Merge branch 'ce-to-ee' into 'master'

CE Upstream - Monday

Closes gitaly#559, gitlab-ce#37916, and gitlab-ce#36877

See merge request gitlab-org/gitlab-ee!2948

.gitlab-ci.yml

-image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.3-golang-1.8-git-2.13-phantomjs-2.1-node-7.1-postgresql-9.6"
+image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.3-golang-1.8-git-2.13-phantomjs-2.1-node-8.x-yarn-1.0-postgresql-9.6"
 
 .default-cache: &default-cache
   key: "ruby-233-with-yarn"
@@ -198,6 +198,9 @@ review-docs-deploy:
   stage: build
   environment:
     name: review-docs/$CI_COMMIT_REF_NAME
+    # DOCS_REVIEW_APPS_DOMAIN and DOCS_GITLAB_REPO_SUFFIX are secret variables
+    # Discussion: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14236/diffs#note_40140693
+    url: http://$CI_COMMIT_REF_SLUG-built-from-ce-ee.$DOCS_REVIEW_APPS_DOMAIN/$DOCS_GITLAB_REPO_SUFFIX
     on_stop: review-docs-cleanup
   script:
     - gem install gitlab --no-doc
@@ -530,7 +533,7 @@ karma:
   <<: *dedicated-runner
   <<: *except-docs
   <<: *pull-cache
-  image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.3-golang-1.8-git-2.13-chrome-60.0-node-7.1-postgresql-9.6"
+  image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.3-golang-1.8-git-2.13-chrome-61.0-node-8.x-yarn-1.0-postgresql-9.6"
   stage: test
   variables:
     BABEL_ENV: "coverage"

CONTRIBUTING.md

@@ -287,7 +287,10 @@ might be edited to make them small and simple.
 
 Please submit Feature Proposals using the ['Feature Proposal' issue template](.gitlab/issue_templates/Feature Proposal.md) provided on the issue tracker.
 
-For changes in the interface, it can be helpful to create a mockup first.
+For changes in the interface, it is helpful to include a mockup. Issues that add to, or change, the interface should 
+be given the ~"UX" label. This will allow the UX team to provide input and guidance. You may 
+need to ask one of the [core team] members to add the label, if you do not have permissions to do it by yourself. 
+
 If you want to create something yourself, consider opening an issue first to
 discuss whether it is interesting to include this in GitLab.
 

Gemfile.lock

@@ -382,7 +382,7 @@ GEM
       rake
     grape_logging (1.7.0)
       grape
-    grpc (1.4.5)
+    grpc (1.6.0)
       google-protobuf (~> 3.1)
       googleauth (~> 0.5.1)
     gssapi (1.2.0)

app/assets/javascripts/branches/branches_delete_modal.js

@@ -7,6 +7,7 @@ class DeleteModal {
     this.$branchName = $('.js-branch-name', this.$modal);
     this.$confirmInput = $('.js-delete-branch-input', this.$modal);
     this.$deleteBtn = $('.js-delete-branch', this.$modal);
+    this.$notMerged = $('.js-not-merged', this.$modal);
     this.bindEvents();
   }
 
@@ -16,8 +17,10 @@ class DeleteModal {
   }
 
   setModalData(e) {
-    this.branchName = e.currentTarget.dataset.branchName || '';
-    this.deletePath = e.currentTarget.dataset.deletePath || '';
+    const branchData = e.currentTarget.dataset;
+    this.branchName = branchData.branchName || '';
+    this.deletePath = branchData.deletePath || '';
+    this.isMerged = !!branchData.isMerged;
     this.updateModal();
   }
 
@@ -30,6 +33,7 @@ class DeleteModal {
     this.$confirmInput.val('');
     this.$deleteBtn.attr('href', this.deletePath);
     this.$deleteBtn.attr('disabled', true);
+    this.$notMerged.toggleClass('hidden', this.isMerged);
   }
 }
 

app/assets/javascripts/filtered_search/dropdown_user.js

@@ -15,6 +15,8 @@ class DropdownUser extends gl.FilteredSearchDropdown {
         params: {
           per_page: 20,
           active: true,
+          group_id: this.getGroupId(),
+          project_id: this.getProjectId(),
           current_user: true,
           ...this.projectOrGroupId(),
         },

app/assets/javascripts/fly_out_nav.js

@@ -77,10 +77,11 @@ export const hideMenu = (el) => {
 export const moveSubItemsToPosition = (el, subItems) => {
   const boundingRect = el.getBoundingClientRect();
   const top = calculateTop(boundingRect, subItems.offsetHeight);
+  const left = sidebar ? sidebar.offsetWidth : 50;
   const isAbove = top < boundingRect.top;
 
   subItems.classList.add('fly-out-list');
-  subItems.style.transform = `translate3d(0, ${Math.floor(top) - headerHeight}px, 0)`; // eslint-disable-line no-param-reassign
+  subItems.style.transform = `translate3d(${left}px, ${Math.floor(top) - headerHeight}px, 0)`; // eslint-disable-line no-param-reassign
 
   const subItemsRect = subItems.getBoundingClientRect();
 

app/assets/javascripts/labels_select.js

@@ -127,13 +127,6 @@ import DropdownUtils from './filtered_search/dropdown_utils';
             $('.has-tooltip', $value).tooltip({
               container: 'body'
             });
-            return $value.find('a').each(function(i) {
-              return setTimeout((function(_this) {
-                return function() {
-                  return gl.animate.animate($(_this), 'pulse');
-                };
-              })(this), 200 * i);
-            });
           });
         };
         $dropdown.glDropdown({

app/assets/javascripts/lib/utils/animate.js

-/* eslint-disable func-names, space-before-function-paren, wrap-iife, no-param-reassign, no-void, prefer-template, no-var, new-cap, prefer-arrow-callback, consistent-return, max-len */
-(function() {
-  (function(w) {
-    if (w.gl == null) {
-      w.gl = {};
-    }
-    if (gl.animate == null) {
-      gl.animate = {};
-    }
-    gl.animate.animate = function($el, animation, options, done) {
-      if ((options != null ? options.cssStart : void 0) != null) {
-        $el.css(options.cssStart);
-      }
-      $el.removeClass(animation + ' animated').addClass(animation + ' animated').one('webkitAnimationEnd mozAnimationEnd MSAnimationEnd oanimationend animationend', function() {
-        $(this).removeClass(animation + ' animated');
-        if (done != null) {
-          done();
-        }
-        if ((options != null ? options.cssEnd : void 0) != null) {
-          $el.css(options.cssEnd);
-        }
-      });
-    };
-    gl.animate.animateEach = function($els, animation, time, options, done) {
-      var dfd;
-      dfd = $.Deferred();
-      if (!$els.length) {
-        dfd.resolve();
-      }
-      $els.each(function(i) {
-        setTimeout((function(_this) {
-          return function() {
-            var $this;
-            $this = $(_this);
-            return gl.animate.animate($this, animation, options, function() {
-              if (i === $els.length - 1) {
-                dfd.resolve();
-                if (done != null) {
-                  return done();
-                }
-              }
-            });
-          };
-        })(this), time * i);
-      });
-      return dfd.promise();
-    };
-  })(window);
-}).call(window);

app/assets/javascripts/main.js

@@ -39,7 +39,6 @@ import './commit/file';
 import './commit/image_file';
 
 // lib/utils
-import './lib/utils/animate';
 import './lib/utils/bootstrap_linked_tabs';
 import './lib/utils/common_utils';
 import './lib/utils/datetime_utility';

app/assets/javascripts/milestone_select.js

@@ -45,7 +45,7 @@ import _ from 'underscore';
         if (issueUpdateURL) {
           milestoneLinkTemplate = _.template('<a href="/<%- full_path %>/milestones/<%- iid %>" class="bold has-tooltip" data-container="body" title="<%- remaining %>"><%- title %></a>');
           milestoneLinkNoneTemplate = '<span class="no-value">None</span>';
-          collapsedSidebarLabelTemplate = _.template('<span class="has-tooltip" data-container="body" title="<%- remaining %>" data-placement="left"> <%- title %> </span>');
+          collapsedSidebarLabelTemplate = _.template('<span class="has-tooltip" data-container="body" title="<%- name %><br /><%- remaining %>" data-placement="left" data-html="true"> <%- title %> </span>');
         }
         return $dropdown.glDropdown({
           showMenuAbove: showMenuAbove,
@@ -231,6 +231,7 @@ import _ from 'underscore';
                 if (data.milestone != null) {
                   data.milestone.full_path = _this.currentProject.full_path;
                   data.milestone.remaining = gl.utils.timeFor(data.milestone.due_date);
+                  data.milestone.name = data.milestone.title;
                   $value.html(milestoneLinkTemplate(data.milestone));
                   return $sidebarCollapsedValue.find('span').html(collapsedSidebarLabelTemplate(data.milestone));
                 } else {

app/assets/javascripts/notes/components/issue_note_actions.vue

@@ -86,7 +86,7 @@
   <div class="note-actions">
     <span
       v-if="accessLevel"
-      class="note-role">{{accessLevel}}</span>
+      class="note-role note-role-access">{{accessLevel}}</span>
     <div
       v-if="canAddAwardEmoji"
       class="note-actions-item">

app/assets/stylesheets/framework/gitlab-theme.scss

@@ -158,11 +158,23 @@
     box-shadow: inset 4px 0 0 $color-700;
 
     > a {
-      color: $color-900;
+      color: $color-800;
     }
 
     svg {
-      fill: $color-900;
+      fill: $color-800;
+    }
+  }
+
+  .sidebar-top-level-items > li.active .badge {
+    color: $color-800;
+  }
+
+  .nav-links li.active a {
+    border-bottom-color: $color-500;
+
+    .badge {
+      font-weight: $gl-font-weight-bold;
     }
   }
 }
@@ -261,5 +273,9 @@ body {
         fill: $theme-gray-900;
       }
     }
+
+    .sidebar-top-level-items > li.active .badge {
+      color: $theme-gray-900;
+    }
   }
 }

app/assets/stylesheets/framework/nav.scss

@@ -355,7 +355,7 @@
   border-bottom: 1px solid $border-color;
   transition: padding $sidebar-transition-duration;
   text-align: center;
-  margin-top: $header-height;
+  margin-top: $new-navbar-height;
 
   .container-fluid {
     position: relative;

app/assets/stylesheets/framework/sidebar.scss

@@ -78,16 +78,16 @@
 
 .right-sidebar {
   border-left: 1px solid $border-color;
-  height: calc(100% - #{$header-height});
+  height: calc(100% - #{$new-navbar-height});
 
   &.affix {
     position: fixed;
-    top: $header-height;
+    top: $new-navbar-height;
   }
 }
 
 .with-performance-bar .right-sidebar.affix {
-  top: $header-height + $performance-bar-height;
+  top: $new-navbar-height + $performance-bar-height;
 }
 
 @mixin maintain-sidebar-dimensions {

app/assets/stylesheets/framework/variables.scss

@@ -13,6 +13,7 @@ $sidebar-breakpoint: 1024px;
 $darken-normal-factor: 7%;
 $darken-dark-factor: 10%;
 $darken-border-factor: 5%;
+$darken-border-dashed-factor: 25%;
 
 $white-light: #fff;
 $white-normal: #f0f0f0;
@@ -135,6 +136,7 @@ $border-white-normal: darken($white-normal, $darken-border-factor);
 
 $border-gray-light: darken($gray-light, $darken-border-factor);
 $border-gray-normal: darken($gray-normal, $darken-border-factor);
+$border-gray-normal-dashed: darken($gray-normal, $darken-border-dashed-factor);
 $border-gray-dark: darken($white-normal, $darken-border-factor);
 
 /*

app/assets/stylesheets/new_sidebar.scss

@@ -3,8 +3,6 @@
 @import "bootstrap/variables";
 
 $active-background: rgba(0, 0, 0, .04);
-$active-border: $indigo-500;
-$active-color: $indigo-700;
 $active-hover-background: $active-background;
 $active-hover-color: $gl-text-color;
 $inactive-badge-background: rgba(0, 0, 0, .08);
@@ -107,7 +105,8 @@ $new-sidebar-collapsed-width: 50px;
   }
 
   &.sidebar-icons-only {
-    width: $new-sidebar-collapsed-width;
+    width: auto;
+    min-width: $new-sidebar-collapsed-width;
 
     .nav-sidebar-inner-scroll {
       overflow-x: hidden;
@@ -126,6 +125,10 @@ $new-sidebar-collapsed-width: 50px;
     .fly-out-top-item {
       display: block;
     }
+
+    .avatar-container {
+      margin-right: 0;
+    }
   }
 
   &.nav-sidebar-expanded {
@@ -189,7 +192,7 @@ $new-sidebar-collapsed-width: 50px;
 .nav-sidebar-inner-scroll {
   height: 100%;
   width: 100%;
-  overflow: auto;
+  overflow: scroll;
 }
 
 .with-performance-bar .nav-sidebar {
@@ -217,7 +220,6 @@ $new-sidebar-collapsed-width: 50px;
         &:hover,
         &:focus {
           background: $active-background;
-          color: $active-color;
         }
       }
     }
@@ -251,7 +253,7 @@ $new-sidebar-collapsed-width: 50px;
         @media (min-width: $screen-sm-min) {
           position: fixed;
           top: 0;
-          left: $new-sidebar-width;
+          left: 0;
           min-width: 150px;
           margin-top: -1px;
           padding: 4px 1px;
@@ -317,7 +319,6 @@ $new-sidebar-collapsed-width: 50px;
       }
 
       .badge {
-        color: $active-color;
         font-weight: $gl-font-weight-bold;
       }
 
@@ -390,10 +391,6 @@ $new-sidebar-collapsed-width: 50px;
     }
 
     .sidebar-sub-level-items {
-      @media (min-width: $screen-sm-min) {
-        left: $new-sidebar-collapsed-width;
-      }
-
       &:not(.flyout-list) {
         display: none;
       }
@@ -494,13 +491,3 @@ $new-sidebar-collapsed-width: 50px;
 .with-performance-bar .boards-list {
   height: calc(100vh - #{$new-navbar-height} - #{$performance-bar-height});
 }
-
-
-// Change color of all horizontal tabs to match the new indigo color
-.nav-links li.active a {
-  border-bottom-color: $active-border;
-
-  .badge {
-    font-weight: $gl-font-weight-bold;
-  }
-}

app/assets/stylesheets/pages/builds.scss

@@ -64,10 +64,10 @@
     color: $gl-text-color;
     position: sticky;
     position: -webkit-sticky;
-    top: $header-height;
+    top: $new-navbar-height;
 
     &.affix {
-      top: $header-height;
+      top: $new-navbar-height;
     }
 
     // with sidebar
@@ -174,10 +174,10 @@
 
 .with-performance-bar .build-page {
   .top-bar {
-    top: $header-height + $performance-bar-height;
+    top: $new-navbar-height + $performance-bar-height;
 
     &.affix {
-      top: $header-height + $performance-bar-height;
+      top: $new-navbar-height + $performance-bar-height;
     }
   }
 }

app/assets/stylesheets/pages/diff.scss

@@ -634,8 +634,16 @@
     padding-top: 8px;
     padding-bottom: 8px;
   }
+
+  .diff-changed-file {
+    display: flex;
+    align-items: center;
+  }
 }
 
 .diff-file-changes-path {
-  @include str-truncated(78%);
+  flex: 1;
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
 }

app/assets/stylesheets/pages/issuable.scss

@@ -449,6 +449,12 @@
         }
       }
     }
+
+    .milestone-title span {
+      @include str-truncated(100%);
+      display: block;
+      margin: 0 4px;
+    }
   }
 
   a {

app/assets/stylesheets/pages/login.scss

@@ -95,6 +95,8 @@
   }
 
   .omniauth-container {
+    font-size: 13px;
+
     p {
       margin: 0;
     }

app/assets/stylesheets/pages/pipelines.scss

@@ -236,6 +236,11 @@
 }
 
 .stage-cell {
+  @media (min-width: $screen-md-min) {
+    min-width: 148px;
+    margin-right: -4px;
+  }
+
   .mini-pipeline-graph-dropdown-toggle svg {
     height: $ci-action-icon-size;
     width: $ci-action-icon-size;

app/assets/stylesheets/pages/projects.scss

@@ -760,7 +760,7 @@ a.deploy-project-label {
   }
 
   li.missing {
-    border: 1px dashed $border-gray-normal;
+    border: 1px dashed $border-gray-normal-dashed;
     border-radius: $border-radius-default;
 
     a {

app/assets/stylesheets/pages/repo.scss

@@ -71,6 +71,11 @@
     height: 100%;
 
     .monaco-editor.vs {
+      .current-line {
+        border: none;
+        background: $well-light-border;
+      }
+
       .line-numbers {
         cursor: pointer;
 
@@ -84,6 +89,13 @@
       }
     }
 
+    .blob-no-preview {
+      .vertical-center {
+        justify-content: center;
+        width: 100%;
+      }
+    }
+
     &.edit-mode {
       .blob-viewer-container {
         overflow: hidden;
@@ -103,7 +115,7 @@
       overflow: auto;
 
       > div,
-      .file-content {
+      .file-content:not(.wiki) {
         display: flex;
       }
 

app/controllers/admin/deploy_keys_controller.rb

@@ -10,9 +10,8 @@ class Admin::DeployKeysController < Admin::ApplicationController
   end
 
   def create
-    @deploy_key = deploy_keys.new(create_params.merge(user: current_user))
-
-    if @deploy_key.save
+    @deploy_key = DeployKeys::CreateService.new(current_user, create_params.merge(public: true)).execute
+    if @deploy_key.persisted?
       redirect_to admin_deploy_keys_path
     else
       render 'new'

app/controllers/admin/labels_controller.rb

@@ -29,7 +29,7 @@ class Admin::LabelsController < Admin::ApplicationController
     @label = Labels::UpdateService.new(label_params).execute(@label)
 
     if @label.valid?
-      redirect_to admin_labels_path, notice: 'label was successfully updated.'
+      redirect_to admin_labels_path, notice: 'Label was successfully updated.'
     else
       render :edit
     end

app/controllers/autocomplete_controller.rb

@@ -3,31 +3,10 @@ class AutocompleteController < ApplicationController
 
   skip_before_action :authenticate_user!, only: [:users, :award_emojis]
   before_action :load_project, only: [:users, :project_groups]
-  before_action :find_users, only: [:users]
+  before_action :load_group, only: [:users]
 
   def users
-    @users = @users.non_ldap if params[:skip_ldap] == 'true'
-    @users = @users.active
-    @users = @users.reorder(:name)
-    @users = @users.search(params[:search]) if params[:search].present?
-    @users = @users.where.not(id: params[:skip_users]) if params[:skip_users].present?
-    @users = load_users_by_ability || @users.page(params[:page]).per(params[:per_page])
-
-    if params[:todo_filter].present? && current_user
-      @users = @users.todo_authors(current_user.id, params[:todo_state_filter])
-    end
-
-    if params[:search].blank?
-      # Include current user if available to filter by "Me"
-      if params[:current_user].present? && current_user
-        @users = [current_user, *@users].uniq
-      end
-
-      if params[:author_id].present? && current_user
-        author = User.find_by_id(params[:author_id])
-        @users = [author, *@users].uniq if author
-      end
-    end
+    @users = AutocompleteUsersFinder.new(params: params, current_user: current_user, project: @project, group: @group).execute
 
     render json: @users, only: [:name, :username, :id], methods: [:avatar_url]
   end
@@ -64,38 +43,14 @@ class AutocompleteController < ApplicationController
 
   private
 
-  def load_users_by_ability
-    ability = :push_code_to_protected_branches if params[:push_code_to_protected_branches].present?
-    ability = :push_code if params[:push_code].present?
-
-    return if params[:project_id].blank?
-    return if ability.blank?
-
-    @users.to_a
-      .select { |user| user.can?(ability, @project) }
-      .take(params[:per_page]&.to_i || Kaminari.config.default_per_page)
-  end
-
-  def find_users
-    @users =
-      if @project
-        user_ids = @project.team.users.pluck(:id)
-
-        if params[:author_id].present?
-          user_ids << params[:author_id]
-        end
-
-        User.where(id: user_ids)
-      elsif params[:group_id].present?
+  def load_group
+    @group ||= begin
+      if @project.blank? && params[:group_id].present?
         group = Group.find(params[:group_id])
         return render_404 unless can?(current_user, :read_group, group)
-
-        group.users
-      elsif current_user
-        User.all
-      else
-        User.none
+        group
       end
+    end
   end
 
   def load_project

app/controllers/profiles/gpg_keys_controller.rb

@@ -7,9 +7,9 @@ class Profiles::GpgKeysController < Profiles::ApplicationController
   end
 
   def create
-    @gpg_key = current_user.gpg_keys.new(gpg_key_params)
+    @gpg_key = GpgKeys::CreateService.new(current_user, gpg_key_params).execute
 
-    if @gpg_key.save
+    if @gpg_key.persisted?
       redirect_to profile_gpg_keys_path
     else
       @gpg_keys = current_user.gpg_keys.select(&:persisted?)

app/controllers/profiles/keys_controller.rb

@@ -11,9 +11,9 @@ class Profiles::KeysController < Profiles::ApplicationController
   end
 
   def create
-    @key = current_user.keys.new(key_params)
+    @key = Keys::CreateService.new(current_user, key_params).execute
 
-    if @key.save
+    if @key.persisted?
       redirect_to profile_key_path(@key)
     else
       @keys = current_user.keys.select(&:persisted?)

app/controllers/profiles/personal_access_tokens_controller.rb

@@ -38,7 +38,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
   end
 
   def set_index_vars
-    @scopes = Gitlab::Auth::AVAILABLE_SCOPES
+    @scopes = Gitlab::Auth.available_scopes
 
     @personal_access_token = finder.build
     @inactive_personal_access_tokens = finder(state: 'inactive').execute

app/controllers/projects/compare_controller.rb

@@ -31,7 +31,7 @@ class Projects::CompareController < Projects::ApplicationController
 
   def create
     if params[:from].blank? || params[:to].blank?
-      flash[:alert] = "You must select from and to branches"
+      flash[:alert] = "You must select a Source and a Target revision"
       from_to_vars = {
         from: params[:from].presence,
         to: params[:to].presence

app/controllers/projects/deploy_keys_controller.rb

@@ -22,7 +22,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
   end
 
   def create
-    @key = DeployKey.new(create_params.merge(user: current_user))
+    @key = DeployKeys::CreateService.new(current_user, create_params).execute
 
     unless @key.valid? && @project.deploy_keys << @key
       flash[:alert] = @key.errors.full_messages.join(', ').html_safe

app/controllers/projects/issues_controller.rb

@@ -89,9 +89,9 @@ class Projects::IssuesController < Projects::ApplicationController
       .inc_relations_for_view
       .includes(:noteable)
       .fresh
-      .reject { |n| n.cross_reference_not_visible_for?(current_user) }
 
-    prepare_notes_for_rendering(notes)
+    notes = prepare_notes_for_rendering(notes)
+    notes = notes.reject { |n| n.cross_reference_not_visible_for?(current_user) }
 
     discussions = Discussion.build_collection(notes, @issue)
 

app/finders/autocomplete_users_finder.rb

+class AutocompleteUsersFinder
+  attr_reader :current_user, :project, :group, :search, :skip_users,
+              :page, :per_page, :author_id, :params
+
+  # EE
+  attr_reader :skip_ldap
+
+  def initialize(params:, current_user:, project:, group:)
+    @current_user = current_user
+    @project = project
+    @group = group
+    @search = params[:search]
+    @skip_users = params[:skip_users]
+    @page = params[:page]
+    @per_page = params[:per_page]
+    @author_id = params[:author_id]
+    @params = params
+
+    # EE
+    @skip_ldap = params[:skip_ldap]
+  end
+
+  def execute
+    items = find_users
+
+    # EE
+    items = items.non_ldap if skip_ldap == 'true'
+
+    items = items.active
+    items = items.reorder(:name)
+    items = items.search(search) if search.present?
+    items = items.where.not(id: skip_users) if skip_users.present?
+
+    # EE
+    items = load_users_by_push_ability(items) || items.page(page).per(per_page)
+
+    if params[:todo_filter].present? && current_user
+      items = items.todo_authors(current_user.id, params[:todo_state_filter])
+    end
+
+    if search.blank?
+      # Include current user if available to filter by "Me"
+      if params[:current_user].present? && current_user
+        items = [current_user, *items].uniq
+      end
+
+      if author_id.present? && current_user
+        author = User.find_by_id(author_id)
+        items = [author, *items].uniq if author
+      end
+    end
+
+    items
+  end
+
+  private
+
+  def find_users
+    return users_from_project if project
+    return group.users if group
+    return User.all if current_user
+
+    User.none
+  end
+
+  def users_from_project
+    user_ids = project.team.users.pluck(:id)
+    user_ids << author_id if author_id.present?
+
+    User.where(id: user_ids)
+  end
+
+  # EE
+  def load_users_by_push_ability(items)
+    return unless project
+
+    ability = push_ability
+    return if ability.blank?
+
+    items.to_a
+      .select { |user| user.can?(ability, project) }
+      .take(per_page&.to_i || Kaminari.config.default_per_page)
+  end
+
+  def push_ability
+    if params[:push_code_to_protected_branches].present?
+      :push_code_to_protected_branches
+    elsif params[:push_code].present?
+      :push_code
+    end
+  end
+  # EE
+end

app/helpers/boards_helper.rb

@@ -79,4 +79,8 @@ module BoardsHelper
       'max-select': dropdown_options[:data][:'max-select']
     }
   end
+
+  def boards_link_text
+    _("Board")
+  end
 end

app/helpers/groups_helper.rb

@@ -21,7 +21,7 @@ module GroupsHelper
 
     group.ancestors.reverse.each_with_index do |parent, index|
       if index > 0
-        add_to_breadcrumb_dropdown(group_title_link(parent, hidable: false, show_avatar: true), location: :before)
+        add_to_breadcrumb_dropdown(group_title_link(parent, hidable: false, show_avatar: true, for_dropdown: true), location: :before)
       else
         full_title += breadcrumb_list_item group_title_link(parent, hidable: false)
       end
@@ -91,8 +91,8 @@ module GroupsHelper
 
   private
 
-  def group_title_link(group, hidable: false, show_avatar: false)
-    link_to(group_path(group), class: "group-path breadcrumb-item-text js-breadcrumb-item-text #{'hidable' if hidable}") do
+  def group_title_link(group, hidable: false, show_avatar: false, for_dropdown: false)
+    link_to(group_path(group), class: "group-path #{'breadcrumb-item-text' unless for_dropdown} js-breadcrumb-item-text #{'hidable' if hidable}") do
       output =
         if (group.try(:avatar_url) || show_avatar) && !Rails.env.test?
           image_tag(group_icon(group), class: "avatar-tile", width: 15, height: 15)

app/models/deploy_key.rb

@@ -28,10 +28,4 @@ class DeployKey < Key
   def can_push_to?(project)
     can_push? && has_access_to?(project)
   end
-
-  private
-
-  # we don't want to notify the user for deploy keys
-  def notify_user
-  end
 end

app/models/environment.rb

@@ -6,7 +6,10 @@ class Environment < ActiveRecord::Base
 
   belongs_to :project, required: true, validate: true
 
-  has_many :deployments, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
+  has_many :deployments,
+    -> (env) { where(project_id: env.project_id) },
+    dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
+
   has_one :last_deployment, -> { order('deployments.id DESC') }, class_name: 'Deployment'
 
   before_validation :nullify_external_url

app/models/gpg_key.rb

@@ -36,7 +36,6 @@ class GpgKey < ActiveRecord::Base
 
   before_validation :extract_fingerprint, :extract_primary_keyid
   after_commit :update_invalid_gpg_signatures, on: :create
-  after_commit :notify_user, on: :create
 
   def primary_keyid
     super&.upcase
@@ -107,8 +106,4 @@ class GpgKey < ActiveRecord::Base
     # only allows one key
     self.primary_keyid = Gitlab::Gpg.primary_keyids_from_key(key).first
   end
-
-  def notify_user
-    NotificationService.new.new_gpg_key(self)
-  end
 end

app/models/key.rb

@@ -31,7 +31,6 @@ class Key < ActiveRecord::Base
   delegate :name, :email, to: :user, prefix: true
 
   after_commit :add_to_shell, on: :create
-  after_commit :notify_user, on: :create
   after_create :post_create_hook
   after_commit :remove_from_shell, on: :destroy
   after_destroy :post_destroy_hook
@@ -121,8 +120,4 @@ class Key < ActiveRecord::Base
 
     "type is forbidden. Must be #{allowed_types}"
   end
-
-  def notify_user
-    NotificationService.new.new_key(self)
-  end
 end

app/models/namespace.rb

@@ -244,6 +244,13 @@ class Namespace < ActiveRecord::Base
   end
 
   def force_share_with_group_lock_on_descendants
-    descendants.update_all(share_with_group_lock: true)
+    return unless Group.supports_nested_groups?
+
+    # We can't use `descendants.update_all` since Rails will throw away the WITH
+    # RECURSIVE statement. We also can't use WHERE EXISTS since we can't use
+    # different table aliases, hence we're just using WHERE IN. Since we have a
+    # maximum of 20 nested groups this should be fine.
+    Namespace.where(id: descendants.select(:id))
+      .update_all(share_with_group_lock: true)
   end
 end

app/models/personal_access_token.rb

@@ -28,7 +28,7 @@ class PersonalAccessToken < ActiveRecord::Base
   protected
 
   def validate_scopes
-    unless revoked || scopes.all? { |scope| Gitlab::Auth::AVAILABLE_SCOPES.include?(scope.to_sym) }
+    unless revoked || scopes.all? { |scope| Gitlab::Auth.available_scopes.include?(scope.to_sym) }
       errors.add :scopes, "can only contain available scopes"
     end
   end

app/models/project.rb

@@ -165,7 +165,7 @@ class Project < ActiveRecord::Base
   has_many :notification_settings, as: :source, dependent: :delete_all # rubocop:disable Cop/ActiveRecordDependent
 
   has_one :import_data, class_name: 'ProjectImportData', inverse_of: :project, autosave: true
-  has_one :project_feature
+  has_one :project_feature, inverse_of: :project
   has_one :statistics, class_name: 'ProjectStatistics'
 
   # Container repositories need to remove data from the container registry,
@@ -194,7 +194,7 @@ class Project < ActiveRecord::Base
   has_one :auto_devops, class_name: 'ProjectAutoDevops'
 
   accepts_nested_attributes_for :variables, allow_destroy: true
-  accepts_nested_attributes_for :project_feature
+  accepts_nested_attributes_for :project_feature, update_only: true
   accepts_nested_attributes_for :import_data
   accepts_nested_attributes_for :auto_devops
 

app/models/project_feature.rb

@@ -41,6 +41,8 @@ class ProjectFeature < ActiveRecord::Base
   # http://stackoverflow.com/questions/1540645/how-to-disable-default-scope-for-a-belongs-to
   belongs_to :project, -> { unscope(where: :pending_delete) }
 
+  validates :project, presence: true
+
   validate :repository_children_level
 
   default_value_for :builds_access_level,         value: ENABLED, allows_nil: false

app/models/project_services/pipelines_email_service.rb

@@ -80,6 +80,6 @@ class PipelinesEmailService < Service
   end
 
   def retrieve_recipients(data)
-    recipients.to_s.split(',').reject(&:blank?)
+    recipients.to_s.split(/[,(?:\r?\n) ]+/).reject(&:empty?)
   end
 end

app/models/project_team.rb

@@ -148,7 +148,7 @@ class ProjectTeam
   def member?(user, min_access_level = Gitlab::Access::GUEST)
     return false unless user
 
-    user.authorized_project?(project, min_access_level)
+    max_member_access(user.id) >= min_access_level
   end
 
   def human_max_access(user_id)

app/models/repository.rb

@@ -97,6 +97,12 @@ class Repository
     )
   end
 
+  # we need to have this method here because it is not cached in ::Git and
+  # the method is called multiple times for every request
+  def has_visible_content?
+    branch_count > 0
+  end
+
   def inspect
     "#<#{self.class.name}:#{@disk_path}>"
   end

app/services/deploy_keys/create_service.rb

+module DeployKeys
+  class CreateService < Keys::BaseService
+    def execute
+      DeployKey.create(params.merge(user: user))
+    end
+  end
+end

app/services/gpg_keys/create_service.rb

+module GpgKeys
+  class CreateService < Keys::BaseService
+    def execute
+      key = user.gpg_keys.create(params)
+      notification_service.new_gpg_key(key) if key.persisted?
+      key
+    end
+  end
+end

app/services/keys/base_service.rb

+module Keys
+  class BaseService
+    attr_accessor :user, :params
+
+    def initialize(user, params)
+      @user, @params = user, params
+    end
+
+    def notification_service
+      NotificationService.new
+    end
+  end
+end

app/services/keys/create_service.rb

+module Keys
+  class CreateService < ::Keys::BaseService
+    def execute
+      key = user.keys.create(params)
+      notification_service.new_key(key) if key.persisted?
+      key
+    end
+  end
+end

app/services/projects/update_service.rb

@@ -34,7 +34,10 @@ module Projects
 
         success
       else
-        error('Project could not be updated!')
+        model_errors = project.errors.full_messages.to_sentence
+        error_message = model_errors.presence || 'Project could not be updated!'
+
+        error(error_message)
       end
     end
 

app/views/devise/shared/_omniauth_box.html.haml

@@ -7,6 +7,8 @@
       %span.light
         - has_icon = provider_has_icon?(provider)
         = link_to provider_image_tag(provider), omniauth_authorize_path(:user, provider), method: :post, class: 'oauth-login' + (has_icon ? ' oauth-image-link' : ' btn'), id: "oauth-login-#{provider}"
-    %fieldset.prepend-top-10
-      = check_box_tag :remember_me
-      = label_tag :remember_me, 'Remember me'
+    %fieldset.prepend-top-10.checkbox.remember-me
+      %label
+        = check_box_tag :remember_me, nil, false, class: 'remember-me-checkbox'
+        %span
+          Remember me

app/views/layouts/nav/sidebar/_group.html.haml

@@ -100,7 +100,7 @@
             Members
         %ul.sidebar-sub-level-items.is-fly-out-only
           = nav_link(path: 'group_members#index', html_options: { class: "fly-out-top-item" } ) do
-            = link_to merge_requests_group_path(@group) do
+            = link_to group_group_members_path(@group) do
               %strong.fly-out-top-item-name
                 #{ _('Members') }
       - if current_user && can?(current_user, :admin_group, @group)

app/views/profiles/preferences/show.html.haml

@@ -17,7 +17,7 @@
           .preview-row
             .quadrant.three
             .quadrant.four
-        = f.radio_button :theme_id, theme.id
+        = f.radio_button :theme_id, theme.id, checked: Gitlab::Themes.for_user(@user).id == theme.id
         = theme.name
 
   .col-sm-12

app/views/projects/blob/viewers/_download.html.haml

 .file-content.blob_file.blob-no-preview
-  .center
+  .center.render-error.vertical-center
     = link_to blob_raw_path do
       %h1.light
         = icon('download')

app/views/projects/branches/_branch.html.haml

@@ -49,7 +49,8 @@
               data: { toggle: "modal",
                 target: "#modal-delete-branch",
                 delete_path: project_branch_path(@project, branch.name),
-                branch_name: branch.name } }
+                branch_name: branch.name,
+                is_merged: ("true" if @repository.merged_to_root_ref?(branch.name)) } }
               = icon("trash-o")
           - else
             %button{ class: "btn btn-remove remove-row js-ajax-loading-spinner has-tooltip disabled",

app/views/projects/branches/_delete_protected_modal.html.haml

@@ -6,13 +6,18 @@
         %h3.page-title
           Delete protected branch
           = surround "'", "'?" do
-            %span.js-branch-name>[branch name]
+            %span.js-branch-name.ref-name>[branch name]
 
       .modal-body
         %p
           You’re about to permanently delete the protected branch
           = succeed '.' do
-            %strong.js-branch-name [branch name]
+            %strong.js-branch-name.ref-name [branch name]
+        %p.js-not-merged
+          - default_branch = capture do
+            %span.ref-name= @repository.root_ref
+          = s_("Branches|This branch hasn’t been merged into %{default_branch}.").html_safe % { default_branch: default_branch }
+          = s_("Branches|To avoid data loss, consider merging this branch before deleting it.")
         %p
           Once you confirm and press
           = succeed ',' do

app/views/projects/compare/_form.html.haml

@@ -2,22 +2,22 @@
   .clearfix
     - if params[:to] && params[:from]
       .compare-switch-container
-        = link_to icon('exchange'), {from: params[:to], to: params[:from]}, {class: 'commits-compare-switch has-tooltip btn btn-white', title: 'Switch base of comparison'}
-    .form-group.dropdown.compare-form-group.from.js-compare-from-dropdown
-      .input-group.inline-input-group
-        %span.input-group-addon from
-        = hidden_field_tag :from, params[:from]
-        = button_tag type: 'button', title: params[:from], class: "form-control compare-dropdown-toggle js-compare-dropdown has-tooltip git-revision-dropdown-toggle", required: true, data: { refs_url: refs_project_path(@project), toggle: "dropdown", target: ".js-compare-from-dropdown", selected: params[:from], field_name: :from } do
-          .dropdown-toggle-text.str-truncated= params[:from] || 'Select branch/tag'
-      = render 'shared/ref_dropdown'
-    .compare-ellipsis.inline ...
+        = link_to icon('exchange'), { from: params[:to], to: params[:from] }, class: 'commits-compare-switch has-tooltip btn btn-white', title: 'Swap revisions'
     .form-group.dropdown.compare-form-group.to.js-compare-to-dropdown
       .input-group.inline-input-group
-        %span.input-group-addon to
+        %span.input-group-addon Source
         = hidden_field_tag :to, params[:to]
         = button_tag type: 'button', title: params[:to], class: "form-control compare-dropdown-toggle js-compare-dropdown has-tooltip git-revision-dropdown-toggle", required: true, data: { refs_url: refs_project_path(@project), toggle: "dropdown", target: ".js-compare-to-dropdown", selected: params[:to], field_name: :to } do
           .dropdown-toggle-text.str-truncated= params[:to] || 'Select branch/tag'
       = render 'shared/ref_dropdown'
+    .compare-ellipsis.inline ...
+    .form-group.dropdown.compare-form-group.from.js-compare-from-dropdown
+      .input-group.inline-input-group
+        %span.input-group-addon Target
+        = hidden_field_tag :from, params[:from]
+        = button_tag type: 'button', title: params[:from], class: "form-control compare-dropdown-toggle js-compare-dropdown has-tooltip git-revision-dropdown-toggle", required: true, data: { refs_url: refs_project_path(@project), toggle: "dropdown", target: ".js-compare-from-dropdown", selected: params[:from], field_name: :from } do
+          .dropdown-toggle-text.str-truncated= params[:from] || 'Select branch/tag'
+      = render 'shared/ref_dropdown'
      
     = button_tag "Compare", class: "btn btn-create commits-compare-btn"
     - if @merge_request.present?

app/views/projects/compare/index.html.haml

@@ -7,13 +7,19 @@
   .sub-header-block
     Compare Git revisions.
     %br
-    Fill input field with commit SHA like
-    %code.ref-name 4eedf23
-    or branch/tag name like
-    %code.ref-name master
-    and press compare button for the commits list and a code diff.
+    Choose a branch/tag (e.g.
+    = succeed ')' do
+      %code.ref-name master
+    or enter a commit SHA (e.g.
+    = succeed ')' do
+      %code.ref-name 4eedf23
+    to see what's changed or to create a merge request.
     %br
-    Changes are shown <b>from</b> the version in the first field <b>to</b> the version in the second field.
+    Changes are shown as if the
+    %b source
+    revision was being merged into the
+    %b target
+    revision.
 
   .prepend-top-20
     = render "form"

app/views/projects/diffs/_stats.html.haml

@@ -21,9 +21,9 @@
       %ul
         - diff_files.each do |diff_file|
           %li
-            %a{ href: "##{hexdigest(diff_file.file_path)}", title: diff_file.new_path }
+            %a.diff-changed-file{ href: "##{hexdigest(diff_file.file_path)}", title: diff_file.new_path }
               = icon("#{diff_file_changed_icon(diff_file)} fw", class: "#{diff_file_changed_icon_color(diff_file)} append-right-5")
-              %span.diff-file-changes-path= diff_file.new_path
+              %span.diff-file-changes-path.append-right-5= diff_file.new_path
               .pull-right
                 %span.cgreen<
                   +#{diff_file.added_lines}

app/views/projects/new.html.haml

@@ -16,7 +16,9 @@
         New project
       - if import_sources_enabled?
         %p
-          Create or Import your project from popular Git services
+          A project is where you house your files (repository), plan your work (issues), and publish your documentation (wiki), #{link_to 'among other things', help_page_path("user/project/index.md", anchor: "projects-features"), target: '_blank'}.
+        %p
+          All features are enabled when you create a project, but you can disable the ones you don’t need in the project settings.
     .col-lg-9.js-toggle-container
       = form_for @project, html: { class: 'new_project' } do |f|
         .create-project-options

app/views/projects/runners/_form.html.haml

@@ -11,7 +11,7 @@
     .col-sm-10
       .checkbox
         = f.check_box :access_level, {}, 'ref_protected', 'not_protected'
-        %span.light This runner will only run on pipelines trigged on protected branches
+        %span.light This runner will only run on pipelines triggered on protected branches
   .form-group
     = label :run_untagged, 'Run untagged jobs', class: 'control-label'
     .col-sm-10

app/views/shared/issuable/_filter.html.haml

@@ -12,13 +12,13 @@
           - if params[:author_id].present?
             = hidden_field_tag(:author_id, params[:author_id])
           = dropdown_tag(user_dropdown_label(params[:author_id], "Author"), options: { toggle_class: "js-user-search js-filter-submit js-author-search", title: "Filter by author", filter: true, dropdown_class: "dropdown-menu-user dropdown-menu-selectable dropdown-menu-author js-filter-submit",
-            placeholder: "Search authors", data: { any_user: "Any Author", first_user: current_user.try(:username), current_user: true, project_id: @project.try(:id), selected: params[:author_id], field_name: "author_id", default_label: "Author" } })
+            placeholder: "Search authors", data: { any_user: "Any Author", first_user: current_user&.username, current_user: true, project_id: @project&.id, group_id: @group&.id, selected: params[:author_id], field_name: "author_id", default_label: "Author" } })
 
         .filter-item.inline
           - if params[:assignee_id].present?
             = hidden_field_tag(:assignee_id, params[:assignee_id])
           = dropdown_tag(user_dropdown_label(params[:assignee_id], "Assignee"), options: { toggle_class: "js-user-search js-filter-submit js-assignee-search", title: "Filter by assignee", filter: true, dropdown_class: "dropdown-menu-user dropdown-menu-selectable dropdown-menu-assignee js-filter-submit",
-            placeholder: "Search assignee", data: { any_user: "Any Assignee", first_user: current_user.try(:username), null_user: true, current_user: true, project_id: @project.try(:id), group_id: @group&.id, selected: params[:assignee_id], field_name: "assignee_id", default_label: "Assignee" } })
+            placeholder: "Search assignee", data: { any_user: "Any Assignee", first_user: current_user&.username, null_user: true, current_user: true, project_id: @project&.id, group_id: @group&.id, selected: params[:assignee_id], field_name: "assignee_id", default_label: "Assignee" } })
 
         .filter-item.inline.milestone-filter
           = render "shared/issuable/milestone_dropdown", selected: finder.milestones.try(:first), name: :milestone_title, show_any: true, show_upcoming: true, board: board, show_started: true

app/views/shared/issuable/_sidebar.html.haml

@@ -24,9 +24,9 @@
       .block.milestone
         .sidebar-collapsed-icon
           = icon('clock-o', 'aria-hidden': 'true')
-          %span
+          %span.milestone-title
             - if issuable.milestone
-              %span.has-tooltip{ title: milestone_remaining_days(issuable.milestone), data: { container: 'body', html: 1, placement: 'left' } }
+              %span.has-tooltip{ title: "#{issuable.milestone.title}<br>#{milestone_remaining_days(issuable.milestone)}", data: { container: 'body', html: 1, placement: 'left' } }
                 = issuable.milestone.title
             - else
               None

app/views/shared/milestones/_issuable.html.haml

@@ -26,6 +26,6 @@
 
     %span.assignee-icon
       - assignees.each do |assignee|
-        = link_to polymorphic_path(base_url_args, { milestone_title: @milestone.title, assignee_id: assignee.id, state: 'all' }),
+        = link_to polymorphic_path(issuable_type_args, { milestone_title: @milestone.title, assignee_id: assignee.id, state: 'all' }),
                   class: 'has-tooltip', title: "Assigned to #{assignee.name}", data: { container: 'body' } do
           - image_tag(avatar_icon(assignee, 16), class: "avatar s16", alt: '')

changelogs/unreleased/20824-scope-users-to-members-in-group-issuable-list.yml

+---
+title: Return only group's members in user dropdowns on issuables list pages
+merge_request: 14249
+author:
+type: changed

changelogs/unreleased/21331-improve-confusing-compare-page.yml

+---
+title: Make the labels in the Compare form less confusing
+merge_request: 14225
+author:
+type: changed

changelogs/unreleased/24121_extract_yet_another_users_finder.yml

+---
+title: Extract AutocompleteController#users into finder
+merge_request: 13778
+author: Maxim Rydkin, Mayra Cabrera
+type: other

changelogs/unreleased/35917_create_services_for_keys.yml

+---
+title: creation of keys moved to services
+merge_request: 13331
+author: haseebeqx

changelogs/unreleased/35978-milestone-title.yml

+---
+title: Truncate milestone title if sidebar is collapsed
+merge_request:
+author:
+type: fixed

changelogs/unreleased/37576-renamed-files-have-escaped-html-for-the-inline-diff-in-the-header.yml

+---
+title: Fix the diff file header from being html escaped for renamed files.
+merge_request: 14121
+author:
+type: fixed

changelogs/unreleased/37590-pipelines-mr.yml

+---
+title: Fix mini graph pipeline breakin in merge request view
+merge_request:
+author:
+type: fixed

changelogs/unreleased/37759-also-treat-newlines-as-separator.yml

+---
+title: Allow using newlines in pipeline email service recipients
+merge_request: 14250
+author:
+type: fixed

changelogs/unreleased/change-dashed-border-button-color.yml

+---
+title: changed dashed border button color to be darker
+merge_request: !14041
+author:
+type: other

changelogs/unreleased/ci-environment-status-performance.yml

+---
+title: Constrain environment deployments to project IDs
+merge_request:
+author:
+type: other

changelogs/unreleased/disallow-null-values-for-environments-project-id.yml

+---
+title: "Disallow NULL values for environments.project_id"
+merge_request:
+author:
+type: other

changelogs/unreleased/docs-17499-documentation-errors-about-creating-a-new-tag.yml

+---
+title: Fix docs for lightweight tag creation via API
+merge_request:
+author:
+type: other

changelogs/unreleased/fix-sidebar-with-scrollbars.yml

+---
+title: Fixed the sidebar scrollbar overlapping links
+merge_request:
+author:
+type: fixed

changelogs/unreleased/issue_37640.yml

+---
+title: Fix project feature being deleted when updating project with invalid visibility
+  level
+merge_request:
+author:
+type: fixed

changelogs/unreleased/milestone-avatar-issuable-link.yml

+---
+title: Fixed milestone issuable assignee link URL
+merge_request:
+author:
+type: fixed

changelogs/unreleased/refactor-animate-js.yml

+---
+title: Remove animate.js and label animation.
+merge_request:
+author:
+type: removed

changelogs/unreleased/replace_project_archived-feature.yml

+---
+title: Replace the 'project/archived.feature' spinach test with an rspec analog
+merge_request: 14322
+author: Vitaliy @blackst0ne Klachkov
+type: other

changelogs/unreleased/replace_project_commits_revert-feature.yml

+---
+title: Replace the 'project/commits/revert.feature' spinach test with an rspec analog
+merge_request: 14325
+author: Vitaliy @blackst0ne Klachkov
+type: other

changelogs/unreleased/replace_project_snippets-feature.yml

+---
+title: Replace the 'project/snippets.feature' spinach test with an rspec analog
+merge_request: 14326
+author: Vitaliy @blackst0ne Klachkov
+type: other

changelogs/unreleased/replace_search-feature.yml

+---
+title: Replace the 'search.feature' spinach test with an rspec analog
+merge_request: 14248
+author: Vitaliy @blackst0ne Klachkov
+type: other

changelogs/unreleased/sh-optimize-discussion-json.yml

+---
+title: Eliminate N+1 queries in loading discussions.json endpoint
+merge_request:
+author:
+type: fixed

changelogs/unreleased/uipolish-fix-remember-me-checkbox.yml

+---
+title: Made the "remember me" check boxes have consistent styles and alignment
+merge_request:
+author: Jedidiah Broadbent
+type: fixed

changelogs/unreleased/winh-protected-branch-modal-merged.yml

+---
+title: Display whether branch has been merged when deleting protected branch
+merge_request: 14220
+author:
+type: changed

config/dependency_decisions.yml

@@ -416,3 +416,39 @@
     :why: https://gitlab.com/gitlab-com/organization/issues/117
     :versions: []
     :when: 2017-09-04 12:59:51.150798717 Z
+- - :approve
+  - console-browserify
+  - :who: Mike Greiling
+    :why: https://github.com/Raynos/console-browserify/blob/f0a8898487e2a47b8a5dc8734b91059fa2825506/LICENCE
+    :versions: []
+    :when: 2017-09-16 05:13:07.073651000 Z
+- - :approve
+  - duplexer
+  - :who: Mike Greiling
+    :why: https://github.com/Raynos/duplexer/blob/master/LICENCE
+    :versions: []
+    :when: 2017-09-16 05:14:15.774643000 Z
+- - :approve
+  - json3
+  - :who: Mike Greiling
+    :why: https://github.com/bestiejs/json3/blob/v3.3.2/LICENSE
+    :versions: []
+    :when: 2017-09-16 05:15:16.273892000 Z
+- - :approve
+  - mime
+  - :who: Mike Greiling
+    :why: https://github.com/broofa/node-mime/blob/v1.3.4/LICENSE
+    :versions: []
+    :when: 2017-09-16 05:16:21.135542000 Z
+- - :approve
+  - querystring-es3
+  - :who: Mike Greiling
+    :why: https://github.com/mike-spainhower/querystring/blob/v0.2.0/License.md
+    :versions: []
+    :when: 2017-09-16 05:17:20.372089000 Z
+- - :approve
+  - utils-merge
+  - :who: Mike Greiling
+    :why: https://github.com/jaredhanson/utils-merge/blob/v1.0.0/LICENSE
+    :versions: []
+    :when: 2017-09-16 05:18:26.193764000 Z

config/initializers/doorkeeper.rb

@@ -58,7 +58,7 @@ Doorkeeper.configure do
   # For more information go to
   # https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
   default_scopes(*Gitlab::Auth::DEFAULT_SCOPES)
-  optional_scopes(*Gitlab::Auth::OPTIONAL_SCOPES)
+  optional_scopes(*Gitlab::Auth.optional_scopes)
 
   # Change the way client credentials are retrieved from the request object.
   # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then

config/initializers/static_files.rb

@@ -30,7 +30,7 @@ if app.config.serve_static_files
       settings.merge!(
         host: Gitlab.config.gitlab.host,
         port: Gitlab.config.gitlab.port,
-        https: Gitlab.config.gitlab.https
+        https: false
       )
       app.config.middleware.insert_before(
         Gitlab::Middleware::Static,

db/migrate/20170828135939_migrate_user_external_mail_data.rb

+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class MigrateUserExternalMailData < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  class User < ActiveRecord::Base
+    self.table_name = 'users'
+
+    include EachBatch
+  end
+
+  class UserSyncedAttributesMetadata < ActiveRecord::Base
+    self.table_name = 'user_synced_attributes_metadata'
+
+    include EachBatch
+  end
+
+  def up
+    User.each_batch do |batch|
+      start_id, end_id = batch.pluck('MIN(id), MAX(id)').first
+
+      execute <<-EOF
+        INSERT INTO user_synced_attributes_metadata (user_id, provider, email_synced)
+        SELECT id, email_provider, external_email
+        FROM users
+        WHERE external_email = TRUE
+        AND NOT EXISTS (
+          SELECT true
+          FROM user_synced_attributes_metadata
+          WHERE user_id = users.id
+          AND provider = users.email_provider
+        )
+        AND id BETWEEN #{start_id} AND #{end_id}
+      EOF
+    end
+  end
+
+  def down
+    UserSyncedAttributesMetadata.each_batch do |batch|
+      start_id, end_id = batch.pluck('MIN(id), MAX(id)').first
+
+      execute <<-EOF
+        UPDATE users
+        SET users.email_provider = metadata.provider, users.external_email = metadata.email_synced
+        FROM user_synced_attributes_metadata as metadata, users
+        WHERE metadata.email_synced = TRUE
+        AND metadata.user_id = users.id
+        AND id BETWEEN #{start_id} AND #{end_id}
+      EOF
+    end
+  end
+end

db/migrate/20170913131410_environments_project_id_not_null.rb

+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class EnvironmentsProjectIdNotNull < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def up
+    change_column_null :environments, :project_id, false
+  end
+
+  def down
+    change_column_null :environments, :project_id, true
+  end
+end

db/migrate/20170914135630_add_index_for_recent_push_events.rb

+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddIndexForRecentPushEvents < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_index_if_not_present(
+      :merge_requests,
+      [:source_project_id, :source_branch]
+    )
+
+    remove_concurrent_index_if_present(:merge_requests, :source_project_id)
+  end
+
+  def down
+    add_concurrent_index_if_not_present(:merge_requests, :source_project_id)
+
+    remove_concurrent_index_if_present(
+      :merge_requests,
+      [:source_project_id, :source_branch]
+    )
+  end
+
+  def add_concurrent_index_if_not_present(table, columns)
+    return if index_exists?(table, columns)
+
+    add_concurrent_index(table, columns)
+  end
+
+  def remove_concurrent_index_if_present(table, columns)
+    return unless index_exists?(table, columns)
+
+    remove_concurrent_index(table, columns)
+  end
+end

db/post_migrate/20170907170235_delete_conflicting_redirect_routes.rb

+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class DeleteConflictingRedirectRoutes < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+  MIGRATION = 'DeleteConflictingRedirectRoutesRange'.freeze
+  BATCH_SIZE = 200 # At 200, I expect under 20s per batch, which is under our query timeout of 60s.
+  DELAY_INTERVAL = 12.seconds
+
+  disable_ddl_transaction!
+
+  class Route < ActiveRecord::Base
+    include EachBatch
+
+    self.table_name = 'routes'
+  end
+
+  def up
+    say opening_message
+
+    queue_background_migration_jobs_by_range_at_intervals(Route, MIGRATION, DELAY_INTERVAL, batch_size: BATCH_SIZE)
+  end
+
+  def down
+    # nothing
+  end
+
+  def opening_message
+    <<~MSG
+      Clean up redirect routes that conflict with regular routes.
+         See initial bug fix:
+         https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13357
+    MSG
+  end
+end

db/post_migrate/20170913180600_fix_projects_without_project_feature.rb

+class FixProjectsWithoutProjectFeature < ActiveRecord::Migration
+  DOWNTIME = false
+
+  def up
+    # Deletes corrupted project features
+    sql = "DELETE FROM project_features WHERE project_id IS NULL"
+    execute(sql)
+
+    # Creates missing project features with private visibility
+    sql =
+      %Q{
+        INSERT INTO project_features(project_id, repository_access_level, issues_access_level, merge_requests_access_level, wiki_access_level,
+        builds_access_level, snippets_access_level, created_at, updated_at)
+          SELECT projects.id as project_id,
+          10 as repository_access_level,
+          10 as issues_access_level,
+          10 as merge_requests_access_level,
+          10 as wiki_access_level,
+          10 as builds_access_level ,
+          10 as snippets_access_level,
+          projects.created_at,
+          projects.updated_at
+          FROM projects
+          LEFT OUTER JOIN project_features ON project_features.project_id = projects.id
+          WHERE (project_features.id IS NULL)
+      }
+
+    execute(sql)
+  end
+
+  def down
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20170910051507) do
+ActiveRecord::Schema.define(version: 20170914135630) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -595,7 +595,7 @@ ActiveRecord::Schema.define(version: 20170910051507) do
   add_index "emails", ["user_id"], name: "index_emails_on_user_id", using: :btree
 
   create_table "environments", force: :cascade do |t|
-    t.integer "project_id"
+    t.integer "project_id", null: false
     t.string "name", null: false
     t.datetime "created_at"
     t.datetime "updated_at"
@@ -1119,7 +1119,7 @@ ActiveRecord::Schema.define(version: 20170910051507) do
   add_index "merge_requests", ["head_pipeline_id"], name: "index_merge_requests_on_head_pipeline_id", using: :btree
   add_index "merge_requests", ["milestone_id"], name: "index_merge_requests_on_milestone_id", using: :btree
   add_index "merge_requests", ["source_branch"], name: "index_merge_requests_on_source_branch", using: :btree
-  add_index "merge_requests", ["source_project_id"], name: "index_merge_requests_on_source_project_id", using: :btree
+  add_index "merge_requests", ["source_project_id", "source_branch"], name: "index_merge_requests_on_source_project_id_and_source_branch", using: :btree
   add_index "merge_requests", ["target_branch"], name: "index_merge_requests_on_target_branch", using: :btree
   add_index "merge_requests", ["target_project_id", "iid"], name: "index_merge_requests_on_target_project_id_and_iid", unique: true, using: :btree
   add_index "merge_requests", ["title"], name: "index_merge_requests_on_title", using: :btree

doc/administration/gitaly/index.md

@@ -145,8 +145,8 @@ Omnibus installations:
 ```ruby
 # /etc/gitlab/gitlab.rb
 git_data_dirs({
-  { 'default' => { 'path' => '/mnt/gitlab/default', 'gitaly_address' => 'tcp://gitlab.internal:9999' } },
-  { 'storage1' => { 'path' => '/mnt/gitlab/storage1', 'gitaly_address' => 'tcp://gitlab.internal:9999' } },
+  'default' => { 'path' => '/mnt/gitlab/default', 'gitaly_address' => 'tcp://gitlab.internal:9999' },
+  'storage1' => { 'path' => '/mnt/gitlab/storage1', 'gitaly_address' => 'tcp://gitlab.internal:9999' },
 })
 
 gitlab_rails['gitaly_token'] = 'abc123secret'

doc/api/tags.md

@@ -131,7 +131,7 @@ Parameters:
   "message": null
 }
 ```
-The message will be `nil` when creating a lightweight tag otherwise
+The message will be `null` when creating a lightweight tag otherwise
 it will contain the annotation.
 
 In case of an error,

doc/api/wikis.md

@@ -155,3 +155,5 @@ curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gi
 ```
 
 On success the HTTP status code is `204` and no JSON response is expected. 
+
+[ce-13372]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13372