Avoid unnecessary locks on internal_ids

See merge request gitlab-org/gitlab!17123

This avoid an unnecessary FOR UPDATE lock on internal id records when
the iid value has been generated internally anyways.

The lock is still required to track any values that come in through
other means, i.e. set by a user (through the API).

The broader picture is in
https://gitlab.com/gitlab-org/gitlab/issues/30515.

Fix GFM video element hardcoded width

Closes #17139

See merge request gitlab-org/gitlab!17444

Skip CSRF protection in Generic Alerts Endpoint

See merge request gitlab-org/gitlab!17692

Public API endpoints doesn't need to have CSRF protection

Limit snippet search count

Closes #32643

See merge request gitlab-org/gitlab!17585

Limits the search count query for snippets. Instead of showing
the complete number of snippets in the database, the UI will
display a text like 100+ indicating that there are more records

Productivity Analytics: Show scatterplot behind feature flag

See merge request gitlab-org/gitlab!17735

- Introduce productivity_analytics_scatterplot_enabled feature flag and
prevent scatterplot from being loaded and show

Make customer portal URL configurable via environment variable

See merge request gitlab-org/gitlab!17284

This commit adds the ability to set up
the URL of the customer portal via
an environment variable so all
requests and URLs can be routed
to local instance of customer portal.

Backfill Releases updated_at And Add Not Null Constraints

Closes #27638

See merge request gitlab-org/gitlab!17400

Backfill null updated_at rows with created_at

Merge branch '31404-flaky-spec-spec-features-profiles-user_visits_profile_preferences_page_spec-rb-40' into 'master'

Fix flaky select2 related specs

Closes #31404

See merge request gitlab-org/gitlab!17750

Show weight of an issue even when zero

See merge request gitlab-org/gitlab!17329

- On some pages, the weight icon and value are hidden when the issue's weight is 0

Batch load pipelines instead of statuses

See merge request gitlab-org/gitlab!17034

Remove group ids that are not in the project's invited groups.

Related to https://gitlab.com/gitlab-org/gitlab-ee/issues/11649.

If the request wasn't initiated by gitlab we shouldn't add the new
identity to the user, and instead show that we weren't able to link
the identity to the user.

This should fix: https://gitlab.com/gitlab-org/gitlab-ce/issues/56509

And reuse SAML logic within EE SAMLGroup, this is to avoid duplication
between the code used for CE and EE.

An approval rule that contains a private group can disclose information
about the membership of that group via the list of approvers for that
rule, which is constructed from all members of all groups, plus each
individual user included in the rule.

To avoid this information disclosure, hide all approvers in a rule
where even one of the groups is hidden to the viewer. This removes more
information than is strictly necessary, but is a simple fix for a hard
problem - right now, we don't track which approvers come from which
group, so it's difficult to be more precise, and this is something of
an edge case anyway.

Label events may use cross-project or cross-group references,
if the projects are not accessible by user, we don't show these
label events.

If user unsubsrcribes from a resource that they no longer have
access to they should not be revealed the resource path, but be
redirected to app root instead.

https://gitlab.com/gitlab-org/gitlab-ce/issues/64938

Fix rubocop offences and add changelog

Add email_verified key for feature specs

Add code review remarks

Add code review remarks

Fix specs

This prevents a MITM attack where attacker could
still access Git repository if any jobs were
running long enough.

[ci skip]

[ci skip]

[ci skip]

[ci skip]

[ci skip]