# Conflicts:
#   app/assets/stylesheets/pages/pipelines.scss

Filter `incoming_email_token` and `runners_token` parameters

Closes https://dev.gitlab.org/gitlab/gitlabhq/issues/2676

See merge request !2045

Issue#visible_to_user moved to IssuesFinder

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/24637.

See merge request !2039

Fix missing Note access checks in by moving Note#search to updated NoteFinder

Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867

## Which fixes are in this MR?

⚠ - Potentially untested  
💣 - No test coverage  
🚥 - Test coverage of some sort exists (a test failed when error raised)  
🚦 - Test coverage of return value (a test failed when nil used)  
✅ - Permissions check tested

### Note lookup without access check

- [x] ✅ app/finders/notes_finder.rb:13 :download_code check
- [x] ✅ app/finders/notes_finder.rb:19 `SnippetsFinder`
- [x] ✅ app/models/note.rb:121 [`Issue#visible_to_user`]
- [x] ✅ lib/gitlab/project_search_results.rb:113
  - This is the only use of `app/models/note.rb:121` above, but importantly has no access checks at all. This means it leaks MR comments and snippets when those features are `team-only` in addition to the issue comments which would be fixed by `app/models/note.rb:121`.
  - It is only called from SearchController where `can?(current_user, :download_code, @project)` is checked, so commit comments are not leaked.

### Previous discussions
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_13_13 `: download_code` check on commit
- [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_19_19 `SnippetsFinder` should be used
  - `SnippetsFinder` should check if the snippets feature is enabled -> https://gitlab.com/gitlab-org/gitlab-ce/issues/25223

###  Acceptance criteria met?
- [x] Tests added for new code
- [x] TODO comments removed
- [x] Squashed and removed skipped tests
- [x] Changelog entry
- [ ] State Gitlab versions affected and issue severity in description
- [ ] Create technical debt issue for NotesFinder.
  - Either split into `NotesFinder::ForTarget` and `NotesFinder::Search` or consider object per notable type such as `NotesFinder::OnIssue`. For the first option could create `NotesFinder::Base` which is either inherited from or which can be included in the other two.
  - Avoid case statement anti-pattern in this finder with use of `NotesFinder::OnCommit` etc. Consider something on the finder for this? `Model.finder(user, project)`
  - Move `inc_author` to the controller, and implement `related_notes` to replace `non_diff_notes`/`mr_and_commit_notes`

See merge request !2035

Document `repocheck.log` in logs docs

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/25622

See merge request !8105

[ci skip]

[ci skip]

Render math in Asciidoc and Markdown with KaTeX using code blocks

Closes #13690 and #13180

See merge request !8003

Remove duplicated parameter description

## What does this MR do?

Remove a duplicated parameter entry in the projects API

See merge request !8099

Replace Rack::Multipart with gitlab-workhorse based system

See merge request !5867

Allow users to seed the initial runner registration token using an environment variable

## What does this MR do?
Allow users to seed the initial runner registration token using an environment variable

## Are there points in the code the reviewer needs to double check?

- Naming, do we want to make sure we are clear it's the 'registration' token. Like GITLAB_RUNNER_REGISTRATION_TOKEN vs what I have now, GITLAB_RUNNER_TOKEN
- Not sure we've tested a seed fixture before, I just made up a directory structure for the test

## Why was this MR needed?

At the moment I want to use this in our idea to production demo:  https://gitlab.com/gitlab-org/gitlab-ce/issues/22190

This is useful for when runner is bundled with gitlab, like in a kubernetes stack, and we want the runner to be able to register with gitlab as soon as they both come up.

## Does this MR meet the acceptance criteria?

- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [x] Added for this feature/bug
  - [x] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

See merge request !6642

Fix Slack pipeline message by API

Pipelines triggered from API don't have a corresponding
user, so we show that it's from API, same as from the
web UI

Closes #25609

See merge request !8059

Introduce $CI_BUILD_REF_SLUG

## What does this MR do?

Adds `$CI_BUILD_REF_SLUG` to the variables exposed to the runner. This is based on `$CI_BUILD_REF_NAME` but lowercased, shortened to 63 bytes maximum, and with characters invalid in URLs and domain names replaced with `-`. 

## Are there points in the code the reviewer needs to double check?

Slugs don't have a uniqueness guarantee. !7983 introduces an environment name slug which *is* unique, so I'm not as exercised about this as I was.

Should the slug be published in the API? It's available through the `variables` endpoint, but perhaps it should be part of `GET /project/:id/builds` ?

I've called it `ref_slug` rather than just `slug` as there are number of possibilities for slugification in a build (unlike an environment, where only the name makes sense to slugify).

## Why was this MR needed?

`$CI_BUILD_REF_NAME` is not suited for URLs and domain names, given the list of valid characters in a git ref. 

## Screenshots (if relevant)

## Does this MR meet the acceptance criteria?

- [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added
- [X] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [X] Added for this feature/bug
  - [x] All builds are passing
- [X] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [X] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?

Closes #22849

See merge request !8072

Fix transient failure on AnalyticsBuildEntity

AnalyticsBuildEntity uses `Time.now` to calculate durations, and on slow running builds could fail this spec. Mocking with `Timecop` should be sufficient to fix this.

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/25500

See merge request !8082

Delete more page specific css

* Moves emojis and icons into `framework`
* Comments out unused bootstrap imports (we can remove them entirely later)

See merge request !7961

Explicitly declare all javascript globals and all eslint rule violations

This merge request takes every single external global variable referenced within a javascript file and explicitly marks it with a `/* global Foo */` comment block at the top of the script.

This also expands all blanket instances of `/* eslint-disable */` with an explicit list of disabled rules.  This is useful because if we need to search for violations of a particular rule we can simply grep the codebase for something like `no-unused-vars` or `semi` and find all of the places where this rule has yet to be fixed.

Lastly, it also removes and resolves any existing `no-undef` eslint violations.  This is useful for catching mistakes like forgetting to declare a variable with `var`/`let`/`const` which can cause hard to find bugs.

## What does this MR do?

1. Looks for generic uses of `/* eslint-disable */` and refactors them into individual rule exceptions.
2. Looks for all occurrences of `/* eslint-disable ... no-undef */` and resolves them by either fixing bugs or declaring globals with `/* global Foo */`.

## Are there points in the code the reviewer needs to double check?

This touches a lot of files, most changes touch nothing other than comment blocks or whitespace.  The exceptions are the following 14 files which required some small bug fixes after removing `no-undef`:

- api.js
- breakpoints.js
- build.js
- commits.js
- diff_notes/components/jump_to_discussion.js.es6
- gfm_auto_complete.js.es6
- gl_dropdown.js
- groups_select.js
- importer_status.js
- namespace_select.js
- notes.js
- preview_markdown.js
- projects_list.js
- single_file_diff.js

## Why was this MR needed?

Removal of ~"technical debt" and some necessary changes to help !7288 

## Screenshots (if relevant)

N/A

## Does this MR meet the acceptance criteria?

- [ ] ~~[Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added~~
- [ ] ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~
- [ ] ~~API support added~~
- Tests
  - [ ] ~~Added for this feature/bug~~
  - [ ] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?

N/A

See merge request !8043

Username exists check respects the relative root URL

## What does this MR do?

The path for checking if the username exists was hardcoded to as a absolute URL which broke in relative path installs. This fixes that by respecting the relative path.

## What are the relevant issue numbers?

Closes #25548

See merge request !8092

Removing and combining sass variables

* Removes/combines a good portion of our many shades of gray, according to https://gitlab.com/gitlab-org/gitlab-ce/uploads/207006b0aeadee57499c891f173198f4/Shades_of_grey_-_combined.png
* Renaming variables according to saturation etc will be in separate MR

See merge request !8052

Introduce deployment services, starting with a KubernetesService

## What does this MR do?

Adds a minimal `KubernetesService` and introduces the idea of deployment services, generally.

## Are there points in the code the reviewer needs to double check?

## Why was this MR needed?

Two issues scheduled for 8.15 both require a Kubernetes service - #22864 and #23580 - but they use it for very different things. Add a minimal kubernetes service to avoid conflicts later.

## Screenshots

![Screen_Shot_2016-12-14_at_12.44.13](/uploads/77d38baf2a196118f0cf7e2b996a65f3/Screen_Shot_2016-12-14_at_12.44.13.png)

## Does this MR meet the acceptance criteria?

- [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added
- [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [x] API support added
- Tests
  - [x] Added for this feature/bug
  - [x] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?

Closes #22985

See merge request !7994

add node_modules to our eslintignore settings

## What does this MR do?

Adds `/node_modules` directory to `.eslintignore` so we don't lint npm modules in our build process.

## Are there points in the code the reviewer needs to double check?

## Why was this MR needed?

## Screenshots (if relevant)

## Does this MR meet the acceptance criteria?

- [ ] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?

Closes #25690

See merge request !8089

Remove white space between nav items

Fixes annoying white space between items on navigation bars.

Before
![Screen_Shot_2016-12-13_at_6.06.11_PM](/uploads/605b49822f93168901bedc5ceb6490a3/Screen_Shot_2016-12-13_at_6.06.11_PM.png)

After
![Screen_Shot_2016-12-13_at_6.06.22_PM](/uploads/5c2e6432be477deaaf544cf81ec493e9/Screen_Shot_2016-12-13_at_6.06.22_PM.png)

See merge request !8078

Cursor now changes to a pointer when mousing over stages on Cycle Analytics page

When mousing over the different stage headers on the Cycle Analytics page, the mouse cursor will now change to a pointer, indicating these sections are clickable.

Closes #24803  

cc: @awhildy

See merge request !7921

Closes #25548