Add latest changes from gitlab-org/gitlab@master

Author: GitLab Bot

app/assets/javascripts/packages_and_registries/settings/group/components/packages_settings.vue

@@ -100,8 +100,8 @@ export default {
             :duplicate-exception-regex-error="errors.mavenDuplicateExceptionRegex"
             :model-names="modelNames"
             :loading="isLoading"
-            toggle-qa-selector="allow_duplicates_toggle"
-            label-qa-selector="allow_duplicates_label"
+            toggle-qa-selector="reject_duplicates_toggle"
+            label-qa-selector="reject_duplicates_label"
             @update="updateSettings"
           />
         </template>

app/models/key.rb

@@ -121,6 +121,12 @@ def public_key
     @public_key ||= Gitlab::SSHPublicKey.new(key)
   end
 
+  def ensure_sha256_fingerprint!
+    return if self.fingerprint_sha256
+
+    save if generate_fingerprint
+  end
+
   private
 
   def generate_fingerprint

app/services/projects/move_deploy_keys_projects_service.rb

@@ -5,6 +5,10 @@ class MoveDeployKeysProjectsService < BaseMoveRelationsService
     def execute(source_project, remove_remaining_elements: true)
       return unless super
 
+      # The SHA256 fingerprint should be there, but just in case it isn't
+      # we want to make sure it's generated. Otherwise we might delete keys.
+      ensure_sha256_fingerprints
+
       Project.transaction do
         move_deploy_keys_projects
         remove_remaining_deploy_keys_projects if remove_remaining_elements
@@ -15,6 +19,11 @@ def execute(source_project, remove_remaining_elements: true)
 
     private
 
+    def ensure_sha256_fingerprints
+      @project.deploy_keys.each(&:ensure_sha256_fingerprint!)
+      source_project.deploy_keys.each(&:ensure_sha256_fingerprint!)
+    end
+
     def move_deploy_keys_projects
       non_existent_deploy_keys_projects.update_all(project_id: @project.id)
     end
@@ -23,7 +32,7 @@ def move_deploy_keys_projects
     def non_existent_deploy_keys_projects
       source_project.deploy_keys_projects
                     .joins(:deploy_key)
-                    .where.not(keys: { fingerprint: @project.deploy_keys.select(:fingerprint) })
+                    .where.not(keys: { fingerprint_sha256: @project.deploy_keys.select(:fingerprint_sha256) })
     end
     # rubocop: enable CodeReuse/ActiveRecord
 

app/views/users/_profile_basic_info.html.haml

@@ -2,5 +2,8 @@
   = render 'middle_dot_divider' do
     @#{@user.username}
   - if can?(current_user, :read_user_profile, @user)
+    = render 'middle_dot_divider' do
+      = s_('UserProfile|User ID: %{id}') % { id: @user.id }
+      = clipboard_button(title: s_('UserProfile|Copy user ID'), text: @user.id)
     = render 'middle_dot_divider' do
       = s_('Member since %{date}') % { date: @user.created_at.to_date.to_s(:long) }

doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md

@@ -927,13 +927,13 @@ conflicting_permanent_redirects.destroy_all
 
 ## Merge requests
 
-### Close a merge request properly (if merged but still marked as open)
+### Close a merge request
 
 ```ruby
 u = User.find_by_username('<username>')
 p = Project.find_by_full_path('<namespace/project>')
 m = p.merge_requests.find_by(iid: <iid>)
-MergeRequests::PostMergeService.new(project: p, current_user: u).execute(m)
+MergeRequests::CloseService.new(project: p, current_user: u).execute(m)
 ```
 
 ### Delete a merge request
@@ -954,6 +954,21 @@ m = p.merge_requests.find_by(iid: <iid>)
 MergeRequests::RebaseService.new(project: m.target_project, current_user: u).execute(m)
 ```
 
+### Set a merge request as merged
+
+Use when a merge request was accepted and the changes merged into the Git repository,
+but the merge request still shows as open.
+
+If the changes are not merged yet, this action causes the merge request to
+incorrectly show `merged into <branch-name>`.
+
+```ruby
+u = User.find_by_username('<username>')
+p = Project.find_by_full_path('<namespace/project>')
+m = p.merge_requests.find_by(iid: <iid>)
+MergeRequests::PostMergeService.new(project: p, current_user: u).execute(m)
+```
+
 ## CI
 
 ### Cancel stuck pending pipelines

doc/ci/jobs/job_control.md

@@ -304,7 +304,7 @@ to add jobs to a pipeline:
 ```yaml
 docker build:
   variables:
-    DOCKERFILES_DIR: 'path/to/files/'
+    DOCKERFILES_DIR: 'path/to/files'
   script: docker build -t my-image:$CI_COMMIT_REF_SLUG .
   rules:
     - changes:
@@ -1005,6 +1005,26 @@ Additionally, rules with `changes` always evaluate as true in [scheduled pipelin
 All files are considered to have changed when a scheduled pipeline runs, so jobs
 might always be added to scheduled pipelines that use `changes`.
 
+### File paths in CI/CD variables
+
+Be careful when using file paths in CI/CD variables. A trailing slash can appear correct
+in the variable definition, but can become invalid when expanded in `script:`, `changes:`,
+or other keywords. For example:
+
+```yaml
+docker_build:
+  variables:
+    DOCKERFILES_DIR: 'path/to/files/'  # This variable should not have a trailing '/' character
+  script: echo "A docker job"
+  rules:
+    - changes:
+        - $DOCKERFILES_DIR/*
+```
+
+When the `DOCKERFILES_DIR` variable is expanded in the `changes:` section, the full
+path becomes `path/to/files//*`. The double slashes might cause unexpected behavior
+depending on the keyword used, shell and OS of the runner, and so on.
+
 ### `You are not allowed to download code from this project.` error message
 
 You might see pipelines fail when a GitLab administrator runs a protected manual job

doc/development/i18n/proofreader.md

@@ -34,6 +34,7 @@ are very appreciative of the work done by translators and proofreaders!
   - Weizhe Ding - [GitLab](https://gitlab.com/d.weizhe), [Crowdin](https://crowdin.com/profile/d.weizhe)
   - Yi-Jyun Pan - [GitLab](https://gitlab.com/pan93412), [Crowdin](https://crowdin.com/profile/pan93412)
   - Victor Wu - [GitLab](https://gitlab.com/_victorwu_), [Crowdin](https://crowdin.com/profile/victorwu)
+  - Hansel Wang - [GitLab](https://gitlab.com/airness), [Crowdin](https://crowdin.com/profile/airness)
 - Chinese Traditional, Hong Kong 繁體中文 (香港)
   - Victor Wu - [GitLab](https://gitlab.com/_victorwu_), [Crowdin](https://crowdin.com/profile/victorwu)
   - Ivan Ip - [GitLab](https://gitlab.com/lifehome), [Crowdin](https://crowdin.com/profile/lifehome)

doc/user/admin_area/broadcast_messages.md

@@ -7,7 +7,8 @@ type: reference, howto
 
 # Broadcast messages **(FREE SELF)**
 
-> Target roles [introduced](https://gitlab.com/gitlab-org/growth/team-tasks/-/issues/461) in GitLab 14.8 [with a flag](../../administration/feature_flags.md) named `role_targeted_broadcast_messages`. Disabled by default.
+> - Target roles [introduced](https://gitlab.com/gitlab-org/growth/team-tasks/-/issues/461) in GitLab 14.8 [with a flag](../../administration/feature_flags.md) named `role_targeted_broadcast_messages`. Disabled by default.
+> - Theme [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/83251) and background color removed in GitLab 14.10.
 
 GitLab can display broadcast messages to users of a GitLab instance. There are two types of broadcast messages:
 

doc/user/project/merge_requests/csv_export.md

@@ -4,17 +4,25 @@ group: Compliance
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 ---
 
-# Export merge requests to CSV **(FREE)**
+# Export merge requests to CSV**(FREE)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3619) in GitLab 13.6.
 
-Exporting merge requests CSV enables you and your team to export all the data collected from merge requests into a comma-separated values (CSV) file, which stores tabular data in plain text.
+Export all the data collected from a project's merge requests into a comma-separated values (CSV) file.
 
-To export merge requests to CSV, navigate to your **Merge requests** from the sidebar of a project and select **Export as CSV**.
+To export merge requests to a CSV file:
+
+1. On the top bar, select **Menu > Projects** and find your project.
+1. On the left sidebar, select **Merge requests** .
+1. Add any searches or filters. This can help you keep the size of the CSV file under the 15MB limit. The limit ensures
+   the file can be emailed to a variety of email providers.
+1. Select **Export as CSV** (**{export}**).
+1. Confirm the correct number of merge requests are to be exported.
+1. Select **Export merge requests**.
 
 ## CSV Output
 
-The following table shows what attributes will be present in the CSV.
+The following table shows the attributes in the CSV file.
 
 | Column             | Description                                                  |
 |--------------------|--------------------------------------------------------------|
@@ -42,8 +50,3 @@ The following table shows what attributes will be present in the CSV.
 In GitLab 14.7 and earlier, the first two columns were `MR ID` and `URL`,
 which [caused an issue](https://gitlab.com/gitlab-org/gitlab/-/issues/34769)
 when importing back into GitLab.
-
-## Limitations
-
-- Export merge requests to CSV is not available at the Group's merge request list.
-- As the merge request CSV file is sent as an email attachment, the size is limited to 15MB to ensure successful delivery across a range of email providers. If you need to minimize the size of the file, you can narrow the search before export. For example, you can set up exports of open and closed merge requests in separate files.

lib/api/maven_packages.rb

@@ -43,13 +43,26 @@ def extract_format(file_name)
         end
       end
 
+      # The sha verification done by the maven api is between:
+      # - the sha256 set by workhorse helpers
+      # - the sha256 of the sha1 of the uploaded package file
       def verify_package_file(package_file, uploaded_file)
         stored_sha256 = Digest::SHA256.hexdigest(package_file.file_sha1)
         expected_sha256 = uploaded_file.sha256
 
         if stored_sha256 == expected_sha256
           no_content!
         else
+          # Track sha1 conflicts.
+          # See https://gitlab.com/gitlab-org/gitlab/-/issues/367356
+          Gitlab::ErrorTracking.log_exception(
+            ArgumentError.new,
+            message: 'maven package file sha1 conflict',
+            stored_sha1: package_file.file_sha1,
+            received_sha256: uploaded_file.sha256,
+            sha256_hexdigest_of_stored_sha1: stored_sha256
+          )
+
           conflict!
         end
       end

locale/gitlab.pot

@@ -42260,6 +42260,9 @@ msgstr ""
 msgid "UserProfile|Contributed projects"
 msgstr ""
 
+msgid "UserProfile|Copy user ID"
+msgstr ""
+
 msgid "UserProfile|Edit profile"
 msgstr ""
 
@@ -42341,6 +42344,9 @@ msgstr ""
 msgid "UserProfile|Unconfirmed user"
 msgstr ""
 
+msgid "UserProfile|User ID: %{id}"
+msgstr ""
+
 msgid "UserProfile|View all"
 msgstr ""
 

qa/qa/page/group/settings/package_registries.rb

@@ -8,41 +8,41 @@ class PackageRegistries < QA::Page::Base
 
           view 'app/assets/javascripts/packages_and_registries/settings/group/components/packages_settings.vue' do
             element :package_registry_settings_content
-            element :allow_duplicates_toggle
-            element :allow_duplicates_label
+            element :reject_duplicates_toggle
+            element :reject_duplicates_label
           end
 
           view 'app/assets/javascripts/packages_and_registries/settings/group/components/dependency_proxy_settings.vue' do
             element :dependency_proxy_settings_content
             element :dependency_proxy_setting_toggle
           end
 
-          def set_allow_duplicates_disabled
+          def set_reject_duplicates_disabled
             within_element :package_registry_settings_content do
-              click_on_allow_duplicates_button if duplicates_enabled?
+              click_on_reject_duplicates_button if duplicates_disabled?
             end
           end
 
-          def set_allow_duplicates_enabled
+          def set_reject_duplicates_enabled
             within_element :package_registry_settings_content do
-              click_on_allow_duplicates_button unless duplicates_enabled?
+              click_on_reject_duplicates_button unless duplicates_disabled?
             end
           end
 
-          def click_on_allow_duplicates_button
-            with_allow_duplicates_button do |button|
+          def click_on_reject_duplicates_button
+            with_reject_duplicates_button do |button|
               button.click
             end
           end
 
-          def duplicates_enabled?
-            with_allow_duplicates_button do |button|
+          def duplicates_disabled?
+            with_reject_duplicates_button do |button|
               button[:class].include?('is-checked')
             end
           end
 
-          def with_allow_duplicates_button
-            within_element :allow_duplicates_toggle do
+          def with_reject_duplicates_button
+            within_element :reject_duplicates_toggle do
               toggle = find('button.gl-toggle:not(.is-disabled)')
               yield(toggle)
             end

qa/qa/specs/features/browser_ui/5_package/package_registry/maven/maven_group_level_spec.rb

@@ -135,14 +135,14 @@ module QA
         end
       end
 
-      context 'duplication setting', quarantine: { type: :stale, issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/365150' } do
+      context 'duplication setting' do
         before do
           package_project.group.visit!
 
           Page::Group::Menu.perform(&:go_to_package_settings)
         end
 
-        context 'when disabled' do
+        context 'when enabled' do
           where do
             {
               'using a personal access token' => {
@@ -176,7 +176,7 @@ module QA
             end
 
             before do
-              Page::Group::Settings::PackageRegistries.perform(&:set_allow_duplicates_disabled)
+              Page::Group::Settings::PackageRegistries.perform(&:set_reject_duplicates_enabled)
             end
 
             it 'prevents users from publishing group level Maven packages duplicates', testcase: params[:testcase] do
@@ -195,7 +195,7 @@ module QA
           end
         end
 
-        context 'when enabled' do
+        context 'when disabled' do
           where do
             {
               'using a personal access token' => {
@@ -229,7 +229,7 @@ module QA
             end
 
             before do
-              Page::Group::Settings::PackageRegistries.perform(&:set_allow_duplicates_enabled)
+              Page::Group::Settings::PackageRegistries.perform(&:set_reject_duplicates_disabled)
             end
 
             it 'allows users to publish group level Maven packages duplicates', testcase: params[:testcase] do