Automatic merge of gitlab-org/gitlab-ce master

GITALY_SERVER_VERSION

-1.48.0
+1.49.0

changelogs/unreleased/gitaly-version-v1.49.0.yml

+---
+title: Upgrade to Gitaly v1.49.0
+merge_request: 29990
+author:
+type: changed

changelogs/unreleased/sh-quiet-backup-secrets-log.yml

+---
+title: Silence backup warnings when CRON=1 in use
+merge_request: 30033
+author:
+type: fixed

doc/user/application_security/dependency_scanning/index.md

@@ -46,13 +46,16 @@ this is enabled by default.
 
 The following languages and dependency managers are supported.
 
-| Language (package managers)                                                 | Scan tool                                                                                                                         |
-|-----------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------|
-| JavaScript ([npm](https://www.npmjs.com/), [yarn](https://yarnpkg.com/en/)) | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium/general), [Retire.js](https://retirejs.github.io/retire.js)         |
-| Python ([pip](https://pip.pypa.io/en/stable/)) (only `requirements.txt` supported)  | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium/general)                                                            |
-| Ruby ([gem](https://rubygems.org/))                                         | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium/general), [bundler-audit](https://github.com/rubysec/bundler-audit) |
-| Java ([Maven](https://maven.apache.org/))                                   | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium/general)                                                            |
-| PHP ([Composer](https://getcomposer.org/))                                  | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium/general)                                                            |
+| Language (package managers)  | Supported | Scan tool(s) |
+|----------------------------- | --------- | ------------ |
+| JavaScript ([npm](https://www.npmjs.com/), [yarn](https://yarnpkg.com/en/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium), [Retire.js](https://retirejs.github.io/retire.js)         |
+| Python ([pip](https://pip.pypa.io/en/stable/)) (only `requirements.txt` supported)  | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
+| Ruby ([gem](https://rubygems.org/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium), [bundler-audit](https://github.com/rubysec/bundler-audit) |
+| Java ([Maven](https://maven.apache.org/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
+| PHP ([Composer](https://getcomposer.org/))  | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
+| Python ([poetry](https://poetry.eustace.io/)) | no ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/7006 "Support Poetry in Dependency Scanning")) | not available |
+| Python ([Pipfile](https://docs.pipenv.org/en/latest/basics/)) | no ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/11756 "Pipfile.lock support for Dependency Scanning"))| not available |
+| Go ([Golang](https://golang.org/)) | no ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/7132 "Dependency Scanning for Go")) | not available |
 
 ## Remote checks
 

lib/gitlab/git/repository.rb

@@ -15,11 +15,6 @@ module Gitlab
 
       SEARCH_CONTEXT_LINES = 3
       REV_LIST_COMMIT_LIMIT = 2_000
-      # In https://gitlab.com/gitlab-org/gitaly/merge_requests/698
-      # We copied these two prefixes into gitaly-go, so don't change these
-      # or things will break! (REBASE_WORKTREE_PREFIX and SQUASH_WORKTREE_PREFIX)
-      REBASE_WORKTREE_PREFIX = 'rebase'.freeze
-      SQUASH_WORKTREE_PREFIX = 'squash'.freeze
       GITALY_INTERNAL_URL = 'ssh://gitaly/internal.git'.freeze
       GITLAB_PROJECTS_TIMEOUT = Gitlab.config.gitlab_shell.git_timeout
       EMPTY_REPOSITORY_CHECKSUM = '0000000000000000000000000000000000000000'.freeze

lib/tasks/gitlab/backup.rake

@@ -21,10 +21,10 @@ namespace :gitlab do
       backup.cleanup
       backup.remove_old
 
-      puts "Warning: Your gitlab.rb and gitlab-secrets.json files contain sensitive data \n" \
+      progress.puts "Warning: Your gitlab.rb and gitlab-secrets.json files contain sensitive data \n" \
            "and are not included in this backup. You will need these files to restore a backup.\n" \
            "Please back them up manually.".color(:red)
-      puts "Backup task is done."
+      progress.puts "Backup task is done."
     end
 
     # Restore backup of GitLab system

spec/lib/gitlab/git/repository_spec.rb

@@ -2038,24 +2038,24 @@ describe Gitlab::Git::Repository, :seed_helper do
   end
 
   describe '#clean_stale_repository_files' do
-    let(:worktree_path) { File.join(repository_path, 'worktrees', 'delete-me') }
+    let(:worktree_id) { 'rebase-1' }
+    let(:gitlab_worktree_path) { File.join(repository_path, 'gitlab-worktree', worktree_id) }
+    let(:admin_dir) { File.join(repository_path, 'worktrees') }
 
     it 'cleans up the files' do
-      create_worktree = %W[git -C #{repository_path} worktree add --detach #{worktree_path} master]
+      create_worktree = %W[git -C #{repository_path} worktree add --detach #{gitlab_worktree_path} master]
       raise 'preparation failed' unless system(*create_worktree, err: '/dev/null')
 
-      FileUtils.touch(worktree_path, mtime: Time.now - 8.hours)
+      FileUtils.touch(gitlab_worktree_path, mtime: Time.now - 8.hours)
       # git rev-list --all will fail in git 2.16 if HEAD is pointing to a non-existent object,
       # but the HEAD must be 40 characters long or git will ignore it.
-      File.write(File.join(worktree_path, 'HEAD'), Gitlab::Git::BLANK_SHA)
-
-      # git 2.16 fails with "fatal: bad object HEAD"
-      expect(rev_list_all).to be false
+      File.write(File.join(admin_dir, worktree_id, 'HEAD'), Gitlab::Git::BLANK_SHA)
 
+      expect(rev_list_all).to be(false)
       repository.clean_stale_repository_files
 
-      expect(rev_list_all).to be true
-      expect(File.exist?(worktree_path)).to be_falsey
+      expect(rev_list_all).to be(true)
+      expect(File.exist?(gitlab_worktree_path)).to be_falsey
     end
 
     def rev_list_all