RubyZip allows us to perform strong validation of
expanded paths where we do extract file.

We introduce the following additional checks
to extract routines:

1. None of path components can be symlinked,
2. We drop privileges support for directories,
3. Symlink source needs to point within the target directory,
   like `public/`,
4. The symlink source needs to exist ahead of time.

[ci skip]

Resolve "Don't check confidential issues for spam"

Closes #56371

See merge request gitlab-org/gitlab-ce!24453

Fix excessive blank space in project activity view

Closes #56225

See merge request gitlab-org/gitlab-ce!24510

Add a string externalisation in note form

See merge request gitlab-org/gitlab-ce!24514

Docs route maps

Closes #53178

See merge request gitlab-org/gitlab-ce!24488

Skip kerberos when running 'bundle install' in update docs

Closes #52346

See merge request gitlab-org/gitlab-ce!24534

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/52346.
Signed-off-by: NRémy Coutable <remy@rymai.me>

Add note about default

See merge request gitlab-org/gitlab-ce!24445

Update release error tracking is available in to 11.8

See merge request gitlab-org/gitlab-ce!24528

Add tip about Go packages

Closes #56493

See merge request gitlab-org/gitlab-ce!24477

Add version text and refactor file

See merge request gitlab-org/gitlab-ce!24517

Resolve "Admin Settings: Cannot read property 'addEventListener' of null"

Closes #56622

See merge request gitlab-org/gitlab-ce!24522

Fixes "New label" button hit miss

Closes gitlab-org/quality/nightly#59

See merge request gitlab-org/gitlab-ce!24487

Eliminate N+1 queries in /api/groups/:id

Closes #49845

See merge request gitlab-org/gitlab-ce!24513

Revert "Merge branch 'qa-use-mr-iid-in-review-app-slug' into 'master'"

See merge request gitlab-org/gitlab-ce!24521

Search project tags via API

Closes #54401

See merge request gitlab-org/gitlab-ce!24385

This reverts merge request
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24388

Set ActionController raise_on_unfiltered_parameters to true

See merge request gitlab-org/gitlab-ce!24443

Bump the katex package to 0.10.0

See merge request gitlab-org/gitlab-ce!24478

add a note that GIT_STRATEGY is not supported for k8s executor

See merge request gitlab-org/gitlab-ce!23974

In https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15475/diffs, a
significant amount of work went into eliminating N+1 queries in the
/api/groups/:id/projects endpoint. We can reuse the
`Entities::Project.prepare_relation` call on the projects.

In a group with 2,573 projects on GitLab.com, this change significantly
improves performance:

* 18019 SQL queries down to 21
* Time spent in DB: 70 s down to 384 ms

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/49845

7075c5a1 introduced a regression in GitLab 11.7 by adding a
`d-sm-block`, which caused the RSS feed icon to wrap to another
line. Switching to `d-sm-flex` appears to make this appear on the same
line.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56225

Resolve "Remove `error_tracking` feature flag"

Closes #56213

See merge request gitlab-org/gitlab-ce!24306

Remove unwanted margin above suggested changes.

Closes #56389

See merge request gitlab-org/gitlab-ce!24419

Improvements for spec migration readme

See merge request gitlab-org/gitlab-ce!24440

Refer to https://github.com/KaTeX/KaTeX/pull/1700 for additional details.

Update vuex.md - swap PUT/POST methods

See merge request gitlab-org/gitlab-ce!24494

Fix Resource attribute bug

See merge request gitlab-org/gitlab-ce!24407

Update reference to ~Monitoring to be ~Monitor

See merge request gitlab-org/gitlab-ce!24489

Correct minimum yarn version in 11.6 -> 11.7 upgrade doc

Closes #56254

See merge request gitlab-org/gitlab-ce!24495

Cleanup stale +deleted repo paths on project removal (adjusts project removal bug)

Closes #46146

See merge request gitlab-org/gitlab-ce!24269