The SanitizationFilter was running before the WikiFilter. Since
WikiFilter can modify links, we could see links that _should_ be stopped
by SanatizationFilter being rendered on the page. I (kerrizor) had
previously addressed the bug in: https://gitlab.com/gitlab-org/gitlab-ee/commit/7bc971915bbeadb950bb0e1f13510bf3038229a4
However, an additional exploit was discovered after that was merged.
Working through the issue, we couldn't simply shuffle the order of
filters, due to some implicit assumptions about the order of filters, so
instead we've extracted the logic that sanitizes a Nokogiri-generated
Node object, and applied it to the WikiLinkFilter as well.

On moving filters around:
Once we start moving around filters, we get cascading failures; fix one,
another one crops up. Many of the existing filters in the WikiPipeline
chain seem to assume that other filters have already done their work,
and thus operate on a "transform anything that's left" basis;
WikiFilter, for instance, assumes any link it finds in the markdown
should be prepended with the wiki_base_path.. but if it does that, it
also turns `href="@user"` into `href="/path/to/wiki/@user"`, which the
UserReferenceFilter doesn't see as a user reference it needs to
transform into a user profile link. This is true for all the reference
filters in the WikiPipeline.

Server Side Request Forgery mitigation bypass

See merge request gitlab/gitlab-ee!1046

MR pipeline permissions

See merge request gitlab/gitlab-ee!1051

Don't override approval rules if not allowed

See merge request gitlab/gitlab-ee!1055

Do not allow localhost url redirection in GitHub Integration

See merge request gitlab/gitlab-ee!1059

Drop feature to take ownership of a trigger token

Closes gitlabhq#2868

See merge request gitlab/gitlab-ee!1063

Merge branch 'security-373-public-group-owners-maintainers-can-not-delete-comments-posted-on-epics' into 'master'

Public Group owners/Maintainers can not delete comments posted on epics

See merge request gitlab/gitlab-ee!1067

Queries for Upload should be scoped by model

See merge request gitlab/gitlab-ee!1074

Filter params in MR build service

See merge request gitlab/gitlab-ee!1101

Do not show moved issue ids for user not authorized

See merge request gitlab/gitlab-ee!1105

Prevent an XSS vector in the add approver email

Closes #375

See merge request gitlab/gitlab-ee!1120

[ci skip]

[ci skip]

When we can't resolve the hostname or it is invalid, we shouldn't
even perform the request. This fix also fixes the problem the
SSRF rebinding attack.

We can't stub feature flags outside example blocks. Nevertheless,
there are some actions that calls the UrlBlocker, that are performed
outside example blocks, ie: `set` instruction.

That's why we have to use some signalign mechanism outside the scope
of the specs.

Merge branch '64746-Commit-authors-avatar-sretched-in-commit-view-if-no-image-is-loaded' into 'master'

Changed `author_avatar` to inline-block class

Closes #64746

See merge request gitlab-org/gitlab-ce!30904

Fixes #64746

Fix tags page layout

See merge request gitlab-org/gitlab-ce!30951

Enable Rubocop Performance/InefficientHashSearch

Closes #64975

See merge request gitlab-org/gitlab-ce!31117

Enable Rubocop Performance/InefficientHashSearch

Closes gitlab-ce#64975

See merge request gitlab-org/gitlab-ee!14828

Backport of https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14597

See merge request gitlab-org/gitlab-ce!30520

Docker Registry event handling (1/4)

See merge request gitlab-org/gitlab-ee!14597

Add RateLimiter to RawController

See merge request gitlab-org/gitlab-ce!30635

* Limits raw requests to 300 per minute and per raw path.
* Add a new attribute to ApplicationSettings so user can change this
value on their instance.
* Uses Gitlab::ActionRateLimiter to limit the raw requests.
* Add a new method into ActionRateLimiter to log the event into auth.log

Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/48717

Add where condition to filter out labels with type here

Closes #63730

See merge request gitlab-org/gitlab-ce!30885

EE port of https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30635/

See merge request gitlab-org/gitlab-ee!14830

* Limits raw requests to 300 per minute and per raw path.
* Add a new attribute to ApplicationSettings so user can change this
value on their instance.
* Uses Gitlab::ActionRateLimiter to limit the raw requests.
* Add a new method into ActionRateLimiter to log the event into auth.log

Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/48717

Hide "Buy additional minutes" button for self-managed installs

Closes #12864

See merge request gitlab-org/gitlab-ee!14826

When used with a Hash, `.keys.include?` is bad because:

1. It performs a O(n) search instead of the efficient `.has_key?`
2. It clones all keys into separate array.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64975

Resolves confusion within spec rake tasks.

See merge request gitlab-org/gitlab-ce!31073

Remove project param from `#show_label_issuables_link?`

Closes #62217

See merge request gitlab-org/gitlab-ce!31038

Update author prefix on merge request notification

See merge request gitlab-org/gitlab-ce!31057

Remove ignore rule for ProjectAutoDevops#domain

See merge request gitlab-org/gitlab-ce!30989