[master] Check issue milestone availability

See merge request gitlab/gitlabhq!2788

Don't allow non-members to see private related MRs

Closes #2787

See merge request gitlab/gitlabhq!2866

Forbid creating discussions for users with restricted access

Closes #2788

See merge request gitlab/gitlabhq!2868

Fix leaking private repository information in API

See merge request gitlab/gitlabhq!2881

Prevent Releases links API to leak tag existence

Closes #2795

See merge request gitlab/gitlabhq!2893

Disable issue board policies when issues are disabled

Closes #2798

See merge request gitlab/gitlabhq!2894

Show only MRs visible to user on milestone detail

See merge request gitlab/gitlabhq!2895

Sharing a public project with a private group makes the group page publicly accessible

See merge request gitlab/gitlabhq!2896

Merge branch '2802-security-add-public-internal-groups-as-members-to-your-project-idor' into 'master'

Add public/internal groups as members to your Project(IDOR)

See merge request gitlab/gitlabhq!2898

Block local URLs for Kubernetes integration

See merge request gitlab/gitlabhq!2901

Validate session key when authorizing with GCP to create a cluster

Closes #2805

See merge request gitlab/gitlabhq!2902

Check snippet attached file to be moved is within designated directory

Closes #2806

See merge request gitlab/gitlabhq!2903

Fix blind SSRF in Prometheus Integration

See merge request gitlab/gitlabhq!2907

Check validity before querying so that if the dns entry for the api_url
has been changed to something invalid after the model was saved and
checked for validity, it will not query. This is to solve a toctou
(time of check to time of use) issue.

[master] Remove link after issue move when no permissions

See merge request gitlab/gitlabhq!2921

Stop linking to unrecognized package sources

See merge request gitlab/gitlabhq!2933

Fix git clone revealing private repo's presence

See merge request gitlab/gitlabhq!2937

Arbitrary file read via MergeRequestDiff

Closes #2814

See merge request gitlab/gitlabhq!2947

Limit number of characters allowed in mermaidjs

See merge request gitlab/gitlabhq!2964

[master] Prevent disclosing project milestone titles

Closes #2794

See merge request gitlab/gitlabhq!2965

Filter impersonated sessions from active sessions and remove ability to revoke session

See merge request gitlab/gitlabhq!2968

Ensure request to link GroupSAML acount was GitLab initiated

See merge request gitlab/gitlabhq!2976

sidekiq: terminate child processes at shutdown

See merge request gitlab-org/gitlab-ce!25669

Quarantine git protocol v2 tests

See merge request gitlab-org/gitlab-ce!25744

Removes EE differences from ci_icon.vue

Closes gitlab-ee#10084

See merge request gitlab-org/gitlab-ce!25742

Sidekiq jobs frequently spawn long-lived child processes to do work.
In some circumstances, these can be reparented to init when sidekiq is
terminated, leading to duplication of work and strange concurrency
problems.

This commit changes sidekiq so that, if run as a process group leader,
it will forward `INT` and `TERM` signals to the whole process group. If
the memory killer is active, it will also use the process group when
resorting to `kill -9` to shut down.

These changes mean that a naive `kill <pid-of-sidekiq>` will now do the
right thing, killing any child processes spawned by sidekiq, as long as
the process supervisor placed it in its own process group.

If sidekiq isn't a process group leader, this new code is skipped.

De-quarantine project activity test

Closes gitlab-org/quality/staging#21

See merge request gitlab-org/gitlab-ce!25630

Types::BaseField accepts authorize after reload

See merge request gitlab-org/gitlab-ce!25694

Update Gitaly docs now NFS isn't required anymore

See merge request gitlab-org/gitlab-ce!25397

CE Add error string formatter for stylelint

See merge request gitlab-org/gitlab-ce!25668

Resolve some Rake task differences

See merge request gitlab-org/gitlab-ce!25644

Resolve "Move files in the Web IDE"

Closes #49397

See merge request gitlab-org/gitlab-ce!25431

- fixed test spec
- added warning only if file is deleted