Check snippet attached file to be moved is within designated directory

See merge request gitlab/gitlabhq!2942

Fix blind SSRF in Prometheus Integration

See merge request gitlab/gitlabhq!2945

Check validity before querying so that if the dns entry for the api_url
has been changed to something invalid after the model was saved and
checked for validity, it will not query. This is to solve a toctou
(time of check to time of use) issue.

Fix leaking private repository information in API

See merge request gitlab/gitlabhq!2949

Arbitrary file read via MergeRequestDiff

See merge request gitlab/gitlabhq!2952

Remove link after issue move when no permissions

See merge request gitlab/gitlabhq!2956

Block local URLs for Kubernetes integration

See merge request gitlab/gitlabhq!2960

Merge branch 'security-add-public-internal-groups-as-members-to-your-project-idor-11-7' into '11-7-stable'

Add public/internal groups as members to your Project(IDOR)

See merge request gitlab/gitlabhq!2963

Catch possible Addressable::URI::InvalidURIError

See merge request gitlab/gitlabhq!2967

Stop linking to unrecognized package sources

See merge request gitlab/gitlabhq!2970

[11.7] Prevent disclosing project milestone titles

See merge request gitlab/gitlabhq!2974

Limit number of characters allowed in mermaidjs

See merge request gitlab/gitlabhq!2979

Prevent unauthorized users having access to milestone titles
through autocomplete endpoint.

Use existing `public_url` validation to block various local urls. Note
that this validation will allow local urls if the "Allow requests to the
local network from hooks and services" admin setting is enabled.

Block KubeClient from using local addresses

It will also respect `allow_local_requests_from_hooks_and_services` so
if that is enabled KubeClinet will allow local addresses

Previously one could move any temp/ sub folder around.

Align spec with actual usage, as currently we pass temp file path to
FileMover.

Don't show new issue link after move
when a user does not have permissions
to display the new issue

defaultBranch and ciConfigPath should only be available to users with
the :download_code permission for the Project, as the respository might
be private.

When implementing the authorize check on these properties, it was
found that our current Graphql::Authorize::Instrumentation class does
not work with fields that resolve to subclasses of
GraphQL::Schema::Scalar, like GraphQL::STRING_TYPE.

After discussion with other Create Team members, it has been decided
that because the GraphQL API is not GA, to remove these properties from
ProjectType, and instead implement them as part of epic
https://gitlab.com/groups/gitlab-org/-/epics/711

Issue:
https://gitlab.com/gitlab-org/gitlab-ce/issues/55316

default_branch, statistics and config_ci_path are now only exposed if
the user has permissions to the repository.

[ci skip]

Prepare 11.7.5 release

See merge request gitlab-org/gitlab-ce!24941

Add documentation for new NGINX Ingress metrics

Closes #56473

See merge request gitlab-org/gitlab-ce!24449

Changed external wiki query method to prevent attribute caching

Closes #57228

See merge request gitlab-org/gitlab-ce!24907

(cherry picked from commit 7ffbfeb1)

247bd122 Changed external wiki query method to prevent attribute caching

Fix Detect Host Keys not working

Closes #56855

See merge request gitlab-org/gitlab-ce!24884

(cherry picked from commit 2b0f4df0)

4c1231ac Fix SSH Detect Host Keys not working

Downcase aliased OAuth2 callback providers

Closes #57156

See merge request gitlab-org/gitlab-ce!24877

(cherry picked from commit 5f964567)

1f188236 Downcase aliased OAuth2 callback providers

Fix migration when project repository is missing

See merge request gitlab-org/gitlab-ce!24859

(cherry picked from commit c5d43124)

db35a3ae Fix migration when project repository is missing

Quarantine diff patch spec

See merge request gitlab-org/gitlab-ce!24769

(cherry picked from commit 244f4f5f)

58ec656b Quarantine failing test

Init GLForm instance on form while editing tags

Closes #56424

See merge request gitlab-org/gitlab-ce!24645

(cherry picked from commit 15a7f3c6)

7506275e Init GLForm instance on form while editing tags
b0746e79 Add changelog entry

Pass $CI_COMMIT_TAG as GITLAB_TAG to the CNG triggered pipelines

See merge request gitlab-org/gitlab-ce!24639

(cherry picked from commit cc4b5656)

79eec047 Pass $CI_COMMIT_TAG as GITLAB_TAG to the CNG triggered pipelines

Fix 500 errors with legacy appearance logos

Closes gitlab-ee#9357

See merge request gitlab-org/gitlab-ce!24615

(cherry picked from commit 8d90f817)

19f9d998 Fix 500 errors with legacy appearance logos

Adjusts suggestions unable to be applied

Closes #56690

See merge request gitlab-org/gitlab-ce!24603

(cherry picked from commit 7c7916ba)

1b93b3b6 Adjusts suggestions unable to be applied

[QA] Use public_email instead of email since it's available

Closes gitlab-org/quality/staging#27

See merge request gitlab-org/gitlab-ce!24533

(cherry picked from commit 19add921)

cbc3d1f9 [QA] Use public_email instead of email since it's available