New Hamlit XSS fix, does not include extraneous changes

See merge request !2095

Refactor snippets finder & dont return internal snippets for external users

See merge request !2094

Fix XSS in branches dropdown

See merge request !2093

Respect project features in wiki and blob search

See merge request !2089

Fix snippets visibility for show action - external users can not see internal snippets

See merge request !2087

Sanitize submodule URLs before linking to them in the file tree view

See merge request !2084

(security-9-1) Add correct `rel` attributes to external links when rendering markdown

See merge request !2097

(security-9-1) Render asciidoc & other markup using banzai in a pipeline

See merge request !2098

Add Prometheus memory sparkline to MR widget

Closes #26944

See merge request !11209

Merge request widget redesign

Closes #25424 and #27950

See merge request !10319

Robustify environment policy specs to pass on EE

See merge request !11203

Add index_redirect_routes_path_for_link migration to setup_postgresql

See merge request !11165

Fix notes_on_personal_snippets_spec

Closes #31938

See merge request !11160

Fix sub-second timing comparison error for Devise confirmation period

Closes gitlab-ee#2362

See merge request !11156

Update guides for 9.2

See merge request !11157

Update gitignore, dockerfile, and license templates for 9.2

See merge request !11158

Update the vendor licenses file for 9.2

See merge request !11159

Omit gl_project_id from Import/Export

Closes #29813

See merge request !11032

Add support for commit diff ignore_whitespace_change and paths flags

Closes gitaly#198

See merge request !11028

Revert "Merge branch 'fix-rspec_profiling-establish_connection-string-deprecation' into 'master'"

See merge request !11153

Add Pipeline Schedules that supersedes experimental Trigger Schedule

Closes #30882

See merge request !10853

This reverts merge request !11150

Another attempt at access_control_ce_spec

Closes #31827

See merge request !11123

Cast ENV['RSPEC_PROFILING_POSTGRES_URL'] to symbol in establish_connection call …

See merge request !11150

Closes gitaly#198

Correctly stub application settings in signup_spec.rb

See merge request !11151

Rewrite Pipeline Graph in Vue.js to allow realtime

Closes #25226 and #31557

See merge request !10878

Cast ENV['RSPEC_PROFILING_POSTGRES_URL'] to symbol in establish_connection call of rspec_profiling.rb

* master: (40 commits)
  Use GitLab Pages v0.4.2
  Do not reprocess actions when user retries pipeline
  Add specs for extended status for manual actions
  Refine inheritance model of extended CI/CD statuses
  Introduce generic manual action extended status class
  Check ability to update build on the API resource
  Require build to be present in the controller
  Authorize build update on per object basis
  Use update build policy instead of new play policy
  Improve environment policy class
  Rephrase documentation for protected actions feature
  Improve code style related to protected actions
  Add changelog entry for external env URL btn fix
  Hide environment external URL button if not defined
  Fix builds controller spec related to protected actions
  Fix environment policy class name in specs
  Add Changelog entry for protected manual actions
  Document protected manual actions feature
  Improve specs for jobs API regarding manual actions
  Fix Rubocop offense in environments policy class
  ...

Check access to a branch when user triggers manual action

Closes #20261

See merge request !10494

Hide environment external URL button if not defined

Closes #30832

See merge request !11029