Add latest changes from gitlab-org/gitlab@master

Author: GitLab Bot

.markdownlint-cli2.yaml

@@ -162,8 +162,3 @@ config:
     ]
 ignores:
   - "doc/architecture"
-customRules:
-  - "./doc/.markdownlint/rules/tabs_blank_lines.js"
-  - "./doc/.markdownlint/rules/tabs_title_markup.js"
-  - "./doc/.markdownlint/rules/tabs_title_text.js"
-  - "./doc/.markdownlint/rules/tabs_wrapper_tags.js"

.rubocop_todo/gitlab/bounded_contexts.yml

@@ -2312,7 +2312,6 @@ Gitlab/BoundedContexts:
     - 'ee/app/graphql/resolvers/dast_site_validation_resolver.rb'
     - 'ee/app/graphql/resolvers/description_versions_diff_resolver.rb'
     - 'ee/app/graphql/resolvers/dora/performance_scores_count_resolver.rb'
-    - 'ee/app/graphql/resolvers/dora_metrics_resolver.rb'
     - 'ee/app/graphql/resolvers/epic_ancestors_resolver.rb'
     - 'ee/app/graphql/resolvers/epic_issues_resolver.rb'
     - 'ee/app/graphql/resolvers/epics/children_resolver.rb'
@@ -2413,10 +2412,6 @@ Gitlab/BoundedContexts:
     - 'ee/app/graphql/types/dora/performance_score_connection_type.rb'
     - 'ee/app/graphql/types/dora/performance_score_count_type.rb'
     - 'ee/app/graphql/types/dora/project_filter_input_type.rb'
-    - 'ee/app/graphql/types/dora_metric_bucketing_interval_enum.rb'
-    - 'ee/app/graphql/types/dora_metric_type.rb'
-    - 'ee/app/graphql/types/dora_metric_type_enum.rb'
-    - 'ee/app/graphql/types/dora_type.rb'
     - 'ee/app/graphql/types/epic_descendant_count_type.rb'
     - 'ee/app/graphql/types/epic_descendant_weight_sum_type.rb'
     - 'ee/app/graphql/types/epic_health_status_type.rb'

.rubocop_todo/layout/line_length.yml

@@ -482,7 +482,6 @@ Layout/LineLength:
     - 'ee/app/graphql/resolvers/app_sec/dast/profile_resolver.rb'
     - 'ee/app/graphql/resolvers/board_groupings/epics_resolver.rb'
     - 'ee/app/graphql/resolvers/boards/epic_lists_resolver.rb'
-    - 'ee/app/graphql/resolvers/dora_metrics_resolver.rb'
     - 'ee/app/graphql/resolvers/external_issue_resolver.rb'
     - 'ee/app/graphql/resolvers/incident_management/oncall_rotations_resolver.rb'
     - 'ee/app/graphql/resolvers/incident_management/oncall_schedule_resolver.rb'
@@ -503,7 +502,6 @@ Layout/LineLength:
     - 'ee/app/graphql/types/dast_scan_type_enum.rb'
     - 'ee/app/graphql/types/dast_scanner_profile_type.rb'
     - 'ee/app/graphql/types/dast_site_profile_type.rb'
-    - 'ee/app/graphql/types/dora_metric_type_enum.rb'
     - 'ee/app/graphql/types/epic_health_status_type.rb'
     - 'ee/app/graphql/types/epic_sort_enum.rb'
     - 'ee/app/graphql/types/epic_type.rb'
@@ -1112,7 +1110,6 @@ Layout/LineLength:
     - 'ee/spec/graphql/resolvers/boards/board_list_epics_resolver_spec.rb'
     - 'ee/spec/graphql/resolvers/ci/code_coverage_activities_resolver_spec.rb'
     - 'ee/spec/graphql/resolvers/dast_site_validation_resolver_spec.rb'
-    - 'ee/spec/graphql/resolvers/dora_metrics_resolver_spec.rb'
     - 'ee/spec/graphql/resolvers/epics_resolver_spec.rb'
     - 'ee/spec/graphql/resolvers/external_issue_resolver_spec.rb'
     - 'ee/spec/graphql/resolvers/incident_management/escalation_policies_resolver_spec.rb'

.rubocop_todo/style/inline_disable_annotation.yml

@@ -1093,8 +1093,6 @@ Style/InlineDisableAnnotation:
     - 'ee/app/graphql/types/deployments/approval_type.rb'
     - 'ee/app/graphql/types/dora/performance_score_connection_type.rb'
     - 'ee/app/graphql/types/dora/performance_score_count_type.rb'
-    - 'ee/app/graphql/types/dora_metric_type.rb'
-    - 'ee/app/graphql/types/dora_type.rb'
     - 'ee/app/graphql/types/epic_descendant_count_type.rb'
     - 'ee/app/graphql/types/epic_descendant_weight_sum_type.rb'
     - 'ee/app/graphql/types/epic_health_status_type.rb'

Gemfile.checksum

@@ -524,13 +524,13 @@
 {"name":"prime","version":"0.1.3","platform":"ruby","checksum":"baf031c50d6ce923594913befc8ac86a3251bffb9d6a5e8b03687962054e53e3"},
 {"name":"prism","version":"1.2.0","platform":"ruby","checksum":"24ff9cd3232346e68052659f14c9a618022ea98935f774df465206aba5c06d2f"},
 {"name":"proc_to_ast","version":"0.1.0","platform":"ruby","checksum":"92a73fa66e2250a83f8589f818b0751bcf227c68f85916202df7af85082f8691"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"aarch64-linux-gnu","checksum":"7a3e8d7e95f7e53a6870381135f5f4b6c8c3f3b244b7cd760e3582c5abd86512"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"aarch64-linux-musl","checksum":"87f1cf92f39ce2be861732820c6b719dda4ee9a97b5bf7a627510a45b5a50977"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"arm64-darwin","checksum":"d828fecea444373367e7d3c7c67c898479816a6400813f641634ba2f64ca91c5"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"ruby","checksum":"de402deeb56234fb8866bebe91c69410a8f8e377ac557305c688e8e1705f0a75"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-darwin","checksum":"a4501fb9da7a89200e6f8aeaecdbe9e06f491083cac7a611a0c37feeb803adff"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-linux-gnu","checksum":"68cd5e4d0c9be98129f27856f2746c4b21b7162edbe48d71dfd76143097c4b8e"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-linux-musl","checksum":"3f618d48a631a72027d1cfd090a904d4abfd3e543eec10e0d89f456633e35510"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"aarch64-linux-gnu","checksum":"e2a52234bed534fbce8185b781f49e2a584808a3713fb77287fb3017ae4e8dad"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"aarch64-linux-musl","checksum":"4d09f7c011cba48ca119515988e1683c4a99fc4310fb33145817541043556f55"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"arm64-darwin","checksum":"2d5277fe916d76e92a2801685d02bb7da4c8d62ba32e9bb83eb1edc9ad8bb165"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"ruby","checksum":"20ff9ef443767bc45d338882fbc6a9a853cdae190ec68cfd9395a5ac44384004"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-darwin","checksum":"aab97474ccc96cc707af4be5b26f8d2fe89f4d67013ad996ae10f17712f527ff"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-linux-gnu","checksum":"f17f2b069f73a976b421cf6730974d3addf196656b8437deca9c36845f658f9e"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-linux-musl","checksum":"e2af29e954f40fda4c3acb5c3b9722dbfc724d8d67a28e01904233e558c4ce1d"},
 {"name":"pry","version":"0.14.2","platform":"java","checksum":"fd780670977ba04ff7ee32dabd4d02fe4bf02e977afe8809832d5dca1412862e"},
 {"name":"pry","version":"0.14.2","platform":"ruby","checksum":"c4fe54efedaca1d351280b45b8849af363184696fcac1c72e0415f9bdac4334d"},
 {"name":"pry-byebug","version":"3.10.1","platform":"ruby","checksum":"c8f975c32255bfdb29e151f5532130be64ff3d0042dc858d0907e849125581f8"},

Gemfile.lock

@@ -1462,7 +1462,7 @@ GEM
       coderay
       parser
       unparser
-    prometheus-client-mmap (1.2.8)
+    prometheus-client-mmap (1.2.9)
       base64
       bigdecimal
       logger

Gemfile.next.checksum

@@ -529,13 +529,13 @@
 {"name":"prime","version":"0.1.3","platform":"ruby","checksum":"baf031c50d6ce923594913befc8ac86a3251bffb9d6a5e8b03687962054e53e3"},
 {"name":"prism","version":"1.2.0","platform":"ruby","checksum":"24ff9cd3232346e68052659f14c9a618022ea98935f774df465206aba5c06d2f"},
 {"name":"proc_to_ast","version":"0.1.0","platform":"ruby","checksum":"92a73fa66e2250a83f8589f818b0751bcf227c68f85916202df7af85082f8691"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"aarch64-linux-gnu","checksum":"7a3e8d7e95f7e53a6870381135f5f4b6c8c3f3b244b7cd760e3582c5abd86512"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"aarch64-linux-musl","checksum":"87f1cf92f39ce2be861732820c6b719dda4ee9a97b5bf7a627510a45b5a50977"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"arm64-darwin","checksum":"d828fecea444373367e7d3c7c67c898479816a6400813f641634ba2f64ca91c5"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"ruby","checksum":"de402deeb56234fb8866bebe91c69410a8f8e377ac557305c688e8e1705f0a75"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-darwin","checksum":"a4501fb9da7a89200e6f8aeaecdbe9e06f491083cac7a611a0c37feeb803adff"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-linux-gnu","checksum":"68cd5e4d0c9be98129f27856f2746c4b21b7162edbe48d71dfd76143097c4b8e"},
-{"name":"prometheus-client-mmap","version":"1.2.8","platform":"x86_64-linux-musl","checksum":"3f618d48a631a72027d1cfd090a904d4abfd3e543eec10e0d89f456633e35510"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"aarch64-linux-gnu","checksum":"e2a52234bed534fbce8185b781f49e2a584808a3713fb77287fb3017ae4e8dad"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"aarch64-linux-musl","checksum":"4d09f7c011cba48ca119515988e1683c4a99fc4310fb33145817541043556f55"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"arm64-darwin","checksum":"2d5277fe916d76e92a2801685d02bb7da4c8d62ba32e9bb83eb1edc9ad8bb165"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"ruby","checksum":"20ff9ef443767bc45d338882fbc6a9a853cdae190ec68cfd9395a5ac44384004"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-darwin","checksum":"aab97474ccc96cc707af4be5b26f8d2fe89f4d67013ad996ae10f17712f527ff"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-linux-gnu","checksum":"f17f2b069f73a976b421cf6730974d3addf196656b8437deca9c36845f658f9e"},
+{"name":"prometheus-client-mmap","version":"1.2.9","platform":"x86_64-linux-musl","checksum":"e2af29e954f40fda4c3acb5c3b9722dbfc724d8d67a28e01904233e558c4ce1d"},
 {"name":"pry","version":"0.14.2","platform":"java","checksum":"fd780670977ba04ff7ee32dabd4d02fe4bf02e977afe8809832d5dca1412862e"},
 {"name":"pry","version":"0.14.2","platform":"ruby","checksum":"c4fe54efedaca1d351280b45b8849af363184696fcac1c72e0415f9bdac4334d"},
 {"name":"pry-byebug","version":"3.10.1","platform":"ruby","checksum":"c8f975c32255bfdb29e151f5532130be64ff3d0042dc858d0907e849125581f8"},

Gemfile.next.lock

@@ -1482,7 +1482,7 @@ GEM
       coderay
       parser
       unparser
-    prometheus-client-mmap (1.2.8)
+    prometheus-client-mmap (1.2.9)
       base64
       bigdecimal
       logger

app/assets/javascripts/lib/dompurify.js

@@ -28,8 +28,19 @@ const getAllowedIconUrls = (gon = window.gon) =>
     .filter(Boolean)
     .map((path) => relativePathToAbsolute(path, getBaseURL()));
 
-const isUrlAllowed = (url) =>
-  getAllowedIconUrls().some((allowedUrl) => getNormalizedURL(url).startsWith(allowedUrl));
+const isUrlAllowed = (url) => {
+  try {
+    const normalizedUrl = new URL(getNormalizedURL(url));
+    return getAllowedIconUrls().some((allowedUrlString) => {
+      const allowedUrl = new URL(allowedUrlString);
+      return (
+        allowedUrl.origin === normalizedUrl.origin && normalizedUrl.pathname === allowedUrl.pathname
+      );
+    });
+  } catch {
+    return false;
+  }
+};
 
 const isHrefSafe = (url) => url.match(/^#/) || isUrlAllowed(url);
 

app/controllers/admin/background_migrations_controller.rb

@@ -6,6 +6,7 @@ class BackgroundMigrationsController < ApplicationController
     urgency :low
 
     around_action :support_multiple_databases
+    authorize! :read_admin_background_migrations, only: [:index, :show]
 
     def index
       @relations_by_tab = {

app/controllers/concerns/issuable_collections.rb

@@ -125,7 +125,7 @@ def preload_for_collection
     @preload_for_collection ||= case collection_type
                                 when 'Issue'
                                   common_attributes + [
-                                    ::Gitlab::Issues::TypeAssociationGetter.call,
+                                    :work_item_type,
                                     :project, { project: :namespace }
                                   ]
                                 when 'MergeRequest'

app/controllers/projects/releases/evidences_controller.rb

@@ -25,15 +25,15 @@ def authorize_read_release_evidence!
       end
 
       def release
-        @release ||= project.releases.find_by_tag!(sanitized_tag_name)
+        @release ||= project.releases.find_by_tag!(tag_name)
       end
 
       def evidence
         release.evidences.find(params[:id])
       end
 
-      def sanitized_tag_name
-        CGI.unescape(params[:tag])
+      def tag_name
+        params[:tag]
       end
     end
   end

app/graphql/mutations/work_items/convert.rb

@@ -45,7 +45,7 @@ def resolve(attributes)
       private
 
       def find_work_item_type!(gid)
-        work_item_type = ::WorkItems::Type.find_by_correct_id_with_fallback(gid.model_id)
+        work_item_type = ::WorkItems::Type.find_by_id_with_fallback(gid.model_id)
 
         return work_item_type if work_item_type.present?
 

app/graphql/mutations/work_items/create.rb

@@ -144,7 +144,7 @@ def params_with_resolve_discussion_params(attributes)
 
       def params_with_work_item_type(attributes)
         work_item_type_id = attributes.delete(:work_item_type_id)&.model_id
-        work_item_type = ::WorkItems::Type.find_by_correct_id_with_fallback(work_item_type_id)
+        work_item_type = ::WorkItems::Type.find_by_id_with_fallback(work_item_type_id)
 
         attributes[:work_item_type] = work_item_type
 

app/graphql/mutations/work_items/create_from_task.rb

@@ -48,7 +48,7 @@ def resolve(id:, work_item_data:)
 
       def work_item_data_with_fallback_type(work_item_data)
         work_item_type_id = work_item_data.delete(:work_item_type_id)
-        work_item_type = ::WorkItems::Type.find_by_correct_id_with_fallback(work_item_type_id)
+        work_item_type = ::WorkItems::Type.find_by_id_with_fallback(work_item_type_id)
 
         work_item_data[:work_item_type] = work_item_type
 

app/graphql/resolvers/concerns/issues/look_ahead_preloads.rb

@@ -16,7 +16,7 @@ def unconditional_includes
           project: [:project_feature, :group]
         },
         :author,
-        ::Gitlab::Issues::TypeAssociationGetter.call
+        :work_item_type
       ]
     end
 
@@ -28,7 +28,7 @@ def preloads
         timelogs: [:timelogs],
         customer_relations_contacts: { customer_relations_contacts: [:group] },
         escalation_status: [:incident_management_issuable_escalation_status],
-        type: ::Gitlab::Issues::TypeAssociationGetter.call
+        type: :work_item_type
       }
     end
   end

app/graphql/resolvers/concerns/work_items/look_ahead_preloads.rb

@@ -12,9 +12,9 @@ module LookAheadPreloads
 
     def preloads
       {
-        work_item_type: ::Gitlab::Issues::TypeAssociationGetter.call,
+        work_item_type: :work_item_type,
         web_url: { namespace: :route, project: [:project_namespace, { namespace: :route }] },
-        widgets: { ::Gitlab::Issues::TypeAssociationGetter.call => :enabled_widget_definitions },
+        widgets: { work_item_type: :enabled_widget_definitions },
         archived: :project
       }
     end
@@ -54,7 +54,7 @@ def unconditional_includes
           project: [:project_feature, :group]
         },
         :author,
-        ::Gitlab::Issues::TypeAssociationGetter.call,
+        :work_item_type,
         *super
       ]
     end

app/graphql/resolvers/work_items/ancestors_resolver.rb

@@ -57,7 +57,7 @@ def preload_resource_parents(work_items)
       end
 
       def unconditional_includes
-        [:namespace, :work_item_parent, ::Gitlab::Issues::TypeAssociationGetter.call]
+        [:namespace, :work_item_parent, :work_item_type]
       end
     end
   end

app/models/issue.rb

@@ -143,7 +143,7 @@ def most_recent
   validates :work_item_type, presence: true
   validates :confidential, inclusion: { in: [true, false], message: 'must be a boolean' }
 
-  validate :allowed_work_item_type_change, on: :update, if: :correct_work_item_type_id_changed?
+  validate :allowed_work_item_type_change, on: :update, if: :work_item_type_id_changed?
   validate :due_date_after_start_date, if: :validate_due_date?
   validate :parent_link_confidentiality
 
@@ -207,7 +207,7 @@ def most_recent
 
   scope :with_alert_management_alerts, -> { joins(:alert_management_alert) }
   scope :with_api_entity_associations, -> {
-    preload(::Gitlab::Issues::TypeAssociationGetter.call,
+    preload(:work_item_type,
       :timelogs, :closed_by, :assignees, :author, :issuable_severity,
       :labels, namespace: [{ parent: :route }, :route], milestone: { project: [:route, { namespace: :route }] },
       project: [:project_namespace, :project_feature, :route, { group: :route }, { namespace: :route }],
@@ -218,16 +218,16 @@ def most_recent
     types = Array(types)
 
     # Using != 1 since we also want the guard clause to handle empty arrays
-    return joins(:correct_work_item_type).where(work_item_types: { base_type: types }) if types.size != 1
+    return joins(:work_item_type).where(work_item_types: { base_type: types }) if types.size != 1
 
     # This optimization helps the planer use the correct indexes when filtering by a single type
     where(
-      '"issues"."correct_work_item_type_id" = (?)',
-      WorkItems::Type.by_type(types.first).select(:correct_id).limit(1)
+      '"issues"."work_item_type_id" = (?)',
+      WorkItems::Type.by_type(types.first).select(:id).limit(1)
     )
   }
   scope :without_issue_type, ->(types) {
-    joins(::Gitlab::Issues::TypeAssociationGetter.call).where.not(work_item_types: { base_type: types })
+    joins(:work_item_type).where.not(work_item_types: { base_type: types })
   }
 
   scope :public_only, -> { where(confidential: false) }
@@ -242,10 +242,10 @@ def most_recent
 
   scope :service_desk, -> {
     where(
-      "(author_id = ? AND correct_work_item_type_id = ?) OR correct_work_item_type_id = ?",
+      "(author_id = ? AND work_item_type_id = ?) OR work_item_type_id = ?",
       Users::Internal.support_bot.id,
-      WorkItems::Type.default_issue_type.correct_id,
-      WorkItems::Type.default_by_type(:ticket).correct_id
+      WorkItems::Type.default_issue_type.id,
+      WorkItems::Type.default_by_type(:ticket).id
     )
   }
   scope :inc_relations_for_view, -> do
@@ -277,7 +277,7 @@ def most_recent
   scope :with_projects_matching_search_data, -> { where('issue_search_data.project_id = issues.project_id') }
 
   scope :with_work_item_type, -> {
-    joins(::Gitlab::Issues::TypeAssociationGetter.call)
+    joins(:work_item_type)
   }
 
   before_validation :ensure_namespace_id, :ensure_work_item_type
@@ -359,30 +359,12 @@ def self.participant_includes
     [:assignees] + super
   end
 
-  # TODO: https://gitlab.com/gitlab-org/gitlab/-/issues/499911
-  def work_item_type
-    correct_work_item_type
-  end
-
-  # TODO: https://gitlab.com/gitlab-org/gitlab/-/issues/499911
-  def work_item_type_id
-    correct_work_item_type&.id
-  end
-
   def work_item_type_id=(input_work_item_type_id)
-    work_item_type = WorkItems::Type.find_by_correct_id_with_fallback(input_work_item_type_id)
-
-    self.correct_work_item_type_id = work_item_type&.correct_id
+    work_item_type = WorkItems::Type.find_by_id_with_fallback(input_work_item_type_id)
 
     super(work_item_type&.id)
   end
 
-  def work_item_type=(work_item_type)
-    self.correct_work_item_type = work_item_type
-
-    super
-  end
-
   def next_object_by_relative_position(ignoring: nil, order: :asc)
     array_mapping_scope = ->(id_expression) do
       relation = Issue.where(Issue.arel_table[:project_id].eq(id_expression))
@@ -928,18 +910,16 @@ def ensure_namespace_id
   end
 
   def ensure_work_item_type
-    return if work_item_type.present? ||
-      correct_work_item_type_id.present? ||
-      correct_work_item_type_id_change&.last.present?
+    return if work_item_type.present? || work_item_type_id.present? || work_item_type_id_change&.last.present?
 
     self.work_item_type = WorkItems::Type.default_by_type(DEFAULT_ISSUE_TYPE)
   end
 
   def allowed_work_item_type_change
-    return unless changes[:correct_work_item_type_id]
+    return unless changes[:work_item_type_id]
 
     involved_types = WorkItems::Type.where(
-      correct_id: changes[:correct_work_item_type_id].compact
+      id: changes[:work_item_type_id].compact
     ).pluck(:base_type).uniq
     disallowed_types = involved_types - WorkItems::Type::CHANGEABLE_BASE_TYPES