diff options
9 files changed, 206 insertions, 174 deletions
diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix index 39283d2d943..f4ab26714d5 100644 --- a/nixos/modules/services/misc/gitlab.nix +++ b/nixos/modules/services/misc/gitlab.nix @@ -43,7 +43,9 @@ let secretsYml = '' production: - db_key_base: ${cfg.secrets.db_key_base} + secret_key_base: ${cfg.secrets.secret} + otp_key_base: ${cfg.secrets.otp} + db_key_base: ${cfg.secrets.db} ''; gitlabConfig = { @@ -121,7 +123,7 @@ let makeWrapper ${cfg.packages.gitlab.env}/bin/bundle $out/bin/gitlab-bundle \ ${concatStrings (mapAttrsToList (name: value: "--set ${name} '${value}' ") gitlabEnv)} \ --set GITLAB_CONFIG_PATH '${cfg.statePath}/config' \ - --set PATH '${stdenv.lib.makeBinPath [ pkgs.nodejs pkgs.gzip config.services.postgresql.package ]}:$PATH' \ + --set PATH '${lib.makeBinPath [ pkgs.nodejs pkgs.gzip config.services.postgresql.package ]}:$PATH' \ --set RAKEOPT '-f ${cfg.packages.gitlab}/share/gitlab/Rakefile' \ --run 'cd ${cfg.packages.gitlab}/share/gitlab' makeWrapper $out/bin/gitlab-bundle $out/bin/gitlab-rake \ @@ -318,11 +320,10 @@ in { }; }; - secrets.db_key_base = mkOption { + secrets.secret = mkOption { type = types.str; - example = ""; description = '' - The db_key_base secrets is used to encrypt variables in the DB. If + The secret is used to encrypt variables in the DB. If you change or lose this key you will be unable to access variables stored in database. @@ -331,6 +332,30 @@ in { ''; }; + secrets.db = mkOption { + type = types.str; + description = '' + The secret is used to encrypt variables in the DB. If + you change or lose this key you will be unable to access variables + stored in database. + + Make sure the secret is at least 30 characters and all random, + no regular words or you'll be exposed to dictionary attacks. + ''; + }; + + secrets.otp = mkOption { + type = types.str; + description = '' + The secret is used to encrypt secrets for OTP tokens. If + you change or lose this key, users which have 2FA enabled for login + won't be able to login anymore. + + Make sure the secret is at least 30 characters and all random, + no regular words or you'll be exposed to dictionary attacks. + ''; + }; + extraConfig = mkOption { type = types.attrs; default = {}; @@ -458,8 +483,7 @@ in { rm -rf ${cfg.statePath}/config ${cfg.statePath}/shell/hooks mkdir -p ${cfg.statePath}/config ${cfg.statePath}/shell - # TODO: What exactly is gitlab-shell doing with the secret? - tr -dc _A-Z-a-z-0-9 < /dev/urandom | head -c 20 > ${cfg.statePath}/config/gitlab_shell_secret + tr -dc A-Za-z0-9 < /dev/urandom | head -c 32 > ${cfg.statePath}/config/gitlab_shell_secret # The uploads directory is hardcoded somewhere deep in rails. It is # symlinked in the gitlab package to /run/gitlab/uploads to make it diff --git a/nixos/modules/services/misc/gitlab.xml b/nixos/modules/services/misc/gitlab.xml index 83f715a50b4..43836ef5fce 100644 --- a/nixos/modules/services/misc/gitlab.xml +++ b/nixos/modules/services/misc/gitlab.xml @@ -62,7 +62,11 @@ services.gitlab = { address = "localhost"; port = 25; }; - secrets.db_key_base = "ei3eeP1ohsh0uu3ad4YeeMeeheengah3AiZee2ohl4Ooj5mie4Ohl0vishoghaes"; + secrets = { + db = "uPgq1gtwwHiatiuE0YHqbGa5lEIXH7fMsvuTNgdzJi8P0Dg12gibTzBQbq5LT7PNzcc3BP9P1snHVnduqtGF43PgrQtU7XL93ts6gqe9CBNhjtaqUwutQUDkygP5NrV6"; + secret = "devzJ0Tz0POiDBlrpWmcsjjrLaltyiAdS8TtgT9YNBOoUcDsfppiY3IXZjMVtKgXrFImIennFGOpPN8IkP8ATXpRgDD5rxVnKuTTwYQaci2NtaV1XxOQGjdIE50VGsR3"; + otp = "e1GATJVuS2sUh7jxiPzZPre4qtzGGaS22FR50Xs1TerRVdgI3CBVUi5XYtQ38W4xFeS4mDqi5cQjExE838iViSzCdcG19XSL6qNsfokQP9JugwiftmhmCadtsnHErBMI"; + }; extraConfig = { gitlab = { email_from = "gitlab-no-reply@example.com"; @@ -75,11 +79,12 @@ services.gitlab = { </programlisting> </para> -<para>If you're setting up a new Gitlab instance, generate a new -<literal>db_key_base</literal> secret to encrypt sensible data in the -database. If you're restoring an existing Gitlab instance, you must -specify the <literal>db_key_base</literal> secret from -<literal>config/secrets.yml</literal> in your Gitlab state folder.</para> +<para>If you're setting up a new Gitlab instance, generate new secrets. You +for instance use <literal>tr -dc A-Za-z0-9 < /dev/urandom | head -c 128</literal> +to generate a new secret. Gitlab encrypts sensitive data stored in the database. +If you're restoring an existing Gitlab instance, you must specify the secrets +secret from <literal>config/secrets.yml</literal> located in your Gitlab state +folder.</para> <para>Refer to <xref linkend="ch-options" /> for all available configuration options for the <literal>services.gitlab</literal> module.</para> diff --git a/pkgs/applications/version-management/gitlab-shell/default.nix b/pkgs/applications/version-management/gitlab-shell/default.nix index ea04fa33a73..b322709bde6 100644 --- a/pkgs/applications/version-management/gitlab-shell/default.nix +++ b/pkgs/applications/version-management/gitlab-shell/default.nix @@ -1,14 +1,14 @@ { stdenv, ruby, bundler, fetchFromGitLab }: stdenv.mkDerivation rec { - version = "3.2.1"; + version = "3.4.0"; name = "gitlab-shell-${version}"; srcs = fetchFromGitLab { owner = "gitlab-org"; repo = "gitlab-shell"; rev = "v${version}"; - sha256 = "099w4s606k2mk9xc42jwqym1ycr20824w6nkf3zpiv17slwakw90"; + sha256 = "1vhwsiz6n96i6cbcqbf4pa93nzx4xkaph2lmzh0nm4mi5ydl49is"; }; buildInputs = [ diff --git a/pkgs/applications/version-management/gitlab-workhorse/default.nix b/pkgs/applications/version-management/gitlab-workhorse/default.nix index df0125a6de8..b86bf2c40d3 100644 --- a/pkgs/applications/version-management/gitlab-workhorse/default.nix +++ b/pkgs/applications/version-management/gitlab-workhorse/default.nix @@ -1,14 +1,14 @@ { stdenv, fetchFromGitLab, git, go }: stdenv.mkDerivation rec { - version = "0.7.8"; + version = "0.7.11"; name = "gitlab-workhorse-${version}"; srcs = fetchFromGitLab { owner = "gitlab-org"; repo = "gitlab-workhorse"; rev = "v${version}"; - sha256 = "03lhgmd8w2ainvgf2q3pgafz2jl5g4x32qyybyijlyxfl07vkg4g"; + sha256 = "1z32nf9qbw050wzl1dsydrs68c9fp5kkvdn58z2g88bbyk6gyivm"; }; buildInputs = [ git go ]; diff --git a/pkgs/applications/version-management/gitlab/Gemfile b/pkgs/applications/version-management/gitlab/Gemfile index e0e5143ae38..60aaf99cbd9 100644 --- a/pkgs/applications/version-management/gitlab/Gemfile +++ b/pkgs/applications/version-management/gitlab/Gemfile @@ -9,6 +9,7 @@ gem 'responders', '~> 2.0' # Specify a sprockets version due to increased performance # See https://gitlab.com/gitlab-org/gitlab-ce/issues/6069 gem 'sprockets', '~> 3.6.0' +gem 'sprockets-es6' # Default values for AR models gem 'default_value_for', '~> 3.0.0' @@ -19,7 +20,7 @@ gem 'pg', '~> 0.18.2', group: :postgres # Authentication libraries gem 'devise', '~> 4.0' -gem 'doorkeeper', '~> 4.0' +gem 'doorkeeper', '~> 4.2.0' gem 'omniauth', '~> 1.3.1' gem 'omniauth-auth0', '~> 1.4.1' gem 'omniauth-azure-oauth2', '~> 0.0.6' @@ -52,7 +53,7 @@ gem 'browser', '~> 2.2' # Extracting information from a git repository # Provide access to Gitlab::Git library -gem 'gitlab_git', '~> 10.3.2' +gem 'gitlab_git', '~> 10.4.7' # LDAP Auth # GitLab fork with several improvements to original library. For full list of changes @@ -68,7 +69,7 @@ gem 'gollum-rugged_adapter', '~> 0.4.2', require: false gem 'github-linguist', '~> 4.7.0', require: 'linguist' # API -gem 'grape', '~> 0.13.0' +gem 'grape', '~> 0.15.0' gem 'grape-entity', '~> 0.4.2' gem 'rack-cors', '~> 0.4.0', require: 'rack/cors' @@ -76,7 +77,7 @@ gem 'rack-cors', '~> 0.4.0', require: 'rack/cors' gem 'kaminari', '~> 0.17.0' # HAML -gem 'hamlit', '~> 2.5' +gem 'hamlit', '~> 2.6.1' # Files attachments gem 'carrierwave', '~> 0.10.0' @@ -153,7 +154,7 @@ gem 'settingslogic', '~> 2.0.9' # Misc -gem 'version_sorter', '~> 2.0.0' +gem 'version_sorter', '~> 2.1.0' # Cache gem 'redis-rails', '~> 4.0.0' @@ -162,9 +163,6 @@ gem 'redis-rails', '~> 4.0.0' gem 'redis', '~> 3.2' gem 'connection_pool', '~> 2.0' -# Campfire integration -gem 'tinder', '~> 1.10.0' - # HipChat integration gem 'hipchat', '~> 1.5.0' @@ -203,7 +201,7 @@ gem 'licensee', '~> 8.0.0' gem 'rack-attack', '~> 4.3.1' # Ace editor -gem 'ace-rails-ap', '~> 4.0.2' +gem 'ace-rails-ap', '~> 4.1.0' # Keyboard shortcuts gem 'mousetrap-rails', '~> 1.4.6' @@ -211,7 +209,8 @@ gem 'mousetrap-rails', '~> 1.4.6' # Detect and convert string character encoding gem 'charlock_holmes', '~> 0.7.3' -# Parse duration +# Parse time & duration +gem 'chronic', '~> 0.10.2' gem 'chronic_duration', '~> 0.10.6' gem 'sass-rails', '~> 5.0.0' @@ -224,7 +223,7 @@ gem 'addressable', '~> 2.3.8' gem 'bootstrap-sass', '~> 3.3.0' gem 'font-awesome-rails', '~> 4.6.1' gem 'gemojione', '~> 3.0' -gem 'gon', '~> 6.0.1' +gem 'gon', '~> 6.1.0' gem 'jquery-atwho-rails', '~> 1.3.2' gem 'jquery-rails', '~> 4.1.0' gem 'jquery-ui-rails', '~> 5.0.0' @@ -252,7 +251,7 @@ group :development do gem 'letter_opener_web', '~> 1.3.0' gem 'rerun', '~> 0.11.0' - gem 'bullet', '~> 5.0.0', require: false + gem 'bullet', '~> 5.2.0', require: false gem 'rblineprof', '~> 0.3.6', platform: :mri, require: false gem 'web-console', '~> 2.0' @@ -274,7 +273,7 @@ group :development, :test do gem 'awesome_print', '~> 1.2.0', require: false gem 'fuubar', '~> 2.0.0' - gem 'database_cleaner', '~> 1.4.0' + gem 'database_cleaner', '~> 1.5.0' gem 'factory_girl_rails', '~> 4.6.0' gem 'rspec-rails', '~> 3.5.0' gem 'rspec-retry', '~> 0.4.5' @@ -302,7 +301,7 @@ group :development, :test do gem 'rubocop', '~> 0.41.2', require: false gem 'rubocop-rspec', '~> 1.5.0', require: false gem 'scss_lint', '~> 0.47.0', require: false - gem 'simplecov', '~> 0.11.0', require: false + gem 'simplecov', '0.12.0', require: false gem 'flog', '~> 4.3.2', require: false gem 'flay', '~> 2.6.1', require: false gem 'bundler-audit', '~> 0.5.0', require: false @@ -316,6 +315,7 @@ end group :test do gem 'shoulda-matchers', '~> 2.8.0', require: false gem 'email_spec', '~> 1.6.0' + gem 'json-schema', '~> 2.6.2' gem 'webmock', '~> 1.21.0' gem 'test_after_commit', '~> 0.4.2' gem 'sham_rack', '~> 1.3.6' @@ -325,7 +325,7 @@ group :production do gem 'gitlab_meta', '7.0' end -gem 'newrelic_rpm', '~> 3.14' +gem 'newrelic_rpm', '~> 3.16' gem 'octokit', '~> 4.3.0' @@ -333,6 +333,8 @@ gem 'mail_room', '~> 0.8' gem 'email_reply_parser', '~> 0.5.8' +gem 'ruby-prof', '~> 0.15.9' + ## CI gem 'activerecord-session_store', '~> 1.0.0' gem 'nested_form', '~> 0.3.2' diff --git a/pkgs/applications/version-management/gitlab/Gemfile.lock b/pkgs/applications/version-management/gitlab/Gemfile.lock index 8d5b2b2e137..38d357e42fe 100644 --- a/pkgs/applications/version-management/gitlab/Gemfile.lock +++ b/pkgs/applications/version-management/gitlab/Gemfile.lock @@ -2,7 +2,7 @@ GEM remote: https://rubygems.org/ specs: RedCloth (4.3.2) - ace-rails-ap (4.0.2) + ace-rails-ap (4.1.0) actionmailer (4.2.7.1) actionpack (= 4.2.7.1) actionview (= 4.2.7.1) @@ -61,7 +61,7 @@ GEM oauth2 (~> 1.0) asciidoctor (1.5.3) ast (2.3.0) - attr_encrypted (3.0.1) + attr_encrypted (3.0.3) encryptor (~> 3.0.0) attr_required (1.0.0) autoprefixer-rails (6.2.3) @@ -87,6 +87,10 @@ GEM faraday (~> 0.9) faraday_middleware (~> 0.10) nokogiri (~> 1.6) + babel-source (5.8.35) + babel-transpiler (0.7.0) + babel-source (>= 4.0, < 6) + execjs (~> 2.0) babosa (1.0.2) base32 (0.3.2) bcrypt (3.1.11) @@ -102,9 +106,9 @@ GEM brakeman (3.3.2) browser (2.2.0) builder (3.2.2) - bullet (5.0.0) + bullet (5.2.0) activesupport (>= 3.0.0) - uniform_notifier (~> 1.9.0) + uniform_notifier (~> 1.10.0) bundler-audit (0.5.0) bundler (~> 1.2) thor (~> 0.18) @@ -126,6 +130,7 @@ GEM mime-types (>= 1.16) cause (0.1) charlock_holmes (0.7.3) + chronic (0.10.2) chronic_duration (0.10.6) numerizer (~> 0.1.1) chunky_png (1.3.5) @@ -151,11 +156,11 @@ GEM d3_rails (3.5.11) railties (>= 3.1.0) daemons (1.2.3) - database_cleaner (1.4.1) + database_cleaner (1.5.3) debug_inspector (0.0.2) debugger-ruby_core_source (1.3.8) - default_value_for (3.0.1) - activerecord (>= 3.2.0, < 5.0) + default_value_for (3.0.2) + activerecord (>= 3.2.0, < 5.1) descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) devise (4.1.1) @@ -173,7 +178,7 @@ GEM diff-lcs (1.2.5) diffy (3.0.7) docile (1.1.5) - doorkeeper (4.0.0) + doorkeeper (4.2.0) railties (>= 4.2) dropzonejs-rails (0.7.2) rails (> 3.1) @@ -276,7 +281,7 @@ GEM diff-lcs (~> 1.1) mime-types (>= 1.16, < 3) posix-spawn (~> 0.3) - gitlab_git (10.3.2) + gitlab_git (10.4.7) activesupport (~> 4.0) charlock_holmes (~> 0.7.3) github-linguist (~> 4.7.0) @@ -301,12 +306,12 @@ GEM gollum-rugged_adapter (0.4.2) mime-types (>= 1.15) rugged (~> 0.24.0, >= 0.21.3) - gon (6.0.1) + gon (6.1.0) actionpack (>= 3.0) json multi_json request_store (>= 1.0) - grape (0.13.0) + grape (0.15.0) activesupport builder hashie (>= 2.1.0) @@ -319,7 +324,7 @@ GEM grape-entity (0.4.8) activesupport multi_json (>= 1.3.2) - hamlit (2.5.0) + hamlit (2.6.1) temple (~> 0.7.6) thor tilt @@ -333,11 +338,10 @@ GEM activesupport (>= 2) nokogiri (~> 1.4) htmlentities (4.3.4) - http_parser.rb (0.5.3) httparty (0.13.7) json (~> 1.8) multi_xml (>= 0.5.2) - httpclient (2.7.0.1) + httpclient (2.8.2) i18n (0.7.0) ice_nine (0.11.1) influxdb (0.2.3) @@ -355,6 +359,8 @@ GEM jquery-ui-rails (5.0.5) railties (>= 3.2.16) json (1.8.3) + json-schema (2.6.2) + addressable (~> 2.3.8) jwt (1.5.4) kaminari (0.17.0) actionpack (>= 3.0.0) @@ -402,9 +408,10 @@ GEM nested_form (0.3.2) net-ldap (0.12.1) net-ssh (3.0.1) - newrelic_rpm (3.14.1.311) + newrelic_rpm (3.16.0.318) nokogiri (1.6.7.2) mini_portile2 (~> 2.0.0.rc2) + pkg-config (~> 1.1.7) numerizer (0.1.1) oauth (0.4.7) oauth2 (1.2.0) @@ -506,7 +513,7 @@ GEM rack-cors (0.4.0) rack-mount (0.8.3) rack (>= 1.0.0) - rack-oauth2 (1.2.1) + rack-oauth2 (1.2.3) activesupport (>= 2.3) attr_required (>= 0.0.5) httpclient (>= 2.4) @@ -572,7 +579,7 @@ GEM redis-store (~> 1.1.0) redis-store (1.1.7) redis (>= 2.2) - request_store (1.3.0) + request_store (1.3.1) rerun (0.11.0) listen (~> 3.0) responders (2.1.1) @@ -617,6 +624,7 @@ GEM rubocop (>= 0.40.0) ruby-fogbugz (0.2.1) crack (~> 0.4) + ruby-prof (0.15.9) ruby-progressbar (1.8.1) ruby-saml (1.3.0) nokogiri (>= 1.5.10) @@ -668,10 +676,9 @@ GEM redis-namespace (>= 1.5.2) rufus-scheduler (>= 2.0.24) sidekiq (>= 4.0.0) - simple_oauth (0.1.9) - simplecov (0.11.2) + simplecov (0.12.0) docile (~> 1.1.0) - json (~> 1.8) + json (>= 1.8, < 3) simplecov-html (~> 0.10.0) simplecov-html (0.10.0) sinatra (1.4.7) @@ -701,6 +708,10 @@ GEM sprockets (3.6.3) concurrent-ruby (~> 1.0) rack (> 1, < 3) + sprockets-es6 (0.9.0) + babel-source (>= 5.8.11) + babel-transpiler + sprockets (>= 3.0.0) sprockets-rails (3.1.1) actionpack (>= 4.0) activesupport (>= 4.0) @@ -734,21 +745,8 @@ GEM tilt (2.0.5) timecop (0.8.1) timfel-krb5-auth (0.8.3) - tinder (1.10.1) - eventmachine (~> 1.0) - faraday (~> 0.9.0) - faraday_middleware (~> 0.9) - hashie (>= 1.0) - json (~> 1.8.0) - mime-types - multi_json (~> 1.7) - twitter-stream (~> 0.1) turbolinks (2.5.3) coffee-rails - twitter-stream (0.1.16) - eventmachine (>= 0.12.8) - http_parser.rb (~> 0.5.1) - simple_oauth (~> 0.1.4) tzinfo (1.2.2) thread_safe (~> 0.1) u2f (0.2.1) @@ -767,10 +765,10 @@ GEM unicorn-worker-killer (0.4.4) get_process_mem (~> 0) unicorn (>= 4, < 6) - uniform_notifier (1.9.0) + uniform_notifier (1.10.0) uuid (2.3.8) macaddr (~> 1.0) - version_sorter (2.0.0) + version_sorter (2.1.0) virtus (1.0.5) axiom-types (~> 0.1) coercible (~> 1.0) @@ -803,7 +801,7 @@ PLATFORMS DEPENDENCIES RedCloth (~> 4.3.2) - ace-rails-ap (~> 4.0.2) + ace-rails-ap (~> 4.1.0) activerecord-nulldb-adapter activerecord-session_store (~> 1.0.0) acts-as-taggable-on (~> 3.4) @@ -823,24 +821,25 @@ DEPENDENCIES bootstrap-sass (~> 3.3.0) brakeman (~> 3.3.0) browser (~> 2.2) - bullet (~> 5.0.0) + bullet (~> 5.2.0) bundler-audit (~> 0.5.0) byebug (~> 8.2.1) capybara (~> 2.6.2) capybara-screenshot (~> 1.0.0) carrierwave (~> 0.10.0) charlock_holmes (~> 0.7.3) + chronic (~> 0.10.2) chronic_duration (~> 0.10.6) coffee-rails (~> 4.1.0) connection_pool (~> 2.0) creole (~> 0.5.0) d3_rails (~> 3.5.0) - database_cleaner (~> 1.4.0) + database_cleaner (~> 1.5.0) default_value_for (~> 3.0.0) devise (~> 4.0) devise-two-factor (~> 3.0.0) diffy (~> 3.0.3) - doorkeeper (~> 4.0) + doorkeeper (~> 4.2.0) dropzonejs-rails (~> 0.7.1) email_reply_parser (~> 0.5.8) email_spec (~> 1.6.0) @@ -863,15 +862,15 @@ DEPENDENCIES github-linguist (~> 4.7.0) github-markup (~> 1.4) gitlab-flowdock-git-hook (~> 1.0.1) - gitlab_git (~> 10.3.2) + gitlab_git (~> 10.4.7) gitlab_meta (= 7.0) gitlab_omniauth-ldap (~> 1.2.1) gollum-lib (~> 4.2) gollum-rugged_adapter (~> 0.4.2) - gon (~> 6.0.1) - grape (~> 0.13.0) + gon (~> 6.1.0) + grape (~> 0.15.0) grape-entity (~> 0.4.2) - hamlit (~> 2.5) + hamlit (~> 2.6.1) health_check (~> 2.1.0) hipchat (~> 1.5.0) html-pipeline (~> 1.11.0) @@ -881,6 +880,7 @@ DEPENDENCIES jquery-rails (~> 4.1.0) jquery-turbolinks (~> 2.1.0) jquery-ui-rails (~> 5.0.0) + json-schema (~> 2.6.2) jwt kaminari (~> 0.17.0) knapsack (~> 1.11.0) @@ -895,8 +895,8 @@ DEPENDENCIES mysql2 (~> 0.3.16) nested_form (~> 0.3.2) net-ssh (~> 3.0.1) - newrelic_rpm (~> 3.14) - nokogiri (~> 1.6.7, >= 1.6.7.2, < 1.6.8) + newrelic_rpm (~> 3.16) + nokogiri (~> 1.6.7, >= 1.6.7.2) oauth2 (~> 1.2.0) octokit (~> 4.3.0) omniauth (~> 1.3.1) @@ -942,6 +942,7 @@ DEPENDENCIES rubocop (~> 0.41.2) rubocop-rspec (~> 1.5.0) ruby-fogbugz (~> 0.2.1) + ruby-prof (~> 0.15.9) sanitize (~> 2.0) sass-rails (~> 5.0.0) scss_lint (~> 0.47.0) @@ -954,7 +955,7 @@ DEPENDENCIES shoulda-matchers (~> 2.8.0) sidekiq (~> 4.0) sidekiq-cron (~> 0.4.0) - simplecov (~> 0.11.0) + simplecov (= 0.12.0) sinatra (~> 1.4.4) six (~> 0.2.0) slack-notifier (~> 1.2.0) @@ -965,6 +966,7 @@ DEPENDENCIES spring-commands-spinach (~> 1.1.0) spring-commands-teaspoon (~> 0.0.2) sprockets (~> 3.6.0) + sprockets-es6 state_machines-activerecord (~> 0.4.0) sys-filesystem (~> 1.1.6) task_list (~> 1.0.2) @@ -972,7 +974,6 @@ DEPENDENCIES teaspoon-jasmine (~> 2.2.0) test_after_commit (~> 0.4.2) thin (~> 1.7.0) - tinder (~> 1.10.0) turbolinks (~> 2.5.0) u2f (~> 0.2.1) uglifier (~> 2.7.2) @@ -980,7 +981,7 @@ DEPENDENCIES unf (~> 0.1.4) unicorn (~> 4.9.0) unicorn-worker-killer (~> 0.4.2) - version_sorter (~> 2.0.0) + version_sorter (~> 2.1.0) virtus (~> 1.0.1) vmstat (~> 2.1.1) web-console (~> 2.0) diff --git a/pkgs/applications/version-management/gitlab/default.nix b/pkgs/applications/version-management/gitlab/default.nix index 453bae3613c..b97a9475c8e 100644 --- a/pkgs/applications/version-management/gitlab/default.nix +++ b/pkgs/applications/version-management/gitlab/default.nix @@ -24,7 +24,7 @@ in stdenv.mkDerivation rec { name = "gitlab-${version}"; - version = "8.10.6"; + version = "8.11.2"; buildInputs = [ env ruby bundler tzdata git nodejs procps ]; @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { owner = "gitlabhq"; repo = "gitlabhq"; rev = "v${version}"; - sha256 = "1nk0ak9p5ncqynrm965ypwb9bj7b1r2jy5g4vdb9b0ma1ns2bkzf"; + sha256 = "1id6jsf4mshxis07dqlkgdyqi1v415rp4lx9ix8sjfznchria58b"; }; patches = [ diff --git a/pkgs/applications/version-management/gitlab/gemset.nix b/pkgs/applications/version-management/gitlab/gemset.nix index b0f6f3ec049..0ea8aa4d621 100644 --- a/pkgs/applications/version-management/gitlab/gemset.nix +++ b/pkgs/applications/version-management/gitlab/gemset.nix @@ -2,10 +2,10 @@ ace-rails-ap = { source = { remotes = ["https://rubygems.org"]; - sha256 = "1y1xdjmdb7fg1w0ym7xizpfvll8bicnhli2s65bzvpk3zp7h8qmi"; + sha256 = "1jxpv0x8lzkk00v2pc13jxrcdigk4dv6pi3sa52j864ky8fk37rh"; type = "gem"; }; - version = "4.0.2"; + version = "4.1.0"; }; actionmailer = { source = { @@ -157,10 +157,10 @@ attr_encrypted = { source = { remotes = ["https://rubygems.org"]; - sha256 = "0xqb753sjgwxpb2s375j8nkrk8kjhjijzywyl6vps5r3nbs0l51k"; + sha256 = "1dikbf55wjqyzfb9p4xjkkkajwan569pmzljdf9c1fy4a94cd13d"; type = "gem"; }; - version = "3.0.1"; + version = "3.0.3"; }; attr_required = { source = { @@ -212,6 +212,22 @@ }; version = "0.1.2"; }; + babel-source = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1ncq8h82k6hypzfb5dk7z95mmcdwnhsxmc53xz17m1nbklm25vvr"; + type = "gem"; + }; + version = "5.8.35"; + }; + babel-transpiler = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0w0minwxj56w96xps1msm6n75fs0y7r1vqcr9zlsn74fksnz81jc"; + type = "gem"; + }; + version = "0.7.0"; + }; babosa = { source = { remotes = ["https://rubygems.org"]; @@ -298,10 +314,10 @@ bullet = { source = { remotes = ["https://rubygems.org"]; - sha256 = "14i3ci990sygxzdsy9jsgzfs5zkzgx6fd56i0d58s77wmn2myham"; + sha256 = "1i242hsnkrjsk6bjrd0glhfdir0836iaqcqbz6hrxz4gqkh2rg2g"; type = "gem"; }; - version = "5.0.0"; + version = "5.2.0"; }; bundler-audit = { source = { @@ -360,6 +376,14 @@ }; version = "0.7.3"; }; + chronic = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1hrdkn4g8x7dlzxwb1rfgr8kw3bp4ywg5l4y4i9c2g5cwv62yvvn"; + type = "gem"; + }; + version = "0.10.2"; + }; chronic_duration = { source = { remotes = ["https://rubygems.org"]; @@ -495,10 +519,10 @@ database_cleaner = { source = { remotes = ["https://rubygems.org"]; - sha256 = "0n5r7kvsmknk876v3scdphfnvllr9157fa5q7j5fczg8j5qm6kf0"; + sha256 = "0fx6zmqznklmkbjl6f713jyl11d4g9q220rcl86m2jp82r8kfwjj"; type = "gem"; }; - version = "1.4.1"; + version = "1.5.3"; }; debug_inspector = { source = { @@ -517,13 +541,12 @@ version = "1.3.8"; }; default_value_for = { - dependencies = ["activerecord"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "1z4lrba4y1c3y0rxw8321qbwsb3nr6c2igrpksfvz93yhc9m6xm0"; + sha256 = "014482mxjrc227fxv6vff6ccjr9dr0ydz52flxslsa7biq542k73"; type = "gem"; }; - version = "3.0.1"; + version = "3.0.2"; }; descendants_tracker = { dependencies = ["thread_safe"]; @@ -577,10 +600,10 @@ doorkeeper = { source = { remotes = ["https://rubygems.org"]; - sha256 = "0lillrbd2sy7zzni6a2kf3p09lfd0br831zzv22zsv4ffr6n1va1"; + sha256 = "0hs8r280k7a1kibzxrhifjps880n43jfrybf4mqpffw669jrwk3v"; type = "gem"; }; - version = "4.0.0"; + version = "4.2.0"; }; dropzonejs-rails = { dependencies = ["rails"]; @@ -935,10 +958,10 @@ gitlab_git = { source = { remotes = ["https://rubygems.org"]; - sha256 = "00l5dv4k6q21yzxnviqh5ab6i2i6ajzlyjbwm1vgag7663wscny6"; + sha256 = "0xcn55jwc3g53mcj1fjr6qfjcj0awba9lwgd1720d2hkpfiglsai"; type = "gem"; }; - version = "10.3.2"; + version = "10.4.7"; }; gitlab_meta = { source = { @@ -990,22 +1013,20 @@ version = "0.4.2"; }; gon = { - dependencies = ["actionpack" "json" "multi_json" "request_store"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "1f359cd9zsa4nrng35bij5skvjrj5ywn2dhmlg41b97vmza26bxr"; + sha256 = "1jmf6ly9wfrg52xkk9qb4hlfn3zdmz62ivclhp4f424m39rd9ngz"; type = "gem"; }; - version = "6.0.1"; + version = "6.1.0"; }; grape = { - dependencies = ["activesupport" "builder" "hashie" "multi_json" "multi_xml" "rack" "rack-accept" "rack-mount" "virtus"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "1dxfal5jspxq612jjkqbd7xgp5dswdyllbbfq6fj2m7s21pismmh"; + sha256 = "13rbm0whhirpzn2n58kjyvqn9989vvipynlxsj1ihmwp8xsmcj1i"; type = "gem"; }; - version = "0.13.0"; + version = "0.15.0"; }; grape-entity = { dependencies = ["activesupport" "multi_json"]; @@ -1019,10 +1040,10 @@ hamlit = { source = { remotes = ["https://rubygems.org"]; - sha256 = "00360fr2kq9f31p6mq965z0lpb16vhji3mzgkywcsxym1z9srvwm"; + sha256 = "0ph4kv2ddr538f9ni2fmk7aq38djv5am29r3m6y64adg52n6jma9"; type = "gem"; }; - version = "2.5.0"; + version = "2.6.1"; }; hashie = { source = { @@ -1066,14 +1087,6 @@ }; version = "4.3.4"; }; - "http_parser.rb" = { - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0fwf5d573j1sw52kz057dw0nx2wlivczmx6ybf6mk065n5g54kyn"; - type = "gem"; - }; - version = "0.5.3"; - }; httparty = { dependencies = ["json" "multi_xml"]; source = { @@ -1086,10 +1099,10 @@ httpclient = { source = { remotes = ["https://rubygems.org"]; - sha256 = "0k6bqsaqq6c824vrbfb5pkz8bpk565zikd10w85rzj2dy809ik6c"; + sha256 = "1pg15svk9lv5r7w1hxd87di6apsr9y009af3mm01xcaccvqj4j2d"; type = "gem"; }; - version = "2.7.0.1"; + version = "2.8.2"; }; i18n = { source = { @@ -1166,6 +1179,14 @@ }; version = "1.8.3"; }; + json-schema = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15bva4w940ckan3q89in5f98s8zz77nxglylgm98697wa4fbfqp9"; + type = "gem"; + }; + version = "2.6.2"; + }; jwt = { source = { remotes = ["https://rubygems.org"]; @@ -1389,10 +1410,10 @@ newrelic_rpm = { source = { remotes = ["https://rubygems.org"]; - sha256 = "155aj845rxn8ikcs15gphr8svnsrki8wzps794ddbi90h0ypr319"; + sha256 = "0l8dvg4frrj6a93kb2zawrlmy2bb9mh683pk4wnhgf4nddizzzsh"; type = "gem"; }; - version = "3.14.1.311"; + version = "3.16.0.318"; }; nokogiri = { source = { @@ -1743,13 +1764,12 @@ version = "0.8.3"; }; rack-oauth2 = { - dependencies = ["activesupport" "attr_required" "httpclient" "multi_json" "rack"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "1szfnb74p5s7k0glpmiv16rfl4wx9mnrr7riapgpbcx163zzkxad"; + sha256 = "0j7fh3fyajpfwg47gyfd8spavn7lmd6dcm468w7lhnhcviy5vmyf"; type = "gem"; }; - version = "1.2.1"; + version = "1.2.3"; }; rack-protection = { dependencies = ["rack"]; @@ -1960,10 +1980,10 @@ request_store = { source = { remotes = ["https://rubygems.org"]; - sha256 = "1vw3vkgnpbpgzc1b4cg2ifn3rb5w7bvk62x9jfy9laz40816nvkn"; + sha256 = "1va9x0b3ww4chcfqlmi8b14db39di1mwa7qrjbh7ma0lhndvs2zv"; type = "gem"; }; - version = "1.3.0"; + version = "1.3.1"; }; rerun = { dependencies = ["listen"]; @@ -2106,6 +2126,14 @@ }; version = "0.2.1"; }; + ruby-prof = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0qvz8yclvxch3bmwh7wmnb5h8jsbmb8jmqcf94jjrakpcs2sc072"; + type = "gem"; + }; + version = "0.15.9"; + }; ruby-progressbar = { source = { remotes = ["https://rubygems.org"]; @@ -2304,21 +2332,13 @@ }; version = "0.4.0"; }; - simple_oauth = { - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0bb06p88xsdw4fxll1ikv5i5k58sl6y323ss0wp1hqjm3xw1jgvj"; - type = "gem"; - }; - version = "0.1.9"; - }; simplecov = { source = { remotes = ["https://rubygems.org"]; - sha256 = "1p0jhxwsv2ksk4hmp8qbhnr325z9fhs26z9y8in5v5c49y331qw2"; + sha256 = "0ffhyrfnq2zm2mc1742a4hqy475g3qa1zf6yfldwg1ldh5sn3qbx"; type = "gem"; }; - version = "0.11.2"; + version = "0.12.0"; }; simplecov-html = { source = { @@ -2428,6 +2448,14 @@ }; version = "3.6.3"; }; + sprockets-es6 = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "17hjwpzkdg5dsgzky7hmaly2jih8867ya35855p3lxqpd3gyfpny"; + type = "gem"; + }; + version = "0.9.0"; + }; sprockets-rails = { source = { remotes = ["https://rubygems.org"]; @@ -2575,15 +2603,6 @@ }; version = "0.8.3"; }; - tinder = { - dependencies = ["eventmachine" "faraday" "faraday_middleware" "hashie" "json" "mime-types" "multi_json" "twitter-stream"]; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1kwj0wd540wb2ws86d3jdva175dx00w2j8lyrvbb6qli3g27byd7"; - type = "gem"; - }; - version = "1.10.1"; - }; turbolinks = { dependencies = ["coffee-rails"]; source = { @@ -2593,15 +2612,6 @@ }; version = "2.5.3"; }; - twitter-stream = { - dependencies = ["eventmachine" "http_parser.rb" "simple_oauth"]; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "0is81g3xvnjk64sqiaqlh2ziwfryzwvk1yvaniryg0zhppgsyriq"; - type = "gem"; - }; - version = "0.1.16"; - }; tzinfo = { dependencies = ["thread_safe"]; source = { @@ -2681,10 +2691,10 @@ uniform_notifier = { source = { remotes = ["https://rubygems.org"]; - sha256 = "009z60qx01am7klmrca8pcladrynljra3a9smifn9f81r4dc7q63"; + sha256 = "1jha0l7x602g5rvah960xl9r0f3q25gslj39i0x1vai8i5z6zr1l"; type = "gem"; }; - version = "1.9.0"; + version = "1.10.0"; }; uuid = { dependencies = ["macaddr"]; @@ -2698,10 +2708,10 @@ version_sorter = { source = { remotes = ["https://rubygems.org"]; - sha256 = "1lad9c43w2xfzmva57ia6glpmhyivyk1m79jli42canshvan5v6y"; + sha256 = "1smi0bf8pgx23014nkpfg29qnmlpgvwmn30q0ca7qrfbha2mjwdr"; type = "gem"; }; - version = "2.0.0"; + version = "2.1.0"; }; virtus = { dependencies = ["axiom-types" "coercible" "descendants_tracker" "equalizer"]; diff --git a/pkgs/applications/version-management/gitlab/nulladapter.patch b/pkgs/applications/version-management/gitlab/nulladapter.patch index e972e1568e3..2ee416dbb8e 100644 --- a/pkgs/applications/version-management/gitlab/nulladapter.patch +++ b/pkgs/applications/version-management/gitlab/nulladapter.patch @@ -1,8 +1,8 @@ diff --git a/Gemfile b/Gemfile -index 92e666c..f97c991 100644 +index 68547b6..60aaf99 100644 --- a/Gemfile +++ b/Gemfile -@@ -117,7 +117,7 @@ gem 'rouge', '~> 2.0' +@@ -118,7 +118,7 @@ gem 'rouge', '~> 2.0' # See https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s # and https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM @@ -11,14 +11,14 @@ index 92e666c..f97c991 100644 # Diffs gem 'diffy', '~> 3.0.3' -@@ -349,3 +349,5 @@ gem 'health_check', '~> 2.1.0' +@@ -351,3 +351,5 @@ gem 'health_check', '~> 2.1.0' # System information gem 'vmstat', '~> 2.1.1' gem 'sys-filesystem', '~> 1.1.6' + +gem "activerecord-nulldb-adapter" diff --git a/Gemfile.lock b/Gemfile.lock -index e2b3d55..23a5454 100644 +index 5511d71..38d357e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -32,6 +32,8 @@ GEM @@ -30,7 +30,7 @@ index e2b3d55..23a5454 100644 activerecord-session_store (1.0.0) actionpack (>= 4.0, < 5.1) activerecord (>= 4.0, < 5.1) -@@ -390,7 +392,7 @@ GEM +@@ -396,7 +398,7 @@ GEM method_source (0.8.2) mime-types (2.99.2) mimemagic (0.3.0) @@ -39,32 +39,22 @@ index e2b3d55..23a5454 100644 minitest (5.7.0) mousetrap-rails (1.4.6) multi_json (1.12.1) -@@ -401,9 +403,8 @@ GEM +@@ -407,8 +409,8 @@ GEM net-ldap (0.12.1) net-ssh (3.0.1) - newrelic_rpm (3.14.1.311) + newrelic_rpm (3.16.0.318) - nokogiri (1.6.8) - mini_portile2 (~> 2.1.0) -- pkg-config (~> 1.1.7) + nokogiri (1.6.7.2) + mini_portile2 (~> 2.0.0.rc2) + pkg-config (~> 1.1.7) numerizer (0.1.1) oauth (0.4.7) - oauth2 (1.2.0) -@@ -803,6 +803,7 @@ PLATFORMS +@@ -800,6 +802,7 @@ PLATFORMS DEPENDENCIES RedCloth (~> 4.3.2) - ace-rails-ap (~> 4.0.2) + ace-rails-ap (~> 4.1.0) + activerecord-nulldb-adapter activerecord-session_store (~> 1.0.0) acts-as-taggable-on (~> 3.4) addressable (~> 2.3.8) -@@ -894,7 +895,7 @@ DEPENDENCIES - nested_form (~> 0.3.2) - net-ssh (~> 3.0.1) - newrelic_rpm (~> 3.14) -- nokogiri (~> 1.6.7, >= 1.6.7.2) -+ nokogiri (~> 1.6.7, >= 1.6.7.2, < 1.6.8) - oauth2 (~> 1.2.0) - octokit (~> 4.3.0) - omniauth (~> 1.3.1) |