This allows us to automatically include
Gitlab::Database::MigrationHelpers into newly generated migrations.

These helpers can be used to perform migrations without taking down the
entire application.

For example, the method "add_column_with_default" can be used to add a
new column with a default value without locking the entire table.

Allow Redmine issue references to work as intended

Closes #14527 and #14894 

See merge request !4048

Revert "Merge branch 'patch-1' into 'master'"

This reverts merge request !4030. /cc @stanhu @axil @aral

See merge request !4097

Fix adding a todo for private group memebers



See merge request !4081

Add if exists to drop command

Add `IF EXISTS` as a precaution. Related to gitlab-org/gitlab-ce!4020

See merge request !4100

Sanitize milestones and labels titles

fixes #15394 

See merge request !4046

This reverts merge request !4030

API: Expose Issue#user_notes_count and MergeRequest#user_notes_count

_Originally opened at !2954 by @cnam812._

- - -

Expose `Issue#user_notes_count` and `MergeRequest#user_notes_count` through the API.

See merge request !3126

Backport changes from gitlab-org/gitlab-ee!372

Mostly replaces several Spinach tests with RSpec Feature tests.

See merge request !4043

Don't read otp_secret_encryption_key from hardcoded path in models/user

Variable `Gitlab::Application.config.secret_key_base` is set in config/initializers/secret_token.rb. It's very bad practice to use hard-coded paths inside an application and really unnecessary in this case.

Mirror of https://github.com/gitlabhq/gitlabhq/pull/10311

See merge request !4044

Signed-off-by: Rémy Coutable <remy@rymai.me>

Added documentation on how to instrument methods

This will hopefully remove me as a single point of failure when it comes to adding instrumentation.

cc @axil @rspeicher 

See merge request !4035

Use the proper GitLab URL for links in Wiki

Fixes gitlab-org/gitlab-ce#17071

wiki links are proper compiled, e.g.
```
[same-level](same-level) -> <a href="same-level">same-level</a>
[sub-level](sub/level) -> <a href="sub/level">sub-level</a>
[upper-level](../upper-level) -> <a href="../upper-level">upper-level</a>
```

See merge request !4026

Remove `wall_enabled` field from Project



See merge request !4089

Improve multiple branch push performance by memoizing permission checking

See merge request !4091

Pass trusted_proxies to action_dispatch as IPAddrs instead of strings

Without this setting your own trusted_proxies does not work.

Fixes an issue introduce in: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3524

Fixes: https://gitlab.com/gitlab-org/gitlab-ce/issues/17004

See merge request !3970

If you attempt to push thousands of branches at once, the 60-second timeout
will occur because GitAccess checking does a lot of work to check if the
user has permission to push to a branch. This changes does two things:

1. Instead of making 1 DB query per branch push, use a memoized list of protected branches to check
2. Memoize what permissions the user has to perform on this project

On a test of 10,000 branch pushes, this prevents gitlab-shell from hitting the 60-second
timeout.

Closes #17225

Escape HTML in commit titles in system note messages

Closes #17348

See merge request !4084

Fix build notification on merge request page change even if the build status didn't change

## What does this MR do?
This MR contains a bugfix for #17357 which was introduced by !3998. The notification are now only shown on status changes, and not when switching between different merge requests.

## Are there points in the code the reviewer needs to double check?
Check implementation

## Why was this MR needed?
Because auf a bug introduced in !3998.

## What are the relevant issue numbers?
#17357

Closes #17357

See merge request !4086

docs(api): adapted user API documentation to match with latest API

The user API documentation and the actual implementation were out of sync, missing certain newly introduced fields and beeing inconsistent between certain API definitions. The documentation was changed according the actual latest implementation.
Signed-off-by: Fabio Huser <fabio@fh1.ch>

See merge request !4067

blost -> blog



See merge request !4063

Update CI example docs.

Docs for CI examples are updated as follows:

- Fix a dead link from CI example top to `dpl`
- Specify Django for a Python project, not Rails
- Use the latest Python Docker image as [Heroku supports only Python 3.5.1 (and 2.7.11)](https://devcenter.heroku.com/articles/python-support)
- Show the latest Docker Hub URL links.

See merge request !4082

Update Docker Hub and Engine links

1. Update all links to Docker Hub.
2. Update or rename Docker with Docker Engine.

See merge request !4083

We're hiring.

Help with recruiting, saw it in other readme's too.

See merge request !4080

Update git lfs initialize command

Update build triggers API documentation
[ci skip]

* Ensure updated/deleted timestamps are consistent

Update Subscription and EE links

Update SVG sanitizer to conform to SVG 1.1

Original SVG sanitizer would strip out necessary elements and attributes.

Use a custom Loofah scrubber since sanitize 2.x transformers are inadequate to handle case-sensitive SVG attributes since they parse documents as HTML instead of XML, which causes all SVG attribute names (e.g. `viewBox`) to be downcased.

* SVG element list: https://www.w3.org/TR/SVG/eltindex.html
* SVG attribute list: https://www.w3.org/TR/SVG/attindex.html

Closes #14555

See merge request !3401