This check is not present in 11.4

Display impersonation token value only after creation

See merge request gitlab-org/gitlab-ce!22916

Correctly handle data-loss scenarios when encrypting columns

Closes #53763

See merge request gitlab-org/gitlab-ce!23306

(cherry picked from commit 1524a193)

6ddefe7c Correctly handle data-loss scenarios when encrypting columns

[ci skip]

[11.4] Fix SSRF in project integrations

See merge request gitlab/gitlabhq!2610

[11.4] Reflected XSS in OAuth Authorize window due to redirect_uri allowing arbitrary protocols

See merge request gitlab/gitlabhq!2580

[11.4] Fix CRLF issue in UrlValidator

See merge request gitlab/gitlabhq!2653

This commit fixes a SSRF vulnerability related to project
hooks and ipv6 addresses. It also addresses a problem with ipv6
mapped addresses.

[11.4] Resolve: "Provide email notification when a user changes their email address"

See merge request gitlab/gitlabhq!2603

[11.4] Fixed ability to comment on and edit/delete comments on locked or confidential issues

See merge request gitlab/gitlabhq!2647

[11.4] [pages] Possible symlink time of check to time of use race condition

See merge request gitlab/gitlabhq!2650

[11.4] Resolve "Personal access token with only `read_user` scope can be used to authenticate any web request"

See merge request gitlab/gitlabhq!2656

Merge branch 'security-11-4-xss-in-markdown-following-unrecognized-html-element' into 'security-11-4'

[11.4] XSS in markdown following unrecognized HTML element

See merge request gitlab/gitlabhq!2632

[11.4] Fix XSS in mermaid diagrams

See merge request gitlab/gitlabhq!2622

[11.4] Don't expose confidential information in commit message list

See merge request gitlab/gitlabhq!2643

[11.4] Resolve: Promoting a milestone is missing an authorization check

See merge request gitlab/gitlabhq!2620

[11.4] Do not follow redirects in prometheus service

See merge request gitlab/gitlabhq!2624

[11.4] Stored XSS for Environments

See merge request gitlab/gitlabhq!2615

[11.4] Fixed read name of private groups

See merge request gitlab/gitlabhq!2591

[11.4] Redact sensitive information on gitlab-workhorse log

See merge request gitlab/gitlabhq!2585

ci: Add COMPILE_ASSETS to cng build trigger

See merge request gitlab-org/gitlab-ce!23253

Add `COMPILE_ASSETS=true` to CNG build trigger.

This stems from https://gitlab.com/charts/gitlab/issues/937, where we
needed to add asset compilation to the CNG image pipelines when using
`<= 11.5.x`. This is only needed on versions prior to `11.5`, as they
do not have the asset compilation container backported.

[ci skip]

This makes sure the user viewing the commit does not get to see
anything they're not allowed to see

[ci skip]

[11.4] Prevent templated services from being imported

See merge request gitlab/gitlabhq!2636

[11.4] Escape user fullname while rendering autocomplete template to prevent XSS

See merge request gitlab/gitlabhq!2607

[11.4] Prevent templated services from being imported

See merge request gitlab/gitlabhq!2636

[11.4] Escape user fullname while rendering autocomplete template to prevent XSS

See merge request gitlab/gitlabhq!2607