Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-06-22

# Conflicts: # app/controllers/sessions_controller.rb [ci skip]

Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-06-22
# Conflicts: # app/controllers/sessions_controller.rb [ci skip]
11f81cc1 · GitLab Bot · 0552e556 · 0ea5d664 · 11f81cc1 · 11f81cc1
Commit 11f81cc1 authored Jun 22, 2018 by GitLab Bot
6 changed files
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -4,7 +4,10 @@ class SessionsController < Devise::SessionsController
  include Devise::Controllers::Rememberable
  include Recaptcha::ClientHelper
  include Recaptcha::Verify
+<<<<<<< HEAD
  prepend EE::SessionsController
+=======
+>>>>>>> upstream/master

  skip_before_action :check_two_factor_requirement, only: [:destroy]


--- a/changelogs/unreleased/no-multi-assign-enable.yml
+++ b/changelogs/unreleased/no-multi-assign-enable.yml
+---
+title: Enable no-multi-assignment in JS files
+merge_request: 19808
+author: gfyoung
+type: other
--- a/changelogs/unreleased/no-restricted-globals-enable.yml
+++ b/changelogs/unreleased/no-restricted-globals-enable.yml
+---
+title: Enable no-restricted globals in JS files
+merge_request: 19877
+author: gfyoung
+type: other
--- a/config/karma.config.js
+++ b/config/karma.config.js
@@ -15,6 +15,7 @@ function fatalError(message) {
 // disable problematic options
 webpackConfig.entry = undefined;
 webpackConfig.mode = 'development';
+webpackConfig.optimization.nodeEnv = false;
 webpackConfig.optimization.runtimeChunk = false;
 webpackConfig.optimization.splitChunks = false;


--- a/config/webpack.config.js
+++ b/config/webpack.config.js
@@ -187,7 +187,6 @@ module.exports = {
  },

  optimization: {
-    nodeEnv: false,
    runtimeChunk: 'single',
    splitChunks: {
      maxInitialRequests: 4,

--- a/doc/integration/recaptcha.md
+++ b/doc/integration/recaptcha.md
@@ -21,3 +21,20 @@ To use reCAPTCHA, first you must create a site and private key.
 6. Check the `Enable reCAPTCHA` checkbox

 7. Save the configuration.
+
+## Enabling reCAPTCHA for user logins via passwords
+
+By default, reCAPTCHA is only enabled for user registrations. To enable it for
+user logins via passwords, the `X-GitLab-Show-Login-Captcha` HTTP header must
+be set. For example, in NGINX, this can be done via the `proxy_set_header`
+configuration variable:
+
+```
+proxy_set_header X-GitLab-Show-Login-Captcha 1;
+```
+
+In GitLab Omnibus, this can be configured via `/etc/gitlab/gitlab.rb`:
+
+```ruby
+nginx['proxy_set_headers'] = { 'X-GitLab-Show-Login-Captcha' => 1 }
+```