
+        end
+      end
+
       context 'joined event' do
         it 'returns the "joined" event' do
           get v3_api("/users/#{user.id}/events", user)
diff --git a/spec/requests/api/variables_spec.rb b/spec/requests/api/variables_spec.rb
index 098a0d8ca7d..48592e12822 100644
--- a/spec/requests/api/variables_spec.rb
+++ b/spec/requests/api/variables_spec.rb
@@ -74,7 +74,7 @@ describe API::Variables do
       it 'creates variable' do
         expect do
           post api("/projects/#{project.id}/variables", user), key: 'TEST_VARIABLE_2', value: 'VALUE_2', protected: true
-        end.to change{project.variables.count}.by(1)
+        end.to change {project.variables.count}.by(1)
 
         expect(response).to have_http_status(201)
         expect(json_response['key']).to eq('TEST_VARIABLE_2')
@@ -85,7 +85,7 @@ describe API::Variables do
       it 'creates variable with optional attributes' do
         expect do
           post api("/projects/#{project.id}/variables", user), key: 'TEST_VARIABLE_2', value: 'VALUE_2'
-        end.to change{project.variables.count}.by(1)
+        end.to change {project.variables.count}.by(1)
 
         expect(response).to have_http_status(201)
         expect(json_response['key']).to eq('TEST_VARIABLE_2')
@@ -96,7 +96,7 @@ describe API::Variables do
       it 'does not allow to duplicate variable key' do
         expect do
           post api("/projects/#{project.id}/variables", user), key: variable.key, value: 'VALUE_2'
-        end.to change{project.variables.count}.by(0)
+        end.to change {project.variables.count}.by(0)
 
         expect(response).to have_http_status(400)
       end
@@ -166,7 +166,7 @@ describe API::Variables do
           delete api("/projects/#{project.id}/variables/#{variable.key}", user)
 
           expect(response).to have_http_status(204)
-        end.to change{project.variables.count}.by(-1)
+        end.to change {project.variables.count}.by(-1)
       end
 
       it 'responds with 404 Not Found if requesting non-existing variable' do
diff --git a/spec/requests/ci/api/builds_spec.rb b/spec/requests/ci/api/builds_spec.rb
index c077c458163..ebd67eb1e94 100644
--- a/spec/requests/ci/api/builds_spec.rb
+++ b/spec/requests/ci/api/builds_spec.rb
@@ -421,7 +421,7 @@ describe Ci::API::Builds do
         end
 
         context 'when build has been updated recently' do
-          it { expect{ patch_the_trace }.not_to change { build.updated_at }}
+          it { expect { patch_the_trace }.not_to change { build.updated_at }}
 
           it 'changes the build trace' do
             patch_the_trace
@@ -430,7 +430,7 @@ describe Ci::API::Builds do
           end
 
           context 'when Runner makes a force-patch' do
-            it { expect{ force_patch_the_trace }.not_to change { build.updated_at }}
+            it { expect { force_patch_the_trace }.not_to change { build.updated_at }}
 
             it "doesn't change the build.trace" do
               force_patch_the_trace
diff --git a/spec/rubocop/cop/migration/safer_boolean_column_spec.rb b/spec/rubocop/cop/migration/safer_boolean_column_spec.rb
new file mode 100644
index 00000000000..1006594499a
--- /dev/null
+++ b/spec/rubocop/cop/migration/safer_boolean_column_spec.rb
@@ -0,0 +1,85 @@
+require 'spec_helper'
+
+require 'rubocop'
+require 'rubocop/rspec/support'
+
+require_relative '../../../../rubocop/cop/migration/safer_boolean_column'
+
+describe RuboCop::Cop::Migration::SaferBooleanColumn do
+  include CopHelper
+
+  subject(:cop) { described_class.new }
+
+  context 'in migration' do
+    before do
+      allow(cop).to receive(:in_migration?).and_return(true)
+    end
+
+    described_class::SMALL_TABLES.each do |table|
+      context "for the #{table} table" do
+        sources_and_offense = [
+          ["add_column :#{table}, :column, :boolean, default: true", 'should disallow nulls'],
+          ["add_column :#{table}, :column, :boolean, default: false", 'should disallow nulls'],
+          ["add_column :#{table}, :column, :boolean, default: nil", 'should have a default and should disallow nulls'],
+          ["add_column :#{table}, :column, :boolean, null: false", 'should have a default'],
+          ["add_column :#{table}, :column, :boolean, null: true", 'should have a default and should disallow nulls'],
+          ["add_column :#{table}, :column, :boolean", 'should have a default and should disallow nulls'],
+          ["add_column :#{table}, :column, :boolean, default: nil, null: false", 'should have a default'],
+          ["add_column :#{table}, :column, :boolean, default: nil, null: true", 'should have a default and should disallow nulls'],
+          ["add_column :#{table}, :column, :boolean, default: false, null: true", 'should disallow nulls']
+        ]
+
+        sources_and_offense.each do |source, offense|
+          context "given the source \"#{source}\"" do
+            it "registers the offense matching \"#{offense}\"" do
+              inspect_source(cop, source)
+
+              aggregate_failures do
+                expect(cop.offenses.first.message).to match(offense)
+              end
+            end
+          end
+        end
+
+        inoffensive_sources = [
+          "add_column :#{table}, :column, :boolean, default: true, null: false",
+          "add_column :#{table}, :column, :boolean, default: false, null: false"
+        ]
+
+        inoffensive_sources.each do |source|
+          context "given the source \"#{source}\"" do
+            it "registers no offense" do
+              inspect_source(cop, source)
+
+              aggregate_failures do
+                expect(cop.offenses).to be_empty
+              end
+            end
+          end
+        end
+      end
+    end
+
+    it 'registers no offense for tables not listed in SMALL_TABLES' do
+      inspect_source(cop, "add_column :large_table, :column, :boolean")
+
+      expect(cop.offenses).to be_empty
+    end
+
+    it 'registers no offense for non-boolean columns' do
+      table = described_class::SMALL_TABLES.sample
+      inspect_source(cop, "add_column :#{table}, :column, :string")
+
+      expect(cop.offenses).to be_empty
+    end
+  end
+
+  context 'outside of migration' do
+    it 'registers no offense' do
+      table = described_class::SMALL_TABLES.sample
+      inspect_source(cop, "add_column :#{table}, :column, :boolean")
+
+      expect(cop.offenses).to be_empty
+    end
+  end
+end
diff --git a/spec/serializers/analytics_build_entity_spec.rb b/spec/serializers/analytics_build_entity_spec.rb
index 86e703a6448..1ff4908972a 100644
--- a/spec/serializers/analytics_build_entity_spec.rb
+++ b/spec/serializers/analytics_build_entity_spec.rb
@@ -13,12 +13,8 @@ describe AnalyticsBuildEntity do
 
     subject { entity.as_json }
 
-    before do
-      Timecop.freeze
-    end
-
-    after do
-      Timecop.return
+    around do |example|
+      Timecop.freeze { example.run }
     end
 
     it 'contains the URL' do
@@ -47,7 +43,7 @@ describe AnalyticsBuildEntity do
       let(:finished_at) { nil }
 
       it 'does not blow up' do
-        expect{ subject[:date] }.not_to raise_error
+        expect { subject[:date] }.not_to raise_error
       end
 
       it 'shows the right message' do
@@ -63,7 +59,7 @@ describe AnalyticsBuildEntity do
       let(:started_at) { nil }
 
       it 'does not blow up' do
-        expect{ subject[:date] }.not_to raise_error
+        expect { subject[:date] }.not_to raise_error
       end
 
       it 'shows the right message' do
@@ -79,7 +75,7 @@ describe AnalyticsBuildEntity do
       let(:finished_at) { nil }
 
       it 'does not blow up' do
-        expect{ subject[:date] }.not_to raise_error
+        expect { subject[:date] }.not_to raise_error
       end
 
       it 'shows the right message' do
diff --git a/spec/serializers/merge_request_entity_spec.rb b/spec/serializers/merge_request_entity_spec.rb
index 18cd9e9c006..a2fd5b7daae 100644
--- a/spec/serializers/merge_request_entity_spec.rb
+++ b/spec/serializers/merge_request_entity_spec.rb
@@ -47,7 +47,7 @@ describe MergeRequestEntity do
                                :cancel_merge_when_pipeline_succeeds_path,
                                :create_issue_to_resolve_discussions_path,
                                :source_branch_path, :target_branch_commits_path,
-                               :target_branch_tree_path, :commits_count)
+                               :target_branch_tree_path, :commits_count, :merge_ongoing)
   end
 
   it 'has email_patches_path' do
diff --git a/spec/serializers/pipeline_serializer_spec.rb b/spec/serializers/pipeline_serializer_spec.rb
index 362d754bca3..2de8daba6b5 100644
--- a/spec/serializers/pipeline_serializer_spec.rb
+++ b/spec/serializers/pipeline_serializer_spec.rb
@@ -111,7 +111,7 @@ describe PipelineSerializer do
       shared_examples 'no N+1 queries' do
         it 'verifies number of queries', :request_store do
           recorded = ActiveRecord::QueryRecorder.new { subject }
-          expect(recorded.count).to be_within(1).of(59)
+          expect(recorded.count).to be_within(1).of(57)
           expect(recorded.cached_count).to eq(0)
         end
       end
diff --git a/spec/services/ci/create_pipeline_service_spec.rb b/spec/services/ci/create_pipeline_service_spec.rb
index 730df4e0336..53d4fcfed18 100644
--- a/spec/services/ci/create_pipeline_service_spec.rb
+++ b/spec/services/ci/create_pipeline_service_spec.rb
@@ -66,7 +66,7 @@ describe Ci::CreatePipelineService do
 
         context 'when there is no pipeline for source branch' do
           it "does not update merge request head pipeline" do
-            merge_request = create(:merge_request, source_branch: 'other_branch', target_branch: "branch_1", source_project: project)
+            merge_request = create(:merge_request, source_branch: 'feature', target_branch: "branch_1", source_project: project)
 
             head_pipeline = pipeline
 
diff --git a/spec/services/create_deployment_service_spec.rb b/spec/services/create_deployment_service_spec.rb
index 049b082277a..08267d6e6a0 100644
--- a/spec/services/create_deployment_service_spec.rb
+++ b/spec/services/create_deployment_service_spec.rb
@@ -20,6 +20,10 @@ describe CreateDeploymentService do
 
   let(:service) { described_class.new(job) }
 
+  before do
+    allow_any_instance_of(Deployment).to receive(:create_ref)
+  end
+
   describe '#execute' do
     subject { service.execute }
 
diff --git a/spec/services/event_create_service_spec.rb b/spec/services/event_create_service_spec.rb
index 42adb044190..02d7ddeb86b 100644
--- a/spec/services/event_create_service_spec.rb
+++ b/spec/services/event_create_service_spec.rb
@@ -117,12 +117,52 @@ describe EventCreateService do
     let(:project) { create(:project) }
     let(:user) { create(:user) }
 
+    let(:push_data) do
+      {
+        commits: [
+          {
+            id: '1cf19a015df3523caf0a1f9d40c98a267d6a2fc2',
+            message: 'This is a commit'
+          }
+        ],
+        before: '0000000000000000000000000000000000000000',
+        after: '1cf19a015df3523caf0a1f9d40c98a267d6a2fc2',
+        total_commits_count: 1,
+        ref: 'refs/heads/my-branch'
+      }
+    end
+
     it 'creates a new event' do
-      expect { service.push(project, user, {}) }.to change { Event.count }
+      expect { service.push(project, user, push_data) }.to change { Event.count }
+    end
+
+    it 'creates the push event payload' do
+      expect(PushEventPayloadService).to receive(:new)
+        .with(an_instance_of(PushEvent), push_data)
+        .and_call_original
+
+      service.push(project, user, push_data)
     end
 
     it 'updates user last activity' do
-      expect { service.push(project, user, {}) }.to change { user_activity(user) }
+      expect { service.push(project, user, push_data) }
+        .to change { user_activity(user) }
+    end
+
+    it 'does not create any event data when an error is raised' do
+      payload_service = double(:service)
+
+      allow(payload_service).to receive(:execute)
+        .and_raise(RuntimeError)
+
+      allow(PushEventPayloadService).to receive(:new)
+        .and_return(payload_service)
+
+      expect { service.push(project, user, push_data) }
+        .to raise_error(RuntimeError)
+
+      expect(Event.count).to eq(0)
+      expect(PushEventPayload.count).to eq(0)
     end
   end
 
diff --git a/spec/services/git_push_service_spec.rb b/spec/services/git_push_service_spec.rb
index 82724ccd281..8485605b398 100644
--- a/spec/services/git_push_service_spec.rb
+++ b/spec/services/git_push_service_spec.rb
@@ -132,7 +132,7 @@ describe GitPushService, services: true do
     end
 
     it "creates a new pipeline" do
-      expect{ subject }.to change{ Ci::Pipeline.count }
+      expect { subject }.to change { Ci::Pipeline.count }
       expect(Ci::Pipeline.last).to be_push
     end
   end
@@ -141,10 +141,13 @@ describe GitPushService, services: true do
     let!(:push_data) { push_data_from_service(project, user, oldrev, newrev, ref) }
     let(:event) { Event.find_by_action(Event::PUSHED) }
 
-    it { expect(event).not_to be_nil }
+    it { expect(event).to be_an_instance_of(PushEvent) }
     it { expect(event.project).to eq(project) }
     it { expect(event.action).to eq(Event::PUSHED) }
-    it { expect(event.data).to eq(push_data) }
+    it { expect(event.push_event_payload).to be_an_instance_of(PushEventPayload) }
+    it { expect(event.push_event_payload.commit_from).to eq(oldrev) }
+    it { expect(event.push_event_payload.commit_to).to eq(newrev) }
+    it { expect(event.push_event_payload.ref).to eq('master') }
 
     context "Updates merge requests" do
       it "when pushing a new branch for the first time" do
diff --git a/spec/services/git_tag_push_service_spec.rb b/spec/services/git_tag_push_service_spec.rb
index f877c145390..05695aa8188 100644
--- a/spec/services/git_tag_push_service_spec.rb
+++ b/spec/services/git_tag_push_service_spec.rb
@@ -39,7 +39,7 @@ describe GitTagPushService do
     end
 
     it "creates a new pipeline" do
-      expect{ subject }.to change{ Ci::Pipeline.count }
+      expect { subject }.to change { Ci::Pipeline.count }
       expect(Ci::Pipeline.last).to be_push
     end
   end
diff --git a/spec/services/issuable/bulk_update_service_spec.rb b/spec/services/issuable/bulk_update_service_spec.rb
index befa65ec0f8..bdaab88d673 100644
--- a/spec/services/issuable/bulk_update_service_spec.rb
+++ b/spec/services/issuable/bulk_update_service_spec.rb
@@ -118,7 +118,7 @@ describe Issuable::BulkUpdateService do
     context 'when the new assignee ID is not present' do
       it 'does not unassign' do
         expect { bulk_update(issue, assignee_ids: []) }
-          .not_to change{ issue.reload.assignees }
+          .not_to change { issue.reload.assignees }
       end
     end
   end
diff --git a/spec/services/issues/create_service_spec.rb b/spec/services/issues/create_service_spec.rb
index fcbd69fd58b..9b2d9e79f4f 100644
--- a/spec/services/issues/create_service_spec.rb
+++ b/spec/services/issues/create_service_spec.rb
@@ -351,14 +351,14 @@ describe Issues::CreateService do
         end
 
         it 'marks related spam_log as recaptcha_verified' do
-          expect { issue }.to change{SpamLog.last.recaptcha_verified}.from(false).to(true)
+          expect { issue }.to change {SpamLog.last.recaptcha_verified}.from(false).to(true)
         end
 
         context 'when spam log does not belong to a user' do
           let(:log_user) { create(:user) }
 
           it 'does not mark spam_log as recaptcha_verified' do
-            expect { issue }.not_to change{SpamLog.last.recaptcha_verified}
+            expect { issue }.not_to change {SpamLog.last.recaptcha_verified}
           end
         end
       end
@@ -378,7 +378,7 @@ describe Issues::CreateService do
           end
 
           it 'creates a new spam_log' do
-            expect{issue}.to change{SpamLog.count}.from(0).to(1)
+            expect {issue}.to change {SpamLog.count}.from(0).to(1)
           end
 
           it 'assigns a spam_log to an issue' do
diff --git a/spec/services/issues/resolve_discussions_spec.rb b/spec/services/issues/resolve_discussions_spec.rb
index fac66791ffb..67a86c50fc1 100644
--- a/spec/services/issues/resolve_discussions_spec.rb
+++ b/spec/services/issues/resolve_discussions_spec.rb
@@ -20,7 +20,7 @@ describe Issues::ResolveDiscussions do
   describe "for resolving discussions" do
     let(:discussion) { create(:diff_note_on_merge_request, project: project, note: "Almost done").to_discussion }
     let(:merge_request) { discussion.noteable }
-    let(:other_merge_request) { create(:merge_request, source_project: project, source_branch: "other") }
+    let(:other_merge_request) { create(:merge_request, source_project: project, source_branch: "fix") }
 
     describe "#merge_request_for_resolving_discussion" do
       let(:service) { DummyService.new(project, user, merge_request_to_resolve_discussions_of: merge_request.iid) }
diff --git a/spec/services/issues/update_service_spec.rb b/spec/services/issues/update_service_spec.rb
index 814e2cfbed0..34fb16edc84 100644
--- a/spec/services/issues/update_service_spec.rb
+++ b/spec/services/issues/update_service_spec.rb
@@ -478,7 +478,7 @@ describe Issues::UpdateService, :mailer do
             feature_visibility_attr = :"#{issue.model_name.plural}_access_level"
             project.project_feature.update_attribute(feature_visibility_attr, ProjectFeature::PRIVATE)
 
-            expect{ update_issue(assignee_ids: [assignee.id]) }.not_to change{ issue.assignees }
+            expect { update_issue(assignee_ids: [assignee.id]) }.not_to change { issue.assignees }
           end
         end
       end
diff --git a/spec/services/labels/update_service_spec.rb b/spec/services/labels/update_service_spec.rb
index bb95fe20fbf..c3fe33045fa 100644
--- a/spec/services/labels/update_service_spec.rb
+++ b/spec/services/labels/update_service_spec.rb
@@ -13,7 +13,7 @@ describe Labels::UpdateService do
 
     let(:expected_saved_color) { hex_color }
 
-    before(:each) do
+    before do
       @label = Labels::CreateService.new(title: 'Initial', color: '#000000').execute(project: project)
       expect(@label).to be_persisted
     end
diff --git a/spec/services/merge_requests/get_urls_service_spec.rb b/spec/services/merge_requests/get_urls_service_spec.rb
index 672d86e4028..25599dea19f 100644
--- a/spec/services/merge_requests/get_urls_service_spec.rb
+++ b/spec/services/merge_requests/get_urls_service_spec.rb
@@ -3,7 +3,7 @@ require "spec_helper"
 describe MergeRequests::GetUrlsService do
   let(:project) { create(:project, :public, :repository) }
   let(:service) { described_class.new(project) }
-  let(:source_branch) { "my_branch" }
+  let(:source_branch) { "merge-test" }
   let(:new_merge_request_url) { "http://#{Gitlab.config.gitlab.host}/#{project.namespace.name}/#{project.path}/merge_requests/new?merge_request%5Bsource_branch%5D=#{source_branch}" }
   let(:show_merge_request_url) { "http://#{Gitlab.config.gitlab.host}/#{project.namespace.name}/#{project.path}/merge_requests/#{merge_request.iid}" }
   let(:new_branch_changes) { "#{Gitlab::Git::BLANK_SHA} 570e7b2abdd848b95f2f578043fc23bd6f6fd24d refs/heads/#{source_branch}" }
@@ -111,9 +111,9 @@ describe MergeRequests::GetUrlsService do
     end
 
     context 'pushing new branch and existing branch (with merge request created) at once' do
-      let!(:merge_request) { create(:merge_request, source_project: project, source_branch: "existing_branch") }
+      let!(:merge_request) { create(:merge_request, source_project: project, source_branch: "markdown") }
       let(:new_branch_changes) { "#{Gitlab::Git::BLANK_SHA} 570e7b2abdd848b95f2f578043fc23bd6f6fd24d refs/heads/new_branch" }
-      let(:existing_branch_changes) { "d14d6c0abdd253381df51a723d58691b2ee1ab08 570e7b2abdd848b95f2f578043fc23bd6f6fd24d refs/heads/existing_branch" }
+      let(:existing_branch_changes) { "d14d6c0abdd253381df51a723d58691b2ee1ab08 570e7b2abdd848b95f2f578043fc23bd6f6fd24d refs/heads/markdown" }
       let(:changes) { "#{new_branch_changes}\n#{existing_branch_changes}" }
       let(:new_merge_request_url) { "http://#{Gitlab.config.gitlab.host}/#{project.namespace.name}/#{project.path}/merge_requests/new?merge_request%5Bsource_branch%5D=new_branch" }
 
@@ -124,7 +124,7 @@ describe MergeRequests::GetUrlsService do
           url: new_merge_request_url,
           new_merge_request: true
         }, {
-          branch_name: "existing_branch",
+          branch_name: "markdown",
           url: show_merge_request_url,
           new_merge_request: false
         }])
diff --git a/spec/services/merge_requests/update_service_spec.rb b/spec/services/merge_requests/update_service_spec.rb
index 9368594bc86..681feee61d1 100644
--- a/spec/services/merge_requests/update_service_spec.rb
+++ b/spec/services/merge_requests/update_service_spec.rb
@@ -509,7 +509,7 @@ describe MergeRequests::UpdateService, :mailer do
             feature_visibility_attr = :"#{merge_request.model_name.plural}_access_level"
             project.project_feature.update_attribute(feature_visibility_attr, ProjectFeature::PRIVATE)
 
-            expect{ update_merge_request(assignee_id: assignee) }.not_to change{ merge_request.assignee }
+            expect { update_merge_request(assignee_id: assignee) }.not_to change { merge_request.assignee }
           end
         end
       end
diff --git a/spec/services/notification_service_spec.rb b/spec/services/notification_service_spec.rb
index 6af5c79135d..44b2d28d1d4 100644
--- a/spec/services/notification_service_spec.rb
+++ b/spec/services/notification_service_spec.rb
@@ -4,7 +4,7 @@ describe NotificationService, :mailer do
   let(:notification) { described_class.new }
   let(:assignee) { create(:user) }
 
-  around(:each) do |example|
+  around do |example|
     perform_enqueued_jobs do
       example.run
     end
@@ -80,12 +80,16 @@ describe NotificationService, :mailer do
 
   describe 'Keys' do
     describe '#new_key' do
-      let!(:key) { create(:personal_key) }
+      let(:key_options) { {} }
+      let!(:key) { create(:personal_key, key_options) }
 
       it { expect(notification.new_key(key)).to be_truthy }
+      it { should_email(key.user) }
 
-      it 'sends email to key owner' do
-        expect{ notification.new_key(key) }.to change{ ActionMailer::Base.deliveries.size }.by(1)
+      describe 'never emails the ghost user' do
+        let(:key_options) { { user: User.ghost } }
+
+        it { should_not_email_anyone }
       end
     end
   end
@@ -97,7 +101,7 @@ describe NotificationService, :mailer do
       it { expect(notification.new_gpg_key(key)).to be_truthy }
 
       it 'sends email to key owner' do
-        expect{ notification.new_gpg_key(key) }.to change{ ActionMailer::Base.deliveries.size }.by(1)
+        expect { notification.new_gpg_key(key) }.to change { ActionMailer::Base.deliveries.size }.by(1)
       end
     end
   end
@@ -109,7 +113,7 @@ describe NotificationService, :mailer do
       it { expect(notification.new_email(email)).to be_truthy }
 
       it 'sends email to email owner' do
-        expect{ notification.new_email(email) }.to change{ ActionMailer::Base.deliveries.size }.by(1)
+        expect { notification.new_email(email) }.to change { ActionMailer::Base.deliveries.size }.by(1)
       end
     end
   end
@@ -1173,19 +1177,39 @@ describe NotificationService, :mailer do
       end
     end
 
-    describe '#project_exported' do
-      it do
-        notification.project_exported(project, @u_disabled)
+    context 'user with notifications disabled' do
+      describe '#project_exported' do
+        it do
+          notification.project_exported(project, @u_disabled)
+
+          should_not_email_anyone
+        end
+      end
+
+      describe '#project_not_exported' do
+        it do
+          notification.project_not_exported(project, @u_disabled, ['error'])
 
-        should_only_email(@u_disabled)
+          should_not_email_anyone
+        end
       end
     end
 
-    describe '#project_not_exported' do
-      it do
-        notification.project_not_exported(project, @u_disabled, ['error'])
+    context 'user with notifications enabled' do
+      describe '#project_exported' do
+        it do
+          notification.project_exported(project, @u_participating)
 
-        should_only_email(@u_disabled)
+          should_only_email(@u_participating)
+        end
+      end
+
+      describe '#project_not_exported' do
+        it do
+          notification.project_not_exported(project, @u_participating, ['error'])
+
+          should_only_email(@u_participating)
+        end
       end
     end
   end
@@ -1196,7 +1220,7 @@ describe NotificationService, :mailer do
       let(:group) { create(:group) }
       let(:member) { create(:user) }
 
-      before(:each) do
+      before do
         group.add_owner(creator)
         group.add_developer(member, creator)
       end
@@ -1209,6 +1233,35 @@ describe NotificationService, :mailer do
         end.to change { ActionMailer::Base.deliveries.size }.by(1)
       end
     end
+
+    describe '#new_group_member' do
+      let(:group) { create(:group) }
+      let(:added_user) { create(:user) }
+
+      def create_member!
+        GroupMember.create(
+          group: group,
+          user: added_user,
+          access_level: Gitlab::Access::GUEST
+        )
+      end
+
+      it 'sends a notification' do
+        create_member!
+        should_only_email(added_user)
+      end
+
+      describe 'when notifications are disabled' do
+        before do
+          create_global_setting_for(added_user, :disabled)
+        end
+
+        it 'does not send a notification' do
+          create_member!
+          should_not_email_anyone
+        end
+      end
+    end
   end
 
   describe 'ProjectMember' do
@@ -1216,7 +1269,7 @@ describe NotificationService, :mailer do
       let(:project) { create(:project) }
       let(:member) { create(:user) }
 
-      before(:each) do
+      before do
         project.add_developer(member, current_user: project.owner)
       end
 
@@ -1228,6 +1281,31 @@ describe NotificationService, :mailer do
         end.to change { ActionMailer::Base.deliveries.size }.by(1)
       end
     end
+
+    describe '#new_project_member' do
+      let(:project) { create(:project) }
+      let(:added_user) { create(:user) }
+
+      def create_member!
+        create(:project_member, user: added_user, project: project)
+      end
+
+      it do
+        create_member!
+        should_only_email(added_user)
+      end
+
+      describe 'when notifications are disabled' do
+        before do
+          create_global_setting_for(added_user, :disabled)
+        end
+
+        it do
+          create_member!
+          should_not_email_anyone
+        end
+      end
+    end
   end
 
   context 'guest user in private project' do
diff --git a/spec/services/projects/destroy_service_spec.rb b/spec/services/projects/destroy_service_spec.rb
index 85b05ef6d05..c867139d1de 100644
--- a/spec/services/projects/destroy_service_spec.rb
+++ b/spec/services/projects/destroy_service_spec.rb
@@ -142,13 +142,13 @@ describe Projects::DestroyService do
       context 'when `execute` raises unexpected error' do
         before do
           expect_any_instance_of(Project)
-            .to receive(:destroy!).and_raise(Exception.new("Other error message"))
+            .to receive(:destroy!).and_raise(Exception.new('Other error message'))
         end
 
         it 'allows error to bubble up and rolls back project deletion' do
           expect do
             Sidekiq::Testing.inline! { destroy_project(project, user, {}) }
-          end.to raise_error
+          end.to raise_error(Exception, 'Other error message')
 
           expect(project.reload.pending_delete).to be(false)
           expect(project.delete_error).to include("Other error message")
diff --git a/spec/services/projects/fork_service_spec.rb b/spec/services/projects/fork_service_spec.rb
index c90536ba346..21c4b30734c 100644
--- a/spec/services/projects/fork_service_spec.rb
+++ b/spec/services/projects/fork_service_spec.rb
@@ -50,6 +50,14 @@ describe Projects::ForkService do
 
           expect(@from_project.avatar.file).to be_exists
         end
+
+        it 'flushes the forks count cache of the source project' do
+          expect(@from_project.forks_count).to be_zero
+
+          fork_project(@from_project, @to_user)
+
+          expect(@from_project.forks_count).to eq(1)
+        end
       end
     end
 
diff --git a/spec/services/projects/forks_count_service_spec.rb b/spec/services/projects/forks_count_service_spec.rb
new file mode 100644
index 00000000000..cf299c5d09b
--- /dev/null
+++ b/spec/services/projects/forks_count_service_spec.rb
@@ -0,0 +1,40 @@
+require 'spec_helper'
+
+describe Projects::ForksCountService do
+  let(:project) { build(:project, id: 42) }
+  let(:service) { described_class.new(project) }
+
+  describe '#count' do
+    it 'returns the number of forks' do
+      allow(service).to receive(:uncached_count).and_return(1)
+
+      expect(service.count).to eq(1)
+    end
+
+    it 'caches the forks count', :use_clean_rails_memory_store_caching do
+      expect(service).to receive(:uncached_count).once.and_return(1)
+
+      2.times { service.count }
+    end
+  end
+
+  describe '#refresh_cache', :use_clean_rails_memory_store_caching do
+    it 'refreshes the cache' do
+      expect(service).to receive(:uncached_count).once.and_return(1)
+
+      service.refresh_cache
+
+      expect(service.count).to eq(1)
+    end
+  end
+
+  describe '#delete_cache', :use_clean_rails_memory_store_caching do
+    it 'removes the cache' do
+      expect(service).to receive(:uncached_count).twice.and_return(1)
+
+      service.count
+      service.delete_cache
+      service.count
+    end
+  end
+end
diff --git a/spec/services/projects/housekeeping_service_spec.rb b/spec/services/projects/housekeeping_service_spec.rb
index ebed802708d..385f56e447f 100644
--- a/spec/services/projects/housekeeping_service_spec.rb
+++ b/spec/services/projects/housekeeping_service_spec.rb
@@ -24,7 +24,7 @@ describe Projects::HousekeepingService do
     end
 
     context 'when no lease can be obtained' do
-      before(:each) do
+      before do
         expect(subject).to receive(:try_obtain_lease).and_return(false)
       end
 
diff --git a/spec/services/projects/unlink_fork_service_spec.rb b/spec/services/projects/unlink_fork_service_spec.rb
index 2ae8d5f7c54..4f1ab697460 100644
--- a/spec/services/projects/unlink_fork_service_spec.rb
+++ b/spec/services/projects/unlink_fork_service_spec.rb
@@ -29,4 +29,14 @@ describe Projects::UnlinkForkService do
 
     subject.execute
   end
+
+  it 'refreshes the forks count cache of the source project' do
+    source = fork_project.forked_from_project
+
+    expect(source.forks_count).to eq(1)
+
+    subject.execute
+
+    expect(source.forks_count).to be_zero
+  end
 end
diff --git a/spec/services/projects/update_service_spec.rb b/spec/services/projects/update_service_spec.rb
index d945e0aa1f0..1b282e82187 100644
--- a/spec/services/projects/update_service_spec.rb
+++ b/spec/services/projects/update_service_spec.rb
@@ -101,6 +101,13 @@ describe Projects::UpdateService, '#execute' do
 
       expect(Project.find(project.id).default_branch).to eq 'feature'
     end
+
+    it 'does not change a default branch' do
+      # The branch 'unexisted-branch' does not exist.
+      update_project(project, admin, default_branch: 'unexisted-branch')
+
+      expect(Project.find(project.id).default_branch).to eq 'master'
+    end
   end
 
   context 'when updating a project that contains container images' do
diff --git a/spec/services/protected_branches/update_service_spec.rb b/spec/services/protected_branches/update_service_spec.rb
index 5698101af54..9fa5983db66 100644
--- a/spec/services/protected_branches/update_service_spec.rb
+++ b/spec/services/protected_branches/update_service_spec.rb
@@ -19,7 +19,7 @@ describe ProtectedBranches::UpdateService do
       let(:user) { create(:user) }
 
       it "raises error" do
-        expect{ service.execute(protected_branch) }.to raise_error(Gitlab::Access::AccessDeniedError)
+        expect { service.execute(protected_branch) }.to raise_error(Gitlab::Access::AccessDeniedError)
       end
     end
   end
diff --git a/spec/services/protected_tags/update_service_spec.rb b/spec/services/protected_tags/update_service_spec.rb
index d333430088d..2ece4e3b07b 100644
--- a/spec/services/protected_tags/update_service_spec.rb
+++ b/spec/services/protected_tags/update_service_spec.rb
@@ -19,7 +19,7 @@ describe ProtectedTags::UpdateService do
       let(:user) { create(:user) }
 
       it "raises error" do
-        expect{ service.execute(protected_tag) }.to raise_error(Gitlab::Access::AccessDeniedError)
+        expect { service.execute(protected_tag) }.to raise_error(Gitlab::Access::AccessDeniedError)
       end
     end
   end
diff --git a/spec/services/push_event_payload_service_spec.rb b/spec/services/push_event_payload_service_spec.rb
new file mode 100644
index 00000000000..81956200bff
--- /dev/null
+++ b/spec/services/push_event_payload_service_spec.rb
@@ -0,0 +1,218 @@
+require 'spec_helper'
+
+describe PushEventPayloadService do
+  let(:event) { create(:push_event) }
+
+  describe '#execute' do
+    let(:push_data) do
+      {
+        commits: [
+          {
+            id: '1cf19a015df3523caf0a1f9d40c98a267d6a2fc2',
+            message: 'This is a commit'
+          }
+        ],
+        before: '0000000000000000000000000000000000000000',
+        after: '1cf19a015df3523caf0a1f9d40c98a267d6a2fc2',
+        total_commits_count: 1,
+        ref: 'refs/heads/my-branch'
+      }
+    end
+
+    it 'creates a new PushEventPayload row' do
+      payload = described_class.new(event, push_data).execute
+
+      expect(payload.commit_count).to eq(1)
+      expect(payload.action).to eq('created')
+      expect(payload.ref_type).to eq('branch')
+      expect(payload.commit_from).to be_nil
+      expect(payload.commit_to).to eq(push_data[:after])
+      expect(payload.ref).to eq('my-branch')
+      expect(payload.commit_title).to eq('This is a commit')
+      expect(payload.event_id).to eq(event.id)
+    end
+
+    it 'sets the push_event_payload association of the used event' do
+      payload = described_class.new(event, push_data).execute
+
+      expect(event.push_event_payload).to eq(payload)
+    end
+  end
+
+  describe '#commit_title' do
+    it 'returns nil if no commits were pushed' do
+      service = described_class.new(event, commits: [])
+
+      expect(service.commit_title).to be_nil
+    end
+
+    it 'returns a String limited to 70 characters' do
+      service = described_class.new(event, commits: [{ message: 'a' * 100 }])
+
+      expect(service.commit_title).to eq(('a' * 67) + '...')
+    end
+
+    it 'does not truncate the commit message if it is shorter than 70 characters' do
+      service = described_class.new(event, commits: [{ message: 'Hello' }])
+
+      expect(service.commit_title).to eq('Hello')
+    end
+
+    it 'includes the first line of a commit message if the message spans multiple lines' do
+      service = described_class
+        .new(event, commits: [{ message: "Hello\n\nworld" }])
+
+      expect(service.commit_title).to eq('Hello')
+    end
+  end
+
+  describe '#commit_from_id' do
+    it 'returns nil when creating a new ref' do
+      service = described_class.new(event, before: Gitlab::Git::BLANK_SHA)
+
+      expect(service.commit_from_id).to be_nil
+    end
+
+    it 'returns the ID of the first commit when pushing to an existing ref' do
+      service = described_class.new(event, before: '123')
+
+      expect(service.commit_from_id).to eq('123')
+    end
+  end
+
+  describe '#commit_to_id' do
+    it 'returns nil when removing an existing ref' do
+      service = described_class.new(event, after: Gitlab::Git::BLANK_SHA)
+
+      expect(service.commit_to_id).to be_nil
+    end
+  end
+
+  describe '#commit_count' do
+    it 'returns the number of commits' do
+      service = described_class.new(event, total_commits_count: 1)
+
+      expect(service.commit_count).to eq(1)
+    end
+
+    it 'raises when the push data does not contain the commits count' do
+      service = described_class.new(event, {})
+
+      expect { service.commit_count }.to raise_error(KeyError)
+    end
+  end
+
+  describe '#ref' do
+    it 'returns the name of the ref' do
+      service = described_class.new(event, ref: 'refs/heads/foo')
+
+      expect(service.ref).to eq('refs/heads/foo')
+    end
+
+    it 'raises when the push data does not contain the ref name' do
+      service = described_class.new(event, {})
+
+      expect { service.ref }.to raise_error(KeyError)
+    end
+  end
+
+  describe '#revision_before' do
+    it 'returns the revision from before the push' do
+      service = described_class.new(event, before: 'foo')
+
+      expect(service.revision_before).to eq('foo')
+    end
+
+    it 'raises when the push data does not contain the before revision' do
+      service = described_class.new(event, {})
+
+      expect { service.revision_before }.to raise_error(KeyError)
+    end
+  end
+
+  describe '#revision_after' do
+    it 'returns the revision from after the push' do
+      service = described_class.new(event, after: 'foo')
+
+      expect(service.revision_after).to eq('foo')
+    end
+
+    it 'raises when the push data does not contain the after revision' do
+      service = described_class.new(event, {})
+
+      expect { service.revision_after }.to raise_error(KeyError)
+    end
+  end
+
+  describe '#trimmed_ref' do
+    it 'returns the ref name without its prefix' do
+      service = described_class.new(event, ref: 'refs/heads/foo')
+
+      expect(service.trimmed_ref).to eq('foo')
+    end
+  end
+
+  describe '#create?' do
+    it 'returns true when creating a new ref' do
+      service = described_class.new(event, before: Gitlab::Git::BLANK_SHA)
+
+      expect(service.create?).to eq(true)
+    end
+
+    it 'returns false when pushing to an existing ref' do
+      service = described_class.new(event, before: 'foo')
+
+      expect(service.create?).to eq(false)
+    end
+  end
+
+  describe '#remove?' do
+    it 'returns true when removing an existing ref' do
+      service = described_class.new(event, after: Gitlab::Git::BLANK_SHA)
+
+      expect(service.remove?).to eq(true)
+    end
+
+    it 'returns false pushing to an existing ref' do
+      service = described_class.new(event, after: 'foo')
+
+      expect(service.remove?).to eq(false)
+    end
+  end
+
+  describe '#action' do
+    it 'returns :created when creating a ref' do
+      service = described_class.new(event, before: Gitlab::Git::BLANK_SHA)
+
+      expect(service.action).to eq(:created)
+    end
+
+    it 'returns :removed when removing an existing ref' do
+      service = described_class.new(event,
+                                    before: '123',
+                                    after: Gitlab::Git::BLANK_SHA)
+
+      expect(service.action).to eq(:removed)
+    end
+
+    it 'returns :pushed when pushing to an existing ref' do
+      service = described_class.new(event, before: '123', after: '456')
+
+      expect(service.action).to eq(:pushed)
+    end
+  end
+
+  describe '#ref_type' do
+    it 'returns :tag for a tag' do
+      service = described_class.new(event, ref: 'refs/tags/1.2')
+
+      expect(service.ref_type).to eq(:tag)
+    end
+
+    it 'returns :branch for a branch' do
+      service = described_class.new(event, ref: 'refs/heads/master')
+
+      expect(service.ref_type).to eq(:branch)
+    end
+  end
+end
diff --git a/spec/services/system_note_service_spec.rb b/spec/services/system_note_service_spec.rb
index 8f1eb4863d9..6d36affa9dc 100644
--- a/spec/services/system_note_service_spec.rb
+++ b/spec/services/system_note_service_spec.rb
@@ -35,7 +35,7 @@ describe SystemNoteService do
 
     context 'metadata' do
       it 'creates a new system note metadata record' do
-        expect { subject }.to change{ SystemNoteMetadata.count }.from(0).to(1)
+        expect { subject }.to change { SystemNoteMetadata.count }.from(0).to(1)
       end
 
       it 'creates a record correctly' do
@@ -477,7 +477,7 @@ describe SystemNoteService do
       end
 
       it 'does not create a system note metadata record' do
-        expect { subject }.not_to change{ SystemNoteMetadata.count }
+        expect { subject }.not_to change { SystemNoteMetadata.count }
       end
     end
 
diff --git a/spec/services/todo_service_spec.rb b/spec/services/todo_service_spec.rb
index 80d05451e09..a9b34a5258a 100644
--- a/spec/services/todo_service_spec.rb
+++ b/spec/services/todo_service_spec.rb
@@ -586,13 +586,13 @@ describe TodoService do
       it 'does not create a directly addressed todo if user was already mentioned or addressed and todo is pending' do
         create(:todo, :directly_addressed, user: member, project: project, target: addressed_mr_assigned, author: author)
 
-        expect{ service.update_merge_request(addressed_mr_assigned, author) }.not_to change(member.todos, :count)
+        expect { service.update_merge_request(addressed_mr_assigned, author) }.not_to change(member.todos, :count)
       end
 
       it 'does not create a directly addressed todo if user was already mentioned or addressed and todo is done' do
         create(:todo, :directly_addressed, user: skipped, project: project, target: addressed_mr_assigned, author: author)
 
-        expect{ service.update_merge_request(addressed_mr_assigned, author, skip_users) }.not_to change(skipped.todos, :count)
+        expect { service.update_merge_request(addressed_mr_assigned, author, skip_users) }.not_to change(skipped.todos, :count)
       end
 
       context 'with a task list' do
diff --git a/spec/services/web_hook_service_spec.rb b/spec/services/web_hook_service_spec.rb
index 79d90defd78..365cb6b8f09 100644
--- a/spec/services/web_hook_service_spec.rb
+++ b/spec/services/web_hook_service_spec.rb
@@ -15,7 +15,7 @@ describe WebHookService do
   let(:service_instance) { described_class.new(project_hook, data, 'push_hooks') }
 
   describe '#execute' do
-    before(:each) do
+    before do
       project.hooks << [project_hook]
 
       WebMock.stub_request(:post, project_hook.url)
diff --git a/spec/simplecov_env.rb b/spec/simplecov_env.rb
index ac2c89b3ff9..25ddf932d42 100644
--- a/spec/simplecov_env.rb
+++ b/spec/simplecov_env.rb
@@ -36,18 +36,25 @@ module SimpleCovEnv
       track_files '{app,lib}/**/*.rb'
 
       add_filter '/vendor/ruby/'
+      add_filter 'app/controllers/sherlock/'
       add_filter 'config/initializers/'
+      add_filter 'db/fixtures/'
+      add_filter 'lib/gitlab/sidekiq_middleware/'
+      add_filter 'lib/system_check/'
 
       add_group 'Controllers', 'app/controllers'
-      add_group 'Models', 'app/models'
-      add_group 'Mailers', 'app/mailers'
-      add_group 'Helpers', 'app/helpers'
-      add_group 'Workers', %w(app/jobs app/workers)
-      add_group 'Libraries', 'lib'
-      add_group 'Services', 'app/services'
-      add_group 'Finders', 'app/finders'
-      add_group 'Uploaders', 'app/uploaders'
-      add_group 'Validators', 'app/validators'
+      add_group 'Finders',     'app/finders'
+      add_group 'Helpers',     'app/helpers'
+      add_group 'Libraries',   'lib'
+      add_group 'Mailers',     'app/mailers'
+      add_group 'Models',      'app/models'
+      add_group 'Policies',    'app/policies'
+      add_group 'Presenters',  'app/presenters'
+      add_group 'Serializers', 'app/serializers'
+      add_group 'Services',    'app/services'
+      add_group 'Uploaders',   'app/uploaders'
+      add_group 'Validators',  'app/validators'
+      add_group 'Workers',     %w(app/jobs app/workers)
 
       merge_timeout 365.days
     end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 0ba6ed56314..3eea39d4bf4 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -8,6 +8,7 @@ require File.expand_path("../../config/environment", __FILE__)
 require 'rspec/rails'
 require 'shoulda/matchers'
 require 'rspec/retry'
+require 'rspec-parameterized'
 
 rspec_profiling_is_configured =
   ENV['RSPEC_PROFILING_POSTGRES_URL'].present? ||
@@ -69,7 +70,14 @@ RSpec.configure do |config|
 
   config.raise_errors_for_deprecations!
 
+  if ENV['CI']
+    # This includes the first try, i.e. tests will be run 4 times before failing.
+    config.default_retry_count = 4
+    config.reporter.register_listener(RspecFlaky::Listener.new, :example_passed, :dump_summary)
+  end
+
   config.before(:suite) do
+    Timecop.safe_mode = true
     TestEnv.init
   end
 
@@ -97,12 +105,6 @@ RSpec.configure do |config|
     reset_delivered_emails!
   end
 
-  if ENV['CI']
-    config.around(:each) do |ex|
-      ex.run_with_retry retry: 2
-    end
-  end
-
   config.around(:each, :use_clean_rails_memory_store_caching) do |example|
     caching_store = Rails.cache
     Rails.cache = ActiveSupport::Cache::MemoryStore.new
diff --git a/spec/support/api/milestones_shared_examples.rb b/spec/support/api/milestones_shared_examples.rb
index bf769225012..4bb5113957e 100644
--- a/spec/support/api/milestones_shared_examples.rb
+++ b/spec/support/api/milestones_shared_examples.rb
@@ -50,7 +50,7 @@ shared_examples_for 'group and project milestones' do |route_definition|
       expect(response).to have_http_status(200)
       expect(json_response).to be_an Array
       expect(json_response.length).to eq(2)
-      expect(json_response.map{ |m| m['id'] }).to match_array([closed_milestone.id, other_milestone.id])
+      expect(json_response.map { |m| m['id'] }).to match_array([closed_milestone.id, other_milestone.id])
     end
 
     it 'does not return any milestone if none found' do
diff --git a/spec/support/features/reportable_note_shared_examples.rb b/spec/support/features/reportable_note_shared_examples.rb
index 27e079c01dd..cb483ae9a5a 100644
--- a/spec/support/features/reportable_note_shared_examples.rb
+++ b/spec/support/features/reportable_note_shared_examples.rb
@@ -7,15 +7,18 @@ shared_examples 'reportable note' do
   let(:more_actions_selector) { '.more-actions.dropdown' }
   let(:abuse_report_path) { new_abuse_report_path(user_id: note.author.id, ref_url: noteable_note_url(note)) }
 
+  it 'has an edit button' do
+    expect(comment).to have_selector('.js-note-edit')
+  end
+
   it 'has a `More actions` dropdown' do
     expect(comment).to have_selector(more_actions_selector)
   end
 
-  it 'dropdown has Edit, Report and Delete links' do
+  it 'dropdown has Report and Delete links' do
     dropdown = comment.find(more_actions_selector)
     open_dropdown(dropdown)
 
-    expect(dropdown).to have_button('Edit comment')
     expect(dropdown).to have_link('Report as abuse', href: abuse_report_path)
     expect(dropdown).to have_link('Delete comment', href: note_url(note, project))
   end
diff --git a/spec/support/gitlab-git-test.git/objects/3e/20715310a699808282e772720b9c04a0696bcc b/spec/support/gitlab-git-test.git/objects/3e/20715310a699808282e772720b9c04a0696bcc
new file mode 100644
index 00000000000..86bf37ac887
--- /dev/null
+++ b/spec/support/gitlab-git-test.git/objects/3e/20715310a699808282e772720b9c04a0696bcc
diff --git a/spec/support/gitlab-git-test.git/objects/95/96bc54a6f0c0c98248fe97077eb5ccf48a98d0 b/spec/support/gitlab-git-test.git/objects/95/96bc54a6f0c0c98248fe97077eb5ccf48a98d0
new file mode 100644
index 00000000000..d90cb028e9b
--- /dev/null
+++ b/spec/support/gitlab-git-test.git/objects/95/96bc54a6f0c0c98248fe97077eb5ccf48a98d0
@@ -0,0 +1,2 @@
+x
•OËn1䜯ð	9&O	¡ž¹"õnoYD6Õ’ýÒª?Ðã¼ì™Òj�;�w»¾ªÂQ	£õG‹rN˜(‘ÆH‘PrAÇr�RÌ7¯ºtpâ²Mì#MœÂ”c´ê…NrsI­
+Ž“%Þú½­páÒ>Û«²®pzüÀ�¯¹?Y¥Õ3X�äBBÌ°GB4ƒ
ûpÿ?k®›ÔvÛžú‚y�~Wø])[‡¥Áa<þ“ÍCP_
\ No newline at end of file
diff --git a/spec/support/gitlab-git-test.git/packed-refs b/spec/support/gitlab-git-test.git/packed-refs
index ce5ab1f705b..507e4ce785a 100644
--- a/spec/support/gitlab-git-test.git/packed-refs
+++ b/spec/support/gitlab-git-test.git/packed-refs
@@ -8,6 +8,7 @@
 46e1395e609395de004cacd4b142865ab0e52a29 refs/heads/gitattributes-updated
 4b4918a572fa86f9771e5ba40fbd48e1eb03e2c6 refs/heads/master
 5937ac0a7beb003549fc5fd26fc247adbce4a52e refs/heads/merge-test
+9596bc54a6f0c0c98248fe97077eb5ccf48a98d0 refs/heads/missing-gitmodules
 f4e6814c3e4e7a0de82a9e7cd20c626cc963a2f8 refs/tags/v1.0.0
 ^6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9
 8a2a6eb295bb170b34c24c76c49ed0e9b2eaf34b refs/tags/v1.1.0
diff --git a/spec/support/gpg_helpers.rb b/spec/support/gpg_helpers.rb
index 96ea6f28b30..65b38626a51 100644
--- a/spec/support/gpg_helpers.rb
+++ b/spec/support/gpg_helpers.rb
@@ -1,4 +1,6 @@
 module GpgHelpers
+  SIGNED_COMMIT_SHA = '8a852d50dda17cc8fd1408d2fd0c5b0f24c76ca4'.freeze
+
   module User1
     extend self
 
diff --git a/spec/support/issuables_list_metadata_shared_examples.rb b/spec/support/issuables_list_metadata_shared_examples.rb
index a60d3b0d22d..75982432ab4 100644
--- a/spec/support/issuables_list_metadata_shared_examples.rb
+++ b/spec/support/issuables_list_metadata_shared_examples.rb
@@ -2,12 +2,12 @@ shared_examples 'issuables list meta-data' do |issuable_type, action = nil|
   before do
     @issuable_ids = []
 
-    2.times do |n|
+    %w[fix improve/awesome].each do |source_branch|
       issuable =
         if issuable_type == :issue
           create(issuable_type, project: project)
         else
-          create(issuable_type, source_project: project, source_branch: "#{n}-feature")
+          create(issuable_type, source_project: project, source_branch: source_branch)
         end
 
       @issuable_ids << issuable.id
diff --git a/spec/support/matchers/query_matcher.rb b/spec/support/matchers/query_matcher.rb
index ac8c4ab91d9..bb0feca7c43 100644
--- a/spec/support/matchers/query_matcher.rb
+++ b/spec/support/matchers/query_matcher.rb
@@ -28,6 +28,6 @@ RSpec::Matchers.define :make_queries_matching do |matcher, expected_count = nil|
 
   def query_count(regex, &block)
     @recorder = ActiveRecord::QueryRecorder.new(&block).log
-    @recorder.select{ |q| q.match(regex) }
+    @recorder.select { |q| q.match(regex) }
   end
 end
diff --git a/spec/support/rake_helpers.rb b/spec/support/rake_helpers.rb
index 5cb415111d2..86bfeed107c 100644
--- a/spec/support/rake_helpers.rb
+++ b/spec/support/rake_helpers.rb
@@ -5,11 +5,15 @@ module RakeHelpers
   end
 
   def stub_warn_user_is_not_gitlab
-    allow_any_instance_of(Object).to receive(:warn_user_is_not_gitlab)
+    allow(main_object).to receive(:warn_user_is_not_gitlab)
   end
 
   def silence_output
-    allow($stdout).to receive(:puts)
-    allow($stdout).to receive(:print)
+    allow(main_object).to receive(:puts)
+    allow(main_object).to receive(:print)
+  end
+
+  def main_object
+    @main_object ||= TOPLEVEL_BINDING.eval('self')
   end
 end
diff --git a/spec/support/redis/redis_shared_examples.rb b/spec/support/redis/redis_shared_examples.rb
index f9552e41894..8676f895a83 100644
--- a/spec/support/redis/redis_shared_examples.rb
+++ b/spec/support/redis/redis_shared_examples.rb
@@ -3,12 +3,12 @@ RSpec.shared_examples "redis_shared_examples" do
 
   let(:test_redis_url)  { "redis://redishost:#{redis_port}"}
 
-  before(:each) do
+  before do
     stub_env(environment_config_file_name, Rails.root.join(config_file_name))
     clear_raw_config
   end
 
-  after(:each) do
+  after do
     clear_raw_config
   end
 
diff --git a/spec/support/seed_repo.rb b/spec/support/seed_repo.rb
index cfe7fc980a8..b4868e82cd7 100644
--- a/spec/support/seed_repo.rb
+++ b/spec/support/seed_repo.rb
@@ -97,6 +97,7 @@ module SeedRepo
       gitattributes-updated
       master
       merge-test
+      missing-gitmodules
     ].freeze
     TAGS = %w[
       v1.0.0
diff --git a/spec/support/stub_configuration.rb b/spec/support/stub_configuration.rb
index 516f8878679..37c89d37aa0 100644
--- a/spec/support/stub_configuration.rb
+++ b/spec/support/stub_configuration.rb
@@ -38,6 +38,17 @@ module StubConfiguration
     allow(Gitlab.config.backup).to receive_messages(to_settings(messages))
   end
 
+  def stub_storage_settings(messages)
+    messages.each do |storage_name, storage_settings|
+      storage_settings['failure_count_threshold'] ||= 10
+      storage_settings['failure_wait_time'] ||= 30
+      storage_settings['failure_reset_time'] ||= 1800
+      storage_settings['storage_timeout'] ||= 5
+    end
+
+    allow(Gitlab.config.repositories).to receive(:storages).and_return(messages)
+  end
+
   private
 
   # Modifies stubbed messages to also stub possible predicate versions
diff --git a/spec/support/test_env.rb b/spec/support/test_env.rb
index c1298ed9cae..1e39f80699c 100644
--- a/spec/support/test_env.rb
+++ b/spec/support/test_env.rb
@@ -63,8 +63,6 @@ module TestEnv
   # See gitlab.yml.example test section for paths
   #
   def init(opts = {})
-    Rake.application.rake_require 'tasks/gitlab/helpers'
-    Rake::Task.define_task :environment
     # Disable mailer for spinach tests
     disable_mailer if opts[:mailer] == false
 
@@ -124,41 +122,50 @@ module TestEnv
   end
 
   def setup_gitlab_shell
-    gitlab_shell_dir = File.dirname(Gitlab.config.gitlab_shell.path)
-    gitlab_shell_needs_update = component_needs_update?(gitlab_shell_dir,
+    puts "\n==> Setting up Gitlab Shell..."
+    start = Time.now
+    gitlab_shell_dir = Gitlab.config.gitlab_shell.path
+    shell_needs_update = component_needs_update?(gitlab_shell_dir,
       Gitlab::Shell.version_required)
 
-    Rake.application.rake_require 'tasks/gitlab/shell'
-    unless !gitlab_shell_needs_update || Rake.application.invoke_task('gitlab:shell:install')
+    unless !shell_needs_update || system('rake', 'gitlab:shell:install')
+      puts "\nGitLab Shell failed to install, cleaning up #{gitlab_shell_dir}!\n"
       FileUtils.rm_rf(gitlab_shell_dir)
-      raise "Can't install gitlab-shell"
+      exit 1
     end
+
+    puts "    GitLab Shell setup in #{Time.now - start} seconds...\n"
   end
 
   def setup_gitaly
+    puts "\n==> Setting up Gitaly..."
+    start = Time.now
     socket_path = Gitlab::GitalyClient.address('default').sub(/\Aunix:/, '')
     gitaly_dir = File.dirname(socket_path)
 
     if gitaly_dir_stale?(gitaly_dir)
-      puts "rm -rf #{gitaly_dir}"
-      FileUtils.rm_rf(gitaly_dir) 
+      puts "    Gitaly is outdated, cleaning up #{gitaly_dir}!"
+      FileUtils.rm_rf(gitaly_dir)
     end
 
     gitaly_needs_update = component_needs_update?(gitaly_dir,
       Gitlab::GitalyClient.expected_server_version)
 
-    Rake.application.rake_require 'tasks/gitlab/gitaly'
-    unless !gitaly_needs_update || Rake.application.invoke_task("gitlab:gitaly:install[#{gitaly_dir}]")
+    unless !gitaly_needs_update || system('rake', "gitlab:gitaly:install[#{gitaly_dir}]")
+      puts "\nGitaly failed to install, cleaning up #{gitaly_dir}!\n"
       FileUtils.rm_rf(gitaly_dir)
-      raise "Can't install gitaly"
+      exit 1
     end
 
     start_gitaly(gitaly_dir)
+    puts "    Gitaly setup in #{Time.now - start} seconds...\n"
   end
 
   def gitaly_dir_stale?(dir)
     gitaly_executable = File.join(dir, 'gitaly')
-    !File.exist?(gitaly_executable) || (File.mtime(gitaly_executable) < File.mtime(Rails.root.join('GITALY_SERVER_VERSION')))
+    return false unless File.exist?(gitaly_executable)
+
+    File.mtime(gitaly_executable) < File.mtime(Rails.root.join('GITALY_SERVER_VERSION'))
   end
 
   def start_gitaly(gitaly_dir)
@@ -243,6 +250,14 @@ module TestEnv
     "#{forked_repo_path}_bare"
   end
 
+  def with_empty_bare_repository(name = nil)
+    path = Rails.root.join('tmp/tests', name || 'empty-bare-repository').to_s
+
+    yield(Rugged::Repository.init_at(path, :bare))
+  ensure
+    FileUtils.rm_rf(path)
+  end
+
   private
 
   def factory_repo_path
diff --git a/spec/support/unique_ip_check_shared_examples.rb b/spec/support/unique_ip_check_shared_examples.rb
index ff0b47899f5..2dfa5fbecea 100644
--- a/spec/support/unique_ip_check_shared_examples.rb
+++ b/spec/support/unique_ip_check_shared_examples.rb
@@ -1,6 +1,6 @@
 shared_context 'unique ips sign in limit' do
   include StubENV
-  before(:each) do
+  before do
     Gitlab::Redis::Cache.with(&:flushall)
     Gitlab::Redis::Queues.with(&:flushall)
     Gitlab::Redis::SharedState.with(&:flushall)
diff --git a/spec/tasks/config_lint_spec.rb b/spec/tasks/config_lint_spec.rb
index ed6c5b09663..83d54259dfa 100644
--- a/spec/tasks/config_lint_spec.rb
+++ b/spec/tasks/config_lint_spec.rb
@@ -2,19 +2,19 @@ require 'rake_helper'
 Rake.application.rake_require 'tasks/config_lint'
 
 describe ConfigLint do
-  let(:files){ ['lib/support/fake.sh'] }
+  let(:files) { ['lib/support/fake.sh'] }
 
   it 'errors out if any bash scripts have errors' do
-    expect { described_class.run(files){ system('exit 1') } }.to raise_error(SystemExit)
+    expect { described_class.run(files) { system('exit 1') } }.to raise_error(SystemExit)
   end
 
   it 'passes if all scripts are fine' do
-    expect { described_class.run(files){ system('exit 0') } }.not_to raise_error
+    expect { described_class.run(files) { system('exit 0') } }.not_to raise_error
   end
 end
 
 describe 'config_lint rake task' do
-  before(:each) do
+  before do
     # Prevent `system` from actually being called
     allow(Kernel).to receive(:system).and_return(true)
   end
diff --git a/spec/tasks/gitlab/backup_rake_spec.rb b/spec/tasks/gitlab/backup_rake_spec.rb
index fae92451b46..0c8c8a2ab05 100644
--- a/spec/tasks/gitlab/backup_rake_spec.rb
+++ b/spec/tasks/gitlab/backup_rake_spec.rb
@@ -119,7 +119,7 @@ describe 'gitlab:app namespace rake task' do
       let(:project) { create(:project, :repository) }
       let(:user_backup_path) { "repositories/#{project.disk_path}" }
 
-      before(:each) do
+      before do
         @origin_cd = Dir.pwd
 
         path = File.join(project.repository.path_to_repo, filename)
@@ -130,7 +130,7 @@ describe 'gitlab:app namespace rake task' do
         create_backup
       end
 
-      after(:each) do
+      after do
         ENV["SKIP"] = ""
         FileUtils.rm(@backup_tar)
         Dir.chdir(@origin_cd)
diff --git a/spec/tasks/gitlab/gitaly_rake_spec.rb b/spec/tasks/gitlab/gitaly_rake_spec.rb
index 6d453c19fc3..b29d63c7d67 100644
--- a/spec/tasks/gitlab/gitaly_rake_spec.rb
+++ b/spec/tasks/gitlab/gitaly_rake_spec.rb
@@ -20,7 +20,7 @@ describe 'gitlab:gitaly namespace rake task' do
 
     context 'when an underlying Git command fail' do
       it 'aborts and display a help message' do
-        expect_any_instance_of(Object)
+        expect(main_object)
           .to receive(:checkout_or_clone_version).and_raise 'Git error'
 
         expect { run_rake_task('gitlab:gitaly:install', clone_path) }.to raise_error 'Git error'
@@ -33,7 +33,7 @@ describe 'gitlab:gitaly namespace rake task' do
       end
 
       it 'calls checkout_or_clone_version with the right arguments' do
-        expect_any_instance_of(Object)
+        expect(main_object)
           .to receive(:checkout_or_clone_version).with(version: version, repo: repo, target_dir: clone_path)
 
         run_rake_task('gitlab:gitaly:install', clone_path)
@@ -41,6 +41,8 @@ describe 'gitlab:gitaly namespace rake task' do
     end
 
     describe 'gmake/make' do
+      let(:command_preamble) { %w[/usr/bin/env -u RUBYOPT -u BUNDLE_GEMFILE] }
+
       before(:all) do
         @old_env_ci = ENV.delete('CI')
       end
@@ -52,17 +54,17 @@ describe 'gitlab:gitaly namespace rake task' do
       before do
         FileUtils.mkdir_p(clone_path)
         expect(Dir).to receive(:chdir).with(clone_path).and_call_original
+        allow(Bundler).to receive(:bundle_path).and_return('/fake/bundle_path')
       end
 
       context 'gmake is available' do
         before do
-          expect_any_instance_of(Object).to receive(:checkout_or_clone_version)
-          allow_any_instance_of(Object).to receive(:run_command!).with(['gmake']).and_return(true)
+          expect(main_object).to receive(:checkout_or_clone_version)
         end
 
         it 'calls gmake in the gitaly directory' do
           expect(Gitlab::Popen).to receive(:popen).with(%w[which gmake]).and_return(['/usr/bin/gmake', 0])
-          expect_any_instance_of(Object).to receive(:run_command!).with(['gmake']).and_return(true)
+          expect(main_object).to receive(:run_command!).with(command_preamble + %w[gmake BUNDLE_PATH=/fake/bundle_path]).and_return(true)
 
           run_rake_task('gitlab:gitaly:install', clone_path)
         end
@@ -70,16 +72,27 @@ describe 'gitlab:gitaly namespace rake task' do
 
       context 'gmake is not available' do
         before do
-          expect_any_instance_of(Object).to receive(:checkout_or_clone_version)
-          allow_any_instance_of(Object).to receive(:run_command!).with(['make']).and_return(true)
+          expect(main_object).to receive(:checkout_or_clone_version)
+          expect(Gitlab::Popen).to receive(:popen).with(%w[which gmake]).and_return(['', 42])
         end
 
         it 'calls make in the gitaly directory' do
-          expect(Gitlab::Popen).to receive(:popen).with(%w[which gmake]).and_return(['', 42])
-          expect_any_instance_of(Object).to receive(:run_command!).with(['make']).and_return(true)
+          expect(main_object).to receive(:run_command!).with(command_preamble + %w[make BUNDLE_PATH=/fake/bundle_path]).and_return(true)
 
           run_rake_task('gitlab:gitaly:install', clone_path)
         end
+
+        context 'when Rails.env is not "test"' do
+          before do
+            allow(Rails.env).to receive(:test?).and_return(false)
+          end
+
+          it 'calls make in the gitaly directory without BUNDLE_PATH' do
+            expect(main_object).to receive(:run_command!).with(command_preamble + ['make']).and_return(true)
+  
+            run_rake_task('gitlab:gitaly:install', clone_path)
+          end
+        end
       end
     end
   end
diff --git a/spec/tasks/gitlab/shell_rake_spec.rb b/spec/tasks/gitlab/shell_rake_spec.rb
index ee3614c50f6..65155cb044d 100644
--- a/spec/tasks/gitlab/shell_rake_spec.rb
+++ b/spec/tasks/gitlab/shell_rake_spec.rb
@@ -22,7 +22,8 @@ describe 'gitlab:shell rake tasks' do
   describe 'create_hooks task' do
     it 'calls gitlab-shell bin/create_hooks' do
       expect_any_instance_of(Object).to receive(:system)
-        .with("#{Gitlab.config.gitlab_shell.path}/bin/create-hooks", *repository_storage_paths_args)
+        .with("#{Gitlab.config.gitlab_shell.path}/bin/create-hooks",
+              *Gitlab::TaskHelpers.repository_storage_paths_args)
 
       run_rake_task('gitlab:shell:create_hooks')
     end
diff --git a/spec/tasks/gitlab/workhorse_rake_spec.rb b/spec/tasks/gitlab/workhorse_rake_spec.rb
index 1b68f3044a4..42516d36c67 100644
--- a/spec/tasks/gitlab/workhorse_rake_spec.rb
+++ b/spec/tasks/gitlab/workhorse_rake_spec.rb
@@ -20,7 +20,7 @@ describe 'gitlab:workhorse namespace rake task' do
 
     context 'when an underlying Git command fail' do
       it 'aborts and display a help message' do
-        expect_any_instance_of(Object)
+        expect(main_object)
           .to receive(:checkout_or_clone_version).and_raise 'Git error'
 
         expect { run_rake_task('gitlab:workhorse:install', clone_path) }.to raise_error 'Git error'
@@ -33,7 +33,7 @@ describe 'gitlab:workhorse namespace rake task' do
       end
 
       it 'calls checkout_or_clone_version with the right arguments' do
-        expect_any_instance_of(Object)
+        expect(main_object)
           .to receive(:checkout_or_clone_version).with(version: version, repo: repo, target_dir: clone_path)
 
         run_rake_task('gitlab:workhorse:install', clone_path)
@@ -48,13 +48,13 @@ describe 'gitlab:workhorse namespace rake task' do
 
       context 'gmake is available' do
         before do
-          expect_any_instance_of(Object).to receive(:checkout_or_clone_version)
-          allow_any_instance_of(Object).to receive(:run_command!).with(['gmake']).and_return(true)
+          expect(main_object).to receive(:checkout_or_clone_version)
+          allow(Object).to receive(:run_command!).with(['gmake']).and_return(true)
         end
 
         it 'calls gmake in the gitlab-workhorse directory' do
           expect(Gitlab::Popen).to receive(:popen).with(%w[which gmake]).and_return(['/usr/bin/gmake', 0])
-          expect_any_instance_of(Object).to receive(:run_command!).with(['gmake']).and_return(true)
+          expect(main_object).to receive(:run_command!).with(['gmake']).and_return(true)
 
           run_rake_task('gitlab:workhorse:install', clone_path)
         end
@@ -62,13 +62,13 @@ describe 'gitlab:workhorse namespace rake task' do
 
       context 'gmake is not available' do
         before do
-          expect_any_instance_of(Object).to receive(:checkout_or_clone_version)
-          allow_any_instance_of(Object).to receive(:run_command!).with(['make']).and_return(true)
+          expect(main_object).to receive(:checkout_or_clone_version)
+          allow(main_object).to receive(:run_command!).with(['make']).and_return(true)
         end
 
         it 'calls make in the gitlab-workhorse directory' do
           expect(Gitlab::Popen).to receive(:popen).with(%w[which gmake]).and_return(['', 42])
-          expect_any_instance_of(Object).to receive(:run_command!).with(['make']).and_return(true)
+          expect(main_object).to receive(:run_command!).with(['make']).and_return(true)
 
           run_rake_task('gitlab:workhorse:install', clone_path)
         end
diff --git a/spec/uploaders/file_mover_spec.rb b/spec/uploaders/file_mover_spec.rb
index d7c1b390f9a..0cf462e9553 100644
--- a/spec/uploaders/file_mover_spec.rb
+++ b/spec/uploaders/file_mover_spec.rb
@@ -4,11 +4,11 @@ describe FileMover do
   let(:filename) { 'banana_sample.gif' }
   let(:file) { fixture_file_upload(Rails.root.join('spec', 'fixtures', filename)) }
   let(:temp_description) do
-    'test ![banana_sample](/uploads/system/temp/secret55/banana_sample.gif) same ![banana_sample]'\
-    '(/uploads/system/temp/secret55/banana_sample.gif)'
+    'test ![banana_sample](/uploads/-/system/temp/secret55/banana_sample.gif) same ![banana_sample]'\
+    '(/uploads/-/system/temp/secret55/banana_sample.gif)'
   end
   let(:temp_file_path) { File.join('secret55', filename).to_s }
-  let(:file_path) { File.join('uploads', 'system', 'personal_snippet', snippet.id.to_s, 'secret55', filename).to_s }
+  let(:file_path) { File.join('uploads', '-', 'system', 'personal_snippet', snippet.id.to_s, 'secret55', filename).to_s }
 
   let(:snippet) { create(:personal_snippet, description: temp_description) }
 
@@ -28,8 +28,8 @@ describe FileMover do
 
         expect(snippet.reload.description)
           .to eq(
-            "test ![banana_sample](/uploads/system/personal_snippet/#{snippet.id}/secret55/banana_sample.gif)"\
-            " same ![banana_sample](/uploads/system/personal_snippet/#{snippet.id}/secret55/banana_sample.gif)"
+            "test ![banana_sample](/uploads/-/system/personal_snippet/#{snippet.id}/secret55/banana_sample.gif)"\
+            " same ![banana_sample](/uploads/-/system/personal_snippet/#{snippet.id}/secret55/banana_sample.gif)"
           )
       end
 
@@ -50,8 +50,8 @@ describe FileMover do
 
         expect(snippet.reload.description)
           .to eq(
-            "test ![banana_sample](/uploads/system/temp/secret55/banana_sample.gif)"\
-            " same ![banana_sample](/uploads/system/temp/secret55/banana_sample.gif)"
+            "test ![banana_sample](/uploads/-/system/temp/secret55/banana_sample.gif)"\
+            " same ![banana_sample](/uploads/-/system/temp/secret55/banana_sample.gif)"
           )
       end
 
diff --git a/spec/uploaders/personal_file_uploader_spec.rb b/spec/uploaders/personal_file_uploader_spec.rb
index e505edc75ce..cbafa9f478d 100644
--- a/spec/uploaders/personal_file_uploader_spec.rb
+++ b/spec/uploaders/personal_file_uploader_spec.rb
@@ -10,7 +10,7 @@ describe PersonalFileUploader do
 
       dynamic_segment = "personal_snippet/#{snippet.id}"
 
-      expect(described_class.absolute_path(upload)).to end_with("/system/#{dynamic_segment}/secret/foo.jpg")
+      expect(described_class.absolute_path(upload)).to end_with("/-/system/#{dynamic_segment}/secret/foo.jpg")
     end
   end
 
@@ -19,7 +19,7 @@ describe PersonalFileUploader do
       uploader = described_class.new(snippet, 'secret')
 
       allow(uploader).to receive(:file).and_return(double(extension: 'txt', filename: 'file_name'))
-      expected_url = "/uploads/system/personal_snippet/#{snippet.id}/secret/file_name"
+      expected_url = "/uploads/-/system/personal_snippet/#{snippet.id}/secret/file_name"
 
       expect(uploader.to_h).to eq(
         alt: 'file_name',
diff --git a/spec/views/projects/commits/_commit.html.haml_spec.rb b/spec/views/projects/commits/_commit.html.haml_spec.rb
new file mode 100644
index 00000000000..4c247361bd7
--- /dev/null
+++ b/spec/views/projects/commits/_commit.html.haml_spec.rb
@@ -0,0 +1,22 @@
+require 'spec_helper'
+
+describe 'projects/commits/_commit.html.haml' do
+  context 'with a singed commit' do
+    let(:project) { create(:project, :repository) }
+    let(:repository) { project.repository }
+    let(:ref) { GpgHelpers::SIGNED_COMMIT_SHA }
+    let(:commit) { repository.commit(ref) }
+
+    it 'does not display a loading spinner for GPG status' do
+      render partial: 'projects/commits/commit', locals: {
+        project: project,
+        ref: ref,
+        commit: commit
+      }
+
+      within '.gpg-status-box' do
+        expect(page).not_to have_css('i.fa.fa-spinner.fa-spin')
+      end
+    end
+  end
+end
diff --git a/spec/views/projects/edit.html.haml_spec.rb b/spec/views/projects/edit.html.haml_spec.rb
index 94899e26292..1af422941d7 100644
--- a/spec/views/projects/edit.html.haml_spec.rb
+++ b/spec/views/projects/edit.html.haml_spec.rb
@@ -11,14 +11,26 @@ describe 'projects/edit' do
 
     allow(controller).to receive(:current_user).and_return(user)
     allow(view).to receive_messages(current_user: user, can?: true)
-    allow(Gitlab.config.lfs).to receive(:enabled).and_return(true)
   end
 
   context 'LFS enabled setting' do
     it 'displays the correct elements' do
+      allow(Gitlab.config.lfs).to receive(:enabled).and_return(true)
+
       render
+
       expect(rendered).to have_select('project_lfs_enabled')
       expect(rendered).to have_content('Git Large File Storage')
     end
   end
+
+  context 'project export disabled' do
+    it 'does not display the project export option' do
+      stub_application_setting(project_export_enabled?: false)
+
+      render
+
+      expect(rendered).not_to have_content('Export project')
+    end
+  end
 end
diff --git a/spec/views/projects/notes/_more_actions_dropdown.html.haml_spec.rb b/spec/views/projects/notes/_more_actions_dropdown.html.haml_spec.rb
index aea20d826d0..9c0be249a50 100644
--- a/spec/views/projects/notes/_more_actions_dropdown.html.haml_spec.rb
+++ b/spec/views/projects/notes/_more_actions_dropdown.html.haml_spec.rb
@@ -24,18 +24,16 @@ describe 'projects/notes/_more_actions_dropdown' do
     expect(rendered).not_to have_selector('.dropdown.more-actions')
   end
 
-  it 'shows Report as abuse, Edit and Delete buttons if editable and not current users comment' do
+  it 'shows Report as abuse and Delete buttons if editable and not current users comment' do
     render 'projects/notes/more_actions_dropdown', current_user: not_author_user, note_editable: true, note: note
 
     expect(rendered).to have_link('Report as abuse')
-    expect(rendered).to have_button('Edit comment')
     expect(rendered).to have_link('Delete comment')
   end
 
-  it 'shows Edit and Delete buttons if editable and current users comment' do
+  it 'shows Delete button if editable and current users comment' do
     render 'projects/notes/more_actions_dropdown', current_user: author_user, note_editable: true, note: note
 
-    expect(rendered).to have_button('Edit comment')
     expect(rendered).to have_link('Delete comment')
   end
 end
diff --git a/spec/workers/merge_worker_spec.rb b/spec/workers/merge_worker_spec.rb
index 303193bab9b..ee51000161a 100644
--- a/spec/workers/merge_worker_spec.rb
+++ b/spec/workers/merge_worker_spec.rb
@@ -27,4 +27,15 @@ describe MergeWorker do
       expect(source_project.repository.branch_names).not_to include('markdown')
     end
   end
+
+  it 'persists merge_jid' do
+    merge_request = create(:merge_request, merge_jid: nil)
+    user = create(:user)
+    worker = described_class.new
+
+    allow(worker).to receive(:jid) { '999' }
+
+    expect { worker.perform(merge_request.id, user.id, {}) }
+      .to change { merge_request.reload.merge_jid }.from(nil).to('999')
+  end
 end
diff --git a/spec/workers/new_issue_worker_spec.rb b/spec/workers/new_issue_worker_spec.rb
index ed49ce57c0b..4e15ccc534b 100644
--- a/spec/workers/new_issue_worker_spec.rb
+++ b/spec/workers/new_issue_worker_spec.rb
@@ -41,7 +41,7 @@ describe NewIssueWorker do
       let(:issue) { create(:issue, project: project, description: "issue for #{mentioned.to_reference}") }
 
       it 'creates a new event record' do
-        expect{ worker.perform(issue.id, user.id) }.to change { Event.count }.from(0).to(1)
+        expect { worker.perform(issue.id, user.id) }.to change { Event.count }.from(0).to(1)
       end
 
       it 'creates a notification for the assignee' do
diff --git a/spec/workers/new_merge_request_worker_spec.rb b/spec/workers/new_merge_request_worker_spec.rb
index 85af6184d39..9e0cbde45b1 100644
--- a/spec/workers/new_merge_request_worker_spec.rb
+++ b/spec/workers/new_merge_request_worker_spec.rb
@@ -43,7 +43,7 @@ describe NewMergeRequestWorker do
       end
 
       it 'creates a new event record' do
-        expect{ worker.perform(merge_request.id, user.id) }.to change { Event.count }.from(0).to(1)
+        expect { worker.perform(merge_request.id, user.id) }.to change { Event.count }.from(0).to(1)
       end
 
       it 'creates a notification for the assignee' do
diff --git a/spec/workers/pipeline_schedule_worker_spec.rb b/spec/workers/pipeline_schedule_worker_spec.rb
index 14ed8b7811e..75197039f5a 100644
--- a/spec/workers/pipeline_schedule_worker_spec.rb
+++ b/spec/workers/pipeline_schedule_worker_spec.rb
@@ -23,7 +23,7 @@ describe PipelineScheduleWorker do
 
     context 'when there is a scheduled pipeline within next_run_at' do
       it 'creates a new pipeline' do
-        expect{ subject }.to change { project.pipelines.count }.by(1)
+        expect { subject }.to change { project.pipelines.count }.by(1)
         expect(Ci::Pipeline.last).to be_schedule
       end
 
diff --git a/spec/workers/post_receive_spec.rb b/spec/workers/post_receive_spec.rb
index 74a9f90195c..af6a3c9f6c7 100644
--- a/spec/workers/post_receive_spec.rb
+++ b/spec/workers/post_receive_spec.rb
@@ -78,7 +78,7 @@ describe PostReceive do
           stub_ci_pipeline_to_return_yaml_file
         end
 
-        it { expect{ subject }.to change{ Ci::Pipeline.count }.by(2) }
+        it { expect { subject }.to change { Ci::Pipeline.count }.by(2) }
       end
 
       context "does not create a Ci::Pipeline" do
@@ -86,7 +86,7 @@ describe PostReceive do
           stub_ci_pipeline_yaml_file(nil)
         end
 
-        it { expect{ subject }.not_to change{ Ci::Pipeline.count } }
+        it { expect { subject }.not_to change { Ci::Pipeline.count } }
       end
     end
 
diff --git a/spec/workers/prune_old_events_worker_spec.rb b/spec/workers/prune_old_events_worker_spec.rb
index 35e1518a35e..ea974355050 100644
--- a/spec/workers/prune_old_events_worker_spec.rb
+++ b/spec/workers/prune_old_events_worker_spec.rb
@@ -2,9 +2,11 @@ require 'spec_helper'
 
 describe PruneOldEventsWorker do
   describe '#perform' do
-    let!(:expired_event) { create(:event, author_id: 0, created_at: 13.months.ago) }
-    let!(:not_expired_event) { create(:event, author_id: 0,  created_at: 1.day.ago) }
-    let!(:exactly_12_months_event) { create(:event, author_id: 0, created_at: 12.months.ago) }
+    let(:user) { create(:user) }
+
+    let!(:expired_event) { create(:event, :closed, author: user, created_at: 13.months.ago) }
+    let!(:not_expired_event) { create(:event, :closed, author: user,  created_at: 1.day.ago) }
+    let!(:exactly_12_months_event) { create(:event, :closed, author: user, created_at: 12.months.ago) }
 
     it 'prunes events older than 12 months' do
       expect { subject.perform }.to change { Event.count }.by(-1)
diff --git a/spec/workers/stuck_merge_jobs_worker_spec.rb b/spec/workers/stuck_merge_jobs_worker_spec.rb
new file mode 100644
index 00000000000..a5ad78393c9
--- /dev/null
+++ b/spec/workers/stuck_merge_jobs_worker_spec.rb
@@ -0,0 +1,50 @@
+require 'spec_helper'
+
+describe StuckMergeJobsWorker do
+  describe 'perform' do
+    let(:worker) { described_class.new }
+
+    context 'merge job identified as completed' do
+      it 'updates merge request to merged when locked but has merge_commit_sha' do
+        allow(Gitlab::SidekiqStatus).to receive(:completed_jids).and_return(%w(123 456))
+        mr_with_sha = create(:merge_request, :locked, merge_jid: '123', state: :locked, merge_commit_sha: 'foo-bar-baz')
+        mr_without_sha = create(:merge_request, :locked, merge_jid: '123', state: :locked, merge_commit_sha: nil)
+
+        worker.perform
+
+        expect(mr_with_sha.reload).to be_merged
+        expect(mr_without_sha.reload).to be_opened
+      end
+
+      it 'updates merge request to opened when locked but has not been merged' do
+        allow(Gitlab::SidekiqStatus).to receive(:completed_jids).and_return(%w(123))
+        merge_request = create(:merge_request, :locked, merge_jid: '123', state: :locked)
+
+        worker.perform
+
+        expect(merge_request.reload).to be_opened
+      end
+
+      it 'logs updated stuck merge job ids' do
+        allow(Gitlab::SidekiqStatus).to receive(:completed_jids).and_return(%w(123 456))
+
+        create(:merge_request, :locked, merge_jid: '123')
+        create(:merge_request, :locked, merge_jid: '456')
+
+        expect(Rails).to receive_message_chain(:logger, :info).with('Updated state of locked merge jobs. JIDs: 123, 456')
+
+        worker.perform
+      end
+    end
+
+    context 'merge job not identified as completed' do
+      it 'does not change merge request state when job is not completed yet' do
+        allow(Gitlab::SidekiqStatus).to receive(:completed_jids).and_return([])
+
+        merge_request = create(:merge_request, :locked, merge_jid: '123')
+
+        expect { worker.perform }.not_to change { merge_request.reload.state }.from('locked')
+      end
+    end
+  end
+end
diff --git a/vendor/project_templates/express.tar.gz b/vendor/project_templates/express.tar.gz
new file mode 100644
index 00000000000..6353f6605d5
--- /dev/null
+++ b/vendor/project_templates/express.tar.gz
diff --git a/vendor/project_templates/rails.tar.gz b/vendor/project_templates/rails.tar.gz
index b54cae3143a..0509016f130 100644
--- a/vendor/project_templates/rails.tar.gz
+++ b/vendor/project_templates/rails.tar.gz
diff --git a/vendor/project_templates/spring.tar.gz b/vendor/project_templates/spring.tar.gz
new file mode 100644
index 00000000000..d7c0ab74d01
--- /dev/null
+++ b/vendor/project_templates/spring.tar.gz
diff --git a/yarn.lock b/yarn.lock
index b1cd07a8e9c..5fc28f8b5ba 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -254,6 +254,13 @@ aws4@^1.2.1:
   version "1.6.0"
   resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.6.0.tgz#83ef5ca860b2b32e4a0deedee8c771b9db57471e"
 
+axios@^0.16.2:
+  version "0.16.2"
+  resolved "https://registry.yarnpkg.com/axios/-/axios-0.16.2.tgz#ba4f92f17167dfbab40983785454b9ac149c3c6d"
+  dependencies:
+    follow-redirects "^1.2.3"
+    is-buffer "^1.1.5"
+
 babel-code-frame@^6.11.0, babel-code-frame@^6.16.0, babel-code-frame@^6.22.0:
   version "6.22.0"
   resolved "https://registry.yarnpkg.com/babel-code-frame/-/babel-code-frame-6.22.0.tgz#027620bee567a88c32561574e7fd0801d33118e4"
@@ -903,6 +910,10 @@ block-stream@*:
   dependencies:
     inherits "~2.0.0"
 
+bluebird@^2.10.2:
+  version "2.11.0"
+  resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-2.11.0.tgz#534b9033c022c9579c56ba3b3e5a5caafbb650e1"
+
 bluebird@^3.0.5, bluebird@^3.1.1, bluebird@^3.3.0:
   version "3.4.7"
   resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.4.7.tgz#f72d760be09b7f76d08ed8fae98b289a8d05fab3"
@@ -1424,6 +1435,19 @@ cookie@0.3.1:
   version "0.3.1"
   resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb"
 
+copy-webpack-plugin@^4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/copy-webpack-plugin/-/copy-webpack-plugin-4.0.1.tgz#9728e383b94316050d0c7463958f2b85c0aa8200"
+  dependencies:
+    bluebird "^2.10.2"
+    fs-extra "^0.26.4"
+    glob "^6.0.4"
+    is-glob "^3.1.0"
+    loader-utils "^0.2.15"
+    lodash "^4.3.0"
+    minimatch "^3.0.0"
+    node-dir "^0.1.10"
+
 core-js@^2.2.0, core-js@^2.4.0, core-js@^2.4.1:
   version "2.4.1"
   resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.4.1.tgz#4de911e667b0eae9124e34254b53aea6fc618d3e"
@@ -1604,7 +1628,13 @@ d3@^3.5.11:
   version "3.5.11"
   resolved "https://registry.yarnpkg.com/d3/-/d3-3.5.11.tgz#d130750eed0554db70e8432102f920a12407b69c"
 
-d@^0.1.1, d@~0.1.1:
+d@1:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/d/-/d-1.0.0.tgz#754bb5bfe55451da69a58b94d45f4c5b0462d58f"
+  dependencies:
+    es5-ext "^0.10.9"
+
+d@^0.1.1:
   version "0.1.1"
   resolved "https://registry.yarnpkg.com/d/-/d-0.1.1.tgz#da184c535d18d8ee7ba2aa229b914009fae11309"
   dependencies:
@@ -1642,7 +1672,7 @@ debug@2.6.7:
   dependencies:
     ms "2.0.0"
 
-debug@^2.1.0, debug@^2.1.1, debug@^2.2.0, debug@^2.6.6, debug@^2.6.8:
+debug@^2.1.0, debug@^2.1.1, debug@^2.2.0, debug@^2.4.5, debug@^2.6.6, debug@^2.6.8:
   version "2.6.8"
   resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.8.tgz#e731531ca2ede27d188222427da17821d68ff4fc"
   dependencies:
@@ -1978,52 +2008,52 @@ error-ex@^1.2.0:
   dependencies:
     is-arrayish "^0.2.1"
 
-es5-ext@^0.10.7, es5-ext@^0.10.8, es5-ext@~0.10.11, es5-ext@~0.10.2, es5-ext@~0.10.7:
-  version "0.10.12"
-  resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.12.tgz#aa84641d4db76b62abba5e45fd805ecbab140047"
+es5-ext@^0.10.14, es5-ext@^0.10.8, es5-ext@^0.10.9, es5-ext@~0.10.14, es5-ext@~0.10.2:
+  version "0.10.24"
+  resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.24.tgz#a55877c9924bc0c8d9bd3c2cbe17495ac1709b14"
   dependencies:
     es6-iterator "2"
     es6-symbol "~3.1"
 
-es6-iterator@2:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.0.tgz#bd968567d61635e33c0b80727613c9cb4b096bac"
+es6-iterator@2, es6-iterator@~2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.1.tgz#8e319c9f0453bf575d374940a655920e59ca5512"
   dependencies:
-    d "^0.1.1"
-    es5-ext "^0.10.7"
-    es6-symbol "3"
+    d "1"
+    es5-ext "^0.10.14"
+    es6-symbol "^3.1"
 
 es6-map@^0.1.3:
-  version "0.1.4"
-  resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.4.tgz#a34b147be224773a4d7da8072794cefa3632b897"
+  version "0.1.5"
+  resolved "https://registry.yarnpkg.com/es6-map/-/es6-map-0.1.5.tgz#9136e0503dcc06a301690f0bb14ff4e364e949f0"
   dependencies:
-    d "~0.1.1"
-    es5-ext "~0.10.11"
-    es6-iterator "2"
-    es6-set "~0.1.3"
-    es6-symbol "~3.1.0"
-    event-emitter "~0.3.4"
+    d "1"
+    es5-ext "~0.10.14"
+    es6-iterator "~2.0.1"
+    es6-set "~0.1.5"
+    es6-symbol "~3.1.1"
+    event-emitter "~0.3.5"
 
 es6-promise@^3.0.2, es6-promise@~3.0.2:
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-3.0.2.tgz#010d5858423a5f118979665f46486a95c6ee2bb6"
 
-es6-set@~0.1.3:
-  version "0.1.4"
-  resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.4.tgz#9516b6761c2964b92ff479456233a247dc707ce8"
+es6-set@~0.1.5:
+  version "0.1.5"
+  resolved "https://registry.yarnpkg.com/es6-set/-/es6-set-0.1.5.tgz#d2b3ec5d4d800ced818db538d28974db0a73ccb1"
   dependencies:
-    d "~0.1.1"
-    es5-ext "~0.10.11"
-    es6-iterator "2"
-    es6-symbol "3"
-    event-emitter "~0.3.4"
+    d "1"
+    es5-ext "~0.10.14"
+    es6-iterator "~2.0.1"
+    es6-symbol "3.1.1"
+    event-emitter "~0.3.5"
 
-es6-symbol@3, es6-symbol@~3.1, es6-symbol@~3.1.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.0.tgz#94481c655e7a7cad82eba832d97d5433496d7ffa"
+es6-symbol@3, es6-symbol@3.1.1, es6-symbol@^3.1, es6-symbol@~3.1, es6-symbol@~3.1.1:
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.1.tgz#bf00ef4fdab6ba1b46ecb7b629b4c7ed5715cc77"
   dependencies:
-    d "~0.1.1"
-    es5-ext "~0.10.11"
+    d "1"
+    es5-ext "~0.10.14"
 
 es6-weak-map@^2.0.1:
   version "2.0.1"
@@ -2219,12 +2249,12 @@ eve-raphael@0.5.0:
   version "0.5.0"
   resolved "https://registry.yarnpkg.com/eve-raphael/-/eve-raphael-0.5.0.tgz#17c754b792beef3fa6684d79cf5a47c63c4cda30"
 
-event-emitter@~0.3.4:
-  version "0.3.4"
-  resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.4.tgz#8d63ddfb4cfe1fae3b32ca265c4c720222080bb5"
+event-emitter@~0.3.5:
+  version "0.3.5"
+  resolved "https://registry.yarnpkg.com/event-emitter/-/event-emitter-0.3.5.tgz#df8c69eef1647923c7157b9ce83840610b02cc39"
   dependencies:
-    d "~0.1.1"
-    es5-ext "~0.10.7"
+    d "1"
+    es5-ext "~0.10.14"
 
 event-stream@~3.3.0:
   version "3.3.4"
@@ -2484,6 +2514,12 @@ flatten@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/flatten/-/flatten-1.0.2.tgz#dae46a9d78fbe25292258cc1e780a41d95c03782"
 
+follow-redirects@^1.2.3:
+  version "1.2.3"
+  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.2.3.tgz#01abaeca85e3609837d9fcda3167a7e42fdaca21"
+  dependencies:
+    debug "^2.4.5"
+
 for-in@^0.1.5:
   version "0.1.6"
   resolved "https://registry.yarnpkg.com/for-in/-/for-in-0.1.6.tgz#c9f96e89bfad18a545af5ec3ed352a1d9e5b4dc8"
@@ -2524,6 +2560,16 @@ fs-access@^1.0.0:
   dependencies:
     null-check "^1.0.0"
 
+fs-extra@^0.26.4:
+  version "0.26.7"
+  resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-0.26.7.tgz#9ae1fdd94897798edab76d0918cf42d0c3184fa9"
+  dependencies:
+    graceful-fs "^4.1.2"
+    jsonfile "^2.1.0"
+    klaw "^1.0.0"
+    path-is-absolute "^1.0.0"
+    rimraf "^2.2.8"
+
 fs.realpath@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f"
@@ -2621,6 +2667,16 @@ glob@^5.0.15:
     once "^1.3.0"
     path-is-absolute "^1.0.0"
 
+glob@^6.0.4:
+  version "6.0.4"
+  resolved "https://registry.yarnpkg.com/glob/-/glob-6.0.4.tgz#0f08860f6a155127b2fadd4f9ce24b1aab6e4d22"
+  dependencies:
+    inflight "^1.0.4"
+    inherits "2"
+    minimatch "2 || 3"
+    once "^1.3.0"
+    path-is-absolute "^1.0.0"
+
 glob@^7.0.0, glob@^7.0.3, glob@^7.0.5, glob@^7.1.1:
   version "7.1.1"
   resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.1.tgz#805211df04faaf1c63a3600306cdf5ade50b2ec8"
@@ -2697,7 +2753,7 @@ got@^7.0.0:
     url-parse-lax "^1.0.0"
     url-to-options "^1.0.1"
 
-graceful-fs@^4.1.11, graceful-fs@^4.1.2:
+graceful-fs@^4.1.11, graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.1.9:
   version "4.1.11"
   resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.11.tgz#0e8bdfe4d1ddb8854d64e04ea7c00e2a026e5658"
 
@@ -2917,6 +2973,13 @@ immediate@~3.0.5:
   version "3.0.6"
   resolved "https://registry.yarnpkg.com/immediate/-/immediate-3.0.6.tgz#9db1dbd0faf8de6fbe0f5dd5e56bb606280de69b"
 
+imports-loader@^0.7.1:
+  version "0.7.1"
+  resolved "https://registry.yarnpkg.com/imports-loader/-/imports-loader-0.7.1.tgz#f204b5f34702a32c1db7d48d89d5e867a0441253"
+  dependencies:
+    loader-utils "^1.0.2"
+    source-map "^0.5.6"
+
 imurmurhash@^0.1.4:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea"
@@ -3025,9 +3088,9 @@ is-binary-path@^1.0.0:
   dependencies:
     binary-extensions "^1.0.0"
 
-is-buffer@^1.0.2:
-  version "1.1.4"
-  resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.4.tgz#cfc86ccd5dc5a52fa80489111c6920c457e2d98b"
+is-buffer@^1.0.2, is-buffer@^1.1.5:
+  version "1.1.5"
+  resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.5.tgz#1f3b26ef613b214b88cbca23cc6c01d87961eecc"
 
 is-builtin-module@^1.0.0:
   version "1.0.0"
@@ -3413,6 +3476,12 @@ json5@^0.5.0, json5@^0.5.1:
   version "0.5.1"
   resolved "https://registry.yarnpkg.com/json5/-/json5-0.5.1.tgz#1eade7acc012034ad84e2396767ead9fa5495821"
 
+jsonfile@^2.1.0:
+  version "2.4.0"
+  resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-2.4.0.tgz#3736a2b428b87bbda0cc83b53fa3d633a35c2ae8"
+  optionalDependencies:
+    graceful-fs "^4.1.6"
+
 jsonify@~0.0.0:
   version "0.0.0"
   resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73"
@@ -3520,6 +3589,12 @@ kind-of@^3.0.2:
   dependencies:
     is-buffer "^1.0.2"
 
+klaw@^1.0.0:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/klaw/-/klaw-1.3.1.tgz#4088433b46b3b1ba259d78785d8e96f73ba02439"
+  optionalDependencies:
+    graceful-fs "^4.1.9"
+
 latest-version@^1.0.0:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/latest-version/-/latest-version-1.0.1.tgz#72cfc46e3e8d1be651e1ebb54ea9f6ea96f374bb"
@@ -3572,7 +3647,7 @@ loader-runner@^2.3.0:
   version "2.3.0"
   resolved "https://registry.yarnpkg.com/loader-runner/-/loader-runner-2.3.0.tgz#f482aea82d543e07921700d5a46ef26fdac6b8a2"
 
-loader-utils@^0.2.5:
+loader-utils@^0.2.15, loader-utils@^0.2.5:
   version "0.2.16"
   resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-0.2.16.tgz#f08632066ed8282835dff88dfb52704765adee6d"
   dependencies:
@@ -3935,6 +4010,10 @@ moment@2.x:
   version "2.17.1"
   resolved "https://registry.yarnpkg.com/moment/-/moment-2.17.1.tgz#fed9506063f36b10f066c8b59a144d7faebe1d82"
 
+monaco-editor@0.8.3:
+  version "0.8.3"
+  resolved "https://registry.yarnpkg.com/monaco-editor/-/monaco-editor-0.8.3.tgz#523bdf2d1524db2c2dfc3cae0a7b6edc48d6dea6"
+
 mousetrap@^1.4.6:
   version "1.4.6"
   resolved "https://registry.yarnpkg.com/mousetrap/-/mousetrap-1.4.6.tgz#eaca72e22e56d5b769b7555873b688c3332e390a"
@@ -3988,6 +4067,12 @@ nested-error-stacks@^1.0.0:
   dependencies:
     inherits "~2.0.1"
 
+node-dir@^0.1.10:
+  version "0.1.17"
+  resolved "https://registry.yarnpkg.com/node-dir/-/node-dir-0.1.17.tgz#5f5665d93351335caabef8f1c554516cf5f1e4e5"
+  dependencies:
+    minimatch "^3.0.2"
+
 node-forge@0.6.33:
   version "0.6.33"
   resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.6.33.tgz#463811879f573d45155ad6a9f43dc296e8e85ebc"
@@ -6190,9 +6275,9 @@ webpack-stats-plugin@^0.1.5:
   version "0.1.5"
   resolved "https://registry.yarnpkg.com/webpack-stats-plugin/-/webpack-stats-plugin-0.1.5.tgz#29e5f12ebfd53158d31d656a113ac1f7b86179d9"
 
-webpack@^3.4.0:
-  version "3.4.0"
-  resolved "https://registry.yarnpkg.com/webpack/-/webpack-3.4.0.tgz#e9465b660ad79dd2d33874d968b31746ea9a8e63"
+webpack@^3.5.4:
+  version "3.5.4"
+  resolved "https://registry.yarnpkg.com/webpack/-/webpack-3.5.4.tgz#5583eb263ed27b78b5bd17bfdfb0eb1b1cd1bf81"
   dependencies:
     acorn "^5.0.0"
     acorn-dynamic-import "^2.0.0"