Merge branch 'master' into sidebar-nav

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> Conflicts: app/views/layouts/group.html.haml

Merge branch 'master' into sidebar-nav
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> Conflicts: app/views/layouts/group.html.haml
e45e6ba2 · Dmitriy Zaporozhets · bcc04adb · 0f7d47f6 · e45e6ba2 · e45e6ba2
Commit e45e6ba2 authored Dec 21, 2014 by Dmitriy Zaporozhets
78 changed files
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -3,25 +3,24 @@ v 7.6.0
  - New rugged version
  - Add CRON=1 backup setting for quiet backups
  - Fix failing wiki restore
-  -
  - Add optional Sidekiq MemoryKiller middleware (enabled via SIDEKIQ_MAX_RSS env variable)
-  -
-  -
  - Monokai highlighting style now more faithful to original design (Mark Riedesel)
  - Create project with repository in synchrony
  - Added ability to create empty repo or import existing one if project does not have repository
-  -
-  -
  - Reactivate highlight.js language autodetection
  - Mobile UI improvements
-  -
  - Change maximum avatar file size from 100KB to 200KB
-  -
+  - Strict validation for snippet file names
-  -
+  - Enable Markdown preview for issues, merge requests, milestones, and notes (Vinnie Okada)
  - In the docker directory is a container template based on the Omnibus packages.
  - Update Sidekiq to version 2.17.8
  - Add author filter to project issues and merge requests pages
  - Atom feed for user activity
+  - Support multiple omniauth providers for the same user
+  - Rendering cross reference in issue title and tooltip for merge request
+  - Show username in comments
+  - Possibility to create Milestones or Labels when Issues are disabled
+  - Fix bug with showing gpg signature in tag
 v 7.5.2
  - Don't log Sidekiq arguments by default

--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -75,6 +75,7 @@ If you can, please submit a merge request with the fix or improvements including
 1. Link relevant [issues](https://gitlab.com/gitlab-org/gitlab-ce/issues) and/or [feature requests](http://feedback.gitlab.com/) from the merge request description and leave a comment on them with a link back to the MR
 1. Be prepared to answer questions and incorporate feedback even if requests for this arrive weeks or months after your MR submission
 1. If your MR touches code that executes shell commands, make sure it adheres to the [shell command guidelines](    doc/development/shell_commands.md).
+1. Also have a look at the [shell command guidelines](doc/development/shell_commands.md) if your code reads or opens files, or handles paths to files on disk.
 The **official merge window** is in the beginning of the month from the 1st to the 7th day of the month. The best time to submit a MR and get feedback fast. Before this time the GitLab B.V. team is still dealing with work that is created by the monthly release such as assisting subscribers with upgrade issues, the release of Enterprise Edition and the upgrade of GitLab Cloud. After the 7th it is already getting closer to the release date of the next version. This means there is less time to fix the issues created by merging large new features.
@@ -141,3 +142,17 @@ Please ensure you support the feature you contribute through all of these steps.
 1.  [Markdown](http://www.cirosantilli.com/markdown-styleguide)
 This is also the style used by linting tools such as [RuboCop](https://github.com/bbatsov/rubocop), [PullReview](https://www.pullreview.com/) and [Hound CI](https://houndci.com).
+## Code of conduct
+As contributors and maintainers of this project, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.
+We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, age, or religion.
+Examples of unacceptable behavior by participants include the use of sexual language or imagery, derogatory comments or personal attacks, trolling, public or private harassment, insults, or other unprofessional conduct.
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. Project maintainers who do not follow the Code of Conduct may be removed from the project team.
+Instances of abusive, harassing, or otherwise unacceptable behavior can be
+reported by emailing contact@gitlab.com
+This Code of Conduct is adapted from the [Contributor Covenant](http:contributor-covenant.org), version 1.0.0, available at [http://contributor-covenant.org/version/1/0/0/](http://contributor-covenant.org/version/1/0/0/)
--- a/Gemfile
+++ b/Gemfile
@@ -28,6 +28,7 @@ gem 'omniauth-google-oauth2'
 gem 'omniauth-twitter'
 gem 'omniauth-github'
 gem 'omniauth-shibboleth'
+gem 'omniauth-kerberos'
 # Extracting information from a git repository
 # Provide access to Gitlab::Git library

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -158,7 +158,7 @@ GEM
      dotenv (>= 0.7)
      thor (>= 0.13.6)
    formatador (0.2.4)
-    gemnasium-gitlab-service (0.2.2)
+    gemnasium-gitlab-service (0.2.3)
      rugged (~> 0.19)
    gherkin-ruby (0.3.1)
      racc
@@ -322,6 +322,11 @@ GEM
    omniauth-google-oauth2 (0.2.5)
      omniauth (> 1.0)
      omniauth-oauth2 (~> 1.1)
+    omniauth-kerberos (0.2.0)
+      omniauth-multipassword
+      timfel-krb5-auth (~> 0.8)
+    omniauth-multipassword (0.4.1)
+      omniauth (~> 1.0)
    omniauth-oauth (1.0.1)
      oauth
      omniauth (~> 1.0)
@@ -531,6 +536,7 @@ GEM
    thread_safe (0.3.4)
    tilt (1.4.1)
    timers (1.1.0)
+    timfel-krb5-auth (0.8)
    tinder (1.9.3)
      eventmachine (~> 1.0)
      faraday (~> 0.8)
@@ -655,6 +661,7 @@ DEPENDENCIES
  omniauth (~> 1.1.3)
  omniauth-github
  omniauth-google-oauth2
+  omniauth-kerberos
  omniauth-shibboleth
  omniauth-twitter
  org-ruby (= 0.9.9)

--- a/PROCESS.md
+++ b/PROCESS.md
@@ -104,3 +104,10 @@ This merge request has been closed because a request for more information has no
 ### Accepting merge requests
 Is there a request on [the feature request forum](http://feedback.gitlab.com/forums/176466-general) that is similar to this? If so, can you make a comment with a link to it? Please be aware that new functionality that is not marked [accepting merge/pull requests](http://feedback.gitlab.com/forums/176466-general/status/796455) on the forum might not make it into GitLab. You might be asked to make changes and even after implementing them your feature might still be declined. If you want to reduce the chance of this happening please have a discussion in the forum first.
+### Only accepting merge requests with green tests
+We can only accept a merge request if all the tests are green. I've just
+restarted the build. When the tests are still not passing after this restart and
+you're sure that is does not have anything to do with your code changes, please
+rebase with master to see if that solves the issue.
--- a/README.md
+++ b/README.md
@@ -52,69 +52,30 @@ On [about.gitlab.com](https://about.gitlab.com/) you can find more information a
 Please see [the installation page on the GitLab website](https://about.gitlab.com/installation/) for the various options.
 Since a manual installation is a lot of work and error prone we strongly recommend the fast and reliable [Omnibus package installation](https://about.gitlab.com/downloads/) (deb/rpm).
+You can access new installation with the login `root` and password `5iveL!fe`, after login you are required to set a unique password.
 ## Third-party applications
 There are a lot of applications and API wrappers for GitLab.
 Find them [on our website](https://about.gitlab.com/applications/).
-### New versions
+## New versions
 Since 2011 a minor or major version of GitLab is released on the 22nd of every month. Patch and security releases come out when needed.  New features are detailed on the [blog](https://about.gitlab.com/blog/) and in the [changelog](CHANGELOG). For more information about the release process see the release [documentation](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/doc/release). Features that will likely be in the next releases can be found on the [feature request forum](http://feedback.gitlab.com/forums/176466-general) with the status [started](http://feedback.gitlab.com/forums/176466-general/status/796456) and [completed](http://feedback.gitlab.com/forums/176466-general/status/796457).
-### Upgrading
+## Upgrading
 For updating the the Omnibus installation please see the [update documentation](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/update.md). For manual installations there is an [upgrader script](doc/update/upgrader.md) and there are [upgrade guides](doc/update).
-## Run in production mode
-The Installation guide contains instructions on how to download an init script and run it automatically on boot. You can also start the init script manually:
-    sudo service gitlab start
-or by directly calling the script:
-     sudo /etc/init.d/gitlab start
-Please login with `root` / `5iveL!fe`
 ## Install a development environment
 We recommend setting up your development environment with [the GitLab Development Kit](https://gitlab.com/gitlab-org/gitlab-development-kit).
-If you do not use the development kit you might need to copy the example development unicorn configuration file
+If you do not use the GitLab Development Development kit you need to install and setup all the dependencies yourself, this is a lot of work and error prone.
+One small thing you also have to do when installing it yourself is to copy the example development unicorn configuration file:
    cp config/unicorn.rb.example.development config/unicorn.rb
-## Run in development mode
+Instructions on how to start Gitlab and how to run the tests can be found in the [development section of the GitLab Development Kit](https://gitlab.com/gitlab-org/gitlab-development-kit#development).
-Start it with [Foreman](https://github.com/ddollar/foreman)
-    bundle exec foreman start -p 3000
-or start each component separately:
-    bundle exec rails s
-    bin/background_jobs start
-And surf to [localhost:3000](http://localhost:3000/) and login with `root` / `5iveL!fe`.
-## Run the tests
-   Run all tests:
-        bundle exec rake test
-   [RSpec](http://rspec.info/) unit and functional tests.
-    All RSpec tests: `bundle exec rake spec`
-    Single RSpec file: `bundle exec rspec spec/controllers/commit_controller_spec.rb`
-   [Spinach](https://github.com/codegram/spinach) integration tests.
-    All Spinach tests: `bundle exec rake spinach`
-    Single Spinach test: `bundle exec spinach features/project/issues/milestones.feature`
 ## Documentation

--- a/app/assets/javascripts/application.js.coffee
+++ b/app/assets/javascripts/application.js.coffee
@@ -51,12 +51,6 @@ window.ajaxGet = (url) ->
 window.showAndHide = (selector) ->
-window.errorMessage = (message) ->
-  ehtml = $("<p>")
-  ehtml.addClass("error_message")
-  ehtml.html(message)
-  ehtml
 window.split = (val) ->
  return val.split( /,\s*/ )

--- a/app/assets/javascripts/markdown_area.js.coffee
+++ b/app/assets/javascripts/markdown_area.js.coffee
@@ -24,6 +24,51 @@ $(document).ready ->
    "opacity": 0
    "display": "none"
+  # Preview button
+  $(document).off "click", ".js-md-preview-button"
+  $(document).on "click", ".js-md-preview-button", (e) ->
+    ###
+    Shows the Markdown preview.
+    Lets the server render GFM into Html and displays it.
+    ###
+    e.preventDefault()
+    form = $(this).closest("form")
+    # toggle tabs
+    form.find(".js-md-write-button").parent().removeClass "active"
+    form.find(".js-md-preview-button").parent().addClass "active"
+    # toggle content
+    form.find(".md-write-holder").hide()
+    form.find(".md-preview-holder").show()
+    preview = form.find(".js-md-preview")
+    mdText = form.find(".markdown-area").val()
+    if mdText.trim().length is 0
+      preview.text "Nothing to preview."
+    else
+      preview.text "Loading..."
+      $.get($(this).data("url"),
+        md_text: mdText
+      ).success (previewData) ->
+        preview.html previewData
+  # Write button
+  $(document).off "click", ".js-md-write-button"
+  $(document).on "click", ".js-md-write-button", (e) ->
+    ###
+    Shows the Markdown textarea.
+    ###
+    e.preventDefault()
+    form = $(this).closest("form")
+    # toggle tabs
+    form.find(".js-md-write-button").parent().addClass "active"
+    form.find(".js-md-preview-button").parent().removeClass "active"
+    # toggle content
+    form.find(".md-write-holder").show()
+    form.find(".md-preview-holder").hide()
  dropzone = $(".div-dropzone").dropzone(
    url: project_image_path_upload
    dictDefaultMessage: ""

--- a/app/assets/javascripts/notes.js.coffee
+++ b/app/assets/javascripts/notes.js.coffee
@@ -36,12 +36,6 @@ class @Notes
    # delete note attachment
    $(document).on "click", ".js-note-attachment-delete", @removeAttachment
-    # Preview button
-    $(document).on "click", ".js-note-preview-button", @previewNote
-    # Preview button
-    $(document).on "click", ".js-note-write-button", @writeNote
    # reset main target form after submit
    $(document).on "ajax:complete", ".js-main-target-form", @resetMainTargetForm
@@ -77,8 +71,6 @@ class @Notes
    $(document).off "click", ".note-edit-cancel"
    $(document).off "click", ".js-note-delete"
    $(document).off "click", ".js-note-attachment-delete"
-    $(document).off "click", ".js-note-preview-button"
-    $(document).off "click", ".js-note-write-button"
    $(document).off "ajax:complete", ".js-main-target-form"
    $(document).off "click", ".js-choose-note-attachment-button"
    $(document).off "click", ".js-discussion-reply-button"
@@ -165,47 +157,6 @@ class @Notes
    # cleanup after successfully creating a diff/discussion note
    @removeDiscussionNoteForm(form)
-  ###
-  Shows write note textarea.
-  ###
-  writeNote: (e) ->
-    e.preventDefault()
-    form = $(this).closest("form")
-    # toggle tabs
-    form.find(".js-note-write-button").parent().addClass "active"
-    form.find(".js-note-preview-button").parent().removeClass "active"
-    # toggle content
-    form.find(".note-write-holder").show()
-    form.find(".note-preview-holder").hide()
-  ###
-  Shows the note preview.
-  Lets the server render GFM into Html and displays it.
-  ###
-  previewNote: (e) ->
-    e.preventDefault()
-    form = $(this).closest("form")
-    # toggle tabs
-    form.find(".js-note-write-button").parent().removeClass "active"
-    form.find(".js-note-preview-button").parent().addClass "active"
-    # toggle content
-    form.find(".note-write-holder").hide()
-    form.find(".note-preview-holder").show()
-    preview = form.find(".js-note-preview")
-    noteText = form.find(".js-note-text").val()
-    if noteText.trim().length is 0
-      preview.text "Nothing to preview."
-    else
-      preview.text "Loading..."
-      $.post($(this).data("url"),
-        note: noteText
-      ).success (previewData) ->
-        preview.html previewData
  ###
  Called in response the main target form has been successfully submitted.
@@ -220,7 +171,7 @@ class @Notes
    form.find(".js-errors").remove()
    # reset text and preview
-    form.find(".js-note-write-button").click()
+    form.find(".js-md-write-button").click()
    form.find(".js-note-text").val("").trigger "input"
  ###
@@ -270,8 +221,8 @@ class @Notes
    form.removeClass "js-new-note-form"
    # setup preview buttons
-    form.find(".js-note-write-button, .js-note-preview-button").tooltip placement: "left"
+    form.find(".js-md-write-button, .js-md-preview-button").tooltip placement: "left"
-    previewButton = form.find(".js-note-preview-button")
+    previewButton = form.find(".js-md-preview-button")
    form.find(".js-note-text").on "input", ->
      if $(this).val().trim() isnt ""
        previewButton.removeClass("turn-off").addClass "turn-on"

--- a/app/assets/stylesheets/generic/markdown_area.scss
+++ b/app/assets/stylesheets/generic/markdown_area.scss
@@ -20,6 +20,7 @@
      opacity: 0;
      font-size: 50px;
      transition: opacity 200ms ease-in-out;
+      pointer-events: none;
    }
    .div-dropzone-spinner {
@@ -50,3 +51,28 @@
  margin-bottom: 0;
  transition: opacity 200ms ease-in-out;
 }
+.md-preview-holder {
+  background: #FFF;
+  border: 1px solid #ddd;
+  min-height: 100px;
+  padding: 5px;
+  font-size: 14px;
+  box-shadow: none;
+}
+.new_note,
+.edit_note,
+.issuable-description,
+.milestone-description,
+.merge-request-form {
+  .nav-tabs {
+    margin-bottom: 0;
+    border: none;
+    li a,
+    li.active a {
+      border: 1px solid #DDD;
+    }
+  }
+}
--- a/app/assets/stylesheets/sections/notes.scss
+++ b/app/assets/stylesheets/sections/notes.scss
@@ -227,7 +227,6 @@ ul.notes {
    margin-bottom: 0;
  }
-  .note-preview-holder,
  .note_text {
    background: #FFF;
    border: 1px solid #ddd;
@@ -246,15 +245,6 @@ ul.notes {
  .note_text {
    width: 100%;
  }
-  .nav-tabs {
-    margin-bottom: 0;
-    border: none;
-    li a,
-    li.active a {
-      border: 1px solid #DDD;
-    }
-  }
 }
 /* loading indicator */

--- a/app/controllers/projects/notes_controller.rb
+++ b/app/controllers/projects/notes_controller.rb
@@ -61,10 +61,6 @@ class Projects::NotesController < Projects::ApplicationController
    end
  end
-  def preview
-    render text: view_context.markdown(params[:note])
-  end
  private
  def note

--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -68,7 +68,7 @@ class Projects::SnippetsController < Projects::ApplicationController
      @snippet.content,
      type: 'text/plain; charset=utf-8',
      disposition: 'inline',
-      filename: @snippet.file_name
+      filename: @snippet.sanitized_file_name
    )
  end

--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -44,6 +44,9 @@ class ProjectsController < ApplicationController
  def transfer
    ::Projects::TransferService.new(project, current_user, project_params).execute
+    if @project.errors[:namespace_id].present?
+      flash[:alert] = @project.errors[:namespace_id].first
+    end
  end
  def show
@@ -147,6 +150,10 @@ class ProjectsController < ApplicationController
    render json: { star_count: @project.star_count }
  end
+  def markdown_preview
+    render text: view_context.markdown(params[:md_text])
+  end
  private
  def upload_path

--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -79,7 +79,7 @@ class SnippetsController < ApplicationController
      @snippet.content,
      type: 'text/plain; charset=utf-8',
      disposition: 'inline',
-      filename: @snippet.file_name
+      filename: @snippet.sanitized_file_name
    )
  end

--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -114,6 +114,10 @@ module ApplicationHelper
    Gitlab::Theme.css_class_by_id(current_user.try(:theme_id))
  end
+  def theme_type
+    Gitlab::Theme.type_css_class_by_id(current_user.try(:theme_id))
+  end
  def user_color_scheme_class
    COLOR_SCHEMES[current_user.try(:color_scheme_id)] if defined?(current_user)
  end

--- a/app/helpers/tree_helper.rb
+++ b/app/helpers/tree_helper.rb
@@ -53,13 +53,34 @@ module TreeHelper
    File.join(*args)
  end
-  def allowed_tree_edit?
+  def allowed_tree_edit?(project = nil, ref = nil)
-    return false unless @repository.branch_names.include?(@ref)
+    project ||= @project
+    ref ||= @ref
+    return false unless project.repository.branch_names.include?(ref)
-    if @project.protected_branch? @ref
+    if project.protected_branch? ref
-      can?(current_user, :push_code_to_protected_branches, @project)
+      can?(current_user, :push_code_to_protected_branches, project)
    else
-      can?(current_user, :push_code, @project)
+      can?(current_user, :push_code, project)
+    end
+  end
+  def edit_blob_link(project, ref, path, options = {})
+    if project.repository.blob_at(ref, path).text?
+      text = 'Edit'
+      after = options[:after] || ''
+      from_mr = options[:from_merge_request_id]
+      link_opts = {}
+      link_opts[:from_merge_request_id] = from_mr if from_mr
+      cls = 'btn btn-small'
+      if allowed_tree_edit?(project, ref)
+        link_to text, project_edit_tree_path(project, tree_join(ref, path),
+                                             link_opts), class: cls
+      else
+        content_tag :span, text, class: cls + ' disabled'
+      end + after.html_safe
+    else
+      ''
    end
  end

--- a/app/models/commit.rb
+++ b/app/models/commit.rb
@@ -10,12 +10,12 @@ class Commit
  # Used to prevent 500 error on huge commits by suppressing diff
  #
  # User can force display of diff above this size
-  DIFF_SAFE_FILES  = 100
+  DIFF_SAFE_FILES  = 100 unless defined?(DIFF_SAFE_FILES)
-  DIFF_SAFE_LINES  = 5000
+  DIFF_SAFE_LINES  = 5000 unless defined?(DIFF_SAFE_LINES)
  # Commits above this size will not be rendered in HTML
-  DIFF_HARD_LIMIT_FILES = 1000
+  DIFF_HARD_LIMIT_FILES = 1000 unless defined?(DIFF_HARD_LIMIT_FILES)
-  DIFF_HARD_LIMIT_LINES = 50000
+  DIFF_HARD_LIMIT_LINES = 50000 unless defined?(DIFF_HARD_LIMIT_LINES)
  class << self
    def decorate(commits)

--- a/app/models/note.rb
+++ b/app/models/note.rb
@@ -502,6 +502,6 @@ class Note < ActiveRecord::Base
  end
  def editable?
-    !system
+    !read_attribute(:system)
  end
 end
--- a/app/models/project_wiki.rb
+++ b/app/models/project_wiki.rb
@@ -5,7 +5,7 @@ class ProjectWiki
    'Markdown' => :markdown,
    'RDoc'     => :rdoc,
    'AsciiDoc' => :asciidoc
-  }
+  } unless defined?(MARKUPS)
  class CouldNotCreateWikiError < StandardError; end

--- a/app/models/snippet.rb
+++ b/app/models/snippet.rb
@@ -29,7 +29,9 @@ class Snippet < ActiveRecord::Base
  validates :author, presence: true
  validates :title, presence: true, length: { within: 0..255 }
-  validates :file_name, presence: true, length: { within: 0..255 }
+  validates :file_name, presence: true, length: { within: 0..255 },
+            format: { with: Gitlab::Regex.path_regex,
+                      message: Gitlab::Regex.path_regex_message }
  validates :content, presence: true
  validates :visibility_level, inclusion: { in: Gitlab::VisibilityLevel.values }
@@ -62,6 +64,10 @@ class Snippet < ActiveRecord::Base
    file_name
  end
+  def sanitized_file_name
+    file_name.gsub(/[^a-zA-Z0-9_\-\.]+/, '')
+  end
  def mode
    nil
  end

--- a/app/views/layouts/admin.html.haml
+++ b/app/views/layouts/admin.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: "Admin area"
-  %body{class: "#{app_theme} admin", :'data-page' => body_data_page}
+  %body{class: "#{app_theme} #{theme_type} admin", :'data-page' => body_data_page}
    = render "layouts/broadcast"
    = render "layouts/head_panel", title: "Admin area"
    = render 'layouts/page', sidebar: 'layouts/nav/admin'
--- a/app/views/layouts/application.html.haml
+++ b/app/views/layouts/application.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: "Dashboard"
-  %body{class: "#{app_theme} application", :'data-page' => body_data_page }
+  %body{class: "#{app_theme} #{theme_type} application", :'data-page' => body_data_page }
    = render "layouts/broadcast"
    = render "layouts/head_panel", title: "Dashboard"
    = render 'layouts/page', sidebar: 'layouts/nav/dashboard'
--- a/app/views/layouts/errors.html.haml
+++ b/app/views/layouts/errors.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: "Error"
-  %body{class: "#{app_theme} application"}
+  %body{class: "#{app_theme} #{theme_type} application"}
    = render "layouts/head_panel", title: "" if current_user
    .container.navless-container
      = render "layouts/flash"

--- a/app/views/layouts/explore.html.haml
+++ b/app/views/layouts/explore.html.haml
@@ -2,7 +2,7 @@
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: page_title
-  %body{class: "#{app_theme} application", :'data-page' => body_data_page}
+  %body{class: "#{app_theme} #{theme_type} application", :'data-page' => body_data_page}
    = render "layouts/broadcast"
    - if current_user
      = render "layouts/head_panel", title: page_title

--- a/app/views/layouts/group.html.haml
+++ b/app/views/layouts/group.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: group_head_title
-  %body{class: "#{app_theme} application sidenav", :'data-page' => body_data_page}
+  %body{class: "#{app_theme} #{theme_type} application", :'data-page' => body_data_page}
    = render "layouts/broadcast"
    = render "layouts/head_panel", title: @group.name
    = render 'layouts/page', sidebar: 'layouts/nav/group'
--- a/app/views/layouts/navless.html.haml
+++ b/app/views/layouts/navless.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: @title
-  %body{class: "#{app_theme} application", :'data-page' => body_data_page}
+  %body{class: "#{app_theme} #{theme_type} application", :'data-page' => body_data_page}
    = render "layouts/broadcast"
    = render "layouts/head_panel", title: @title
    .container.navless-container

--- a/app/views/layouts/profile.html.haml
+++ b/app/views/layouts/profile.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: "Profile"
-  %body{class: "#{app_theme} profile", :'data-page' => body_data_page}
+  %body{class: "#{app_theme} #{theme_type} profile", :'data-page' => body_data_page}
    = render "layouts/broadcast"
    = render "layouts/head_panel", title: "Profile"
    = render 'layouts/page', sidebar: 'layouts/nav/profile'
--- a/app/views/layouts/project_settings.html.haml
+++ b/app/views/layouts/project_settings.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: @project.name_with_namespace
-  %body{class: "#{app_theme} project", :'data-page' => body_data_page, :'data-project-id' => @project.id }
+  %body{class: "#{app_theme} #{theme_type} project", :'data-page' => body_data_page, :'data-project-id' => @project.id }
    = render "layouts/broadcast"
    = render "layouts/head_panel", title: project_title(@project)
    = render "layouts/init_auto_complete"

--- a/app/views/layouts/projects.html.haml
+++ b/app/views/layouts/projects.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: project_head_title
-  %body{class: "#{app_theme} project", :'data-page' => body_data_page, :'data-project-id' => @project.id }
+  %body{class: "#{app_theme} #{theme_type} project", :'data-page' => body_data_page, :'data-project-id' => @project.id }
    = render "layouts/broadcast"
    = render "layouts/head_panel", title: project_title(@project)
    = render "layouts/init_auto_complete"

--- a/app/views/layouts/public_group.html.haml
+++ b/app/views/layouts/public_group.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: group_head_title
-  %body{class: "#{app_theme} application", :'data-page' => body_data_page}
+  %body{class: "#{app_theme} #{theme_type} application", :'data-page' => body_data_page}
    = render "layouts/broadcast"
    = render "layouts/public_head_panel", title: "group: #{@group.name}"
    = render 'layouts/page', sidebar: 'layouts/nav/group'
--- a/app/views/layouts/public_projects.html.haml
+++ b/app/views/layouts/public_projects.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: @project.name_with_namespace
-  %body{class: "#{app_theme} application", :'data-page' => body_data_page}
+  %body{class: "#{app_theme} #{theme_type} application", :'data-page' => body_data_page}
    = render "layouts/broadcast"
    = render "layouts/public_head_panel", title: project_title(@project)
    = render 'layouts/page', sidebar: 'layouts/nav/project'
--- a/app/views/layouts/public_users.html.haml
+++ b/app/views/layouts/public_users.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: @title
-  %body{class: "#{app_theme} application", :'data-page' => body_data_page}
+  %body{class: "#{app_theme} #{theme_type} application", :'data-page' => body_data_page}
    = render "layouts/broadcast"
    = render "layouts/public_head_panel", title: @title
    = render 'layouts/page'
--- a/app/views/layouts/search.html.haml
+++ b/app/views/layouts/search.html.haml
 !!! 5
 %html{ lang: "en"}
  = render "layouts/head", title: "Search"
-  %body{class: "#{app_theme} application", :'data-page' => body_data_page}
+  %body{class: "#{app_theme} #{theme_type} application", :'data-page' => body_data_page}
    = render "layouts/broadcast"
    = render "layouts/head_panel", title: "Search"
    .container.navless-container

--- a/app/views/profiles/update.js.erb
+++ b/app/views/profiles/update.js.erb
 // Remove body class for any previous theme, re-add current one
-$('body').removeClass('ui_basic ui_mars ui_modern ui_gray ui_color')
+$('body').removeClass('ui_basic ui_mars ui_modern ui_gray ui_color light_theme dark_theme')
-$('body').addClass('<%= app_theme %>')
+$('body').addClass('<%= app_theme %> <%= theme_type %>')
 // Re-render the header to reflect the new theme
 $('header').html('<%= escape_javascript(render("layouts/head_panel", title: "Profile")) %>')

--- a/app/views/projects/_issuable_form.html.haml
+++ b/app/views/projects/_issuable_form.html.haml
@@ -14,6 +14,8 @@
 .form-group.issuable-description
  = f.label :description, 'Description', class: 'control-label'
  .col-sm-10
+    = render layout: 'projects/md_preview' do
      = render 'projects/zen', f: f, attr: :description,
                               classes: 'description form-control'
      .col-sm-12.hint
@@ -23,6 +25,7 @@
        .pull-right
          Attach images (JPG, PNG, GIF) by dragging &amp; dropping
          or #{link_to 'selecting them', '#', class: 'markdown-selector' }.
      .clearfix
      .error-alert
 %hr

--- a/app/views/projects/_md_preview.html.haml
+++ b/app/views/projects/_md_preview.html.haml
+%ul.nav.nav-tabs
+  %li.active
+    = link_to '#md-write-holder', class: 'js-md-write-button' do
+      Write
+  %li
+    = link_to '#md-preview-holder', class: 'js-md-preview-button',
+        data: { url: markdown_preview_project_path(@project) } do
+      Preview
+%div
+  .md-write-holder
+    = yield
+  .md-preview-holder.hide
+    .js-md-preview
--- a/app/views/projects/blob/_actions.html.haml
+++ b/app/views/projects/blob/_actions.html.haml
 .btn-group.tree-btn-group
-  -# only show edit link for text files
+  = edit_blob_link(@project, @ref, @path)
-  - if @blob.text?
-    - if allowed_tree_edit?
-      = link_to 'Edit', project_edit_tree_path(@project, @id),
-          class: 'btn btn-small'
-    - else
-      %span.btn.btn-small.disabled Edit
  = link_to 'Raw', project_raw_path(@project, @id),
      class: 'btn btn-small', target: '_blank'
  -# only show normal/blame view links for text files

--- a/app/views/projects/blob/_blob.html.haml
+++ b/app/views/projects/blob/_blob.html.haml
@@ -16,7 +16,7 @@
        = link_to title, '#'
 %ul.blob-commit-info.bs-callout.bs-callout-info.hidden-xs
-  - blob_commit = @repository.last_commit_for_path(@commit.id, @blob.path)
+  - blob_commit = @repository.last_commit_for_path(@commit.id, blob.path)
  = render blob_commit, project: @project
 %div#tree-content-holder.tree-content-holder

--- a/app/views/projects/diffs/_file.html.haml
+++ b/app/views/projects/diffs/_file.html.haml
@@ -30,9 +30,9 @@
          &nbsp;
        - if @merge_request && @merge_request.source_project
-          = link_to project_edit_tree_path(@merge_request.source_project, tree_join(@merge_request.source_branch, diff_file.new_path), from_merge_request_id: @merge_request.id), { class: 'btn btn-small' } do
+          = edit_blob_link(@merge_request.source_project,
-            Edit
+              @merge_request.source_branch, diff_file.new_path,
-          &nbsp;
+              after: '&nbsp;', from_merge_request_id: @merge_request.id)
        = view_file_btn(@commit.id, diff_file, project)

--- a/app/views/projects/merge_requests/_new_submit.html.haml
+++ b/app/views/projects/merge_requests/_new_submit.html.haml
@@ -21,6 +21,7 @@
      .form-group
        .light
          = f.label :description, "Description"
+        = render layout: 'projects/md_preview' do
          = render 'projects/zen', f: f, attr: :description,
                                   classes: 'description form-control'
          .clearfix.hint

--- a/app/views/projects/milestones/_form.html.haml
+++ b/app/views/projects/milestones/_form.html.haml
@@ -18,9 +18,10 @@
        .col-sm-10
          = f.text_field :title, maxlength: 255, class: "form-control"
          %p.hint Required
-      .form-group
+      .form-group.milestone-description
        = f.label :description, "Description", class: "control-label"
        .col-sm-10
+          = render layout: 'projects/md_preview' do
            = render 'projects/zen', f: f, attr: :description, classes: 'description form-control'
            .hint
              .pull-left Milestones are parsed with #{link_to "GitLab Flavored Markdown", help_page_path("markdown", "markdown"), target: '_blank'}.

--- a/app/views/projects/notes/_form.html.haml
+++ b/app/views/projects/notes/_form.html.haml
@@ -5,23 +5,13 @@
  = f.hidden_field :noteable_id
  = f.hidden_field :noteable_type
-  %ul.nav.nav-tabs
+  = render layout: 'projects/md_preview' do
-    %li.active
-      = link_to '#note-write-holder', class: 'js-note-write-button' do
-        Write
-    %li
-      = link_to '#note-preview-holder', class: 'js-note-preview-button', data: { url: preview_project_notes_path(@project) } do
-        Preview
-  %div
-    .note-write-holder
    = render 'projects/zen', f: f, attr: :note,
                             classes: 'note_text js-note-text'
    .light.clearfix
      .pull-left Comments are parsed with #{link_to "GitLab Flavored Markdown", help_page_path("markdown", "markdown"),{ target: '_blank', tabindex: -1 }}
      .pull-right Attach images (JPG, PNG, GIF) by dragging &amp; dropping or #{link_to "selecting them", '#', class: 'markdown-selector', tabindex: -1 }.
-    .note-preview-holder.hide
-      .js-note-preview
  .note-form-actions
    .buttons

--- a/app/views/projects/notes/_note.html.haml
+++ b/app/views/projects/notes/_note.html.haml
@@ -40,7 +40,8 @@
        .note-edit-form
          = form_for note, url: project_note_path(@project, note), method: :put, remote: true, authenticity_token: true do |f|
-            = f.text_area :note, class: 'note_text js-note-text js-gfm-input turn-on'
+            = render layout: 'projects/md_preview' do
+              = f.text_area :note, class: 'note_text js-note-text markdown-area js-gfm-input turn-on'
            .form-actions.clearfix
              = f.submit 'Save changes', class: "btn btn-primary btn-save js-comment-button"

--- a/app/views/projects/transfer.js.haml
+++ b/app/views/projects/transfer.js.haml
- if @project.errors[:namespace_id].present?
+:plain
-  :plain
-    $("#tab-transfer .errors-holder").replaceWith(errorMessage('#{escape_javascript(@project.errors[:namespace_id].first)}'));
-    $("#tab-transfer .form-actions input").removeAttr('disabled').removeClass('disabled');
- else
-  :plain
    location.href = "#{edit_project_path(@project)}";
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -186,16 +186,18 @@ Gitlab::Application.routes.draw do
      post :unarchive
      post :upload_image
      post :toggle_star
+      get :markdown_preview
      get :autocomplete_sources
    end
    scope module: :projects do
-      resources :blob, only: [:show, :destroy], constraints: { id: /.+/ } do
+      resources :blob, only: [:show, :destroy], constraints: { id: /.+/, format: false } do
        get :diff, on: :member
      end
      resources :raw,       only: [:show], constraints: {id: /.+/}
      resources :tree,      only: [:show], constraints: {id: /.+/, format: /(html|js)/ }
      resources :edit_tree, only: [:show, :update], constraints: { id: /.+/ }, path: 'edit' do
+        # Cannot be GET to differentiate from GET paths that end in preview.
        post :preview, on: :member
      end
      resources :new_tree,  only: [:show, :update], constraints: {id: /.+/}, path: 'new'
@@ -329,10 +331,6 @@ Gitlab::Application.routes.draw do
        member do
          delete :delete_attachment
        end
-        collection do
-          post :preview
-        end
      end
    end
  end

--- a/db/fixtures/development/05_users.rb
+++ b/db/fixtures/development/05_users.rb
@@ -16,14 +16,13 @@ Gitlab::Seeder.quiet do
  (1..5).each do |i|
    begin
-      User.seed(:id, [
+      User.seed do |s|
-        id: i + 10,
+        s.username = "user#{i}"
-        username: "user#{i}",
+        s.name = "User #{i}"
-        name: "User #{i}",
+        s.email = "user#{i}@example.com"
-        email: "user#{i}@example.com",
+        s.confirmed_at = DateTime.now
-        confirmed_at: DateTime.now,
+        s.password = '12345678'
-        password: '12345678'
+      end
-      ])
      print '.'
    rescue ActiveRecord::RecordNotSaved
      print 'F'

--- a/doc/README.md
+++ b/doc/README.md
@@ -23,6 +23,7 @@
 - [Welcome message](customization/welcome_message.md) Add a custom welcome message to the sign-in page.
 - [Issue closing](customization/issue_closing.md) Customize how to close an issue from commit messages.
 - [Libravatar](customization/libravatar.md) Use Libravatar for user avatars.
+- [Operations](operations/README.md) Keeping GitLab up and running
 ## Contributor documentation

--- a/doc/development/shell_commands.md
+++ b/doc/development/shell_commands.md
 # Guidelines for shell commands in the GitLab codebase
+This document contains guidelines for working with processes and files in the GitLab codebase.
+These guidelines are meant to make your code more reliable _and_ secure.
 ## References
 - [Google Ruby Security Reviewer's Guide](https://code.google.com/p/ruby-security/wiki/Guide)
@@ -109,3 +112,63 @@ logs = IO.popen(%W(git log), chdir: repo_dir).read
 ```
 Note that unlike `Gitlab::Popen.popen`, `IO.popen` does not capture standard error.
+## Avoid user input at the start of path strings
+Various methods for opening and reading files in Ruby can be used to read the
+standard output of a process instead of a file.  The following two commands do
+roughly the same:
+```
+`touch /tmp/pawned-by-backticks`
+File.read('|touch /tmp/pawned-by-file-read')
+```
+The key is to open a 'file' whose name starts with a `|`.
+Affected methods include Kernel#open, File::read, File::open, IO::open and IO::read.
+You can protect against this behavior of 'open' and 'read' by ensuring that an
+attacker cannot control the start of the filename string you are opening.  For
+instance, the following is sufficient to protect against accidentally starting
+a shell command with `|`:
+```
+# we assume repo_path is not controlled by the attacker (user)
+path = File.join(repo_path, user_input)
+# path cannot start with '|' now.
+File.read(path)
+```
+## Guard against path traversal
+Path traversal is a security where the program (GitLab) tries to restrict user
+access to a certain directory on disk, but the user manages to open a file
+outside that directory by taking advantage of the `../` path notation.
+```
+# Suppose the user gave us a path and they are trying to trick us
+user_input = '../other-repo.git/other-file'
+# We look up the repo path somewhere
+repo_path = 'repositories/user-repo.git'
+# The intention of the code below is to open a file under repo_path, but
+# because the user used '..' she can 'break out' into
+# 'repositories/other-repo.git'
+full_path = File.join(repo_path, user_input)
+File.open(full_path) do # Oops!
+```
+A good way to protect against this is to compare the full path with its
+'absolute path' according to Ruby's `File.absolute_path`.
+```
+full_path = File.join(repo_path, user_input)
+if full_path != File.absolute_path(full_path)
+  raise "Invalid path: #{full_path.inspect}"
+end
+File.open(full_path) do # Etc.
+```
+A check like this could have avoided CVE-2013-4583.
--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -54,7 +54,7 @@ up-to-date and install it.
 Install the required packages (needed to compile Ruby and native extensions to Ruby gems):
-    sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev curl openssh-server redis-server checkinstall libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev logrotate python-docutils pkg-config cmake
+    sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev curl openssh-server redis-server checkinstall libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev logrotate python-docutils pkg-config cmake libkrb5-dev
 Make sure you have the right version of Git installed
@@ -181,9 +181,9 @@ We recommend using a PostgreSQL database. For MySQL check [MySQL setup guide](da
 ### Clone the Source
    # Clone GitLab repository
-    sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-5-stable gitlab
+    sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-6-stable gitlab
-**Note:** You can change `7-5-stable` to `master` if you want the *bleeding edge* version, but never install master on a production server!
+**Note:** You can change `7-6-stable` to `master` if you want the *bleeding edge* version, but never install master on a production server!
 ### Configure It
@@ -278,7 +278,7 @@ We recommend using a PostgreSQL database. For MySQL check [MySQL setup guide](da
 GitLab Shell is an SSH access and repository management software developed specially for GitLab.
    # Run the installation task for gitlab-shell (replace `REDIS_URL` if needed):
-    sudo -u git -H bundle exec rake gitlab:shell:install[v2.2.0] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production
+    sudo -u git -H bundle exec rake gitlab:shell:install[v2.4.0] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production
    # By default, the gitlab-shell config is generated from your main GitLab config.
    # You can review (and modify) the gitlab-shell config as follows:
@@ -383,15 +383,17 @@ NOTE: Supply `SANITIZE=true` environment variable to `gitlab:check` to omit proj
 ### Initial Login
-Visit YOUR_SERVER in your web browser for your first GitLab login. The setup has created an admin account for you. You can use it to log in:
+Visit YOUR_SERVER in your web browser for your first GitLab login. The setup has created a default admin account for you. You can use it to log in:
    root
    5iveL!fe
-**Important Note:** Please go over to your profile page and immediately change the password, so nobody can access your GitLab by using this login information later on.
+**Important Note:** Please login to the server before exposing it to the public internet. On login you'll be prompted to change the password.
 **Enjoy!**
+You can use `sudo service gitlab start` and `sudo service gitlab stop` to start and stop GitLab.
 ## Advanced Setup Tips
 ### Using HTTPS

--- a/doc/integration/omniauth.md
+++ b/doc/integration/omniauth.md
@@ -7,6 +7,7 @@ OmniAuth does not prevent standard GitLab authentication or LDAP (if configured)
 - [Initial OmniAuth Configuration](#initial-omniauth-configuration)
 - [Supported Providers](#supported-providers)
 - [Enable OmniAuth for an Existing User](#enable-omniauth-for-an-existing-user)
+- [OmniAuth configuration sample when using Omnibus GitLab](https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master#omniauth-google-twitter-github-login)
 ## Initial OmniAuth Configuration

--- a/doc/integration/twitter.md
+++ b/doc/integration/twitter.md
@@ -13,7 +13,7 @@ To enable the Twitter OmniAuth provider you must register your application with
    something else descriptive.
    - Description: Create a description.
    - Website: The URL to your GitLab installation. 'https://gitlab.example.com'
-    - Callback URL: 'https://gitlab.example.com/users/auth/github/callback'
+    - Callback URL: 'https://gitlab.example.com/users/auth/twitter/callback'
    - Agree to the "Rules of the Road."
    ![Twitter App Details](twitter_app_details.png)

--- a/doc/operations/README.md
+++ b/doc/operations/README.md
+# GitLab operations
+- [Sidekiq MemoryKiller](sidekiq_memory_killer.md)
--- a/doc/operations/sidekiq_memory_killer.md
+++ b/doc/operations/sidekiq_memory_killer.md
+# Sidekiq MemoryKiller
+The GitLab Rails application code suffers from memory leaks. For web requests
+this problem is made manageable using
+[unicorn-worker-killer](https://github.com/kzk/unicorn-worker-killer) which
+restarts Unicorn worker processes in between requests when needed. The Sidekiq
+MemoryKiller applies the same approach to the Sidekiq processes used by GitLab
+to process background jobs.
+Unlike unicorn-worker-killer, which is enabled by default for all GitLab
+installations since GitLab 6.4, the Sidekiq MemoryKiller is enabled by default
+_only_ for Omnibus packages. The reason for this is that the MemoryKiller
+relies on Runit to restart Sidekiq after a memory-induced shutdown and GitLab
+installations from source do not all use Runit or an equivalent.
+With the default settings, the MemoryKiller will cause a Sidekiq restart no
+more often than once every 15 minutes, with the restart causing about one
+minute of delay for incoming background jobs.
+## Configuring the MemoryKiller
+The MemoryKiller is controlled using environment variables.
+- `SIDEKIQ_MEMORY_KILLER_MAX_RSS`: if this variable is set, and its value is
+  greater than 0, then after each Sidekiq job, the MemoryKiller will check the
+  RSS of the Sidekiq process that executed the job. If the RSS of the Sidekiq
+  process (expressed in kilobytes) exceeds SIDEKIQ_MEMORY_KILLER_MAX_RSS, a
+  delayed shutdown is triggered. The default value for Omnibus packages is set
+  [in the omnibus-gitlab
+  repository](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/attributes/default.rb).
+- `SIDEKIQ_MEMORY_KILLER_GRACE_TIME`: defaults 900 seconds (15 minutes). When
+  a shutdown is triggered, the Sidekiq process will keep working normally for
+  another 15 minutes.
+- `SIDEKIQ_MEMORY_KILLER_SHUTDOWN_WAIT`: defaults to 30 seconds. When the grace
+  time has expired, the MemoryKiller tells Sidekiq to stop accepting new jobs.
+  Existing jobs get 30 seconds to finish. After that, the MemoryKiller tells
+  Sidekiq to shut down, and an external supervision mechanism (e.g. Runit) must
+  restart Sidekiq.
--- a/doc/raketasks/README.md
+++ b/doc/raketasks/README.md
+# Rake tasks
 - [Backup restore](backup_restore.md)
 - [Cleanup](cleanup.md)
+- [Features](features.md)
 - [Maintenance](maintenance.md) and self-checks
 - [User management](user_management.md)
 - [Web hooks](web_hooks.md)

--- a/doc/raketasks/backup_restore.md
+++ b/doc/raketasks/backup_restore.md
@@ -137,7 +137,7 @@ with the name of your bucket:
 Please be informed that a backup does not store your configuration files.
 If you use an Omnibus package please see the [instructions in the readme to backup your configuration](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md#backup-and-restore-omnibus-gitlab-configuration).
 If you have a cookbook installation there should be a copy of your configuration in Chef.
-If you have a manual installation please consider backing up your gitlab.yml file and any SSL keys and certificates.
+If you have a manual installation please consider backing up your `gitlab.yml` file, any SSL keys and certificates, and your [SSH host keys](https://superuser.com/questions/532040/copy-ssh-keys-from-one-server-to-another-server/532079#532079).
 ## Restore a previously created backup

--- a/doc/release/monthly.md
+++ b/doc/release/monthly.md
@@ -100,9 +100,9 @@ List any major changes here, so the user is aware of them before starting to upg
 - Web server changes
 - File structure changes
-#### 1. Make backup
+#### 1. Stop server
-#### 2. Stop server
+#### 2. Make backup
 #### 3. Do users need to update dependencies like `git`?

--- a/doc/update/6.x-or-7.x-to-7.5.md
+++ b/doc/update/6.x-or-7.x-to-7.5.md
-# From 6.x or 7.x to 7.5
+# From 6.x or 7.x to 7.6
-This allows you to upgrade any version of GitLab from 6.0 and up (including 7.0 and up) to 7.5.
+This allows you to upgrade any version of GitLab from 6.0 and up (including 7.0 and up) to 7.6.
 ## Global issue numbers
@@ -70,7 +70,7 @@ sudo -u git -H git checkout -- db/schema.rb # local changes will be restored aut
 For GitLab Community Edition:
 ```bash
-sudo -u git -H git checkout 7-5-stable
+sudo -u git -H git checkout 7-6-stable
 ```
 OR
@@ -78,7 +78,7 @@ OR
 For GitLab Enterprise Edition:
 ```bash
-sudo -u git -H git checkout 7-5-stable-ee
+sudo -u git -H git checkout 7-6-stable-ee
 ```
 ## 4. Install additional packages
@@ -119,7 +119,7 @@ sudo apt-get install pkg-config cmake
 ```bash
 cd /home/git/gitlab-shell
 sudo -u git -H git fetch
-sudo -u git -H git checkout v2.2.0
+sudo -u git -H git checkout v2.4.0
 ```
 ## 7. Install libs, migrations, etc.
@@ -154,14 +154,14 @@ sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
 TIP: to see what changed in `gitlab.yml.example` in this release use next command:
 ```
-git diff 6-0-stable:config/gitlab.yml.example 7-5-stable:config/gitlab.yml.example
+git diff 6-0-stable:config/gitlab.yml.example 7-6-stable:config/gitlab.yml.example
 ```
-* Make `/home/git/gitlab/config/gitlab.yml` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-5-stable/config/gitlab.yml.example but with your settings.
+* Make `/home/git/gitlab/config/gitlab.yml` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-6-stable/config/gitlab.yml.example but with your settings.
-* Make `/home/git/gitlab/config/unicorn.rb` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-5-stable/config/unicorn.rb.example but with your settings.
+* Make `/home/git/gitlab/config/unicorn.rb` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-6-stable/config/unicorn.rb.example but with your settings.
-* Make `/home/git/gitlab-shell/config.yml` the same as https://gitlab.com/gitlab-org/gitlab-shell/blob/v2.2.0/config.yml.example but with your settings.
+* Make `/home/git/gitlab-shell/config.yml` the same as https://gitlab.com/gitlab-org/gitlab-shell/blob/v2.4.0/config.yml.example but with your settings.
-* HTTP setups: Make `/etc/nginx/sites-available/gitlab` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-5-stable/lib/support/nginx/gitlab but with your settings.
+* HTTP setups: Make `/etc/nginx/sites-available/gitlab` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-6-stable/lib/support/nginx/gitlab but with your settings.
-* HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-5-stable/lib/support/nginx/gitlab-ssl but with your settings.
+* HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-6-stable/lib/support/nginx/gitlab-ssl but with your settings.
 * Copy rack attack middleware config
 ```bash

--- a/doc/update/7.4-to-7.5.md
+++ b/doc/update/7.4-to-7.5.md
@@ -71,21 +71,10 @@ There are new configuration options available for gitlab.yml. View them with the
 git diff origin/7-4-stable:config/gitlab.yml.example origin/7-5-stable:config/gitlab.yml.example
 ```
-#### Change timeout for unicorn
+#### Change Nginx settings
-```
-# set timeout to 60
-sudo -u git -H editor config/unicorn.rb
-```
-#### Change nginx https settings
-* HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-5-stable/lib/support/nginx/gitlab-ssl but with your setting
-#### MySQL Databases: Update database.yml config file
-* Add `collation: utf8_general_ci` to config/database.yml as seen in [config/database.yml.mysql](config/database.yml.mysql)
+* HTTP setups: Make `/etc/nginx/sites-available/gitlab` the same as [`lib/support/nginx/gitlab`](/lib/support/nginx/gitlab) but with your settings
+* HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as [`lib/support/nginx/gitlab-ssl`](/lib/support/nginx/gitlab-ssl) but with your setting
 ### 6. Start application
@@ -104,82 +93,6 @@ To make sure you didn't miss anything run a more thorough check with:
 If all items are green, then congratulations upgrade is complete!
-### 8. Optional optimizations for GitLab setups with MySQL databases
-Only applies if running MySQL database created with GitLab 6.7 or earlier. If you are not experiencing any issues you may not need the following instructions however following them will bring your database in line with the latest recommended installation configuration and help avoid future issues. Be sure to follow these directions exactly. These directions should be safe for any MySQL instance but to be sure make a current MySQL database backup beforehand.
-```
-# Stop GitLab
-sudo service gitlab stop
-# Secure your MySQL installation (added in GitLab 6.2)
-sudo mysql_secure_installation
-# Login to MySQL
-mysql -u root -p
-# do not type the 'mysql>', this is part of the prompt
-# Convert all tables to use the InnoDB storage engine (added in GitLab 6.8)
-SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' ENGINE=InnoDB;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `ENGINE` <> 'InnoDB' AND `TABLE_TYPE` = 'BASE TABLE';
-# If previous query returned results, copy & run all outputed SQL statements
-# Convert all tables to correct character set
-SET foreign_key_checks = 0;
-SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `TABLE_COLLATION` <> 'utf8_unicode_ci' AND `TABLE_TYPE` = 'BASE TABLE';
-# If previous query returned results, copy & run all outputed SQL statements
-# turn foreign key checks back on
-SET foreign_key_checks = 1;
-# Find MySQL users
-mysql> SELECT user FROM mysql.user WHERE user LIKE '%git%';
-# If git user exists and gitlab user does not exist
-# you are done with the database cleanup tasks
-mysql> \q
-# If both users exist skip to Delete gitlab user
-# Create new user for GitLab (changed in GitLab 6.4)
-# change $password in the command below to a real password you pick
-mysql> CREATE USER 'git'@'localhost' IDENTIFIED BY '$password';
-# Grant the git user necessary permissions on the database
-mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, LOCK TABLES ON `gitlabhq_production`.* TO 'git'@'localhost';
-# Delete the old gitlab user
-mysql> DELETE FROM mysql.user WHERE user='gitlab';
-# Quit the database session
-mysql> \q
-# Try connecting to the new database with the new user
-sudo -u git -H mysql -u git -p -D gitlabhq_production
-# Type the password you replaced $password with earlier
-# You should now see a 'mysql>' prompt
-# Quit the database session
-mysql> \q
-# Update database configuration details
-# See config/database.yml.mysql for latest recommended configuration details
-#   Remove the reaping_frequency setting line if it exists (removed in GitLab 6.8)
-#   Set production -> pool: 10 (updated in GitLab 5.3)
-#   Set production -> username: git
-#   Set production -> password: the password your replaced $password with earlier
-sudo -u git -H editor /home/git/gitlab/config/database.yml
-# Run thorough check
-sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
-```
 ## Things went south? Revert to previous version (7.4)
 ### 1. Revert the code to the previous version

--- a/doc/update/7.5-to-7.6.md
+++ b/doc/update/7.5-to-7.6.md
 # From 7.5 to 7.6
-**7.6 is not yet released. This is a preliminary upgrade guide.**
 ### 0. Stop server
    sudo service gitlab stop
@@ -39,12 +37,14 @@ sudo -u git -H git checkout 7-6-stable-ee
 ```bash
 cd /home/git/gitlab-shell
 sudo -u git -H git fetch
-sudo -u git -H git checkout v2.2.0
+sudo -u git -H git checkout v2.4.0
 ```
 ### 4. Install libs, migrations, etc.
 ```bash
+sudo apt-get install libkrb5-dev
 cd /home/git/gitlab
 # MySQL installations (note: the line below states '--without ... postgres')

--- a/doc/web_hooks/web_hooks.md
+++ b/doc/web_hooks/web_hooks.md
@@ -54,6 +54,29 @@ Triggered when you push to the repository except when pushing tags.
 }
 ```
+## Tag events
+Triggered when you create (or delete) tags to the repository.
+**Request body:**
+```json
+{
+  "ref": "refs/tags/v1.0.0",
+  "before": "0000000000000000000000000000000000000000",
+  "after": "82b3d5ae55f7080f1e6022629cdb57bfae7cccc7",
+  "user_id": 1,
+  "user_name": "John Smith",
+  "project_id": 1,
+  "repository": {
+    "name": "jsmith",
+    "url": "ssh://git@example.com/jsmith/example.git",
+    "description": "",
+    "homepage": "http://example.com/jsmith/example"
+  }
+}
+```
 ## Issues events
 Triggered when a new issue is created or an existing issue was updated/closed/reopened.

--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -2,16 +2,16 @@ FROM ubuntu:14.04
 # Install required packages
 RUN apt-get update -q \
-    && DEBIAN_FRONTEND=noninteractive apt-get install -qy \
+    && DEBIAN_FRONTEND=noninteractive apt-get install -qy --no-install-recommends \
+      ca-certificates \
      openssh-server \
-      wget \
+      wget
-    && apt-get clean
 # Download & Install GitLab
 # If the Omnibus package version below is outdated please contribute a merge request to update it.
 # If you run GitLab Enterprise Edition point it to a location where you have downloaded it.
 RUN TMP_FILE=$(mktemp); \
-    wget -q -O $TMP_FILE https://downloads-packages.s3.amazonaws.com/ubuntu-14.04/gitlab_7.5.2-omnibus.5.2.1.ci-1_amd64.deb \
+    wget -q -O $TMP_FILE https://downloads-packages.s3.amazonaws.com/ubuntu-14.04/gitlab_7.5.3-omnibus.5.2.1.ci-1_amd64.deb \
    && dpkg -i $TMP_FILE \
    && rm -f $TMP_FILE

--- a/docker/README.md
+++ b/docker/README.md
@@ -39,7 +39,7 @@ After creating this run GitLab:
 sudo docker run --detach --name gitlab_app --publish 8080:80 --publish 2222:22 --volumes-from gitlab_data gitlab_image
 ```
-It might take a while before the docker container is responding to queries. You can follow the configuration process with `docker logs -f gitlab`.
+It might take a while before the docker container is responding to queries. You can follow the configuration process with `docker logs -f gitlab_app`.
 You can then go to `http://localhost:8080/` (or `http://192.168.59.103:8080/` if you use boot2docker).
 You can login with username `root` and password `5iveL!fe`.

--- a/features/project/commits/comments.feature
+++ b/features/project/commits/comments.feature
@@ -16,12 +16,12 @@ Feature: Project Commits Comments
  @javascript
  Scenario: I can't preview without text
    Given I haven't written any comment text
-    Then I should not see the comment preview button
+    Then The comment preview tab should say there is nothing to do
  @javascript
  Scenario: I can preview with text
-    Given I write a comment like "Nice"
+    Given I write a comment like ":+1: Nice"
-    Then I should see the comment preview button
+    Then The comment preview tab should be display rendered Markdown
  @javascript
  Scenario: I preview a comment
@@ -32,7 +32,7 @@ Feature: Project Commits Comments
  @javascript
  Scenario: I can edit after preview
    Given I preview a comment text like "Bug fixed :smile:"
-    Then I should see the comment edit button
+    Then I should see the comment write tab
  @javascript
  Scenario: I have a reset form after posting from preview

--- a/features/project/commits/diff_comments.feature
+++ b/features/project/commits/diff_comments.feature
@@ -58,13 +58,13 @@ Feature: Project Commits Diff Comments
  Scenario: I can't preview without text
    Given I open a diff comment form
    And I haven't written any diff comment text
-    Then I should not see the diff comment preview button
+    Then The diff comment preview tab should say there is nothing to do
  @javascript
  Scenario: I can preview with text
    Given I open a diff comment form
    And I write a diff comment like ":-1: I don't like this"
-    Then I should see the diff comment preview button
+    Then The diff comment preview tab should display rendered Markdown
  @javascript
  Scenario: I preview a diff comment
@@ -75,7 +75,7 @@ Feature: Project Commits Diff Comments
  @javascript
  Scenario: I can edit after preview
    Given I preview a diff comment text like "Should fix it :smile:"
-    Then I should see the diff comment edit button
+    Then I should see the diff comment write tab
  @javascript
  Scenario: The form gets removed after posting

--- a/features/project/issues/issues.feature
+++ b/features/project/issues/issues.feature
@@ -159,3 +159,37 @@ Feature: Project Issues
    Given project "Shop" has "Tasks-closed" closed issue with task markdown
    When I visit issue page "Tasks-closed"
    Then Task checkboxes should be disabled
+  # Issue description preview
+  @javascript
+  Scenario: I can't preview without text
+    Given I click link "New Issue"
+    And I haven't written any description text
+    Then The Markdown preview tab should say there is nothing to do
+  @javascript
+  Scenario: I can preview with text
+    Given I click link "New Issue"
+    And I write a description like ":+1: Nice"
+    Then The Markdown preview tab should display rendered Markdown
+  @javascript
+  Scenario: I preview an issue description
+    Given I click link "New Issue"
+    And I preview a description text like "Bug fixed :smile:"
+    Then I should see the Markdown preview
+    And I should not see the Markdown text field
+  @javascript
+  Scenario: I can edit after preview
+    Given I click link "New Issue"
+    And I preview a description text like "Bug fixed :smile:"
+    Then I should see the Markdown write tab
+  @javascript
+  Scenario: I can preview when editing an existing issue
+    Given I click link "Release 0.4"
+    And I click link "Edit" for the issue
+    And I preview a description text like "Bug fixed :smile:"
+    Then I should see the Markdown write tab
--- a/features/project/merge_requests.feature
+++ b/features/project/merge_requests.feature
@@ -187,3 +187,34 @@ Feature: Project Merge Requests
    And I visit merge request page "MR-task-open"
    And I click link "Close"
    Then Task checkboxes should be disabled
+  # Description preview
+  @javascript
+  Scenario: I can't preview without text
+    Given I visit merge request page "Bug NS-04"
+    And I click link "Edit" for the merge request
+    And I haven't written any description text
+    Then The Markdown preview tab should say there is nothing to do
+  @javascript
+  Scenario: I can preview with text
+    Given I visit merge request page "Bug NS-04"
+    And I click link "Edit" for the merge request
+    And I write a description like ":+1: Nice"
+    Then The Markdown preview tab should display rendered Markdown
+  @javascript
+  Scenario: I preview a merge request description
+    Given I visit merge request page "Bug NS-04"
+    And I click link "Edit" for the merge request
+    And I preview a description text like "Bug fixed :smile:"
+    Then I should see the Markdown preview
+    And I should not see the Markdown text field
+  @javascript
+  Scenario: I can edit after preview
+    Given I visit merge request page "Bug NS-04"
+    And I click link "Edit" for the merge request
+    And I preview a description text like "Bug fixed :smile:"
+    Then I should see the Markdown write tab
--- a/features/steps/project/issues/issues.rb
+++ b/features/steps/project/issues/issues.rb
 class Spinach::Features::ProjectIssues < Spinach::FeatureSteps
  include SharedAuthentication
+  include SharedIssuable
  include SharedProject
  include SharedNote
  include SharedPaths

--- a/features/steps/project/merge_requests.rb
+++ b/features/steps/project/merge_requests.rb
 class Spinach::Features::ProjectMergeRequests < Spinach::FeatureSteps
  include SharedAuthentication
+  include SharedIssuable
  include SharedProject
  include SharedNote
  include SharedPaths

--- a/features/steps/shared/diff_note.rb
+++ b/features/steps/shared/diff_note.rb
@@ -32,7 +32,7 @@ module SharedDiffNote
    click_diff_line(sample_commit.line_code)
    within("#{diff_file_selector} form[rel$='#{sample_commit.line_code}']") do
      fill_in "note[note]", with: "Should fix it :smile:"
-      find(".js-note-preview-button").trigger("click")
+      find('.js-md-preview-button').click
    end
  end
@@ -41,7 +41,7 @@ module SharedDiffNote
    within("#{diff_file_selector} form[rel$='#{sample_commit.del_line_code}']") do
      fill_in "note[note]", with: "DRY this up"
-      find(".js-note-preview-button").trigger("click")
+      find('.js-md-preview-button').click
    end
  end
@@ -71,9 +71,10 @@ module SharedDiffNote
    end
  end
-  step 'I should not see the diff comment preview button' do
+  step 'The diff comment preview tab should say there is nothing to do' do
    within(diff_file_selector) do
-      page.should have_css(".js-note-preview-button", visible: false)
+      find('.js-md-preview-button').click
+      expect(find('.js-md-preview')).to have_content('Nothing to preview.')
    end
  end
@@ -131,27 +132,28 @@ module SharedDiffNote
  step 'I should see the diff comment preview' do
    within("#{diff_file_selector} form") do
-      page.should have_css(".js-note-preview", visible: false)
+      expect(page).to have_css('.js-md-preview', visible: true)
    end
  end
-  step 'I should see the diff comment edit button' do
+  step 'I should see the diff comment write tab' do
    within(diff_file_selector) do
-      page.should have_css(".js-note-write-button", visible: true)
+      expect(page).to have_css('.js-md-write-button', visible: true)
    end
  end
-  step 'I should see the diff comment preview button' do
+  step 'The diff comment preview tab should display rendered Markdown' do
    within(diff_file_selector) do
-      page.should have_css(".js-note-preview-button", visible: true)
+      find('.js-md-preview-button').click
+      expect(find('.js-md-preview')).to have_css('img.emoji', visible: true)
    end
  end
  step 'I should see two separate previews' do
    within(diff_file_selector) do
-      page.should have_css(".js-note-preview", visible: true, count: 2)
+      expect(page).to have_css('.js-md-preview', visible: true, count: 2)
-      page.should have_content("Should fix it")
+      expect(page).to have_content('Should fix it')
-      page.should have_content("DRY this up")
+      expect(page).to have_content('DRY this up')
    end
  end

--- a/features/steps/shared/issuable.rb
+++ b/features/steps/shared/issuable.rb
+module SharedIssuable
+  include Spinach::DSL
+  def edit_issuable
+    find('.issue-btn-group').click_link 'Edit'
+  end
+  step 'I click link "Edit" for the merge request' do
+    edit_issuable
+  end
+  step 'I click link "Edit" for the issue' do
+    edit_issuable
+  end
+end
--- a/features/steps/shared/markdown.rb
+++ b/features/steps/shared/markdown.rb
@@ -54,4 +54,49 @@ EOT
      'div.description li.task-list-item input[type="checkbox"]:disabled'
    )
  end
+  step 'I should not see the Markdown preview' do
+    expect(find('.gfm-form .js-md-preview')).not_to be_visible
+  end
+  step 'The Markdown preview tab should say there is nothing to do' do
+    within('.gfm-form') do
+      find('.js-md-preview-button').click
+      expect(find('.js-md-preview')).to have_content('Nothing to preview.')
+    end
+  end
+  step 'I should not see the Markdown text field' do
+    expect(find('.gfm-form textarea')).not_to be_visible
+  end
+  step 'I should see the Markdown write tab' do
+    expect(find('.gfm-form')).to have_css('.js-md-write-button', visible: true)
+  end
+  step 'I should see the Markdown preview' do
+    expect(find('.gfm-form')).to have_css('.js-md-preview', visible: true)
+  end
+  step 'The Markdown preview tab should display rendered Markdown' do
+    within('.gfm-form') do
+      find('.js-md-preview-button').click
+      expect(find('.js-md-preview')).to have_css('img.emoji', visible: true)
+    end
+  end
+  step 'I write a description like ":+1: Nice"' do
+    find('.gfm-form').fill_in 'Description', with: ':+1: Nice'
+  end
+  step 'I preview a description text like "Bug fixed :smile:"' do
+    within('.gfm-form') do
+      fill_in 'Description', with: 'Bug fixed :smile:'
+      find('.js-md-preview-button').click
+    end
+  end
+  step 'I haven\'t written any description text' do
+    find('.gfm-form').fill_in 'Description', with: ''
+  end
 end
--- a/features/steps/shared/note.rb
+++ b/features/steps/shared/note.rb
@@ -23,7 +23,7 @@ module SharedNote
  step 'I preview a comment text like "Bug fixed :smile:"' do
    within(".js-main-target-form") do
      fill_in "note[note]", with: "Bug fixed :smile:"
-      find(".js-note-preview-button").trigger("click")
+      find('.js-md-preview-button').click
    end
  end
@@ -33,9 +33,9 @@ module SharedNote
    end
  end
-  step 'I write a comment like "Nice"' do
+  step 'I write a comment like ":+1: Nice"' do
    within(".js-main-target-form") do
-      fill_in "note[note]", with: "Nice"
+      fill_in 'note[note]', with: ':+1: Nice'
    end
  end
@@ -51,13 +51,14 @@ module SharedNote
  step 'I should not see the comment preview' do
    within(".js-main-target-form") do
-      page.should have_css(".js-note-preview", visible: false)
+      expect(find('.js-md-preview')).not_to be_visible
    end
  end
-  step 'I should not see the comment preview button' do
+  step 'The comment preview tab should say there is nothing to do' do
    within(".js-main-target-form") do
-      page.should have_css(".js-note-preview-button", visible: false)
+      find('.js-md-preview-button').click
+      expect(find('.js-md-preview')).to have_content('Nothing to preview.')
    end
  end
@@ -79,21 +80,22 @@ module SharedNote
    end
  end
-  step 'I should see the comment edit button' do
+  step 'I should see the comment write tab' do
    within(".js-main-target-form") do
-      page.should have_css(".js-note-write-button", visible: true)
+      expect(page).to have_css('.js-md-write-button', visible: true)
    end
  end
-  step 'I should see the comment preview' do
+  step 'The comment preview tab should be display rendered Markdown' do
    within(".js-main-target-form") do
-      page.should have_css(".js-note-preview", visible: true)
+      find('.js-md-preview-button').click
+      expect(find('.js-md-preview')).to have_css('img.emoji', visible: true)
    end
  end
-  step 'I should see the comment preview button' do
+  step 'I should see the comment preview' do
    within(".js-main-target-form") do
-      page.should have_css(".js-note-preview-button", visible: true)
+      expect(page).to have_css('.js-md-preview', visible: true)
    end
  end

--- a/lib/gitlab/theme.rb
+++ b/lib/gitlab/theme.rb
@@ -19,5 +19,19 @@ module Gitlab
      return themes[id]
    end
+    def self.type_css_class_by_id(id)
+      types = {
+        BASIC  => 'light_theme',
+        MARS   => 'dark_theme',
+        MODERN => 'dark_theme',
+        GRAY   => 'dark_theme',
+        COLOR  => 'dark_theme'
+      }
+      id ||= Gitlab.config.gitlab.default_theme
+      types[id]
+    end
  end
 end
--- a/lib/tasks/gitlab/shell.rake
+++ b/lib/tasks/gitlab/shell.rake
@@ -17,15 +17,19 @@ namespace :gitlab do
      # Clone if needed
      unless File.directory?(target_dir)
-        sh(*%W(git clone #{args.repo} #{target_dir}))
+        system(*%W(git clone -- #{args.repo} #{target_dir}))
      end
      # Make sure we're on the right tag
      Dir.chdir(target_dir) do
        # First try to checkout without fetching
        # to avoid stalling tests if the Internet is down.
-        reset = "git reset --hard $(git describe #{args.tag} || git describe origin/#{args.tag})"
+        reseted = reset_to_commit(args)
-        sh "#{reset} || git fetch origin && #{reset}"
+        unless reseted
+          system(*%W(git fetch origin))
+          reset_to_commit(args)
+        end
        config = {
          user: user,
@@ -54,7 +58,7 @@ namespace :gitlab do
        File.open("config.yml", "w+") {|f| f.puts config.to_yaml}
        # Launch installation process
-        sh "bin/install"
+        system(*%W(bin/install))
      end
      # Required for debian packaging with PKGR: Setup .ssh/environment with
@@ -118,5 +122,16 @@ namespace :gitlab do
    puts "Quitting...".red
    exit 1
  end
+  def reset_to_commit(args)
+    tag, status = Gitlab::Popen.popen(%W(git describe -- #{args.tag}))
+    unless status.zero?
+      tag, status = Gitlab::Popen.popen(%W(git describe -- origin/#{args.tag}))
+    end
+    tag = tag.strip
+    system(*%W(git reset --hard #{tag}))
+  end
 end
--- a/spec/factories.rb
+++ b/spec/factories.rb
@@ -5,10 +5,14 @@ FactoryGirl.define do
    Faker::Lorem.sentence
  end
-  sequence :name, aliases: [:file_name] do
+  sequence :name do
    Faker::Name.name
  end
+  sequence :file_name do
+    Faker::Internet.user_name
+  end
  sequence(:url) { Faker::Internet.uri('http') }
  factory :user, aliases: [:author, :assignee, :owner, :creator] do

--- a/spec/features/notes_on_merge_requests_spec.rb
+++ b/spec/features/notes_on_merge_requests_spec.rb
@@ -19,8 +19,9 @@ describe 'Comments' do
      it 'should be valid' do
        should have_css(".js-main-target-form", visible: true, count: 1)
        find(".js-main-target-form input[type=submit]").value.should == "Add Comment"
-        within(".js-main-target-form") { should_not have_link("Cancel") }
+        within('.js-main-target-form') do
-        within(".js-main-target-form") { should have_css(".js-note-preview-button", visible: false) }
+          expect(page).not_to have_link('Cancel')
+        end
      end
      describe "with text" do
@@ -31,8 +32,10 @@ describe 'Comments' do
        end
        it 'should have enable submit button and preview button' do
-          within(".js-main-target-form") { should_not have_css(".js-comment-button[disabled]") }
+          within('.js-main-target-form') do
-          within(".js-main-target-form") { should have_css(".js-note-preview-button", visible: true) }
+            expect(page).not_to have_css('.js-comment-button[disabled]')
+            expect(page).to have_css('.js-md-preview-button', visible: true)
+          end
        end
      end
    end
@@ -41,15 +44,17 @@ describe 'Comments' do
      before do
        within(".js-main-target-form") do
          fill_in "note[note]", with: "This is awsome!"
-          find(".js-note-preview-button").trigger("click")
+          find('.js-md-preview-button').click
          click_button "Add Comment"
        end
      end
      it 'should be added and form reset' do
        should have_content("This is awsome!")
-        within(".js-main-target-form") { should have_no_field("note[note]", with: "This is awesome!") }
+        within('.js-main-target-form') do
-        within(".js-main-target-form") { should have_css(".js-note-preview", visible: false) }
+          expect(page).to have_no_field('note[note]', with: 'This is awesome!')
+          expect(page).to have_css('.js-md-preview', visible: :hidden)
+        end
        within(".js-main-target-form") { should have_css(".js-note-text", visible: true) }
      end
    end
@@ -172,11 +177,11 @@ describe 'Comments' do
          # add two separate texts and trigger previews on both
          within("tr[id='#{line_code}'] + .js-temp-notes-holder") do
            fill_in "note[note]", with: "One comment on line 7"
-            find(".js-note-preview-button").trigger("click")
+            find('.js-md-preview-button').click
          end
          within("tr[id='#{line_code_2}'] + .js-temp-notes-holder") do
            fill_in "note[note]", with: "Another comment on line 10"
-            find(".js-note-preview-button").trigger("click")
+            find('.js-md-preview-button').click
          end
        end
      end

--- a/spec/routing/project_routing_spec.rb
+++ b/spec/routing/project_routing_spec.rb
@@ -60,6 +60,7 @@ end
 #                  project GET    /:id(.:format)          projects#show
 #                          PUT    /:id(.:format)          projects#update
 #                          DELETE /:id(.:format)          projects#destroy
+# markdown_preview_project GET    /:id/markdown_preview(.:format) projects#markdown_preview
 describe ProjectsController, "routing" do
  it "to #create" do
    post("/projects").should route_to('projects#create')
@@ -88,6 +89,12 @@ describe ProjectsController, "routing" do
  it "to #destroy" do
    delete("/gitlab/gitlabhq").should route_to('projects#destroy', id: 'gitlab/gitlabhq')
  end
+  it 'to #markdown_preview' do
+    get('/gitlab/gitlabhq/markdown_preview').should(
+      route_to('projects#markdown_preview', id: 'gitlab/gitlabhq')
+    )
+  end
 end
 #  pages_project_wikis GET    /:project_id/wikis/pages(.:format)       projects/wikis#pages
@@ -387,15 +394,10 @@ describe Projects::IssuesController, "routing" do
  end
 end
-# preview_project_notes POST   /:project_id/notes/preview(.:format) notes#preview
 #         project_notes GET    /:project_id/notes(.:format)         notes#index
 #                       POST   /:project_id/notes(.:format)         notes#create
 #          project_note DELETE /:project_id/notes/:id(.:format)     notes#destroy
 describe Projects::NotesController, "routing" do
-  it "to #preview" do
-    post("/gitlab/gitlabhq/notes/preview").should route_to('projects/notes#preview', project_id: 'gitlab/gitlabhq')
-  end
  it_behaves_like "RESTful project resources" do
    let(:actions)    { [:index, :create, :destroy] }
    let(:controller) { 'notes' }
@@ -415,6 +417,7 @@ describe Projects::BlobController, "routing" do
  it "to #show" do
    get("/gitlab/gitlabhq/blob/master/app/models/project.rb").should route_to('projects/blob#show', project_id: 'gitlab/gitlabhq', id: 'master/app/models/project.rb')
    get("/gitlab/gitlabhq/blob/master/app/models/compare.rb").should route_to('projects/blob#show', project_id: 'gitlab/gitlabhq', id: 'master/app/models/compare.rb')
+    get("/gitlab/gitlabhq/blob/master/app/models/diff.js").should route_to('projects/blob#show', project_id: 'gitlab/gitlabhq', id: 'master/app/models/diff.js')
    get("/gitlab/gitlabhq/blob/master/files.scss").should route_to('projects/blob#show', project_id: 'gitlab/gitlabhq', id: 'master/files.scss')
  end
 end
@@ -427,6 +430,26 @@ describe Projects::TreeController, "routing" do
  end
 end
+describe Projects::EditTreeController, 'routing' do
+  it 'to #show' do
+    get('/gitlab/gitlabhq/edit/master/app/models/project.rb').should(
+      route_to('projects/edit_tree#show',
+               project_id: 'gitlab/gitlabhq',
+               id: 'master/app/models/project.rb'))
+    get('/gitlab/gitlabhq/edit/master/app/models/project.rb/preview').should(
+      route_to('projects/edit_tree#show',
+               project_id: 'gitlab/gitlabhq',
+               id: 'master/app/models/project.rb/preview'))
+  end
+  it 'to #preview' do
+    post('/gitlab/gitlabhq/edit/master/app/models/project.rb/preview').should(
+      route_to('projects/edit_tree#preview',
+               project_id: 'gitlab/gitlabhq',
+               id: 'master/app/models/project.rb'))
+  end
+end
 # project_compare_index GET    /:project_id/compare(.:format)             compare#index {id: /[^\/]+/, project_id: /[^\/]+/}
 #                       POST   /:project_id/compare(.:format)             compare#create {id: /[^\/]+/, project_id: /[^\/]+/}
 #       project_compare        /:project_id/compare/:from...:to(.:format) compare#show {from: /.+/, to: /.+/, id: /[^\/]+/, project_id: /[^\/]+/}