Merge branch 'master' into merge-if-green

.gitlab-ci.yml

@@ -87,3 +87,12 @@ flay:
   tags:
     - ruby
     - mysql
+
+bundler:audit:
+  script: 
+    - "bundle exec bundle-audit update"
+    - "bundle exec bundle-audit check"
+  tags:
+    - ruby
+    - mysql
+  allow_failure: true

.rubocop.yml

@@ -888,7 +888,7 @@ Lint/RequireParentheses:
 Lint/RescueException:
   Description: 'Avoid rescuing the Exception class.'
   StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-blind-rescues'
-  Enabled: false
+  Enabled: true
 
 Lint/ShadowingOuterLocalVariable:
   Description: >-

.ruby-version

-2.1.6
+2.1.7

CHANGELOG

@@ -2,16 +2,50 @@ Please view this file on the master branch, on stable branches it's out of date.
 
 v 8.3.0 (unreleased)
 - Merge when build succeeds (Zeger-Jan van de Weg)
+  - Fix: Assignee selector is empty when 'Unassigned' is selected (Jose Corcuera)
+  - Fix 500 error when update group member permission
+  - Trim leading and trailing whitespace of milestone and issueable titles (Jose Corcuera)
+  - Recognize issue/MR/snippet/commit links as references
+  - Add ignore whitespace change option to commit view
+  - Fire update hook from GitLab
+  - Don't show project fork event as "imported"
+  - Add API endpoint to fetch merge request commits list
+  - Expose events API with comment information and author info
+  - Fix: Ensure "Remove Source Branch" button is not shown when branch is being deleted. #3583
+
+v 8.2.3
+  - Fix application settings cache not expiring after changes (Stan Hu)
+
+v 8.2.2
+  - Fix 404 in redirection after removing a project (Stan Hu)
+  - Ensure cached application settings are refreshed at startup (Stan Hu)
+  - Fix Error 500 when viewing user's personal projects from admin page (Stan Hu)
+  - Fix: Raw private snippets access workflow
+  - Prevent "413 Request entity too large" errors when pushing large files with LFS
+  - Fix invalid links within projects dashboard header
+  - Make current user the first user in assignee dropdown in issues detail page (Stan Hu)
+  - Fix: duplicate email notifications on issue comments
+
+v 8.2.1
+  - Forcefully update builds that didn't want to update with state machine
+  - Fix: saving GitLabCiService as Admin Template
 
 v 8.2.0
+  - Improved performance of finding projects and groups in various places
+  - Improved performance of rendering user profile pages and Atom feeds
+  - Expose build artifacts path as config option
   - Fix grouping of contributors by email in graph.
-  - Remove CSS property preventing hard tabs from rendering in Chromium 45 (Stan Hu)
+  - Improved performance of finding issues with/without labels
   - Fix Drone CI service template not saving properly (Stan Hu)
   - Fix avatars not showing in Atom feeds and project issues when Gravatar disabled (Stan Hu)
   - Added a GitLab specific profiling tool called "Sherlock" (see GitLab CE merge request #1749)
   - Upgrade gitlab_git to 7.2.20 and rugged to 0.23.3 (Stan Hu)
   - Improved performance of finding users by one of their Email addresses
   - Add allow_failure field to commit status API (Stan Hu)
+  - Commits without .gitlab-ci.yml are marked as skipped
+  - Save detailed error when YAML syntax is invalid
+  - Since GitLab CI is enabled by default, remove enabling it by pushing .gitlab-ci.yml
+  - Added build artifacts
   - Improved performance of replacing references in comments
   - Show last project commit to default branch on project home page
   - Highlight comment based on anchor in URL
@@ -29,6 +63,7 @@ v 8.2.0
   - Allow to define cache in `.gitlab-ci.yml`
   - Fix: 500 error returned if destroy request without HTTP referer (Kazuki Shimizu)
   - Remove deprecated CI events from project settings page
+  - Improve personal snippet access workflow (Douglas Alexandre)
   - [API] Add ability to fetch the commit ID of the last commit that actually touched a file
   - Fix omniauth documentation setting for omnibus configuration (Jon Cairns)
   - Add "New file" link to dropdown on project page
@@ -50,7 +85,9 @@ v 8.2.0
   - Fix trailing whitespace issue in merge request/issue title
   - Fix bug when milestone/label filter was empty for dashboard issues page
   - Add ability to create milestone in group projects from single form
+  - Add option to create merge request when editing/creating a file (Dirceu Tiegs)
   - Prevent the last owner of a group from being able to delete themselves by 'adding' themselves as a master (James Lopez)
+  - Add Award Emoji to issue and merge request pages
 
 v 8.1.4
   - Fix bug where manually merged branches in a MR would end up with an empty diff (Stan Hu)
@@ -120,7 +157,6 @@ v 8.1.0
   - Show CI status on Your projects page and Starred projects page
   - Remove "Continuous Integration" page from dashboard
   - Add notes and SSL verification entries to hook APIs (Ben Boeckel)
-  - Added build artifacts
   - Fix grammar in admin area "labels" .nothing-here-block when no labels exist.
   - Move CI runners page to project settings area
   - Move CI variables page to project settings area

CONTRIBUTING.md

@@ -23,10 +23,20 @@ Issues and merge requests should be in English and contain appropriate language
 ## Helping others
 
 Please help other GitLab users when you can.
-The channnels people will reach out on can be found on the [getting help page](https://about.gitlab.com/getting-help/).
-Sign up for the mailinglist, answer GitLab questions on StackOverflow or respond in the irc channel.
+The channels people will reach out on can be found on the [getting help page](https://about.gitlab.com/getting-help/).
+Sign up for the mailinglist, answer GitLab questions on StackOverflow or respond in the IRC channel.
 You can also sign up on [CodeTriage](http://www.codetriage.com/gitlabhq/gitlabhq) to help with one issue every day.
 
+## I want to contribute!
+
+If you want to contribute to GitLab, but are not sure where to start,
+look for [issues](https://gitlab.com/gitlab-org/gitlab-ce/issues?milestone_id=&scope=all&sort=created_desc&state=opened&utf8=%E2%9C%93&assignee_id=&author_id=&milestone_title=&label_name=up-for-grabs)
+with the label `up-for-grabs`.
+These issues will be of reasonable size and challenge, for anyone to start
+contributing to GitLab.
+
+This was inspired by [an article by Kent C. Dodds](https://medium.com/@kentcdodds/first-timers-only-78281ea47455#.i2f363mx4).
+
 ## Issue tracker
 
 To get support for your particular problem please use the [getting help channels](https://about.gitlab.com/getting-help/).
@@ -47,10 +57,10 @@ Please send a merge request with a tested solution or a merge request with a fai
 1. **Observed behavior**
 1. **Relevant logs and/or screenshots:** Please use code blocks (\`\`\`) to format console output, logs, and code as it's very hard to read otherwise.
 1. **Output of checks**
-    * Results of GitLab [Application Check](doc/install/installation.md#check-application-status) (`sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true`); we will only investigate if the tests are passing
+    * Results of GitLab [Application Check](doc/install/installation.md#check-application-status) (For installations with omnibus-gitlab package: `sudo gitlab-rake gitlab:check SANITIZE=true`); For installations from source: `sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true`); we will only investigate if the tests are passing
     * Version of GitLab you are running; we will only investigate issues in the latest stable and development releases as per the [maintenance policy](MAINTENANCE.md)
     * Add the last commit SHA-1 of the GitLab version you used to replicate the issue (obtainable from the help page)
-    * Describe your setup (use relevant parts from `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
+    * Describe your setup (use relevant parts from the env info: For installations with omnibus-gitlab package: `sudo gitlab-rake gitlab:env:info`; For installations from source: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
 1. **Possible fixes**: If you can, link to the line of code that might be responsible for the problem
 
 ## Merge requests
@@ -59,7 +69,7 @@ We welcome merge requests with fixes and improvements to GitLab code, tests, and
 
 Merge requests can be filed either at [gitlab.com](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests) or [github.com](https://github.com/gitlabhq/gitlabhq/pulls).
 
-If you are new to GitLab development (or web development in general), search for the label `easyfix` ([gitlab.com](https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name=easyfix), [github](https://github.com/gitlabhq/gitlabhq/labels/easyfix)). Those are issues easy to fix, marked by the GitLab core-team. If you are unsure how to proceed but want to help, mention one of the core-team members to give you a hint.
+If you are new to GitLab development (or web development in general), search for the label `easyfix` ([GitLab.com](https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name=easyfix), [GitHub](https://github.com/gitlabhq/gitlabhq/labels/easyfix)). Those are issues easy to fix, marked by the GitLab core-team. If you are unsure how to proceed but want to help, mention one of the core-team members to give you a hint.
 
 To start with GitLab download the [GitLab Development Kit](https://gitlab.com/gitlab-org/gitlab-development-kit) and see [Development section](doc/development/README.md) in the help file.
 
@@ -99,7 +109,7 @@ If you contribute to GitLab please know that changes involve more than just code
 We have the following [definition of done](http://guide.agilealliance.org/guide/definition-of-done.html).
 Please ensure you support the feature you contribute through all of these steps.
 
-1. Description explaning the relevancy (see following item)
+1. Description explaining the relevancy (see following item)
 1. Working and clean code that is commented where needed
 1. Unit and integration tests that pass on the CI server
 1. Documented in the /doc directory
@@ -163,7 +173,7 @@ If you add a dependency in GitLab (such as an operating system package) please c
 1.  [Markdown](http://www.cirosantilli.com/markdown-styleguide)
 1.  [Database Migrations](doc/development/migration_style_guide.md)
 1.  [Documentation styleguide](doc_styleguide.md)
-1.  Interface text should be written subjectively instead of objectively. It should be the gitlab core team addressing a person. It should be written in present time and never use past tense (has been/was). For example instead of "prohibited this user from being saved due to the following errors:" the text should be "sorry, we could not create your account because:". Also these [excellent writing guidelines](https://github.com/NARKOZ/guides#writing).
+1.  Interface text should be written subjectively instead of objectively. It should be the GitLab core team addressing a person. It should be written in present time and never use past tense (has been/was). For example instead of "prohibited this user from being saved due to the following errors:" the text should be "sorry, we could not create your account because:". Also these [excellent writing guidelines](https://github.com/NARKOZ/guides#writing).
 
 This is also the style used by linting tools such as [RuboCop](https://github.com/bbatsov/rubocop), [PullReview](https://www.pullreview.com/) and [Hound CI](https://houndci.com).
 

GITLAB_SHELL_VERSION

-2.6.6
+2.6.8

GITLAB_WORKHORSE

-0.4.1

GITLAB_WORKHORSE_VERSION

-0.3.1
+0.4.2

Gemfile

 source "https://rubygems.org"
 
-gem 'rails', '4.1.12'
+gem 'rails', '4.2.4'
+gem 'rails-deprecated_sanitizer', '~> 1.0.3'
+
+# Responders respond_to and respond_with
+gem 'responders', '~> 2.0'
 
 # Specify a sprockets version due to security issue
 # See https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY
@@ -16,7 +20,7 @@ gem "pg", '~> 0.18.2', group: :postgres
 # Authentication libraries
 gem 'devise',                 '~> 3.5.2'
 gem 'devise-async',           '~> 0.9.0'
-gem 'doorkeeper',             '~> 2.1.3'
+gem 'doorkeeper',             '~> 2.2.0'
 gem 'omniauth',               '~> 1.2.2'
 gem 'omniauth-bitbucket',     '~> 0.0.2'
 gem 'omniauth-facebook',      '~> 3.0.0'
@@ -28,7 +32,7 @@ gem 'omniauth-saml',          '~> 1.4.0'
 gem 'omniauth-shibboleth',    '~> 1.2.0'
 gem 'omniauth-twitter',       '~> 1.2.0'
 gem 'omniauth_crowd'
-gem 'rack-oauth2',            '~> 1.0.5'
+gem 'rack-oauth2',            '~> 1.2.1'
 
 # Two-factor authentication
 gem 'devise-two-factor', '~> 2.0.0'
@@ -62,9 +66,6 @@ gem 'rack-cors',    '~> 0.4.0', require: 'rack/cors'
 # based on human-friendly examples
 gem "stamp", '~> 0.6.0'
 
-# Enumeration fields
-gem 'enumerize', '~> 0.7.0'
-
 # Pagination
 gem "kaminari", "~> 0.16.3"
 
@@ -95,9 +96,10 @@ gem 'redcarpet',     '~> 3.3.3'
 gem 'RedCloth',      '~> 4.2.9'
 gem 'rdoc',          '~>3.6'
 gem 'org-ruby',      '~> 0.9.12'
-gem 'creole',        '~>0.3.6'
+gem 'creole',        '~> 0.5.0'
 gem 'wikicloth',     '0.8.1'
 gem 'asciidoctor',   '~> 1.5.2'
+gem 'net-ssh',       '~> 3.0.1'
 
 # Diffs
 gem 'diffy', '~> 3.0.3'
@@ -125,8 +127,7 @@ gem 'sidetiq', '~> 0.6.3'
 gem "httparty", '~> 0.13.3'
 
 # Colored output to console
-gem "colored", '~> 1.2'
-gem "colorize", '~> 0.5.8'
+gem "colorize", '~> 0.7.0'
 
 # GitLab settings
 gem 'settingslogic', '~> 2.0.9'
@@ -154,7 +155,7 @@ gem "gemnasium-gitlab-service", "~> 0.2"
 gem "slack-notifier", "~> 1.2.0"
 
 # Asana integration
-gem 'asana', '~> 0.0.6'
+gem 'asana', '~> 0.4.0'
 
 # FogBugz integration
 gem 'ruby-fogbugz', '~> 0.2.1'
@@ -187,13 +188,13 @@ gem "sass-rails", '~> 4.0.5'
 gem "coffee-rails", '~> 4.1.0'
 gem "uglifier", '~> 2.7.2'
 gem 'turbolinks', '~> 2.5.0'
-gem 'jquery-turbolinks', '~> 2.0.1'
+gem 'jquery-turbolinks', '~> 2.1.0'
 
 gem 'addressable',        '~> 2.3.8'
 gem 'bootstrap-sass',     '~> 3.0'
 gem 'font-awesome-rails', '~> 4.2'
 gem 'gitlab_emoji',       '~> 0.1'
-gem 'gon',                '~> 5.0.0'
+gem 'gon',                '~> 6.0.1'
 gem 'jquery-atwho-rails', '~> 1.3.2'
 gem 'jquery-rails',       '~> 3.1.3'
 gem 'jquery-scrollto-rails', '~> 1.4.3'
@@ -214,6 +215,7 @@ group :development do
   gem 'rerun', '~> 0.10.0'
   gem 'bullet', require: false
   gem 'rblineprof', platform: :mri, require: false
+  gem 'web-console', '~> 2.0'
 
   # Better errors handler
   gem 'better_errors', '~> 1.0.1'
@@ -261,6 +263,7 @@ group :development, :test do
   gem 'simplecov', '~> 0.10.0', require: false
   gem 'flog', require: false
   gem 'flay', require: false
+  gem 'bundler-audit', require: false
 
   gem 'benchmark-ips', require: false
 end
@@ -269,7 +272,7 @@ group :test do
   gem 'shoulda-matchers', '~> 2.8.0', require: false
   gem 'email_spec', '~> 1.6.0'
   gem 'webmock', '~> 1.21.0'
-  gem 'test_after_commit', '~> 0.2.2'
+  gem 'test_after_commit', '~> 0.4.2'
   gem 'sham_rack'
 end
 

PROCESS.md

@@ -44,6 +44,7 @@ Workflow labels are purposely not very detailed since that would be hard to keep
 - *UX* needs needs help from a UX designer
 - *Frontend* needs help from a Front-end engineer
 - *Graphics* needs help from a Graphics designer
+- *up-for-grabs* is an issue suitable for first-time contributors, of reasonable difficulty and size. Not exclusive with other labels.
 
 Example workflow: when a UX designer provided a design but it needs frontend work they remove the UX label and add the frontend label.
 

Procfile

+# For DEVELOPMENT only. Production uses Runit in
+# https://gitlab.com/gitlab-org/omnibus-gitlab or the init scripts in
+# lib/support/init.d, which call scripts in bin/ .
+#
 web: bundle exec unicorn_rails -p ${PORT:="3000"} -E ${RAILS_ENV:="development"} -c ${UNICORN_CONFIG:="config/unicorn.rb"}
-worker: bundle exec sidekiq -q post_receive -q mailer -q archive_repo -q system_hook -q project_web_hook -q gitlab_shell -q incoming_email -q runner -q common -q default
+worker: bundle exec sidekiq -q post_receive -q mailers -q archive_repo -q system_hook -q project_web_hook -q gitlab_shell -q incoming_email -q runner -q common -q default
 # mail_room: bundle exec mail_room -q -c config/mail_room.yml

README.md

@@ -27,8 +27,6 @@ There are two editions of GitLab:
 - GitLab Community Edition (CE) is available freely under the MIT Expat license.
 - GitLab Enterprise Edition (EE) includes [extra features](https://about.gitlab.com/features/#compare) that are more useful for organizations with more than 100 users. To use EE and get official support please [become a subscriber](https://about.gitlab.com/pricing/).
 
-Included with the GitLab Omnibus Packages is [GitLab CI](https://about.gitlab.com/gitlab-ci/) that can easily build, test and deploy code.
-
 ## Website
 
 On [about.gitlab.com](https://about.gitlab.com/) you can find more information about:

app/assets/javascripts/application.js.coffee

@@ -135,17 +135,25 @@ $ ->
     ), 1
 
   # Initialize tooltips
-  $('body').tooltip({
-    selector: '.has_tooltip, [data-toggle="tooltip"], .page-sidebar-collapsed .nav-sidebar a'
+  $('body').tooltip(
+    selector: '.has_tooltip, [data-toggle="tooltip"]'
     placement: (_, el) ->
       $el = $(el)
-      if $el.attr('id') == 'js-shortcuts-home'
-        # Place the logo tooltip on the right when collapsed, bottom when expanded
-        $el.parents('header').hasClass('header-collapsed') and 'right' or 'bottom'
-      else
-        # Otherwise use the data-placement attribute, or 'bottom' if undefined
-        $el.data('placement') or 'bottom'
-  })
+      $el.data('placement') || 'bottom'
+  )
+
+  $('.header-logo .home').tooltip(
+    placement: (_, el) ->
+      $el = $(el)
+      if $('.page-with-sidebar').hasClass('page-sidebar-collapsed') then 'right' else 'bottom'
+    container: 'body'
+  )
+
+  $('.page-with-sidebar').tooltip(
+    selector: '.sidebar-collapsed .nav-sidebar a, .sidebar-collapsed a.sidebar-user'
+    placement: 'right'
+    container: 'body'
+  )
 
   # Form submitter
   $('.trigger-submit').on 'change', ->

app/assets/javascripts/awards_handler.coffee

+class @AwardsHandler
+  constructor: (@post_emoji_url, @noteable_type, @noteable_id) ->
+
+  addAward: (emoji) ->
+    @postEmoji emoji, =>
+      @addAwardToEmojiBar(emoji)
+    
+  addAwardToEmojiBar: (emoji, custom_path = '') ->
+    if @exist(emoji)
+      if @isActive(emoji)
+        @decrementCounter(emoji)
+      else
+        counter = @findEmojiIcon(emoji).siblings(".counter")
+        counter.text(parseInt(counter.text()) + 1)
+        counter.parent().addClass("active")
+        @addMeToAuthorList(emoji)
+    else
+      @createEmoji(emoji, custom_path)
+
+  exist: (emoji) ->
+    @findEmojiIcon(emoji).length > 0
+
+  isActive: (emoji) ->
+    @findEmojiIcon(emoji).parent().hasClass("active")
+
+  decrementCounter: (emoji) ->
+    counter = @findEmojiIcon(emoji).siblings(".counter")
+
+    if parseInt(counter.text()) > 1
+      counter.text(parseInt(counter.text()) - 1)
+      counter.parent().removeClass("active")
+      @removeMeFromAuthorList(emoji)
+    else
+      award = counter.parent()
+      award.tooltip("destroy")
+      award.remove()
+
+  removeMeFromAuthorList: (emoji) ->
+    award_block = @findEmojiIcon(emoji).parent()
+    authors = award_block.attr("data-original-title").split(", ")
+    authors = _.without(authors, "me").join(", ")
+    award_block.attr("title", authors)
+    @resetTooltip(award_block)
+
+  addMeToAuthorList: (emoji) ->
+    award_block = @findEmojiIcon(emoji).parent()
+    authors = award_block.attr("data-original-title").split(", ")
+    authors.push("me")
+    award_block.attr("title", authors.join(", "))
+    @resetTooltip(award_block)
+
+  resetTooltip: (award) ->
+    award.tooltip("destroy")
+
+    # "destroy" call is asynchronous, this is why we need to set timeout.
+    setTimeout (->
+      award.tooltip()
+    ), 200
+    
+
+  createEmoji: (emoji, custom_path) ->
+    nodes = []
+    nodes.push("<div class='award active' title='me'>")
+    nodes.push("<div class='icon' data-emoji='" + emoji + "'>")
+    nodes.push(@getImage(emoji, custom_path))
+    nodes.push("</div>")
+    nodes.push("<div class='counter'>1")
+    nodes.push("</div></div>")
+
+    $(".awards-controls").before(nodes.join("\n"))
+
+    $(".award").tooltip()
+
+  getImage: (emoji, custom_path) ->
+    if custom_path
+      $("<img>").attr({src: custom_path, width: 20, height: 20}).wrap("<div>").parent().html()
+    else
+      $("li[data-emoji='" + emoji + "']").html()
+
+
+  postEmoji: (emoji, callback) ->
+    $.post @post_emoji_url, { note: {
+      note: ":" + emoji + ":"
+      noteable_type: @noteable_type
+      noteable_id: @noteable_id
+    }},(data) ->
+      if data.ok
+        callback.call()
+
+  findEmojiIcon: (emoji) ->
+    $(".icon[data-emoji='" + emoji + "']")
\ No newline at end of file

app/assets/javascripts/blob/blob_file_dropzone.js.coffee

@@ -23,18 +23,6 @@ class @BlobFileDropzone
       init: ->
         this.on 'addedfile', (file) ->
           $('.dropzone-alerts').html('').hide()
-          commit_message = form.find('#commit_message')[0]
-
-          if /^Upload/.test(commit_message.placeholder)
-            commit_message.placeholder = 'Upload ' + file.name
-
-          return
-
-        this.on 'removedfile', (file) ->
-          commit_message = form.find('#commit_message')[0]
-
-          if /^Upload/.test(commit_message.placeholder)
-            commit_message.placeholder = 'Upload new file'
 
           return
 
@@ -47,8 +35,9 @@ class @BlobFileDropzone
           return
 
         this.on 'sending', (file, xhr, formData) ->
-          formData.append('new_branch', form.find('#new_branch').val())
-          formData.append('commit_message', form.find('#commit_message').val())
+          formData.append('new_branch', form.find('.js-new-branch').val())
+          formData.append('create_merge_request', form.find('.js-create-merge-request').val())
+          formData.append('commit_message', form.find('.js-commit-message').val())
           return
 
       # Override behavior of adding error underneath preview

app/assets/javascripts/copy_to_clipboard.js.coffee

 #= require clipboard
 
-$ ->
-  clipboard = new Clipboard '.js-clipboard-trigger',
-    text: (trigger) ->
-      $target = $(trigger.nextElementSibling || trigger.previousElementSibling)
-      $target.data('clipboard-text') || $target.text().trim()
+genericSuccess = (e) ->
+  showTooltip(e.trigger, 'Copied!')
+
+  # Clear the selection and blur the trigger so it loses its border
+  e.clearSelection()
+  $(e.trigger).blur()
 
-  clipboard.on 'success', (e) ->
-    $(e.trigger).
-      tooltip(trigger: 'manual', placement: 'auto bottom', title: 'Copied!').
-      tooltip('show')
+# Safari doesn't support `execCommand`, so instead we inform the user to
+# copy manually.
+#
+# See http://clipboardjs.com/#browser-support
+genericError = (e) ->
+  if /Mac/i.test(navigator.userAgent)
+    key = '⌘' # Command
+  else
+    key = 'Ctrl'
 
-    # Clear the selection and blur the trigger so it loses its border
-    e.clearSelection()
-    $(e.trigger).blur()
+  showTooltip(e.trigger, "Press #{key}-C to copy")
 
-    # Manually hide the tooltip after 1 second
-    setTimeout(->
-      $(e.trigger).tooltip('hide')
-    , 1000)
+showTooltip = (target, title) ->
+  $(target).
+    tooltip(
+      container: 'body'
+      html: 'true'
+      placement: 'auto bottom'
+      title: title
+      trigger: 'manual'
+    ).
+    tooltip('show').
+    one('mouseleave', -> $(this).tooltip('hide'))
+
+$ ->
+  clipboard = new Clipboard '[data-clipboard-target], [data-clipboard-text]'
+  clipboard.on 'success', genericSuccess
+  clipboard.on 'error',   genericError

app/assets/javascripts/dropzone_input.js.coffee

+#= require markdown_preview
+
 class @DropzoneInput
   constructor: (form) ->
     Dropzone.autoDiscover = false
@@ -11,17 +13,14 @@ class @DropzoneInput
     uploadProgress = $("<div class=\"div-dropzone-progress\"></div>")
     btnAlert = "<button type=\"button\"" + alertAttr + ">&times;</button>"
     project_uploads_path = window.project_uploads_path or null
-    markdown_preview_path = window.markdown_preview_path or null
     max_file_size = gon.max_file_size or 10
 
     form_textarea = $(form).find("textarea.markdown-area")
     form_textarea.wrap "<div class=\"div-dropzone\"></div>"
     form_textarea.on 'paste', (event) =>
       handlePaste(event)
-    form_textarea.on "input", ->
-      hideReferencedUsers()
-    form_textarea.on "blur", ->
-      renderMarkdown()
+
+    $(form).setupMarkdownPreview()
 
     form_dropzone = $(form).find('.div-dropzone')
     form_dropzone.parent().addClass "div-dropzone-wrapper"
@@ -34,42 +33,6 @@ class @DropzoneInput
       "opacity": 0
       "display": "none"
 
-    # Preview button
-    $(document).off "click", ".js-md-preview-button"
-    $(document).on "click", ".js-md-preview-button", (e) ->
-      ###
-      Shows the Markdown preview.
-
-      Lets the server render GFM into Html and displays it.
-      ###
-      e.preventDefault()
-      form = $(this).closest("form")
-      # toggle tabs
-      form.find(".js-md-write-button").parent().removeClass "active"
-      form.find(".js-md-preview-button").parent().addClass "active"
-
-      # toggle content
-      form.find(".md-write-holder").hide()
-      form.find(".md-preview-holder").show()
-
-      renderMarkdown()
-
-    # Write button
-    $(document).off "click", ".js-md-write-button"
-    $(document).on "click", ".js-md-write-button", (e) ->
-      ###
-      Shows the Markdown textarea.
-      ###
-      e.preventDefault()
-      form = $(this).closest("form")
-      # toggle tabs
-      form.find(".js-md-write-button").parent().addClass "active"
-      form.find(".js-md-preview-button").parent().removeClass "active"
-
-      # toggle content
-      form.find(".md-write-holder").show()
-      form.find(".md-preview-holder").hide()
-
     dropzone = form_dropzone.dropzone(
       url: project_uploads_path
       dictDefaultMessage: ""
@@ -136,41 +99,6 @@ class @DropzoneInput
 
     child = $(dropzone[0]).children("textarea")
 
-    hideReferencedUsers = ->
-      referencedUsers = form.find(".referenced-users")
-      referencedUsers.hide()
-
-    renderReferencedUsers = (users) ->
-      referencedUsers = form.find(".referenced-users")
-
-      if referencedUsers.length
-        if users.length >= 10
-          referencedUsers.show()
-          referencedUsers.find(".js-referenced-users-count").text users.length
-        else
-          referencedUsers.hide()
-
-    renderMarkdown = ->
-      preview = form.find(".js-md-preview")
-      mdText = form.find(".markdown-area").val()
-      if mdText.trim().length is 0
-        preview.text "Nothing to preview."
-        hideReferencedUsers()
-      else
-        preview.text "Loading..."
-        $.ajax(
-          type: "POST",
-          url: markdown_preview_path,
-          data: {
-            text: mdText
-          },
-          dataType: "json"
-        ).success (data) ->
-          preview.html data.body
-          preview.syntaxHighlight()
-
-          renderReferencedUsers data.references.users
-
     formatLink = (link) ->
       text = "[#{link.alt}](#{link.url})"
       text = "!#{text}" if link.is_image

app/assets/javascripts/issues.js.coffee

@@ -29,7 +29,7 @@
     $('#filter_issue_search').val($('#issue_search').val())
 
   initSelects: ->
-    $("select#update_status").select2(width: 'resolve', dropdownAutoWidth: true)
+    $("select#update_state_event").select2(width: 'resolve', dropdownAutoWidth: true)
     $("select#update_assignee_id").select2(width: 'resolve', dropdownAutoWidth: true)
     $("select#update_milestone_id").select2(width: 'resolve', dropdownAutoWidth: true)
     $("select#label_name").select2(width: 'resolve', dropdownAutoWidth: true)

app/assets/javascripts/markdown_preview.js.coffee

+# MarkdownPreview
+#
+# Handles toggling the "Write" and "Preview" tab clicks, rendering the preview,
+# and showing a warning when more than `x` users are referenced.
+#
+class @MarkdownPreview
+  # Minimum number of users referenced before triggering a warning
+  referenceThreshold: 10
+
+  showPreview: (form) ->
+    preview = form.find('.js-md-preview')
+    mdText  = form.find('textarea.markdown-area').val()
+
+    if mdText.trim().length == 0
+      preview.text('Nothing to preview.')
+      @hideReferencedUsers(form)
+    else
+      preview.text('Loading...')
+      @renderMarkdown mdText, (response) =>
+        preview.html(response.body)
+        preview.syntaxHighlight()
+        @renderReferencedUsers(response.references.users, form)
+
+  renderMarkdown: (text, success) ->
+    return unless window.markdown_preview_path
+
+    $.ajax
+      type: 'POST'
+      url: window.markdown_preview_path
+      data: { text: text }
+      dataType: 'json'
+      success: success
+
+  hideReferencedUsers: (form) ->
+    referencedUsers = form.find('.referenced-users')
+    referencedUsers.hide()
+
+  renderReferencedUsers: (users, form) ->
+    referencedUsers = form.find('.referenced-users')
+
+    if referencedUsers.length
+      if users.length >= @referenceThreshold
+        referencedUsers.show()
+        referencedUsers.find('.js-referenced-users-count').text(users.length)
+      else
+        referencedUsers.hide()
+
+markdownPreview = new MarkdownPreview()
+
+previewButtonSelector = '.js-md-preview-button'
+writeButtonSelector   = '.js-md-write-button'
+
+$.fn.setupMarkdownPreview = ->
+  $form = $(this)
+
+  form_textarea = $form.find('textarea.markdown-area')
+
+  form_textarea.on 'input', -> markdownPreview.hideReferencedUsers($form)
+  form_textarea.on 'blur',  -> markdownPreview.showPreview($form)
+
+$(document).on 'click', previewButtonSelector, (e) ->
+  e.preventDefault()
+
+  $form = $(this).closest('form')
+
+  # toggle tabs
+  $form.find(writeButtonSelector).parent().removeClass('active')
+  $form.find(previewButtonSelector).parent().addClass('active')
+
+  # toggle content
+  $form.find('.md-write-holder').hide()
+  $form.find('.md-preview-holder').show()
+
+  markdownPreview.showPreview($form)
+
+$(document).on 'click', writeButtonSelector, (e) ->
+  e.preventDefault()
+
+  $form = $(this).closest('form')
+
+  # toggle tabs
+  $form.find(writeButtonSelector).parent().addClass('active')
+  $form.find(previewButtonSelector).parent().removeClass('active')
+
+  # toggle content
+  $form.find('.md-write-holder').show()
+  $form.find('.md-preview-holder').hide()

app/assets/javascripts/merge_request_widget.js.coffee

@@ -10,17 +10,20 @@ class @MergeRequestWidget
   constructor: (@opts) ->
     modal = $('#modal_merge_info').modal(show: false)
 
-  mergeInProgress: ->
+  mergeInProgress: (deleteSourceBranch = false)->
     $.ajax
       type: 'GET'
       url: $('.merge-request').data('url')
       success: (data) =>
         if data.state == "merged"
-          location.reload()
+          urlSuffix = if deleteSourceBranch then '?delete_source=true' else ''
+
+          window.location.href = window.location.href + urlSuffix
         else if data.merge_error
           $('.mr-widget-body').html("<h4>" + data.merge_error + "</h4>")
         else
-          setTimeout(merge_request_widget.mergeInProgress, 2000)
+          callback = -> merge_request_widget.mergeInProgress(deleteSourceBranch)
+          setTimeout(callback, 2000)
       dataType: 'json'
 
   getMergeStatus: ->

app/assets/javascripts/new_commit_form.js.coffee

+class @NewCommitForm
+  constructor: (form) ->
+    @newBranch = form.find('.js-new-branch')
+    @originalBranch = form.find('.js-original-branch')
+    @createMergeRequest = form.find('.js-create-merge-request')
+    @createMergeRequestFormGroup = form.find('.js-create-merge-request-form-group')
+
+    @renderDestination()
+    @newBranch.keyup @renderDestination
+
+  renderDestination: =>
+    different = @newBranch.val() != @originalBranch.val()
+
+    if different
+      @createMergeRequestFormGroup.show()
+      @createMergeRequest.prop('checked', true) unless @wasDifferent
+    else
+      @createMergeRequestFormGroup.hide()
+      @createMergeRequest.prop('checked', false)
+
+    @wasDifferent = different

app/assets/javascripts/notes.js.coffee

@@ -113,13 +113,16 @@ class @Notes
   renderNote: (note) ->
     # render note if it not present in loaded list
     # or skip if rendered
-    if @isNewNote(note)
+    if @isNewNote(note) && !note.award
       @note_ids.push(note.id)
       $('ul.main-notes-list').
         append(note.html).
         syntaxHighlight()
       @initTaskList()
 
+    if note.award
+      awards_handler.addAwardToEmojiBar(note.note, note.emoji_path)
+
   ###
   Check if note does not exists on page
   ###
@@ -255,7 +258,6 @@ class @Notes
   ###
   addNote: (xhr, note, status) =>
     @renderNote(note)
-    @updateVotes()
 
   ###
   Called in response to the new note form being submitted
@@ -473,9 +475,6 @@ class @Notes
     form = $(e.target).closest(".js-discussion-note-form")
     @removeDiscussionNoteForm(form)
 
-  updateVotes: ->
-    true
-
   ###
   Called after an attachment file has been selected.
 

app/assets/javascripts/project.js.coffee

 class @Project
   constructor: ->
-    # Git clone panel switcher
-    cloneHolder = $('.git-clone-holder')
-    if cloneHolder.length
-      $('a, button', cloneHolder).click ->
-        $('a, button', cloneHolder).removeClass 'active'
-        $(@).addClass 'active'
-        $('#project_clone', cloneHolder).val $(@).data 'clone'
-        $(".clone").text("").append $(@).data 'clone'
+    # Git protocol switcher
+    $('.js-protocol-switch').click ->
+      return if $(@).hasClass('active')
+
+      # Toggle 'active' for both buttons
+      $('.js-protocol-switch').toggleClass('active')
+
+      url = $(@).data('clone')
+
+      # Update the input field
+      $('#project_clone').val(url)
+
+      # Update the command line instructions
+      $('.clone').text(url)
 
     # Ref switcher
     $('.project-refs-select').on 'change', ->
@@ -39,4 +45,4 @@ class @Project
         when 4 then label = ' On Mention '
       $('#notifications-button').empty().append("<i class='fa fa-bell'></i>" + label + "<i class='fa fa-angle-down'></i>")
       $(@).parents('ul').find('li.active').removeClass 'active'
-      $(@).parent().addClass 'active'
+      $(@).parent().addClass 'active'
\ No newline at end of file

app/assets/javascripts/sidebar.js.coffee

@@ -5,6 +5,7 @@ $(document).on("click", '.toggle-nav-collapse', (e) ->
 
   $('.page-with-sidebar').toggleClass("#{collapsed} #{expanded}")
   $('header').toggleClass("header-collapsed header-expanded")
+  $('.sidebar-wrapper').toggleClass("sidebar-collapsed sidebar-expanded")
   $('.toggle-nav-collapse i').toggleClass("fa-angle-right fa-angle-left")
   $.cookie("collapsed_nav", $('.page-with-sidebar').hasClass(collapsed), { path: '/' })
 )

app/assets/javascripts/user.js.coffee

@@ -2,3 +2,9 @@ class @User
   constructor: ->
     $('.profile-groups-avatars').tooltip("placement": "top")
     new ProjectsList()
+
+    $('.hide-project-limit-message').on 'click', (e) ->
+      path = '/'
+      $.cookie('hide_project_limit_message', 'false', { path: path })
+      $(@).parents('.project-limit-message').remove()
+      e.preventDefault()

app/assets/javascripts/users_select.js.coffee

@@ -32,17 +32,15 @@ class @UsersSelect
               if showNullUser
                 nullUser = {
                   name: 'Unassigned',
-                  avatar: null,
-                  username: 'none',
                   id: 0
                 }
                 data.results.unshift(nullUser)
 
               if showAnyUser
+                name = showAnyUser
+                name = 'Any User' if name == true
                 anyUser = {
-                  name: 'Any',
-                  avatar: null,
-                  username: 'none',
+                  name: name,
                   id: null
                 }
                 data.results.unshift(anyUser)
@@ -50,7 +48,6 @@ class @UsersSelect
             if showEmailUser && data.results.length == 0 && query.term.match(/^[^@]+@[^@]+$/)
               emailUser = {
                 name: "Invite \"#{query.term}\"",
-                avatar: null,
                 username: query.term,
                 id: query.term
               }
@@ -58,11 +55,8 @@ class @UsersSelect
 
             query.callback(data)
 
-        initSelection: (element, callback) =>
-          id = $(element).val()
-          if id != "" && id != "0"
-            @user(id, callback)
-
+        initSelection: (args...) =>
+          @initSelection(args...)
         formatResult: (args...) =>
           @formatResult(args...)
         formatSelection: (args...) =>
@@ -71,16 +65,24 @@ class @UsersSelect
         escapeMarkup: (m) -> # we do not want to escape markup since we are displaying html in results
           m
 
+  initSelection: (element, callback) ->
+    id = $(element).val()
+    if id == "0"
+      nullUser = { name: 'Unassigned' }
+      callback(nullUser)
+    else if id != ""
+      @user(id, callback)
+
   formatResult: (user) ->
     if user.avatar_url
       avatar = user.avatar_url
     else
       avatar = gon.default_avatar_url
 
-    "<div class='user-result'>
+    "<div class='user-result #{'no-username' unless user.username}'>
        <div class='user-image'><img class='avatar s24' src='#{avatar}'></div>
        <div class='user-name'>#{user.name}</div>
-       <div class='user-username'>#{user.username}</div>
+       <div class='user-username'>#{user.username || ""}</div>
      </div>"
 
   formatSelection: (user) ->

app/assets/stylesheets/framework.scss

 @import "framework/fonts";
 @import "framework/variables";
 @import "framework/mixins";
-@import "framework/layout";
 @import 'framework/tw_bootstrap_variables';
 @import 'framework/tw_bootstrap';
+@import "framework/layout";
 
 @import "framework/avatar.scss";
 @import "framework/blocks.scss";
@@ -25,6 +25,7 @@
 @import "framework/markdown_area.scss";
 @import "framework/mobile.scss";
 @import "framework/pagination.scss";
+@import "framework/panels.scss";
 @import "framework/selects.scss";
 @import "framework/sidebar.scss";
 @import "framework/tables.scss";

app/assets/stylesheets/framework/blocks.scss

@@ -68,6 +68,10 @@
   .oneline {
     line-height: 42px;
   }
+
+  > p:last-child {
+    margin-bottom: 0;
+  }
 }
 
 .cover-block {
@@ -112,5 +116,14 @@
     position: absolute;
     top: 10px;
     right: 10px;
+
+    &.left {
+      left: 10px;
+      right: auto;
+    }
   }
 }
+
+.block-connector {
+  margin-top: -1px;
+}

app/assets/stylesheets/framework/common.scss

@@ -7,7 +7,7 @@
 
 /** COMMON CLASSES **/
 .prepend-top-10 { margin-top:10px }
-.prepend-top-default { margin-top: $gl-padding; }
+.prepend-top-default { margin-top: $gl-padding !important; }
 .prepend-top-20 { margin-top:20px }
 .prepend-left-10 { margin-left:10px }
 .prepend-left-20 { margin-left:20px }
@@ -52,6 +52,10 @@ pre {
   }
 }
 
+hr {
+  margin: $gl-padding 0;
+}
+
 .dropdown-menu > li > a {
   text-shadow: none;
 }
@@ -64,7 +68,7 @@ pre {
 .dropdown-menu > li > a:hover,
 .dropdown-menu > li > a:focus {
   background: $gl-primary;
-  color: #FFF
+  color: #FFF;
 }
 
 .str-truncated {
@@ -328,15 +332,15 @@ table {
   }
 }
 
+.well {
+  margin-bottom: 0;
+}
+
 .search_box {
   @extend .well;
   text-align: center;
 }
 
-.task-status {
-  margin-left: 10px;
-}
-
 #nprogress .spinner {
   top: 15px !important;
   right: 10px !important;
@@ -429,3 +433,7 @@ table {
 .space-right {
   margin-right: 10px;
 }
+
+.alert, .progress {
+  margin-bottom: $gl-padding;
+}

app/assets/stylesheets/framework/files.scss

@@ -8,7 +8,6 @@
   border: none;
   border-top: 1px solid #E7E9EE;
   border-bottom: 1px solid #E7E9EE;
-  margin-bottom: 1em;
 
   &.readme-holder {
     border-bottom: 0;
@@ -25,7 +24,7 @@
     text-shadow: 0 1px 1px #fff;
     margin: 0;
     text-align: left;
-    padding: 10px 15px;
+    padding: 10px $gl-padding;
 
     .file-actions {
       float: right;
@@ -171,4 +170,3 @@
     }
   }
 }
-

app/assets/stylesheets/framework/forms.scss

@@ -22,9 +22,10 @@ input[type='text'].danger {
 }
 
 .form-actions {
-  padding: 17px 20px 18px;
-  margin-top: 18px;
-  margin-bottom: 18px;
+  margin: -$gl-padding;
+  margin-top: 0;
+  margin-bottom: -$gl-padding;
+  padding: $gl-padding;
   background-color: $background-color;
   border-top: 1px solid $border-color;
 }
@@ -73,6 +74,8 @@ label {
 
 .form-control {
   @include box-shadow(none);
+  height: 42px;
+  padding: 8px $gl-padding;
 }
 
 .wiki-content {
@@ -88,7 +91,19 @@ label {
 }
 
 .input-group {
+  .select2-container {
+    display: table-cell;
+    width: 200px !important;
+  }
   .input-group-addon {
     background-color: #f7f8fa;
   }
+  .input-group-addon:not(:first-child):not(:last-child) {
+    border-left: 0;
+    border-right: 0;
+  }
+}
+
+.help-block {
+  margin-bottom: 0;
 }

app/assets/stylesheets/framework/header.scss

@@ -6,15 +6,17 @@ header {
   transition-duration: .3s;
 
   &.navbar-empty {
+    height: 58px;
     background: #FFF;
     border-bottom: 1px solid #EEE;
 
     .center-logo {
-      margin: 8px 0;
+      margin: 11px 0;
       text-align: center;
 
-      img {
-        height: 32px;
+      #tanuki-logo, img {
+        width: 36px;
+        height: 36px;
       }
     }
   }

app/assets/stylesheets/framework/issue_box.scss

@@ -7,8 +7,9 @@
 .issue-box {
   @include border-radius(2px);
 
-  display: inline-block;
-  padding: 10px $gl-padding;
+  display: block;
+  float: left;
+  padding: 0 $gl-padding;
   font-weight: normal;
   margin-right: 10px;
   font-size: $gl-font-size;

app/assets/stylesheets/framework/layout.scss

@@ -2,9 +2,13 @@ html {
   overflow-y: scroll;
 
   &.touch .tooltip { display: none !important; }
+}
+
+body {
+  background-color: #EAEBEC !important;
 
-  body {
-    padding-top: $header-height;
+  &.navless {
+    background-color: white !important;
   }
 }
 
@@ -18,7 +22,8 @@ html {
 }
 
 .navless-container {
-  margin-top: 30px;
+  margin-top: $header-height;
+  padding-top: $gl-padding * 2;
 }
 
 .container-limited {

app/assets/stylesheets/framework/lists.scss

@@ -127,3 +127,8 @@ ul.content-list {
   }
 }
 
+.panel > .content-list {
+  li {
+    margin: 0;
+  }
+}

app/assets/stylesheets/framework/pagination.scss

@@ -32,3 +32,7 @@
     }
   }
 }
+
+.panel > .gl-pagination {
+  margin: 0;
+}

app/assets/stylesheets/framework/panels.scss

+.panel {
+  margin-bottom: $gl-padding;
+  
+  .panel-heading {
+    padding: 10px $gl-padding;
+  }
+  .panel-body {
+    padding: $gl-padding;
+
+    .form-actions {
+      margin: -$gl-padding;
+      margin-top: $gl-padding;
+    }
+  }
+}

app/assets/stylesheets/framework/selects.scss

@@ -15,6 +15,16 @@
       border-left: none;
       padding-top: 5px;
     }
+
+    .select2-chosen {
+      color: $gl-text-color;
+    }
+
+    &.select2-default {
+      .select2-chosen {
+        color: #999;
+      }
+    }
   }
 }
 
@@ -23,6 +33,7 @@
   border: 1px solid #e7e9ed;
 }
 
+
 .select2-drop {
   @include box-shadow(rgba(76, 86, 103, 0.247059) 0px 0px 1px 0px, rgba(31, 37, 50, 0.317647) 0px 2px 18px 0px);
   @include border-radius (0px);
@@ -48,17 +59,38 @@
   color: #313236;
 }
 
+.select2-container-multi {
+  .select2-choices {
+    @include border-radius(2px);
+    border-color: $input-border;
+    background: white;
+    padding-left: $gl-padding / 2;
+
+    .select2-search-field input {
+      padding: $gl-padding / 2;
+      font-size: 13px;
+      height: auto;
+      font-family: inherit;
+      font-size: inherit;
+    }
 
-.select2-container-multi .select2-choices {
-  @include border-radius(2px);
-  border-color: #CCC;
-}
-
-.select2-container-multi .select2-choices .select2-search-field input {
-  padding: 8px 14px;
-  font-size: 13px;
-  line-height: 18px;
-  height: auto;
+    .select2-search-choice {
+      margin: 8px 0 0 8px;
+      background: white;
+      box-shadow: none;
+      border-color: $input-border;
+      color: $gl-text-color;
+      line-height: 15px;
+
+      .select2-search-choice-close {
+        top: 5px;
+      }
+
+      &.select2-search-choice-focus {
+        border-color: $gl-text-color;
+      }
+    }
+  }
 }
 
 .select2-drop-active {
@@ -123,10 +155,16 @@
 }
 
 .user-result {
+  min-height: 24px;
+
   .user-image {
     float: left;
   }
-  .user-name {
+
+  &.no-username {
+    .user-name {
+      line-height: 24px;
+    }
   }
 }
 

app/assets/stylesheets/framework/sidebar.scss

 .page-with-sidebar {
+  padding-top: $header-height;
+  transition-duration: .3s;
+
   .sidebar-wrapper {
     position: fixed;
     top: 0;
@@ -14,19 +17,15 @@
 .sidebar-wrapper {
   z-index: 99;
   background: $background-color;
-  transition-duration: .3s;
 }
 
 .content-wrapper {
-  min-height: 100vh;
   width: 100%;
   padding: 20px;
-  background: #EAEBEC;
 
   .container-fluid {
     background: #FFF;
     padding: $gl-padding;
-    min-height: 90vh;
 
     &.container-blank {
       background: none;
@@ -36,6 +35,83 @@
   }
 }
 
+.sidebar-wrapper {
+  .header-logo {
+    border-bottom: 1px solid transparent;
+    float: left;
+    height: $header-height;
+    width: $sidebar_width;
+    position: fixed;
+    z-index: 999;
+    overflow: hidden;
+    transition-duration: .3s;
+
+    a {
+      float: left;
+      height: $header-height;
+      width: 100%;
+      padding: 11px 0 11px 22px;
+      overflow: hidden;
+      outline: none;
+      transition-duration: .3s;
+
+      img {
+        width: 36px;
+        height: 36px;
+      }
+
+      #tanuki-logo, img {
+        float: left;
+      }
+
+      .gitlab-text-container {
+        width: 230px;
+
+        h3 {
+          width: 158px;
+          float: left;
+          margin: 0;
+          margin-left: 14px;
+          font-size: 19px;
+          line-height: 41px;
+          font-weight: normal;
+        }
+      }
+    }
+
+    &:hover {
+      background-color: #EEE;
+    }
+  }
+
+  .sidebar-user {
+    padding: 9px 22px;
+    position: fixed;
+    bottom: 40px;
+    width: $sidebar_width;
+    overflow: hidden;
+    transition-duration: .3s;
+
+    .username {
+      margin-left: 10px;
+      width: $sidebar_width - 2 * 10px;
+      font-size: 16px;
+      line-height: 34px;
+    }
+  }
+}
+
+
+.tanuki-shape {
+  transition: all 0.8s;
+
+  &:hover {
+    fill: rgb(255, 255, 255);
+    transition: all 0.1s;
+  }
+}
+
+
 .nav-sidebar {
   margin-top: 14 + $header-height;
   margin-bottom: 100px;
@@ -62,7 +138,7 @@
       color: $gray;
       display: block;
       text-decoration: none;
-      padding-left: 22px;
+      padding-left: 23px;
       font-weight: normal;
       outline: none;
 
@@ -86,6 +162,10 @@
         padding: 0px 8px;
         @include border-radius(6px);
       }
+
+      &.back-link i {
+        transition-duration: .3s;
+      }
     }
   }
 }
@@ -101,7 +181,6 @@
 
 @mixin expanded-sidebar {
   padding-left: $sidebar_width;
-  transition-duration: .3s;
 
   .sidebar-wrapper {
     width: $sidebar_width;
@@ -115,16 +194,15 @@
 
       &.back-link {
         i {
-          visibility: hidden;
+          opacity: 0;
         }
       }
     }
   }
 }
 
-@mixin folded-sidebar {
-  padding-left: 60px;
-  transition-duration: .3s;
+@mixin collapsed-sidebar {
+  padding-left: $sidebar_collapsed_width;
 
   .sidebar-wrapper {
     width: $sidebar_collapsed_width;
@@ -133,7 +211,7 @@
       width: $sidebar_collapsed_width;
 
       a {
-        padding-left: 12px;
+        padding-left: ($sidebar_collapsed_width - 36) / 2;
 
         .gitlab-text-container {
           display: none;
@@ -144,9 +222,13 @@
     .nav-sidebar {
       width: $sidebar_collapsed_width;
 
-      li a {
-        span {
-          display: none;
+      li {
+        width: auto;
+
+        a {
+          span {
+            display: none;
+          }
         }
       }
     }
@@ -156,7 +238,7 @@
     }
 
     .sidebar-user {
-      padding-left: 12px;
+      padding-left: ($sidebar_collapsed_width - 36) / 2;
       width: $sidebar_collapsed_width;
 
       .username {
@@ -187,11 +269,11 @@
 
 @media (max-width: $screen-md-max) {
   .page-sidebar-collapsed {
-    @include folded-sidebar;
+    @include collapsed-sidebar;
   }
 
   .page-sidebar-expanded {
-    @include folded-sidebar;
+    @include collapsed-sidebar;
   }
 
   .collapse-nav {
@@ -201,83 +283,10 @@
 
 @media(min-width: $screen-md-max) {
   .page-sidebar-collapsed {
-    @include folded-sidebar;
+    @include collapsed-sidebar;
   }
 
   .page-sidebar-expanded {
     @include expanded-sidebar;
   }
 }
-
-.sidebar-user {
-  padding: 9px 22px;
-  position: fixed;
-  bottom: 40px;
-  width: $sidebar_width;
-  overflow: hidden;
-  transition-duration: .3s;
-
-  .username {
-    margin-left: 10px;
-    width: $sidebar_width - 2 * 10px;
-    font-size: 16px;
-    line-height: 34px;
-  }
-}
-
-.sidebar-wrapper {
-  .header-logo {
-    border-bottom: 1px solid transparent;
-    float: left;
-    height: $header-height;
-    width: $sidebar_width;
-    overflow: hidden;
-    transition-duration: .3s;
-
-    a {
-      float: left;
-      height: $header-height;
-      width: 100%;
-      padding: 10px 22px;
-      overflow: hidden;
-      outline: none;
-
-      img {
-        width: 36px;
-        height: 36px;
-      }
-
-      #tanuki-logo, img {
-        float: left;
-      }
-
-      .gitlab-text-container {
-        width: 230px;
-
-        h3 {
-          width: 158px;
-          float: left;
-          margin: 0;
-          margin-left: 14px;
-          font-size: 19px;
-          line-height: 41px;
-          font-weight: normal;
-        }
-      }
-    }
-
-    &:hover {
-      background-color: #EEE;
-    }
-  }
-}
-
-
-.tanuki-shape {
-  transition: all 0.8s;
-
-  &:hover {
-    fill: rgb(255, 255, 255);
-    transition: all 0.1s;
-  }
-}

app/assets/stylesheets/framework/tables.scss

@@ -6,6 +6,8 @@
 
 table {
   &.table {
+    margin-bottom: $gl-padding;
+    
     .dropdown-menu a {
       text-decoration: none;
     }

app/assets/stylesheets/framework/tw_bootstrap.scss

@@ -172,7 +172,7 @@
   }
 
   .panel-body {
-    form {
+    form, pre {
       margin: 0;
     }
 
@@ -190,6 +190,10 @@
     .btn {
       min-width: 124px;
     }
+
+    .btn-clipboard {
+      min-width: 0px;
+    }
   }
 
   &.panel-small {

app/assets/stylesheets/framework/typography.scss

@@ -181,6 +181,10 @@ body {
   line-height: 1.3;
   font-size: 1.25em;
   font-weight: 600;
+
+  &:last-child {
+    margin-bottom: 0;
+  }
 }
 
 .page-title-empty {
@@ -256,3 +260,9 @@ textarea.js-gfm-input {
 .strikethrough {
   text-decoration: line-through;
 }
+
+h1, h2, h3, h4 {
+  small {
+    color: $gl-gray;
+  }
+}

app/assets/stylesheets/pages/builds.scss

@@ -21,7 +21,7 @@
 
   .autoscroll-container {
     position: fixed;
-    bottom: 10px;
+    bottom: 20px;
     right: 20px;
     z-index: 100;
   }
@@ -34,7 +34,7 @@
 
     a {
       display: block;
-      margin-bottom: 5px;
+      margin-bottom: 10px;
     }
   }
 

app/assets/stylesheets/pages/commit.scss

@@ -2,10 +2,6 @@
   display: block;
 }
 
-.commit-title{
-  margin-bottom: 10px;
-}
-
 .commit-author, .commit-committer{
   display: block;
   color: #999;
@@ -41,6 +37,8 @@
 .commit-box {
   .commit-title {
     margin: 0;
+    font-size: 23px;
+    color: #313236;
   }
 
   .commit-description {
@@ -56,6 +54,7 @@
 
     li {
       padding: 3px 0px;
+      line-height: 20px;
     }
   }
   .new-file {
@@ -107,16 +106,3 @@
     z-index: 2;
   }
 }
-
-.commit-ci-menu {
-  padding: 0;
-  margin: 0;
-  list-style: none;
-  margin-top: 5px;
-  height: 56px;
-  margin: -16px;
-  padding: 16px;
-  text-align: center;
-  margin-top: 0px;
-  margin-bottom: 2px;
-}

app/assets/stylesheets/pages/editor.scss

@@ -19,48 +19,38 @@
       color: #B94A48;
     }
   }
-  .commit-button-annotation {
-    display: inline-block;
-    margin: 0;
-    padding: 2px;
-
-    > * {
-      float: left;
-    }
-
-    .message {
-      display: inline-block;
-      margin: 5px 8px 0 8px;
-    }
-  }
 
   .file-title {
     @extend .monospace;
+
+    line-height: 42px;
+    padding-top: 7px;
+    padding-bottom: 7px;
   }
 
   .editor-ref {
     background: $background-color;
-    padding: 11px 15px;
+    padding-right: $gl-padding;
     border-right: 1px solid $border-color;
-    display: inline-block;
-    margin: -5px -5px;
+    display: block;
+    float: left;
     margin-right: 10px;
   }
 
   .editor-file-name {
-    .new-file-name {
-      display: inline-block;
-      width: 450px;
-    }
+    @extend .monospace;
+    
+    float: left;
+    margin-right: 10px;
+  }
 
-    .form-control {
-      margin-top: -3px;
-    }
+  .new-file-name {
+    display: inline-block;
+    width: 450px;
+    float: left;
   }
 
-  .form-actions {
-    margin: -$gl-padding;
-    margin-top: 0;
-    padding: $gl-padding
+  .select2 {
+    float: right;
   }
 }

app/assets/stylesheets/pages/groups.scss

-.new-group-member-holder {
-  margin-top: 50px;
-  padding-top: 20px;
-}
-
 .member-search-form {
   float: left;
 }
@@ -15,4 +10,4 @@
   .form-control {
     height: 42px;
   }
-}
+}
\ No newline at end of file

app/assets/stylesheets/pages/issuable.scss

@@ -51,11 +51,12 @@
 
 .issuable-details {
   .page-title {
-    margin-top: -15px;
-    padding: 10px 0;
+    margin-top: -$gl-padding;
+    padding: 7px 0;
     margin-bottom: 0;
     color: #5c5d5e;
     font-size: 16px;
+    line-height: 42px;
 
     .author {
       color: #5c5d5e;
@@ -89,6 +90,17 @@
   }
 }
 
+.issuable-show-labels {
+  a {
+    margin-right: 5px;
+    margin-bottom: 5px;
+    display: inline-block;
+    .color-label {
+      padding: 6px 10px;
+    }
+  }
+}
+
 .cross-project-reference {
   text-align: center;
   width: 100%;
@@ -101,3 +113,72 @@
     background-color: $background-color;
   }
 }
+
+.awards {
+  @include clearfix;
+  line-height: 34px;
+  margin: 2px 0;
+
+  .award {
+    @include border-radius(5px);
+
+    border: 1px solid;
+    padding: 0px 10px;
+    float: left;
+    margin: 0 5px;
+    border-color: $border-color;
+    cursor: pointer;
+
+    &.active {
+      border-color: $border-gray-light;
+      background-color: $gray-light;
+
+      .counter {
+        font-weight: bold;
+      }
+    }
+
+    .icon {
+      float: left;
+      margin-right: 10px;
+    }
+
+    .counter {
+      float: left;
+    }
+  }
+
+  .awards-controls {
+    margin-left: 10px;
+    float: left;
+
+    .add-award {
+      font-size: 24px;
+      color: $gl-gray;
+      position: relative;
+      top: 2px;
+
+      &:hover,
+      &:link {
+        text-decoration: none;
+      }
+    }
+
+    .awards-menu {
+      padding: $gl-padding;
+      min-width: 214px;
+
+      > li {
+        cursor: pointer;
+        margin: 5px;
+      }
+    }
+  }
+
+  .awards-menu{
+    li {
+      float: left;
+      margin: 3px;
+    }
+  }
+}

app/assets/stylesheets/pages/issues.scss

@@ -56,17 +56,6 @@
   }
 }
 
-.issue-show-labels {
-  a {
-    margin-right: 5px;
-    margin-bottom: 5px;
-    display: inline-block;
-    .color-label {
-      padding: 6px 10px;
-    }
-  }
-}
-
 form.edit-issue {
   margin: 0;
 }

app/assets/stylesheets/pages/login.scss

@@ -19,6 +19,7 @@
     h1:first-child {
       font-weight: normal;
       margin-bottom: 30px;
+      margin-top: 0;
     }
 
     img {

app/assets/stylesheets/pages/merge_requests.scss

@@ -4,7 +4,6 @@
  */
 .mr-state-widget {
   background: #F7F8FA;
-  margin-bottom: 20px;
   color: $gl-gray;
   border: 1px solid #dce0e6;
   @include border-radius(2px);
@@ -89,7 +88,7 @@
   .mr-widget-body,
   .ci_widget,
   .mr-widget-footer {
-    padding: 15px;
+    padding: $gl-padding;
   }
 
   .normal {
@@ -118,26 +117,8 @@
   }
 }
 
-.merge-request .merge-request-tabs {
-  @include nav-menu;
-  margin: -$gl-padding;
-  padding: $gl-padding;
-  text-align: center;
-  margin-bottom: 1px;
-}
-
-// Mobile
-@media (max-width: 480px) {
-  .merge-request .merge-request-tabs {
-    margin: 0;
-    padding: 0;
-
-    li {
-      a {
-        padding: 0;
-      }
-    }
-  }
+.merge-request-details {
+  margin-bottom: $gl-padding;
 }
 
 .mr_source_commit,
@@ -194,27 +175,12 @@
   line-height: 1.1;
 }
 
-.merge-request-form-info {
-  padding-top: 15px;
-}
-
 // hide mr close link for inline diff comment form
 .diff-file .close-mr-link,
 .diff-file .reopen-mr-link {
   display: none;
 }
 
-.merge-request-show-labels {
-  a {
-    margin-right: 5px;
-    margin-bottom: 5px;
-    display: inline-block;
-    .color-label {
-      padding: 6px 10px;
-    }
-  }
-}
-
 .merge-request-form .select2-container {
   width: 250px !important;
 }

app/assets/stylesheets/pages/note_form.scss

@@ -7,6 +7,7 @@
 }
 .reply-btn {
   @extend .btn-primary;
+  margin: 10px $gl-padding;
 }
 .diff-file .diff-content {
   tr.line_holder:hover {
@@ -38,9 +39,8 @@
 }
 
 .new_note, .edit_note {
-  .buttons {
-    margin-top: 8px;
-    margin-bottom: 3px;
+  .note-form-actions {
+    margin-top: $gl-padding;
   }
 
   .note-preview-holder {
@@ -79,8 +79,8 @@
   padding: $gl-padding;
   margin-left: -$gl-padding;
   margin-right: -$gl-padding;
-  border-right: 1px solid #ECEEF1;
-  border-top: 1px solid #ECEEF1;
+  border-right: 1px solid $border-color;
+  border-top: 1px solid $border-color;
   margin-bottom: -$gl-padding;
 }
 
@@ -150,7 +150,6 @@
 
   .discussion-reply-holder {
     background: $background-color;
-    padding: 10px 15px;
     border-top: 1px solid $border-color;
   }
 }

app/assets/stylesheets/pages/projects.scss

@@ -5,7 +5,7 @@
     font-weight: normal;
   }
 }
-.no-ssh-key-message {
+.no-ssh-key-message, .project-limit-message {
   background-color: #f28d35;
   margin-bottom: 16px;
 }
@@ -18,10 +18,6 @@
   }
 }
 
-.project-edit-content {
-  padding: 7px;
-}
-
 .project-name-holder {
   .help-inline {
     vertical-align: top;
@@ -30,12 +26,6 @@
 }
 
 .project-home-panel {
-  text-align: center;
-  background: #f7f8fa;
-  margin: -$gl-padding;
-  padding: $gl-padding;
-  padding: 44px 0 17px 0;
-
   .project-identicon-holder {
     margin-bottom: 16px;
 
@@ -90,7 +80,12 @@
   }
 
   .visibility-level-label {
+    @extend .btn;
+    @extend .btn-gray;
+
     color: $gray;
+    cursor: default;
+
     i {
       color: inherit;
     }
@@ -100,7 +95,6 @@
     display: inline-table;
     position: relative;
     top: 17px;
-    margin-bottom: 44px;
   }
 
   .project-repo-buttons {
@@ -178,6 +172,11 @@
     &:active {
       outline: none;
     }
+
+    &.btn-clipboard {
+      padding-left: 15px;
+      padding-right: 15px;
+    }
   }
 
   .active {
@@ -366,7 +365,7 @@ table.table.protected-branches-list tr.no-border {
 
 .project-stats {
   text-align: center;
-  margin-top: 15px;
+  margin-top: $gl-padding;
   margin-bottom: 0;
   padding-top: 10px;
   padding-bottom: 4px;
@@ -552,4 +551,4 @@ pre.light-well {
     z-index: 100;
     position: relative;
   }
-}
+}
\ No newline at end of file

app/assets/stylesheets/pages/snippets.scss

@@ -27,56 +27,22 @@
 }
 
 .snippet-holder {
-  .snippet-details {
-    .page-title {
-      margin-top: -15px;
-      padding: 10px 0;
-      margin-bottom: 0;
-      color: #5c5d5e;
-      font-size: 16px;
-
-      .author {
-        color: #5c5d5e;
-      }
-
-      .snippet-id {
-        color: #5c5d5e;
-      }
-    }
-
-    .snippet-title {
-      margin: 0;
-      font-size: 23px;
-      color: #313236;
-    }
-
-    @media (max-width: $screen-md-max) {
-      .new-snippet-link {
-        display: none;
-      }
-    }
-
-    @media (max-width: $screen-sm-max) {
-      .creator,
-      .page-title .btn-close {
-        display: none;
-      }
-    }
-  }
+  margin-bottom: -$gl-padding;
 
   .file-holder {
     border-top: 0;
   }
 }
 
-
 .snippet-box {
   @include border-radius(2px);
 
-  display: inline-block;
-  padding: 10px $gl-padding;
+  display: block;
+  float: left;
+  padding: 0 $gl-padding;
   font-weight: normal;
   margin-right: 10px;
   font-size: $gl-font-size;
   border: 1px solid;
+  line-height: 40px;
 }

app/assets/stylesheets/pages/wiki.scss

@@ -4,3 +4,8 @@
   margin-right: auto;
   padding-right: 7px;
 }
+
+.wiki-last-edit-by {
+  font-size: 80%;
+  font-weight: normal;
+}

app/controllers/abuse_reports_controller.rb

@@ -10,7 +10,7 @@ class AbuseReportsController < ApplicationController
 
     if @abuse_report.save
       if current_application_settings.admin_notification_email.present?
-        AbuseReportMailer.delay.notify(@abuse_report.id)
+        AbuseReportMailer.notify(@abuse_report.id).deliver_later
       end
 
       message = "Thank you for your report. A GitLab administrator will look into it shortly."

app/controllers/admin/impersonation_controller.rb

@@ -5,14 +5,20 @@ class Admin::ImpersonationController < Admin::ApplicationController
   before_action :authorize_impersonator!
 
   def create
-    session[:impersonator_id] = current_user.username
-    session[:impersonator_return_to] = request.env['HTTP_REFERER']
+    if @user.blocked?
+      flash[:alert] = "You cannot impersonate a blocked user"
 
-    warden.set_user(user, scope: 'user')
+      redirect_to admin_user_path(@user)
+    else
+      session[:impersonator_id] = current_user.username
+      session[:impersonator_return_to] = admin_user_path(@user)
+
+      warden.set_user(user, scope: 'user')
 
-    flash[:alert] = "You are impersonating #{user.username}."
+      flash[:alert] = "You are impersonating #{user.username}."
 
-    redirect_to root_path
+      redirect_to root_path
+    end
   end
 
   def destroy

app/controllers/autocomplete_controller.rb

 class AutocompleteController < ApplicationController
   skip_before_action :authenticate_user!, only: [:users]
+  before_action :find_users, only: [:users]
 
   def users
-    begin
-      @users =
-        if params[:project_id].present?
-          project = Project.find(params[:project_id])
-
-          if can?(current_user, :read_project, project)
-            project.team.users
-          end
-        elsif params[:group_id]
-          group = Group.find(params[:group_id])
-
-          if can?(current_user, :read_group, group)
-            group.users
-          end
-        elsif current_user
-          User.all
-        end
-    rescue ActiveRecord::RecordNotFound
-      if current_user
-        return render json: {}, status: 404
-      end
-    end
-
-    if @users.nil? && current_user.nil?
-      authenticate_user!
-    end
-
     @users ||= User.none
     @users = @users.search(params[:search]) if params[:search].present?
     @users = @users.active
     @users = @users.reorder(:name)
     @users = @users.page(params[:page]).per(PER_PAGE)
 
-    unless params[:search].present?
+    if params[:search].blank?
       # Include current user if available to filter by "Me"
       if params[:current_user] && current_user
         @users = [*@users, current_user].uniq
@@ -49,4 +23,25 @@ class AutocompleteController < ApplicationController
     @user = User.find(params[:id])
     render json: @user, only: [:name, :username, :id], methods: [:avatar_url]
   end
+
+  private
+
+  def find_users
+    @users =
+      if params[:project_id].present?
+        project = Project.find(params[:project_id])
+        return render_404 unless can?(current_user, :read_project, project)
+
+        project.team.users
+      elsif params[:group_id].present?
+        group = Group.find(params[:group_id])
+        return render_404 unless can?(current_user, :read_group, group)
+
+        group.users
+      elsif current_user
+        User.all
+      else
+        User.none
+      end
+  end
 end

app/controllers/ci/lints_controller.rb

@@ -15,10 +15,10 @@ module Ci
         @builds = @config_processor.builds
         @status = true
       end
-    rescue Ci::GitlabCiYamlProcessor::ValidationError => e
+    rescue Ci::GitlabCiYamlProcessor::ValidationError, Psych::SyntaxError => e
       @error = e.message
       @status = false
-    rescue Exception
+    rescue
       @error = "Undefined error"
       @status = false
     end

app/controllers/concerns/creates_merge_request_for_commit.rb

+module CreatesMergeRequestForCommit
+  extend ActiveSupport::Concern
+
+  def new_merge_request_path
+    if @project.forked?
+      target_project = @project.forked_from_project || @project
+      target_branch = target_project.repository.root_ref
+    else
+      target_project = @project
+      target_branch = @ref
+    end
+
+    new_namespace_project_merge_request_path(
+      @project.namespace,
+      @project,
+      merge_request: {
+        source_project_id: @project.id,
+        target_project_id: target_project.id,
+        source_branch: @new_branch,
+        target_branch: target_branch
+      }
+    )
+  end
+
+  def create_merge_request?
+    params[:create_merge_request] && @new_branch != @ref
+  end
+end

app/controllers/profiles_controller.rb

@@ -70,6 +70,7 @@ class ProfilesController < Profiles::ApplicationController
       :email,
       :hide_no_password,
       :hide_no_ssh_key,
+      :hide_project_limit,
       :linkedin,
       :location,
       :name,

app/controllers/projects/blob_controller.rb

 # Controller for viewing a file's blame
 class Projects::BlobController < Projects::ApplicationController
   include ExtractsPath
+  include CreatesMergeRequestForCommit
   include ActionView::Helpers::SanitizeHelper
 
   # Raised when given an invalid file path
@@ -22,21 +23,9 @@ class Projects::BlobController < Projects::ApplicationController
   end
 
   def create
-    result = Files::CreateService.new(@project, current_user, @commit_params).execute
-
-    if result[:status] == :success
-      flash[:notice] = "The changes have been successfully committed"
-      respond_to do |format|
-        format.html { redirect_to namespace_project_blob_path(@project.namespace, @project, File.join(@target_branch, @file_path)) }
-        format.json { render json: { message: "success", filePath: namespace_project_blob_path(@project.namespace, @project, File.join(@target_branch, @file_path)) } }
-      end
-    else
-      flash[:alert] = result[:message]
-      respond_to do |format|
-        format.html { render :new }
-        format.json { render json: { message: "failed", filePath: namespace_project_blob_path(@project.namespace, @project, @id) } }
-      end
-    end
+    create_commit(Files::CreateService, success_path: after_create_path,
+                                        failure_view: :new,
+                                        failure_path: namespace_project_new_blob_path(@project.namespace, @project, @ref))
   end
 
   def show
@@ -47,21 +36,9 @@ class Projects::BlobController < Projects::ApplicationController
   end
 
   def update
-    result = Files::UpdateService.new(@project, current_user, @commit_params).execute
-
-    if result[:status] == :success
-      flash[:notice] = "Your changes have been successfully committed"
-      respond_to do |format|
-        format.html { redirect_to after_edit_path }
-        format.json { render json: { message: "success", filePath: after_edit_path } }
-      end
-    else
-      flash[:alert] = result[:message]
-      respond_to do |format|
-        format.html { render :edit }
-        format.json { render json: { message: "failed", filePath: namespace_project_new_blob_path(@project.namespace, @project, @id) } }
-      end
-    end
+    create_commit(Files::UpdateService, success_path: after_edit_path,
+                                        failure_view: :edit,
+                                        failure_path: namespace_project_blob_path(@project.namespace, @project, @id))
   end
 
   def preview
@@ -77,7 +54,7 @@ class Projects::BlobController < Projects::ApplicationController
 
     if result[:status] == :success
       flash[:notice] = "Your changes have been successfully committed"
-      redirect_to namespace_project_tree_path(@project.namespace, @project, @target_branch)
+      redirect_to after_destroy_path
     else
       flash[:alert] = result[:message]
       render :show
@@ -131,15 +108,51 @@ class Projects::BlobController < Projects::ApplicationController
     render_404
   end
 
+  def create_commit(service, success_path:, failure_view:, failure_path:)
+    result = service.new(@project, current_user, @commit_params).execute
+
+    if result[:status] == :success
+      flash[:notice] = "Your changes have been successfully committed"
+      respond_to do |format|
+        format.html { redirect_to success_path }
+        format.json { render json: { message: "success", filePath: success_path } }
+      end
+    else
+      flash[:alert] = result[:message]
+      respond_to do |format|
+        format.html { render failure_view }
+        format.json { render json: { message: "failed", filePath: failure_path } }
+      end
+    end
+  end
+
+  def after_create_path
+    @after_create_path ||=
+      if create_merge_request?
+        new_merge_request_path
+      else
+        namespace_project_blob_path(@project.namespace, @project, File.join(@new_branch, @file_path))
+      end
+  end
+
   def after_edit_path
     @after_edit_path ||=
-      if from_merge_request
+      if create_merge_request?
+        new_merge_request_path
+      elsif from_merge_request && @new_branch == @ref
         diffs_namespace_project_merge_request_path(from_merge_request.target_project.namespace, from_merge_request.target_project, from_merge_request) +
           "#file-path-#{hexdigest(@path)}"
-      elsif @target_branch.present?
-        namespace_project_blob_path(@project.namespace, @project, File.join(@target_branch, @path))
       else
-        namespace_project_blob_path(@project.namespace, @project, @id)
+        namespace_project_blob_path(@project.namespace, @project, File.join(@new_branch, @path))
+      end
+  end
+
+  def after_destroy_path
+    @after_destroy_path ||=
+      if create_merge_request?
+        new_merge_request_path
+      else
+        namespace_project_tree_path(@project.namespace, @project, @new_branch)
       end
   end
 
@@ -154,7 +167,7 @@ class Projects::BlobController < Projects::ApplicationController
 
   def editor_variables
     @current_branch = @ref
-    @target_branch = params[:new_branch].present? ? sanitized_new_branch_name : @ref
+    @new_branch = params[:new_branch].present? ? sanitized_new_branch_name : @ref
 
     @file_path =
       if action_name.to_s == 'create'
@@ -174,7 +187,7 @@ class Projects::BlobController < Projects::ApplicationController
     @commit_params = {
       file_path: @file_path,
       current_branch: @current_branch,
-      target_branch: @target_branch,
+      target_branch: @new_branch,
       commit_message: params[:commit_message],
       file_content: params[:content],
       file_content_encoding: params[:encoding]

app/controllers/projects/branches_controller.rb

@@ -3,7 +3,7 @@ class Projects::BranchesController < Projects::ApplicationController
   # Authorize
   before_action :require_non_empty_project
   before_action :authorize_download_code!
-  before_action :authorize_push_code!, only: [:create, :destroy]
+  before_action :authorize_push_code!, only: [:new, :create, :destroy]
 
   def index
     @sort = params[:sort] || 'name'

app/controllers/projects/commit_controller.rb

@@ -67,7 +67,12 @@ class Projects::CommitController < Projects::ApplicationController
   end
 
   def define_show_vars
-    @diffs = commit.diffs
+    if params[:w].to_i == 1
+      @diffs = commit.diffs({ ignore_whitespace_change: true })
+    else
+      @diffs = commit.diffs
+    end
+
     @notes_count = commit.notes.count
     
     @builds = ci_commit.builds if ci_commit

app/controllers/projects/imports_controller.rb

@@ -28,8 +28,8 @@ class Projects::ImportsController < Projects::ApplicationController
       if @project.import_finished?
         redirect_to(project_path(@project)) and return
       else
-        redirect_to new_namespace_project_import_path(@project.namespace,
-                                                      @project) && return
+        redirect_to(new_namespace_project_import_path(@project.namespace,
+                                                      @project)) and return
       end
     end
   end

app/controllers/projects/issues_controller.rb

@@ -60,7 +60,7 @@ class Projects::IssuesController < Projects::ApplicationController
   def show
     @participants = @issue.participants(current_user)
     @note = @project.notes.new(noteable: @issue)
-    @notes = @issue.notes.with_associations.fresh
+    @notes = @issue.notes.nonawards.with_associations.fresh
     @noteable = @issue
 
     respond_with(@issue)
@@ -158,12 +158,10 @@ class Projects::IssuesController < Projects::ApplicationController
   end
 
   def issue_params
-    permitted = params.require(:issue).permit(
+    params.require(:issue).permit(
       :title, :assignee_id, :position, :description,
       :milestone_id, :state_event, :task_num, label_ids: []
     )
-    params[:issue][:title].strip! if params[:issue][:title]
-    permitted
   end
 
   def bulk_update_params

app/controllers/projects/merge_requests_controller.rb

@@ -268,7 +268,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
 
     # Build a note object for comment form
     @note = @project.notes.new(noteable: @merge_request)
-    @notes = @merge_request.mr_and_commit_notes.inc_author.fresh
+    @notes = @merge_request.mr_and_commit_notes.nonawards.inc_author.fresh
     @discussions = Note.discussions_from_notes(@notes)
     @noteable = @merge_request
 
@@ -290,13 +290,11 @@ class Projects::MergeRequestsController < Projects::ApplicationController
   end
 
   def merge_request_params
-    permitted = params.require(:merge_request).permit(
+    params.require(:merge_request).permit(
       :title, :assignee_id, :source_project_id, :source_branch,
       :target_project_id, :target_branch, :milestone_id,
       :state_event, :description, :task_num, label_ids: []
     )
-    params[:merge_request][:title].strip! if params[:merge_request][:title]
-    permitted
   end
 
   def merge_params

app/controllers/projects/notes_controller.rb

@@ -3,7 +3,7 @@ class Projects::NotesController < Projects::ApplicationController
   before_action :authorize_read_note!
   before_action :authorize_create_note!, only: [:create]
   before_action :authorize_admin_note!, only: [:update, :destroy]
-  before_action :find_current_user_notes, except: [:destroy, :delete_attachment]
+  before_action :find_current_user_notes, except: [:destroy, :delete_attachment, :award_toggle]
 
   def index
     current_fetched_at = Time.now.to_i
@@ -58,6 +58,30 @@ class Projects::NotesController < Projects::ApplicationController
     end
   end
 
+  def award_toggle
+    noteable = if note_params[:noteable_type] == "issue"
+                 project.issues.find(note_params[:noteable_id])
+               else
+                 project.merge_requests.find(note_params[:noteable_id])
+               end
+
+    data = {
+      author: current_user,
+      is_award: true,
+      note: note_params[:note].gsub(":", '')
+    }
+
+    note = noteable.notes.find_by(data)
+
+    if note
+      note.destroy
+    else
+      Notes::CreateService.new(project, current_user, note_params).execute
+    end
+
+    render json: { ok: true }
+  end
+
   private
 
   def note
@@ -111,6 +135,9 @@ class Projects::NotesController < Projects::ApplicationController
       id: note.id,
       discussion_id: note.discussion_id,
       html: note_to_html(note),
+      award: note.is_award,
+      emoji_path: note.is_award ? view_context.image_url(::AwardEmoji.path_to_emoji_image(note.note)) : "",
+      note: note.note,
       discussion_html: note_to_discussion_html(note),
       discussion_with_diff_html: note_to_discussion_with_diff_html(note)
     }

app/controllers/projects/tags_controller.rb

@@ -2,7 +2,7 @@ class Projects::TagsController < Projects::ApplicationController
   # Authorize
   before_action :require_non_empty_project
   before_action :authorize_download_code!
-  before_action :authorize_push_code!, only: [:create]
+  before_action :authorize_push_code!, only: [:new, :create]
   before_action :authorize_admin_project!, only: [:destroy]
 
   def index

app/controllers/projects/tree_controller.rb

 # Controller for viewing a repository's file structure
 class Projects::TreeController < Projects::ApplicationController
   include ExtractsPath
+  include CreatesMergeRequestForCommit
   include ActionView::Helpers::SanitizeHelper
 
   before_action :require_non_empty_project, except: [:new, :create]
@@ -43,7 +44,7 @@ class Projects::TreeController < Projects::ApplicationController
     if result && result[:status] == :success
       flash[:notice] = "The directory has been successfully created"
       respond_to do |format|
-        format.html { redirect_to namespace_project_blob_path(@project.namespace, @project, File.join(@new_branch, @dir_name)) }
+        format.html { redirect_to after_create_dir_path }
       end
     else
       flash[:alert] = message
@@ -53,6 +54,8 @@ class Projects::TreeController < Projects::ApplicationController
     end
   end
 
+  private
+
   def assign_dir_vars
     @new_branch = params[:new_branch].present? ? sanitize(strip_tags(params[:new_branch])) : @ref
     @dir_name = File.join(@path, params[:dir_name])
@@ -63,4 +66,12 @@ class Projects::TreeController < Projects::ApplicationController
       commit_message: params[:commit_message],
     }
   end
+
+  def after_create_dir_path
+    if create_merge_request?
+      new_merge_request_path
+    else
+      namespace_project_blob_path(@project.namespace, @project, File.join(@new_branch, @dir_name))
+    end
+  end
 end

app/controllers/projects_controller.rb

@@ -123,7 +123,7 @@ class ProjectsController < ApplicationController
     ::Projects::DestroyService.new(@project, current_user, {}).execute
     flash[:alert] = "Project '#{@project.name}' was deleted."
 
-    redirect_back_or_default(default: dashboard_projects_path, options: {})
+    redirect_to dashboard_projects_path
   rescue Projects::DestroyService::DestroyError => ex
     redirect_to edit_project_path(@project), alert: ex.message
   end

app/controllers/snippets_controller.rb

 class SnippetsController < ApplicationController
   before_action :snippet, only: [:show, :edit, :destroy, :update, :raw]
 
+  # Allow read snippet
+  before_action :authorize_read_snippet!, only: [:show, :raw]
+
   # Allow modify snippet
   before_action :authorize_update_snippet!, only: [:edit, :update]
 
@@ -79,10 +82,14 @@ class SnippetsController < ApplicationController
                      [Snippet::PUBLIC, Snippet::INTERNAL]).
                      find(params[:id])
                  else
-                   PersonalSnippet.are_public.find(params[:id])
+                   PersonalSnippet.find(params[:id])
                  end
   end
 
+  def authorize_read_snippet!
+    authenticate_user! unless can?(current_user, :read_personal_snippet, @snippet)
+  end
+
   def authorize_update_snippet!
     return render_404 unless can?(current_user, :update_personal_snippet, @snippet)
   end

app/controllers/users_controller.rb

@@ -3,14 +3,11 @@ class UsersController < ApplicationController
   before_action :set_user
 
   def show
-    @contributed_projects = contributed_projects.joined(@user).
-      reject(&:forked?)
+    @contributed_projects = contributed_projects.joined(@user).reject(&:forked?)
 
-    @projects = @user.personal_projects.
-      where(id: authorized_projects_ids).includes(:namespace)
+    @projects = PersonalProjectsFinder.new(@user).execute(current_user)
 
-    # Collect only groups common for both users
-    @groups = @user.groups & GroupsFinder.new.execute(current_user)
+    @groups = JoinedGroupsFinder.new(@user).execute(current_user)
 
     respond_to do |format|
       format.html
@@ -53,16 +50,8 @@ class UsersController < ApplicationController
     @user = User.find_by_username!(params[:username])
   end
 
-  def authorized_projects_ids
-    # Projects user can view
-    @authorized_projects_ids ||=
-      ProjectsFinder.new.execute(current_user).pluck(:id)
-  end
-
   def contributed_projects
-    @contributed_projects = Project.
-      where(id: authorized_projects_ids & @user.contributed_projects_ids).
-      includes(:namespace)
+    ContributedProjectsFinder.new(@user).execute(current_user)
   end
 
   def contributions_calendar
@@ -73,9 +62,13 @@ class UsersController < ApplicationController
   def load_events
     # Get user activity feed for projects common for both users
     @events = @user.recent_events.
-      where(project_id: authorized_projects_ids).
-      with_associations
+      merge(projects_for_current_user).
+      references(:project).
+      with_associations.
+      limit_recent(20, params[:offset])
+  end
 
-    @events = @events.limit(20).offset(params[:offset] || 0)
+  def projects_for_current_user
+    ProjectsFinder.new.execute(current_user)
   end
 end

app/finders/contributed_projects_finder.rb

+class ContributedProjectsFinder
+  def initialize(user)
+    @user = user
+  end
+
+  # Finds the projects "@user" contributed to, limited to either public projects
+  # or projects visible to the given user.
+  #
+  # current_user - When given the list of the projects is limited to those only
+  #                visible by this user.
+  #
+  # Returns an ActiveRecord::Relation.
+  def execute(current_user = nil)
+    if current_user
+      relation = projects_visible_to_user(current_user)
+    else
+      relation = public_projects
+    end
+
+    relation.includes(:namespace).order_id_desc
+  end
+
+  private
+
+  def projects_visible_to_user(current_user)
+    authorized = @user.contributed_projects.visible_to_user(current_user)
+
+    union = Gitlab::SQL::Union.
+      new([authorized.select(:id), public_projects.select(:id)])
+
+    Project.where("projects.id IN (#{union.to_sql})")
+  end
+
+  def public_projects
+    @user.contributed_projects.public_only
+  end
+end

app/finders/groups_finder.rb

 class GroupsFinder
-  def execute(current_user, options = {})
-    all_groups(current_user)
+  # Finds the groups available to the given user.
+  #
+  # current_user - The user to find the groups for.
+  #
+  # Returns an ActiveRecord::Relation.
+  def execute(current_user = nil)
+    if current_user
+      relation = groups_visible_to_user(current_user)
+    else
+      relation = public_groups
+    end
+
+    relation.order_id_desc
   end
 
   private
 
-  def all_groups(current_user)
-    group_ids = if current_user
-                  if current_user.authorized_groups.any?
-                    # User has access to groups
-                    #
-                    # Return only:
-                    #   groups with public projects
-                    #   groups with internal projects
-                    #   groups with joined projects
-                    #
-                    Project.public_and_internal_only.pluck(:namespace_id) +
-                      current_user.authorized_groups.pluck(:id)
-                  else
-                    # User has no group membership
-                    #
-                    # Return only:
-                    #   groups with public projects
-                    #   groups with internal projects
-                    #
-                    Project.public_and_internal_only.pluck(:namespace_id)
-                  end
-                else
-                  # Not authenticated
-                  #
-                  # Return only:
-                  #   groups with public projects
-                  Project.public_only.pluck(:namespace_id)
-                end
-
-    Group.where("public IS TRUE OR id IN(?)", group_ids)
+  # This method returns the groups "current_user" can see.
+  def groups_visible_to_user(current_user)
+    base = groups_for_projects(public_and_internal_projects)
+
+    union = Gitlab::SQL::Union.
+      new([base.select(:id), current_user.authorized_groups.select(:id)])
+
+    Group.where("namespaces.id IN (#{union.to_sql})")
+  end
+
+  def public_groups
+    groups_for_projects(public_projects)
+  end
+
+  def groups_for_projects(projects)
+    Group.public_and_given_groups(projects.select(:namespace_id))
+  end
+
+  def public_projects
+    Project.unscoped.public_only
+  end
+
+  def public_and_internal_projects
+    Project.unscoped.public_and_internal_only
   end
 end

app/finders/issuable_finder.rb

@@ -62,10 +62,10 @@ class IssuableFinder
 
     if project?
       @project = Project.find(params[:project_id])
-      
+
       unless Ability.abilities.allowed?(current_user, :read_project, @project)
         @project = nil
-      end 
+      end
     else
       @project = nil
     end
@@ -77,11 +77,11 @@ class IssuableFinder
     return @projects if defined?(@projects)
 
     if project?
-      project
+      @projects = project
     elsif current_user && params[:authorized_only].presence && !current_user_related?
-      current_user.authorized_projects
+      @projects = current_user.authorized_projects
     else
-      ProjectsFinder.new.execute(current_user)
+      @projects = ProjectsFinder.new.execute(current_user)
     end
   end
 
@@ -190,8 +190,10 @@ class IssuableFinder
 
   def by_project(items)
     items =
-      if projects
-        items.of_projects(projects).references(:project)
+      if project?
+        items.of_projects(projects).references_project
+      elsif projects
+        items.merge(projects.reorder(nil)).join_project
       else
         items.none
       end
@@ -206,7 +208,9 @@ class IssuableFinder
   end
 
   def sort(items)
-    items.sort(params[:sort])
+    # Ensure we always have an explicit sort order (instead of inheriting
+    # multiple orders when combining ActiveRecord::Relation objects).
+    params[:sort] ? items.sort(params[:sort]) : items.reorder(id: :desc)
   end
 
   def by_assignee(items)

app/finders/joined_groups_finder.rb

+# Class for finding the groups a user is a member of.
+class JoinedGroupsFinder
+  def initialize(user = nil)
+    @user = user
+  end
+
+  # Finds the groups of the source user, optionally limited to those visible to
+  # the current user.
+  #
+  # current_user - If given the groups of "@user" will only include the groups
+  #                "current_user" can also see.
+  #
+  # Returns an ActiveRecord::Relation.
+  def execute(current_user = nil)
+    if current_user
+      relation = groups_visible_to_user(current_user)
+    else
+      relation = public_groups
+    end
+
+    relation.order_id_desc
+  end
+
+  private
+
+  # Returns the groups the user in "current_user" can see.
+  #
+  # This list includes all public/internal projects as well as the projects of
+  # "@user" that "current_user" also has access to.
+  def groups_visible_to_user(current_user)
+    base  = @user.authorized_groups.visible_to_user(current_user)
+    extra = public_and_internal_groups
+    union = Gitlab::SQL::Union.new([base.select(:id), extra.select(:id)])
+
+    Group.where("namespaces.id IN (#{union.to_sql})")
+  end
+
+  def public_groups
+    groups_for_projects(@user.authorized_projects.public_only)
+  end
+
+  def public_and_internal_groups
+    groups_for_projects(@user.authorized_projects.public_and_internal_only)
+  end
+
+  def groups_for_projects(projects)
+    @user.groups.public_and_given_groups(projects.select(:namespace_id))
+  end
+end

app/finders/notes_finder.rb

@@ -12,9 +12,9 @@ class NotesFinder
       when "commit"
         project.notes.for_commit_id(target_id).not_inline
       when "issue"
-        project.issues.find(target_id).notes.inc_author
+        project.issues.find(target_id).notes.nonawards.inc_author
       when "merge_request"
-        project.merge_requests.find(target_id).mr_and_commit_notes.inc_author
+        project.merge_requests.find(target_id).mr_and_commit_notes.nonawards.inc_author
       when "snippet", "project_snippet"
         project.snippets.find(target_id).notes
       else

app/finders/personal_projects_finder.rb

+class PersonalProjectsFinder
+  def initialize(user)
+    @user = user
+  end
+
+  # Finds the projects belonging to the user in "@user", limited to either
+  # public projects or projects visible to the given user.
+  #
+  # current_user - When given the list of projects is limited to those only
+  #                visible by this user.
+  #
+  # Returns an ActiveRecord::Relation.
+  def execute(current_user = nil)
+    if current_user
+      relation = projects_visible_to_user(current_user)
+    else
+      relation = public_projects
+    end
+
+    relation.includes(:namespace).order_id_desc
+  end
+
+  private
+
+  def projects_visible_to_user(current_user)
+    authorized = @user.personal_projects.visible_to_user(current_user)
+
+    union = Gitlab::SQL::Union.
+      new([authorized.select(:id), public_and_internal_projects.select(:id)])
+
+    Project.where("projects.id IN (#{union.to_sql})")
+  end
+
+  def public_projects
+    @user.personal_projects.public_only
+  end
+
+  def public_and_internal_projects
+    @user.personal_projects.public_and_internal_only
+  end
+end

app/finders/projects_finder.rb

 class ProjectsFinder
-  def execute(current_user, options = {})
+  # Returns all projects, optionally including group projects a user has access
+  # to.
+  #
+  # ## Examples
+  #
+  # Retrieving all public projects:
+  #
+  #     ProjectsFinder.new.execute
+  #
+  # Retrieving all public/internal projects and those the given user has access
+  # to:
+  #
+  #     ProjectsFinder.new.execute(some_user)
+  #
+  # Retrieving all public/internal projects as well as the group's projects the
+  # user has access to:
+  #
+  #     ProjectsFinder.new.execute(some_user, group: some_group)
+  #
+  # Returns an ActiveRecord::Relation.
+  def execute(current_user = nil, options = {})
     group = options[:group]
 
     if group
-      group_projects(current_user, group)
+      segments = group_projects(current_user, group)
     else
-      all_projects(current_user)
+      segments = all_projects(current_user)
+    end
+
+    if segments.length > 1
+      union = Gitlab::SQL::Union.new(segments.map { |s| s.select(:id) })
+
+      Project.where("projects.id IN (#{union.to_sql})")
+    else
+      segments.first
     end
   end
 
@@ -13,77 +41,36 @@ class ProjectsFinder
 
   def group_projects(current_user, group)
     if current_user
-      if group.users.include?(current_user)
-        # User is group member
-        #
-        # Return ALL group projects
-        group.projects
-      else
-        projects_members = ProjectMember.in_projects(group.projects).
-          with_user(current_user)
-
-        if projects_members.any?
-          # User is a project member
-          #
-          # Return only:
-          #   public projects
-          #   internal projects
-          #   joined projects
-          #
-          group.projects.where(
-            "projects.id IN (?) OR projects.visibility_level IN (?)",
-            projects_members.pluck(:source_id),
-            Project.public_and_internal_levels
-          )
-        else
-          # User has no access to group or group projects
-          #
-          # Return only:
-          #   public projects
-          #   internal projects
-          #
-          group.projects.public_and_internal_only
-        end
-      end
+      [
+        group_projects_for_user(current_user, group),
+        group.projects.public_and_internal_only
+      ]
     else
-      # Not authenticated
-      #
-      # Return only:
-      #   public projects
-      group.projects.public_only
+      [group.projects.public_only]
     end
   end
 
   def all_projects(current_user)
     if current_user
-      if current_user.authorized_projects.any?
-        # User has access to private projects
-        #
-        # Return only:
-        #   public projects
-        #   internal projects
-        #   joined projects
-        #
-        Project.where(
-          "projects.id IN (?) OR projects.visibility_level IN (?)",
-          current_user.authorized_projects.pluck(:id),
-          Project.public_and_internal_levels
-        )
-      else
-        # User has no access to private projects
-        #
-        # Return only:
-        #   public projects
-        #   internal projects
-        #
-        Project.public_and_internal_only
-      end
+      [current_user.authorized_projects, public_and_internal_projects]
     else
-      # Not authenticated
-      #
-      # Return only:
-      #   public projects
-      Project.public_only
+      [Project.public_only]
     end
   end
+
+  def group_projects_for_user(current_user, group)
+    if group.users.include?(current_user)
+      group.projects
+    else
+      group.projects.visible_to_user(current_user)
+    end
+  end
+
+  def public_projects
+    Project.unscoped.public_only
+  end
+
+  def public_and_internal_projects
+    Project.unscoped.public_and_internal_only
+  end
 end

app/helpers/application_helper.rb

@@ -68,7 +68,7 @@ module ApplicationHelper
     end
   end
 
-  def avatar_icon(user_or_email = nil, size = nil)
+  def avatar_icon(user_or_email = nil, size = nil, scale = 2)
     if user_or_email.is_a?(User)
       user = user_or_email
     else
@@ -78,12 +78,12 @@ module ApplicationHelper
     if user
       user.avatar_url(size) || default_avatar
     else
-      gravatar_icon(user_or_email, size)
+      gravatar_icon(user_or_email, size, scale)
     end
   end
 
-  def gravatar_icon(user_email = '', size = nil)
-    GravatarService.new.execute(user_email, size) ||
+  def gravatar_icon(user_email = '', size = nil, scale = 2)
+    GravatarService.new.execute(user_email, size, scale) ||
       default_avatar
   end
 

app/helpers/blob_helper.rb

@@ -60,7 +60,7 @@ module BlobHelper
     if Gitlab::MarkupHelper.previewable?(filename)
       'Preview'
     else
-      'Preview changes'
+      'Preview Changes'
     end
   end
 

app/helpers/button_helper.rb

+module ButtonHelper
+  # Output a "Copy to Clipboard" button
+  #
+  # data - Data attributes passed to `content_tag`
+  #
+  # Examples:
+  #
+  #   # Define the clipboard's text
+  #   clipboard_button(clipboard_text: "Foo")
+  #   # => "<button class='...' data-clipboard-text='Foo'>...</button>"
+  #
+  #   # Define the target element
+  #   clipboard_button(clipboard_target: "#foo")
+  #   # => "<button class='...' data-clipboard-target='#foo'>...</button>"
+  #
+  # See http://clipboardjs.com/#usage
+  def clipboard_button(data = {})
+    content_tag :button,
+      icon('clipboard'),
+      class: 'btn btn-xs btn-clipboard',
+      data: data,
+      type: :button
+  end
+
+  def http_clone_button(project)
+    klass = 'btn js-protocol-switch'
+    klass << ' active'      if default_clone_protocol == 'http'
+    klass << ' has_tooltip' if current_user.try(:require_password?)
+
+    protocol = gitlab_config.protocol.upcase
+
+    content_tag :button, protocol,
+      class: klass,
+      data: {
+        clone: project.http_url_to_repo,
+        container: 'body',
+        html: 'true',
+        title: "Set a password on your account<br>to pull or push via #{protocol}"
+      },
+      type: :button
+  end
+
+  def ssh_clone_button(project)
+    klass = 'btn js-protocol-switch'
+    klass << ' active'      if default_clone_protocol == 'ssh'
+    klass << ' has_tooltip' if current_user.try(:require_ssh_key?)
+
+    content_tag :button, 'SSH',
+      class: klass,
+      data: {
+        clone: project.ssh_url_to_repo,
+        container: 'body',
+        html: 'true',
+        title: 'Add an SSH key to your profile<br>to pull or push via SSH.'
+      },
+      type: :button
+  end
+end

app/helpers/clipboard_helper.rb

-module ClipboardHelper
-  def clipboard_button
-    content_tag :button,
-      icon('clipboard'),
-      class: 'btn btn-xs btn-clipboard js-clipboard-trigger',
-      type: :button
-  end
-end

app/helpers/commits_helper.rb

@@ -109,7 +109,7 @@ module CommitsHelper
         )
       elsif @path.present?
         return link_to(
-          "Browse Dir »",
+          "Browse Directory »",
           namespace_project_tree_path(project.namespace, project,
                                       tree_join(commit.id, @path)),
           class: "pull-right"
@@ -117,7 +117,7 @@ module CommitsHelper
       end
     end
     link_to(
-      "Browse Code »",
+      "Browse Files »",
       namespace_project_tree_path(project.namespace, project, commit),
       class: "pull-right"
     )

app/helpers/diff_helper.rb

@@ -146,9 +146,9 @@ module DiffHelper
   def submodule_link(blob, ref, repository = @repository)
     tree, commit = submodule_links(blob, ref, repository)
     commit_id = if commit.nil?
-                  blob.id[0..10]
+                  Commit.truncate_sha(blob.id)
                 else
-                  link_to "#{blob.id[0..10]}", commit
+                  link_to Commit.truncate_sha(blob.id), commit
                 end
 
     [

app/helpers/emails_helper.rb

@@ -28,6 +28,8 @@ module EmailsHelper
         return "View #{action.humanize.singularize}"
       end
     end
+
+    nil
   end
 
   def color_email_diff(diffcontent)

app/helpers/gitlab_routing_helper.rb

@@ -6,7 +6,7 @@
 #
 # For example instead of this:
 #
-#   namespace_project_merge_request_path(merge_request.project.namespace, merge_request.projects, merge_request)
+#   namespace_project_merge_request_path(merge_request.project.namespace, merge_request.project, merge_request)
 #
 # We can simply use shortcut:
 #

app/helpers/icons_helper.rb

@@ -27,16 +27,20 @@ module IconsHelper
     end
   end
 
-  def public_icon
-    icon('globe fw')
-  end
-
-  def internal_icon
-    icon('shield fw')
-  end
+  def visibility_level_icon(level, fw: true)
+    name =
+      case level
+      when Gitlab::VisibilityLevel::PRIVATE
+        'lock'
+      when Gitlab::VisibilityLevel::INTERNAL
+        'shield'
+      else # Gitlab::VisibilityLevel::PUBLIC
+        'globe'
+      end
+      
+    name << " fw" if fw
 
-  def private_icon
-    icon('lock fw')
+    icon(name)
   end
 
   def file_type_icon_class(type, mode, name)

app/helpers/issues_helper.rb

@@ -44,14 +44,17 @@ module IssuesHelper
   end
 
   def bulk_update_milestone_options
-    options_for_select([['None (backlog)', -1]]) +
-        options_from_collection_for_select(project_active_milestones, 'id',
-                                           'title', params[:milestone_id])
+    milestones = project_active_milestones.to_a
+    milestones.unshift(Milestone::None)
+
+    options_from_collection_for_select(milestones, 'id', 'title', params[:milestone_id])
   end
 
   def milestone_options(object)
-    options_from_collection_for_select(object.project.milestones.active,
-                                       'id', 'title', object.milestone_id)
+    milestones = object.project.milestones.active.to_a
+    milestones.unshift(Milestone::None)
+
+    options_from_collection_for_select(milestones, 'id', 'title', object.milestone_id)
   end
 
   def issue_box_class(item)
@@ -84,7 +87,38 @@ module IssuesHelper
   end
 
   def merge_requests_sentence(merge_requests)
-    merge_requests.map(&:to_reference).to_sentence(last_word_connector: ', or ')
+    # Sorting based on the `!123` or `group/project!123` reference will sort
+    # local merge requests first.
+    merge_requests.map do |merge_request|
+      merge_request.to_reference(@project)
+    end.sort.to_sentence(last_word_connector: ', or ')
+  end
+
+  def url_to_emoji(name)
+    emoji_path = ::AwardEmoji.path_to_emoji_image(name)
+    url_to_image(emoji_path)
+  rescue StandardError
+    ""
+  end
+
+  def emoji_author_list(notes, current_user)
+    list = notes.map do |note|
+             note.author == current_user ? "me" : note.author.name
+           end
+
+    list.join(", ")
+  end
+
+  def emoji_list
+    ::AwardEmoji::EMOJI_LIST
+  end
+
+  def note_active_class(notes, current_user)
+    if current_user && notes.pluck(:author_id).include?(current_user.id)
+      "active"
+    else
+      ""
+    end
   end
 
   # Required for Gitlab::Markdown::IssueReferenceFilter

app/helpers/merge_requests_helper.rb

@@ -8,14 +8,6 @@ module MergeRequestsHelper
     )
   end
 
-  def new_mr_path_for_fork_from_push_event(event)
-    new_namespace_project_merge_request_path(
-      event.project.namespace,
-      event.project,
-      new_mr_from_push_event(event, event.project.forked_from_project)
-    )
-  end
-
   def new_mr_from_push_event(event, target_project)
     {
       merge_request: {
@@ -47,7 +39,11 @@ module MergeRequestsHelper
   end
 
   def issues_sentence(issues)
-    issues.map(&:to_reference).to_sentence
+    # Sorting based on the `#123` or `group/project#123` reference will sort
+    # local issues first.
+    issues.map do |issue|
+      issue.to_reference(@project)
+    end.sort.to_sentence
   end
 
   def mr_change_branches_path(merge_request)
@@ -57,18 +53,21 @@ module MergeRequestsHelper
         source_project_id: @merge_request.source_project_id,
         target_project_id: @merge_request.target_project_id,
         source_branch: @merge_request.source_branch,
-        target_branch: nil
-      }
+        target_branch: @merge_request.target_branch,
+      },
+      change_branches: true
     )
   end
 
   def source_branch_with_namespace(merge_request)
+    branch = link_to(merge_request.source_branch, namespace_project_commits_path(merge_request.source_project.namespace, merge_request.source_project, merge_request.source_branch))
+
     if merge_request.for_fork?
       namespace = link_to(merge_request.source_project_namespace,
         project_path(merge_request.source_project))
-      namespace + ":#{merge_request.source_branch}"
+      namespace + ":" + branch
     else
-      merge_request.source_branch
+      branch
     end
   end
 

app/helpers/namespaces_helper.rb

 module NamespacesHelper
-  def namespaces_options(selected = :current_user, scope = :default)
+  def namespaces_options(selected = :current_user, display_path: false)
     groups = current_user.owned_groups + current_user.masters_groups
     users = [current_user.namespace]
 
-    group_opts = ["Groups", groups.sort_by(&:human_name).map {|g| [g.human_name, g.id]} ]
-    users_opts = [ "Users", users.sort_by(&:human_name).map {|u| [u.human_name, u.id]} ]
+    group_opts = ["Groups", groups.sort_by(&:human_name).map {|g| [display_path ? g.path : g.human_name, g.id]} ]
+    users_opts = [ "Users", users.sort_by(&:human_name).map {|u| [display_path ? u.path : u.human_name, u.id]} ]
 
     options = []
     options << group_opts

app/helpers/nav_helper.rb

@@ -4,6 +4,14 @@ module NavHelper
   end
 
   def nav_sidebar_class
+    if nav_menu_collapsed?
+      "sidebar-collapsed"
+    else
+      "sidebar-expanded"
+    end
+  end
+
+  def page_sidebar_class
     if nav_menu_collapsed?
       "page-sidebar-collapsed"
     else

app/helpers/projects_helper.rb

@@ -21,7 +21,7 @@ module ProjectsHelper
   end
 
   def link_to_member(project, author, opts = {})
-    default_opts = { avatar: true, name: true, size: 16, author_class: 'author' }
+    default_opts = { avatar: true, name: true, size: 16, author_class: 'author', title: ":name" }
     opts = default_opts.merge(opts)
 
     return "(deleted)" unless author
@@ -39,7 +39,8 @@ module ProjectsHelper
     if opts[:name]
       link_to(author_html, user_path(author), class: "author_link").html_safe
     else
-      link_to(author_html, user_path(author), class: "author_link has_tooltip", data: { :'original-title' => sanitize(author.name) } ).html_safe
+      title = opts[:title].sub(":name", sanitize(author.name))
+      link_to(author_html, user_path(author), class: "author_link has_tooltip", data: { :'original-title' => title, container: 'body' } ).html_safe
     end
   end
 
@@ -173,8 +174,7 @@ module ProjectsHelper
     'unknown'
   end
 
-  def default_url_to_repo(project = nil)
-    project = project || @project
+  def default_url_to_repo(project = @project)
     current_user ? project.url_to_repo : project.http_url_to_repo
   end
 
@@ -253,14 +253,6 @@ module ProjectsHelper
     filename_path(project, :version)
   end
 
-  def hidden_pass_url(original_url)
-    result = URI(original_url)
-    result.password = '*****' unless result.password.nil?
-    result
-  rescue
-    original_url
-  end
-
   def project_wiki_path_with_version(proj, page, version, is_newest)
     url_params = is_newest ? {} : { version_id: version }
     namespace_project_wiki_path(proj.namespace, proj, page, url_params)

app/helpers/selects_helper.rb

@@ -15,12 +15,14 @@ module SelectsHelper
 
     html = {
       class: css_class,
-      'data-placeholder' => placeholder,
-      'data-null-user' => null_user,
-      'data-any-user' => any_user,
-      'data-email-user' => email_user,
-      'data-first-user' => first_user,
-      'data-current-user' => current_user
+      data: {
+        placeholder: placeholder,
+        null_user: null_user,
+        any_user: any_user,
+        email_user: email_user,
+        first_user: first_user,
+        current_user: current_user
+      }
     }
 
     unless opts[:scope] == :all

app/helpers/visibility_level_helper.rb

@@ -25,48 +25,24 @@ module VisibilityLevelHelper
   end
 
   def project_visibility_level_description(level)
-    capture_haml do
-      haml_tag :span do
-        case level
-        when Gitlab::VisibilityLevel::PRIVATE
-          haml_concat "Project access must be granted explicitly for each user."
-        when Gitlab::VisibilityLevel::INTERNAL
-          haml_concat "The project can be cloned by"
-          haml_concat "any logged in user."
-        when Gitlab::VisibilityLevel::PUBLIC
-          haml_concat "The project can be cloned"
-          haml_concat "without any"
-          haml_concat "authentication."
-        end
-      end
+    case level
+    when Gitlab::VisibilityLevel::PRIVATE
+      "Project access must be granted explicitly for each user."
+    when Gitlab::VisibilityLevel::INTERNAL
+      "The project can be cloned by any logged in user."
+    when Gitlab::VisibilityLevel::PUBLIC
+      "The project can be cloned without any authentication."
     end
   end
 
   def snippet_visibility_level_description(level)
-    capture_haml do
-      haml_tag :span do
-        case level
-        when Gitlab::VisibilityLevel::PRIVATE
-          haml_concat "The snippet is visible only for me."
-        when Gitlab::VisibilityLevel::INTERNAL
-          haml_concat "The snippet is visible for any logged in user."
-        when Gitlab::VisibilityLevel::PUBLIC
-          haml_concat "The snippet can be accessed"
-          haml_concat "without any"
-          haml_concat "authentication."
-        end
-      end
-    end
-  end
-
-  def visibility_level_icon(level)
     case level
     when Gitlab::VisibilityLevel::PRIVATE
-      private_icon
+      "The snippet is visible only for me."
     when Gitlab::VisibilityLevel::INTERNAL
-      internal_icon
+      "The snippet is visible for any logged in user."
     when Gitlab::VisibilityLevel::PUBLIC
-      public_icon
+      "The snippet can be accessed without any authentication."
     end
   end
 

app/mailers/base_mailer.rb

@@ -8,10 +8,6 @@ class BaseMailer < ActionMailer::Base
   default from:     Proc.new { default_sender_address.format }
   default reply_to: Proc.new { default_reply_to_address.format }
 
-  def self.delay
-    delay_for(2.seconds)
-  end
-
   def can?
     Ability.abilities.allowed?(current_user, action, subject)
   end

app/models/ability.rb

 class Ability
   class << self
     def allowed(user, subject)
-      return not_auth_abilities(user, subject) if user.nil?
-      return [] unless user.kind_of?(User)
+      return anonymous_abilities(user, subject) if user.nil?
+      return [] unless user.is_a?(User)
       return [] if user.blocked?
 
       case subject.class.name
@@ -20,15 +20,25 @@ class Ability
       end.concat(global_abilities(user))
     end
 
-    # List of possible abilities
-    # for non-authenticated user
-    def not_auth_abilities(user, subject)
-      project = if subject.kind_of?(Project)
+    # List of possible abilities for anonymous user
+    def anonymous_abilities(user, subject)
+      case true
+      when subject.is_a?(PersonalSnippet)
+        anonymous_personal_snippet_abilities(subject)
+      when subject.is_a?(Project) || subject.respond_to?(:project)
+        anonymous_project_abilities(subject)
+      when subject.is_a?(Group) || subject.respond_to?(:group)
+        anonymous_group_abilities(subject)
+      else
+        []
+      end
+    end
+
+    def anonymous_project_abilities(subject)
+      project = if subject.is_a?(Project)
                   subject
-                elsif subject.respond_to?(:project)
-                  subject.project
                 else
-                  nil
+                  subject.project
                 end
 
       if project && project.public?
@@ -48,19 +58,29 @@ class Ability
 
         rules - project_disabled_features_rules(project)
       else
-        group = if subject.kind_of?(Group)
-                  subject
-                elsif subject.respond_to?(:group)
-                  subject.group
-                else
-                  nil
-                end
+        []
+      end
+    end
 
-        if group && group.public_profile?
-          [:read_group]
-        else
-          []
-        end
+    def anonymous_group_abilities(subject)
+      group = if subject.is_a?(Group)
+                subject
+              else
+                subject.group
+              end
+
+      if group && group.public_profile?
+        [:read_group]
+      else
+        []
+      end
+    end
+
+    def anonymous_personal_snippet_abilities(snippet)
+      if snippet.public?
+        [:read_personal_snippet]
+      else
+        []
       end
     end
 
@@ -280,7 +300,7 @@ class Ability
       end
     end
 
-    [:note, :project_snippet, :personal_snippet].each do |name|
+    [:note, :project_snippet].each do |name|
       define_method "#{name}_abilities" do |user, subject|
         rules = []
 
@@ -300,6 +320,24 @@ class Ability
       end
     end
 
+    def personal_snippet_abilities(user, snippet)
+      rules = []
+
+      if snippet.author == user
+        rules += [
+          :read_personal_snippet,
+          :update_personal_snippet,
+          :admin_personal_snippet
+        ]
+      end
+
+      if snippet.public? || snippet.internal?
+        rules << :read_personal_snippet 
+      end
+
+      rules
+    end
+
     def group_member_abilities(user, subject)
       rules = []
       target_user = subject.user

app/models/application_setting.rb

@@ -30,6 +30,8 @@
 #
 
 class ApplicationSetting < ActiveRecord::Base
+  CACHE_KEY = 'application_setting.last'
+
   serialize :restricted_visibility_levels
   serialize :import_sources
   serialize :restricted_signup_domains, Array
@@ -73,15 +75,19 @@ class ApplicationSetting < ActiveRecord::Base
   end
 
   after_commit do
-    Rails.cache.write('application_setting.last', self)
+    Rails.cache.write(CACHE_KEY, self)
   end
 
   def self.current
-    Rails.cache.fetch('application_setting.last') do
+    Rails.cache.fetch(CACHE_KEY) do
       ApplicationSetting.last
     end
   end
 
+  def self.expire
+    Rails.cache.delete(CACHE_KEY)
+  end
+
   def self.create_from_defaults
     create(
       default_projects_limit: Settings.gitlab['default_projects_limit'],
@@ -99,7 +105,7 @@ class ApplicationSetting < ActiveRecord::Base
       restricted_signup_domains: Settings.gitlab['restricted_signup_domains'],
       import_sources: ['github','bitbucket','gitlab','gitorious','google_code','fogbugz','git'],
       shared_runners_enabled: Settings.gitlab_ci['shared_runners_enabled'],
-      max_artifacts_size: Settings.gitlab_ci['max_artifacts_size'],
+      max_artifacts_size: Settings.artifacts['max_size'],
     )
   end