Add latest changes from gitlab-org/gitlab@master

Author: GitLab Bot

.markdownlint-cli2.yaml

@@ -162,8 +162,3 @@ config:
     ]
 ignores:
   - "doc/architecture"
-customRules:
-  - "./doc/.markdownlint/rules/tabs_blank_lines.js"
-  - "./doc/.markdownlint/rules/tabs_title_markup.js"
-  - "./doc/.markdownlint/rules/tabs_title_text.js"
-  - "./doc/.markdownlint/rules/tabs_wrapper_tags.js"

.rubocop_todo/gitlab/bounded_contexts.yml

@@ -2312,7 +2312,6 @@ Gitlab/BoundedContexts:
     - 'ee/app/graphql/resolvers/dast_site_validation_resolver.rb'
     - 'ee/app/graphql/resolvers/description_versions_diff_resolver.rb'
     - 'ee/app/graphql/resolvers/dora/performance_scores_count_resolver.rb'
-    - 'ee/app/graphql/resolvers/dora_metrics_resolver.rb'
     - 'ee/app/graphql/resolvers/epic_ancestors_resolver.rb'
     - 'ee/app/graphql/resolvers/epic_issues_resolver.rb'
     - 'ee/app/graphql/resolvers/epics/children_resolver.rb'
@@ -2413,10 +2412,6 @@ Gitlab/BoundedContexts:
     - 'ee/app/graphql/types/dora/performance_score_connection_type.rb'
     - 'ee/app/graphql/types/dora/performance_score_count_type.rb'
     - 'ee/app/graphql/types/dora/project_filter_input_type.rb'
-    - 'ee/app/graphql/types/dora_metric_bucketing_interval_enum.rb'
-    - 'ee/app/graphql/types/dora_metric_type.rb'
-    - 'ee/app/graphql/types/dora_metric_type_enum.rb'
-    - 'ee/app/graphql/types/dora_type.rb'
     - 'ee/app/graphql/types/epic_descendant_count_type.rb'
     - 'ee/app/graphql/types/epic_descendant_weight_sum_type.rb'
     - 'ee/app/graphql/types/epic_health_status_type.rb'

.rubocop_todo/layout/line_length.yml

@@ -482,7 +482,6 @@ Layout/LineLength:
     - 'ee/app/graphql/resolvers/app_sec/dast/profile_resolver.rb'
     - 'ee/app/graphql/resolvers/board_groupings/epics_resolver.rb'
     - 'ee/app/graphql/resolvers/boards/epic_lists_resolver.rb'
-    - 'ee/app/graphql/resolvers/dora_metrics_resolver.rb'
     - 'ee/app/graphql/resolvers/external_issue_resolver.rb'
     - 'ee/app/graphql/resolvers/incident_management/oncall_rotations_resolver.rb'
     - 'ee/app/graphql/resolvers/incident_management/oncall_schedule_resolver.rb'
@@ -503,7 +502,6 @@ Layout/LineLength:
     - 'ee/app/graphql/types/dast_scan_type_enum.rb'
     - 'ee/app/graphql/types/dast_scanner_profile_type.rb'
     - 'ee/app/graphql/types/dast_site_profile_type.rb'
-    - 'ee/app/graphql/types/dora_metric_type_enum.rb'
     - 'ee/app/graphql/types/epic_health_status_type.rb'
     - 'ee/app/graphql/types/epic_sort_enum.rb'
     - 'ee/app/graphql/types/epic_type.rb'
@@ -1112,7 +1110,6 @@ Layout/LineLength:
     - 'ee/spec/graphql/resolvers/boards/board_list_epics_resolver_spec.rb'
     - 'ee/spec/graphql/resolvers/ci/code_coverage_activities_resolver_spec.rb'
     - 'ee/spec/graphql/resolvers/dast_site_validation_resolver_spec.rb'
-    - 'ee/spec/graphql/resolvers/dora_metrics_resolver_spec.rb'
     - 'ee/spec/graphql/resolvers/epics_resolver_spec.rb'
     - 'ee/spec/graphql/resolvers/external_issue_resolver_spec.rb'
     - 'ee/spec/graphql/resolvers/incident_management/escalation_policies_resolver_spec.rb'

.rubocop_todo/style/inline_disable_annotation.yml

@@ -1093,8 +1093,6 @@ Style/InlineDisableAnnotation:
     - 'ee/app/graphql/types/deployments/approval_type.rb'
     - 'ee/app/graphql/types/dora/performance_score_connection_type.rb'
     - 'ee/app/graphql/types/dora/performance_score_count_type.rb'
-    - 'ee/app/graphql/types/dora_metric_type.rb'
-    - 'ee/app/graphql/types/dora_type.rb'
     - 'ee/app/graphql/types/epic_descendant_count_type.rb'
     - 'ee/app/graphql/types/epic_descendant_weight_sum_type.rb'
     - 'ee/app/graphql/types/epic_health_status_type.rb'

Gemfile.checksum

@@ -524,13 +524,13 @@
 {"name":"prime","version":"0.1.3","platform":"ruby","checksum":"baf031c50d6ce923594913befc8ac86a3251bffb9d6a5e8b03687962054e53e3"},
 {"name":"prism","version":"1.2.0","platform":"ruby","checksum":"24ff9cd3232346e68052659f14c9a618022ea98935f774df465206aba5c06d2f"},
 {"name":"proc_to_ast","version":"0.1.0","platform":"ruby","checksum":"92a73fa66e2250a83f8589f818b0751bcf227c68f85916202df7af85082f8691"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"aarch64-linux-gnu","checksum":"7a3e8d7e95f7e53a6870381135f5f4b6c8c3f3b244b7cd760e3582c5abd86512"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"aarch64-linux-musl","checksum":"87f1cf92f39ce2be861732820c6b719dda4ee9a97b5bf7a627510a45b5a50977"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"arm64-darwin","checksum":"d828fecea444373367e7d3c7c67c898479816a6400813f641634ba2f64ca91c5"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"ruby","checksum":"de402deeb56234fb8866bebe91c69410a8f8e377ac557305c688e8e1705f0a75"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-darwin","checksum":"a4501fb9da7a89200e6f8aeaecdbe9e06f491083cac7a611a0c37feeb803adff"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-linux-gnu","checksum":"68cd5e4d0c9be98129f27856f2746c4b21b7162edbe48d71dfd76143097c4b8e"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-linux-musl","checksum":"3f618d48a631a72027d1cfd090a904d4abfd3e543eec10e0d89f456633e35510"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"aarch64-linux-gnu","checksum":"e2a52234bed534fbce8185b781f49e2a584808a3713fb77287fb3017ae4e8dad"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"aarch64-linux-musl","checksum":"4d09f7c011cba48ca119515988e1683c4a99fc4310fb33145817541043556f55"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"arm64-darwin","checksum":"2d5277fe916d76e92a2801685d02bb7da4c8d62ba32e9bb83eb1edc9ad8bb165"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"ruby","checksum":"20ff9ef443767bc45d338882fbc6a9a853cdae190ec68cfd9395a5ac44384004"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-darwin","checksum":"aab97474ccc96cc707af4be5b26f8d2fe89f4d67013ad996ae10f17712f527ff"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-linux-gnu","checksum":"f17f2b069f73a976b421cf6730974d3addf196656b8437deca9c36845f658f9e"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-linux-musl","checksum":"e2af29e954f40fda4c3acb5c3b9722dbfc724d8d67a28e01904233e558c4ce1d"},
 {"name":"pry","version":"0.14.2","platform":"java","checksum":"fd780670977ba04ff7ee32dabd4d02fe4bf02e977afe8809832d5dca1412862e"},
 {"name":"pry","version":"0.14.2","platform":"ruby","checksum":"c4fe54efedaca1d351280b45b8849af363184696fcac1c72e0415f9bdac4334d"},
 {"name":"pry-byebug","version":"3.10.1","platform":"ruby","checksum":"c8f975c32255bfdb29e151f5532130be64ff3d0042dc858d0907e849125581f8"},

Gemfile.lock

@@ -1462,7 +1462,7 @@ GEM
       coderay
       parser
       unparser
-    prometheus-client-mmap (1.2.8)
+    prometheus-client-mmap (1.2.9)
       base64
       bigdecimal
       logger

Gemfile.next.checksum

@@ -529,13 +529,13 @@
 {"name":"prime","version":"0.1.3","platform":"ruby","checksum":"baf031c50d6ce923594913befc8ac86a3251bffb9d6a5e8b03687962054e53e3"},
 {"name":"prism","version":"1.2.0","platform":"ruby","checksum":"24ff9cd3232346e68052659f14c9a618022ea98935f774df465206aba5c06d2f"},
 {"name":"proc_to_ast","version":"0.1.0","platform":"ruby","checksum":"92a73fa66e2250a83f8589f818b0751bcf227c68f85916202df7af85082f8691"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"aarch64-linux-gnu","checksum":"7a3e8d7e95f7e53a6870381135f5f4b6c8c3f3b244b7cd760e3582c5abd86512"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"aarch64-linux-musl","checksum":"87f1cf92f39ce2be861732820c6b719dda4ee9a97b5bf7a627510a45b5a50977"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"arm64-darwin","checksum":"d828fecea444373367e7d3c7c67c898479816a6400813f641634ba2f64ca91c5"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"ruby","checksum":"de402deeb56234fb8866bebe91c69410a8f8e377ac557305c688e8e1705f0a75"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-darwin","checksum":"a4501fb9da7a89200e6f8aeaecdbe9e06f491083cac7a611a0c37feeb803adff"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-linux-gnu","checksum":"68cd5e4d0c9be98129f27856f2746c4b21b7162edbe48d71dfd76143097c4b8e"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-linux-musl","checksum":"3f618d48a631a72027d1cfd090a904d4abfd3e543eec10e0d89f456633e35510"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"aarch64-linux-gnu","checksum":"e2a52234bed534fbce8185b781f49e2a584808a3713fb77287fb3017ae4e8dad"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"aarch64-linux-musl","checksum":"4d09f7c011cba48ca119515988e1683c4a99fc4310fb33145817541043556f55"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"arm64-darwin","checksum":"2d5277fe916d76e92a2801685d02bb7da4c8d62ba32e9bb83eb1edc9ad8bb165"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"ruby","checksum":"20ff9ef443767bc45d338882fbc6a9a853cdae190ec68cfd9395a5ac44384004"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-darwin","checksum":"aab97474ccc96cc707af4be5b26f8d2fe89f4d67013ad996ae10f17712f527ff"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-linux-gnu","checksum":"f17f2b069f73a976b421cf6730974d3addf196656b8437deca9c36845f658f9e"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-linux-musl","checksum":"e2af29e954f40fda4c3acb5c3b9722dbfc724d8d67a28e01904233e558c4ce1d"},
 {"name":"pry","version":"0.14.2","platform":"java","checksum":"fd780670977ba04ff7ee32dabd4d02fe4bf02e977afe8809832d5dca1412862e"},
 {"name":"pry","version":"0.14.2","platform":"ruby","checksum":"c4fe54efedaca1d351280b45b8849af363184696fcac1c72e0415f9bdac4334d"},
 {"name":"pry-byebug","version":"3.10.1","platform":"ruby","checksum":"c8f975c32255bfdb29e151f5532130be64ff3d0042dc858d0907e849125581f8"},

Gemfile.next.lock

@@ -1482,7 +1482,7 @@ GEM
       coderay
       parser
       unparser
-    prometheus-client-mmap (1.2.8)
+    prometheus-client-mmap (1.2.9)
       base64
       bigdecimal
       logger

app/assets/javascripts/lib/dompurify.js

@@ -28,8 +28,19 @@ const getAllowedIconUrls = (gon = window.gon) =>
     .filter(Boolean)
     .map((path) => relativePathToAbsolute(path, getBaseURL()));
 
-const isUrlAllowed = (url) =>
-  getAllowedIconUrls().some((allowedUrl) => getNormalizedURL(url).startsWith(allowedUrl));
+const isUrlAllowed = (url) => {
+  try {
+    const normalizedUrl = new URL(getNormalizedURL(url));
+    return getAllowedIconUrls().some((allowedUrlString) => {
+      const allowedUrl = new URL(allowedUrlString);
+      return (
+        allowedUrl.origin === normalizedUrl.origin && normalizedUrl.pathname === allowedUrl.pathname
+      );
+    });
+  } catch {
+    return false;
+  }
+};
 
 const isHrefSafe = (url) => url.match(/^#/) || isUrlAllowed(url);
 

app/controllers/admin/background_migrations_controller.rb

@@ -6,6 +6,7 @@ class BackgroundMigrationsController < ApplicationController
     urgency :low
 
     around_action :support_multiple_databases
+    authorize! :read_admin_background_migrations, only: [:index, :show]
 
     def index
       @relations_by_tab = {