Bump Gitlab Shell to support low IO priority for storage moves

## What does this MR do?

Bump Gitlab Shell to support low IO priority for storage moves

## Are there points in the code the reviewer needs to double check?

No

## Why was this MR needed?

We need this shell enhancement to continue to move projects in production 

## Does this MR meet the acceptance criteria?

- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?

https://gitlab.com/gitlab-com/infrastructure/issues/443

See merge request !6525

Pass the full project path for resolve buttons

## What does this MR do?

The full project path is passed from the HTML into the JS rather than the resolve button JS generating the URL based on the the namespaces.

@smcgivern @stanhu Do we have anyway of adding tests for installs with relative URLs?

## What are the relevant issue numbers?

Closes #21704

See merge request !6129

Fixed awards dropdown search text from repeating

## What does this MR do?

Thanks @zeiv for this!

>This fixes #20463 by adding the .emoji-search class to the "Search results" h5 element.  AwardsHandler.prototype.setupSearch() was trying to remove the element before creating a new one, but wasn't because the it was attempting to select it with the .emoji-search class, which wasn't being added.

## Are there points in the code the reviewer needs to double check?

>I don't believe so.

## Why was this MR needed?

>See #20463

_(and #22525)_

## Screenshots (if relevant)

![2016-09-23_15.56.04](/uploads/b421400a08b3d9fa32c577e7d8952504/2016-09-23_15.56.04.gif)

## Does this MR meet the acceptance criteria?

- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?


Closes #22525

See merge request !6498

Do not regenerate the `lfs_token` every time `git-lfs-authenticate` is called

## What does this MR do?

 Do not regenerate the `lfs_token` every time `git-lfs-authenticate` is called, instead return the saved token if one is present.

This was causing a lot of 401s, leading to 403s, as state in #22527

As it turns out, when pushing a lot of LFS objects, the LFS client was calling `git-lfs-authenticate` in the middle of the request again. This caused the `lfs_token` to be regenerated. The problem lies in that the LFS client was not aware of this change, and was still using the old token. This caused all subsequent requests to fail with a 401 error.

Since HTTP Auth is protected by Rack Attack, this 401s where immediately flagged and resulted in the IP of the user being banned. 

With this change, GitLab returns the value stored in Redis, if one is present, thus if the LFS client calls `git-lfs-authenticate` again during the request, the auth header will remain unchanged, allowing all subsequent requests to continue without issues.

## What are the relevant issue numbers?

Fixes #22527

cc @SeanPackham @jacobvosmaer-gitlab

See merge request !6551

Escape HTML nodes in builds commands in ci linter

This MR removes call to `simple_format` that behaves like `String#html_safe`, thus it passes unescaped HTML tags to the view.

Closes #22541

See merge request !2001

API: disable rails session auth for non-GET/HEAD requests

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22435

See merge request !1999
Conflicts:
	app/assets/javascripts/labels_select.js

Set a restrictive CORS policy for the API

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22450

See merge request !1998

Enforce the fork_project permission in Projects::CreateService

Projects::ForkService delegates to this service almost entirely, but needed one small change so it would propagate create errors correctly.

CreateService#execute needs significant refactoring; it is now right at the complexity limit set by Rubocop. I avoided doing so in this commit to keep the diff as small as possible.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/18028

See merge request !1996

Fix duplicate master entries in the mr versions dropdown

## What does this MR do?

Fixes bug when "master" was duplicated per each mr version in the dropdown

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22519, Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22715

See merge request !6567

Changed to v-cloak attr to hash rocket and string 'true'

## What does this MR do?

Changed to v-cloak attr to hash rocket and string 'true'

## Are there points in the code the reviewer needs to double check?

## Why was this MR needed?

Maybe it's killing `master`? 😕 

## Screenshots (if relevant)

## Does this MR meet the acceptance criteria?

- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?

See merge request !6553

Send ajax request for label update only if they are changed

## What does this MR do?

At the moment we send requests to update the labels on issue even if nothing has been changed. This fixes that and only sends requests when something has actually been changed.

The code gets the initial selected values based on the inputs & then compares that to the selected values when submitting. If they are equal, then no request is sent.

## What are the relevant issue numbers?

Closes #19472 

See merge request !5071

Fixes issue with rails reserved keyword type exporting/importing services.

The attribute `type`in services was being ignored by Import/Export. Added `type` as a method call in the export, as `type` gets ignored invoking `to_json`, manually adding this as a method in `import_export.yml` solves the problem.

On a different note, I found assigning a title directly to `CustomIssueTrackerService` didn't play very well with `prop_accessor`:

```ruby
> CustomIssueTrackerService.new(title: 'asdf')
NoMethodError: undefined method `[]=' for nil:NilClass
> CustomIssueTrackerService.new(title: nil)
NoMethodError: undefined method `[]=' for nil:NilClass
```

This was also causing the Import/Export to failed... So I added a custom setter that fixed the problem.

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22461

See merge request !6499
Conflicts:
	spec/lib/gitlab/import_export/project_tree_restorer_spec.rb

Fix snippets pagination

## What are the relevant issue numbers?

Closes #22500

See merge request !6500

Fixed list issues not loading with spaces in filtered values

## What does this MR do?

Vue resource is very kindly encoding our URL params when sending. However - we didn't actually want the `+` to be encoded because Rails reads that as a space, but doesn't read the encoded value as a space 😕 

This converts the `+` into spaces 👍 

## What are the relevant issue numbers?

Closes #21920

See merge request !6258

Replace deprecated Devise helper with new helper

Closes #22357

See merge request !6462

Added v-cloak to resolve disc button

## What does this MR do?

Adds `v-cloak` to the `Resolve discussion` button to avoid handlebar syntax displaying before the component compiles.

## Are there points in the code the reviewer needs to double check?

## Why was this MR needed?

## Screenshots (if relevant)

## Does this MR meet the acceptance criteria?

- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?


Closes #22640

See merge request !6528

Fix Import/Export milestone and 1to1 models issue

Fix 1to1 relations on project failing to be importing and milestone ordering issue.

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22585

See merge request !6521
Conflicts:
	spec/lib/gitlab/import_export/project_tree_restorer_spec.rb

Fix IssuesController#show degradation including project on loaded notes

See merge request !6540

Fix pipelines table headers

## What does this MR do?

Removed stages loop for a single 'Stages' header.

## Are there points in the code the reviewer needs to double check?

## Why was this MR needed?

The headers were messing the table up. Note the redundant headers and squished cells.

![Screen_Shot_2016-09-27_at_14.40.51](/uploads/331b08c30a4af59cefc460ab4f3c2a61/Screen_Shot_2016-09-27_at_14.40.51.png)

## Screenshots (if relevant)

![Screen_Shot_2016-09-27_at_14.39.04](/uploads/687895e9152d4fe8d8f3bfc1233af39b/Screen_Shot_2016-09-27_at_14.39.04.png)

## Does this MR meet the acceptance criteria?

- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?


Closes #22472

See merge request !6542

Be nice to Docker Clients talking to JWT/auth

## What does this MR do?

Makes all errors returned by JWT endpoint to be docker-compatible.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22465

See merge request !6536

Fixed search dropdown labels not displaying

## What does this MR do?

Returns the search controller method after finding the project & group.

## Why was this MR needed?

The search controller was returning early when the search term was empty causing a bug where the dropdown toggles wouldn't show the correct text - instead defaulting to `Any`.

## Screenshots (if relevant)

![Screen_Shot_2016-09-09_at_12.09.57](/uploads/8c6bb36f4e163312314611d2877d5fa4/Screen_Shot_2016-09-09_at_12.09.57.png)

## What are the relevant issue numbers?

Closes #21783

See merge request !6277

Fix Cycle Analytics landing widget state and improve state management in Vue.

## What does this MR do?
- Fixes Cycle Analytics help widget show/hide issue
- Addresses initial MR feedback with improving Vue state management logic
- Fixes cookie path of the help widget so when you close a help widget in a repo it won't be visible for other repos.

## Are there points in the code the reviewer needs to double check?
- Should we move `gl.cycleAnalyticsModel` to a new file.

## Why was this MR needed?
- Addresses feedbacks of [initial MR](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5986) and fixes #22483

## Screenshots (if relevant)

## Does this MR meet the acceptance criteria?

- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [x] API support added
- Tests
  - [x] Added for this feature/bug
  - [x] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?
Fixes #22483

See merge request !6492

Makes Cycle analytics mobile friendly

## What does this MR do?
Makes Cycle analytics page mobile friendly

## Are there points in the code the reviewer needs to double check?

## Why was this MR needed?
Cycle analytics page was not mobile friendly

## Screenshots (if relevant)
![optionB](/uploads/a1d7f2f4db100e1a8aa76c0156ef8641/optionB.png)

## Does this MR meet the acceptance criteria?

- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?
fixes #22444

See merge request !6482

Fix a memory leak in HTML::Pipeline::SanitizationFilter::WHITELIST

See merge request !6456

Add link to broadcast messages docs

[ci skip]

See merge request !6495

Describe how the recent changes of CI permissions affect builds

## What does this MR do?

This describes how the CI permission changes

See merge request !6451

Revert the "accurate issuable counts in issuable list" feature

## Why was this MR needed?

!6455 introduced a performance killer, so we revert it until we find a proper solution that's not killing performance.

## What are the relevant issue numbers?

Revert !6455 and !4960.

See merge request !6476

fix dropdowns for mr-versions

## What does this MR do?
Change markup of mr version dropdowns to be in line with ui guidelines so that the dropdown content is scrollable.

## Why was this MR needed?
Dropdowns were not scrolling.

## Does this MR meet the acceptance criteria?

- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?
https://gitlab.com/gitlab-org/gitlab-ce/issues/21427

cc @brycepj @dzaporozhets

See merge request !6460

API: Return 404 when trying to fork to unaccessible namespace

Closes #22417

See merge request !6452

Fixes protected branches not removing active item

## What does this MR do?

Fixes an problem where protected branches weren't getting their active item removed on a second click because they dont have a field value.

## Why was this MR needed?

Protected branches could not have their clicked items removed once clicked.

See merge request !6440

Intercept issues search form submit to preserve filters.

## What does this MR do?

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/896 by intercepting manual search form submission and redirecting it to use existing logic (now factored out into `executeSearch`).  

## Why was this MR needed?

Manual form submission (keying in 'enter') in issues search did not preserve applied filters. 

## What are the relevant issue numbers?

https://gitlab.com/gitlab-org/gitlab-ce/issues/896

See merge request !6054