Cleanup style of confirmation page

See merge request !11774

Fix typo in user activity debug log message

See merge request !11898

Add a Rake task to aid in rotating otp_key_base

Closes #29690

See merge request !11881

backports changed import logic from pull mirroring feature into CE

See merge request !11850

Merge branch '33321-spec-failure-in-spec-javascripts-pipelines-header_component_spec-js-46-expected-failed-pipeline-123-triggered-4-weeks-ago-by-foo-to-equal-failed-pipeline-123-triggered-3-weeks-ago-by-foo' into 'master'

Resolve "Spec failure in spec/javascripts/pipelines/header_component_spec.js:46 : Expected 'failed Pipeline #123 triggered 4 weeks ago by Foo' to equal 'failed Pipeline #123 triggered 3 weeks ago by Foo'."

Closes #33321

See merge request !11915

Fix Git-over-HTTP rejections

See merge request !11398

Add Chinese translation of Cycle Analytics Page to I18N

See merge request !11644

Allow users to be hard-deleted from the admin panel

Closes #28694

See merge request !11874

Backport EE refactorings for Protected Tag EE-only functionality

See merge request !11125

Merge branch '32869-project-s-last-updated-time-not-accurately-reflected-in-projects-dashboard' into 'master'

Use last_activity_at attr when showing the update date in project listing

Closes #32869

See merge request !11896

Fix submodule link to then project under subgroup

Closes gitlab-ee#2411

See merge request !11906

Resolve "Permissions for project labels and group labels"

Closes #33154

See merge request !11876

Merge branch '31983-increase-merge-request-diff-file-size-limit-for-default-toggle-opening' into 'master'

Increase diff limits to 100 KB for collapse and 200 KB overall

Closes #31983

See merge request !11875

Because it is sometimes never used.

https://gitlab.com/gitlab-org/gitlab-ce/commit/57e3e942de1adef2c8621905370f07d7da7870c4

I changed it to a separate condition rather than depending on the order of the case-when statements to prevent this mistake again.

And refactor to self-document a little better.

No external behavior change.

This allows `GitHttpController` to set the HTTP status based on the type of error. Alternatively, we could have added an attribute to GitAccessStatus, but this pattern seemed appropriate.

This already works due to previous refactoring.

Changes to `GitHttpClientController`’s authentication logic caused this behavior change.

The old 401 Unauthorized statuses didn’t cause any harm, but they weren’t quite as accurate as the new behavior.

* The spec has 7 failures at this point
* Specify rendered error messages
* Render the GitAccess message rather than “Access denied”
* Render the Not Found message provided by GitAccess, instead of a custom one
* Expect GitAccess to check the config for whether Git-over-HTTP pull or push is disabled, rather than doing it in the controller
* Add more thorough testing for authentication
* Dried up a lot of tests
* Fixed some broken tests

Previously, only group masters could do this. However, project reporters can
manage project labels, so there doesn't seem to be any need to restrict group
labels further.

Also, save a query or two by getting a single GroupMember object to find out if
the user is a master or not.

Port fix-realtime-edited-text-for-issues 9-2-stable fix to master.

See merge request !11478