We show in small font size the same info that is shown on sign_in page:

    "GitLab Nexedi Edition", "About GitLab" and "About Nexedi"

This is good to have and hereby-introduced about-footer area will be
also used in the next patch for ICP too.

XXX placement of .about-footer to be near bottom is done not very
correctly.

Like Omnibus, SlapOS version does not have init script - nothing to
check here.

This is handy for monitoring tools, which could e.g. periodically call check
tasks and instead of parsing output, rely on exit code.

The way we detect if something failed is via hooking into String#red, and if
anything was ever printed in red - that's an error.

The default was switched to HTTP in the previous patch, but let's completely
remove SSH option - we support only HTTP for git fetch/push.

Both fetch and push are possible over https, which is selected by http if
gitlab was configured to use https in external url.

This way to reduce security vectors and possible ways to interact with gitlab
we use https only without ssh at all.

= GitLab Community Edition + Nexedi patches

Ensure logged-out users can't see private refs

https://gitlab.com/gitlab-org/gitlab-ce/issues/18033

I'm still not sure what to do about the CHANGELOG on security issues - should I add to a patch release? This issue was assigned to 8.10.

See merge request !1974
(cherry picked from commit 3a6ebb1f)

Fix privilege escalation issue with OAuth external users

Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/19312

This MR fixes a privilege escalation issue, where manually set external users would be reverted back to internal users if they logged in via OAuth and that provider was not in the `external_providers` list.

/cc @douwe

See merge request !1975
(cherry picked from commit 5e6342b7)

Fix visibility of snippets when searching

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/18997

See merge request !1972
(cherry picked from commit 8a197c15)

Update omniauth-saml to 1.6.0 to address a security vulnerability in ruby-saml

Updates `omniauth-saml` to bring in the new `ruby-saml` dependency that addresses [CVE-2016-5697](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5697)

Fixes #19206

See merge request !4951
(cherry picked from commit c3a8b252)

Only show notes through JSON on confidential issues that the user has access to

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/18535

See merge request !1970

Forbid scripting for wiki files

Wiki files (not pages - files in the repo) are just sent to the browser
with whatever content-type the mime_types gem assigns to them based on
their extension. As this is from the same domain as the GitLab
application, this is an XSS vulnerability.

Set a CSP forbidding all sources for scripting, CSS, XHR, etc. on these
files.

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17298.

See merge request !1969

Remove 'unscoped' from project builds selection

This is a fix for this security bug: https://gitlab.com/gitlab-org/gitlab-ce/issues/18188

/cc @kamil @grzegorz @stanhu

See merge request !1968

fix typo making gitlab.com importing to fail

Fixes https://gitlab.com/gitlab-org/gitlab-ee/issues/565

See merge request !4181

Use the relative url prefix for links in Wiki

Retry of gitlab-org/gitlab-ce!4026

@rymai !4050 solved all other problems how it looks like. I [tested](https://gitlab.com/artem-forks/gitlab-ce/commit/ff01eca7b559efa7cacf3412aa01cd8ae8a6db7e/builds) this with ruby22

Fixes #17071 



See merge request !4131

Create import data in service and fix timing issues when scheduling job

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17401

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17376

See merge request !4106

Fix an issue when filtering merge requests with more than one label

Fixes #15529.

See merge request !3886

Fix build notification on merge request page change even if the build status didn't change

## What does this MR do?
This MR contains a bugfix for #17357 which was introduced by !3998. The notification are now only shown on status changes, and not when switching between different merge requests.

## Are there points in the code the reviewer needs to double check?
Check implementation

## Why was this MR needed?
Because auf a bug introduced in !3998.

## What are the relevant issue numbers?
#17357

Closes #17357

See merge request !4086

Relative Links in the Wiki Are Broken

- [ ] #16568 (!4050) Relative links in wiki are broken
    - [x] Investigate issue

  
    - [x] Implementation / Fix

        - [x] Write (failing) tests for `WikiLinkFilter`
        - [x] Link to `./bar` should either get rewritten correctly or left alone
        - [x] Link to `./bar.md` should maybe get rewritten correctly (is left alone currently)
        - [x] Link to `bar.md` should get rewritten correctly


            - [x] Check if this indeed a bug

    - [x] Make sure CI is green
    - [x] Assign to endboss

    - [x] Wait for review

    - [x] Implement review feedback
    - [ ] Wait for merge


See merge request !4050

This MR never made it into 8.7.4.

[ci skip]

This reverts commit d1ba0986.

[ci skip]

Use a case-insensitive check to compare URI schemes

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/17299

See merge request !1965

Add if exists to drop command

Add `IF EXISTS` as a precaution. Related to gitlab-org/gitlab-ce!4020

See merge request !4100

Rake drop tables with cascade

See merge request !4020