Make it harder to delete issuables accidentally
Previously submitting a DELETE request to an issuable (e.g. merge request, issue, etc.)
URL would be enough to destroy it, but this should require human confirmation. We
now require that the
destroy_confirm parameter is set to a truthy
value before this can complete.
In addition, we log a Sentry error if a deletion arrived without confirmation.