From 4fb352155b10ea60a8c714c7510971669e674237 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Tue, 5 Apr 2022 00:08:12 +0000 Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master --- ..._state_index_to_merge_request_assignees.rb | 15 ++++++++++++++ ..._state_index_to_merge_request_reviewers.rb | 15 ++++++++++++++ ..._state_index_on_merge_request_assignees.rb | 15 ++++++++++++++ ..._state_index_on_merge_request_reviewers.rb | 15 ++++++++++++++ db/schema_migrations/20220401044858 | 1 + db/schema_migrations/20220401045116 | 1 + db/schema_migrations/20220401045621 | 1 + db/schema_migrations/20220401045642 | 1 + db/structure.sql | 6 +++--- doc/api/settings.md | 6 ++++++ doc/security/user_file_uploads.md | 2 -- doc/topics/git/lfs/index.md | 20 +++++++------------ lib/api/validations/validators/limit.rb | 2 +- locale/gitlab.pot | 2 +- ...rsonal_snippet_with_multiple_files_spec.rb | 2 +- .../snippet/delete_file_from_snippet_spec.rb | 2 +- .../3_create/snippet/share_snippet_spec.rb | 2 +- .../api/validations/validators/limit_spec.rb | 6 ++++++ 18 files changed, 91 insertions(+), 23 deletions(-) create mode 100644 db/migrate/20220401044858_add_user_id_and_state_index_to_merge_request_assignees.rb create mode 100644 db/migrate/20220401045116_add_user_id_and_state_index_to_merge_request_reviewers.rb create mode 100644 db/post_migrate/20220401045621_remove_state_index_on_merge_request_assignees.rb create mode 100644 db/post_migrate/20220401045642_remove_state_index_on_merge_request_reviewers.rb create mode 100644 db/schema_migrations/20220401044858 create mode 100644 db/schema_migrations/20220401045116 create mode 100644 db/schema_migrations/20220401045621 create mode 100644 db/schema_migrations/20220401045642 diff --git a/db/migrate/20220401044858_add_user_id_and_state_index_to_merge_request_assignees.rb b/db/migrate/20220401044858_add_user_id_and_state_index_to_merge_request_assignees.rb new file mode 100644 index 00000000000..b869b3d9b52 --- /dev/null +++ b/db/migrate/20220401044858_add_user_id_and_state_index_to_merge_request_assignees.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +class AddUserIdAndStateIndexToMergeRequestAssignees < Gitlab::Database::Migration[1.0] + disable_ddl_transaction! + + INDEX_NAME = 'index_on_merge_request_assignees_user_id_and_state' + + def up + add_concurrent_index :merge_request_assignees, [:user_id, :state], where: 'state = 2', name: INDEX_NAME + end + + def down + remove_concurrent_index_by_name :merge_request_assignees, INDEX_NAME + end +end diff --git a/db/migrate/20220401045116_add_user_id_and_state_index_to_merge_request_reviewers.rb b/db/migrate/20220401045116_add_user_id_and_state_index_to_merge_request_reviewers.rb new file mode 100644 index 00000000000..0788dd9583c --- /dev/null +++ b/db/migrate/20220401045116_add_user_id_and_state_index_to_merge_request_reviewers.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +class AddUserIdAndStateIndexToMergeRequestReviewers < Gitlab::Database::Migration[1.0] + disable_ddl_transaction! + + INDEX_NAME = 'index_on_merge_request_reviewers_user_id_and_state' + + def up + add_concurrent_index :merge_request_reviewers, [:user_id, :state], where: 'state = 2', name: INDEX_NAME + end + + def down + remove_concurrent_index_by_name :merge_request_reviewers, INDEX_NAME + end +end diff --git a/db/post_migrate/20220401045621_remove_state_index_on_merge_request_assignees.rb b/db/post_migrate/20220401045621_remove_state_index_on_merge_request_assignees.rb new file mode 100644 index 00000000000..ff62a1c646d --- /dev/null +++ b/db/post_migrate/20220401045621_remove_state_index_on_merge_request_assignees.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +class RemoveStateIndexOnMergeRequestAssignees < Gitlab::Database::Migration[1.0] + disable_ddl_transaction! + + INDEX_NAME = 'index_on_merge_request_assignees_state' + + def up + remove_concurrent_index_by_name :merge_request_assignees, INDEX_NAME + end + + def down + add_concurrent_index :merge_request_assignees, :state, where: 'state = 2', name: INDEX_NAME + end +end diff --git a/db/post_migrate/20220401045642_remove_state_index_on_merge_request_reviewers.rb b/db/post_migrate/20220401045642_remove_state_index_on_merge_request_reviewers.rb new file mode 100644 index 00000000000..ef59d9fcc25 --- /dev/null +++ b/db/post_migrate/20220401045642_remove_state_index_on_merge_request_reviewers.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +class RemoveStateIndexOnMergeRequestReviewers < Gitlab::Database::Migration[1.0] + disable_ddl_transaction! + + INDEX_NAME = 'index_on_merge_request_reviewers_state' + + def up + remove_concurrent_index_by_name :merge_request_reviewers, INDEX_NAME + end + + def down + add_concurrent_index :merge_request_reviewers, :state, where: 'state = 2', name: INDEX_NAME + end +end diff --git a/db/schema_migrations/20220401044858 b/db/schema_migrations/20220401044858 new file mode 100644 index 00000000000..dcdbfc57822 --- /dev/null +++ b/db/schema_migrations/20220401044858 @@ -0,0 +1 @@ +7d9341440faaf8782bc47a24091148c40d635cc1c980a57999b47aff3d42806d \ No newline at end of file diff --git a/db/schema_migrations/20220401045116 b/db/schema_migrations/20220401045116 new file mode 100644 index 00000000000..3d6aa17ac69 --- /dev/null +++ b/db/schema_migrations/20220401045116 @@ -0,0 +1 @@ +1f91d4855c6be0d7baf19f3d63d2efb4ccd8da85a7dcc4ad57fd03891f12fe46 \ No newline at end of file diff --git a/db/schema_migrations/20220401045621 b/db/schema_migrations/20220401045621 new file mode 100644 index 00000000000..0502ad324da --- /dev/null +++ b/db/schema_migrations/20220401045621 @@ -0,0 +1 @@ +9a2274c54a0c0393bf0a2ae7985b957364c63952273383c3aa6ff6c5b4655a42 \ No newline at end of file diff --git a/db/schema_migrations/20220401045642 b/db/schema_migrations/20220401045642 new file mode 100644 index 00000000000..cd1a7fee28e --- /dev/null +++ b/db/schema_migrations/20220401045642 @@ -0,0 +1 @@ +5eabeb19a1b79c21333eb519cf7419c5424cf1270c97637d07bb2a09946ceaf0 \ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index 1eea042e920..c335b686557 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -28376,14 +28376,14 @@ CREATE INDEX index_on_issues_closed_incidents_by_project_id_and_closed_at ON iss CREATE INDEX index_on_label_links_all_columns ON label_links USING btree (target_id, label_id, target_type); -CREATE INDEX index_on_merge_request_assignees_state ON merge_request_assignees USING btree (state) WHERE (state = 2); - CREATE INDEX index_on_merge_request_assignees_updated_state_by_user_id ON merge_request_assignees USING btree (updated_state_by_user_id); -CREATE INDEX index_on_merge_request_reviewers_state ON merge_request_reviewers USING btree (state) WHERE (state = 2); +CREATE INDEX index_on_merge_request_assignees_user_id_and_state ON merge_request_assignees USING btree (user_id, state) WHERE (state = 2); CREATE INDEX index_on_merge_request_reviewers_updated_state_by_user_id ON merge_request_reviewers USING btree (updated_state_by_user_id); +CREATE INDEX index_on_merge_request_reviewers_user_id_and_state ON merge_request_reviewers USING btree (user_id, state) WHERE (state = 2); + CREATE INDEX index_on_merge_requests_for_latest_diffs ON merge_requests USING btree (target_project_id) INCLUDE (id, latest_merge_request_diff_id); COMMENT ON INDEX index_on_merge_requests_for_latest_diffs IS 'Index used to efficiently obtain the oldest merge request for a commit SHA'; diff --git a/doc/api/settings.md b/doc/api/settings.md index 16e281af916..39de0d6b125 100644 --- a/doc/api/settings.md +++ b/doc/api/settings.md @@ -437,6 +437,9 @@ listed in the descriptions of the relevant settings. | `throttle_authenticated_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_authenticated_api_period_in_seconds` and `throttle_authenticated_api_requests_per_period`) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). | | `throttle_authenticated_api_period_in_seconds` | integer | required by:
`throttle_authenticated_api_enabled` | Rate limit period (in seconds). | | `throttle_authenticated_api_requests_per_period` | integer | required by:
`throttle_authenticated_api_enabled` | Maximum requests per period per user. | +| `throttle_authenticated_packages_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_authenticated_packages_api_period_in_seconds` and `throttle_authenticated_packages_api_requests_per_period`) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | +| `throttle_authenticated_packages_api_period_in_seconds` | integer | required by:
`throttle_authenticated_packages_api_enabled` | Rate limit period (in seconds). View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | +| `throttle_authenticated_packages_api_requests_per_period` | integer | required by:
`throttle_authenticated_packages_api_enabled` | Maximum requests per period per user. View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | | `throttle_authenticated_web_enabled` | boolean | no | (**If enabled, requires:** `throttle_authenticated_web_period_in_seconds` and `throttle_authenticated_web_requests_per_period`) Enable authenticated web request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). | | `throttle_authenticated_web_period_in_seconds` | integer | required by:
`throttle_authenticated_web_enabled` | Rate limit period (in seconds). | | `throttle_authenticated_web_requests_per_period` | integer | required by:
`throttle_authenticated_web_enabled` | Maximum requests per period per user. | @@ -446,6 +449,9 @@ listed in the descriptions of the relevant settings. | `throttle_unauthenticated_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_unauthenticated_api_period_in_seconds` and `throttle_unauthenticated_api_requests_per_period`) Enable unauthenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). | | `throttle_unauthenticated_api_period_in_seconds` | integer | required by:
`throttle_unauthenticated_api_enabled` | Rate limit period in seconds. | | `throttle_unauthenticated_api_requests_per_period` | integer | required by:
`throttle_unauthenticated_api_enabled` | Max requests per period per IP. | +| `throttle_unauthenticated_packages_api_enabled` | boolean | no | (**If enabled, requires:** `throttle_unauthenticated_packages_api_period_in_seconds` and `throttle_unauthenticated_packages_api_requests_per_period`) Enable authenticated API request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | +| `throttle_unauthenticated_packages_api_period_in_seconds` | integer | required by:
`throttle_unauthenticated_packages_api_enabled` | Rate limit period (in seconds). View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | +| `throttle_unauthenticated_packages_api_requests_per_period` | integer | required by:
`throttle_unauthenticated_packages_api_enabled` | Maximum requests per period per user. View [Package Registry rate limits](../user/admin_area/settings/package_registry_rate_limits.md) for more details. | | `throttle_unauthenticated_web_enabled` | boolean | no | (**If enabled, requires:** `throttle_unauthenticated_web_period_in_seconds` and `throttle_unauthenticated_web_requests_per_period`) Enable unauthenticated web request rate limit. Helps reduce request volume (for example, from crawlers or abusive bots). | | `throttle_unauthenticated_web_period_in_seconds` | integer | required by:
`throttle_unauthenticated_web_enabled` | Rate limit period in seconds. | | `throttle_unauthenticated_web_requests_per_period` | integer | required by:
`throttle_unauthenticated_web_enabled` | Max requests per period per IP. | diff --git a/doc/security/user_file_uploads.md b/doc/security/user_file_uploads.md index e8b0c08e240..dcdd18a9f0b 100644 --- a/doc/security/user_file_uploads.md +++ b/doc/security/user_file_uploads.md @@ -7,8 +7,6 @@ info: To determine the technical writer assigned to the Stage/Group associated w # User File Uploads **(FREE)** -> - In GitLab 14.8 and later, [authorization checks are enforced](https://gitlab.com/gitlab-org/gitlab/-/issues/26781) on media uploads. This change is being [rolled out incrementally](https://gitlab.com/gitlab-org/gitlab/-/issues/352291) on GitLab.com in 14.9. - Images that are attached to issues, merge requests, or comments do not require authentication to be viewed if they are accessed directly by URL. This direct URL contains a random 32-character ID that prevents unauthorized diff --git a/doc/topics/git/lfs/index.md b/doc/topics/git/lfs/index.md index 977f51a7211..e1c21e1b06a 100644 --- a/doc/topics/git/lfs/index.md +++ b/doc/topics/git/lfs/index.md @@ -10,7 +10,7 @@ disqus_identifier: 'https://docs.gitlab.com/ee/workflow/lfs/lfs/index.html' Managing large files such as audio, video and graphics files has always been one of the shortcomings of Git. The general recommendation is to not have Git repositories -larger than 1GB to preserve performance. +larger than 1 GB to preserve performance. ![Git LFS tracking status](img/lfs-icon.png) @@ -19,7 +19,7 @@ blob or an LFS pointer. ## How it works -Git LFS client talks with the GitLab server over HTTPS. It uses HTTP Basic Authentication +Git LFS client communicates with the GitLab server over HTTPS. It uses HTTP Basic Authentication to authorize client requests. After the request is authorized, Git LFS client receives instructions from where to fetch or where to push the large file. @@ -29,29 +29,23 @@ Documentation for GitLab instance administrators is under [LFS administration do ## Requirements -- Git LFS is supported in GitLab starting with version 8.2 -- Git LFS must be enabled under project settings -- [Git LFS client](https://git-lfs.github.com) version 1.0.1 and up must be installed +- Git LFS must be [enabled in project settings](../../../user/project/settings/index.md#sharing-and-permissions). +- [Git LFS client](https://git-lfs.github.com) version 1.0.1 or higher must be installed. ## Known limitations - Git LFS v1 original API is not supported, because it was deprecated early in LFS development. - When SSH is set as a remote, Git LFS objects still go through HTTPS. -- Any Git LFS request asks for HTTPS credentials to be provided so a good Git - credentials store is recommended. +- Any Git LFS request asks for HTTPS credentials, so we recommend a good Git + credentials store. - Git LFS always assumes HTTPS so if you have GitLab server on HTTP you must [add the URL to Git configuration manually](#troubleshooting). - [Group wikis](../../../user/project/wiki/group.md) do not support Git LFS. -NOTE: -With 8.12 GitLab added LFS support to SSH. The Git LFS communication -still goes over HTTP, but now the SSH client passes the correct credentials -to the Git LFS client. No action is required by the user. - ## Using Git LFS -Lets take a look at the workflow when you need to check large files into your Git +Let's take a look at the workflow when you need to check large files into your Git repository with Git LFS. For example, if you want to upload a very large file and check it into your Git repository: diff --git a/lib/api/validations/validators/limit.rb b/lib/api/validations/validators/limit.rb index e8f894849a5..7e11f1d77cc 100644 --- a/lib/api/validations/validators/limit.rb +++ b/lib/api/validations/validators/limit.rb @@ -7,7 +7,7 @@ module API def validate_param!(attr_name, params) value = params[attr_name] - return if value.size <= @option + return if value.nil? || value.size <= @option raise Grape::Exceptions::Validation.new( params: [@scope.full_name(attr_name)], diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 2f72b9073b3..285eb7ede98 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -41852,7 +41852,7 @@ msgstr "" msgid "Vulnerability|Image" msgstr "" -msgid "Vulnerability|Information related how the vulnerability was discovered and its impact to the system." +msgid "Vulnerability|Information related to how the vulnerability was discovered and its impact on the system." msgstr "" msgid "Vulnerability|Learn more about this vulnerability and the best way to resolve it." diff --git a/qa/qa/specs/features/browser_ui/3_create/snippet/create_personal_snippet_with_multiple_files_spec.rb b/qa/qa/specs/features/browser_ui/3_create/snippet/create_personal_snippet_with_multiple_files_spec.rb index ce99822b572..0560a5b125c 100644 --- a/qa/qa/specs/features/browser_ui/3_create/snippet/create_personal_snippet_with_multiple_files_spec.rb +++ b/qa/qa/specs/features/browser_ui/3_create/snippet/create_personal_snippet_with_multiple_files_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Create' do - describe 'Multiple file snippet' do + describe 'Multiple file snippet', :reliable do let(:snippet) do Resource::Snippet.fabricate_via_browser_ui! do |snippet| snippet.title = 'Personal snippet with multiple files' diff --git a/qa/qa/specs/features/browser_ui/3_create/snippet/delete_file_from_snippet_spec.rb b/qa/qa/specs/features/browser_ui/3_create/snippet/delete_file_from_snippet_spec.rb index b6092ef0c4c..e9339342386 100644 --- a/qa/qa/specs/features/browser_ui/3_create/snippet/delete_file_from_snippet_spec.rb +++ b/qa/qa/specs/features/browser_ui/3_create/snippet/delete_file_from_snippet_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Create' do - describe 'Multiple file snippet' do + describe 'Multiple file snippet', :reliable do let(:personal_snippet) do Resource::Snippet.fabricate_via_api! do |snippet| snippet.title = 'Personal snippet to delete file from' diff --git a/qa/qa/specs/features/browser_ui/3_create/snippet/share_snippet_spec.rb b/qa/qa/specs/features/browser_ui/3_create/snippet/share_snippet_spec.rb index 6777c113f36..182a21a9377 100644 --- a/qa/qa/specs/features/browser_ui/3_create/snippet/share_snippet_spec.rb +++ b/qa/qa/specs/features/browser_ui/3_create/snippet/share_snippet_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Create' do - describe 'Sharing snippets' do + describe 'Sharing snippets', :reliable do let(:snippet) do Resource::Snippet.fabricate! do |snippet| snippet.title = 'Shared snippet' diff --git a/spec/lib/api/validations/validators/limit_spec.rb b/spec/lib/api/validations/validators/limit_spec.rb index d71dde470cc..0c10e2f74d2 100644 --- a/spec/lib/api/validations/validators/limit_spec.rb +++ b/spec/lib/api/validations/validators/limit_spec.rb @@ -22,4 +22,10 @@ RSpec.describe API::Validations::Validators::Limit do expect_validation_error('test' => "#{'a' * 256}") end end + + context 'value is nil' do + it 'does not raise a validation error' do + expect_no_validation_error('test' => nil) + end + end end