This stands as an alternative to using OAuth to access a user's Github
repositories.  This is setup in such a way that it can be used without OAuth
configuration.

From a UI perspective, the how to import modal has been replaced by a full
page, which includes a form for posting a personal access token back to the
Import::GithubController.

If the user has logged in via GitHub, skip the Personal Access Token and go
directly to Github for an access token via OAuth.

Updated breakpoint for sidebar pinning

## What does this MR do?

Updates the breakpoint for sidebar pinning to 1024px.

Think we will have the same issue as before when picking into stable with `$window` not being defined.

See merge request !5019

Project dashboard appears to be loading tags on every request

See merge request !4996

Make Rack::Request use our trusted proxies when filtering IP addresses

## What does this MR do?

This allows us to control the trusted proxies while deployed in a private network.

## Are there points in the code the reviewer needs to double check?

If we want to limit what is impacted, we can do this specifically for the rack_attack request object.

## Why was this MR needed?

Normally Rack::Request will trust all private IPs as trusted proxies, which can cause problems if your users are connection on you network via private IP ranges.
    
Normally in a rails app this is handled by action_dispatch request, but rack_attack is specifically using the Rack::Request object instead.

## What are the relevant issue numbers?

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17550

## Does this MR meet the acceptance criteria?

- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~
- [ ] ~~API support added~~
- Tests
  - [x] Added for this feature/bug
  - [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)


\cc @stanhu

See merge request !4958

Remove unnecessary parens and other code style fixes

This MR is based on reviewers` comments to https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/440

See merge request !5015

Enable Style/UnneededCapitalW Rubocop cop

## What does this MR do?

This MR enables Rubocop cop that checks if `%W[]`, which supports interpolation, is needed.

## What are the relevant issue numbers?

#17478 

See merge request !5010

Expiry date on pinned nav cookie

## What does this MR do?

Adds an expiry date far into the future for the pinned nav cookie so that it survives logout & browser closing.

See merge request !5009

When pushing commits to existing branches we don’t
need to flush branch git data (branch names / counts)

When flushes the cache when pushing commits skip to
flush branch and tag git data (names / counts) because
those operations are managed explicitly in each case

Repopulated expired cache as soon as possible

Global Ajax error handler

## What does this MR do?
Introduces a new global Ajax error handler to show a flash warning about the error detail of XHR requests which failed with status code 404 and 500

## Are there points in the code the reviewer needs to double check?
Double check the wording.

## Why was this MR needed?
A global solution for the problem in the #17880

## What are the relevant issue numbers?
Fixes #17880 

## Screenshots (if relevant)

For requests failed with 404 - 500 

![Screen_Shot_2016-06-21_at_00.07.26](/uploads/04bb3a5a958c3d21aef4fd12bd3d105a/Screen_Shot_2016-06-21_at_00.07.26.png)

For requests failed with 401

![Screen_Shot_2016-06-21_at_00.08.30](/uploads/25cc885ba388f4c6f4c555fa338e1a63/Screen_Shot_2016-06-21_at_00.08.30.png)

See merge request !4797

Loop all disks when displaying system info. Closes #18886



See merge request !4983

Remove coveralls as its unused

This gem is unused so could be removed.

@dzaporozhets @connorshea  We've discussed this some time ago on Slack

See merge request !5001

Implement multiple repository mount points

See merge request !4578

Add Application Setting to configure default Repository Path for new projects

See merge request !4657

Resolve "Sub nav isn't showing on file view"

## What does this MR do?
Adds subnav to `Repository` > `File` view

## What are the relevant issue numbers?
Closes #19003 
Part of #18844 

## Screenshots (if relevant)
![Screen_Shot_2016-06-23_at_5.33.05_PM](/uploads/aa6993b2376dbe454af87d852aa74f5e/Screen_Shot_2016-06-23_at_5.33.05_PM.png)

cc @dzaporozhets 

See merge request !4890

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

This allows us to control the trusted proxies while deployed in a private network. Normally Rack::Request will trust all private IPs as trusted proxies, which can caue problems if your users are connection on you network via private IP ranges.

Normally in a rails app this is handled by action_dispatch request, but rack_attack is specifically using the Rack::Request object instead.

File Browser navigation fixes

Fixes a double request being made when clicking the file name when navigating through file browser and also fixes opening a file in a new tab or when doing ctrl + click.

Closes #19050

**Before**

![navigation-old](/uploads/f9a40c91e430e31beae3a896cffb1c68/navigation-old.gif)

**After**

![navigation](/uploads/dec9b43894c00cc09d80d19c83506530/navigation.gif)


See merge request !4891

Fixed 'use shortcuts' button on docs

## What does this MR do?

Exposes 'onToggleHelp() to window object through `showHelp()` so a help panel can be toggled globally using `showHelp()`.

## Are there points in the code the reviewer needs to double check?

Is this the best implementation? I actually think this is tidier than doing something like `onclick="new Shortcuts().onToggleHelp"` or `$.trigger 'keydown', char: '?'` but let me know.

## Why was this MR needed?

Docs UX

## What are the relevant issue numbers?

Closes #19157.

## Screenshots (if relevant)

## Does this MR meet the acceptance criteria?

- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
Closes #19157

See merge request !4979

Align flash messages with left side of page content

## What does this MR do?

- align flash messages with left side of page content

## Are there points in the code the reviewer needs to double check?

- flash messages in general

## Why was this MR needed?

- flash messages didn't fit new design

## What are the relevant issue numbers?

closes  #18688

## Screenshots

# Before

![failed-login](/uploads/fb57d288fb7ae775cc0b8dbb0c7b6af2/failed-login.png)

---

![explore-blocked-account](/uploads/aa6d5ff74a4c9ed29ed361f2ffdf5c8e/explore-blocked-account.png)

---

![project-blocked-account](/uploads/4f36118f5438d661ea202b180bf9cb8d/project-blocked-account.png)

---

![issue-blocked-account](/uploads/68e87385ec30952797dc5c1f8f36216d/issue-blocked-account.png)

---

![inline-flash](/uploads/c0aba047f90d56001265e37ba9751e19/inline-flash.png)

---

# After

![failed-login](/uploads/d45d2d832a16af8e1854f1832e7b87a4/failed-login.png)

---

![blocked-account](/uploads/ddcd3d23569ded403700c01934df61df/blocked-account.png)

---

![project-blocked-account](/uploads/9e286c3b95f70cae1819930a09cc1307/project-blocked-account.png)

---

![issue-blocked-account](/uploads/4fde8e770eab0dae03b25e1402f171a1/issue-blocked-account.png)

---

The left padding will be fixed by  !4854

![inline-flash](/uploads/081b824b99d8ca65d67e9d15778a991d/inline-flash.png)

---

![flash-dismissed](/uploads/641e6227050de22e0df9a85ffca4ced1/flash-dismissed.png)

See merge request !4959

Removed from window and used static method

Fix database migrations when Redis is not running

If Redis were not running or USE_DB were set to false, the application settings retrieval would fail completely. This change only attempts to use the cache if the system actually
wants to connect to the DB and rescues any failures in talking to Redis.

Closes #17557 


See merge request !4924

This fixes the double request being made to the same URL

Update `Gitlab.com?` to support staging

Ref: https://gitlab.com/gitlab-com/operations/issues/324#note_12428337

See merge request !4637

Memoize the maximum access level for the author of notes

Cache the maximum access level for each user in a map in the controller
    
In #19273, we saw that retrieving ProjectTeam#human_max_access for each note takes the bulk of the time when rendering certain issues or merge requests. We observe that most of the comments in an issue are typically done by the same users. This MR memoizes the max access level by user ID.

See merge request !4982

Adds focus state style to markdown area buttons.

## What does this MR do?

It makes it possible to see when the button is focused when tabbing through the interface. This is for the new markdown buttons in the comment field.

See merge request !4867

Fixed URL on label button when filtering

## What does this MR do?

Gives the filtered labels the correct URL. Previously they tried to link to `labels#show` whereas now it links to the correct filter path.

## What are the relevant issue numbers?

Closes #19005 


See merge request !4897