Milestones and labels can be used even when issues are disabled.

When Issues are disabled for a project Milestones and Labels can still be used for Merge Requests.

See merge request !1739

Change merge request button color based on CI status

Green button looks confusing when CI fails

Screenshots:

![ci-warn](https://gitlab.com/gitlab-org/gitlab-ce/uploads/f8166c9acf35f9d886f37f52f975acfb/ci-warn.png)
![ci-can](https://gitlab.com/gitlab-org/gitlab-ce/uploads/d7319c4c567c42a47d79953191384f96/ci-can.png)

See merge request !448

Link note avatar to user.

See merge request !446

Clean up subscriptions when user is deleted.

cc @vsizov

See merge request !439

Update rugments to 1.0.0.beta6 to fix C# highlighting.

Fixes #1259.

See merge request !435

Unescape branch param to delete

Complete transition to using color_field for selecting colors

Reduce Rack Attack false positives causing 403 errors during HTTP authentication

### What does this MR do?

This MR reduces false positives causing `403 Forbidden` messages after HTTP authentication.

A Git client may attempt to access a repository without a password. If it receives a 401 error, the client often will try again, this time supplying a password. The problem is that `grack_auth.rb` considers a blank password an authentication failure and increases a Redis counter each time this happens. With enough requests, an IP can be banned temporarily even though previous attempts may have been successful. This leads users to see `403 Forbidden` errors until the ban times out (default: 1 hour).

To reduce the chance of a false positive, this MR resets the counter upon a successful authentication from an IP.

In addition, this MR logs when a user has been banned and introduces the ability to disable Rack Attack via a config variable.

### Are there points in the code the reviewer needs to double check?

rack-attack v4.2.0 doesn't support the ability to clear counters out of the box, so `rack_attack_helpers.rb` includes a number of monkey patches to make it work. It looks like this functionality may be added in v4.3.0. I've also sent pull requests to rack-attack to add the functionality necessary to delete a key.

Each time an authentication is successful, the Redis counter for that IP is cleared. I deemed it better to clear the counter than to allow for blank passwords, since the latter seems like a security risk.

### Why was this MR needed?

It was quite difficult to figure out why users were seeing `403 Forbidden`, which is why the log message was added. Users were getting a lot of false positives when accessing repositories with HTTPS. Including the username in the HTTPS URL (e.g. `https://username@mydomain.com/account/repo.git`) caused authentication failures because while the git client provided the username, it left the password blank, leading to an authentication failure.

### What are the relevant issue numbers / [Feature requests](http://feedback.gitlab.com/)?

See Issue #1171

https://github.com/kickstarter/rack-attack/issues/113

See merge request !392

Make sure issue assignee is properly reset.

Previously, when the assignee was reset via the sidebar or bulk edit, `assignee_id` was set to `-1` rather than `null`, which caused the two issues shown below:

![Screen_Shot_2015-03-24_at_16.52.13](https://gitlab.com/gitlab-org/gitlab-ce/uploads/3c937795c45031c3c72c124ced866598/Screen_Shot_2015-03-24_at_16.52.13.png)

- A "(deleted)" participant
- An empty selectbox in the sidebar, instead of "Select assignee"

See merge request !443

Remove duplicate CHANGELOG items for v7.8.0

[ci skip]

See merge request !447

Fix nested task lists

When nesting task list items, the parent item is wrapped in a `<p>` tag.  Update the task list parser to handle these paragraph wrappers.

cc @sytse

See merge request !413

[ci skip]

Branch names that contain `/` return a 405 error when being deleted because the slash is escaped to `%2F`
This patch will unescape the param prior to  executing the delete action.

successful Git over HTTP authentication.

Add logging when a ban goes into effect for debugging.

Issue #1171

Don't mark merge request as updated when merge status relative to target branch changes.

Addresses https://gitlab.com/gitlab-org/gitlab-ce/issues/1254 and private issue https://dev.gitlab.org/gitlab/gitlabhq/issues/2165.

See merge request !431

Don't include system notes in issue/MR comment count.

Addresses private issue https://dev.gitlab.org/gitlab/gitlabhq/issues/2163.

See merge request !430

Fix file mode going to next line in diff header

See merge request !432

Don't use required keyword arguments to maintain support for Ruby 2.0.

See merge request !433

This reverts commit af522ede.

Change comment in blue ui to match other scss

Change comment in blue ui to match other scss files

Send EmailsOnPush email when branch or tag is created or deleted.

Addresses #1951, #1957 and #1925.

![Screen_Shot_2015-03-17_at_13.58.15](https://dev.gitlab.org/gitlab/gitlabhq/uploads/16ff25adb4b4a7e1923612e0652442b4/Screen_Shot_2015-03-17_at_13.58.15.png)

![Screen_Shot_2015-03-17_at_13.58.22](https://dev.gitlab.org/gitlab/gitlabhq/uploads/e346c1d84aba3a093b722d0a4167e289/Screen_Shot_2015-03-17_at_13.58.22.png)

![Screen_Shot_2015-03-17_at_13.58.28](https://dev.gitlab.org/gitlab/gitlabhq/uploads/720437ecc13f317c6d20eff82ac60bd7/Screen_Shot_2015-03-17_at_13.58.28.png)

![Screen_Shot_2015-03-17_at_13.58.34](https://dev.gitlab.org/gitlab/gitlabhq/uploads/2b302bb6cdbe27c96a8dff1375236602/Screen_Shot_2015-03-17_at_13.58.34.png)

See merge request !1709

Don't show commit comment button when user is not signed in.

Address private issue https://dev.gitlab.org/gitlab/gitlabhq/issues/2167.

See merge request !429

Conflicts:
	app/controllers/users_controller.rb