Clean up subscriptions when user is deleted.

cc @vsizov

See merge request !439

Update rugments to 1.0.0.beta6 to fix C# highlighting.

Fixes #1259.

See merge request !435

Unescape branch param to delete

Complete transition to using color_field for selecting colors

Reduce Rack Attack false positives causing 403 errors during HTTP authentication

### What does this MR do?

This MR reduces false positives causing `403 Forbidden` messages after HTTP authentication.

A Git client may attempt to access a repository without a password. If it receives a 401 error, the client often will try again, this time supplying a password. The problem is that `grack_auth.rb` considers a blank password an authentication failure and increases a Redis counter each time this happens. With enough requests, an IP can be banned temporarily even though previous attempts may have been successful. This leads users to see `403 Forbidden` errors until the ban times out (default: 1 hour).

To reduce the chance of a false positive, this MR resets the counter upon a successful authentication from an IP.

In addition, this MR logs when a user has been banned and introduces the ability to disable Rack Attack via a config variable.

### Are there points in the code the reviewer needs to double check?

rack-attack v4.2.0 doesn't support the ability to clear counters out of the box, so `rack_attack_helpers.rb` includes a number of monkey patches to make it work. It looks like this functionality may be added in v4.3.0. I've also sent pull requests to rack-attack to add the functionality necessary to delete a key.

Each time an authentication is successful, the Redis counter for that IP is cleared. I deemed it better to clear the counter than to allow for blank passwords, since the latter seems like a security risk.

### Why was this MR needed?

It was quite difficult to figure out why users were seeing `403 Forbidden`, which is why the log message was added. Users were getting a lot of false positives when accessing repositories with HTTPS. Including the username in the HTTPS URL (e.g. `https://username@mydomain.com/account/repo.git`) caused authentication failures because while the git client provided the username, it left the password blank, leading to an authentication failure.

### What are the relevant issue numbers / [Feature requests](http://feedback.gitlab.com/)?

See Issue #1171

https://github.com/kickstarter/rack-attack/issues/113

See merge request !392

Make sure issue assignee is properly reset.

Previously, when the assignee was reset via the sidebar or bulk edit, `assignee_id` was set to `-1` rather than `null`, which caused the two issues shown below:

![Screen_Shot_2015-03-24_at_16.52.13](https://gitlab.com/gitlab-org/gitlab-ce/uploads/3c937795c45031c3c72c124ced866598/Screen_Shot_2015-03-24_at_16.52.13.png)

- A "(deleted)" participant
- An empty selectbox in the sidebar, instead of "Select assignee"

See merge request !443

Remove duplicate CHANGELOG items for v7.8.0

[ci skip]

See merge request !447

Fix nested task lists

When nesting task list items, the parent item is wrapped in a `<p>` tag.  Update the task list parser to handle these paragraph wrappers.

cc @sytse

See merge request !413

[ci skip]

Branch names that contain `/` return a 405 error when being deleted because the slash is escaped to `%2F`
This patch will unescape the param prior to  executing the delete action.

successful Git over HTTP authentication.

Add logging when a ban goes into effect for debugging.

Issue #1171

Don't mark merge request as updated when merge status relative to target branch changes.

Addresses https://gitlab.com/gitlab-org/gitlab-ce/issues/1254 and private issue https://dev.gitlab.org/gitlab/gitlabhq/issues/2165.

See merge request !431

Don't include system notes in issue/MR comment count.

Addresses private issue https://dev.gitlab.org/gitlab/gitlabhq/issues/2163.

See merge request !430

Fix file mode going to next line in diff header

See merge request !432

Don't use required keyword arguments to maintain support for Ruby 2.0.

See merge request !433

This reverts commit af522ede.

Change comment in blue ui to match other scss

Change comment in blue ui to match other scss files

Send EmailsOnPush email when branch or tag is created or deleted.

Addresses #1951, #1957 and #1925.

![Screen_Shot_2015-03-17_at_13.58.15](https://dev.gitlab.org/gitlab/gitlabhq/uploads/16ff25adb4b4a7e1923612e0652442b4/Screen_Shot_2015-03-17_at_13.58.15.png)

![Screen_Shot_2015-03-17_at_13.58.22](https://dev.gitlab.org/gitlab/gitlabhq/uploads/e346c1d84aba3a093b722d0a4167e289/Screen_Shot_2015-03-17_at_13.58.22.png)

![Screen_Shot_2015-03-17_at_13.58.28](https://dev.gitlab.org/gitlab/gitlabhq/uploads/720437ecc13f317c6d20eff82ac60bd7/Screen_Shot_2015-03-17_at_13.58.28.png)

![Screen_Shot_2015-03-17_at_13.58.34](https://dev.gitlab.org/gitlab/gitlabhq/uploads/2b302bb6cdbe27c96a8dff1375236602/Screen_Shot_2015-03-17_at_13.58.34.png)

See merge request !1709

Don't show commit comment button when user is not signed in.

Address private issue https://dev.gitlab.org/gitlab/gitlabhq/issues/2167.

See merge request !429

Conflicts:
	app/controllers/users_controller.rb

Replace commits calendar with contributions calendar

* count opening of issues and merge requests
* dont trigger git repository - use events from database
* count pushes instead of commits for faster and easier counting
* much-much faster since does not affected by repository size

See merge request !420

Fix #8966 Remove Milestones/Labels from project navbar when Issues disabled

Update views to single form of address. Change "my" to "your"

Part of user experience. Every software (twitter, facebook etc) talks to you like "change your password" but not "change my password".

cc @sytse @job

See merge request !1736