* upstream/master: (123 commits)
  Limit the size of SVGs when viewing them as blobs
  Add a spec for ProjectsFinder project_ids_relation option
  Fix ProjectsFinder spec
  Pass project IDs relation to ProjectsFinder instead of using a block
  Speed up todos queries by limiting the projects set we join with
  Used phantomjs variable
  Ability to specify branches for pivotal tracker integration
  Fix a memory leak caused by Banzai::Filter::SanitizationFilter
  Update phantomjs link
  Remove sleeping and replace escaped text.
  Filters test fix
  Fixed filtering tests
  Removed screenshot command 💩
  Updated failing tests
  Used mirrored version on GitLab
  Updated tests
  Fix `U2fSpec` for PhantomJS versions > 2.
  Fix file downloading
  Install latest stable phantomjs
  Use new PhantomJS version
  ...

Show deployment status on a MR view

## What are the relevant issue numbers?

Resolves #19571, one in the list of #19992

## Screenshots (if relevant)

external_url = nil
![Screen_Shot_2016-08-02_at_13.57.03](/uploads/20ea1587eea556c7a1acd0ff726a5bfb/Screen_Shot_2016-08-02_at_13.57.03.png)

external_url != nil
![Screen_Shot_2016-08-02_at_13.59.59](/uploads/0094b9ddece3f4bf76c83988840c096d/Screen_Shot_2016-08-02_at_13.59.59.png)

Note, the timings are weird between merging and deploying, that is because I did it in the wrong order.

## Does this MR meet the acceptance criteria?

- [X] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- Tests
  - [x] Added for this feature/bug
  - [x] All builds are passing

See merge request !5622

Limit the size of SVGs when viewing them as blobs

## What does this MR do?

This MR prevents rendering of SVG blobs larger than 2 MB.

## Are there points in the code the reviewer needs to double check?

I couldn't figure out how to properly test the view for this as this requires a large SVG (inflating the repository size) _or_ stubbing, the latter doesn't really seem possible using Spinach and all the stuff potentially involved.

## Why was this MR needed?

When rendering large SVG blobs (e.g. 20 MB files) a request may time out and consume a lot of memory.

## What are the relevant issue numbers?

#1435

## Screenshots (if relevant)

![svg_notice](/uploads/c8de32522eda95a41a24555c3f85bfc1/svg_notice.jpg)

## Does this MR meet the acceptance criteria?

- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [x] ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~
- [x] ~~API support added~~
- Tests
  - [x] Added for this feature/bug
  - [ ] All builds are passing
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

cc @jschatz1 @annabeldunstone (there are some UI changes, see the above screenshot).

See merge request !5794

Use new PhantomJS version

## What does this MR do?
Makes CI builds to use PhantomJS 2.1.1.

## Are there points in the code the reviewer needs to double check?

## Why was this MR needed?

## What are the relevant issue numbers?

## Screenshots (if relevant)

## Does this MR meet the acceptance criteria?

- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [ ] Added for this feature/bug
  - [ ] All builds are passing
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

See merge request !5740

Try to get back todo's cache or at least avoid hitting the database

See merge request !5789

Speed up todos queries by limiting the projects set we join with

See merge request !5791

This ensures that SVGs greater than 2 megabytes are not scrubbed and
rendered. This in turn prevents requests from timing out due to
reading/scrubbing large SVGs potentially taking a lot of time (and
memory). The use of 2 megabytes is completely arbitrary.

Fixes gitlab-org/gitlab-ce#1435

Follow-up 1003454c

Follow-up on 1003454c

Closes #20828

Change the order of the access rules to check simpler first, and add specs

See merge request !5799

Ability to restrict branches for pivotal tracker integration

## What does this MR do?
It allows to specify branches which you want to track for pivotal tracker integration.

## Why was this MR needed?
Typical use case: send commits to PivotalTracker and finish the story only when the feature branch is merged into master.

See merge request !5752

Fix a memory leak caused by Banzai::Filter::SanitizationFilter

See merge request !5808

In Banzai::Filter::SanitizationFilter#customize_whitelist, we append
three lambdas that has reference to the SanitizationFilter instance,
which in turn (potentially) has a reference to the following chain:

context hash -> Project instance -> Repository instance -> lookup hash
-> various Rugged instances -> various mmap-ed git pack files.

All of the above is not garbage collected because the array we append
the lambdas to is the constant
HTML::Pipeline::SanitizationFilter::WHITELIST.

- We weren't explicilty waiting for the page to load while navigating
  to the "Manage two-factor authentication" page. This was probably
  incidentally working for PhantomJS 1.x versions.

Don't show new MR URL after push when it doesn't make sense



See merge request !5786

Add archived badge to project listing

## What does this MR do?

Add an `archived` badge to the user project list, if the project is archived. 

## Are there points in the code the reviewer needs to double check?

No.

## Why was this MR needed?

Customer noted in https://gitlab.zendesk.com/agent/tickets/33787 that there is no distinction for archived projects in the project dashboard/explore projects page. There is an archived badge on the admin projects page, though.

## What are the relevant issue numbers?

## Screenshots (if relevant)

Existing admin projects page:

![Screen_Shot_2016-08-12_at_3.54.37_PM](/uploads/d6ba44c2d3be1f78372792b5ac406672/Screen_Shot_2016-08-12_at_3.54.37_PM.png)

New project list with archived badge:

![Screen_Shot_2016-08-12_at_3.54.21_PM](/uploads/3fa8bb9fe7588575aace0761984929a7/Screen_Shot_2016-08-12_at_3.54.21_PM.png)



See merge request !5798

Fix bug where destroying a namespace would not always destroy projects
    
There is a race condition in DestroyGroupService now that projects are deleted asynchronously:
    
1. User attempts to delete group
2. DestroyGroupService iterates through all projects and schedules a Sidekiq job to delete each Project
3. DestroyGroupService destroys the Group, leaving all its projects without a namespace
4. Projects::DestroyService runs later but the can?(current_user,
    :remove_project) is `false` because the user no longer has permission to
    destroy projects with no namespace.
5. This leaves the project in pending_delete state with no namespace/group.
 
Projects without a namespace or group also adds another problem: it's not possible to destroy the container registry tags, since `container_registry_path_with_namespace` is the wrong value.

The fix is to destroy the group asynchronously and run `execute` directly on Projects::DestroyService.
 
Closes #17893

See merge request !4341

Update ruby 2.3.1

We where using 2.3.0, now 2.3.1

cc @connorshea 

See merge request !5790

Resolve "Format branch, tag, and commit in environment list"

## What does this MR do?
Updates Environments page rows to match the new pipeline updates

## Are there points in the code the reviewer needs to double check?
I removed `private` from `avatars_helper.rb` so I could use `user_avatar`.

## What are the relevant issue numbers?
Closes #20059 

## Screenshots (if relevant)
![Screen_Shot_2016-08-08_at_11.44.36_AM](/uploads/62fbb475a7d9cc613fe5ba1715229553/Screen_Shot_2016-08-08_at_11.44.36_AM.png)
![Screen_Shot_2016-08-08_at_11.44.41_AM](/uploads/ce1bd3ab62c0bc8091e9b6f85012ed36/Screen_Shot_2016-08-08_at_11.44.41_AM.png)



See merge request !5687

We’re being kept up to date the counter data but we’re not using it.
The only thing which is not real if is the number of projects that the 
user read changes the number of todos can be stale for some time.

The counters will be sync just after the user receives a new todo or mark any as done