8 files changed, 60 insertions, 18 deletions

diff --git a/app/assets/javascripts/content_editor/components/bubble_menus/formatting.vue b/app/assets/javascripts/content_editor/components/bubble_menus/formatting.vue
index e35fbf14de5..a1e18aa52e7 100644
--- a/app/assets/javascripts/content_editor/components/bubble_menus/formatting.vue
+++ b/app/assets/javascripts/content_editor/components/bubble_menus/formatting.vue
@@ -103,6 +103,26 @@ export default {
         :label="__('Insert link')"
         @execute="trackToolbarControlExecution"
       />
+      <toolbar-button
+        data-testid="superscript"
+        content-type="superscript"
+        icon-name="superscript"
+        editor-command="toggleSuperscript"
+        category="tertiary"
+        size="medium"
+        :label="__('Superscript')"
+        @execute="trackToolbarControlExecution"
+      />
+      <toolbar-button
+        data-testid="subscript"
+        content-type="subscript"
+        icon-name="subscript"
+        editor-command="toggleSubscript"
+        category="tertiary"
+        size="medium"
+        :label="__('Subscript')"
+        @execute="trackToolbarControlExecution"
+      />
     </gl-button-group>
   </bubble-menu>
 </template>
diff --git a/app/assets/javascripts/lib/dompurify.js b/app/assets/javascripts/lib/dompurify.js
index 4959550e273..a01c6df0003 100644
--- a/app/assets/javascripts/lib/dompurify.js
+++ b/app/assets/javascripts/lib/dompurify.js
@@ -8,6 +8,7 @@ const defaultConfig = {
   // See https://gitlab.com/gitlab-org/gitlab-ui/-/issues/1421
   FORBID_ATTR: ['data-remote', 'data-url', 'data-type', 'data-method'],
   FORBID_TAGS: ['style', 'mstyle'],
+  ALLOW_UNKNOWN_PROTOCOLS: true,
 };
 
 // Only icons urls from `gon` are allowed
diff --git a/app/assets/javascripts/vue_shared/components/notes/placeholder_note.vue b/app/assets/javascripts/vue_shared/components/notes/placeholder_note.vue
index 624dbcc6d8e..0cb4a5bc39f 100644
--- a/app/assets/javascripts/vue_shared/components/notes/placeholder_note.vue
+++ b/app/assets/javascripts/vue_shared/components/notes/placeholder_note.vue
@@ -16,17 +16,17 @@
  *   :note="{body: 'This is a note'}"
  *   />
  */
-import { GlSafeHtmlDirective as SafeHtml } from '@gitlab/ui';
+import { GlSafeHtmlDirective as SafeHtml, GlAvatarLink, GlAvatar } from '@gitlab/ui';
 import { mapGetters } from 'vuex';
 import { renderMarkdown } from '~/notes/utils';
 import TimelineEntryItem from '~/vue_shared/components/notes/timeline_entry_item.vue';
-import userAvatarLink from '../user_avatar/user_avatar_link.vue';
 
 export default {
   name: 'PlaceholderNote',
   directives: { SafeHtml },
   components: {
-    userAvatarLink,
+    GlAvatarLink,
+    GlAvatar,
     TimelineEntryItem,
   },
   props: {
@@ -55,7 +55,10 @@ export default {
         return 24;
       }
 
-      return 40;
+      return {
+        default: 24,
+        md: 32,
+      };
     },
   },
 };
@@ -64,11 +67,14 @@ export default {
 <template>
   <timeline-entry-item class="note note-wrapper being-posted fade-in-half">
     <div class="timeline-icon">
-      <user-avatar-link
-        :link-href="getUserData.path"
-        :img-src="getUserData.avatar_url"
-        :img-size="avatarSize"
-      />
+      <gl-avatar-link class="gl-mr-3" :href="getUserData.path">
+        <gl-avatar
+          :src="getUserData.avatar_url"
+          :entity-name="getUserData.username"
+          :alt="getUserData.name"
+          :size="avatarSize"
+        />
+      </gl-avatar-link>
     </div>
     <div ref="note" :class="{ discussion: !note.individual_note }" class="timeline-content">
       <div class="note-header">
diff --git a/app/models/namespace_setting.rb b/app/models/namespace_setting.rb
index 504daf2662e..595e34821af 100644
--- a/app/models/namespace_setting.rb
+++ b/app/models/namespace_setting.rb
@@ -24,14 +24,27 @@ class NamespaceSetting < ApplicationRecord
   chronic_duration_attr :subgroup_runner_token_expiration_interval_human_readable, :subgroup_runner_token_expiration_interval
   chronic_duration_attr :project_runner_token_expiration_interval_human_readable, :project_runner_token_expiration_interval
 
-  NAMESPACE_SETTINGS_PARAMS = [:default_branch_name, :delayed_project_removal,
-                               :lock_delayed_project_removal, :resource_access_token_creation_allowed,
-                               :prevent_sharing_groups_outside_hierarchy, :new_user_signups_cap,
-                               :setup_for_company, :jobs_to_be_done, :runner_token_expiration_interval, :enabled_git_access_protocol,
-                               :subgroup_runner_token_expiration_interval, :project_runner_token_expiration_interval].freeze
+  NAMESPACE_SETTINGS_PARAMS = %i[
+    default_branch_name
+    delayed_project_removal
+    lock_delayed_project_removal
+    resource_access_token_creation_allowed
+    prevent_sharing_groups_outside_hierarchy
+    new_user_signups_cap
+    setup_for_company
+    jobs_to_be_done
+    runner_token_expiration_interval
+    enabled_git_access_protocol
+    subgroup_runner_token_expiration_interval
+    project_runner_token_expiration_interval
+  ].freeze
 
   self.primary_key = :namespace_id
 
+  def self.allowed_namespace_settings_params
+    NAMESPACE_SETTINGS_PARAMS
+  end
+
   sanitizes! :default_branch_name
 
   def prevent_sharing_groups_outside_hierarchy
diff --git a/app/policies/global_policy.rb b/app/policies/global_policy.rb
index fa7b117f3cd..406144b7a5c 100644
--- a/app/policies/global_policy.rb
+++ b/app/policies/global_policy.rb
@@ -120,6 +120,8 @@ class GlobalPolicy < BasePolicy
   # We can't use `read_statistics` because the user may have different permissions for different projects
   rule { admin }.enable :use_project_statistics_filters
 
+  rule { admin }.enable :delete_runners
+
   rule { external_user }.prevent :create_snippet
 end
 
diff --git a/app/services/groups/base_service.rb b/app/services/groups/base_service.rb
index 06136aff50e..9705f3a560d 100644
--- a/app/services/groups/base_service.rb
+++ b/app/services/groups/base_service.rb
@@ -13,11 +13,11 @@ module Groups
     private
 
     def handle_namespace_settings
-      settings_params = params.slice(*::NamespaceSetting::NAMESPACE_SETTINGS_PARAMS)
+      settings_params = params.slice(*::NamespaceSetting.allowed_namespace_settings_params)
 
       return if settings_params.empty?
 
-      ::NamespaceSetting::NAMESPACE_SETTINGS_PARAMS.each do |nsp|
+      ::NamespaceSetting.allowed_namespace_settings_params.each do |nsp|
         params.delete(nsp)
       end
 
diff --git a/app/services/groups/create_service.rb b/app/services/groups/create_service.rb
index 639f7c68c40..35716f7742a 100644
--- a/app/services/groups/create_service.rb
+++ b/app/services/groups/create_service.rb
@@ -13,7 +13,7 @@ module Groups
       remove_unallowed_params
       set_visibility_level
 
-      @group = Group.new(params.except(*::NamespaceSetting::NAMESPACE_SETTINGS_PARAMS))
+      @group = Group.new(params.except(*::NamespaceSetting.allowed_namespace_settings_params))
 
       @group.build_namespace_settings
       handle_namespace_settings
diff --git a/app/views/admin/application_settings/_gitpod.html.haml b/app/views/admin/application_settings/_gitpod.html.haml
index eb47d177701..cd4493d8016 100644
--- a/app/views/admin/application_settings/_gitpod.html.haml
+++ b/app/views/admin/application_settings/_gitpod.html.haml
@@ -13,7 +13,7 @@
 
   .settings-content
     = gitlab_ui_form_for @application_setting, url: general_admin_application_settings_path(anchor: 'js-gitpod-settings'), html: { class: 'fieldset-form', id: 'gitpod-settings' } do |f|
-      = form_errors(@application_setting)
+      = form_errors(@application_setting, pajamas_alert: true)
 
       %fieldset
         .form-group