www/gitlab-ce: security update to 15.6.4

Changelog:
https://about.gitlab.com/releases/2022/11/30/security-release-gitlab-15-6-1-released/
https://about.gitlab.com/releases/2022/12/02/gitlab-15-6-2-released/
https://about.gitlab.com/releases/2022/12/16/gitlab-15-6-3-released/
https://about.gitlab.com/releases/2023/01/09/security-release-gitlab-15-7-2-released/

8 files changed, 37 insertions, 26 deletions

diff --git a/devel/gitaly/Makefile b/devel/gitaly/Makefile
index 27046d6d142c..7870e3c7793f 100644
--- a/devel/gitaly/Makefile
+++ b/devel/gitaly/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	gitaly
-DISTVERSION=	15.6.0
+DISTVERSION=	15.6.4
 PORTREVISION=	0
 DISTVERSIONPREFIX=	v
 CATEGORIES=	devel
@@ -16,7 +16,7 @@ LICENSE_FILE=	${WRKSRC}/LICENSE
 # it fixes segfaults reported here: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259848
 
 # define dependencies that are required for build and run under MY_DEPENDS
-MY_DEPENDS=	git>=2.37.0:devel/git \
+MY_DEPENDS=	git>=2.37.4:devel/git \
 		rubygem-bundler>=2.1.4:sysutils/rubygem-bundler \
 		rubygem-rugged>=1.2<2:devel/rubygem-rugged \
 		rubygem-github-linguist>=7.23<8:textproc/rubygem-github-linguist \
@@ -50,7 +50,7 @@ MAKE_ENV+=	${GO_ENV}
 USE_GITLAB=	yes
 GL_ACCOUNT=	gitlab-org
 # Find this here: https://gitlab.com/gitlab-org/gitaly/-/tags
-GL_COMMIT=	35525237b47fcc0e4b2b34502a851e1ea1fdd8a4
+GL_COMMIT=	be44bc7f01a5bfbd320e75aa87c5e8a64a6c8f96
 
 # for go dependencies
 # Gitlab hosts there dependencies on their own platform and not on go-proxy
diff --git a/devel/gitaly/distinfo b/devel/gitaly/distinfo
index 68b6f776bbf4..0c1ba217771a 100644
--- a/devel/gitaly/distinfo
+++ b/devel/gitaly/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1669472360
-SHA256 (go/devel_gitaly/gitlab-org-gitaly-35525237b47fcc0e4b2b34502a851e1ea1fdd8a4_GL0/go.mod) = f462be9eb2e9aefb06785123fade2685a03f9cc6e52b99490e734e50ce892e2c
-SIZE (go/devel_gitaly/gitlab-org-gitaly-35525237b47fcc0e4b2b34502a851e1ea1fdd8a4_GL0/go.mod) = 9783
-SHA256 (go/devel_gitaly/gitlab-org-gitaly-35525237b47fcc0e4b2b34502a851e1ea1fdd8a4_GL0/gitlab-org-gitaly-35525237b47fcc0e4b2b34502a851e1ea1fdd8a4_GL0.tar.gz) = 9d887a02af6ccce05f6b29ca7867bb02d38379d09b0fc2a23fcea4d3a962ed43
-SIZE (go/devel_gitaly/gitlab-org-gitaly-35525237b47fcc0e4b2b34502a851e1ea1fdd8a4_GL0/gitlab-org-gitaly-35525237b47fcc0e4b2b34502a851e1ea1fdd8a4_GL0.tar.gz) = 2909541
+TIMESTAMP = 1673369099
+SHA256 (go/devel_gitaly/gitlab-org-gitaly-be44bc7f01a5bfbd320e75aa87c5e8a64a6c8f96_GL0/go.mod) = f462be9eb2e9aefb06785123fade2685a03f9cc6e52b99490e734e50ce892e2c
+SIZE (go/devel_gitaly/gitlab-org-gitaly-be44bc7f01a5bfbd320e75aa87c5e8a64a6c8f96_GL0/go.mod) = 9783
+SHA256 (go/devel_gitaly/gitlab-org-gitaly-be44bc7f01a5bfbd320e75aa87c5e8a64a6c8f96_GL0/gitlab-org-gitaly-be44bc7f01a5bfbd320e75aa87c5e8a64a6c8f96_GL0.tar.gz) = 450eabeb8fb61634dd83b83a34f2e226eaa2cebc054babc153eb7c7b07b84f92
+SIZE (go/devel_gitaly/gitlab-org-gitaly-be44bc7f01a5bfbd320e75aa87c5e8a64a6c8f96_GL0/gitlab-org-gitaly-be44bc7f01a5bfbd320e75aa87c5e8a64a6c8f96_GL0.tar.gz) = 2910993
diff --git a/www/gitlab-ce/Makefile b/www/gitlab-ce/Makefile
index 6668e648eb29..fa2f066470cd 100644
--- a/www/gitlab-ce/Makefile
+++ b/www/gitlab-ce/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	gitlab-ce
-PORTVERSION=	15.6.0
+PORTVERSION=	15.6.4
 PORTREVISION=	0
 CATEGORIES=	www devel
 
@@ -192,7 +192,7 @@ MY_DEPENDS=	git>=2.37.0:devel/git \
 	rubygem-sentry-sidekiq>=5.1.1<5.2:devel/rubygem-sentry-sidekiq \
 	rubygem-pg_query>=2.2<3:databases/rubygem-pg_query \
 	rubygem-premailer-rails-rails61>=1.10.3<1.11:mail/rubygem-premailer-rails-rails61 \
-	rubygem-gitlab-labkit>=0.28.0<0.29:devel/rubygem-gitlab-labkit \
+	rubygem-gitlab-labkit>=0.29.0<0.30:devel/rubygem-gitlab-labkit \
 	rubygem-thrift>=0.16.0:devel/rubygem-thrift \
 	rubygem-ruby_parser>=3.15<4.0:devel/rubygem-ruby_parser \
 	rubygem-rails-i18n-rails61>=7.0<8:devel/rubygem-rails-i18n-rails61 \
@@ -277,7 +277,7 @@ USE_GITLAB=	yes
 GL_ACCOUNT=	gitlab-org
 GL_PROJECT=	gitlab-foss
 # Find the here: https://gitlab.com/gitlab-org/gitlab-foss/-/tags
-GL_COMMIT=	7f1a7c62df90aa19155a623b4e6cae73c5d5fc0b
+GL_COMMIT=	201805ee2af83fc75bb50ee8a10aa24f563bb2f4
 
 USERS=	git
 GROUPS=	git
diff --git a/www/gitlab-ce/distinfo b/www/gitlab-ce/distinfo
index 03d97c9d7ee7..dc3b14bbaf78 100644
--- a/www/gitlab-ce/distinfo
+++ b/www/gitlab-ce/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1669453495
-SHA256 (gitlab-org-gitlab-foss-7f1a7c62df90aa19155a623b4e6cae73c5d5fc0b_GL0.tar.gz) = 7723ea178284503fec3771102a3c08c33728ca669cea0fa299ef5fa292df7b9c
-SIZE (gitlab-org-gitlab-foss-7f1a7c62df90aa19155a623b4e6cae73c5d5fc0b_GL0.tar.gz) = 98454507
+TIMESTAMP = 1673368605
+SHA256 (gitlab-org-gitlab-foss-201805ee2af83fc75bb50ee8a10aa24f563bb2f4_GL0.tar.gz) = e78430fac1a4cd33e15912ca95864b436e22470130df016bc68e26790210b1d2
+SIZE (gitlab-org-gitlab-foss-201805ee2af83fc75bb50ee8a10aa24f563bb2f4_GL0.tar.gz) = 98462350
diff --git a/www/gitlab-ce/files/patch-Gemfile b/www/gitlab-ce/files/patch-Gemfile
index f40936dd9044..14770487e4d4 100644
--- a/www/gitlab-ce/files/patch-Gemfile
+++ b/www/gitlab-ce/files/patch-Gemfile
@@ -1,4 +1,4 @@
---- Gemfile.orig	2022-11-21 09:46:38 UTC
+--- Gemfile.orig	2023-01-09 12:50:34 UTC
 +++ Gemfile
 @@ -13,9 +13,9 @@ gem 'bundler-checksum', '~> 0.1.0', path: 'vendor/gems
  # NOTE: When incrementing the major or minor version here, also increment activerecord_version
@@ -71,7 +71,7 @@
  
  # HTTP requests
  gem 'httparty', '~> 0.20.0'
-@@ -353,119 +353,23 @@ gem 'batch-loader', '~> 2.0.1'
+@@ -352,119 +352,23 @@ gem 'batch-loader', '~> 2.0.1'
  gem 'peek', '~> 1.1'
  
  # Snowplow events tracking
@@ -193,7 +193,7 @@
  gem 'octokit', '~> 4.15'
  
  # Updating this gem version here is deprecated. See:
-@@ -512,7 +416,7 @@ gem 'google-protobuf', '~> 3.21', '>= 3.21.9'
+@@ -511,7 +415,7 @@ gem 'google-protobuf', '~> 3.21', '>= 3.21.9'
  gem 'toml-rb', '~> 2.2.0'
  
  # Feature toggles
@@ -202,7 +202,7 @@
  gem 'flipper-active_record', '~> 0.25.0'
  gem 'flipper-active_support_cache_store', '~> 0.25.0'
  gem 'unleash', '~> 3.2.2'
-@@ -548,7 +452,7 @@ gem 'lockbox', '~> 0.6.2'
+@@ -547,7 +451,7 @@ gem 'lockbox', '~> 0.6.2'
  gem 'valid_email', '~> 0.1'
  
  # JSON
@@ -211,7 +211,7 @@
  gem 'json_schemer', '~> 0.2.18'
  gem 'oj', '~> 3.13.21'
  gem 'oj-introspect', '~> 0.7'
-@@ -569,6 +473,8 @@ gem 'ed25519', '~> 1.3.0'
+@@ -568,6 +472,8 @@ gem 'ed25519', '~> 1.3.0'
  # Error Tracking OpenAPI client
  # See https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/rake_tasks.md#update-openapi-client-for-error-tracking-feature
  gem 'error_tracking_open_api', path: 'vendor/gems/error_tracking_open_api'
diff --git a/www/gitlab-ce/files/patch-lib_gitlab_patch_sidekiq__cron__poller.rb b/www/gitlab-ce/files/patch-lib_gitlab_patch_sidekiq__cron__poller.rb
new file mode 100644
index 000000000000..c8818844543b
--- /dev/null
+++ b/www/gitlab-ce/files/patch-lib_gitlab_patch_sidekiq__cron__poller.rb
@@ -0,0 +1,11 @@
+--- lib/gitlab/patch/sidekiq_cron_poller.rb.orig	2023-01-10 20:21:22 UTC
++++ lib/gitlab/patch/sidekiq_cron_poller.rb
+@@ -7,7 +7,7 @@
+ require 'sidekiq/version'
+ require 'sidekiq/cron/version'
+ 
+-if Gem::Version.new(Sidekiq::VERSION) != Gem::Version.new('6.5.7')
++if Gem::Version.new(Sidekiq::VERSION) != Gem::Version.new('6.5.8')
+   raise 'New version of sidekiq detected, please remove or update this patch'
+ end
+ 
diff --git a/www/gitlab-workhorse/Makefile b/www/gitlab-workhorse/Makefile
index c06b9401b045..bada1fc0424b 100644
--- a/www/gitlab-workhorse/Makefile
+++ b/www/gitlab-workhorse/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	gitlab-workhorse
-PORTVERSION=	15.6.0
+PORTVERSION=	15.6.4
 PORTREVISION=	0
 DISTVERSIONPREFIX=	v
 CATEGORIES=	www
@@ -25,7 +25,7 @@ USE_GITLAB=	yes
 GL_ACCOUNT=	gitlab-org
 GL_PROJECT=	gitlab-foss
 # Find the commit hash here: https://gitlab.com/gitlab-org/gitlab-foss/-/tags
-GL_COMMIT=	7f1a7c62df90aa19155a623b4e6cae73c5d5fc0b
+GL_COMMIT=	201805ee2af83fc75bb50ee8a10aa24f563bb2f4
 
 # for go dependencies
 # Gitlab hosts there dependencies on their own platform and not on go-proxy
diff --git a/www/gitlab-workhorse/distinfo b/www/gitlab-workhorse/distinfo
index a204baecb3e3..2c4ff2acad34 100644
--- a/www/gitlab-workhorse/distinfo
+++ b/www/gitlab-workhorse/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1669453575
-SHA256 (go/www_gitlab-workhorse/gitlab-org-gitlab-foss-7f1a7c62df90aa19155a623b4e6cae73c5d5fc0b_GL0/go.mod) = 665bfba860299adfbec2ca2d57f5cd6fbc7c9637a8a27d7e71de63ee43d18418
-SIZE (go/www_gitlab-workhorse/gitlab-org-gitlab-foss-7f1a7c62df90aa19155a623b4e6cae73c5d5fc0b_GL0/go.mod) = 6403
-SHA256 (go/www_gitlab-workhorse/gitlab-org-gitlab-foss-7f1a7c62df90aa19155a623b4e6cae73c5d5fc0b_GL0/gitlab-org-gitlab-foss-7f1a7c62df90aa19155a623b4e6cae73c5d5fc0b_GL0.tar.gz) = 7723ea178284503fec3771102a3c08c33728ca669cea0fa299ef5fa292df7b9c
-SIZE (go/www_gitlab-workhorse/gitlab-org-gitlab-foss-7f1a7c62df90aa19155a623b4e6cae73c5d5fc0b_GL0/gitlab-org-gitlab-foss-7f1a7c62df90aa19155a623b4e6cae73c5d5fc0b_GL0.tar.gz) = 98454507
+TIMESTAMP = 1673370238
+SHA256 (go/www_gitlab-workhorse/gitlab-org-gitlab-foss-201805ee2af83fc75bb50ee8a10aa24f563bb2f4_GL0/go.mod) = 665bfba860299adfbec2ca2d57f5cd6fbc7c9637a8a27d7e71de63ee43d18418
+SIZE (go/www_gitlab-workhorse/gitlab-org-gitlab-foss-201805ee2af83fc75bb50ee8a10aa24f563bb2f4_GL0/go.mod) = 6403
+SHA256 (go/www_gitlab-workhorse/gitlab-org-gitlab-foss-201805ee2af83fc75bb50ee8a10aa24f563bb2f4_GL0/gitlab-org-gitlab-foss-201805ee2af83fc75bb50ee8a10aa24f563bb2f4_GL0.tar.gz) = e78430fac1a4cd33e15912ca95864b436e22470130df016bc68e26790210b1d2
+SIZE (go/www_gitlab-workhorse/gitlab-org-gitlab-foss-201805ee2af83fc75bb50ee8a10aa24f563bb2f4_GL0/gitlab-org-gitlab-foss-201805ee2af83fc75bb50ee8a10aa24f563bb2f4_GL0.tar.gz) = 98462350