Merge branch 'revert-5b8bb87a' into 'master'

Revert "Merge branch 'sh-update-rack-2.1.4' into 'master'"

See merge request gitlab-org/gitlab!45246

Gemfile

@@ -172,7 +172,7 @@ gem 'diffy', '~> 3.3'
 gem 'diff_match_patch', '~> 0.1.0'
 
 # Application server
-gem 'rack', '~> 2.1.4'
+gem 'rack', '~> 2.0.9'
 # https://github.com/sharpstone/rack-timeout/blob/master/README.md#rails-apps-manually
 gem 'rack-timeout', '~> 0.5.1', require: 'rack/timeout/base'
 

Gemfile.lock

@@ -855,7 +855,7 @@ GEM
     public_suffix (4.0.6)
     pyu-ruby-sasl (0.0.3.3)
     raabro (1.1.6)
-    rack (2.1.4)
+    rack (2.0.9)
     rack-accept (0.4.5)
       rack (>= 0.4)
     rack-attack (6.3.0)
@@ -1429,7 +1429,7 @@ DEPENDENCIES
   prometheus-client-mmap (~> 0.12.0)
   pry-byebug (~> 3.9.0)
   pry-rails (~> 0.3.9)
-  rack (~> 2.1.4)
+  rack (~> 2.0.9)
   rack-attack (~> 6.3.0)
   rack-cors (~> 1.0.6)
   rack-oauth2 (~> 1.9.3)

app/controllers/admin/users_controller.rb

@@ -172,7 +172,7 @@ class Admin::UsersController < Admin::ApplicationController
         # restore username to keep form action url.
         user.username = params[:id]
         format.html { render "edit" }
-        format.json { render json: [result[:message]], status: :internal_server_error }
+        format.json { render json: [result[:message]], status: result[:status] }
       end
     end
   end

app/controllers/projects/merge_requests/drafts_controller.rb

@@ -45,7 +45,7 @@ class Projects::MergeRequests::DraftsController < Projects::MergeRequests::Appli
     if result[:status] == :success
       head :ok
     else
-      render json: { message: result[:message] }, status: :internal_server_error
+      render json: { message: result[:message] }, status: result[:status]
     end
   end
 

changelogs/unreleased/sh-update-rack-2-1-4.yml

----
-title: Update to Rack v2.1.4
-merge_request: 44518
-author:
-type: fixed

lib/api/ci/runner.rb

@@ -72,7 +72,6 @@ module API
         post '/verify' do
           authenticate_runner!
           status 200
-          body "200"
         end
       end
 
@@ -184,7 +183,6 @@ module API
           service.execute.then do |result|
             header 'X-GitLab-Trace-Update-Interval', result.backoff
             status result.status
-            body result.status.to_s
           end
         end
 
@@ -295,7 +293,6 @@ module API
 
           if result[:status] == :success
             status :created
-            body "201"
           else
             render_api_error!(result[:message], result[:http_status])
           end

lib/api/helpers.rb

@@ -522,7 +522,7 @@ module API
       else
         header(*Gitlab::Workhorse.send_url(file.url))
         status :ok
-        body ""
+        body
       end
     end
 

lib/api/internal/lfs.rb

@@ -44,7 +44,7 @@ module API
               workhorse_headers = Gitlab::Workhorse.send_url(file.url)
               header workhorse_headers[0], workhorse_headers[1]
               env['api.format'] = :binary
-              body ""
+              body nil
             end
           end
         end

spec/controllers/admin/users_controller_spec.rb

@@ -338,7 +338,7 @@ RSpec.describe Admin::UsersController do
 
   describe 'POST update' do
     context 'when the password has changed' do
-      def update_password(user, password = User.random_password, password_confirmation = password, format = :html)
+      def update_password(user, password = User.random_password, password_confirmation = password)
         params = {
           id: user.to_param,
           user: {
@@ -347,7 +347,7 @@ RSpec.describe Admin::UsersController do
           }
         }
 
-        post :update, params: params, format: format
+        post :update, params: params
       end
 
       context 'when admin changes their own password' do
@@ -446,23 +446,6 @@ RSpec.describe Admin::UsersController do
             .not_to change { user.reload.encrypted_password }
         end
       end
-
-      context 'when the update fails' do
-        let(:password) { User.random_password }
-
-        before do
-          expect_next_instance_of(Users::UpdateService) do |service|
-            allow(service).to receive(:execute).and_return({ message: 'failed', status: :error })
-          end
-        end
-
-        it 'returns a 500 error' do
-          expect { update_password(admin, password, password, :json) }
-            .not_to change { admin.reload.password_expired? }
-
-          expect(response).to have_gitlab_http_status(:error)
-        end
-      end
     end
 
     context 'admin notes' do

spec/lib/gitlab/middleware/go_spec.rb

@@ -142,8 +142,8 @@ RSpec.describe Gitlab::Middleware::Go do
                         response = go
 
                         expect(response[0]).to eq(403)
-                        expect(response[1]['Content-Length']).to be_nil
-                        expect(response[2]).to eq([''])
+                        expect(response[1]['Content-Length']).to eq('0')
+                        expect(response[2].body).to eq([''])
                       end
                     end
                   end
@@ -187,11 +187,10 @@ RSpec.describe Gitlab::Middleware::Go do
 
           it 'returns 404' do
             response = go
-
             expect(response[0]).to eq(404)
             expect(response[1]['Content-Type']).to eq('text/html')
             expected_body = %{<html><body>go get #{Gitlab.config.gitlab.url}/#{project.full_path}</body></html>}
-            expect(response[2]).to eq([expected_body])
+            expect(response[2].body).to eq([expected_body])
           end
         end
 
@@ -263,7 +262,7 @@ RSpec.describe Gitlab::Middleware::Go do
       expect(response[0]).to eq(200)
       expect(response[1]['Content-Type']).to eq('text/html')
       expected_body = %{<html><head><meta name="go-import" content="#{Gitlab.config.gitlab.host}/#{path} git #{repository_url}" /><meta name="go-source" content="#{Gitlab.config.gitlab.host}/#{path} #{project_url} #{project_url}/-/tree/#{branch}{/dir} #{project_url}/-/blob/#{branch}{/dir}/{file}#L{line}" /></head><body>go get #{Gitlab.config.gitlab.url}/#{path}</body></html>}
-      expect(response[2]).to eq([expected_body])
+      expect(response[2].body).to eq([expected_body])
     end
   end
 end

spec/lib/gitlab/middleware/same_site_cookies_spec.rb

@@ -60,12 +60,12 @@ RSpec.describe Gitlab::Middleware::SameSiteCookies do
       end
 
       context 'with no cookies' do
-        let(:cookies) { "" }
+        let(:cookies) { nil }
 
         it 'does not add headers' do
           response = do_request
 
-          expect(response['Set-Cookie']).to eq("")
+          expect(response['Set-Cookie']).to be_nil
         end
       end