Add latest changes from gitlab-org/gitlab@master

app/assets/javascripts/jobs/components/job_container_item.vue

@@ -35,33 +35,40 @@ export default {
 
       return text;
     },
+    jobName() {
+      return this.job.name ? this.job.name : this.job.id;
+    },
+    classes() {
+      return {
+        retried: this.job.retried,
+        'gl-font-weight-bold': this.isActive,
+      };
+    },
+    dataTestId() {
+      return this.isActive ? 'active-job' : null;
+    },
   },
 };
 </script>
 
 <template>
-  <div
-    class="build-job gl-relative"
-    :class="{
-      retried: job.retried,
-      active: isActive,
-    }"
-  >
+  <div class="build-job gl-relative" :class="classes">
     <gl-link
       v-gl-tooltip:tooltip-container.left
       :href="job.status.details_path"
       :title="tooltipText"
-      class="js-job-link gl-display-flex gl-align-items-center"
+      class="gl-display-flex gl-align-items-center"
+      :data-testid="dataTestId"
     >
       <gl-icon
         v-if="isActive"
         name="arrow-right"
-        class="js-arrow-right icon-arrow-right gl-absolute gl-display-block"
+        class="icon-arrow-right gl-absolute gl-display-block"
       />
 
       <ci-icon :status="job.status" />
 
-      <span class="text-truncate w-100">{{ job.name ? job.name : job.id }}</span>
+      <span class="gl-text-truncate gl-w-full">{{ jobName }}</span>
 
       <gl-icon v-if="job.retried" name="retry" />
     </gl-link>

app/assets/stylesheets/page_bundles/build.scss

@@ -198,10 +198,6 @@
     }
 
     .build-job {
-      &.active {
-        font-weight: $gl-font-weight-bold;
-      }
-
       &.retried {
         background-color: var(--gray-10, $gray-10);
       }

changelogs/unreleased/267489-finding-evidence-details-response-body.yml

@@ -0,0 +1,5 @@
+---
+title: Add body to finding evidence responses
+merge_request: 61631
+author:
+type: changed

changelogs/unreleased/330274-add-a-boolean-column-for-tracking-mr-draft-status.yml

@@ -0,0 +1,5 @@
+---
+title: Add draft column to merge_requests table
+merge_request: 61681
+author:
+type: other

db/migrate/20210512183309_add_body_to_findings_evidences_response.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+class AddBodyToFindingsEvidencesResponse < ActiveRecord::Migration[6.0]
+  # rubocop:disable Migration/AddLimitToTextColumns
+  # limit is added in 20210512183310_add_limit_to_findings_evidences_response_body.rb
+  def change
+    add_column :vulnerability_finding_evidence_responses, :body, :text
+  end
+  # rubocop:enable Migration/AddLimitToTextColumns
+end

db/migrate/20210512183310_add_limit_to_findings_evidences_response_body.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class AddLimitToFindingsEvidencesResponseBody < ActiveRecord::Migration[6.0]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_text_limit :vulnerability_finding_evidence_responses, :body, 2048
+  end
+
+  def down
+    remove_text_limit :vulnerability_finding_evidence_responses, :body
+  end
+end

db/migrate/20210513093418_add_draft_column_to_merge_requests.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class AddDraftColumnToMergeRequests < ActiveRecord::Migration[6.0]
+  include Gitlab::Database::MigrationHelpers
+
+  def up
+    with_lock_retries do
+      add_column :merge_requests, :draft, :boolean, default: false, null: false
+    end
+  end
+
+  def down
+    with_lock_retries do
+      remove_column :merge_requests, :draft
+    end
+  end
+end

db/schema_migrations/20210512183309

@@ -0,0 +1 @@
+490dd9a1fe59fb1454f938763f9b8bce7a0567569ad5f7b8e29b196551d869e1

db/schema_migrations/20210512183310

@@ -0,0 +1 @@
+d1e389755e4f5ed0075b07c5680eee5ae3557550071d14360ad3030e4c2d3ac1

db/schema_migrations/20210513093418

@@ -0,0 +1 @@
+f2c85121d217aa953b6ae52e32624cf4164b1f1408bcbe8ae3facafc15b037ce

db/structure.sql

@@ -14731,6 +14731,7 @@ CREATE TABLE merge_requests (
     squash_commit_sha bytea,
     sprint_id bigint,
     merge_ref_sha bytea,
+    draft boolean DEFAULT false NOT NULL,
     CONSTRAINT check_970d272570 CHECK ((lock_version IS NOT NULL))
 );
 
@@ -18860,7 +18861,9 @@ CREATE TABLE vulnerability_finding_evidence_responses (
     vulnerability_finding_evidence_id bigint NOT NULL,
     status_code integer,
     reason_phrase text,
-    CONSTRAINT check_58b124ab48 CHECK ((char_length(reason_phrase) <= 2048))
+    body text,
+    CONSTRAINT check_58b124ab48 CHECK ((char_length(reason_phrase) <= 2048)),
+    CONSTRAINT check_76bac0c32b CHECK ((char_length(body) <= 2048))
 );
 
 CREATE SEQUENCE vulnerability_finding_evidence_responses_id_seq

doc/user/application_security/threat_monitoring/index.md

@@ -227,7 +227,8 @@ By default, the list doesn't display resolved or dismissed alerts.
 
 ![Policy Alert List](img/threat_monitoring_policy_alert_list_v13_12.png)
 
-Clicking an alert's row will open the alert drawer that shows more details and allows a user to create an incident from the alert.
+Clicking an alert's row opens the alert drawer, which shows more information about the alert. A user
+can also create an incident from the alert in the alert drawer.
 
 Clicking an alert's name takes the user to the [alert details page](../../../operations/incident_management/alerts.md#alert-details-page).
 

doc/user/permissions.md

@@ -427,8 +427,8 @@ with the permissions described on the documentation on [auditor users permission
 
 >[Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40942) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.4.
 
-Administrators can add members with a "minimal access" role to a parent group. Such users don't
-automatically have access to projects and subgroups underneath. To support such access, administrators must explicitly add these "minimal access" users to the specific subgroups/projects.
+Owners can add members with a "minimal access" role to a parent group. Such users don't
+automatically have access to projects and subgroups underneath. To support such access, owners must explicitly add these "minimal access" users to the specific subgroups/projects.
 
 Users with minimal access can list the group in the UI and through the API. However, they cannot see
 details such as projects or subgroups. They do not have access to the group's page or list any of its subgroups or projects.

spec/features/projects/jobs_spec.rb

@@ -136,7 +136,7 @@ RSpec.describe 'Jobs', :clean_gitlab_redis_shared_state do
         visit project_job_path(project, job)
 
         wait_for_requests
-        expect(page).to have_selector('.build-job.active')
+        expect(page).to have_selector('[data-testid="active-job"]')
       end
     end
 
@@ -255,7 +255,7 @@ RSpec.describe 'Jobs', :clean_gitlab_redis_shared_state do
       end
 
       it 'renders escaped tooltip name' do
-        page.find('.active.build-job a').hover
+        page.find('[data-testid="active-job"]').hover
         expect(page).to have_content('<img src=x onerror=alert(document.domain)> - passed')
       end
     end

spec/lib/gitlab/import_export/safe_model_attributes.yml

@@ -208,6 +208,7 @@ MergeRequest:
 - discussion_locked
 - allow_maintainer_to_push
 - merge_ref_sha
+- draft
 MergeRequestDiff:
 - id
 - state