kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2020-12-11 06:10:17 +00:00
parent 07116000f2
commit 12d3a6f921
69 changed files with 159 additions and 204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config/feature_flags/development/allow_possible_spam.yml
View File

@ -1,8 +1,8 @@
---
name: allow_possible_spam
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/17604
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/29830
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/33421
milestone: '12.4'
type: development
group: group::portfolio management
group: group::product planning
default_enabled: false

4
config/feature_flags/development/bulk_update_health_status.yml
View File

@ -1,8 +1,8 @@
---
name: bulk_update_health_status
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/33065
rollout_issue_url:
rollout_issue_url:
milestone: '13.2'
type: development
group: group::portfolio management
group: group::product planning
default_enabled: true

2
config/feature_flags/development/graphql_board_lists.yml
View File

@ -1,7 +1,7 @@
---
name: graphql_board_lists
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37905
rollout_issue_url:
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/248908
milestone: '13.4'
type: development
group: group::project management

6
config/feature_flags/development/service_desk_custom_address.yml
View File

@ -1,8 +1,8 @@
---
name: service_desk_custom_address
introduced_by_url:
rollout_issue_url:
milestone:
introduced_by_url:
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/284656
milestone:
type: development
group: group::certify
default_enabled: false

2
doc/.vale/gitlab/CurlStringsQuoted.yml
View File

@ -7,7 +7,7 @@
extends: existence
message: 'For consistency across all cURL examples, always wrap the URL in double quotes ("): %s'
link: https://docs.gitlab.com/ee/development/documentation/restful_api_styleguide.html#curl-commands
level: warning
level: error
scope: code
raw:
- 'curl.*[^"=]https?://.*'

2
doc/.vale/gitlab/CurrentStatus.yml
View File

@ -8,6 +8,6 @@ extends: existence
message: 'Avoid words like "%s" that promise future changes, because documentation is about the current state of the product.'
level: suggestion
ignorecase: true
link: https://docs.gitlab.com/ee/development/documentation/styleguide.html#language-to-avoid
link: https://docs.gitlab.com/ee/development/documentation/styleguide.html#usage-list
tokens:
- currently

2
doc/.vale/gitlab/FutureTense.yml
View File

@ -9,7 +9,7 @@ extends: existence
message: 'Avoid using future tense: "%s". Use present tense instead.'
ignorecase: true
level: warning
link: https://docs.gitlab.com/ee/development/documentation/styleguide.html#language-to-avoid
link: https://docs.gitlab.com/ee/development/documentation/styleguide.html#usage-list
raw:
- "(going to( |\n|[[:punct:]])[a-zA-Z]*|"
- "will( |\n|[[:punct:]])[a-zA-Z]*|"

2
doc/.vale/gitlab/Simplicity.yml
View File

@ -8,7 +8,7 @@ extends: existence
message: 'Avoid words like "%s" that imply ease of use, because the user may find this action hard.'
level: suggestion
ignorecase: true
link: https://docs.gitlab.com/ee/development/documentation/styleguide.html#language-to-avoid
link: https://docs.gitlab.com/ee/development/documentation/styleguide.html#usage-list
tokens:
- easy
- easily

2
doc/administration/gitaly/praefect.md
View File

@ -748,7 +748,7 @@ documentation](index.md#configure-gitaly-servers).
After all Gitaly nodes are configured, you can run the Praefect connection
checker to verify Praefect can connect to all Gitaly servers in the Praefect
config.
configuration.
1. SSH into each **Praefect** node and run the Praefect connection checker:

2
doc/administration/packages/index.md
View File

@ -137,7 +137,7 @@ store packages.
[Read more about using object storage with GitLab](../object_storage.md).
NOTE:
We recommend using the [consolidated object storage settings](../object_storage.md#consolidated-object-storage-configuration). The following instructions apply to the original config format.
We recommend using the [consolidated object storage settings](../object_storage.md#consolidated-object-storage-configuration). The following instructions apply to the original configuration format.
**Omnibus GitLab installations**

4
doc/administration/pages/index.md
View File

@ -204,7 +204,7 @@ control over how the Pages daemon runs and serves content in your environment.
| `artifacts_server_url` | API URL to proxy artifact requests to. Defaults to GitLab `external URL` + `/api/v4`, for example `https://gitlab.com/api/v4`.
| `auth_redirect_uri` | Callback URL for authenticating with GitLab. Defaults to project's subdomain of `pages_external_url` + `/auth`.
| `auth_secret` | Secret key for signing authentication requests. Leave blank to pull automatically from GitLab during OAuth registration.
| `dir` | Working directory for config and secrets files.
| `dir` | Working directory for configuration and secrets files.
| `enable` | Enable or disable GitLab Pages on the current system.
| `external_http` | Configure Pages to bind to one or more secondary IP addresses, serving HTTP requests. Multiple addresses can be given as an array, along with exact ports, for example `['1.2.3.4', '1.2.3.5:8063']`. Sets value for `listen_http`.
| `external_https` | Configure Pages to bind to one or more secondary IP addresses, serving HTTPS requests. Multiple addresses can be given as an array, along with exact ports, for example `['1.2.3.4', '1.2.3.5:8063']`. Sets value for `listen_https`.
@ -241,7 +241,7 @@ control over how the Pages daemon runs and serves content in your environment.
| `pages_path` | The directory on disk where pages are stored, defaults to `GITLAB-RAILS/shared/pages`.
| `pages_nginx[]` | |
| `enable` | Include a virtual host `server{}` block for Pages inside NGINX. Needed for NGINX to proxy traffic back to the Pages daemon. Set to `false` if the Pages daemon should directly receive all requests, for example, when using [custom domains](index.md#custom-domains).
| `FF_ENABLE_REDIRECTS` | Feature flag to disable redirects (enabled by default). Read the [redirects documentation](../../user/project/pages/redirects.md#disable-redirects) for more info. |
| `FF_ENABLE_REDIRECTS` | Feature flag to disable redirects (enabled by default). Read the [redirects documentation](../../user/project/pages/redirects.md#disable-redirects) for more information. |
---

2
doc/administration/pages/source.md
View File

@ -395,7 +395,7 @@ API to check that the user is authorized to read that site.
From [GitLab 12.8](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/3689) onward,
Access Control parameters for Pages are set in a configuration file, which
by convention is named `gitlab-pages-config`. The configuration file is passed to
pages using the `-config flag` or CONFIG environment variable.
pages using the `-config flag` or `CONFIG` environment variable.
Pages access control is disabled by default. To enable it:

2
doc/administration/troubleshooting/kubernetes_cheat_sheet.md
View File

@ -207,7 +207,7 @@ all Kubernetes resources and dependent charts:
helm get manifest <release name>
```
## Installation of minimal GitLab config via Minikube on macOS
## Installation of minimal GitLab configuration via Minikube on macOS
This section is based on [Developing for Kubernetes with Minikube](https://docs.gitlab.com/charts/development/minikube/index.html)
and [Helm](https://docs.gitlab.com/charts/installation/tools.html#helm). Refer

4
doc/administration/troubleshooting/linux_cheat_sheet.md
View File

@ -23,7 +23,7 @@ on. Contributions are welcome to help add them.
## System Commands
### Distro Information
### Distribution Information
```shell
# Debian/Ubuntu
@ -200,7 +200,7 @@ or you can build it from source if you have the Rust compiler.
#### How to use the tool
First run the tool with no arguments other than the strace output file name to get
First run the tool with no arguments other than the strace output filename to get
a summary of the top processes sorted by time spent actively performing tasks. You
can also sort based on total time, # of syscalls made, PID #, and # of child processes
using the `-S` or `--sort` flag. The number of results defaults to 25 processes, but

2
doc/administration/troubleshooting/tracing_correlation_id.md
View File

@ -56,7 +56,7 @@ interested in.
### Getting the correlation ID from curl
If you're using `curl` then you can use the verbose option to show request and response headers, as well as other debug info.
If you're using `curl` then you can use the verbose option to show request and response headers, as well as other debug information.
```shell
➜ ~ curl --verbose "https://gitlab.example.com/api/v4/projects"

2
doc/api/issues.md
View File

@ -2155,7 +2155,7 @@ POST /projects/:id/issues/:issue_iid/metric_images
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
| `issue_iid` | integer | yes | The internal ID of a project's issue |
| `file` | file | yes | The image file to be uploaded |
| `url` | string | no | The URL to view more metric info |
| `url` | string | no | The URL to view more metric information |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" --form 'file=@/path/to/file.png' \

8
doc/api/search.md
View File

@ -293,7 +293,7 @@ Example response:
```
NOTE:
`filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the file name and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521).
`filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the filename and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521).
### Scope: commits **(STARTER)**
@ -675,7 +675,7 @@ Example response:
```
NOTE:
`filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the file name and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521).
`filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the filename and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521).
### Scope: commits **(STARTER)**
@ -1072,7 +1072,7 @@ Example response:
```
NOTE:
`filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the file name and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521).
`filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the filename and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521).
### Scope: commits
@ -1146,7 +1146,7 @@ Example response:
```
NOTE:
`filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the file name and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521).
`filename` is deprecated in favor of `path`. Both return the full path of the file inside the repository, but in the future `filename` will be only the filename and not the full path. For details, see [issue 34521](https://gitlab.com/gitlab-org/gitlab/-/issues/34521).
### Scope: users

2
doc/architecture/blueprints/cloud_native_gitlab_pages/index.md
View File

@ -93,7 +93,7 @@ too.
1. ✓ Redesign GitLab Pages configuration source to use GitLab's API
1. ✓ Evaluate performance and build reliable caching mechanisms
1. ✓ Incrementally rollout the new source on GitLab.com
1. ✓ Make GitLab Pages API domains config source enabled by default
1. ✓ Make GitLab Pages API domains configuration source enabled by default
1. Enable experimentation with different servings through feature flags
1. Triangulate object store serving design through meaningful experiments
1. Design pages migration mechanisms that can work incrementally

2
doc/ci/ci_cd_for_external_repos/bitbucket_integration.md
View File

@ -14,7 +14,7 @@ GitLab CI/CD can be used with Bitbucket Cloud by:
To use GitLab CI/CD with a Bitbucket Cloud repository:
1. In GitLab create a **CI/CD for external repo**, select **Repo by URL** and
1. In GitLab create a **CI/CD for external repository**, select **Repo by URL** and
create the project.
![Create project](img/external_repository.png)

2
doc/ci/ci_cd_for_external_repos/github_integration.md
View File

@ -35,7 +35,7 @@ repositories:
your project, update commit statuses, and create a web hook to notify
GitLab of new commits.
1. In GitLab, go to the [new project page](../../gitlab-basics/create-project.md#create-a-project-in-gitlab), select the **CI/CD for external repo** tab, and then click
1. In GitLab, go to the [new project page](../../gitlab-basics/create-project.md#create-a-project-in-gitlab), select the **CI/CD for external repository** tab, and then click
**GitHub**.
1. Paste the token into the **Personal access token** field and click **List

2
doc/ci/ci_cd_for_external_repos/index.md
View File

@ -26,7 +26,7 @@ snippets disabled. These features
To connect to an external repository:
1. From your GitLab dashboard, click **New project**.
1. Switch to the **CI/CD for external repo** tab.
1. Switch to the **CI/CD for external repository** tab.
1. Choose **GitHub** or **Repo by URL**.
1. The next steps are similar to the [import flow](../../user/project/import/index.md).

4
doc/ci/docker/using_docker_build.md
View File

@ -629,7 +629,7 @@ Then every job that the runner picks up will be authenticated already. If you
are using the official `docker:19.03.13` image, the home directory is
under `/root`.
If you mount the config file, any `docker` command
If you mount the configuration file, any `docker` command
that modifies the `~/.docker/config.json` (for example, `docker login`)
fails, because the file is mounted as read-only. Do not change it from
read-only, because other problems will occur.
@ -703,7 +703,7 @@ There are multiple ways to define this. For example:
- Inside
[`pre_build_script`](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runners-section)
inside of the runner config file.
inside of the runner configuration file.
- Inside [`before_script`](../yaml/README.md#before_script).
- Inside of [`script`](../yaml/README.md#script).

14
doc/ci/docker/using_kaniko.md
View File

@ -106,14 +106,10 @@ Guided Exploration project pipeline. It was tested on:
The example can be copied to your own group or instance for testing. More details
on what other GitLab CI patterns are demonstrated are available at the project page.
<!-- ## Troubleshooting
## Troubleshooting
Include any troubleshooting steps that you can foresee. If you know beforehand what issues
one might have when setting this up, or when something is changed, or on upgrading, it's
important to describe those, too. Think of things that may go wrong and include them here.
This is important to minimize requests for support, and to avoid doc comments with
questions that you know someone might ask.
### 403 error: "error checking push permissions"
Each scenario can be a third-level heading, e.g. `### Getting error message X`.
If you have none to add when creating a doc, leave this section in place
but commented out to help encourage others to add to it in the future. -->
If you receive this error, it might be due to an outside proxy. Setting the `http_proxy`
and `https_proxy` [environment variables](../../administration/packages/container_registry.md#running-the-docker-daemon-with-a-proxy)
can fix the problem.

2
doc/ci/examples/deploy_spring_boot_to_cloud_foundry/index.md
View File

@ -16,7 +16,7 @@ Deployment](https://about.gitlab.com/blog/2016/08/05/continuous-integration-deli
method.
All the code for this project can be found in this [GitLab
repo](https://gitlab.com/gitlab-examples/spring-gitlab-cf-deploy-demo).
repository](https://gitlab.com/gitlab-examples/spring-gitlab-cf-deploy-demo).
In case you're interested in deploying Spring Boot applications to Kubernetes
using GitLab CI/CD, read through the blog post [Continuous Delivery of a Spring Boot application with GitLab CI and Kubernetes](https://about.gitlab.com/blog/2016/12/14/continuous-delivery-of-a-spring-boot-application-with-gitlab-ci-and-kubernetes/).

2
doc/ci/examples/devops_and_game_dev_with_gitlab_ci_cd/index.md
View File

@ -421,7 +421,7 @@ fully understand [IAM Best Practices in AWS](https://docs.aws.amazon.com/IAM/lat
1. Go to your GitLab project, click **Settings > CI/CD** on the left sidebar
1. Expand the **Variables** section
![GitLab Secret Config](img/gitlab_config.png)
![GitLab Secret Configuration](img/gitlab_config.png)
1. Add a key named `AWS_KEY_ID` and copy the key ID from Step 2 into the **Value** field
1. Add a key named `AWS_KEY_SECRET` and copy the key secret from Step 2 into the **Value** field

4
doc/ci/examples/semantic-release.md
View File

@ -12,7 +12,7 @@ You can also view or fork the complete [example source](https://gitlab.com/gitla
## Initialize the module
1. Open a terminal and navigate to the project's repo
1. Open a terminal and navigate to the project's repository
1. Run `npm init`. Name the module according to [the Package Registry's naming conventions](../../user/packages/npm_registry/index.md#package-naming-convention). For example, if the project's path is `gitlab-examples/semantic-release-npm`, name the module `@gitlab-examples/semantic-release-npm`.
1. Install the following NPM packages:
@ -97,7 +97,7 @@ As part of publishing a package, semantic-release increases the version number i
## Configure semantic-release
semantic-release pulls its configuration info from a `.releaserc.json` file in the project. Create a `.releaserc.json` at the root of the repository:
semantic-release pulls its configuration information from a `.releaserc.json` file in the project. Create a `.releaserc.json` at the root of the repository:
```json
{

2
doc/ci/quick_start/README.md
View File

@ -79,7 +79,7 @@ To create a `.gitlab-ci.yml` file:
![New file](img/new_file_v13_6.png)
1. For the **File name** type `.gitlab-ci.yml` and in the larger window,
1. For the **Filename**, type `.gitlab-ci.yml` and in the larger window,
paste this sample code:
```yaml

5
doc/ci/yaml/README.md
View File

@ -3283,6 +3283,11 @@ job1:
coverage: '/Code coverage: \d+\.\d+/'
```
The coverage is shown in the UI if at least one line in the job output matches the regular expression.
If there is more than one matched line in the job output, the last line is used.
For the matched line, the first occurence of `\d+(\.\d+)?` is the code coverage.
Leading zeros are removed.
### `retry`
> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/3442) in GitLab 9.5.

4
doc/ci/yaml/visualization.md
View File

@ -20,11 +20,11 @@ configuration file and click on the `Visualization` tab. The visualization shows
all stages and jobs. [`needs`](README.md#needs) relationships are displayed as lines
connecting jobs together, showing the hierarchy of execution:
![CI Config Visualization](img/ci_config_visualization_v13_5.png)
![CI Configuration Visualization](img/ci_config_visualization_v13_5.png)
Hovering on a job highlights its `needs` relationships:
![CI Config Visualization on hover](img/ci_config_visualization_hover_v13_5.png)
![CI Configuration Visualization on hover](img/ci_config_visualization_hover_v13_5.png)
If the configuration does not have any `needs` relationships, then no lines are drawn because
each job depends only on the previous stage being completed successfully.

2
doc/development/contributing/community_roles.md
View File

@ -10,7 +10,7 @@ GitLab community members and their privileges/responsibilities.
| Roles | Responsibilities | Requirements |
|-------|------------------|--------------|
| Maintainer | Accepts merge requests on several GitLab projects | Added to the [team page](https://about.gitlab.com/company/team/). An expert on code reviews and knows the product/code base |
| Maintainer | Accepts merge requests on several GitLab projects | Added to the [team page](https://about.gitlab.com/company/team/). An expert on code reviews and knows the product/codebase |
| Reviewer | Performs code reviews on MRs | Added to the [team page](https://about.gitlab.com/company/team/) |
| Developer |Has access to GitLab internal infrastructure & issues (e.g. HR-related) | GitLab employee or a Core Team member (with an NDA) |
| Contributor | Can make contributions to all GitLab public projects | Have a GitLab.com account |

4
doc/development/database/strings_and_the_text_data_type.md
View File

@ -17,7 +17,7 @@ The `text` data type can not be defined with a limit, so `add_text_limit` is enf
adding a [check constraint](https://www.postgresql.org/docs/11/ddl-constraints.html) on the
column and then validating it at a followup step.
## Background info
## Background information
The reason we always want to use `text` instead of `string` is that `string` columns have the
disadvantage that if you want to update their limit, you have to run an `ALTER TABLE ...` command.
@ -256,7 +256,7 @@ end
To keep this guide short, we skipped the definition of the background migration and only
provided a high level example of the post-deployment migration that is used to schedule the batches.
You can find more info on the guide about [background migrations](../background_migrations.md)
You can find more information on the guide about [background migrations](../background_migrations.md)
#### Validate the text limit (next release)

2
doc/development/database_review.md
View File

@ -153,7 +153,7 @@ test its execution using `CREATE INDEX CONCURRENTLY` in the `#database-lab` Slac
projects provide enough data to serve as a good example.
- That means that no query plan should return 0 records or less records than the provided limit (if a limit is included). If a query is used in batching, a proper example batch with adequate included results should be identified and provided.
- If your queries belong to a new feature in GitLab.com and thus they don't return data in production, it's suggested to analyze the query and to provide the plan from a local environment.
- More info on how to find the number of actual returned records in [Understanding EXPLAIN plans](understanding_explain_plans.md)
- More information on how to find the number of actual returned records in [Understanding EXPLAIN plans](understanding_explain_plans.md)
- For query changes, it is best to provide both the SQL queries along with the
plan _before_ and _after_ the change. This helps spot differences quickly.
- Include data that shows the performance improvement, preferably in

9
doc/development/diffs.md
View File

@ -14,7 +14,14 @@ Currently we rely on different sources to present diffs, these include:
## Deep Dive
In January 2019, Oswaldo Ferreira hosted a Deep Dive (GitLab team members only: `https://gitlab.com/gitlab-org/create-stage/issues/1`) on GitLab's Diffs and Commenting on Diffs functionality to share his domain specific knowledge with anyone who may work in this part of the code base in the future. You can find the [recording on YouTube](https://www.youtube.com/watch?v=K6G3gMcFyek), and the slides on [Google Slides](https://docs.google.com/presentation/d/1bGutFH2AT3bxOPZuLMGl1ANWHqFnrxwQwjiwAZkF-TU/edit) and in [PDF](https://gitlab.com/gitlab-org/create-stage/uploads/b5ad2f336e0afcfe0f99db0af0ccc71a/). Everything covered in this deep dive was accurate as of GitLab 11.7, and while specific details may have changed since then, it should still serve as a good introduction.
In January 2019, Oswaldo Ferreira hosted a Deep Dive (GitLab team members only:
`https://gitlab.com/gitlab-org/create-stage/issues/1`) on GitLab's Diffs and Commenting on Diffs
functionality to share his domain specific knowledge with anyone who may work in this part of the
codebase in the future. You can find the [recording on YouTube](https://www.youtube.com/watch?v=K6G3gMcFyek),
and the slides on [Google Slides](https://docs.google.com/presentation/d/1bGutFH2AT3bxOPZuLMGl1ANWHqFnrxwQwjiwAZkF-TU/edit)
and in [PDF](https://gitlab.com/gitlab-org/create-stage/uploads/b5ad2f336e0afcfe0f99db0af0ccc71a/).
Everything covered in this deep dive was accurate as of GitLab 11.7, and while specific details may
have changed since then, it should still serve as a good introduction.
## Architecture overview

4
doc/development/documentation/index.md
View File

@ -253,7 +253,7 @@ available under `https://docs.gitlab.com/my-old-location/README.html` to a new l
`https://docs.gitlab.com/my-new-location/index.html`.
Into the **new document** front matter, we add the following information. You must
include the file name in the `disqus_identifier` URL, even if it's `index.html` or `README.html`.
include the filename in the `disqus_identifier` URL, even if it's `index.html` or `README.html`.
```yaml
---
@ -498,7 +498,7 @@ To run the tool on an existing screenshot generator, take the following steps:
1. Set up the [GitLab Development Kit (GDK)](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/gitlab_docs.md).
1. Navigate to the subdirectory with your cloned GitLab repository, typically `gdk/gitlab`.
1. Make sure that your GDK database is fully migrated: `bin/rake db:migrate RAILS_ENV=development`.
1. Install pngquant, see the tool website for more info: [`pngquant`](https://pngquant.org/)
1. Install pngquant, see the tool website for more information: [`pngquant`](https://pngquant.org/)
1. Run `scripts/docs_screenshots.rb spec/docs_screenshots/<name_of_screenshot_generator>.rb <milestone-version>`.
1. Identify the location of the screenshots, based on the `gitlab/doc` location defined by the `it` parameter in your script.
1. Commit the newly created screenshots.

2
doc/development/documentation/structure.md
View File

@ -39,7 +39,7 @@ pre-deployment and post-deployment tasks.
## Template for new docs
Follow the [folder structure and file name guidelines](styleguide/index.md#folder-structure-overview)
Follow the [folder structure and filename guidelines](styleguide/index.md#folder-structure-overview)
and create a new topic by using this template:
```markdown

100
doc/development/documentation/styleguide/index.md
View File

@ -336,12 +336,6 @@ Only use the GitLab name and trademarks in accordance with
Don't use the possessive form of the word GitLab (`GitLab's`).
### Point of view
In most cases, its appropriate to use the second-person (you, yours) point of
view, because its friendly and easy to understand. (Tested in
[`FirstPerson.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/FirstPerson.yml).)
### Capitalization
#### Headings
@ -529,84 +523,26 @@ You can use the following fake tokens as examples:
| Health check token | `Tu7BgjR9qeZTEyRzGG2P` |
| Request profile token | `7VgpS4Ax5utVD2esNstz` |
### Language to avoid
### Usage list
<!-- vale off -->
When creating documentation, limit or avoid the use of the following verb
tenses, words, and phrases:
- Avoid jargon when possible, and when not possible, define the term or
[link to a definition](#links-to-external-documentation).
- Avoid uncommon words when a more-common alternative is possible, ensuring that
content is accessible to more readers.
- Don't write in the first person singular.
(Tested in [`FirstPerson.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/FirstPerson.yml).)
<!-- vale gitlab.FirstPerson = NO -->
- Instead of _I_ or _me_, use _we_, _you_, _us_, or _one_.
<!-- vale gitlab.FirstPerson = YES -->
- When possible, stay user focused by writing in the second person (_you_ or
the imperative).
- Don't overuse "that". In many cases, you can remove "that" from a sentence
and improve readability.
- Avoid use of the future tense:
- Instead of `after you execute this command, GitLab will display the result`, use
`after you execute this command, GitLab displays the result`.
- Only use the future tense to convey when the action or result actually
occurs at a future time.
- Don't use slashes to clump different words together or as a replacement for
the word "or":
- Instead of "and/or," consider using "or," or use another sensible
construction.
- Other examples include "clone/fetch," author/assignee," and
"namespace/repository name." Break apart any such instances in an
appropriate way.
- Exceptions to this rule include commonly accepted technical terms, such as
CI/CD and TCP/IP.
<!-- vale gitlab.LatinTerms = NO -->
- We discourage the use of Latin abbreviations and terms, such as _e.g._,
_i.e._, _etc._, or _via_, as even native users of English can misunderstand
those terms. (Tested in [`LatinTerms.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/LatinTerms.yml).)
- Instead of _i.e._, use _that is_.
- Instead of _via_, use _through_.
- Instead of _e.g._, use _for example_, _such as_, _for instance_, or _like_.
- Instead of _etc._, either use _and so on_ or consider editing it out, as
it can be vague.
<!-- vale gitlab.LatinTerms = YES -->
<!-- vale gitlab.CurrentStatus = NO -->
- Avoid using the word *currently* when talking about the product or its
features. The documentation describes the product as it is, and not as it
is planned to be in some indeterminate point in the future.
<!-- vale gitlab.CurrentStatus = YES -->
- Avoid using the word *scalability* when talking about increasing GitLab
performance for additional users. The words scale or scaling are sometimes
acceptable, but references to increasing GitLab performance for additional
users should direct readers to the GitLab
[reference architectures](../../../administration/reference_architectures/index.md)
page.
- Avoid all forms of the phrases *high availability* and *HA*, and instead
direct readers to the GitLab [reference architectures](../../../administration/reference_architectures/index.md)
for information about configuring GitLab to have the performance needed for
additional users over time.
- Don't use profanity or obscenities. Doing so may negatively affect other users
and contributors, which is contrary to the GitLab value of
[Diversity, Inclusion, and Belonging](https://about.gitlab.com/handbook/values/#diversity-inclusion).
- Avoid the use of [racially-insensitive terminology or phrases](https://www.marketplace.org/2020/06/17/tech-companies-update-language-to-avoid-offensive-terms/). For example:
- Use *primary* and *secondary* for database and server relationships.
- Use *allowlist* and *denylist* to describe access control lists.
- Avoid the word _please_. For details, see the [Microsoft style guide](https://docs.microsoft.com/en-us/style-guide/a-z-word-list-term-collections/p/please).
<!-- vale gitlab.Simplicity = NO -->
- Avoid words like _easily_, _simply_, _handy_, and _useful._ If the user
doesn't find the process to be these things, we lose their trust.
<!-- vale gitlab.Simplicity = YES -->
### Word usage clarifications
- Don't use "may" and "might" interchangeably:
- Use "might" to indicate the probability of something occurring. "If you
skip this step, the import process might fail."
- Use "may" to indicate giving permission for someone to do something, or
consider using "can" instead. "You may select either option on this
screen." Or, "You can select either option on this screen."
| Usage | Guidance | [Vale](../testing.md#vale) Tests |
|-------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------|
| currently | Do not use when talking about the product or its features. The documentation describes the product as it is today. | None |
| e.g., i.e., via | Do not use Latin abbreviations.<br><br>- Instead of **e.g.**, use **for example**, **such as**, **for instance**, or **like**.<br>- Instead of **i.e.**, use **that is**.<br>- Instead of **via**, use **with**, **through**, or **by using**. | [`LatinTerms.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/LatinTerms.yml) |
| future tense | When possible, use present tense instead. For example, use `after you execute this command, GitLab displays the result` instead of `after you execute this command, GitLab will display the result`. | [`FutureTense.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/FutureTense.yml) |
| high availability, HA | Do not use. Direct readers to the GitLab [reference architectures](../../../administration/reference_architectures/index.md) for information about configuring GitLab to have the performance needed for additional users over time. | None |
| I, me | Do not use first-person singular. Use **you**, **we**, or **us** instead. | [`FirstPerson.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/FirstPerson.yml) |
| jargon | Do not use. Define the term or [link to a definition](#links-to-external-documentation). | None |
| may, might | **Might** means something has the probability of occurring. **May** gives permission to do something. Consider **can** instead of **may**. | None |
| please | Do not use. For details, see the [Microsoft style guide](https://docs.microsoft.com/en-us/style-guide/a-z-word-list-term-collections/p/please). | None |
| profanity | Do not use. Doing so may negatively affect other users and contributors, which is contrary to the GitLab value of [Diversity, Inclusion, and Belonging](https://about.gitlab.com/handbook/values/#diversity-inclusion). | None |
| scalability | Do not use when talking about increasing GitLab performance for additional users. The words scale or scaling are sometimes acceptable, but references to increasing GitLab performance for additional users should direct readers to the GitLab [reference architectures](../../../administration/reference_architectures/index.md) page. | None |
| simply, easily, handy, useful | Do not use. If the user doesn't find the process to be these things, we lose their trust. | None |
| slashes | Instead of **and/or** use **or** or another sensible construction. This rule applies to other slashes as well, like **follow/unfollow**. Exception like **CI/CD** are allowed. | None |
| that | Do not use. Example: `the file that you save` can be `the file you save`. | None |
<!-- vale on -->
### Contractions
Contractions are encouraged, and can create a friendly and informal tone,

6
doc/development/documentation/testing.md
View File

@ -225,9 +225,9 @@ To match the versions of `markdownlint-cli` and `vale` used in the GitLab projec
[versions used](https://gitlab.com/gitlab-org/gitlab-docs/-/blob/master/.gitlab-ci.yml#L447)
when building the `image:docs-lint-markdown` Docker image containing these tools for CI/CD.
| Tool | Version | Command | Additional info |
|--------------------|----------|-------------------------------------------|-----------------|
| `markdownlint-cli` | Latest | `yarn global add markdownlint-cli` | n/a |
| Tool | Version | Command | Additional information |
|--------------------|----------|-------------------------------------------|------------------------|
| `markdownlint-cli` | Latest | `yarn global add markdownlint-cli` | n/a |
| `markdownlint-cli` | Specfic | `yarn global add markdownlint-cli@0.23.2` | The `@` indicates a specific version, and this example updates the tool to version `0.23.2`. |
| Vale | Latest | `brew update && brew upgrade vale` | This command is for macOS only. |
| Vale | Specific | n/a | Not possible using `brew`, but can be [directly downloaded](https://github.com/errata-ai/vale/releases). |

4
doc/development/elasticsearch.md
View File

@ -13,7 +13,7 @@ the [Elasticsearch integration documentation](../integration/elasticsearch.md#en
## Deep Dive
In June 2019, Mario de la Ossa hosted a Deep Dive (GitLab team members only: `https://gitlab.com/gitlab-org/create-stage/issues/1`) on GitLab's [Elasticsearch integration](../integration/elasticsearch.md) to share his domain specific knowledge with anyone who may work in this part of the code base in the future. You can find the [recording on YouTube](https://www.youtube.com/watch?v=vrvl-tN2EaA), and the slides on [Google Slides](https://docs.google.com/presentation/d/1H-pCzI_LNrgrL5pJAIQgvLX8Ji0-jIKOg1QeJQzChug/edit) and in [PDF](https://gitlab.com/gitlab-org/create-stage/uploads/c5aa32b6b07476fa8b597004899ec538/Elasticsearch_Deep_Dive.pdf). Everything covered in this deep dive was accurate as of GitLab 12.0, and while specific details may have changed since then, it should still serve as a good introduction.
In June 2019, Mario de la Ossa hosted a Deep Dive (GitLab team members only: `https://gitlab.com/gitlab-org/create-stage/issues/1`) on GitLab's [Elasticsearch integration](../integration/elasticsearch.md) to share his domain specific knowledge with anyone who may work in this part of the codebase in the future. You can find the [recording on YouTube](https://www.youtube.com/watch?v=vrvl-tN2EaA), and the slides on [Google Slides](https://docs.google.com/presentation/d/1H-pCzI_LNrgrL5pJAIQgvLX8Ji0-jIKOg1QeJQzChug/edit) and in [PDF](https://gitlab.com/gitlab-org/create-stage/uploads/c5aa32b6b07476fa8b597004899ec538/Elasticsearch_Deep_Dive.pdf). Everything covered in this deep dive was accurate as of GitLab 12.0, and while specific details may have changed since then, it should still serve as a good introduction.
In August 2020, a second Deep Dive was hosted, focusing on [GitLab's specific architecture for multi-indices support](#zero-downtime-reindexing-with-multiple-indices). The [recording on YouTube](https://www.youtube.com/watch?v=0WdPR9oB2fg) and the [slides](https://lulalala.gitlab.io/gitlab-elasticsearch-deepdive/) are available. Everything covered in this deep dive was accurate as of GitLab 13.3.
@ -192,7 +192,7 @@ NOTE:
This only supported for indices created with GitLab 13.0 or greater.
Migrations are stored in the [`ee/elastic/migrate/`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/ee/elastic/migrate) folder with `YYYYMMDDHHMMSS_migration_name.rb`
file name format, which is similar to Rails database migrations:
filename format, which is similar to Rails database migrations:
```ruby
# frozen_string_literal: true

2
doc/development/fe_guide/droplab/droplab.md
View File

@ -234,7 +234,7 @@ If no modules API is detected, the library will fall back as it does with
To use plugins, you can pass them in an array as the third argument of
`DropLab.prototype.init` or `DropLab.prototype.addHook`. Some plugins require
configuration values; the config object can be passed as the fourth argument.
configuration values; the configuration object can be passed as the fourth argument.
```html
<a href="#" id="trigger" data-dropdown-trigger="#list">Toggle</a>

2
doc/development/fe_guide/editor_lite.md
View File

@ -68,7 +68,7 @@ The editor follows the same public API as [provided by Monaco editor](https://mi
Editor Lite comes with the loading state built-in, making spinners and loaders rarely needed in HTML. To benefit the built-in loading state, set the `data-editor-loading` property on the HTML element that is supposed to contain the editor. Editor Lite will show the loader automatically while it's bootstrapping.
![Editor Lite: loading state](img/editor_lite_loading.png)
1. Update syntax highlighting if the file name changes.
1. Update syntax highlighting if the filename changes.
```javascript
// fileNameEl here is the HTML input element that contains the file name

2
doc/development/fe_guide/graphql.md
View File

@ -187,7 +187,7 @@ As shown in the code example by using `produce`, we can perform any kind of dire
`draftState`. Besides, `immer` guarantees that a new state which includes the changes to `draftState` will be generated.
Finally, to verify whether the immutable cache update is working properly, we need to change
`assumeImmutableResults` to `true` in the `default client config` (see [Apollo Client](#apollo-client) for more info).
`assumeImmutableResults` to `true` in the default client configuration (see [Apollo Client](#apollo-client) for more information).
If everything is working properly `assumeImmutableResults` should remain set to `true`.

2
doc/development/feature_flags/controls.md
View File

@ -274,7 +274,7 @@ To remove a feature flag:
### Cleanup ChatOps
When a feature gate has been removed from the code base, the feature
When a feature gate has been removed from the codebase, the feature
record still exists in the database that the flag was deployed too.
The record can be deleted once the MR is deployed to each environment:

2
doc/development/geo.md
View File

@ -102,7 +102,7 @@ projects that need updating. Those projects can be:
When we fail to fetch a repository on the secondary `RETRIES_BEFORE_REDOWNLOAD`
times, Geo does a so-called _re-download_. It will do a clean clone
into the `@geo-temporary` directory in the root of the storage. When
it's successful, we replace the main repo with the newly cloned one.
it's successful, we replace the main repository with the newly cloned one.
### Uploads replication

6
doc/development/git_object_deduplication.md
View File

@ -170,18 +170,18 @@ the fly by Gitaly.
There are three different things that can go wrong here.
#### 1. SQL says repo A belongs to pool P but Gitaly says A has no alternate objects
#### 1. SQL says repository A belongs to pool P but Gitaly says A has no alternate objects
In this case, we miss out on disk space savings but all RPC's on A
itself function fine. The next time garbage collection runs on A,
the alternates connection gets established in Gitaly. This is done by
`Projects::GitDeduplicationService` in GitLab Rails.
#### 2. SQL says repo A belongs to pool P1 but Gitaly says A has alternate objects in pool P2
#### 2. SQL says repository A belongs to pool P1 but Gitaly says A has alternate objects in pool P2
In this case `Projects::GitDeduplicationService` throws an exception.
#### 3. SQL says repo A does not belong to any pool but Gitaly says A belongs to P
#### 3. SQL says repository A does not belong to any pool but Gitaly says A belongs to P
In this case `Projects::GitDeduplicationService` tries to
"re-duplicate" the repository A using the DisconnectGitAlternates RPC.

2
doc/development/gitaly.md
View File

@ -15,7 +15,7 @@ Workhorse and GitLab Shell.
In May 2019, Bob Van Landuyt hosted a Deep Dive (GitLab team members only: `https://gitlab.com/gitlab-org/create-stage/issues/1`)
on GitLab's [Gitaly project](https://gitlab.com/gitlab-org/gitaly) and how to contribute to it as a
Ruby developer, to share his domain specific knowledge with anyone who may work in this part of the
code base in the future.
codebase in the future.
You can find the [recording on YouTube](https://www.youtube.com/watch?v=BmlEWFS8ORo), and the slides
on [Google Slides](https://docs.google.com/presentation/d/1VgRbiYih9ODhcPnL8dS0W98EwFYpJ7GXMPpX-1TM6YE/edit)

2
doc/development/gotchas.md
View File

@ -292,7 +292,7 @@ While the code above works in local environments, it errors out in production in
### Solution
The alternative is the `lib/assets` folder. Use it if you need to add assets (like images) to the repo that meet the following conditions:
The alternative is the `lib/assets` folder. Use it if you need to add assets (like images) to the repository that meet the following conditions:
- The assets do not need to be directly served to the user (and hence need not be pre-compiled).
- The assets do need to be accessed via application code.

8
doc/development/integrations/secure.md
View File

@ -82,9 +82,9 @@ mysec_sast:
sast: gl-sast-report.json
```
Note that `gl-sast-report.json` is an example file path but any other file name can be used. See
Note that `gl-sast-report.json` is an example file path but any other filename can be used. See
[the Output file section](#output-file) for more details. It's processed as a SAST report because
it's declared under the `reports:sast` key in the job definition, not because of the file name.
it's declared under the `reports:sast` key in the job definition, not because of the filename.
### Policies
@ -207,12 +207,12 @@ given by the `CI_PROJECT_DIR` environment variable.
It is recommended to name the output file after the type of scanning, and to use `gl-` as a prefix.
Since all Secure reports are JSON files, it is recommended to use `.json` as a file extension.
For instance, a suggested file name for a Dependency Scanning report is `gl-dependency-scanning.json`.
For instance, a suggested filename for a Dependency Scanning report is `gl-dependency-scanning.json`.
The [`artifacts:reports`](../../ci/pipelines/job_artifacts.md#artifactsreports) keyword
of the job definition must be consistent with the file path where the Security report is written.
For instance, if a Dependency Scanning analyzer writes its report to the CI project directory,
and if this report file name is `depscan.json`,
and if this report filename is `depscan.json`,
then `artifacts:reports:dependency_scanning` must be set to `depscan.json`.
### Exit code

4
doc/development/iterating_tables_in_batches.md
View File

@ -61,7 +61,9 @@ In case the column is not unique (no unique index definition), calling the `dist
When dealing with data migrations the preferred way to iterate over large volume of data is using `EachBatch`.
A special case of data migration is a background migration where the actual data modification is executed in a background job. The migration code that determines the data ranges (slices) and schedules the background jobs uses `each_batch`. More info: [background migration scheduling](background_migrations.md#scheduling)
A special case of data migration is a [background migration](background_migrations.md#scheduling)
where the actual data modification is executed in a background job. The migration code that determines
the data ranges (slices) and schedules the background jobs uses `each_batch`.
## Efficient usage of `each_batch`

2
doc/development/lfs.md
View File

@ -10,7 +10,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
In April 2019, Francisco Javier López hosted a Deep Dive (GitLab team members only: `https://gitlab.com/gitlab-org/create-stage/issues/1`)
on GitLab's [Git LFS](../topics/git/lfs/index.md) implementation to share his domain
specific knowledge with anyone who may work in this part of the code base in the future.
specific knowledge with anyone who may work in this part of the codebase in the future.
You can find the [recording on YouTube](https://www.youtube.com/watch?v=Yyxwcksr0Qc),
and the slides on [Google Slides](https://docs.google.com/presentation/d/1E-aw6-z0rYd0346YhIWE7E9A65zISL9iIMAOq2zaw9E/edit)
and in [PDF](https://gitlab.com/gitlab-org/create-stage/uploads/07a89257a140db067bdfb484aecd35e1/Git_LFS_Deep_Dive__Create_.pdf).

2
doc/development/logging.md
View File

@ -12,7 +12,7 @@ administrators and GitLab team members to diagnose problems in the field.
## Don't use `Rails.logger`
Currently `Rails.logger` calls all get saved into `production.log`, which contains
a mix of Rails' logs and other calls developers have inserted in the code base.
a mix of Rails' logs and other calls developers have inserted in the codebase.
For example:
```plaintext

8
doc/development/pipelines.md
View File

@ -697,10 +697,10 @@ and included in `rules` definitions via [YAML anchors](../ci/yaml/README.md#anch
| `changes:` patterns | Description |
|------------------------------|--------------------------------------------------------------------------|
| `ci-patterns` | Only create job for CI config-related changes. |
| `ci-build-images-patterns` | Only create job for CI config-related changes related to the `build-images` stage. |
| `ci-review-patterns` | Only create job for CI config-related changes related to the `review` stage. |
| `ci-qa-patterns` | Only create job for CI config-related changes related to the `qa` stage. |
| `ci-patterns` | Only create job for CI configuration-related changes. |
| `ci-build-images-patterns` | Only create job for CI configuration-related changes related to the `build-images` stage. |
| `ci-review-patterns` | Only create job for CI configuration-related changes related to the `review` stage. |
| `ci-qa-patterns` | Only create job for CI configuration-related changes related to the `qa` stage. |
| `yaml-lint-patterns` | Only create job for YAML-related changes. |
| `docs-patterns` | Only create job for docs-related changes. |
| `frontend-dependency-patterns` | Only create job when frontend dependencies are updated (i.e. `package.json`, and `yarn.lock`). changes. |

2
doc/development/python_guide/index.md
View File

@ -33,7 +33,7 @@ To install `pyenv` on Linux, you can run the command below:
curl "https://pyenv.run" | bash
```
Alternatively, you may find `pyenv` available as a system package via your distro package manager.
Alternatively, you may find `pyenv` available as a system package via your distribution's package manager.
You can read more about it in: <https://github.com/pyenv/pyenv-installer#prerequisites>.

2
doc/development/renaming_features.md
View File

@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
Sometimes the business asks to change the name of a feature. Broadly speaking, there are 2 approaches to that task. They basically trade between immediate effort and future complexity/bug risk:
- Complete, rename everything in the repo.
- Complete, rename everything in the repository.
- Pros: does not increase code complexity.
- Cons: more work to execute, and higher risk of immediate bugs.
- Façade, rename as little as possible; only the user-facing content like interfaces,

2
doc/development/repository_mirroring.md
View File

@ -11,7 +11,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
In December 2018, Tiago Botelho hosted a Deep Dive (GitLab team members only: `https://gitlab.com/gitlab-org/create-stage/issues/1`)
on GitLab's [Pull Repository Mirroring functionality](../user/project/repository/repository_mirroring.md#pulling-from-a-remote-repository)
to share his domain specific knowledge with anyone who may work in this part of the
code base in the future. You can find the [recording on YouTube](https://www.youtube.com/watch?v=sSZq0fpdY-Y),
codebase in the future. You can find the [recording on YouTube](https://www.youtube.com/watch?v=sSZq0fpdY-Y),
and the slides in [PDF](https://gitlab.com/gitlab-org/create-stage/uploads/8693404888a941fd851f8a8ecdec9675/Gitlab_Create_-_Pull_Mirroring_Deep_Dive.pdf).
Everything covered in this deep dive was accurate as of GitLab 11.6, and while specific
details may have changed since then, it should still serve as a good introduction.

2
doc/development/scalability.md
View File

@ -251,7 +251,7 @@ The full list of jobs can be found in the
[`app/workers`](https://gitlab.com/gitlab-org/gitlab/tree/master/app/workers)
and
[`ee/app/workers`](https://gitlab.com/gitlab-org/gitlab/tree/master/ee/app/workers)
directories in the GitLab code base.
directories in the GitLab codebase.
#### Runaway Queues

5
doc/development/secure_coding_guidelines.md
View File

@ -121,7 +121,7 @@ For example when the regex `.*!$` matches the string `hello!`, the `.*` first ma
the entire string but then the `!` from the regex is unable to match because the
character has already been used. In that case, the Ruby regex engine _backtracks_
one character to allow the `!` to match.
[ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS)
is an attack in which the attacker knows or controls the regular expression used.
The attacker may be able to enter user input that triggers this backtracking behavior in a
@ -331,7 +331,7 @@ Once you've [determined when and where](#setting-expectations) the user submitte
- Content placed inside [HTML URL GET parameters](https://youtu.be/2VFavqfDS6w?t=3494) need to be [URL-encoded](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html#rule-5---url-escape-before-inserting-untrusted-data-into-html-url-parameter-values)
- [Additional contexts may require context-specific encoding](https://youtu.be/2VFavqfDS6w?t=2341).
### Additional info
### Additional information
#### XSS mitigation and prevention in Rails
@ -590,4 +590,3 @@ In order to prevent this from happening, it is recommended to use the method `us
forbidden!(api_access_denied_message(user))
end
```

4
doc/development/testing_guide/testing_migrations_guide.md
View File

@ -59,13 +59,13 @@ RSpec.describe ...
Since the migration files are not autoloaded by Rails, you will need to manually
load the migration file. To do so, you can use the `require_migration!` helper method
which can automatically load the correct migration file based on the spec file name.
which can automatically load the correct migration file based on the spec filename.
For example, if your spec file is named as `populate_foo_column_spec.rb` then the
helper method will try to load `${schema_version}_populate_foo_column.rb` migration file.
In case there is no pattern between your spec file and the actual migration file,
you can provide the migration file name without the schema version, like so:
you can provide the migration filename without the schema version, like so:
```ruby
require_migration!('populate_foo_column')

4
doc/gitlab-basics/start-using-git.md
View File

@ -104,7 +104,7 @@ If you omit `--global` or use `--local`, the configuration will be applied only
repository.
You can read more on how Git manages configurations in the
[Git Config](https://git-scm.com/book/en/v2/Customizing-Git-Git-Configuration) documentation.
[Git configuration documentation](https://git-scm.com/book/en/v2/Customizing-Git-Git-Configuration).
## Git authentication methods
@ -183,7 +183,7 @@ changes to GitLab. This is referred to as **pushing** to GitLab, as this is achi
[`git push`](#send-changes-to-gitlabcom).
When the remote repository changes, your local copy will be behind it. You can update it with the new
changes in the remote repo.
changes in the remote repository.
This is referred to as **pulling** from GitLab, as this is achieved by the command
[`git pull`](#download-the-latest-changes-in-the-project).

2
doc/install/aws/index.md
View File

@ -63,7 +63,7 @@ Here's a list of the AWS services we will use, with links to pricing information
## Create an IAM EC2 instance role and profile
As we'll be using [Amazon S3 object storage](#amazon-s3-object-storage), our EC2 instances need to have read, write, and list permissions for our S3 buckets. To avoid embedding AWS keys in our GitLab config, we'll make use of an [IAM Role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) to allow our GitLab instance with this access. We'll need to create an IAM policy to attach to our IAM role:
As we'll be using [Amazon S3 object storage](#amazon-s3-object-storage), our EC2 instances need to have read, write, and list permissions for our S3 buckets. To avoid embedding AWS keys in our GitLab configuration, we'll make use of an [IAM Role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) to allow our GitLab instance with this access. We'll need to create an IAM policy to attach to our IAM role:
### Create an IAM Policy

2
doc/install/google_cloud_platform/index.md
View File

@ -91,7 +91,7 @@ here's how you configure GitLab to be aware of the change:
In the future you might want to set up [connecting with an SSH key](https://cloud.google.com/compute/docs/instances/connecting-to-instance)
instead.
1. Edit the config file of Omnibus GitLab using your favorite text editor:
1. Edit the configuration file of Omnibus GitLab using your favorite text editor:
```shell
sudo vim /etc/gitlab/gitlab.rb

18
doc/install/installation.md
View File

@ -773,14 +773,14 @@ sudo apt-get install -y nginx
### Site Configuration
Copy the example site config:
Copy the example site configuration:
```shell
sudo cp lib/support/nginx/gitlab /etc/nginx/sites-available/gitlab
sudo ln -s /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/gitlab
```
Make sure to edit the config file to match your setup. Also, ensure that you match your paths to GitLab, especially if installing for a user other than the `git` user:
Make sure to edit the configuration file to match your setup. Also, ensure that you match your paths to GitLab, especially if installing for a user other than the `git` user:
```shell
# Change YOUR_SERVER_FQDN to the fully-qualified
@ -795,21 +795,21 @@ Make sure to edit the config file to match your setup. Also, ensure that you mat
sudo editor /etc/nginx/sites-available/gitlab
```
If you intend to enable GitLab Pages, there is a separate NGINX config you need
If you intend to enable GitLab Pages, there is a separate NGINX configuration you need
to use. Read all about the needed configuration at the
[GitLab Pages administration guide](../administration/pages/index.md).
If you want to use HTTPS, replace the `gitlab` NGINX config with `gitlab-ssl`. See [Using HTTPS](#using-https) for HTTPS configuration details.
If you want to use HTTPS, replace the `gitlab` NGINX configuration with `gitlab-ssl`. See [Using HTTPS](#using-https) for HTTPS configuration details.
### Test Configuration
Validate your `gitlab` or `gitlab-ssl` NGINX config file with the following command:
Validate your `gitlab` or `gitlab-ssl` NGINX configuration file with the following command:
```shell
sudo nginx -t
```
You should receive `syntax is okay` and `test is successful` messages. If you receive errors check your `gitlab` or `gitlab-ssl` NGINX config file for typos, etc. as indicated in the error message given.
You should receive `syntax is okay` and `test is successful` messages. If you receive errors check your `gitlab` or `gitlab-ssl` NGINX configuration file for typos, etc. as indicated in the error message given.
Verify that the installed version is greater than 1.12.1:
@ -878,7 +878,7 @@ To use GitLab with HTTPS:
1. In the `config.yml` of GitLab Shell:
1. Set `gitlab_url` option to the HTTPS endpoint of GitLab (e.g. `https://git.example.com`).
1. Set the certificates using either the `ca_file` or `ca_path` option.
1. Use the `gitlab-ssl` NGINX example config instead of the `gitlab` config.
1. Use the `gitlab-ssl` NGINX example configuration instead of the `gitlab` configuration.
1. Update `YOUR_SERVER_FQDN`.
1. Update `ssl_certificate` and `ssl_certificate_key`.
1. Review the configuration file and consider applying other security and performance enhancing features.
@ -951,7 +951,7 @@ production:
### Custom SSH Connection
If you are running SSH on a non-standard port, you must change the GitLab user's SSH config.
If you are running SSH on a non-standard port, you must change the GitLab user's SSH configuration.
```plaintext
# Add to /home/git/.ssh/config
@ -973,7 +973,7 @@ As of GitLab 12.9, [Puma](https://github.com/puma/puma) has replaced Unicorn as
If you want to switch back to Unicorn, follow these steps:
1. Finish the GitLab setup so you have it up and running.
1. Copy the supplied example Unicorn config file into place:
1. Copy the supplied example Unicorn configuration file into place:
```shell
cd /home/git/gitlab

4
doc/install/requirements.md
View File

@ -111,7 +111,7 @@ Since file system performance may affect GitLab's overall performance, [we don't
### CPU
CPU requirements are dependent on the number of users and expected workload. Your exact needs may be more, depending on your workload. Your workload is influenced by factors such as - but not limited to - how active your users are, how much automation you use, mirroring, and repo/change size.
CPU requirements are dependent on the number of users and expected workload. Your exact needs may be more, depending on your workload. Your workload is influenced by factors such as - but not limited to - how active your users are, how much automation you use, mirroring, and repository/change size.
The following is the recommended minimum CPU hardware guidance for a handful of example GitLab user base sizes.
@ -121,7 +121,7 @@ The following is the recommended minimum CPU hardware guidance for a handful of
### Memory
Memory requirements are dependent on the number of users and expected workload. Your exact needs may be more, depending on your workload. Your workload is influenced by factors such as - but not limited to - how active your users are, how much automation you use, mirroring, and repo/change size.
Memory requirements are dependent on the number of users and expected workload. Your exact needs may be more, depending on your workload. Your workload is influenced by factors such as - but not limited to - how active your users are, how much automation you use, mirroring, and repository/change size.
The following is the recommended minimum Memory hardware guidance for a handful of example GitLab user base sizes.

2
doc/integration/jenkins.md
View File

@ -203,7 +203,7 @@ If those are present, the request is exceeding the
which is set to 10 seconds by default.
To fix this the `gitlab_rails['webhook_timeout']` value must be increased
in the `gitlab.rb` config file, followed by the [`gitlab-ctl reconfigure` command](../administration/restart_gitlab.md).
in the `gitlab.rb` configuration file, followed by the [`gitlab-ctl reconfigure` command](../administration/restart_gitlab.md).
If you don't find the errors above, but do find *duplicate* entries like below (in `/var/log/gitlab/gitlab-rail`), this
could also indicate that [webhook requests are timing out](../user/project/integrations/webhooks.md#webhook-fails-or-multiple-webhook-requests-are-triggered):

4
doc/integration/jenkins_deprecated.md
View File

@ -18,13 +18,13 @@ This service was [removed in v13.0](https://gitlab.com/gitlab-org/gitlab/-/issue
Integration includes:
- Trigger Jenkins build after push to repo
- Trigger Jenkins build after push to repository
- Show build status on Merge Request page
Requirements:
- [Jenkins GitLab Hook plugin](https://wiki.jenkins.io/display/JENKINS/GitLab+Hook+Plugin)
- Git clone access for Jenkins from GitLab repo (via SSH key)
- Git clone access for Jenkins from GitLab repository (via SSH key)
## Jenkins

2
doc/integration/kerberos.md
View File

@ -220,7 +220,7 @@ WARNING:
There is a [known issue](https://github.com/curl/curl/issues/1261) with `libcurl`
older than version 7.64.1 wherein it won't reuse connections when negotiating.
This leads to authorization issues when push is larger than `http.postBuffer`
config. Ensure that Git is using at least `libcurl` 7.64.1 to avoid this. To
configuration. Ensure that Git is using at least `libcurl` 7.64.1 to avoid this. To
know the `libcurl` version installed, run `curl-config --version`.
### HTTP Git access with Kerberos token (passwordless authentication)

2
doc/integration/oauth2_generic.md
View File

@ -26,7 +26,7 @@ This strategy is designed to allow configuration of the simple OmniAuth SSO proc
- It is not able to fetch user information from more than one URL
- It has not been tested with user information formats other than JSON
## Config Instructions
## Configuration Instructions
1. Register your application in the OAuth2 provider you wish to authenticate with.

4
doc/integration/shibboleth.md
View File

@ -16,7 +16,7 @@ To enable the Shibboleth OmniAuth provider you must configure Apache Shibboleth
The installation and configuration of the module itself is out of the scope of this document.
Check <https://wiki.shibboleth.net/confluence/display/SP3/Apache> for more information.
You can find Apache config in [GitLab Recipes](https://gitlab.com/gitlab-org/gitlab-recipes/tree/master/web-server/apache).
You can find Apache configuration in [GitLab Recipes](https://gitlab.com/gitlab-org/gitlab-recipes/tree/master/web-server/apache).
The following changes are needed to enable Shibboleth:
@ -40,7 +40,7 @@ The following changes are needed to enable Shibboleth:
</Location>
```
1. Exclude Shibboleth URLs from rewriting. Add `RewriteCond %{REQUEST_URI} !/Shibboleth.sso` and `RewriteCond %{REQUEST_URI} !/shibboleth-sp`. Config should look like this:
1. Exclude Shibboleth URLs from rewriting. Add `RewriteCond %{REQUEST_URI} !/Shibboleth.sso` and `RewriteCond %{REQUEST_URI} !/shibboleth-sp`. Configuration should look like this:
```apache
# Apache equivalent of Nginx try files

22
doc/user/application_security/sast/index.md
View File

@ -331,7 +331,7 @@ variables:
If your project requires custom build configurations, it can be preferable to avoid
compilation during your SAST execution and instead pass all job artifacts from an
earlier stage within the pipeline. This is the current strategy when requiring
earlier stage in the pipeline. This is the current strategy when requiring
a `before_script` execution to prepare your scan job.
To pass your project's dependencies as artifacts, the dependencies must be included
@ -380,7 +380,10 @@ SAST can be [configured](#customizing-the-sast-settings) using environment varia
#### Logging level
To control the verbosity of logs set the `SECURE_LOG_LEVEL` environment variable. Messages of this logging level or higher are output. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10880) in GitLab 13.1.
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10880) in GitLab 13.1.
To control the verbosity of logs, set the `SECURE_LOG_LEVEL` environment variable. Messages of this
logging level or higher are output.
From highest to lowest severity, the logging levels are:
@ -393,7 +396,7 @@ From highest to lowest severity, the logging levels are:
#### Custom Certificate Authority
To trust a custom Certificate Authority, set the `ADDITIONAL_CA_CERT_BUNDLE` variable to the bundle
of CA certs that you want to trust within the SAST environment.
of CA certs that you want to trust in the SAST environment.
#### Docker images
@ -411,7 +414,7 @@ Some analyzers make it possible to filter out vulnerabilities under a given thre
| Environment variable | Default value | Description |
|-------------------------------|--------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `SAST_EXCLUDED_PATHS` | `spec, test, tests, tmp` | Exclude vulnerabilities from output based on the paths. This is a comma-separated list of patterns. Patterns can be globs, or file or folder paths (for example, `doc,spec` ). Parent directories also match patterns. |
| `SAST_EXCLUDED_PATHS` | `spec, test, tests, tmp` | Exclude vulnerabilities from output based on the paths. This is a comma-separated list of patterns. Patterns can be globs, or file or folder paths (for example, `doc,spec` ). Parent directories also match patterns. You might need to exclude temporary directories used by your build tool as these can generate false positives. |
| `SEARCH_MAX_DEPTH` | 4 | SAST searches the repository to detect the programming languages used, and selects the matching analyzers. Set the value of `SEARCH_MAX_DEPTH` to specify how many directory levels the search phase should span. After the analyzers have been selected, the _entire_ repository is analyzed. |
| `SAST_BANDIT_EXCLUDED_PATHS` | | Comma-separated list of paths to exclude from scan. Uses Python's [`fnmatch` syntax](https://docs.python.org/2/library/fnmatch.html); For example: `'*/tests/*, */venv/*'` |
| `SAST_BRAKEMAN_LEVEL` | 1 | Ignore Brakeman vulnerabilities under given confidence level. Integer, 1=Low 3=High. |
@ -458,9 +461,14 @@ analyzer containers: `DOCKER_`, `CI`, `GITLAB_`, `FF_`, `HOME`, `PWD`, `OLDPWD`,
### Experimental features
Receive early access to experimental features.
You can receive early access to experimental features. Experimental features might be added,
removed, or promoted to regular features at any time.
Currently, this enables scanning of iOS and Android apps via the [MobSF analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/mobsf/).
Experimental features available are:
- Enable scanning of iOS and Android apps using the [MobSF analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/mobsf/).
#### Enable experimental features
To enable experimental features, add the following to your `.gitlab-ci.yml` file:
@ -572,7 +580,7 @@ Once a vulnerability is found, you can interact with it. Read more on how to
## Vulnerabilities database
Vulnerabilities contained within the vulnerability database can be searched
Vulnerabilities contained in the vulnerability database can be searched
and viewed at the [GitLab vulnerability advisory database](https://advisories.gitlab.com).
### Vulnerabilities database update

6
spec/lib/gitlab/import_export/project/tree_restorer_spec.rb
View File

@ -674,10 +674,12 @@ RSpec.describe Gitlab::ImportExport::Project::TreeRestorer do
end
it 'does not allow setting params that are excluded from import_export settings' do
project.create_import_data(data: { override_params: { lfs_enabled: true } })
original_value = project.lfs_enabled?
project.create_import_data(data: { override_params: { lfs_enabled: !original_value } })
expect(restored_project_json).to eq(true)
expect(project.lfs_enabled).to be_falsey
expect(project.lfs_enabled).to eq(original_value)
end
it 'overrides project feature access levels' do