Add authentication_token to filter_parameters list

See merge request !2041

Make deleting with optimistic locking respect NULL

Make deleting with optimistic locking respect NULL

For now deleting with optimistic locking is broken when
lock_version is still NULL, because Rails would try to
delete with `lock_version = 0` while in the database
the column is still `NULL`.

The monkey patches would force Rails just pass whatever
in the column, and stop Rails from casting `NULL` into `0`
when the value is read from database.

Closes #24766

See merge request !7867

* Closes gitlab-org/gitlab-ce#25143
* Closes gitlab-org/omnibus-gitlab#1743

For now deleting with optimistic locking is broken when
lock_version is still NULL, because Rails would try to
delete with `lock_version = 0` while in the database
the column is still `NULL`.

The monkey patches would force Rails just pass whatever
in the column, and stop Rails from casting `NULL` into `0`
when the value is read from database.

Closes #24766

This new global setting will allow admins to specify if HTML emails should be sent or not,
this is basically useful when system administrators want to save some disk space by avoiding
emails in HTML format and using only the Plain Text version.

fix shibboleth misconfigurations resulting in authentication bypass

This merge request fixes #22267 where a misconfigured Shibboleth `HTTP_UID` or `HTTP_EPPN` could result in users being logged into an account that did not belong to them.

See merge request !7428

Issue #13823: random message when all Todos are Done

## What does this MR do?

Shows a random message every time the To Do list is empty: https://gitlab.com/gitlab-org/gitlab-ce/issues/13823

## Are there points in the code the reviewer needs to double check?

It's my first contribution to GitLab so I might need some help:

 - I'm loading a yaml file in the controller. I'm not sure where would be the best place to put it.
 - I'm also having the error below running the tests but it doesn't seem related to my changes. I think I might have some issue with my config. Could you double check if the tests pass for you?

/home/pep/.rvm/gems/ruby-2.3.1/gems/actionpack-4.2.7.1/lib/action_dispatch/middleware/debug_exceptions.rb:21:in `call': No route matches [GET] "/autocomplete/users/sjobs@apple.com.json" (ActionController::RoutingError)

## Why was this MR needed?

https://gitlab.com/gitlab-org/gitlab-ce/issues/13823

## Screenshots (if relevant)

## Does this MR meet the acceptance criteria?

- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
  - [x] Added for this feature/bug
  - [ ] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

## What are the relevant issue numbers?

https://gitlab.com/gitlab-org/gitlab-ce/issues/13823

See merge request !6818