- Use `GlobalPolicy` to authorize the users that a non-authenticated user can
  fetch from `/api/v4/users`. We allow access if the `Gitlab::VisibilityLevel::PUBLIC`
  visibility level is not restricted.

- Further, as before, `/api/v4/users` is only accessible to unauthenticated users if
  the `username` parameter is passed.

- Turn off `authenticate!` for the `/api/v4/users` endpoint by matching on the actual
  route + method, rather than the description.

- Change the type of `current_user` check in `UsersFinder` to be more
  compatible with EE.

- The issue filtering frontend code needs access to this API for non-logged-in
  users + public projects. It uses the API to fetch information for a user by
  username.

- We don't authenticate this API anymore, but instead - if the `current_user` is
  not present:

  - Verify that the `username` parameter has been passed. This disallows an
    unauthenticated user from grabbing a list of all users on the instance. The
    `UsersFinder` class performs an exact match on the `username`, so we are
    guaranteed to get 0 or 1 users.
  - Verify that the resulting user (if any) is accessible to be viewed publicly
    by calling `can?(current_user, :read_user, user)`

Resolve "Replace 'Settings ➔ CI/CD Pipelines' with 'Settings ➔ Pipelines' in docs"

Closes #34264

See merge request !12433

Fix interpolation in app/views/profile/show.html/haml

See merge request !12439

Don't match tilde and exclamation mark as part of requirements.txt package name

Closes #34166

See merge request !12431

Add User#full_private_access? to check if user has access to all private groups & projects

Closes #31745

See merge request !12373

Fix breadcrumb order

Closes #33938

See merge request !12322

Fix 500 on failure to create a private group

Closes #34068

See merge request !12394

Fixes #34068

Improve `update_column_in_batches` migration helper

Closes #34064

See merge request !12350

Remove extra symbol in notifications modal

Closes #34219

See merge request !12417

Limit the width of commit & snippet comment sections

Closes #20920

See merge request !12088

Limit the width of project READMEs

Closes #20919

See merge request !12165

Update QA Dockerfile to use stable Chrome package

Closes #33538

See merge request !12071

Make JavaScript tests fail for unhandled Promise rejections

Closes #33845 and #33623

See merge request !12264

In CE only the admin has access to all private groups & projects. In EE also an
auditor can have full private access.

To overcome merge conflicts, or accidental incorrect access rights, abstract
this out in `User#full_private_access?`.

`User#admin?` now only should be used for admin-only features. For private
access-related features `User#full_private_access?` should be used.

Backported from gitlab-org/gitlab-ee!2199

hot reloading for .vue files

Closes #33729

See merge request !12180

Add bootstrap_form gem

See merge request !10985

Add padding to target branch container

Closes #33992

See merge request !12353

Remove layout nav from scroll calculation

Closes #33984

See merge request !12399

Fix offset for fixed nav

Closes #34095

See merge request !12365

Refactor Notes into ES class syntax

See merge request !12254

Remove unnecessary top padding on group MR index

See merge request !12392

Fix mobile environment detail view

Closes #34120

See merge request !12382

Added limited width container to project settings

See merge request !12045

Fix dropdown position for the new button on mobile for the top navbar

Closes #34139

See merge request !12388