Remove unecessary endpoint from repository, add compatibility endpoints for v3 and several improvements

Align bulk update issues button to the right

Closes #18962

See merge request !8591

[ci skip]

consistent padding on new MR panels

Closes #28230

See merge request !9568

Add cop to ensure reversibility of add_concurrent_index

See merge request !9771

Refactor dropdown_assignee_spec

Closes #27568

See merge request !9711

Fix access token specs

See merge request !9776

Rename BUILD to JOB in CI Variables

Closes #29053

See merge request !9756

de37dcee was a manual merge, which meant
it didn't have a build, so I broke master :-(

Swallow collection errors in RspecProfiling

Closes #29005

See merge request !9765

Namespace can have only one chat team

See merge request !9769

Rename priority sorting option to label priority

See merge request !9746

Merge branch '26732-combine-deploy-keys-and-push-rules-and-mirror-repository-and-protect-branches-settings-pages' into 'master'

Resolve "Combine Deploy Keys and Push Rules and Mirror Repository and Protect Branches settings pages"

Closes #26732

See merge request !8731

Ensure uploads are not cached without revalidation

Closes #27936

See merge request !9453

Added Prometheus Service and Prometheus graphs

See merge request !8935

Update storage settings to allow extra values per shard

See merge request !9597

Change project count limit from 10 to 100000

See merge request !9767

Deprecate usage of `types` CI/CD configuration entry

See merge request !9766

don't underline clicked links in Notes header

Closes #28559

See merge request !9753

Given GitLab moves away from using the term build, everywhere, also the
CI variables are being renamed.

For now, both `CI_BUILD_X` and `CI_JOB_X` are supported, with the same
values. However, in about 3 months, support will be dropped.

#26790 whitelist style attribute in event_note

Closes #26790

See merge request !9155

fix Jobs header height - only set fixed size for rows

Closes #28835

See merge request !9752

Gitlab::Auth and API::APIGuard already check for at least one valid
scope on personal access tokens, so if the scopes are empty the token
will always fail validation.

Gitlab::Auth.find_with_user_password is currently used in these places:

- resource_owner_from_credentials in config/initializers/doorkeeper.rb,
  which is used for the OAuth Resource Owner Password Credentials flow

- the /session API call in lib/api/session.rb, which is used to reveal
  the user's current authentication_token

In both cases users should only be authenticated if they're in the
active state.