[CE] Security Release 10.4 (rebased)

See merge request gitlab/gitlabhq!2304

[10.3] Prevent login with disabled OAuth providers

See merge request gitlab/gitlabhq!2296

(cherry picked from commit 4936650427ffc88e6ee927aedbb2c724d24b094c)

a0f9d222 Prevents login with disabled OAuth providers

Port of [10.2] Sanitizes IPython notebook output

See merge request gitlab/gitlabhq!2285

(cherry picked from commit 1c46e031c70706450a8e0ae730f4c323b72f9e4c)

aac035fe Port of [10.2] Sanitizes IPython notebook output

[10.3] Fix RCE via project import mechanism

See merge request gitlab/gitlabhq!2294

(cherry picked from commit dcfec507d6f9ee119d65a832393e7c593af1d3b2)

86d75812 Fix RCE via project import mechanism

Merge branch '41293-fix-command-injection-vulnerability-on-system_hook_push-queue-through-web-hook' into 'security-10-3'

Don't allow line breaks on HTTP headers

See merge request gitlab/gitlabhq!2277

(cherry picked from commit 7fc0a6fc096768a5604d6dd24d7d952e53300c82)

073b8f9c Don't allow line breaks on HTTP headers

[10.3] Migrate `can_push` column from `keys` to `deploy_keys_project`

See merge request gitlab/gitlabhq!2276

check project access on MR create

See merge request gitlab/gitlabhq!2273

(cherry picked from commit 1fe2325d6ef2bced4c5e97b57691c894f38b2834)

43e85f49 check project access on MR create

[10.3] Fix path traversal in gitlab-ci.yml cache:key

See merge request gitlab/gitlabhq!2270

(cherry picked from commit c32d0c6807dfd41d7838a35742e6d0986871b389)

df29094a Fix path traversal in gitlab-ci.yml cache:key

Validate project path in Gitlab import - 10.3 port

See merge request gitlab/gitlabhq!2268

(cherry picked from commit 94c82376d66fc80d46dd2d5eeb5bade408ec6a7e)

2b94a7c2 Validate project path in Gitlab import

Remove order param from the MilestoneFinder

See merge request gitlab/gitlabhq!2259

(cherry picked from commit 14408042e78f2ebc2644f956621b461dbfa3d36d)

155881e7 Remove order param from the MilestoneFinder

[10.3] Fix XSS in issue label dropdown

See merge request gitlab/gitlabhq!2253

(cherry picked from commit 363ffabcebd7bb0d1a2d59ca1a75e4eadb4a4360)

ea1fb0ea Fix XSS in issue label dropdown

[10.3] Fix XSS vulnerability in Pipeline job trace

See merge request gitlab/gitlabhq!2258

(cherry picked from commit 44caa80ed9a2514a74a5eeab10ff51849d64851b)

5f86f3ff Fix XSS vulnerability in Pipeline job trace

Merge branch 'security-10-3-do-not-expose-passwords-or-tokens-in-service-integrations-api' into 'security-10-3'

Filter out sensitive fields from the project services API

See merge request gitlab/gitlabhq!2281

Prepare 10.4 RC4 release

See merge request gitlab-org/gitlab-ce!16400

Fix GCP redirect

Closes #41867

See merge request gitlab-org/gitlab-ce!16355

(cherry picked from commit 59adc07f)

b44583e9 Extract GCP billing check as method
cf6258af Fix billing checking
0cdd56e6 Fix link to billing
e52bae3b Fix CheckGcpProjectBillingService spec
b8b2f5ff Fix CheckGcpProjectBillingWorker spec
8ba3e473 Fix GCP Controller spec
1f0a4fe6 Add missing user agent header to GCP client
6ef28ace Add API requirements to docs
0b294fc2 Use new tab for link in flash
cf95756a Refactor GCP redirect test suite
e6012d3e Change failed GCP billing check wording
35598274 Fix breadcumb of clusters show page
cf842986 Update links for GCP instructions

Merge branch '40418-migrate-existing-data-from-kubernetesservice-to-clusters-platforms-kubernetes' into 'master'

Migrate existing data from KubernetesService to Clusters::Platforms::Kubernetes

Closes #40418

See merge request gitlab-org/gitlab-ce!15589

(cherry picked from commit 4b92efd9)

5b2ca1c6 Migrate existing data from KubernetesService to Clusters::Platforms::Kubernetes
e4745492 Add test. Disable KubernetesService when migrated
b9fbfe5a Fix unmanaged_kubernetes_service scope for multiple clusters
40c6af54 Fix migration file typos and reorder Table definition
27111e29 Restructure spec
4dc14576 Fix comments
8e6ffe35 Fix test
7eeada80 Add env_scope tests
f083739e Add logic to swtich environment_scope by the situation
9b7719b6 Use explicit namespace for avoiding reference from application code
665972e2 Avoid quotes in ActiveRecord query
c8059881 Opitmize migration process by using both unmanaged_kubernetes_service and…
b8a275d3 Use bulk_insert instead of AR create
acfb8464 Fix static anylysy
8bc3221f Fix query to look for proper unmanaged kubernetes service
2d3c7d29 Use batch update for Service deactivation
1c404c91 Add a new test for emptified params
183dbdc8 Revert bulk_insert and bring back AR insert(one by one)
54d20d1b Add changelog
290c2248 Fix change log
58d074e0 Fix StaticSnalysys
df658c7b Disable STI of ActiveRecord. Refactoring specs.
c425ff75 Fix static analysys
67327952 Add memoization for properties

Prepare 10.4 RC3 release

See merge request gitlab-org/gitlab-ce!16334

CE rc3 with all missing commits

See merge request gitlab-org/gitlab-ce!16376

Merge branch '10-4-stable-prepare-rc3-with-missing-commits' of https://gitlab.com/gitlab-org/gitlab-ce into 10-4-stable-prepare-rc3-with-missing-commits

Revert "Merge branch '40418-migrate-existing-data-from-kubernetesservice-to-clusters-platforms-kubernetes' into 'master'"

This reverts commit 4b92efd9, reversing
changes made to 33cea509.

(cherry picked from commit 8f8ca9ee)

Run background migrations with a minimum interval

Closes #41624

See merge request gitlab-org/gitlab-ce!16230

(cherry picked from commit 8ff0c9b1)

7f30bb9c Run background migrations with a minimum interval

Protected branch is now created for default branch on import

Closes #3968

See merge request gitlab-org/gitlab-ce!16198

(cherry picked from commit 15f7f52b)

819fc98f Protected branch is now created for default branch on import

Add option to disable commit stats to commit API

Closes #41681

See merge request gitlab-org/gitlab-ce!16309

(cherry picked from commit 088de97c)

baeceb8b Adding stats param to the commit's endpoint
114cad58 Updated documentation
d5c5f2e6 Added specs
8f9e778a Added changelog

Improve SSH database key lookup documentation

Closes #41399

See merge request gitlab-org/gitlab-ce!16048

Fixing bug related to wiki last version

Closes #41477 and #41506

See merge request gitlab-org/gitlab-ce!16197

(cherry picked from commit 65b04860)

e44ca26f Fixing bug related to wiki last version
abe399b1 Added changelog
e471ec00 Restoring last version and created monkey patch
52c9dcb4 Fixed spec descriptions
5814d83c Updated monkey patch to work with paths with more than one dir
b9ff53c0 Updated specs
bc261232 Fixing offense

Fix changes dropdown ellipsis working across browsers

Closes #41561 and #41684

See merge request gitlab-org/gitlab-ce!16281

(cherry picked from commit 8de1bb9e)

500a3de7 Fix changes dropdown ellipsis working across browsers

Resolve "Timeout is not set for gitaly fetch_remote calls"

Closes #41683

See merge request gitlab-org/gitlab-ce!16245

(cherry picked from commit bd50ecba)

15ddfa2b Pass timeout to RepositoryService.FetchRemote Gitaly RPC calls

Update rack-cors from 0.4.0 to 1.0.2

Closes #41199

See merge request gitlab-org/gitlab-ce!16183

(cherry picked from commit af3a8f96)

ca235107 Update rack-cors from 0.4.0 to 1.0.2

10-4-stable-prepare-rc3 with weekend commits missing from RC1

See merge request gitlab-org/gitlab-ce!16335

Merge branch '39957-redirect-to-gpc-page-if-users-try-to-create-a-cluster-but-the-account-is-not-enabled' into 'master'

Resolve "Redirect to GCP page if users try to create a cluster but the account is not enabled"

Closes #39957 and #41410

See merge request gitlab-org/gitlab-ce!15665