Merge remote-tracking branch 'upstream/master' into new-issue-by-email

* upstream/master: (45 commits) Replace reject_blocked with reject_blocked! in callbacks. Fix Project#to_param to keep invalid project suitable for use in URLs Update CHANGELOG Add feature specs for edit project settings Fix renaming repository when name contains invalid chars under settings Change requests_profiles resource constraint to catch virtually any file Allow skipping users in autocomplete Fix typo in CHANGELOG Update CHANGELOG Respective cache is now expired when creating a new branch Update CHANGELOG Unify HTML format in static error pages Make error pages responsive design Move color-logic into HipchatService#HipchatService Depened on exact version of SimpleCov when patched Refactor spam validation to a concern that can be easily reused and improve legibility in `SpamCheckService` Refactor `SpamCheckService` to make it cleaner and clearer. Submit all issues on public projects to Akismet if enabled. Submit new issues created via the WebUI by non project members to Akismet for spam check. Upgrade Bullet from 5.0.0 to 5.2.0. ...

Merge remote-tracking branch 'upstream/master' into new-issue-by-email
* upstream/master: (45 commits) Replace reject_blocked with reject_blocked! in callbacks. Fix Project#to_param to keep invalid project suitable for use in URLs Update CHANGELOG Add feature specs for edit project settings Fix renaming repository when name contains invalid chars under settings Change requests_profiles resource constraint to catch virtually any file Allow skipping users in autocomplete Fix typo in CHANGELOG Update CHANGELOG Respective cache is now expired when creating a new branch Update CHANGELOG Unify HTML format in static error pages Make error pages responsive design Move color-logic into HipchatService#HipchatService Depened on exact version of SimpleCov when patched Refactor spam validation to a concern that can be easily reused and improve legibility in `SpamCheckService` Refactor `SpamCheckService` to make it cleaner and clearer. Submit all issues on public projects to Akismet if enabled. Submit new issues created via the WebUI by non project members to Akismet for spam check. Upgrade Bullet from 5.0.0 to 5.2.0. ...
9370bb23 · Lin Jen-Shin · bac99f90 · 17be364d · 9370bb23 · bac99f90
45 changed file
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -28,6 +28,7 @@ stages:
 - prepare
 - test
 - post-test
+- pages

 # Prepare and merge knapsack tests
 .knapsack-state: &knapsack-state
@@ -40,6 +41,7 @@ stages:
    paths:
    - knapsack/
  artifacts:
+    expire_in: 31d
    paths:
    - knapsack/

@@ -81,8 +83,10 @@ update-knapsack:
    - cp knapsack/rspec_report.json ${KNAPSACK_REPORT_PATH}
    - knapsack rspec
  artifacts:
+    expire_in: 31d
    paths:
    - knapsack/
+    - coverage/

 .spinach-knapsack: &spinach-knapsack
  stage: test
@@ -97,8 +101,10 @@ update-knapsack:
    - cp knapsack/spinach_report.json ${KNAPSACK_REPORT_PATH}
    - knapsack spinach "-r rerun" || retry '[ ! -e tmp/spinach-rerun.txt ] || bundle exec spinach -r rerun $(cat tmp/spinach-rerun.txt)'
  artifacts:
+    expire_in: 31d
    paths:
    - knapsack/
+    - coverage/

 rspec 0 20: *rspec-knapsack
 rspec 1 20: *rspec-knapsack
@@ -186,14 +192,14 @@ spinach 9 10 ruby23: *spinach-knapsack-ruby23

 # Other generic tests

-.static-analyses-variables: &static-analyses-variables
+.ruby-static-analysis: &ruby-static-analysis
  variables:
    SIMPLECOV: "false"
    USE_DB: "false"
    USE_BUNDLE_INSTALL: "true"

 .exec: &exec
-  <<: *static-analyses-variables
+  <<: *ruby-static-analysis
  stage: test
  script:
    - bundle exec $CI_BUILD_NAME
@@ -220,12 +226,28 @@ teaspoon:

 bundler:audit:
  stage: test
-  <<: *static-analyses-variables
+  <<: *ruby-static-analysis
  only:
    - master
  script:
    - "bundle exec bundle-audit check --update --ignore OSVDB-115941"

+coverage:
+  stage: post-test
+  services: []
+  variables:
+    USE_DB: "false"
+    USE_BUNDLE_INSTALL: "true"
+  script:
+    - bundle exec scripts/merge-simplecov
+  artifacts:
+    name: coverage
+    expire_in: 31d
+    paths:
+    - coverage/index.html
+    - coverage/assets/
+
+
 # Notify slack in the end

 notify:slack:
@@ -238,3 +260,18 @@ notify:slack:
    - tags@gitlab-org/gitlab-ce
    - master@gitlab-org/gitlab-ee
    - tags@gitlab-org/gitlab-ee
+
+pages:
+  before_script: []
+  stage: pages
+  dependencies:
+    - coverage
+  script:
+    - mv public/ .public/
+    - mkdir public/
+    - mv coverage public/coverage-ruby
+  artifacts:
+    paths:
+      - public
+  only:
+    - master
--- a/.simplecov
+++ b/.simplecov
-# .simplecov
-SimpleCov.start 'rails' do
-  merge_timeout 3600
-end
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -10,9 +10,12 @@ v 8.11.0 (unreleased)
  - Clean up unused routes (Josef Strzibny)
  - Add green outline to New Branch button. !5447 (winniehell)
  - Retrieve rendered HTML from cache in one request
+  - Fix renaming repository when name contains invalid chararacters under project settings
  - Nokogiri's various parsing methods are now instrumented
  - Add a way to send an email and create an issue based on private personal token. Find the email address from issues page. !3363
+  - Add build event color in HipChat messages (David Eisner)
  - Make fork counter always clickable. !5463 (winniehell)
+  - All created issues, API or WebUI, can be submitted to Akismet for spam check !5333
  - Remove `search_id` of labels dropdown filter to fix 'Missleading URI for labels in Merge Requests and Issues view'. !5368 (Scott Le)
  - Load project invited groups and members eagerly in `ProjectTeam#fetch_members`
  - Make branches sortable without push permission !5462 (winniehell)
@@ -20,19 +23,31 @@ v 8.11.0 (unreleased)
  - Add the `sprockets-es6` gem
  - Multiple trigger variables show in separate lines (Katarzyna Kobierska Ula Budziszewska)
  - Profile requests when a header is passed
+  - Make error pages responsive (Takuya Noguchi)
+  - Change requests_profiles resource constraint to catch virtually any file

-v 8.10.2 (unreleased)
+v 8.10.3 (unreleased)
+
+v 8.10.2
  - User can now search branches by name. !5144
-  - Add ENV variable to skip repository storages validations
+  - Page is now properly rendered after committing the first file and creating the first branch. !5399
+  - Add branch or tag icon to ref in builds page. !5434
  - Fix backup restore. !5459
-  - Rescue Rugged::OSError (lock exists) when creating references. !5497
-  - Disable MySQL foreign key checks before dropping all tables. !5472
-  - Fix a bug where forking a project from a repository storage to another would fail
-  - Show release notes in tags list
  - Use project ID in repository cache to prevent stale data from persisting across projects. !5460
+  - Fix issue with autocomplete search not working with enter key. !5466
+  - Add iid to MR API response. !5468
+  - Disable MySQL foreign key checks before dropping all tables. !5472
  - Ensure relative paths for video are rewritten as we do for images. !5474
  - Ensure current user can retry a build before showing the 'Retry' button. !5476
-  - Fix expand all diffs button in compare view
+  - Add ENV variable to skip repository storages validations. !5478
+  - Added `*.js.es6 gitlab-language=javascript` to `.gitattributes`. !5486
+  - Don't show comment button in gutter of diffs on MR discussion tab. !5493
+  - Rescue Rugged::OSError (lock exists) when creating references. !5497
+  - Fix expand all diffs button in compare view. !5500
+  - Show release notes in tags list. !5503
+  - Fix a bug where forking a project from a repository storage to another would fail. !5509
+  - Fix missing schema update for `20160722221922`. !5512
+  - Update `gitlab-shell` version to 3.2.1 in the 8.9->8.10 update guide. !5516

 v 8.10.1
  - Refactor repository storages documentation. !5428

--- a/Gemfile
+++ b/Gemfile
@@ -225,7 +225,7 @@ gem 'addressable',        '~> 2.3.8'
 gem 'bootstrap-sass',     '~> 3.3.0'
 gem 'font-awesome-rails', '~> 4.6.1'
 gem 'gemojione',          '~> 3.0'
-gem 'gon',                '~> 6.0.1'
+gem 'gon',                '~> 6.1.0'
 gem 'jquery-atwho-rails', '~> 1.3.2'
 gem 'jquery-rails',       '~> 4.1.0'
 gem 'jquery-ui-rails',    '~> 5.0.0'
@@ -253,7 +253,7 @@ group :development do

  gem 'letter_opener_web', '~> 1.3.0'
  gem 'rerun', '~> 0.11.0'
-  gem 'bullet', '~> 5.0.0', require: false
+  gem 'bullet', '~> 5.2.0', require: false
  gem 'rblineprof', '~> 0.3.6', platform: :mri, require: false
  gem 'web-console', '~> 2.0'

@@ -303,7 +303,7 @@ group :development, :test do
  gem 'rubocop', '~> 0.41.2', require: false
  gem 'rubocop-rspec', '~> 1.5.0', require: false
  gem 'scss_lint', '~> 0.47.0', require: false
-  gem 'simplecov', '~> 0.11.0', require: false
+  gem 'simplecov', '0.12.0', require: false
  gem 'flog', '~> 4.3.2', require: false
  gem 'flay', '~> 2.6.1', require: false
  gem 'bundler-audit', '~> 0.5.0', require: false

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -59,7 +59,7 @@ GEM
      oauth2 (~> 1.0)
    asciidoctor (1.5.3)
    ast (2.3.0)
-    attr_encrypted (3.0.1)
+    attr_encrypted (3.0.3)
      encryptor (~> 3.0.0)
    attr_required (1.0.0)
    autoprefixer-rails (6.2.3)
@@ -104,9 +104,9 @@ GEM
    brakeman (3.3.2)
    browser (2.2.0)
    builder (3.2.2)
-    bullet (5.0.0)
+    bullet (5.2.0)
      activesupport (>= 3.0.0)
-      uniform_notifier (~> 1.9.0)
+      uniform_notifier (~> 1.10.0)
    bundler-audit (0.5.0)
      bundler (~> 1.2)
      thor (~> 0.18)
@@ -156,8 +156,8 @@ GEM
    database_cleaner (1.5.3)
    debug_inspector (0.0.2)
    debugger-ruby_core_source (1.3.8)
-    default_value_for (3.0.1)
-      activerecord (>= 3.2.0, < 5.0)
+    default_value_for (3.0.2)
+      activerecord (>= 3.2.0, < 5.1)
    descendants_tracker (0.0.4)
      thread_safe (~> 0.3, >= 0.3.1)
    devise (4.1.1)
@@ -303,7 +303,7 @@ GEM
    gollum-rugged_adapter (0.4.2)
      mime-types (>= 1.15)
      rugged (~> 0.24.0, >= 0.21.3)
-    gon (6.0.1)
+    gon (6.1.0)
      actionpack (>= 3.0)
      json
      multi_json
@@ -509,7 +509,7 @@ GEM
    rack-cors (0.4.0)
    rack-mount (0.8.3)
      rack (>= 1.0.0)
-    rack-oauth2 (1.2.1)
+    rack-oauth2 (1.2.3)
      activesupport (>= 2.3)
      attr_required (>= 0.0.5)
      httpclient (>= 2.4)
@@ -575,7 +575,7 @@ GEM
      redis-store (~> 1.1.0)
    redis-store (1.1.7)
      redis (>= 2.2)
-    request_store (1.3.0)
+    request_store (1.3.1)
    rerun (0.11.0)
      listen (~> 3.0)
    responders (2.1.1)
@@ -673,9 +673,9 @@ GEM
      rufus-scheduler (>= 2.0.24)
      sidekiq (>= 4.0.0)
    simple_oauth (0.1.9)
-    simplecov (0.11.2)
+    simplecov (0.12.0)
      docile (~> 1.1.0)
-      json (~> 1.8)
+      json (>= 1.8, < 3)
      simplecov-html (~> 0.10.0)
    simplecov-html (0.10.0)
    sinatra (1.4.7)
@@ -775,7 +775,7 @@ GEM
    unicorn-worker-killer (0.4.4)
      get_process_mem (~> 0)
      unicorn (>= 4, < 6)
-    uniform_notifier (1.9.0)
+    uniform_notifier (1.10.0)
    uuid (2.3.8)
      macaddr (~> 1.0)
    version_sorter (2.0.0)
@@ -830,7 +830,7 @@ DEPENDENCIES
  bootstrap-sass (~> 3.3.0)
  brakeman (~> 3.3.0)
  browser (~> 2.2)
-  bullet (~> 5.0.0)
+  bullet (~> 5.2.0)
  bundler-audit (~> 0.5.0)
  byebug (~> 8.2.1)
  capybara (~> 2.6.2)
@@ -875,7 +875,7 @@ DEPENDENCIES
  gitlab_omniauth-ldap (~> 1.2.1)
  gollum-lib (~> 4.2)
  gollum-rugged_adapter (~> 0.4.2)
-  gon (~> 6.0.1)
+  gon (~> 6.1.0)
  grape (~> 0.13.0)
  grape-entity (~> 0.4.2)
  hamlit (~> 2.5)
@@ -962,7 +962,7 @@ DEPENDENCIES
  shoulda-matchers (~> 2.8.0)
  sidekiq (~> 4.0)
  sidekiq-cron (~> 0.4.0)
-  simplecov (~> 0.11.0)
+  simplecov (= 0.12.0)
  sinatra (~> 1.4.4)
  six (~> 0.2.0)
  slack-notifier (~> 1.2.0)

--- a/app/assets/javascripts/users_select.js
+++ b/app/assets/javascripts/users_select.js
@@ -189,6 +189,7 @@
          _this.groupId = $(select).data('group-id');
          _this.showCurrentUser = $(select).data('current-user');
          _this.authorId = $(select).data('author-id');
+          _this.skipUsers = $(select).data('skip-users');
          showNullUser = $(select).data('null-user');
          showAnyUser = $(select).data('any-user');
          showEmailUser = $(select).data('email-user');
@@ -320,7 +321,8 @@
          project_id: this.projectId,
          group_id: this.groupId,
          current_user: this.showCurrentUser,
-          author_id: this.authorId
+          author_id: this.authorId,
+          skip_users: this.skipUsers
        },
        dataType: "json"
      }).done(function(users) {

--- a/app/controllers/autocomplete_controller.rb
+++ b/app/controllers/autocomplete_controller.rb
@@ -5,6 +5,7 @@ class AutocompleteController < ApplicationController
  def users
    @users ||= User.none
    @users = @users.search(params[:search]) if params[:search].present?
+    @users = @users.where.not(id: params[:skip_users]) if params[:skip_users].present?
    @users = @users.active
    @users = @users.reorder(:name)
    @users = @users.page(params[:page])

--- a/app/controllers/explore/application_controller.rb
+++ b/app/controllers/explore/application_controller.rb
 class Explore::ApplicationController < ApplicationController
-  skip_before_action :authenticate_user!, :reject_blocked
+  skip_before_action :authenticate_user!, :reject_blocked!

  layout 'explore'
 end
--- a/app/controllers/help_controller.rb
+++ b/app/controllers/help_controller.rb
 class HelpController < ApplicationController
-  skip_before_action :authenticate_user!, :reject_blocked
+  skip_before_action :authenticate_user!, :reject_blocked!

  layout 'help'


--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -82,7 +82,7 @@ class Projects::IssuesController < Projects::ApplicationController
  end

  def create
-    @issue = Issues::CreateService.new(project, current_user, issue_params).execute
+    @issue = Issues::CreateService.new(project, current_user, issue_params.merge(request: request)).execute

    respond_to do |format|
      format.html do
@@ -92,7 +92,7 @@ class Projects::IssuesController < Projects::ApplicationController
          render :new
        end
      end
-      format.js do |format|
+      format.js do
        @link = @issue.attachment.url.to_js
      end
    end

--- a/app/controllers/search_controller.rb
+++ b/app/controllers/search_controller.rb
 class SearchController < ApplicationController
-  skip_before_action :authenticate_user!, :reject_blocked
+  skip_before_action :authenticate_user!, :reject_blocked!

  include SearchHelper


--- a/app/helpers/selects_helper.rb
+++ b/app/helpers/selects_helper.rb
@@ -5,21 +5,9 @@ module SelectsHelper
    css_class << "skip_ldap " if opts[:skip_ldap]
    css_class << (opts[:class] || '')
    value = opts[:selected] || ''
-
-    first_user = opts[:first_user] && current_user ? current_user.username : false
-
    html = {
      class: css_class,
-      data: {
-        placeholder: opts[:placeholder]   || 'Search for a user',
-        null_user: opts[:null_user]       || false,
-        any_user: opts[:any_user]         || false,
-        email_user: opts[:email_user]     || false,
-        first_user: first_user,
-        current_user: opts[:current_user] || false,
-        "push-code-to-protected-branches" => opts[:push_code_to_protected_branches],
-        author_id: opts[:author_id] || ''
-      }
+      data: users_select_data_attributes(opts)
    }

    unless opts[:scope] == :all
@@ -68,4 +56,20 @@ module SelectsHelper

    hidden_field_tag(id, value, class: css_class)
  end
+
+  private
+
+  def users_select_data_attributes(opts)
+    {
+      placeholder: opts[:placeholder]   || 'Search for a user',
+      null_user: opts[:null_user]       || false,
+      any_user: opts[:any_user]         || false,
+      email_user: opts[:email_user]     || false,
+      first_user: opts[:first_user] && current_user ? current_user.username : false,
+      current_user: opts[:current_user] || false,
+      "push-code-to-protected-branches" => opts[:push_code_to_protected_branches],
+      author_id: opts[:author_id] || '',
+      skip_users: opts[:skip_users] ? opts[:skip_users].map(&:id) : nil,
+    }
+  end
 end
--- a/app/models/concerns/spammable.rb
+++ b/app/models/concerns/spammable.rb
+module Spammable
+  extend ActiveSupport::Concern
+
+  included do
+    attr_accessor :spam
+    after_validation :check_for_spam, on: :create
+  end
+
+  def spam?
+    @spam
+  end
+
+  def check_for_spam
+    self.errors.add(:base, "Your #{self.class.name.underscore} has been recognized as spam and has been discarded.") if spam?
+  end
+end
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -6,6 +6,7 @@ class Issue < ActiveRecord::Base
  include Referable
  include Sortable
  include Taskable
+  include Spammable

  DueDateStruct = Struct.new(:title, :name).freeze
  NoDueDate     = DueDateStruct.new('No Due Date', '0').freeze

--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -586,7 +586,11 @@ class Project < ActiveRecord::Base
  end

  def to_param
-    path
+    if persisted? && errors.include?(:path)
+      path_was
+    else
+      path
+    end
  end

  def to_reference(_from_project = nil)

--- a/app/models/project_services/hipchat_service.rb
+++ b/app/models/project_services/hipchat_service.rb
@@ -46,7 +46,7 @@ class HipchatService < Service
    return unless supported_events.include?(data[:object_kind])
    message = create_message(data)
    return unless message.present?
-    gate[room].send('GitLab', message, message_options)
+    gate[room].send('GitLab', message, message_options(data))
  end

  def test(data)
@@ -67,8 +67,8 @@ class HipchatService < Service
    @gate ||= HipChat::Client.new(token, options)
  end

-  def message_options
-    { notify: notify.present? && notify == '1', color: color || 'yellow' }
+  def message_options(data = nil)
+    { notify: notify.present? && notify == '1', color: message_color(data) }
  end

  def create_message(data)
@@ -240,6 +240,21 @@ class HipchatService < Service
    "#{project_link}: Commit #{commit_link} of #{branch_link} #{ref_type} by #{user_name} #{humanized_status(status)} in #{duration} second(s)"
  end

+  def message_color(data)
+    build_status_color(data) || color || 'yellow'
+  end
+
+  def build_status_color(data)
+    return unless data && data[:object_kind] == 'build'
+
+    case data[:commit][:status]
+    when 'success'
+      'green'
+    else
+      'red'
+    end
+  end
+
  def project_name
    project.name_with_namespace.gsub(/\s/, '')
  end

--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -988,6 +988,10 @@ class Repository
      if was_empty || !target_branch
        # Create branch
        rugged.references.create(ref, newrev)
+
+        # If repo was empty expire cache
+        after_create if was_empty
+        after_create_branch
      else
        # Update head
        current_head = find_branch(branch).target

--- a/app/services/issues/create_service.rb
+++ b/app/services/issues/create_service.rb
@@ -2,10 +2,14 @@ module Issues
  class CreateService < Issues::BaseService
    def execute
      filter_params
-      label_params = params[:label_ids]
-      issue = project.issues.new(params.except(:label_ids))
+      label_params = params.delete(:label_ids)
+      request = params.delete(:request)
+      api = params.delete(:api)
+      issue = project.issues.new(params)
      issue.author = params[:author] || current_user

+      issue.spam = spam_check_service.execute(request, api)
+
      if issue.save
        issue.update_attributes(label_ids: label_params)
        notification_service.new_issue(issue, current_user)
@@ -17,5 +21,11 @@ module Issues

      issue
    end
+
+    private
+
+    def spam_check_service
+      SpamCheckService.new(project, current_user, params)
+    end
  end
 end
--- a/app/services/projects/update_service.rb
+++ b/app/services/projects/update_service.rb
@@ -3,7 +3,7 @@ module Projects
    def execute
      # check that user is allowed to set specified visibility_level
      new_visibility = params[:visibility_level]
-      
+
      if new_visibility && new_visibility.to_i != project.visibility_level
        unless can?(current_user, :change_visibility_level, project) &&
          Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility)

--- a/app/services/spam_check_service.rb
+++ b/app/services/spam_check_service.rb
+class SpamCheckService < BaseService
+  include Gitlab::AkismetHelper
+
+  attr_accessor :request, :api
+
+  def execute(request, api)
+    @request, @api = request, api
+    return false unless request || check_for_spam?(project)
+    return false unless is_spam?(request.env, current_user, text)
+    
+    create_spam_log
+
+    true
+  end
+
+  private
+
+  def text
+    [params[:title], params[:description]].reject(&:blank?).join("\n")
+  end
+  
+  def spam_log_attrs
+    {
+      user_id: current_user.id,
+      project_id: project.id,
+      title: params[:title],
+      description: params[:description],
+      source_ip: client_ip(request.env),
+      user_agent: user_agent(request.env),
+      noteable_type: 'Issue',
+      via_api: api
+    }
+  end
+
+  def create_spam_log
+    CreateSpamLogService.new(project, current_user, spam_log_attrs).execute
+  end
+end
--- a/app/views/projects/edit.html.haml
+++ b/app/views/projects/edit.html.haml
@@ -4,6 +4,7 @@
      %h4.prepend-top-0
        Project settings
    .col-lg-9
+      .project-edit-errors
      = form_for [@project.namespace.becomes(Namespace), @project], remote: true, html: { multipart: true, class: "edit-project" }, authenticity_token: true do |f|
        %fieldset.append-bottom-0
          .form-group
@@ -190,6 +191,7 @@
      %h4.prepend-top-0.warning-title
        Rename repository
    .col-lg-9
+      = render 'projects/errors'
      = form_for([@project.namespace.becomes(Namespace), @project]) do |f|
        .form-group.project_name_holder
          = f.label :name, class: 'label-light' do

--- a/app/views/projects/update.js.haml
+++ b/app/views/projects/update.js.haml
@@ -6,4 +6,4 @@
    $(".project-edit-errors").html("#{escape_javascript(render('errors'))}");
    $('.save-project-loader').hide();
    $('.project-edit-container').show();
-    $('.project-edit-content .btn-save').enable();
+    $('.edit-project .btn-save').enable();
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -279,7 +279,7 @@ Rails.application.routes.draw do
    resource :health_check, controller: 'health_check', only: [:show]
    resource :background_jobs, controller: 'background_jobs', only: [:show]
    resource :system_info, controller: 'system_info', only: [:show]
-    resources :requests_profiles, only: [:index, :show], param: :name
+    resources :requests_profiles, only: [:index, :show], param: :name, constraints: { name: /.+\.html/ }

    resources :namespaces, path: '/projects', constraints: { id: /[a-zA-Z.0-9_\-]+/ }, only: [] do
      root to: 'projects#index', as: :projects

--- a/doc/integration/akismet.md
+++ b/doc/integration/akismet.md
 # Akismet

+> *Note:* Before 8.11 only issues submitted via the API and for non-project
+members were submitted to Akismet.
+
 GitLab leverages [Akismet](http://akismet.com) to protect against spam. Currently
-GitLab uses Akismet to prevent users who are not members of a project from
-creating spam via the GitLab API. Detected spam will be rejected, and
-an entry in the "Spam Log" section in the Admin page will be created.
+GitLab uses Akismet to prevent the creation of spam issues on public projects. Issues
+created via the WebUI or the API can be submitted to Akismet for review.
+
+Detected spam will be rejected, and an entry in the "Spam Log" section in the
+Admin page will be created.

 Privacy note: GitLab submits the user's IP and user agent to Akismet. Note that
 adding a user to a project will disable the Akismet check and prevent this

--- a/features/support/env.rb
+++ b/features/support/env.rb
-if ENV['SIMPLECOV']
-  require 'simplecov'
-end
+require './spec/simplecov_env'
+SimpleCovEnv.start!

 ENV['RAILS_ENV'] = 'test'
 require './config/environment'

--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -21,17 +21,6 @@ module API
      def filter_issues_milestone(issues, milestone)
        issues.includes(:milestone).where('milestones.title' => milestone)
      end
-
-      def create_spam_log(project, current_user, attrs)
-        params = attrs.merge({
-          source_ip: client_ip(env),
-          user_agent: user_agent(env),
-          noteable_type: 'Issue',
-          via_api: true
-        })
-
-        ::CreateSpamLogService.new(project, current_user, params).execute
-      end
    end

    resource :issues do
@@ -168,15 +157,13 @@ module API
        end

        project = user_project
-        text = [attrs[:title], attrs[:description]].reject(&:blank?).join("\n")

-        if check_for_spam?(project, current_user) && is_spam?(env, current_user, text)
-          create_spam_log(project, current_user, attrs)
+        issue = ::Issues::CreateService.new(project, current_user, attrs.merge(request: request, api: true)).execute
+
+        if issue.spam?
          render_api_error!({ error: 'Spam detected' }, 400)
        end

-        issue = ::Issues::CreateService.new(project, current_user, attrs).execute
-
        if issue.valid?
          # Find or create labels and attach to issue. Labels are valid because
          # we already checked its name, so there can't be an error here

--- a/lib/gitlab/akismet_helper.rb
+++ b/lib/gitlab/akismet_helper.rb
@@ -17,8 +17,8 @@ module Gitlab
      env['HTTP_USER_AGENT']
    end

-    def check_for_spam?(project, user)
-      akismet_enabled? && !project.team.member?(user)
+    def check_for_spam?(project)
+      akismet_enabled? && project.public?
    end

    def is_spam?(environment, user, text)

--- a/lib/tasks/test.rake
+++ b/lib/tasks/test.rake
@@ -7,5 +7,5 @@ end

 unless Rails.env.production?
  desc "GitLab | Run all tests on CI with simplecov"
-  task test_ci: [:rubocop, :brakeman, 'teaspoon', :spinach, :spec]
+  task test_ci: [:rubocop, :brakeman, :teaspoon, :spinach, :spec]
 end
--- a/public/404.html
+++ b/public/404.html
 <!DOCTYPE html>
 <html>
 <head>
+  <meta content="width=device-width, initial-scale=1, maximum-scale=1" name="viewport">
  <title>The page you're looking for could not be found (404)</title>
  <style>
-      body {
-        color: #666;
-        text-align: center;
-        font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
-        margin: 0;
-        width: 800px;
-        margin: auto;
-        font-size: 14px;
-      }
+    body {
+      color: #666;
+      text-align: center;
+      font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
+      margin: auto;
+      font-size: 14px;
+    }

-      h1 {
-        font-size: 56px;
-        line-height: 100px;
-        font-weight: normal;
-        color: #456;
-      }
+    h1 {
+      font-size: 56px;
+      line-height: 100px;
+      font-weight: normal;
+      color: #456;
+    }

-      h2 {
-        font-size: 24px;
-        color: #666;
-        line-height: 1.5em;
-      }
+    h2 {
+      font-size: 24px;
+      color: #666;
+      line-height: 1.5em;
+    }

-      h3 {
-        color: #456;
-        font-size: 20px;
-        font-weight: normal;
-        line-height: 28px;
-      }
+    h3 {
+      color: #456;
+      font-size: 20px;
+      font-weight: normal;
+      line-height: 28px;
+    }

-      hr {
-        margin: 18px 0;
-        border: 0;
-        border-top: 1px solid #EEE;
-        border-bottom: 1px solid white;
-      }
+    hr {
+      max-width: 800px;
+      margin: 18px auto;
+      border: 0;
+      border-top: 1px solid #EEE;
+      border-bottom: 1px solid white;
+    }
+
+    img {
+      max-width: 40vw;
+    }
+
+    .container {
+      margin: auto 20px;
+    }
  </style>
 </head>

 <body>
  <h1>
-    <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" /><br />
+    <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" alt="GitLab Logo" /><br />
    404
  </h1>
-  <h3>The page you're looking for could not be found.</h3>
-  <hr/>
-  <p>Make sure the address is correct and that the page hasn't moved.</p>
-  <p>Please contact your GitLab administrator if you think this is a mistake.</p>
+  <div class="container">
+    <h3>The page you're looking for could not be found.</h3>
+    <hr />
+    <p>Make sure the address is correct and that the page hasn't moved.</p>
+    <p>Please contact your GitLab administrator if you think this is a mistake.</p>
+  </div>
 </body>
 </html>
--- a/public/422.html
+++ b/public/422.html
 <!DOCTYPE html>
 <html>
 <head>
+  <meta content="width=device-width, initial-scale=1, maximum-scale=1" name="viewport">
  <title>The change you requested was rejected (422)</title>
  <style>
    body {
      color: #666;
-       text-align: center;
-       font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
-       margin: 0;
-       width: 800px;
-       margin: auto;
-       font-size: 14px;
-     }
+      text-align: center;
+      font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
+      margin: auto;
+      font-size: 14px;
+    }

-     h1 {
-       font-size: 56px;
-       line-height: 100px;
-       font-weight: normal;
-       color: #456;
-     }
+    h1 {
+      font-size: 56px;
+      line-height: 100px;
+      font-weight: normal;
+      color: #456;
+    }

-     h2 {
-       font-size: 24px;
-       color: #666;
-       line-height: 1.5em;
-     }
+    h2 {
+      font-size: 24px;
+      color: #666;
+      line-height: 1.5em;
+    }
+
+    h3 {
+      color: #456;
+      font-size: 20px;
+      font-weight: normal;
+      line-height: 28px;
+    }
+
+    hr {
+      max-width: 800px;
+      margin: 18px auto;
+      border: 0;
+      border-top: 1px solid #EEE;
+      border-bottom: 1px solid white;
+    }

-     h3 {
-       color: #456;
-       font-size: 20px;
-       font-weight: normal;
-       line-height: 28px;
-     }
+    img {
+      max-width: 40vw;
+    }

-     hr {
-       margin: 18px 0;
-       border: 0;
-       border-top: 1px solid #EEE;
-       border-bottom: 1px solid white;
-     }
-   </style>
+    .container {
+      margin: auto 20px;
+    }
+  </style>
 </head>

 <body>
  <h1>
-    <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" /><br />
+    <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" alt="GitLab Logo" /><br />
    422
  </h1>
-  <h3>The change you requested was rejected.</h3>
-  <hr />
-  <p>Make sure you have access to the thing you tried to change.</p>
-  <p>Please contact your GitLab administrator if you think this is a mistake.</p>
+  <div class="container">
+    <h3>The change you requested was rejected.</h3>
+    <hr />
+    <p>Make sure you have access to the thing you tried to change.</p>
+    <p>Please contact your GitLab administrator if you think this is a mistake.</p>
+  </div>
 </body>
 </html>
--- a/public/500.html
+++ b/public/500.html
 <!DOCTYPE html>
 <html>
 <head>
+  <meta content="width=device-width, initial-scale=1, maximum-scale=1" name="viewport">
  <title>Something went wrong (500)</title>
  <style>
-     body {
-       color: #666;
-       text-align: center;
-       font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
-       margin: 0;
-       width: 800px;
-       margin: auto;
-       font-size: 14px;
-     }
+    body {
+      color: #666;
+      text-align: center;
+      font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
+      margin: auto;
+      font-size: 14px;
+    }

-     h1 {
-       font-size: 56px;
-       line-height: 100px;
-       font-weight: normal;
-       color: #456;
-     }
+    h1 {
+      font-size: 56px;
+      line-height: 100px;
+      font-weight: normal;
+      color: #456;
+    }

-     h2 {
-       font-size: 24px;
-       color: #666;
-       line-height: 1.5em;
-     }
+    h2 {
+      font-size: 24px;
+      color: #666;
+      line-height: 1.5em;
+    }

-     h3 {
-       color: #456;
-       font-size: 20px;
-       font-weight: normal;
-       line-height: 28px;
-     }
+    h3 {
+      color: #456;
+      font-size: 20px;
+      font-weight: normal;
+      line-height: 28px;
+    }

-     hr {
-      margin: 18px 0;
+    hr {
+      max-width: 800px;
+      margin: 18px auto;
      border: 0;
      border-top: 1px solid #EEE;
      border-bottom: 1px solid white;
    }
+
+    img {
+      max-width: 40vw;
+    }
+
+    .container {
+      margin: auto 20px;
+    }
  </style>
 </head>
+
 <body>
  <h1>
-    <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" /><br />
+    <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" alt="GitLab Logo" /><br />
    500
  </h1>
-  <h3>Whoops, something went wrong on our end.</h3>
-  <hr/>
-  <p>Try refreshing the page, or going back and attempting the action again.</p>
-  <p>Please contact your GitLab administrator if this problem persists.</p>
+  <div class="container">
+    <h3>Whoops, something went wrong on our end.</h3>
+    <hr />
+    <p>Try refreshing the page, or going back and attempting the action again.</p>
+    <p>Please contact your GitLab administrator if this problem persists.</p>
+  </div>
 </body>
 </html>
--- a/public/502.html
+++ b/public/502.html
 <!DOCTYPE html>
 <html>
 <head>
+  <meta content="width=device-width, initial-scale=1, maximum-scale=1" name="viewport">
  <title>GitLab is not responding (502)</title>
  <style>
    body {
      color: #666;
      text-align: center;
      font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
-      margin: 0;
-      width: 800px;
      margin: auto;
      font-size: 14px;
    }
@@ -34,21 +33,33 @@
    }

    hr {
-      margin: 18px 0;
+      max-width: 800px;
+      margin: 18px auto;
      border: 0;
      border-top: 1px solid #EEE;
      border-bottom: 1px solid white;
    }
+
+    img {
+      max-width: 40vw;
+    }
+
+    .container {
+      margin: auto 20px;
+    }
  </style>
 </head>
+
 <body>
  <h1>
-    <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" /><br />
+    <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" alt="GitLab Logo" /><br />
    502
  </h1>
-  <h3>Whoops, GitLab is taking too much time to respond.</h3>
-  <hr/>
-  <p>Try refreshing the page, or going back and attempting the action again.</p>
-  <p>Please contact your GitLab administrator if this problem persists.</p>
+  <div class="container">
+    <h3>Whoops, GitLab is taking too much time to respond.</h3>
+    <hr />
+    <p>Try refreshing the page, or going back and attempting the action again.</p>
+    <p>Please contact your GitLab administrator if this problem persists.</p>
+  </div>
 </body>
 </html>
--- a/public/503.html
+++ b/public/503.html
 <!DOCTYPE html>
 <html>
 <head>
+  <meta content="width=device-width, initial-scale=1, maximum-scale=1" name="viewport">
  <title>GitLab is not responding (503)</title>
  <style>
    body {
      color: #666;
      text-align: center;
      font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
-      margin: 0;
-      width: 800px;
      margin: auto;
      font-size: 14px;
    }
@@ -34,21 +33,33 @@
    }

    hr {
-      margin: 18px 0;
+      max-width: 800px;
+      margin: 18px auto;
      border: 0;
      border-top: 1px solid #EEE;
      border-bottom: 1px solid white;
    }
+
+    img {
+      max-width: 40vw;
+    }
+
+    .container {
+      margin: auto 20px;
+    }
  </style>
 </head>
+
 <body>
  <h1>
-    <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" alt="GitLab Logo"/><br />
+    <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" alt="GitLab Logo" /><br />
    503
  </h1>
-  <h3>Whoops, GitLab is currently unavailable.</h3>
-  <hr/>
-  <p>Try refreshing the page, or going back and attempting the action again.</p>
-  <p>Please contact your GitLab administrator if this problem persists.</p>
+  <div class="container">
+    <h3>Whoops, GitLab is currently unavailable.</h3>
+    <hr />
+    <p>Try refreshing the page, or going back and attempting the action again.</p>
+    <p>Please contact your GitLab administrator if this problem persists.</p>
+  </div>
 </body>
 </html>
--- a/public/deploy.html
+++ b/public/deploy.html
 <!DOCTYPE html>
 <html>
-  <head>
-    <title>Deploy in progress</title>
-    <style>
-     body {
-        color: #666;
-        text-align: center;
-        font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
-        margin: 0;
-        width: 800px;
-        margin: auto;
-        font-size: 14px;
-      }
+<head>
+  <meta content="width=device-width, initial-scale=1, maximum-scale=1" name="viewport">
+  <title>Deploy in progress</title>
+  <style>
+    body {
+      color: #666;
+      text-align: center;
+      font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
+      margin: auto;
+      font-size: 14px;
+    }

-      h1 {
-        font-size: 56px;
-        line-height: 100px;
-        font-weight: normal;
-        color: #456;
-      }
+    h1 {
+      font-size: 56px;
+      line-height: 100px;
+      font-weight: normal;
+      color: #456;
+    }

-      h2 {
-        font-size: 24px;
-        color: #666;
-        line-height: 1.5em;
-      }
+    h2 {
+      font-size: 24px;
+      color: #666;
+      line-height: 1.5em;
+    }

-      h3 {
-        color: #456;
-        font-size: 20px;
-        font-weight: normal;
-        line-height: 28px;
-      }
+    h3 {
+      color: #456;
+      font-size: 20px;
+      font-weight: normal;
+      line-height: 28px;
+    }

-      hr {
-        margin: 18px 0;
-        border: 0;
-        border-top: 1px solid #EEE;
-        border-bottom: 1px solid white;
-      }
-    </style>
-  </head>
+    hr {
+      max-width: 800px;
+      margin: 18px auto;
+      border: 0;
+      border-top: 1px solid #EEE;
+      border-bottom: 1px solid white;
+    }

-  <body>
-    <h1>
-      <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" /><br />
-      Deploy in progress
-    </h1>
+    img {
+      max-width: 40vw;
+    }
+
+    .container {
+      margin: auto 20px;
+    }
+  </style>
+</head>
+
+<body>
+  <h1>
+    <img src="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjEwIiBoZWlnaHQ9IjIxMCIgdmlld0JveD0iMCAwIDIxMCAyMTAiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTVsMzguNjQtMTE4LjkyMWgtNzcuMjhsMzguNjQgMTE4LjkyMXoiIGZpbGw9IiNlMjQzMjkiLz4KICA8cGF0aCBkPSJNMTA1LjA2MTQgMjAzLjY1NDhsLTM4LjY0LTExOC45MjFoLTU0LjE1M2w5Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTIuMjY4NSA4NC43MzQxbC0xMS43NDIgMzYuMTM5Yy0xLjA3MSAzLjI5Ni4xMDIgNi45MDcgMi45MDYgOC45NDRsMTAxLjYyOSA3My44MzgtOTIuNzkzLTExOC45MjF6IiBmaWxsPSIjZmNhMzI2Ii8+CiAgPHBhdGggZD0iTTEyLjI2ODUgODQuNzM0Mmg1NC4xNTNsLTIzLjI3My03MS42MjVjLTEuMTk3LTMuNjg2LTYuNDExLTMuNjg1LTcuNjA4IDBsLTIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+CiAgPHBhdGggZD0iTTEwNS4wNjE0IDIwMy42NTQ4bDM4LjY0LTExOC45MjFoNTQuMTUzbC05Mi43OTMgMTE4LjkyMXoiIGZpbGw9IiNmYzZkMjYiLz4KICA8cGF0aCBkPSJNMTk3Ljg1NDQgODQuNzM0MWwxMS43NDIgMzYuMTM5YzEuMDcxIDMuMjk2LS4xMDIgNi45MDctMi45MDYgOC45NDRsLTEwMS42MjkgNzMuODM4IDkyLjc5My0xMTguOTIxeiIgZmlsbD0iI2ZjYTMyNiIvPgogIDxwYXRoIGQ9Ik0xOTcuODU0NCA4NC43MzQyaC01NC4xNTNsMjMuMjczLTcxLjYyNWMxLjE5Ny0zLjY4NiA2LjQxMS0zLjY4NSA3LjYwOCAwbDIzLjI3MiA3MS42MjV6IiBmaWxsPSIjZTI0MzI5Ii8+Cjwvc3ZnPgo=" alt="GitLab Logo" /><br />
+    Deploy in progress
+  </h1>
+  <div class="container">
    <h3>Please try again in a few minutes.</h3>
-    <hr/>
+    <hr />
    <p>Please contact your GitLab administrator if this problem persists.</p>
-  </body>
+  </div>
+</body>
 </html>
--- a/scripts/merge-simplecov
+++ b/scripts/merge-simplecov
+#!/usr/bin/env ruby
+
+require_relative '../spec/simplecov_env'
+SimpleCovEnv.configure_profile
+
+module SimpleCov
+  module ResultMerger
+    class << self
+      def resultset_files
+        Dir.glob(File.join(SimpleCov.coverage_path, '*', '.resultset.json'))
+      end
+
+      def resultset_hashes
+        resultset_files.map do |path|
+          begin
+            JSON.parse(File.read(path))
+          rescue
+            {}
+          end
+        end
+      end
+
+      def resultset
+        resultset_hashes.reduce({}, :merge)
+      end
+    end
+  end
+end
+
+SimpleCov::ResultMerger.merged_result.format!
--- a/spec/controllers/autocomplete_controller_spec.rb
+++ b/spec/controllers/autocomplete_controller_spec.rb
@@ -163,4 +163,17 @@ describe AutocompleteController do
      expect(body.collect { |u| u['id'] }).not_to include(99999)
    end
  end
+
+  context 'skip_users parameter included' do
+    before { sign_in(user) }
+
+    it 'skips the user IDs passed' do
+      get(:users, skip_users: [user, user2].map(&:id))
+
+      other_user_ids = [non_member, project.owner, project.creator].map(&:id)
+      response_user_ids = JSON.parse(response.body).map { |user| user['id'] }
+
+      expect(response_user_ids).to contain_exactly(*other_user_ids)
+    end
+  end
 end
--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -243,6 +243,37 @@ describe Projects::IssuesController do
    end
  end

+  describe 'POST #create' do
+    context 'Akismet is enabled' do
+      before do
+        allow_any_instance_of(Gitlab::AkismetHelper).to receive(:check_for_spam?).and_return(true)
+        allow_any_instance_of(Gitlab::AkismetHelper).to receive(:is_spam?).and_return(true)
+      end
+
+      def post_spam_issue
+        sign_in(user)
+        spam_project = create(:empty_project, :public)
+        post :create, {
+          namespace_id: spam_project.namespace.to_param,
+          project_id: spam_project.to_param,
+          issue: { title: 'Spam Title', description: 'Spam lives here' }
+        }
+      end
+
+      it 'rejects an issue recognized as spam' do
+        expect{ post_spam_issue }.not_to change(Issue, :count)
+        expect(response).to render_template(:new)
+      end
+
+      it 'creates a spam log' do
+        post_spam_issue
+        spam_logs = SpamLog.all
+        expect(spam_logs.count).to eq(1)
+        expect(spam_logs[0].title).to eq('Spam Title')
+      end
+    end
+  end
+
  describe "DELETE #destroy" do
    context "when the user is a developer" do
      before { sign_in(user) }

--- a/spec/features/projects/project_settings_spec.rb
+++ b/spec/features/projects/project_settings_spec.rb
+require 'spec_helper'
+
+describe 'Edit Project Settings', feature: true do
+  let(:user) { create(:user) }
+  let(:project) { create(:empty_project, path: 'gitlab', name: 'sample') }
+
+  before do
+    login_as(user)
+    project.team << [user, :master]
+  end
+
+  describe 'Project settings', js: true do
+    it 'shows errors for invalid project name' do
+      visit edit_namespace_project_path(project.namespace, project)
+
+      fill_in 'project_name_edit', with: 'foo&bar'
+
+      click_button 'Save changes'
+
+      expect(page).to have_field 'project_name_edit', with: 'foo&bar'
+      expect(page).to have_content "Name can contain only letters, digits, '_', '.', dash and space. It must start with letter, digit or '_'."
+      expect(page).to have_button 'Save changes'
+    end
+  end
+
+  describe 'Rename repository' do
+    it 'shows errors for invalid project path/name' do
+      visit edit_namespace_project_path(project.namespace, project)
+
+      fill_in 'Project name', with: 'foo&bar'
+      fill_in 'Path', with: 'foo&bar'
+
+      click_button 'Rename project'
+
+      expect(page).to have_field 'Project name', with: 'foo&bar'
+      expect(page).to have_field 'Path', with: 'foo&bar'
+      expect(page).to have_content "Name can contain only letters, digits, '_', '.', dash and space. It must start with letter, digit or '_'."
+      expect(page).to have_content "Path can contain only letters, digits, '_', '-' and '.'. Cannot start with '-', end in '.git' or end in '.atom'"
+    end
+  end
+end
--- a/spec/lib/gitlab/akismet_helper_spec.rb
+++ b/spec/lib/gitlab/akismet_helper_spec.rb
 require 'spec_helper'

 describe Gitlab::AkismetHelper, type: :helper do
-  let(:project) { create(:project) }
+  let(:project) { create(:project, :public) }
  let(:user) { create(:user) }

  before do
@@ -11,13 +11,13 @@ describe Gitlab::AkismetHelper, type: :helper do
  end

  describe '#check_for_spam?' do
-    it 'returns true for non-member' do
-      expect(helper.check_for_spam?(project, user)).to eq(true)
+    it 'returns true for public project' do
+      expect(helper.check_for_spam?(project)).to eq(true)
    end

-    it 'returns false for member' do
-      project.team << [user, :guest]
-      expect(helper.check_for_spam?(project, user)).to eq(false)
+    it 'returns false for private project' do
+      project.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PRIVATE)
+      expect(helper.check_for_spam?(project)).to eq(false)
    end
  end


--- a/spec/models/project_services/hipchat_service_spec.rb
+++ b/spec/models/project_services/hipchat_service_spec.rb
@@ -340,18 +340,36 @@ describe HipchatService, models: true do
    end

    context "#message_options" do
-      it "should be set to the defaults" do
-        expect(hipchat.send(:message_options)).to eq({ notify: false, color: 'yellow' })
+      it "is set to the defaults" do
+        expect(hipchat.__send__(:message_options)).to eq({ notify: false, color: 'yellow' })
      end

-      it "should set notfiy to true" do
+      it "sets notify to true" do
        allow(hipchat).to receive(:notify).and_return('1')
-        expect(hipchat.send(:message_options)).to eq({ notify: true, color: 'yellow' })
+
+        expect(hipchat.__send__(:message_options)).to eq({ notify: true, color: 'yellow' })
      end

-      it "should set the color" do
+      it "sets the color" do
        allow(hipchat).to receive(:color).and_return('red')
-        expect(hipchat.send(:message_options)).to eq({ notify: false, color: 'red' })
+
+        expect(hipchat.__send__(:message_options)).to eq({ notify: false, color: 'red' })
+      end
+
+      context 'with a successful build' do
+        it 'uses the green color' do
+          build_data = { object_kind: 'build', commit: { status: 'success' } }
+
+          expect(hipchat.__send__(:message_options, build_data)).to eq({ notify: false, color: 'green' })
+        end
+      end
+
+      context 'with a failed build' do
+        it 'uses the red color' do
+          build_data = { object_kind: 'build', commit: { status: 'failed' } }
+
+          expect(hipchat.__send__(:message_options, build_data)).to eq({ notify: false, color: 'red' })
+        end
      end
    end
  end

--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -400,6 +400,24 @@ describe Project, models: true do

      it { expect(@project.to_param).to eq('gitlabhq') }
    end
+
+    context 'with invalid path' do
+      it 'returns previous path to keep project suitable for use in URLs when persisted' do
+        project = create(:empty_project, path: 'gitlab')
+        project.path = 'foo&bar'
+
+        expect(project).not_to be_valid
+        expect(project.to_param).to eq 'gitlab'
+      end
+
+      it 'returns current path when new record' do
+        project = build(:empty_project, path: 'gitlab')
+        project.path = 'foo&bar'
+
+        expect(project).not_to be_valid
+        expect(project.to_param).to eq 'foo&bar'
+      end
+    end
  end

  describe '#repository' do

--- a/spec/models/repository_spec.rb
+++ b/spec/models/repository_spec.rb
@@ -446,6 +446,43 @@ describe Repository, models: true do
        end.to raise_error(GitHooksService::PreReceiveError)
      end
    end
+
+    context 'when target branch is different from source branch' do
+      before do
+        allow_any_instance_of(Gitlab::Git::Hook).to receive(:trigger).and_return([true, ''])
+      end
+
+      it 'expires branch cache' do
+        expect(repository).not_to receive(:expire_exists_cache)
+        expect(repository).not_to receive(:expire_root_ref_cache)
+        expect(repository).not_to receive(:expire_emptiness_caches)
+        expect(repository).to     receive(:expire_branches_cache)
+        expect(repository).to     receive(:expire_has_visible_content_cache)
+        expect(repository).to     receive(:expire_branch_count_cache)
+
+        repository.commit_with_hooks(user, 'new-feature') { sample_commit.id }
+      end
+    end
+
+    context 'when repository is empty' do
+      before do
+        allow_any_instance_of(Gitlab::Git::Hook).to receive(:trigger).and_return([true, ''])
+      end
+
+      it 'expires creation and branch cache' do
+        empty_repository = create(:empty_project, :empty_repo).repository
+
+        expect(empty_repository).to receive(:expire_exists_cache)
+        expect(empty_repository).to receive(:expire_root_ref_cache)
+        expect(empty_repository).to receive(:expire_emptiness_caches)
+        expect(empty_repository).to receive(:expire_branches_cache)
+        expect(empty_repository).to receive(:expire_has_visible_content_cache)
+        expect(empty_repository).to receive(:expire_branch_count_cache)
+
+        empty_repository.commit_file(user, 'CHANGELOG', 'Changelog!',
+                                     'Updates file content', 'master', false)
+      end
+    end
  end

  describe '#exists?' do

--- a/spec/requests/api/issues_spec.rb
+++ b/spec/requests/api/issues_spec.rb
@@ -531,10 +531,8 @@ describe API::API, api: true  do

  describe 'POST /projects/:id/issues with spam filtering' do
    before do
-      Grape::Endpoint.before_each do |endpoint|
-        allow(endpoint).to receive(:check_for_spam?).and_return(true)
-        allow(endpoint).to receive(:is_spam?).and_return(true)
-      end
+      allow_any_instance_of(Gitlab::AkismetHelper).to receive(:check_for_spam?).and_return(true)
+      allow_any_instance_of(Gitlab::AkismetHelper).to receive(:is_spam?).and_return(true)
    end

    let(:params) do

--- a/spec/simplecov_env.rb
+++ b/spec/simplecov_env.rb
+require 'simplecov'
+
+module SimpleCovEnv
+  extend self
+
+  def start!
+    return unless ENV['SIMPLECOV']
+
+    configure_profile
+    configure_job
+
+    SimpleCov.start
+  end
+
+  def configure_job
+    SimpleCov.configure do
+      if ENV['CI_BUILD_NAME']
+        coverage_dir "coverage/#{ENV['CI_BUILD_NAME']}"
+        command_name ENV['CI_BUILD_NAME']
+      end
+
+      if ENV['CI']
+        SimpleCov.at_exit do
+          # In CI environment don't generate formatted reports
+          # Only generate .resultset.json
+          SimpleCov.result
+        end
+      end
+    end
+  end
+
+  def configure_profile
+    SimpleCov.configure do
+      load_profile 'test_frameworks'
+      track_files '{app,lib}/**/*.rb'
+
+      add_filter '/vendor/ruby/'
+      add_filter 'config/initializers/'
+
+      add_group 'Controllers', 'app/controllers'
+      add_group 'Models', 'app/models'
+      add_group 'Mailers', 'app/mailers'
+      add_group 'Helpers', 'app/helpers'
+      add_group 'Workers', %w(app/jobs app/workers)
+      add_group 'Libraries', 'lib'
+      add_group 'Services', 'app/services'
+      add_group 'Finders', 'app/finders'
+      add_group 'Uploaders', 'app/uploaders'
+      add_group 'Validators', 'app/validators'
+
+      merge_timeout 7200
+    end
+  end
+end
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
-if ENV['SIMPLECOV']
-  require 'simplecov'
-  SimpleCov.start :rails
-end
+require './spec/simplecov_env'
+SimpleCovEnv.start!

 ENV["RAILS_ENV"] ||= 'test'